All credit card and ATM card readers are completely safe and nobody could ever possibly hack them, right? Otherwise, the world would be filled with chaos! And madness! That's why this quiet little home video of an actual hack to a UK "chip and PIN" machine is so wonderfully revealing. Steven Murdoch and Saar Drimer, two Cambridge security researchers, decided the best way to explain the technical vulnerabilities in card readers to a non-technical audience was to show how they could easily convert your ATM reader into a Tetris game.
What I love about this video is what goes unsaid in it. All we see is a guy playing Tetris on a credit card reader, which is both a taunt ("I play games with your secure access technology!") and a warning ("If I can play Tetris on here, imagine how easy it would be for me to steal your cash.") After a few months of this vid floating around online, British TV show Watchdog caught on and did a long and controversial segment about how easy it is for technically-knowledgeable thieves to steal your PIN number from a distance while you're paying for something or withdrawing cash. Murdoch and Drimer are in the vid showing how simple it is to steal 50 quid from one of the show's producers while he's paying for a sandwich at lunch.
Chip and PIN relay attack (plus link to Watchdog segment) [via Light Blue Touchpaper]
