Internet > General Internet

Security ?

(1/2) > >>

JGO:
http://www.bbc.co.uk/news/technology-21058994

This sounds like a problem for people with desktops AND laptops. New one on me.

roseway:
It sounds like another of those security ideas which sound good initially, but just end up causing honest people more trouble.

kitz:
Well Ive come across problems with how swapping out a mobo can cause problems with Windows wanting revalidating, but not with credit cards.

If this is the case then it wouldnt only apply to swap out of motherboards, but also purchasing a new PC or even using a different PC than usual from within your own LAN.


--- Quote ---That MAC address has been communicated somewhere along the line to your ISP,"
--- End quote ---

Hmmmm...  wouldnt it require a packet sniffer to get the MAC address of the remote machine?   :-X
I could be wrong but I would have thought that any remote server requesting a MAC address via IP would hit the gateway/router first and that it would be the routers WAN port MAC would be returned.

I certainly was not aware of credit card companies recording MAC addresses each time you make a purchase!  I certainly dont see how its anything to do with the ISP?

sevenlayermuddle:

--- Quote from: kitz on January 29, 2013, 10:34:20 PM ---
--- Quote ---That MAC address has been communicated somewhere along the line to your ISP,"
--- End quote ---

Hmmmm...  wouldnt it require a packet sniffer to get the MAC address of the remote machine?   :-X
I could be wrong but I would have thought that any remote server requesting a MAC address via IP would hit the gateway/router first and that it would be the routers WAN port MAC would be

--- End quote ---

I'm doubtful too. 

So far as I recall, from the days when I worked for a living, the only MAC address is normally that in the packet header.  It identifies the device that sent the packet so, for example, a home PC would  see the MAC address of the home router.  I know of no way to see the MAC address of the remote computer.

But I may be missing something, always happy to stand corrected :)

CluelessInNotts:
No need for correction.  I think the reporter need a better security pundit.

Even if device fingerprinting or the ISP (ISP doing credit checks?) was able to get the MAC address it is not a very good fraud check.  I would not be a happy bunny if my card was blocked after using my credit card on my work machine during the day and then using it later at home on a different machine.

A fraudster is either going to use a number of different cards in a short interval of time from the same machine or make a lot of puchases using the same card in a very short space of time - the velocity rules.  This is likely what triggered the hold not changing the motherboard.

Navigation

[0] Message Index

[#] Next page

Go to full version