I went down to the bank to sort out the Y2K+10 mess today. I said my piece to the lady at the counter, and she inquired if I was able to get cash through other means? I replied yes, but it will cost me money. No problem, they will refund this. They always suggest having two pieces of money-obtaining plastic on you, and with their New! Improved! 6-Euros-a-month-Account they would have delivered me the cash I needed at any Forex. I tried to explain that we don't have those out in the woods, and they are closed weekends, but she wasn't listening.
I then asked why they didn't inform me. She danced around that one, and then said that it had been in the papers that the "newish" cards were the ones hit, so they had expected that we would recognize ourselves and come sort it out. Right. I noted that I would have expected a customer-oriented bank to inform me. She said that she would pass that on (translation: pipe to /dev/null). A tie-wearer in the background identified me as a troublemaker and took over.
So how do I get my card fixed? Oh, that's easy! You just get money out of our ATM and it gets fixed. Hmm, I have to get out money? Well, I could pay it right back in if I wanted to. So you mean your machines write to the chip? "What do you mean, write?" There's a chip there, and if you are fixing the problem on the card, you are not just reading it, but writing to it. "I'm sorry," he says, "I don't understand how it works, it just does when you put your card in.
So we have bank workers who do not understand how the chips work or what the security is based on. And there is a sector of the chip memory that is writable - writable from an ATM. I think there is some hack potential here, and I don't like it.
I first tried the bank statement machine - no dice, my card has a problem with it. Then the ATM.
I then asked why they didn't inform me. She danced around that one, and then said that it had been in the papers that the "newish" cards were the ones hit, so they had expected that we would recognize ourselves and come sort it out. Right. I noted that I would have expected a customer-oriented bank to inform me. She said that she would pass that on (translation: pipe to /dev/null). A tie-wearer in the background identified me as a troublemaker and took over.
So how do I get my card fixed? Oh, that's easy! You just get money out of our ATM and it gets fixed. Hmm, I have to get out money? Well, I could pay it right back in if I wanted to. So you mean your machines write to the chip? "What do you mean, write?" There's a chip there, and if you are fixing the problem on the card, you are not just reading it, but writing to it. "I'm sorry," he says, "I don't understand how it works, it just does when you put your card in.
So we have bank workers who do not understand how the chips work or what the security is based on. And there is a sector of the chip memory that is writable - writable from an ATM. I think there is some hack potential here, and I don't like it.
I first tried the bank statement machine - no dice, my card has a problem with it. Then the ATM.
Posts
No comments:
Post a Comment