formatting link
332 Well, no.
Researchers at the University of Cambridge have managed to hack a so
> called tamper resistant Chip and PIN terminal and get it to play > Tetris.
Tamper-resistant, yes. Not tamper-proof. The lengths they had to go to (below) also shows just how resistant it was.
Security researchers Steven Murdoch and Saar Drimer managed to get a
> version of Tetris working on the terminal by replacing most of the
> unit's internal electronics. But the hacking illustrates how
> fraudsters may be able to physically modify terminals.
So what? I could even build a brand new one from scratch, just as I could probably build something with more than a passing resemblance to an ATM.
In a Web blog written by the researchers, Drimer says even a perfect
> tamper resistant terminal will only ensure that the device cannot
> communicate with a bank once opened.
No. It will ensure that any secret data (such as any private keys) is erased.
It does not prevent anyone from replacing a terminal's hardware and
> presenting it to customers as legitimate in order to collect card > numbers and PINs.
But nobody ever claimed that was the purpose. The card chips themselves haven't been cracked, and that's the main point here.