 SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | reply to SUMware
Re: Windows XP Cash Machines Can Steal Your PIN You seem positively determined to make this about Microsoft, but it's not. I wrote about this in the Security forum, and the speculation:said by your quoted article :
The hack is most likely inserted using a compromised card that when read by the ATM causes the infection to begin. is almost certainly not true.
A magstripe card can hold at best 200 bytes of data, so getting 11k or so bytes of isadmin.exe onto the machine that way seems like a serious stretch.
But later we learn that this hack did indeed involve physically breaking into the machine - that's how the bad stuff got installed into the OS. Once it's on the machine, no other details really matter.
Now I'm sympathetic to disbelieving anything Diebold says (shall we take a vote on that?), but I'm really, really skeptical how this could be done with a cardswipe.
---
The larger point here is that properly determining culpability is important, and it certainly has nothing to do with keeping a good image on the face of a favored vendor, or maintaining bragging rights in Linux versus Windows.
If you mis-assess the reason for a security compromise, you are less likely to take steps to protect yourself properly in the future by spending time on stuff that doesn't matter.
In the case of the ATM hack, it involved physical access and expertise in how the particular machines operated. Does anybody really believe that changing the OS to Linux would have made any difference to the skilled bad guys?
Steve
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Orange County, California USA | my web site |
|
 MattAll noise, no signal.Premium
join:2003-07-20
Jamestown, NC
kudos:12 | said by Steve:You seem positively determined to make this about Microsoft, but it's not. That sounds positively shilly there Steve 
Personally, I think Sumware and Matunga are the same guy. They are both equally zealous if a bit misguided -- a ying and yang if you will. 
As to the original article, that's neat. Linux does a lot of neat things and is perfect for most embedded applications. |
|
| said by Matt:Personally, I think Sumware and Matunga are the same guy. They are both equally zealous if a bit misguided -- a ying and yang if you will. Now that's a low blow, no matter how you look at it.
SUMware  may be an unabashed Linux advocate, but he will always engage in discussions of his posts, which are usually informative at least, and legitimate. Matunga's 'smear-and-run' posts are quite a different animal.
I think you owe SUMware an apology for that comparison.
|
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by Lurkarooski : I think you owe SUMware an apology for that comparison. As do I; this is not even close. |
|
MattAll noise, no signal.Premium
join:2003-07-20
Jamestown, NC
kudos:12 | said by Steve:said by Lurkarooski : I think you owe SUMware an apology for that comparison. As do I; this is not even close. From what I have seen of both, neither are open minded to dissenting opinions. I was merely attempting to illustrate that Matunga is as anti-Linux as Sumware is anti-Microsoft. |
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by Matt: From what I have seen of both, neither are open minded to dissenting opinions. I was merely attempting to illustrate that Matunga is as anti-Linux as Sumware is anti-Microsoft. No: SUMware has a strident view, but he sticks around to at least attempt to defend his position.
matunga engages in drive-by shillery. |
|
MattAll noise, no signal.Premium
join:2003-07-20
Jamestown, NC
kudos:12 | said by Steve:said by Matt: From what I have seen of both, neither are open minded to dissenting opinions. I was merely attempting to illustrate that Matunga is as anti-Linux as Sumware is anti-Microsoft. No: SUMware has a strident view, but he sticks around to at least attempt to defend his position. matunga engages in drive-by shillery. I agree with that. Although I think both methods are disingenuous.
Regardless, it was tongue in cheek as I don't actually think they are the same person. So if I offended anyone, I apologize. |
|
SUMwarePremium
join:2002-05-21
kudos:2
1 edit | reply to Steve
I AM NOT, NOR HAVE I EVER BEEN, matunga. I promise! Geez!
Yes, I strongly support FOSS. Guilty.
Yes, I find many of MS' well documented tactics unappealing and frequently skirting legality, if not plunging overboard. Groklaw and numerous others have published the sordid details over the years.
said by Steve:said by Lurkarooski : I think you owe SUMware an apology for that comparison. As do I; this is not even close. Thank you, you are gentlemen. Sorry about being strident, Steve.
said by Matt:Although I think both methods are disingenuous. strident - loud, harsh, grating, or shrill; discordant. See Synonyms at loud, vociferous.
vociferous - loud and forceful
disingenuous - not straightforward or candid; insincere or calculating
Disingenuous? I strive to be accurate and clear.
said by Matt:So if I offended anyone, I apologize. Anyone in particular? |
|
SUMwarePremium
join:2002-05-21
kudos:2 | reply to Matt
Never mind. Forget it.
matunga, really. geez. |
|
