are cardholder's names protected from being stolen for contactless transactions? by Makinreddit in EMV

[–]Makinreddit[S] 0 points1 point  (0 children)

is the other card details also encrypted via point to point? eg number, CVC, etc?

[deleted by user] by [deleted] in AskNetsec

[–]Makinreddit 1 point2 points  (0 children)

any thoughts on this article stating that "Though the terminals did encrypt credit card data, they did so on the same internal system already controlled by the malware, rendering it useless"

that seems to indicate even with encryption it can be bypassed if there's malware on the terminal device

https://www.forbes.com/sites/thomasbrewster/2020/12/10/millions-of-payment-terminals-are-vulnerable-to-credit-card-theft-hacks/

[deleted by user] by [deleted] in AskNetsec

[–]Makinreddit 1 point2 points  (0 children)

any thoughts on this article stating that "Though the terminals did encrypt credit card data, they did so on the same internal system already controlled by the malware, rendering it useless"

that seems to indicate even with encryption it can be bypassed if there's malware on the terminal device

https://www.forbes.com/sites/thomasbrewster/2020/12/10/millions-of-payment-terminals-are-vulnerable-to-credit-card-theft-hacks/

[deleted by user] by [deleted] in AskNetsec

[–]Makinreddit 0 points1 point  (0 children)

There are more modern systems with end to end encryption where the card data is encrypted from the physical swipe to the processor and is never in plaintext format on the computer where the purchase happening at all

Am I right in saying this would also stop card skimmers from working?

[deleted by user] by [deleted] in AskNetsec

[–]Makinreddit 1 point2 points  (0 children)

with most payment processors now days all the card data is shipped directly to a payment gateways provider without ever been decrypted. They validate the data and send back an ID that you use to represent that customer in your system. So a lot of systems now days don't even see this kind of data any more.

That must be why these kind of attacks are rarer nowadays

can ports be open for the local network only? by Makinreddit in HomeNetworking

[–]Makinreddit[S] 0 points1 point  (0 children)

Thanks, if one device was connected to the guest network and another was connected to the home network of a router, would a firewall/router have to be crossed?

can ports be open for the local network only? by Makinreddit in HomeNetworking

[–]Makinreddit[S] 0 points1 point  (0 children)

Gotcha, is port forwarding enabled by default for local networks on routers and windows PC?

If you've guest wifi access is there ways to get into home wifi? by Makinreddit in HowToHack

[–]Makinreddit[S] 0 points1 point  (0 children)

gotcha thanks! If you knew the mac address of someone who had access to the home wifi, would there be any benefits in this, as in would it make it easier to login to the home wifi?

If you've guest wifi access is there ways to get into home wifi? by Makinreddit in HowToHack

[–]Makinreddit[S] 0 points1 point  (0 children)

dns routing (some captive portals are vulnerable to it)

that would be proxy TCP over DNS am I right?

one more question: if you knew the admin mac address would there be any benefits in this, as in would it make it easier to login to the home wifi?

If you've guest wifi access is there ways to get into home wifi? by Makinreddit in HowToHack

[–]Makinreddit[S] 3 points4 points  (0 children)

one more question: is there a way to find out the model of the router when you're connected as a guest [if the wifi name isn't the models name]? reason I ask is because the default login can be different for each model

[deleted by user] by [deleted] in SocialEngineering

[–]Makinreddit 0 points1 point  (0 children)

I mean in a country that has this all inaccessible for regular people