You can break into almost any retail store’s credit card reader with 2 passwords

credit card readers password problems cashier 1
Canadian Couponing
It’s common knowledge that point-of-sale machines aren’t exactly the most secure pieces of technology in the world — you need only look at last year’s pilfering of Home Depot, Target, Neiman Marcus, Michael’s customer data for evidence of that — but the reality may be worse than previously thought. Researchers at cybersecurity firm Trustwave discovered that a vast majority of retailers fail to change the default password on their credit card readers. It’s usually 166816 or Z66816.

The researchers examined machines at more than 120 clothing, electronics, and local stores. The default password in many instances granted administrative access to the machines, Trustwave executive Charles Henderson explained at last week’s RSA security last week in San Francisco. Worst case scenario, that could enable any ruffian with the know-how to scrape payment data like credit card numbers and names.

A majority of the vulnerable terminals are manufactured by Verifone, but the company’s not necessarily the one to blame. “No one is changing the password when they set this up for the first time; everybody thinks the security of their point-of-sale is someone else’s responsibility,” Henderson told CNN Money. “We’re making it pretty easy for criminals.”

It’d be risky to try at a crowded outlet — the passwords are just lengthy enough that entering them would probably make you the target of suspicion — but the real potential for hacking arises from unsecured systems. Speaking to Digital Munition, Henderson described an instance  in which an employee inadvertently downloaded keylogging software onto a retail PoS system while attempting to install a pirated video game.

Verifone doesn’t believe there’s too much cause for concern. The passwords on new payment terminals expire periodically, a spokesperson said, and the company “hasn’t witness[ed] any attacks on the security of terminals based on default passwords.” All the same, it said retailers are “strongly advised to change the default password.”

You’d think that’d be common sense.

Emerging Tech

A.I.-generated text is supercharging fake news. This is how we fight back

A new A.I. tool is reportedly able to spot passages of text written by algorithm. Here's why similar systems might prove essential in a world of fake news created by smart machines.
Home Theater

Kanopy privacy breach reveals which movies members have been streaming

Free video streaming site, Kanopy, has been inadvertently publishing millions of lines of web log data for days, according to a new security report. A bad actor could guess a person's identity and see what they've been watching.
Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.

Free yourself! How to unlock a phone from the icy hands of your wireless carrier

Do you want to know how to unlock a phone through your carrier or a third-party service like DoctorSIM? Regardless of which way you want to go, we've compiled a list of requirements and methods for doing so.

Type away on the best iPad keyboard cases, from the Mini to the Pro

Whether you're looking to replace your laptop with a tablet or merely want to increase your typing speed, a physical iPad keyboard is the perfect companion to the iPad. Check out our top picks for every available iPad model.

Apple patent suggests Apple Watch bands could have built-in fitness indicators

Apple may be exploring ways to make Apple Watch bands a little more useful. A new patent has been filed by Apple that suggests Apple Watch bands could eventually have indicators for things like fitness goals.

Apple patents hint at improved Apple Store and unboxing experiences

It looks like Apple is working on ways to improve the Apple Store and product unboxing experiences. The company has been awarded a few patents, largely for tech that can be used in product packaging to ensure products stay charged.

Fossil made a smartwatch in 2004, and it’s part of a new brand retrospective

Fossil has been making watches for 35 years, and to celebrate the anniversary, it has a new retrospective exhibit complete with the first smartwatch it made — the Wrist Net watch from 2004.

Make some time for the best smartwatch deals for March 2019

Smartwatches make your life easier by sending alerts right on your wrist. Many also provide fitness-tracking features. So if you're ready to take the plunge into wearables and want to save money, read on for the best smartwatch deals.

Fossil is working on a smartwatch with BMW, and it’s coming next year

Fossil, the watch company that makes smartwatches under its own name and partners with other major brands too, intends to launch a smartwatch with car manufacturer BMW in the future.

Nokia phones are being investigated for allegedly sending data to China

Nokia could be in some hot water. According to recent reports, Nokia 7 models may be secretly sending data to China without the user knowing about it. Nokia says that the issue was a software bug and that it has been fixed.

Diesel’s denim-inspired smartwatch straps are a casual, colorful must-own

Diesel will release two new versions of the On Full Guard 2.5 smartwatch later this year, with seriously cool, denim-inspired straps in classic Diesel colors. We tried them on at the Baselworld 2019 show.
Movies & TV

Apple’s next big event is set for March 25: Here’s what you can expect

Apple's next big event takes place on March 25 in Cupertino, California. The company is expected to make several announcements related to its services, including Apple TV, so follow our guide to get ready for the big event.

Tips and tricks to get you started with your new Fitbit Inspire HR

The Inspire HR may be an entry-level fitness tracker in Fitbit's lineup, but the device still has plenty of features to explore. These are our favorite tips and tricks to help you use the Inspire HR to its fullest potential.