distanz.blog

A hacker has used a loophole to collect more than $50,000 from Google Checkout and online brokerage firms, a few cents at a time.

When opening an online brokering account it is common practice for companies such as E-trade and Schwab to send a tiny payment - ranging from only a few cents to a couple of dollars - to verify that the user has access to the bank account listed. Services such as Google Checkout and Paypal use a similar tactic to verify credit and debit cards linked to accounts.

According to court documents, Californian Michael Largent used an automated script to open 58,000 such accounts, collecting many thousands of these small payments into a few personal bank accounts.

from, via

Somehow reminds me of Office Space

Build it yourself (even I with my modest soldering skills managed to ;-)

Personalisierter Stundenplan der ZHAWeh (man beachte die Suchergebnisse ;-)

Zwar schon älter (z.B. letzte Dezember auf Symlink), aber trotzdem ziemlich brisant: Die Postcard der Schweizerischen Post kann mit relativ geringem Aufwand (sprich Chipkartenleser und entsprechender Software) geklont werden. Voraussetzung dafür ist die Kenntnis des RSA-Schlüssels, welcher jedoch nur eine Länge von 320 Bit hat. Endlich mal eine konkrete Anwendung für unsere DiMa-Kenntnisse ;-)

Mehr auf postcard-sicherheit.ch/