this post was submitted on 06 Apr 2024
881 points (98.6% liked)
Privacy
32120 readers
384 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Since we are sharing...
Holding down 1-5-9 or 3-5-7 can drop a POS card reader into debug mode, but it's brand dependent. (I have had it also crash the host terminals in some cases as well.)
also want to say that this is illegal in most places. The store may or may not press charges, but they have the right to and they will win that case if they do. So only do it if you know you can get away with it or have permission or don't mind having the stain on your legal record and whatever fine they hit you with
It's not destructive, nor can it really be considered illegal access. I suppose there is something illegal about it if it's classified as a DoS, I guess. There isn't much on a payment PED aside from an encryption key and maybe some network information.
Entering your PIN and accidentally hitting 3 buttons hardly seems like something to get charged with. How you leverage that for other things could easily be a problem.
All I am saying is that the likelihood of serious repercussion is very low. Still, I have to agree: Only do it with permission and with purpose.
Because why just hack it as much as you need to when you can go all the way? AMIRITE?
It serves a niché function in some situations. (Physical pen testing, in my case. I needed the person at the register gone in one case so I could setup a small network tap.)
was it really pen testing or just pen..ing😏
The only difference is who pays you to do it 😁