What is Digg?Sponsored by Realtor.com
Top 5 most ridiculous properties sold for a single dollar view!
realtor.com - Looking for a deal on your next home? What if you could pay a dollar? What if it was a MLB stadium or a university?!?!?
164 Comments
- eclectro, on 04/15/2009, -2/+279It's eve worse than we thought. The complete list of pin numbers has been published on the Internet.
http://www.guzer.com/videos/everyones-pin-numbers. ... - Poobah6, on 04/15/2009, -0/+115Holy crap! Mine was there too.
- hongkongjapie, on 04/15/2009, -1/+87The scary thing is, I just found out your pincode is 2754!
(guess 1 in 10.000 diggers have a freak moment while reading this). - inactive, on 04/15/2009, -2/+68OMG MY PIN IS ON THERE!
- killermouse0, on 04/15/2009, -2/+57Very interesting, thanks for sharing ! I don't understand why PIN wouldn't be encrypted using asymetric crypto (such as RSA) and thus being able to be unencrypted only by the endpoints and not vulnerable on the way (and especially not at the HSM level) ?
- hongkongjapie, on 04/15/2009, -8/+57Probably the banks ignore this until the e-transaction system collapses, adding another financial crisis they're at least partly responsible of. Of course, next to this comment I see an ad for ANZ Visa credit/debit cards. Credit cards, another wonder of lacking security invented by banks. Why do we still thrust those banks with our money?
- BoneheadFarker, on 04/15/2009, -0/+48It's thrusted me a few times though...
- InverGoatie, on 04/15/2009, -1/+48I've never 'thrusted' the banking system to be honest..
- Black6x, on 04/15/2009, -0/+40Do you have any idea how many numbers are in a social security number?
- inactive, on 04/15/2009, -0/+33hunter2
- inactive, on 04/15/2009, -2/+29damm my pin is in there "1234" now i will have to change over to "6789"
- tgc1, on 04/15/2009, -3/+28Simple. Cost. They're all cheap ***** and because they have so much money and control, they don't seem to really give a crap.
- dubiskool, on 04/15/2009, -3/+28My pin is the price of a cheese pizza and a large soda
- gheide, on 04/15/2009, -1/+25Just do a google search on "diebold spyware"... You may learn something a little more interesting...
http://www.scmagazineus.com/ATM-malware-appears-Di ... - recruz, on 04/15/2009, -1/+21Hey check it out, if you type your pin number, it shows up as all stars like this: ****
- execute, on 04/15/2009, -0/+20Yeah, scan your cash, email to Amazon.com, then burn it. That's the solution.
- RichMUrrills, on 04/15/2009, -0/+19Precisely, which is why my PI Number is 3142.
*obviously this is not true, I wouldn't actually post my PIN online, I'm not that stupid
**or is that just a double bluff....? - richlw, on 04/15/2009, -0/+19that's amazing, I have the same combination on my luggage!
- inactive, on 04/15/2009, -0/+18"We're seeing entirely new attacks that a year ago were thought to be only academically possible,"
This really points out that unlike what the common news stories lead you to believe, there is some high up people getting into the game of credit theft. Obviously information on the inside or even those who work on the inside are leaking details on how to break into systems. No script kiddo boy genius could in a million years break around security like this without first having an in depth knowledge of the architecture. Maybe they should stop looking at the organized crime cindicates as the ones who are doing this and maybe look at the employees and technicians working on the systems. Good story none the less! - Ki77erB, on 04/15/2009, -1/+17"Om nom nom nom nom" -ATM
- WELLDOITLIVE, on 04/15/2009, -0/+15What the hell did 5 ever do to you?
- GOVATENT, on 04/15/2009, -0/+15****
- KlogereEndGrim, on 04/15/2009, -0/+150504
Now what are you going to do with an anonymous users pincode to an unknown device? - absaroke, on 04/15/2009, -1/+15PIN encryption involves both asymmetric and symmetric algorithms. HSMs are used for key issuance, key distribution, encrypt and decrypt functions, etc. The problem is that the process is relatively secure if you are only dealing with 2 parties (a device/endpoint) and the original issuer of the card that verifies the PIN. The reality is that there could be several points at which a PIN is unencrypted to be verified and this could happen on a device that is on a network outside of the card issuers control. The crypto scheme isn't the issue...it's that HSMs are poorly managed and that the current process assumes a much smaller group of involved parties. The standards are about 30 years old I think...maybe more...and nobody thought that the financial infrastructure would ever look like it does. Overhaul is required, but not easy or cheap. And before people start saying stuff like "those greedy bank bastards should just change it" you should study the problem a little more thoroughly. This will literally require every financial institution in the world to make significant and very costly changes to their infrastructure. Not to mention all the standards bodies that need to get off the dime and write something better (X9 I'm looking at you). It needs to change, no doubt, but nobody can just wave the wand like that.
