> And what if I replace the trusted reader w/ another, hacked?
> Not too hard, it seems, since many supermarkets got hacked this way...
IMVHO, changing your physical reader from .cn its much harder that
editing a file...
> Just install a keylogger (maybe an HW one on the PS/2 cable? I've seen
> o
Il 26/04/2012 12:22, helpcrypto helpcrypto ha scritto:
>> If you can edit a root file you can do anything much more evil.
> having root acces < having pin => using private key
Just install a keylogger (maybe an HW one on the PS/2 cable? I've seen
one that is quite hard to recognize... or even one
Il 26/04/2012 11:32, helpcrypto helpcrypto ha scritto:
> and, what if i edit your current config and replace the lib with my
> modified evil lib?
And what if I replace the trusted reader w/ another, hacked?
Not too hard, it seems, since many supermarkets got hacked this way...
The only really tru
Le mercredi 25 avril 2012 à 22:13 +0200, Martin Kaiser a écrit :
> I found your guide and used Viktor's sm branch. My problem was the lib
> search path, see the other mail. Maybe it would be helpful to explain
> in
> the guide how to use non-standard paths for pcsclite and opensc.
Sure, thanks fo
IIUC, the readers are 'dumb' devices, so this is how opensc works actually:
Opensc invoke select DF...
Opensc shows a login and send it to card / request login to card
which shows a login popup, and gets 9000 if ok
Opensc request sign...
Having a pinpad/biometric could work like this:
Ope
Le 26 avril 2012 11:32, helpcrypto helpcrypto a écrit :
>> Report CKF_PROTECTED_AUTHENTICATION_PATH to the application. OpenSC
>> then calls an external lib to do do what is needed to authenticate the
>> user.
>>
>> The external lib can do anything like display a dialog box, talk to
>> the biometr
> Report CKF_PROTECTED_AUTHENTICATION_PATH to the application. OpenSC
> then calls an external lib to do do what is needed to authenticate the
> user.
>
> The external lib can do anything like display a dialog box, talk to
> the biometric reader, talk to a remote server, etc.
and what about the li
Le 26 avril 2012 10:23, helpcrypto helpcrypto a écrit :
> The question remains, anyway: how could opensc support
> biometric/whatever readers?
Report CKF_PROTECTED_AUTHENTICATION_PATH to the application. OpenSC
then calls an external lib to do do what is needed to authenticate the
user.
The exte
>> PKCS#11 interface define both, ui callback (notify)
>
> What is that? Can you be more specific?
I was thinking about CK_NOTIFY as a way to notify operation progress
>> Couldnt opensc provide a way to do this safely?
>> Could signed libraries solve this?
>
> What is the threat model?
> Who is t
Hello,
Le 26 avril 2012 09:18, helpcrypto helpcrypto a écrit :
>> I don't know about the readers or their internals, but OpenSC for sure
>> does not support any kind of biometric authentication.
>
> PKCS#11 interface define both, ui callback (notify)
What is that? Can you be more specific?
> an
Hello martin.
Just to know (im asking myself about it...)
> I don't know about the readers or their internals, but OpenSC for sure
> does not support any kind of biometric authentication.
PKCS#11 interface define both, ui callback (notify) and that login can
be made using pinpads/external devices
11 matches
Mail list logo
