Question: hypothetical Hacking of a Gold card protected account

[heehaw]

Quote:

Originally Posted by BruuD

It's never gonna happen
(MA responding to this thead and someone with GC being hacked)

do you truely believe in a never?

[Immortal]

Quote:

Originally Posted by aridash

the op doesnt specify any attack vector. rather than attack the GC technology, the hack could come from a trojan attack. what happens once an account has been compromised is the point, regardless of method.

Ok... erm... but you have to have the GC in your hand (or the MA server) to access it ... unless you could somehow read and unsplice the GC algorithm (in which case... if you're unsplicing 128bit cryptology (or whatever I'm not a cryptologist or up todate with what GC algorithm they use) I think EU isn't going to be the place to hack (why not go after c/card companies....). My point is that someone who had powers to hack a GC also has powers to take down civilization if that makes sense....so why would they choose to smite EU...

[Nazbrat]

Why choose to Hit EU???
EU would Merely be a stepping stone to a Larger corporation such as a credit card company. Remember that the tech used in the GC system is used by Banks as well. Ther is only 3 ways to make EU Truely Secure DNA cryptology, Fingerprint Readers , Retna scanner of which are Linked to your account

When MA chose this system it was cutting edge. and Pretty Secure Still is untill some Idiot breaks it.

What I and a lot of others who don't have a GC yet want to know is what Benefits Does a GC system Provide. Other than the Obvious Additional Random number PW for our accounts and EU website security enhancements to Sensitive info areas.

Please Keep in Mind I DO OWN A GOLD CARD SYSTEM.

On a Plus note the Question submitted to MA is being looked at. im hoping to hear from them soon.

[alh]

Quote:

Originally Posted by Immortal

Ok... erm... but you have to have the GC in your hand (or the MA server) to access it ... unless you could somehow read and unsplice the GC algorithm (in which case... if you're unsplicing 128bit cryptology (or whatever I'm not a cryptologist or up todate with what GC algorithm they use) I think EU isn't going to be the place to hack (why not go after c/card companies....). My point is that someone who had powers to hack a GC also has powers to take down civilization if that makes sense....so why would they choose to smite EU...

Quote:

Originally Posted by Nazbrat

Why choose to Hit EU???
EU would Merely be a stepping stone to a Larger corporation such as a credit card company. Remember that the tech used in the GC system is used by Banks as well. Ther is only 3 ways to make EU Truely Secure DNA cryptology, Fingerprint Readers , Retna scanner of which are Linked to your account

Hehe, here we go with the wild theories again...
Noone will be stupid enough to attack this part of the system to get into EU...
There is no need for any "test system" to crack it, just go download the specs of it from ISO, and start working
As noted, its much easier to try circumvent it.

BTW, both "DNA cryptology" (whatever that is, but lets shorten it to "DNA") and fingerprint readers are a lot easier to fool then the GC system...

The GC you have locked in, your DNA and your fingerprints you spread around daily and is quite easy to pick up and re-use... (MythBuster for example showed how you could trick very expensive fingerprint readers with the help of some carbon powder, a scanner, and a laser printer)

And just the verification system doesn't solve the insecure line problem you have when communicating with MA from your computer.
That part is excellently solved by the standard GC is based on, it was invented to solve this type of problem.

Lets stop discussing spagetti monsters and get back to real issues...

- Yes, you can theoretically still be hacked if you have a GC
- Not having it makes it extremely much easier though, and can be done by any novice programmer
- If you were hacked with the GC, what happens will depend on the exact nature of the hack.
- MA will of course launch an investigation to find out exactly why it happened.
- The result of that investigation will decide if you get your stuff back or not
- Without (real) details its impossible to predict the outcome.
- Having the GC gives you a lot better chance then not having it.

[Kerham]

Quote:

Originally Posted by Nazbrat

Why choose to Hit EU???
EU would Merely be a stepping stone to a Larger corporation such as a credit card company.

Man, you saw too many stupid movies with hackers using a computer which has as loading screen "hacking sequence initiating".

[aridash]

Quote:

Originally Posted by Immortal

Ok... erm... but you have to have the GC in your hand (or the MA server) to access it ...

bugger it, too much info putting too many ideas out there and we've done this issue before.... live in denial if you wish.

long and short, very few "secure" systems really are, unless you control the complete end to end transmission of data.

[AJack10600]

Kredit Cards are being hacked every day... it's rather simple... but for credit cards, banks usually take full responsibility unless you have been very bad at preserving security. If you card gets hacked while shopping (Skimed) and later abused, you are usually not made liable. MA should behave the same if you get hacked using gold card.

That said, it's possible to hack you, while using the gold card (fake login) but it's highly unlikely that the gold card itself get's hacked. That's hell of a logarithm to hack ...

[somon90]

One could probably be able to hack an GC protected account if one had a key-logger on for long enough and had the intelligence or software to figure out the algorithm that generates new codes...

[Vedder]

Quote:

Originally Posted by somon90

One could probably be able to hack an GC protected account if one had a key-logger on for long enough and had the intelligence or software to figure out the algorithm that generates new codes...

There's no algorithm.
It's just a looooong sequence of numbers.

[somon90]

Quote:

Originally Posted by Vedder

There's no algorithm.
It's just a looooong sequence of numbers.

I suppose that makes it a bit harder to hack