* Posts by Ben Cherry

2 publicly visible posts • joined 13 Dec 2007

Man siphons info for 300 credit cards from hotel kiosks

Ben Cherry

Re: J

Probably not. Since he had physical access to the machines, he was able to install the software, which then sends him the information. Firewalls only protect against incoming traffic, not outgoing. Further, if the machines were to initiate an outgoing connection to his machine, he would be able to "shovel a shell" across the connection, turning it in essence into an incoming connection.

When physical access is granted to a machine, all security is considered null and void, or so the saying goes...

Facebook takes the Captcha rap

Ben Cherry

re: Tom

They give you two words, as in the example in the article. The OCR couldnt read "rape", and the computer generated "now". You answer both, and if you got the seeded one right, it passes you, and also gives your solution to the unknown word to the system. Of course, they collect a number of solutions for each unknown to verify the solution.