Slashdot Mirror

wiredmikey writes "According to Target Chairman and CEO Gregg Steinhafel, point-of-sale (POS) malware was used in the recent attack that compromised millions of credit and debit card account numbers of customers across the country. Steinfhafel told CNBC's Becky Quick in an interview that malware was used in attacks that compromised the company's point of sale registers. According to a report from Reuters, Target and Neiman Marcus may not be alone, as other popular U.S. retailers may have been breached during the busy the holiday shopping season. According sources who spoke to Reuters, attackers used RAM scraper, or Memory parser malware to steal sensitive data from Target and other retail victims. Visa issued alerts about attacks utilizing these types of malware in April 2013 and again in August 2013. Memory parser malware targets payment card data being processed 'in the clear' (unencrypted) in a system's random access memory (RAM). 'The malware is configured to hook into a payment application binary responsible for processing payment transactions and extracts the systems memory for full track data,' Visa explained in a security advisory."

Following up on our digital wallet discussion yesterday, CWmike writes "Google officially launched its Google Wallet application today for NFC-ready Sprint Nexus S 4G phone users. The application launches initially for Citi MasterCard credit card holders, but Google also said today that Visa, Discover and American Express will be able to add their cards to future versions of Google Wallet. The application, first announced in May, was described in an official blog post. Visa said in a separate statement that it has licensed Google to use Visa's PayWave technology, used in 'hundreds of thousands' of terminals worldwide. But Visa didn't describe a timeline for when that function would be enabled. Google said it will allow users to add any bank card to a Google Prepaid Card and they will receive $10 to try the service." Reviews of the service are popping up, and many seem to say the same thing; when it works, it's great, but your real wallet isn't going anywhere.

Slashback tonight brings you a larger-than-usual assortment of updates, clarifications and followups to previous and ongoing Slashdot stories. Read on below for more details on the Canadian Harry Potter injunction, CardSystem's customer data mishap, the popularity of Beethoven vs. the Beatles, and what the recent MySpace acquisition might mean.

Beethoven rules the downloads charts! jd writes "At 1.4 million downloads, Beethoven has beaten the Beatles in online downloads, according to The Guardian. iTunes sales of 'Sgt. Pepper's Lonely Hearts Club Band' comes in at a mere 20,000. The BBC, who put the symphonies on their download site, are delighted. The music industry, which thought classical music was all but dead, is in shock. About the only question remaining is how much did the Slashdot Effect contribute?"

And if the Beatles are "more popular than Jesus," this Beethoven guy must be really popular!

Now you can think of it as Rupert'sSpace. applextrent writes with a few thoughts on the recent acquisition of MySpace by Fox: "MySpace's privacy policy and company filings including all users' information lists, databases, text, files and documents are explicitly documented as an asset of MySpace. The agreement also states MySpace can sell the site and all user information to a third party that might not necessarily follow the same privacy policy as MySpace. To put it simply, MySpace owns everything a user provides them with. This is not entirely an uncommon thing for many free services such as AOL's Instant Messenger have similar privacy policies. Now all of this user information is in the hands of News Corp. and they can pretty much do whatever they want with it.

Not to say anything bad will come of this, in fact this could mean better protection for users privacy, or it may not. This is possible reason for concern especially considering MySpace's blog population for a MySpace run blog is technically owned by the same people who bring you Fox News."

This is much worse than losing the car keys, son. An anonymous reader writes "In the wake of the large-scale credit card compromise of Card Systems, the NYTimes is reporting that Visa has decided to stop allowing transactions from the processor. Visa says 'CardSystems has not corrected, and cannot at this point correct, the failure to provide proper data security for those accounts.' Visa has informed member banks that they have until Oct. 31 to switch from using CardSystems to process card transactions. The decision sends a strong message to the industry about Visa's stance on cardholder security with respect to enforcing the PCI Data Security Standard. We'll see how MasterCard and American Express react. Also the long term viability of CardSystems itself is now in question."

