Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - SPAM: 6 seconds: How hackers only need moments to guess card number and security code 1

schwit1 writes: Criminals can work out the card number, expiry date and security code for a Visa debit or credit card in as little as six seconds using guesswork, researchers have found.

Fraudsters use a so-called Distributed Guessing Attack to get around security features put in place to stop online fraud, and this may have been the method used in the recent Tesco Bank hack.

According to a study published in the academic journal IEEE Security & Privacy, that meant fraudsters could use computers to systematically fire different variations of security data at hundreds of websites simultaneously.

Within seconds, by a process of elimination, the criminals could verify the correct card number, expiry date and the three-digit security number on the back of the card.

Mohammed Ali, a PhD student at the university's School of Computing Science, said: "This sort of attack exploits two weaknesses that on their own are not too severe but, when used together, present a serious risk to the whole payment system.

Link to Original Source

Comment Re: I hate bad journalism like this... (Score 1) 404

There might not be international regulations in place for the high seas but I would guess that banning the selling, using and even carrying of that fuel inside the territorial waters of the countries where the ship is expected to land would solve that problem quickly. Some ships can't enter EU waters because they carry some products, I guess if the cruisers can only land on 3rd world countries the demand would go down. I guess we are starting to get to the scale where small affordable nuclear reactors would start to make sense in this kind of application if they can be made safe.

Comment That list... (Score 3, Insightful) 81

It seems to include some organizations that are not terrorist per se. OK, maybe we consider every ministry of Iran a terrorist organization but it is abit selfserving. Same with North Korean Atomic autorithy. Sure, they are "bad" but not terrorist organizations. Central Bank of Iraq is in there because it somehow financed terrorism... I bet that some American banks are involved with CIA operations too and they are not listed as terrorism organizations. I guess "Terrorism" is on the eyes of the beholder...

Comment Got a broken kink too (Score 1) 100

what is funny is that it appears the second link on this post is wrong too. from homepage returns 404 "glitch has something to do with Universal Links" => from comments it appends the same link multiple times and opens the comments page etc

Slashdot Top Deals

UFOs are for real: the Air Force doesn't exist.