For this approach to work the malware has to install on the system as a privileged process. Once that happens almost any conceivable defense is compromised. The mistake is that the system was left open to the malware.
Larry Seltzer Contributing Editor, PC Magazine larry_selt...@ziffdavis.com http://blogs.pcmag.com/securitywatch/ -----Original Message----- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of valdis.kletni...@vt.edu Sent: Thursday, December 10, 2009 11:57 AM To: RandallM Cc: funsec Subject: Re: [funsec] ram scraper On Thu, 10 Dec 2009 10:17:58 CST, RandallM said: > what is the types of processes to protect from RAM pilfering? I have > to admit I never thought this one. > > http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/ "So-called RAM scrapers scour the random access memory of POS, or point-of-sale, terminals, where PINs and other credit card data must be stored in the clear so it can be processed. When valuable information passes through, it is uploaded to servers controlled by credit card thieves." So tell me - why is a POS terminal at all vulnerable to easy infection by malware? Let me restate it: 'POS Terminal' == 'network-connected cash register'. These need to be easily reprogrammed (by owner or miscreant), why, exactly? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.