Another visit to the Abandonware Orphanage. chill writes "Aladdin 4D, the venerable Amiga 3D design and rendering program, is yearning to be free. If the owners, Nova Designs, can raise $37,579.83 to pay off old debts they will release the trademarks, source code, tutorials, rights, and all as LGPL. So, if having this tool available to the FOSS pool of code is something that interests you, donate!"

This approach worked for Blender; it would be great to see it happen more.

Google keeps stealing my best ideas before I have them. Chmarr writes "Right on the heels of Google Moon, Google Maps now includes very detailed maps of our favorite animation source Japan. Here's hoping you can read Japanese."

But you only need to read Alien for this one: Oreo 51 writes "It was only a matter of time before someone did this. Barry Snyder used Google Maps to take shots of the infamous high-security Area 51 in the Nevada desert. I can't wait to see what /.ers think of all the craters and interesting sand geometry there."

Now taking donations of one nickel per cool use of Google Maps, to go toward the James Ellroy Crime Scene Map Project Fund.

Now with more nutritious Darkness! Simian Farmer writes "For the tens of thousands of Star Wars fans who visited The Darth Side: Memoirs of a Monster on a daily basis just before the release of Sith, the same author has begun penning his own blog-novel called Simon of Space.

The style of writing that lured so many to read Darth Side so avidly this past April/May is present in spades in his new fiction, updated almost daily. According to the author, it has, '...romance, action, humour and all the whiz-bang special effects you can get without actually making a movie.'"

Blue Frog Claims to be Legit justy writes "I noticed that Blue Security, the company behind the Blue Frog anti-spam initiative, have issued a statement on their blog as a result of "feedback we have received from the community". They say that "the total number of complaints posted by the community is exactly equal to the number of spam messages received", which seems more fair in my opinion. Perhaps this development is a result of the heated discussion here on Slashdot."

Well that's not Orwellian or anything, Nooo .... An anonymous reader writes "The fallout from the recent Canadian Harry Potter court order continues [Harry Potter and the Right to Read] as a national newspaper was threatened with a lawsuit if they published a book review based on an 'unlawful reading.' The case, along with similar copyright abuses, has Canadians wondering what became of a kinder, gentler legal approach."

Well, keep looking then. According to this NY Times story, the recently described spotting of an ivory-billed woodpecker may be based on evidence too weak to rely on; this is the same bird that Cornell researches have been looking for with automated means to detect its distinctive voice.

Anonymous Writer asks: "PayPal has become the standard for making donations to Open-Source projects, and in many cases the only way. Out of the 247 countries and territories represented by top-level domains on the Internet, credit cards are available in 128. However, PayPal only accepts credit cards from 45 of these countries, which excludes 83 from using their service. Nearly two-thirds of the countries on the Internet with valid credit card billing services are currently prevented from making donations using PayPal. Even credit cards issued from those 45 accepted countries with billing addresses not among them are excluded, which affects people working overseas and expatriots. If you want to support the Open-Source Software movement but don't live in a PayPal-accepted country, what are your alternatives?"

wessman writes "In October 2002, Visa (the credit card company) convinced a Las Vegas federal court to prevent the small business JSL Corp. from using the term 'evisa' and the domain 'evisa.com' for its website offering travel, foreign language, and other multilingual applications and services. The court ruled that the website--run by Joe Orr from his apartment-- 'diluted' Visa's trademark, even though the site uses the word 'visa' in its ordinary dictionary definition, not in relation to credit card services. Now, the Electronic Frontier Foundation is helping JSL with an appeal. The EFF has a press release available."

In a continuing stream of articles that really press home the need for personal privacy, Visa is teaming up with folks to produce a super smart card, one that you will supposdly be able to put money into from home. They hope to replace the smart card. Now, I'm not paranoid but credit cards already give me the chills. This just seems one step worse. Thanks to John Heemstra for this link.