Slashdot Mirror

← Back to Stories (view on slashdot.org)

2010 Bug Plagues Germany

Posted by CmdrTaco on from the well-that-was-ten-years-late dept.

krou writes "According the Guardian, some 30 million chip and pin cards in Germany have been affected by a programming failure, which saw the microchips in cards unable to recognize the year change. The bug has left millions of credit and debit card users unable to withdraw money or make purchases, and has stranded many on holiday. French card manufacturer Gemalto accepted responsibility for the fault, 'which it is estimated will cost €300m (£270m) to rectify.' They claim cards in other countries made by Gemalto are unaffected."

6 of 233 comments (clear)

  1. Effected? by LSD-OBS · · Score: 3, Informative

    Come on, editors.

    --
    Today's weirdness is tomorrow's reason why. -- Hunter S. Thompson
    1. Re:Effected? by show+me+altoids · · Score: 2, Informative

      This is what I came here to say. Should be "affected."

      --
      I feel sorry for people that don't drink, because when they get up in the morning, that's as good as they're gonna feel
    2. Re:Effected? by Jojoba86 · · Score: 2, Informative

      All editors please consult this handy guide.

  2. Easy solution . . . by PolygamousRanchKid+ · · Score: 2, Informative

    . . . use the magnetic strip.

    I just saw a clip on a German news channel showing a chick covering the chip on her card with a piece of clear adhesive tape. Apparently this forces a dual card reader to use the strip. But I wasn't listening, so I'm working, you know.

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    1. Re:Easy solution . . . by Anonymous Coward · · Score: 2, Informative

      This "solution" has already clogged up several ATMs: the adhesive tape gets stuck inside the machine and blocks the reader, rendering it unusable even for those customers who have an unaffected card. Thank you very much. (Remember that ATMs are designed to prevent manipulated cards from being used, so tolerances are tight. The increased thickness could be something more sinister than tape.)

  3. Re:Untested software by owlstead · · Score: 3, Informative

    Essentially, that opens another huge security gap (which might have been there for a long time but went unnoticed so far).

    It does not necessarily open up a "huge security gap", that's sensationalism. It does add significant "surface" to attack.

    GlobalPlatform cards (used by Visa/Mastercard) have always contained methods to update the Java Card (or other OS) applications on the card. Of course, this requires either signed code or a master key set. One expects this interface to be well tested and certified - and normally they are.

    Normally bank cards (and ID cards/passports) don't get updated in the field. I would not be surprised when upgrading the cards would meet serious problems.