Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations

Rich Freeman on 7 Mar 2018 12:28:21 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
Date: Wed, 7 Mar 2018 15:28:16 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-transfer-encoding; bh=n1fvX8NYz9BEXi6AA7Xpa1gw5ZXgZc1cDi+G32p9Jtk=; b=dZg+VaJJgIG3zwyU/O/JQ5WFTohHJvdK+33dimmFjZi2Sfw8/prxZG2M8L7DReMWg+ ZIClhhBc5rI5ChSyQt5lN2A9smIu2Q2iTnlrYAv5qntdaHwf1Yt09enLqg24Ue//G+X1 X5iu/aNrC1SQsFA4/sGhHk63PpTgMvy9LoGAzjUOBW4QMGXo812rG2MZrsX3xgoMrkQg 80+XZY7o/bSE/5zgGmZ3gujEGdIMVysDxGfJyhPyR9mcN/Fz3emIKyB54U17Vb/9GAkd o9o3x8cPKAkRIWOA9NuS7XK01zpVg/TIjXXGCxhOflFkwRjVcFyi/xc23mcJI5Q87I2K Z4hA==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Wed, Mar 7, 2018 at 3:10 PM, Keith C. Perry
<kperry@daotechnologies.com> wrote:
> I'm not sure 'bout that one Rich...
>
> If you authorize the value of a payment, my understanding of this "signed" transaction  is based on the what you are authorizing.  If you are saying that both of those could be changed before sending so that everything matches then I agree but that would be a very poor hack because the receipt you get would not match the transaction to your bank.  This be easy to challenge.  If something like that happened to even a few transactions it would be easy to spot and the software would be shut down.
>

Certainly.  I'm not saying there aren't legal remedies.  It just
strikes me as being less secure than would otherwise be possible, and
again it doesn't provide for card-not-present transactions, or ones
where a non-PCI-certified terminal could be used.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
  - From: JP Vossen <jp@jpsdomain.org>
- Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
  - From: Walt Mankowski <waltman@pobox.com>
- Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
  - From: "Keith C. Perry" <kperry@daotechnologies.com>

Prev by Date: [PLUG] Fwd: 7x24 Exchange Meeting at FMC Tower RESCHEDULED for March 13th
Next by Date: [PLUG] Why were smbmount + smbfs deprecated?
Previous by thread: Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
Next by thread: Re: [PLUG] POS Malware Found at 160 Applebee’s Restaurant Locations
Index(es):
- Date
- Thread