Jump to content
Manx Forums - A Discussion Board & Classifieds for the Isle of Man

Chip & Pin Fraud

manshimajin

By manshimajin
in International News

Recommended Posts

  • Replies 63
  • Created
  • Last Reply
Cambon Mentor

Cambon

Posted
Posted
Hey Cambon they made it easy for you:

 

If the encryption codes were not so easy to break, why did they go from 1 DES to 3 DES a couple of years ago? The thing is once a scammer has downloaded the information from your card, the pin can be broken down into it's 4 segments, each of which can only have one of 10 possible values. Those 10 values are easy enough to break. Once broken you simply write a program to match up the information of each encoded value giving you the PIN.

Link to comment
Share on other sites
ans Newbie

ans

Posted
Posted

I find it both hilarious and depressing that you cite the change in DES when you clearly don't have a clue how it actually works. You are, quite possibly, the most poorly educated and ill researched conspiracy theorist I've ever had the misfortune to come across. I would not be surprised to discover that you still have difficulty tying your own shoes so how you actually manage to post on an Internet Forum is mystifying to me.

Link to comment
Share on other sites
Cambon Mentor

Cambon

Posted
Posted
I find it both hilarious and depressing that you cite the change in DES when you clearly don't have a clue how it actually works. You are, quite possibly, the most poorly educated and ill researched conspiracy theorist I've ever had the misfortune to come across. I would not be surprised to discover that you still have difficulty tying your own shoes so how you actually manage to post on an Internet Forum is mystifying to me.

 

Go on then Ans, tell me why you think it is not possible.

Link to comment
Share on other sites
ai_Droid Newbie

ai_Droid

Posted
Posted
If the encryption codes were not so easy to break, why did they go from 1 DES to 3 DES a couple of years ago?

 

Encryption's a moving target, as computing power increases the theoretical time to break codes goes down. But then the power to encyrpt goes up, so it's normal to see encryption get stronger over time.

 

The thing is once a scammer has downloaded the information from your card, the pin can be broken down into it's 4 segments, each of which can only have one of 10 possible values. Those 10 values are easy enough to break. Once broken you simply write a program to match up the information of each encoded value giving you the PIN.

 

4 segments with 10 possible values, why would you decrypt a VPP off a card, and then still be faced with deducting the pin from 4 digits and 10 possible values, which is the strength of the pin before you decripted! That's what a pin is you noodle.

 

If you think a 4 digit, 10 value pin is 'easy enough' to break, why don't you tell me what mine is?

 

You can't 'simply write a programe to match encoded value to the pin' because the pin isn't encoded. It's not encoded. You got that? The PIN. Isn't. Encoded.

Link to comment
Share on other sites
ans Newbie

ans

Posted
Posted
I find it both hilarious and depressing that you cite the change in DES when you clearly don't have a clue how it actually works. You are, quite possibly, the most poorly educated and ill researched conspiracy theorist I've ever had the misfortune to come across. I would not be surprised to discover that you still have difficulty tying your own shoes so how you actually manage to post on an Internet Forum is mystifying to me.

 

Go on then Ans, tell me why you think it is not possible.

 

If this were a sitcom, you'd be the permanently stoned hippy teenager who's forever getting into scrapes with the neighbours and struggles to work the microwave.

 

I don't believe you have the ability to comprehend your times tables so I'm not going to waste my time explaining basic cryptography to you.

Link to comment
Share on other sites
Cambon Mentor

Cambon

Posted
Posted
If this were a sitcom, you'd be the permanently stoned hippy teenager who's forever getting into scrapes with the neighbours and struggles to work the microwave.

 

I don't believe you have the ability to comprehend your times tables so I'm not going to waste my time explaining basic cryptography to you.

 

 

Then shall I explain it to you? It is the conversion of meaningful data into secret code using an algorithm (for which there is always a secret key). In the case of a PIN the algorithm is stored on the magnetic strip on the back of the card in a series of 168 bit keys (or 56 bit keys depending on how you look at it). Agreed?

Link to comment
Share on other sites
ai_Droid Newbie

ai_Droid

Posted
Posted
Then shall I explain it to you? It is the conversion of meaningful data into secret code using an algorithm (for which there is always a secret key). In the case of a PIN the algorithm is stored on the magnetic strip on the back of the card in a series of 168 bit keys (or 56 bit keys depending on how you look at it). Agreed?

 

Not agreed. The PIN isn't encypted at all. The PIN isn't on the card. How plain can I make this point?

Link to comment
Share on other sites
ans Newbie

ans

Posted
Posted

If one of my children asks me how babies are made. I wont tell them that it's a complex biological process which follows a conception, gestation and delivery period and the myriad of foetal changes along the way. I'll tell them the stork brings it. Why? Because at their age (5&4), they can't fully comprehend any of the terminology or physiology I'm trying to tell them. In effect, I'm wasting my time.

 

Right now, I feel like I'm talking to a child and quite honestly, I have better things to do than attempt to educate a mouth breather like you.

Link to comment
Share on other sites
Cambon Mentor

Cambon

Posted
Posted
If one of my children asks me how babies are made. I wont tell them that it's a complex biological process which follows a conception, gestation and delivery period and the myriad of foetal changes along the way. I'll tell them the stork brings it. Why? Because at their age (5&4), they can't fully comprehend any of the terminology or physiology I'm trying to tell them. In effect, I'm wasting my time.

 

Right now, I feel like I'm talking to a child and quite honestly, I have better things to do than attempt to educate a mouth breather like you.

 

The feeling is mutual. I would not piss on you if you were on fire.

Link to comment
Share on other sites
Skeddan Newbie

Skeddan

Posted
Posted

Security isn't just about cryptography. As pointed out earlier, signatures aren't really secure either. The point is by requiring a signature, anyone who forges this is committing fraud and can then be prosecuted for that.

 

The lesson from signature and cheque fraud should be that security also relies on effective prosecution of fraud. It's harder with the Internet - and focus is then put on technology when really the real issue is to do with liability, regulatory control and law enforcement.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...