True it's not that bad. The real hole in the security is the human one, where a crook can intimidate the card holder into handing over their card ie robbing them. Then they either intimidate the PIN detail out of the victim or have already stolen it using a bogus Terminal.
But the crook has to have the card (with chip intact) in order to use it as it is the Chip that controls the transaction
Slashdot Mirror
Mental! I understand the need for ksplice, but would you trust a third party to "patch" your kernel for "security" flaws?
True it's not that bad. The real hole in the security is the human one, where a crook can intimidate the card holder into handing over their card ie robbing them. Then they either intimidate the PIN detail out of the victim or have already stolen it using a bogus Terminal.
But the crook has to have the card (with chip intact) in order to use it as it is the Chip that controls the transaction
Cheers