On Sat, Nov 17, 2001 at 10:47:21PM -0800, Steve Schear wrote:
ATM FIENDS ON A SPREE OF RIP-OFFS By LARRY CELONA and ANDY GELLER
[My security group at Citicorp (which designed and built the crypto systems for our ATMs and switching fabric processors) predicted in the late '80s that Van Eck freaking an ATM might be a successful way to eavesdrop on PINs and card info.]
November 17, 2001 -- EXCLUSIVE The NYPD and the Secret Service have launched a major investigation into complaints that bank customers have lost thousands of dollars through unauthorized ATM withdrawals.
I am very vague about US ATM protocols (not my field of expertise at all), but of course there was a very recent disclosure of a hole in the protocol for accessing the IBM tamperproof crypto processor used for generating and storing ATM keys that could be exploited if one could get access to a machine with one in it. Potentially this flaw allows readout of the entire set of keys protected by the processor. This could be the explanation of the problem, as the protocol problem has been known in at least some form for a year or so. -- Dave Emery N1PRE, die@die.com DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18