{"id":392,"date":"2008-10-13T08:11:00","date_gmt":"2008-10-13T16:11:00","guid":{"rendered":"http:\/\/netmesh.info\/jernst\/uncategorized\/why-end-to-end-security-is-important"},"modified":"2008-10-13T08:11:00","modified_gmt":"2008-10-13T16:11:00","slug":"why-end-to-end-security-is-important","status":"publish","type":"post","link":"https:\/\/upon2020.com\/blog\/2008\/10\/why-end-to-end-security-is-important\/","title":{"rendered":"Why End-to-End Security is Important"},"content":{"rendered":"<p>The Telegraph <a href=\"http:\/\/www.telegraph.co.uk\/news\/newstopics\/politics\/lawandorder\/3173346\/Chip-and-pin-scam-has-netted-millions-from-British-shoppers.html\">reports<\/a>:<\/p>\n<blockquote>\n<p>&#8230;hundreds of chip and pin machines in stores and supermarkets across Europe have been tampered with to allow details of shoppers&#8217; credit card accounts to be relayed to overseas fraudsters.<\/p>\n<p>These details are then used to make cash withdrawals or siphon off money from card holders&#8217; accounts in what is one of the largest scams of its kind.<\/p>\n<p>&#8230;America&#8217;s counterintelligence chief said: &quot;Previously only a nation state&#8217;s intelligence service would have been capable of pulling off this type of operation. It&#8217;s scary.&quot;<\/p>\n<p>An organised crime syndicate is suspected of having tampered with the chip and pin machines, either during the manufacturing process at a factory in China, or shortly after they came off the production line.<\/p>\n<\/blockquote>\n<p>This is why using the idea of a claims transformer as the general panacea for identity issues has always been very scary to me: if you have a good claims transformer, you don&#8217;t really (want to) know that it is there, but your security depends on the security of each and every claims transformer in the chain.<\/p>\n<p>Here, nobody thought that the card reader (a claims transformer) was even a possible security issue. How many more claims transformers are there in the credit card (or any other) value chain, and how many of them are susceptible to similar attacks? I think we&#8217;ll only know after the next attack has been detected on the next claims transformer in the chain &#8230; one by one .. and that&#8217;s even more scary.<\/p>\n<p>It&#8217;s also a very good example for what works within an enterprise has little or no bearing on whether it works for a whole value chain, or the whole internet: in an enterprise you can enumerate and watch your claims transformers, even if it&#8217;s hard. If you go beyond the enterprise, it&#8217;s almost ridiculous to attempt and try &#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Telegraph reports: &#8230;hundreds of chip and pin machines in stores and supermarkets across Europe have been tampered with to allow details of shoppers&#8217; credit card accounts to be relayed to overseas fraudsters. These details are then used to make cash withdrawals or siphon off money from card holders&#8217; accounts in what is one of&hellip;<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"webmentions_disabled":false,"footnotes":""},"categories":[59],"tags":[],"class_list":["post-392","post","type-post","status-publish","format-standard","hentry","category-comments","kind-"],"kind":false,"_links":{"self":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/comments?post=392"}],"version-history":[{"count":0,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/posts\/392\/revisions"}],"wp:attachment":[{"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/media?parent=392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/categories?post=392"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/upon2020.com\/blog\/wp-json\/wp\/v2\/tags?post=392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}