lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <533C761E.6090201@brownhatsecurity.com>
Date: Wed, 02 Apr 2014 13:42:06 -0700
From: Eric Rand <eric.rand@...wnhatsecurity.com>
To: fulldisclosure@...lists.org
Subject: Re: [FD] Bank of the West security contact?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

BoA has no incentive to switch, as the customers have not demanded
more secure ATMs, and it's cheaper to have 'hacking insurance' to
cover any losses than it would be to replace all their ATMs.

On 04/02/2014 01:30 PM, Sholes, Joshua wrote:
> And how fast would those ATM manufacturers switch to a Linux or
> other offering if, say, Bank of America said "We won't buy an ATM
> with an easily skimmable reader or with an insecure OS on it?"
> 
> Diebold, for example, has a market cap of less than $3B.  BoA is
> sitting around $182B.  With that much leverage, the big banks have
> NO excuse to just accept whatever crap the vendors shovel out the
> door.
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTPHYeAAoJELegdynGqmmaAYUP/RiGU/0XB2EsbaPFwj53Quce
p3ocpCSvaeGJyRS9WxBRlMXa16gWd9Ifyi2JnswQsB6ROuo2gw91A6vP95H/C5Xv
S44zX5ZQDUM8hlDZfmaK/vKlt9JOOrAoMAjsbrXctq1pQgi+v3jZ+DtmbTY8h7Nq
VaNMEWJMM96pHs/5YNWikyLozWll2xra7zpulO0FzHxzfNi6qCCvmFEMT4cIWZpW
/Ket3ckqwwT5HBYF9ylBYsFgIyDGYqI6SobqMsAzdYuRmhzJixO3O/QglGF9X4wl
l62yr1AHPpKKWfPU1Xf0zFIo4DiH3kgmIOuQuLXHTx5N21CLwFBDY8RnySYtHel0
oraydrqvkjxrAgtPzNcagtdqXtEnzSDiQjXfzyrnzxKnKpKDd9hOFNb3CFj1wP7c
bwqyx14WBmb89OgT0cpzpRoaK9sCtk4R10yB53yzluNaykzEhXyXtb19rMEoT40h
oqtqWH/h0sRGoXV7zxY3fb6HhMPmZBa8EhS+kWSRoSO5DVsWoYKZOT2p+yjeDN25
UTCW61GGyGP2bASBbeVBhQbaScHQppwUW+tDHWGFOmrnq9oHV0Po8zX6e53Uck1K
GuZorfe9W3QP/pG53YfQUpQ1ov4hvfUreAG7AEa8sYdX40hSwrOYQQI2JtG07Rp/
b/uoPvHAgJea78oKsdM4
=vK+X
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