return2ozma@lemmy.world to Technology@lemmy.worldEnglish · 4 months agoTwo students find security bug that could let millions do laundry for freewww.theverge.comexternal-linkmessage-square81fedilinkarrow-up1375arrow-down18
arrow-up1367arrow-down1external-linkTwo students find security bug that could let millions do laundry for freewww.theverge.comreturn2ozma@lemmy.world to Technology@lemmy.worldEnglish · 4 months agomessage-square81fedilink
minus-squarecyberic@discuss.tchncs.delinkfedilinkEnglisharrow-up10·4 months agoIf there’s no central control or ledger, couldn’t you just rewrite the card with the original values and the machines wouldn’t know any difference?
minus-squareExcrubulent@slrpnk.netlinkfedilinkEnglisharrow-up5·4 months agoOh yeah, that’s true, so you wouldn’t have destroyed the card, but it’s not a useful hack if they’ve done even the most basic security measures. That said, I would be fascinated to know what was on that card. I’d give it pretty good odds of having absolutely no security measures whatsoever.
minus-squareefstajas@lemmy.worldlinkfedilinkEnglisharrow-up2·4 months agoyou could add a random number to the encrypted data on the card and require it to always be the same or larger than the last time that card was seen, and then increment it every time the card is used.
If there’s no central control or ledger, couldn’t you just rewrite the card with the original values and the machines wouldn’t know any difference?
Oh yeah, that’s true, so you wouldn’t have destroyed the card, but it’s not a useful hack if they’ve done even the most basic security measures.
That said, I would be fascinated to know what was on that card. I’d give it pretty good odds of having absolutely no security measures whatsoever.
you could add a random number to the encrypted data on the card and require it to always be the same or larger than the last time that card was seen, and then increment it every time the card is used.