| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
a 2 has discovered a way to force atms to disgorge their cash by 3 the computers inside them. 一位计算机黑客通过入侵atm柜员机里的电脑的方式,不用银行卡就能让atm机疯狂吐钞。 a hacker has discovered a way to force atms to disgorge their cash by hijacking the computers inside them. the attacks demonstrated wednesday targeted standalone(单独的) atms. but they could potentially be used against the atms operated by 5 banks. computer hacker barnaby 4 spent two years tinkering(铸补,熔补) in his 6 valley apartment with atms he bought online. these were standalone machines, the type seen in front of convenience stores, rather than the ones in bank branches. his goal was to find ways to take control of atms by exploiting weaknesses in the computers that run the machines. he showed off his results here at the black hat conference, an annual 7 8 to exposing the latest computer-security vulnerabilities(缺陷,脆弱点) . his attacks have wide implications because they affect multiple types of atms and exploit weaknesses in software and security measures that are used throughout the industry. jack, who works as director of security research for seattle-based ioactive inc, showed in a 9 10(示范,证明) two ways he can get atms to spit out(吐出) money: - he found that the physical keys that came with his machines were the same for all atms of that type made by that manufacturer. he figured this out by ordering three atms from different manufacturers for a few thousand dollars each. then he compared the keys he got to pictures of other keys, found on the internet. he used his key to unlock a 11 in the atm that had standard usb slots. he inserted a program he had written into one of them, commanding the atm to dump its 12. - he 13 into the machines by exploiting weaknesses in the way atm 14 communicate with the machines over the internet. jack said the problem is that outsiders are permitted to bypass the need for a password. he didn't go into much more detail because he said the goal of his talk "isn't to teach everybody how to 1 atms. it's to raise the issue and have atm manufacturers be proactive about 15(实施,执行) fixes." the remote style of attack is more dangerous because an attacker doesn't need to open up the atms. it allows an attacker to gain full control of the atms and not only order it to spit out money, but also to silently harvest card data from anyone who uses the machines. it also affects more than just the standalone atms vulnerable to the physical attack, and could potentially be used against the kinds of atms used by mainstream banks. jack said he didn't think he'd be able to break the atms when he first started probing them. jack said the manufacturers whose machines he studied are 16 software fixes for both vulnerabilities, but added that the prevalence of remote-management software broadly opens up atms to hacker attacks. 点击收听单词发音
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
上一篇:沙特黑莓手机禁令即将生效 下一篇:英国某市为议员配备ipad 节省增效 |
- 发表评论
-
- 最新评论 进入详细评论页>>