IBM Crypto Up For Grabs?

An Anonymous Coward writes: "BBC Newsnight have tonight shown an article about a groups of hackers who are about to release details of the vulnerability of the IBM Cryptographical processors. ( Details here.) The BBC article can be watched online here. Alan Cox makes a starring role ;)" windowlicker adds some detail: "Mike Bond and Richard Clayton, from Cambridge University, have cracked IBM's 4758 crytoprocessor running the 'Common Cryptographic Architecture' (CCA). You can do the same with $1000-worth of hardware and the info from here. Many banks use this system for protecting PINs." The video file requires Real software; here's the BBC's article online for those of us without.

Pretty focussed branch manager...

[WasterDave]

"banks are vulnerable to a dishonest branch manager whose teenager has $995 and a few hours to spend in duplicating our work."

If you have a teenager who can hack FPGA's sufficiently well to brute force into a cash machine, you're really not going to have any problems making money in years to come. Either that or your problems are just beginning.

Dave

Is your parent a bank manger?

[Quizme2000]

Until IBM fix the CCA software to prevent our attack, banks are vulnerable to a dishonest branch manager whose teenager has $995 and a few hours to spend in duplicating our work.

I like the tech about hacking the processor, very clever. The rest is better read as bad fiction. Chalk this one up under the anarchist cookbook. Sure you may be able too, but you'll get thrown into jail or blow off a limb.

Re:Question...

[psavo]

2)I also live in a cold climate. There would be nothing odd with someone being bundled up with a ski mask on making use of an ATM...

I used to live in poor country, there was nothing odd with someone being bundled up with a ski mask on making use of an ATM...

Re:Hacker divas suck.

Yeah... and all the researchers in the lab were using Linux and Solaris.