Pin Terminal Tetris


I’ve never trusted putting my PIN number at a store, and now I’m glad I don’t. In an effort to prove just how hackable those handy input terminals are, [saar drimmer] and [steven murdoch] replaced the guts of a pin terminal with… tetris. Hmm, now I need a gameboy tetris fix Thanks [terti]

A word of warning, the embedded video made Mozilla nutty on my usually rock solid machine.

Comments

  1. kcbanner says:

    Video worked fine here with mplayer-plugin for firefox :D.

    Yes this is a hack in the true spirit of hacks, the very essence of Hack a Day. Jolly good, jolly good I say!

    Love the welcome screen on the Tetris game…Professor…

    -kcbanner

  2. Bones says:

    The video (I assume, or something else on the site) killed my Firefox, and even IE, as well. I didn’t see anything of use there anyway, but the video is on YouTube.

    http://www.youtube.com/watch?v=wWTzkD9M0sU

  3. Crash says:

    Nice.

    –CrashGames.biz

  4. Derek Vance says:

    THats Sweet!

  5. Chupa says:

    web site is farked, slow load

    If if replaced the guts of it i don’t see how that really proves they are hackable.

    I can hack an orgional nintindo to run windows if i replace the guts with a computer.

    not really a “SECURITY THREAT” imo, just neat hack of tetris in a strange place. Yea replacing the guts to record CC info is 1 thing. Taking it to a business and installing it there and seeing if you get away with it is another. Which im sure is possible to get away with with some social engineering.

    i doonoo… im just a hater

  6. Modrak says:

    That’s so stupid :D But I love it ! :)

  7. Sonderling-Meister says:

    chupa, i dare you to fit a full motherboard and hard drive, griphics card, ect in a gameboy original. lol. sweet hack, anyway.

  8. ed3 says:

    sonderling-meister, chupa said “original nintendo” which I assumed to mean the NES – http://www.mini-itx.com/projects/nespc/

    Although the original Gameboy is large enough to hold the guts of an iPaq… Or perhaps Gumstix…

    “In an effort to prove just how hackable those handy input terminals are” – Wow, nice scaremonger statement there. Sure, anything is hackable when one has it on the bench in their workshop. In that situation, the real “hack” is getting it back onto the convenience store counter without anyone noticing.

  9. DarkFader says:

    Someday magnetic cards become extinct. Until then, check your balance each day before it’s completely gone.

  10. Finch says:

    Everyone needs to upgrade to Firefox 2. The video plays perfect on it. (along with a lot of other stuff that won’t run on IE7)

  11. TJ says:

    I really don’t see how this proves they are insecure. You could do the same thing with any piece of hardware in the world, pull it apart and put different electronics inside of it.

    That doesn’t explain how you get the terminal out of the store, rebuild it at home, and then return it to the store without anyone noticing you took it; or for that matter the fact that it no longer actually works as a credit card terminal, but is just stealing CC numbers.

  12. John says:

    It’s not so much about you replacing one at a store, it’s about a crooked shopkeeper putting one of these next to his till.

    What if instead of playing Tetris it said “PLEASE ENTER YOUR PIN”, and instead of authorizing your charge it stored your account information and PIN? (This is a form of card data theft known as “skimming”.) It could still print out “CHARGE APPROVED” and giving you a chocolate bar for free would be a small price to pay to get an account and PIN of a customer with good credit.

    The idea is that you’re supposed to be able to trust these terminals. How’s your trust level now?

  13. Ben the Man says:

    These things are actually quite secure! Your pin/card number is encrypted before it even leaves the unit. Not even the peeps at the store (save for the few with soldering irons handy) can service it: only the company that made it can get past the encryption.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 96,704 other followers