|
»
[jpos-users] POS keys
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
|
|
|
[jpos-users] Re: POS keys
by Mark Salter-5
::
Rate this Message:
> On Oct 25, 2009, at 9:08 AM, Tod Myer <knocturnal4life@...> wrote: > > i was wondering > for the terminals on the POS im going to be doing a demenstration and > i wanted to know where and how the ZMK and or TMK could be found on > the terminal. All keys used to protect transactions will not - I would hope - be 'found' on the terminal. I would think keys would be kept in memory, not persisted anywhere and out of 'reach' of an api the terminal would provide. If the keys were available, then the benefit of the cryptography would be eliminated. What are you trying demonstrate? -- Mark --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "jPOS Users" group. Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first To post to this group, send email to jpos-users@... To unsubscribe, send email to jpos-users+unsubscribe@... For more options, visit this group at http://groups.google.com/group/jpos-users -~----------~----~----~----~------~----~------~--~--- |
|
|
[jpos-users] Re: POS keys
by chhil
::
Rate this Message:
Here is additional info that was emailed to me by Tod. 'the device manual wil never post this kind of info to find the ZMK for protection but im doing something in fornt of audience in few weeks and i want to show how insecure terminal are really with getting this kind of info some criminals can steal information' -chhil
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "jPOS Users" group. Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first To post to this group, send email to jpos-users@... To unsubscribe, send email to jpos-users+unsubscribe@... For more options, visit this group at http://groups.google.com/group/jpos-users -~----------~----~----~----~------~----~------~--~--- |
|
|
[jpos-users] Re: POS keys
by Mark Salter-5
::
Rate this Message:
Tod Myer <knocturnal4life@...> wrote to Chhil:- > > i want to show how insecure terminal are really with getting > this kind of info some criminals can steal information' Here lies the key... Having to ask how to demonstrate such weaknesses, does - I think - highlight where some weakness lies. There are papers indexed by google covering the problems with POS devices, one such paper:- http://www.hackerfactor.com/papers/cc-pos-20.pdf ...made an interesting skim, including 'magic' key combinations for some terminals to reset passwords. Primarily to gain access to the stored transactions - only brief mentions of POS storage medium and protection. -- Mark --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "jPOS Users" group. Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first To post to this group, send email to jpos-users@... To unsubscribe, send email to jpos-users+unsubscribe@... For more options, visit this group at http://groups.google.com/group/jpos-users -~----------~----~----~----~------~----~------~--~--- |
| Free embeddable forum powered by Nabble | Forum Help |
