Pin Terminal Tetris


I’ve never trusted putting my PIN number at a store, and now I’m glad I don’t. In an effort to prove just how hackable those handy input terminals are, [saar drimmer] and [steven murdoch] replaced the guts of a pin terminal with… tetris. Hmm, now I need a gameboy tetris fix Thanks [terti]

A word of warning, the embedded video made Mozilla nutty on my usually rock solid machine.

13 thoughts on “Pin Terminal Tetris

  1. Video worked fine here with mplayer-plugin for firefox :D.

    Yes this is a hack in the true spirit of hacks, the very essence of Hack a Day. Jolly good, jolly good I say!

    Love the welcome screen on the Tetris game…Professor…

    -kcbanner

  2. web site is farked, slow load

    If if replaced the guts of it i don’t see how that really proves they are hackable.

    I can hack an orgional nintindo to run windows if i replace the guts with a computer.

    not really a “SECURITY THREAT” imo, just neat hack of tetris in a strange place. Yea replacing the guts to record CC info is 1 thing. Taking it to a business and installing it there and seeing if you get away with it is another. Which im sure is possible to get away with with some social engineering.

    i doonoo… im just a hater

  3. sonderling-meister, chupa said “original nintendo” which I assumed to mean the NES – http://www.mini-itx.com/projects/nespc/

    Although the original Gameboy is large enough to hold the guts of an iPaq… Or perhaps Gumstix…

    “In an effort to prove just how hackable those handy input terminals are” – Wow, nice scaremonger statement there. Sure, anything is hackable when one has it on the bench in their workshop. In that situation, the real “hack” is getting it back onto the convenience store counter without anyone noticing.

  4. I really don’t see how this proves they are insecure. You could do the same thing with any piece of hardware in the world, pull it apart and put different electronics inside of it.

    That doesn’t explain how you get the terminal out of the store, rebuild it at home, and then return it to the store without anyone noticing you took it; or for that matter the fact that it no longer actually works as a credit card terminal, but is just stealing CC numbers.

  5. It’s not so much about you replacing one at a store, it’s about a crooked shopkeeper putting one of these next to his till.

    What if instead of playing Tetris it said “PLEASE ENTER YOUR PIN”, and instead of authorizing your charge it stored your account information and PIN? (This is a form of card data theft known as “skimming”.) It could still print out “CHARGE APPROVED” and giving you a chocolate bar for free would be a small price to pay to get an account and PIN of a customer with good credit.

    The idea is that you’re supposed to be able to trust these terminals. How’s your trust level now?

  6. These things are actually quite secure! Your pin/card number is encrypted before it even leaves the unit. Not even the peeps at the store (save for the few with soldering irons handy) can service it: only the company that made it can get past the encryption.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.