Cable Forum - View Single Post - Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

Chroma · 14-05-2008, 14:32

Hackers used packet sniffers to filch credit card data

http://arstechnica.com/news.ars/post...card-data.html

A sign of things to come?

So will the fact that inspection equipment will become widely available affect changes to the credit card/banks terms and conditions regarding fraud?

I mean if i was in control of a financial institustion i would be all over my terms and conditions regarding fraud like a dog eating rhubarb.

It seems to me that using your cards online AP (Anno Phormini) means your informed that there an unacceptable risk and therefore my institution wont pay out if theres been fraud committed whilst buying online.

Seems like the only reason the hapless idiots got caught was because they had no idea how to actualy write software that could be restarted should the server be rebooted. (a fairly straighforward task under unix flavoured systems)
Now had they been able to actualy test software before deploying (ie had they been rational) i doubt they would have been caught.

in this case the packet sniffers where merely background programs (simmilar to trojans and keyloggers on a home computer) however when you move on to dedicated hardware inspectors whos job it is to actively sniff, detection becomes even more difficult and administration of rogue code becomes exponentialy easier, a single on site visit is enough to compromise an entire exchange.
And with our ever depreciating track record of actualy catching and convicting cyber criminals the outlook is good for criminals, bad for the people at large.

14-05-2008, 14:32	#6588
Chroma Inactive Join Date: Apr 2008 Posts: 30	Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797] Hackers used packet sniffers to filch credit card data http://arstechnica.com/news.ars/post...card-data.html A sign of things to come? So will the fact that inspection equipment will become widely available affect changes to the credit card/banks terms and conditions regarding fraud? I mean if i was in control of a financial institustion i would be all over my terms and conditions regarding fraud like a dog eating rhubarb. It seems to me that using your cards online AP (Anno Phormini) means your informed that there an unacceptable risk and therefore my institution wont pay out if theres been fraud committed whilst buying online. Seems like the only reason the hapless idiots got caught was because they had no idea how to actualy write software that could be restarted should the server be rebooted. (a fairly straighforward task under unix flavoured systems) Now had they been able to actualy test software before deploying (ie had they been rational) i doubt they would have been caught. in this case the packet sniffers where merely background programs (simmilar to trojans and keyloggers on a home computer) however when you move on to dedicated hardware inspectors whos job it is to actively sniff, detection becomes even more difficult and administration of rogue code becomes exponentialy easier, a single on site visit is enough to compromise an entire exchange. And with our ever depreciating track record of actualy catching and convicting cyber criminals the outlook is good for criminals, bad for the people at large.