The following message is a courtesy copy of an article that has been posted to bit.listserv.ibm-main as well.
[EMAIL PROTECTED] (Tom Schmidt) writes: > The first paragraph that I posted (above) makes it sound like it might have > been a man-in-the-middle attack (which can be done to/with z/OS as Stu > Henderson's SHARE presentation in Tampa demonstrated, per the proceedings > that I read earlier today). The second paragraph supports Ed's assertion > that > it was on a POS (in-store Point Of Sale) system attack. some merchants have each POS terminal doing the modem 1-800 dialup ... however, larger merchants will tend to have either a store concentrator (all POS terminals going to store concentrator which then goes into financial network) ... but numerous larger merchants will have a single POS concentrator ... where all transactions for the merchant go thru. one of the scenarios where this would result in problems is where the merchant had an online webstore as well as lots of brick&mortor. software in typical e-commerce will usually emulate transaction in a traditional POS terminal ... and the merchant would drive all their transactions thru their single concentrator. at issue is that the interchange fee tends to be quite a bit different for webservers ... and much of the fee determination/billing is driven off merchant and/or location code. having everything coming in thru a single interface has resulted in situations where the web transactions were obfuscated. old post about security proportional to risk http://www.garlic.com/~lynn/2001h.html#61 and related observation that attackers may be able to outspend defender by as much as 100:1 http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007 http://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported for a little topic drift ... past posts discussing the naked transaction metaphor http://www.garlic.com/~lynn/subintegrity.html#payments lots of past posts on evedropping, skimming, harvesting, etc that can be used for replay attacks http://www.garlic.com/~lynn/subintegrity.html#harvest and numerous posts discussing man-in-the-middle attacks (as opposed to simple evesdropping and replay attacks) http://www.garlic.com/~lynn/subintegrity.html#mitm and posts on general subject of fraud, vulnerabilities, threats, esploits and risks http://www.garlic.com/~lynn/subintegrity.html#fraud ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html