I was given the opportunity to present at this year's BSides London [1]. The talk was a 15 minutes presentation about Point of Sale (POS) devices, during a no-camera, no-recording session due to the sensitive content.
I have been researching the features of POS devices for more than a year and I wanted to share my findings before someone else does something similar. However, due to the fact it is not easy to fix the issues overnight, I decided to keep the presentation "behind closed doors". During the presentation I demonstrated how it is possible for anyone to become a "hacker" and abuse these little devices with simple key combinations.
It is not easy to get your hands on a actually working POS if you are not a merchant, and also, you cannot start testing it if it is not connected to the appropriate back-end with a number of different test cards.
I was very pleased that people had so many questions about this and I tried to answer most of them in the limited time I had. This lighting talk was a success and I have been invited to give a 45' minute talk at BSides Manchester [2] in July!
People will have the opportunity to hear about this in more detail with all the trick I have found. I am looking forward to this.
It is not easy to get your hands on a actually working POS if you are not a merchant, and also, you cannot start testing it if it is not connected to the appropriate back-end with a number of different test cards.
I was very pleased that people had so many questions about this and I tried to answer most of them in the limited time I had. This lighting talk was a success and I have been invited to give a 45' minute talk at BSides Manchester [2] in July!
People will have the opportunity to hear about this in more detail with all the trick I have found. I am looking forward to this.
On a side note, it is real nice to see that each year the event becomes more and more professional with such a variety of subjects.
I was about to write a more detailed wrap-up of the day, but Xavier (@xme) did that already with a fantastic wrap-up in an amazing speed. well done!!
You can find his wrap-up article at his blog: http://blog.rootshell.be/2014/04/29/bsideslondon-2014-wrap-up/
Hope to see everyone next year!
[1] https://www.securitybsides.org.uk
[2] http://www.bsidesmcr.org.uk
No comments:
Post a Comment