SEARCH RESULTS
 
Showing 1-10 of 13 records
 
Expand article

What do the Cold Boot Crypto Attack, DVD Players, and MiFare tell us about the Future of Biometrics?

2008-03-26 00:16:43 by Erik T. Heidt in Art of Information Security
 
...tamper-proof biometric authentication to replace paper-based forms of ID that neither assure privacy nor reliably prove identity This emerging technology makes it virtually impossible to assume someone elses unique identity The problem that the authors are glossing over is that no such technology exists today, and it is unlikely to ever...
 
Tags: biometric authentication, biometric authentication infrastructure, biometric authentication challenge, tamper-proof biometric authentication, authentication, authentication device, mifare, tamper, biometrics
 
 
 
 
Expand article

.. and now - PIN stealing..

2008-06-19 10:38:00 by Random InfoSec Guy in Security Coin
 
...Tamper Resistant Security Modules help in securing the keys. Assuming one cannot gain access to the encryption keys, this leaves only two scenarios for an attacker to gain access to the unencrypted PINs 1. Before the PIN is encrypted by the Tamper Resistant Security Module (an ATM in the case of bank customers). Most criminals have been using...
 
Tags: pin, pin reaches, pin offsets, fake pin pads, atm location, atm, bank pins, atm crime spree, access
 
 
 
 
Expand article

The most insecure banking/sales terminal

2008-07-14 13:27:20 by Editor in Security x.0
 
...tamper-resistant Point of Sale terminals in your favourite supermarket are protected from tampering and use dedicated secure connections to the payment processing network These are all very sensible measures that work (to one degree or another) to protect customers' and banks' money Today, however, there is a huge imbalance between the value...
 
Tags: address, address security, security, secure, security features, banks, banks agree, secure software, internet company
 
 
 
 
Expand article

Article: Analytics Brief: Securing The New Data Center

The Article has images
2008-01-07 05:28:32 by Editor in Security Links
...tamper-proof hardware approach to encryption and software signing, it should help substantially in validating that software of all stripes hasnt been corrupted by malware or by other means.The other substantive threat is a byproduct of how multiple virtual machines communicate with each other on the same system; that, along with the ability...
 
Tags: virtual environment, environment, virtual appliances range, virtual appliances, security, tools, security tools, develop security, security holes
 
 
 
 
Expand article

Chip & PIN terminals vulnerable to simple attacks

The Article has images
2008-02-26 20:33:32 by Saar Drimer in Light Blue Touchpaper
...tamper proofing mechanisms, and in clear violation of their supposed security properties. This attack can capture the cards PIN because UK banks have opted to issue cheaper cards that do not use asymmetric cryptography to encrypt data between the card and PED In addition to the PIN, as part of the transaction, the PED reads an exact replica...
 
Tags: peds, popular peds, protect cardholder data, peds processor, pin, cardholder data, data, encrypt data, governmental certification bodies
 
 
 
 
Expand article

Attack and Defense: Securing ASP.NET 2.0 Apps

2008-03-13 03:44:00 by Keith Brown in Security Briefs
 
Thanks to all who attended this DevWeek talk today. Here's a link to the demos I did, along with the tamper-detection code I showed you. Enjoy
 
Tags: devweek talk, link, enjoy, demos, code
 
 
 
 
Expand article

ATM Communication - How Secure ?

The Article has images
2008-03-21 12:34:00 by Random InfoSec Guy in Security Coin
...Tamper Resistant Security Modules), how PINs should be exchanged between various Financial Institutions (exchange keys between two FIs out-of-band AND under the principles of dual control and then encrypt the keys, how should compromised - no - even "suspect" compromised PINs and Keys that encrypt the PINs be treated (securely delete the key,...
 
Tags: pin, pin offsets, atm, pin translation, natural pin, key, key management, atm communications, encryption key
 
 
 
 
Expand article

I Am IronKey, and I Can Encrypt Anything

2008-05-22 00:00:00 by HASH0x8b58074 in Network World on Security
 
...tamper evident. A secured, anonymized version of Firefox is also onboard. Prices start at $79 including a one-year subscription for anonymous browsing; an 8 GB drive is $299
 
Tags: eponymous company ironkey, tamper evident, government certification, secure devices, one-year subscription, encrypts data, prices start, sunday, onboard
 
 
 
 
Expand article

Attack and Defense: Securing ASP.NET 2.0 Apps

2008-03-13 09:44:00 by keith-brown in Security Briefs
 
Thanks to all who attended this DevWeek talk today. Here's a link to the demos I did, along with the tamper-detection code I showed you. Enjoy Updated (20 Mar 2008) with new link
 
Tags: link, devweek talk, mar, enjoy, demos, code
 
 
 
 
Expand article

Attack and Defense: Securing ASP.NET 2.0 Apps

2008-03-13 09:44:00 by keith-brown in Security Briefs