The banks are fighting real security hand over fist. Why? The United States lags behind even third-world countries in terms of financial transaction security, and it’s the reason for so many high-profile breaches such as Target and Home Depot. The new system looks impressive on the surface, but it does not provide the multiple-factor authentication required for a secure transaction. Technology has surpassed the analog signature as the de facto means of identification, but PINs can be changed at the first sign of a breach with little disruption for the consumer. Wake up, America! Your bank is not working in your best interests! Demand real security now!
The new chip cards and readers won’t stop card fraud but will simply shift it to a different area.
Source: That Big Security Fix for Credit Cards Won’t Stop Fraud | WIRED
Assuming that no one will try to break a lock because that action is illegal invites only those who intend to break the law to break said locks. This is the essence of the most dangerous provisions of the DMCA.
In the latest sign that the war between security researchers and the companies they investigate is heating back up, researchers who uncovered vulnerabilities in a brand of high-security electronic locks marketed to airports, police departments and critical infrastructure facilities have been threatened with two aggressive legal letters from the maker of the locks.
Source: With Lock Research, Another Battle Brews in the War Over Security Holes | WIRED
This is why I NEVER use Facebook’s login API.
A researcher has created an easy-to-use tool designed to hijack accounts on websites that use the Facebook Login button, such as Booking.com, About.me, Vimeo, and even news site Mashable.
Read the rest