[FoRK] pos POS malware ram scraper
sdw at lig.net
Thu Jan 16 12:28:02 PST 2014
You're an idiot if you run Windows, especially to create a pos POS.
You're an idiot if you leave RDP ports open to the Internet
You're an idiot if you run an operating system full of holes in the wild
(Windows on POS) that allows RAM scraping from anything that can easily
be run on that machine.
You're an idiot if you allow POS machines to make outgoing exfiltration
You're an idiot if you have a POS application that leaves sensitive data
in plaintext in memory for more than a moment, if even that.
I've written POS systems from scratch and as part of NCR Retail's
department store systems (both long ago).
I've designed, built, evaluated, and defended the design and
implementation choices of high profile, highly secure distributed
systems. This includes being the project lead grillee with GAO, NIST,
and an invited panel including Boeing experts.
Therefore, I can say with authority that from the POS vendor to everyone
involved at Target that they are all idiots.
More information about the FoRK