A Little Sunshine

February 16, 2016

The Great EMV Fake-Out: No Chip For You!

This post was originally published on this siteMany banks are now issuing customers more secure chip-based credit cards, and most retailers now have card terminals in their checkout lanes that can handle the “dip” of chip-card transactions (as opposed to the usual swipe of the card’s magnetic stripe). But comparatively few retailers actually allow chip transactions: Most are still asking customers to swipe the stripe instead of dip the chip. This post will examine what’s going on here, why so many merchants are holding out on the dip, and where this all leaves consumers. Visa CEO Charles W. Scharf said in an earnings […]
February 18, 2016

This is Why People Fear the ‘Internet of Things’

This post was originally published on this siteImagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt. The FI9286P, a Foscam camera that includes P2P communication by default. This is the nightmare “Internet of Things” (IoT) scenario for any system administrator: The IP cameras that you bought to secure […]
February 19, 2016

Dell to Customers: Report ‘Service Tag’ Scams

This post was originally published on this siteComputer maker Dell is asking for help in an ongoing probe into the source of customer information that appears to have somehow landed in the laps of fraudsters posing as Dell computer support technicians. KrebsOnSecurity readers continue to report being called by scammers posing as Dell support personnel who offer “proof” that they’re with Dell by rattling off the unique Dell “service tag” code printed on each Dell customer’s PC or laptop, as well as information from any previous (legitimate) service issues the customer may have had with Dell. Image: Wikipedia In January, Ars […]
February 22, 2016

The Lowdown on the Apple-FBI Showdown

This post was originally published on this siteMany readers have asked for a primer summarizing the privacy and security issues at stake in the the dispute between Apple and the U.S. Justice Department, which last week convinced a judge in California to order Apple to unlock an iPhone used by one of assailants in the recent San Bernardino massacres. I don’t have much original reporting to contribute on this important debate, but I’m visiting it here because it’s a complex topic that deserves the broadest possible public scrutiny. Image: Elin Korneliussen (@elincello) A federal magistrate in California approved an order (PDF) granting the […]