SparkFun gets a Subpoena for all orders; says nah

It’s no secret that we’re fans of open source, and open hardware. And we have to applaud companies like SparkFun who also keep their customers in the loop about what’s going on with the business end of the company. For instance, they were recently contacted by a Sheriff’s office and asked for customer information and are sharing the story. One of their products had been used in a series of credit card skimmers and the officers wanted to get purchase information to track down the bad guys. SparkFun doesn’t just give out customer data and so was subsequently served with a subpoena.

The thing is, the document asks for all customer orders shipped to Georgia during a six month period. This seemed like it covered way too many orders, since the majority of them didn’t include the part in question. But the officials were willing to work with the company and narrowed the request to just the 20 or so orders that had the item in them.

It’s an interesting read, and we agree with SparkFun’s point about white hats and black hats. Often when posting about projects here we wonder about the potential to use the knowledge for no-good. But restricting the availability of knowledge (or hardware in this case) because of a few bad-actors is a concept we oppose. It’s like being a hacking super hero, with great skill comes great responsibility.

Cheap audio equipment makes ATM theft easier

ATM information theft is nothing new. Neither is the use of skimmers to gain access to the data. But it’s a little surprising just how easy it has become to hack together the devices using audio equipment. The images above are samples of a skimmer for sale from an Eastern-European do-no-good. It is the magnetic stripe sniffer portion of the attack which captures card data as an audio recording. That is later turned into the binary code that was read from the card. We’re just speculating, but that looks an awful lot like the PCB from a pen recorder, something you can pick up for just a couple of bucks.

Of course this is used in conjunction with a camera to capture PIN data as the second part of the security protocol, but it really underscores the need for new ATM technology. Some skimmers don’t even require retrieval of the hardware, and you never know where the sketchy machines might pop up next.

[via Engadget and Slashdot]

Follow

Get every new post delivered to your Inbox.

Join 96,600 other followers