Skip to content

aaronj1335/the-geometry-of-innocent-signals-on-the-wire

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
ios
ios
 
 
report
report
 
 
sig
sig
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
server.py
server.py
 
 

Repository files navigation

overview

this is a project i did for my cs308s computer security course at university of texas. the goal was to explore the security of the square credit card reader. i believe the project was a success because i found a few different attack vectors, one of which seemed particularly relevant. the attack vectors and implementation details are available in the report.

tl;dr

as far as i can tell, there's nothing stopping another app from listening to a credit card swipe in the background. that means you could process a payment in the square app, and a malicious app could be skimming your credit card number in the background with no visible indication.

is it possible for this to happen in the wild? certainly. likely? probably not. the important thing is that it doesn't look like there are easy means of preventing the exploit. it would be extremely difficult to produce an unpowered encrypted card reader, so square would have to hope for an update to the ios api.

project details

shortcomings

the biggest shortcoming of the project is that i did not have an apple developer account, so all of my results are based on the ios simulator. i would love to hear about others' experiences reproducing these results on actual hardware.

another significant shortcoming of the project is the error handling. like most school projects, the focus was not on writing robust software, so ymmv with the analog-to-digital conversion code.

running the implementation

the project has several non-insignificant requirements:

  • xcode 4
  • python 2.7 (though 2.6 may work…)
  • scipy
  • a square credit card reader (free from the website)
  • an audio adapter if, like me, you're too cheap to get the apple developer account

once your system has the pre-requisites, you can decode card numbers yourself by connecting the card reader to your laptop via the adapter, firing up the server from the project directory by running:

$ ./server.py

and then compiling and running the 'Crooked' ios app in xcode. it's pretty rough, but if you start recording, swipe the card, and then stop recording, it sends the audio to the server, and recieves and displays the decoded number.

the report title

the report title is a nod to some fascinating work by Hovav Shacham, which gets its title from a bob dylan tune.

About

investigating the security of the square credit card reader

Resources

Readme
Activity

Stars

15 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages