Slashdot Mirror

← Back to Stories (view on slashdot.org)

Citibank Tries to Hush ATM Crypto Vulnerability

Posted by michael on from the be-vewwy-vewwy-qweit dept.

palme999 writes "Citibank is trying to get a gag order for new vulnerabilities found in the cryptographic equipment commonly used to protect the PINs of ATM transactions. The vulnerabilities came to light during a court case involving 'phantom' ATM transactions that users deny making but that banks still charge to customers accounts because they claim their systems are secure."

4 of 385 comments (clear)

  1. This is SERIOUS by arvindn · · Score: 5, Insightful
    This isn't like on of the regular "a new vulnerability has been discovered. No exploitz are known yet. Patch can be found " kind of things we get on bugtraq all the time.

    From the article

    For the last couple of years or so there has been a rising tide of phantoms. I get emails with increasing frequency from people all over the world whose banks have debited them for ATM withdrawals that they deny making. Banks in many countries simply claim that their systems are secure and so the customers must be responsible. It now looks like some of these vulnerabilities have also been discovered by the bad guys.

    What the bank is doing is very irresponsible. I hope they get lots of bad publicity for this. Getting on /. is a good start.

  2. Re:Shut them up! by Daniel+Dvorkin · · Score: 5, Insightful

    Um ... you're kidding, right?

    Citibank has no interest in "the best interest of its customers." Like any other megacorp, they don't give a shit about you. They're much more concerned about the embarrassment of admitting that their security is worthless than they are about actually keeping people's money safe. The only way to get them to fix this problem is to publicize it as loudly as possible, because then not fixing the problem becomes even more of an embarrassment for them.

    --
    The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
  3. Re:Fees... by Lawbeefaroni · · Score: 5, Insightful

    They're not completely secure because if they were, it would put a dent in all that dough they're raking in. Security through obscurity is free, security that is secure isn't.

    --
    "When it rains, it pours." --Morton's Salt
  4. Re:Go back to sleep children by aussersterne · · Score: 5, Insightful

    Everything is ok.

    Your money is safe.

    The world is simple.

    You are with us or against us.

    Go buy yourself something, you deserve it.

    Those in charge know what they are doing and will take care of you.



    When I think about this, the fact that this post was modded as "insightful" by someone is perhaps the most frightening thing I've seen in a long time.
    --
    STOP . AMERICA . NOW