Teardown: VeriFone MX 925CTLS Payment Terminal

July 8, 2019 by Tom Nardi 53 Comments

Regular Hackaday readers may recall that a little less than a year ago, I had the opportunity to explore a shuttered Toys “R” Us before the new owners gutted the building. Despite playing host to the customary fixture liquidation sale that takes place during the last death throes of such an establishment, this particular location was notable because of how much stuff was left behind. It was now the responsibility of the new owners to deal with all the detritus of a failed retail giant, from the security camera DVRs and point of sale systems to the boxes of employee medical records tucked away in a back office.

Clipping from New York Post. September 24th, 2018.

The resulting article and accompanying YouTube video were quite popular, and the revelation that employee information including copies of social security cards and driver’s licenses were left behind even secured Hackaday and yours truly a mention in the New York Post. As a result of the media attention, it was revealed that the management teams of several other stores were similarly derelict in their duty to properly dispose of Toys “R” Us equipment and documents.

Ironically, I too have been somewhat derelict in my duty to the good readers of Hackaday. I liberated several carloads worth of equipment from Geoffrey’s fallen castle with every intention of doing a series of teardowns on them, but it’s been nine months and I’ve got nothing to show for it. You could have a baby in that amount of time. Which, incidentally, I did. Perhaps that accounts for the reshuffling of priorities, but I don’t want to make excuses. You deserve better than that.

So without further ado, I present the first piece of hardware from my Toys “R” Us expedition: the VeriFone MX 925CTLS. This is a fairly modern payment terminal with all the bells and whistles you’d expect, such as support for NFC and EMV chip cards. There’s a good chance that you’ve seen one of these, or at least something very similar, while checking out at a retail chain. So if you’ve ever wondered what’s inside that machine that was swallowing up your debit card, let’s find out.

Continue reading “Teardown: VeriFone MX 925CTLS Payment Terminal” →

Badge Bling And More At LayerOne 2018

May 29, 2018 by Roger Cheng 4 Comments

The security conference LayerOne 2018 took place this past weekend in Pasadena, California. A schedule conflict meant most of our crew was at Hackaday Belgrade but I went to LayerOne to check it out as a first-time attendee. It was a weekend full of deciphering an enigmatic badge, hands-on learning about physical security, admiring impressive demos, and building a crappy robot.

Continue reading “Badge Bling And More At LayerOne 2018” →

DEF CON: Tamper Evidence, Contests, And Embedded Talks

August 4, 2013 by Eric Evenchick 15 Comments

For day two of DEF CON, I checked out tamper evident devices, the contests area, and a few embedded talks. Read all about it after the break.

Continue reading “DEF CON: Tamper Evidence, Contests, And Embedded Talks” →

DEFCON 20 Tamper Evident Contest Signup

June 23, 2012 by Mike Szczys 8 Comments

DEFCON 20 is on its way and if you want to put a team together to compete in the Tamper Evident competition now is the time! The idea of the contest is simple: your team needs to break into something without anyone every knowing. The payload is protected by the best of modern tamper evident techniques. One of the things we really like about the competition is that there are multiple levels so if it’s your first time you DO stand a chance. The number of teams accepted is limited, so don’t wait too long and miss your chance to register.

There’s a ton to be learned from the contest RULES. But perhaps a better primer is going to be [Datagram’s] fifty-two minute talk which we’ve embedded after the break. He was one of the winners of all four contest levels at DEFCON 19 last year.

Continue reading “DEFCON 20 Tamper Evident Contest Signup” →