[cryptography] Fwd: Sykipot variant hijacks DoD and Windows smart cards

Ilya Levin ilevin at gmail.com
Tue Jan 17 03:14:29 EST 2012


> Interesting that we're finally starting to see these appear in practice,
> there's been a whole string of papers on MITM'ing smart cards (mostly in
> German, and related to online banking), but this is the first one I've seen
> that goes beyond proof-of-concept.

Peter, there were few quite far beyond proof-of-concept cases in
practice as far as I can tell. None made mainstream news (or public
news at all) for various reasons until now though.

It is not just German and online banking. I tried to bring attention
to the subject by talking about this issue since 2005 (see
http://www.literatecode.com/anses8 for example, or
http://www.literatecode.com/ac2010).

This is not the first-in-practice, there were pkcs11 proxies, 0-days
and other advanced persistent whatever before. The industry simply did
not care about that.

Regards,
Ilya



More information about the cryptography mailing list