- wakingrufus, on 04/15/2009, -1/+15PI Number? 3.1415926535897932384626433832
- Sirocco, on 04/15/2009, -0/+13The existing framework has been in place for years and has been working, so there's no incentive for them to upgrade.
- thegallery, on 04/15/2009, -0/+13Really? Which one?
- ZincSaucier, on 04/15/2009, -0/+13john connor has known how to do this for decades
- inactive, on 04/15/2009, -0/+11Why are the systems with "pin blocks" accessible from the internet?
- handheldchimp, on 04/15/2009, -2/+13Best.Show.Ever.
- RichMUrrills, on 04/15/2009, -0/+10PI Number surely? Or simply, PIN.
/Pedant - Silentnite85, on 04/15/2009, -0/+9No my pin is the price of a cheese pizza and a large soda back where I used to work, Panucci's Pizza. Why?
- Jerryrad, on 04/15/2009, -2/+11"***** You", that's my PIN number.
- TheOther1, on 04/15/2009, -0/+9Nor is any comment foolproof.
- thinboyslim, on 04/15/2009, -0/+9Why are they saying "the problem can only really be resolved if the financial industry overhauls the entire payment processing system."
When the problem is "the devices (HSM) come with enabled functions that aren't needed and can be exploited by an intruder into working to defeat the device's security measures."
There's no need to overhaul anything, just get rid of unnecessary security risks and flaws. - Tek12, on 04/15/2009, -2/+10Not usually. Most ATM's will fail after 3 attempts, then proceed to eat your card.
- nkassi, on 04/15/2009, -0/+8078Gestas: hum, DiggStory? You haven't been around the internet long enough to know of bash.org do ya?
- malechite, on 04/15/2009, -0/+7is your PIN number 4940?
- garvallagh, on 04/15/2009, -4/+11@black6x
Im not American, that format matches mine perfectly. take a chill pill - recruz, on 04/15/2009, -0/+7@KlogereEndGrim no worries, i'll just wait until you do something idiotic at a pizza place and post it on youtube- then we'll find you and your device! mwa ha ha!
- HonoredMule, on 04/15/2009, -0/+7Until it does change, banks will just insure their clients against fraudulent transactions...essentially swallow the losses. My bank already does this with all online access and debit transactions. Until those losses cost them more than the infrastructure upgrade, the latter will be handled slowly and with minimal investment.
In the *very* long run, the total cost to banks will be astronomical, that's business. Ultimately, with no true guarantee of lower operating costs even post-upgrade, it's actually the sensible approach anyway.
And hopefully, if you have a lot of money in the bank, you know better than to keep it in debit-accessible accounts. - cdawzrd, on 04/15/2009, -0/+6What pinpads have alphanumeric input? Are you confusing your card PIN with your online access pin?
- inactive, on 04/15/2009, -1/+7I've hated the banking system ever since I got my first checking account. Always thought that they were a bunch of crooks, and hey I was right!
- Icarus25, on 04/15/2009, -1/+7"personal identification number" number?
- TheObviousChild, on 04/15/2009, -1/+7Amazing! I have the same combination on my luggage!
- ScootFarrar, on 04/15/2009, -0/+6Oh, I'll have a cheese pizza and a large...uh...line!
- Rogor, on 04/15/2009, -0/+6They need to move to one time password electronic hardware tokens or a printed visual one time password system like PassWindow on the actual payment cards themselves.
- byronm, on 04/15/2009, -1/+7This is scary because in most circumstances you're not protected if your money is stolen using a PIN number. For example, if someone cashes out your bank account using a PIN then you are not covered by any purchase or security guarantees like you are if someone stole your charge card number and used it at an accepting visa/mc/amex/disc merchant.
- ChrisTek, on 04/15/2009, -0/+6You don't pay all that interest if you pay your bills at the end of the month. He's exactly right, credit cards are very useful to buy things online, because most places don't accept something like PayPal and mailing in checks just sucks.
- 4rp4n3t, on 04/15/2009, -4/+10They have ads on the internet now? Who knew.
-
Show 51 - 100 of 170 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is