Navigate This Site

Philip Ramsey Headlines

Sunday, January 10, 2010

Just when we thought the Payment Card system is safe ....

An article published by SecurityFocus, dated 2009-12-10 "Scammers Scrape RAM For Bank Card Data" talks about a technique used to steal bank card information from POS (Point of Sale) equipment commonly used in stores. The article describes basically how it is accomplished and references a Verizon Business 2009 security data breach supplemental (32 page pdf) report that goes into greater detail of how the malware gets installed. In one of cases the laptop belonging to the service technician servicing the POS device got infected with the malware.

These two articles highlights a number of things:
  1. Iif you are using Windows computers for work, do not use it to browse the web or check your email 
  2. If you need to use your work computer for email or accessing information on the web, do not use Windows
  3. If you must use Windows for work and must check your email and access the web, make sure your Windows user profile is not a member of the Administrator group
I strongly recommend using Linux for all you computing needs. I started testing SUSE/openSUSE Linux in 2004. Two years later, I make all my computers dual boot with Windows and openSUSE. Today all my computers run openSUSE with Windows as a virtual machine. The reason for doing this is the superior security and user access control system Linux implements. I choose openSUSE for the easy to understand software and security administration as well as for it stability and flexibility.

A bridge over troubled waters: integrated "smart" point-of-sale origination technology is a solution whose time has come. The branch, the call center and ... An article from: Mortgage Banking

1 comment:

  1. This is interesting but scarry. However I don't think I need to worry as I am using Linux also. I find it is very versitile but a bit too restrictive sometimes because it is too secure, e.g. on 64 bit linux wireless laptop will not connect to unencrypted wireless network because it is seen as a security risk.