Horace Dediu writing about Google’s public facing image and purpose. The representation is one of a research laboratory succeeding against difficult problems. Very similar to a successful academic or industrial laboratory sustained by grants from a benevolent (but messy) organization. Google becomes the embodiment of “big science” and “the world’s laboratory” unfettered by politics and…Continue Reading
The source close to the Target investigation said that at the time this POS malware was installed in Target’s environment (sometime prior to Nov. 27, 2013), none of the 40-plus commercial antivirus tools used to scan malware at virustotal.com flagged the POS malware (or any related hacking tools that were used in the intrusion) as malicious. “They were customized to avoid detection and for use in specific environments,” the source said.
That source and one other involved in the investigation who also asked not to be named said the POS malware appears to be nearly identical to a piece of code sold on cybercrime forums called BlackPOS, a relatively crude but effective crimeware product. BlackPOS is a specialized piece of malware designed to be installed on POS devices and record all data from credit and debit cards swiped through the infected system.
According the author of BlackPOS — an individual who uses a variety of nicknames, including “Antikiller” — the POS malware is roughly 207 kilobytes in size and is designed to bypass firewall software. The barebones “budget version” of the crimeware costs $1,800, while a more feature-rich “full version” — including options for encrypting stolen data, for example — runs $2,300.
... Large retailers and grocery stores that are members of the PCI Council have resisted toughening standards on the ground that some solutions would be costly to implement or result in slower transaction times that could frustrate customers and sales. “They’re utilizing a ten-year-old system,” [Gartner analyst Avivah Litan] says, and to make changes would…Continue Reading