User Tools
ci2010:team2_bruce_schneier
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ci2010:team2_bruce_schneier [2010/02/14 17:16] lstarret |
ci2010:team2_bruce_schneier [2010/02/27 15:11] lstarret |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====Bruce Schneier - Security Guru==== | + | =====Bruce Schneier - Security Guru===== |
| + | [[ci2010:team2|Back to Main]] | ||
| //Bruce Schneier is a well respected author and critic on topics of security. His primary research and writings are on the topic of cryptology, but he is considered a "guru" of security in general.// [[http://www.schneier.com/about.html|Click Here]] //for Bruce's full bio page.// | //Bruce Schneier is a well respected author and critic on topics of security. His primary research and writings are on the topic of cryptology, but he is considered a "guru" of security in general.// [[http://www.schneier.com/about.html|Click Here]] //for Bruce's full bio page.// | ||
| Line 20: | Line 22: | ||
| - | **"...We did so, on camera, using various journalists' cards. The transactions went through fine and the receipts say "Verified by PIN."** The following [[http://www.bbc.co.uk/blogs/newsnight/susanwatts/2010/02/new_flaws_in_chip_and_pin_syst.html|video]] (exploit: 2:01 - 3:30) shows the exploit in action. You may notice that the BBC version says something like "We obviously don't want to give out too much detail..." Well, maybe not on TV, but the effectiveness of this method for improving security (that is, hacking then publicizing the hack) requires full disclosure. So here it is, folks: the [[http://www.cl.cam.ac.uk/research/security/banking/nopin/oakland10chipbroken.pdf|thesis paper]] entitled "Chip and PIN is Broken" published by the researchers from Cambridge themselves. Happy hacking! | + | **"...We did so, on camera, using various journalists' cards. The transactions went through fine and the receipts say "Verified by PIN."** The following [[http://www.bbc.co.uk/blogs/newsnight/susanwatts/2010/02/new_flaws_in_chip_and_pin_syst.html|video]] (exploit: 2:01 - 3:30) shows the exploit in action. You may notice that this version was done by BBC, and at some point they say something like "We obviously don't want to give out too much detail..." Well, maybe not on TV, but the effectiveness of this method for improving security (that is, hacking then publicizing the hack) requires full disclosure. So here it is, folks: the [[http://www.cl.cam.ac.uk/research/security/banking/nopin/oakland10chipbroken.pdf|thesis paper]] entitled "Chip and PIN is Broken" published by the researchers from Cambridge themselves. Happy hacking! |
| //Now read the following response to this article (as posted on Schneier's blog):// | //Now read the following response to this article (as posted on Schneier's blog):// | ||
ci2010/team2_bruce_schneier.txt · Last modified: 2010/02/27 15:11 by lstarret
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
