Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Typically the vendor side of a publicized security exploit never releases details to this extent, ESPECIALLY in the financial sector. It's a very interesting perspective to get to read in detail.


Obviously my statement was purely subjective (style of writing).

That said: What details did you take away from the article? I'm serious. I just went back and skimmed the rest. It seems this is really a long version of 'someone found an exploit, we fixed it, he presented it in public and we handled the aftermath'. No details at all. The most technical bit was the 'Now we're so much more secure by requiring signed code', and that was it?


You can buy an ATM and have it shipped to your house.

Apparently, there is little meaningful verification that an ATM is secure before people start using it.

The target was randomly chosen, and a second company's ATM was breached in a completely separate fashion.

This was simply a publicity stunt for a security research company.

etc.


I was mostly interested in hearing what happens on the vendor side after an exploit is disclosed, but you're right.. there wasn't a lot of specifics.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: