Worldpay outs self as provider of easy-to-crack payment services Everyone knows the SHA-1 cipher is a relic that can be cracked without colossal effort. So why has Mozilla allowed Symantec to issue some new SHA-1 certificates? Mozilla participates in Web PKI, the effort overseeing the issuance of certificates allowing browsers to identify themselves to servers. The organisation has learned …
"They should have said no."
It's more complicated than that. Upgrading the devices isn't an option, one because the vendor has chosen to make them obsolete, two, replacement cost just by sheer numbers would be prohibititive, and three, you may not get to find out exactly which devices are obsolete till they stop working. It's easy to say that's not your job or your concern, but it will be someone's.
...because in some cases "upgrading" the devices is impossible by design as the threat model they were designed to resist is the possibility of someone installing changed code after the unit was certified and manufactured.
Some chips (PIC16's, for example) have 'fuses' built in specifically to ensure that once the firmware is programmed it can never be changed or read back again.
People forget that there is a business need with impact on revenue when you cut off obsolete devices... this is the difference between being a security nazi and driving business by being a security enabler. The important thing is, they know the risk, they are taking steps to fix it, but they just need a little more time...
"The important thing is, they know the risk, they are taking steps to fix it, but they just need a little more time..."
Several YEARS already. It's not as if this was sprung on them six months ago.
I'm betting that Worldpay will pitch for a SHA-1 extension when the current one expires.
Now that Mozilla have said "yes" once, they're in a position where Worldpay can sue them if they say no in future.
In Worldpay's defence, it's not exactly easy to migrate such a vast amount of legacy hardware. This is the bane of the in-shop payment world in general: a massive legacy network of ageing hardware. The amount of capital sunk in that network is shocking, it gets painful when you need to upgrade it and it's even worse when the majority of the kit isn't even yours.
HOWEVER..
They could have started a LOT earlier, from the moment it became evident that some protocols are simply no longer up to the job and that has been quite a while back. The victims here are not Worldpay, but the merchants (and thus their customers) who would be offline if it gets chopped right now. No doubt the bigger merchants would hit Worldpay with breach of contract or something, but I'm more worried about the smaller shops who don't have the margin to pay for court cases.
I'd give Worldpay at most another 6 months, and a message that that IS the deadline. No more margin.
Well, Worldpay is now on the hook for payment fraud liability of all those terminals that have not yet been upgraded. This could get interesting.
As a customer I would actually like to know who has those insecure devices because I would prefer NOT to shop there. I think we should be told, which could further increase the pressure on Worldpay to get on with it.
Well, Worldpay is now on the hook for payment fraud liability of all those terminals that have not yet been upgraded. This could get interesting.
No, they're not. You don't imagine (or perhaps you do) that Worldpay are the supplier of all the POS Terminals in the world, do you? In reality, there are hundreds of manufacturers and resellers, and lease companies where retailers buy or rent their payment systems from.
Worldpay do their best to support all these disparate devices, whilst at the same time trying to meet the latest security guidelines.
I'm sure if you were the owner of a small retail business, and Worldpay told you "oh, we're not supporting your payment system any more, you need to get a new one", you'd be really happy, wouldn't you.
Disclaimer: I used to work for Worldpay on their New Acquiring Platform (NAP - they are implementing whole card processing engine from scratch, replacing 30yo mainframe). I run away when contract finished :)
They do not provide terminals - they just send request to NCR and they send terminals and maintain them. So it is even more complicated as multiple businesses are involved.
But after seeing what was happening in NAP project I'm not surprised. This organisation is so heavily political, with even execs changing often. Security is a joke, no testing, changes of directions every year or 2, obsolete dev practices, etc. Nothing gets done there. Just check the reviews on Glassdoor.
The big news will be in year or 2 when NAP goes live. It has been built to such a bad standards it will all collapse. This one is just a little taster. Considering they are the biggest card processor in Europe and planning IPO, so it will be double whammy when share price also crashes down.
"I'm sure if you were the owner of a small retail business, and Worldpay told you "oh, we're not supporting your payment system any more, you need to get a new one", you'd be really happy, wouldn't you."
As a past owner of a small retail business, If Worldpay had said 2-3 years ago "These will stop being supported in 2-3 years. You need to update by then", it would have been put into the financial planning.
The only reason this would be sprung on small owners overnight would be criminal incompetence on the part of Worldpay - but then again this _is_ Worldpay....
Mozilla made the announcement about the phasing out of SHA-1 in 2014. For a company like WorldPay, with millions of terminals in use, that isn't enough time to address the issue. Just look at the way Windows XP lasted well beyond its life expectancy due to big businesses.
Mozilla made the announcement about the phasing out of SHA-1 in 2014
That may be so, but it was found to be too weak in 2005 and so, and in 2010 quite a lot of large organisations started to actively argue for its full retirement. It should not have taken a sunset declaration of Mozilla to START planning and executing migration work.
If anyone in that organisation had a clue about security (let me rephrase that: if anyone in management actually cared about security instead of exclusively focusing on the IPO), they would have been able to follow the shutdown of SHA1 with minimal issues.
WorldPay don't decide the contents of a PCI compliance program, the PCI body themselves do for a given level of compliance.
Some big businesses want the highest level of PCI compliance from their suppliers (i.e WorldPay). So that means the small ones have to comply to the same level.
If you're (unfortunate enough to be) a WorldPay customer, they have a scheme that they expect you to use (you can provide confirmation from another suitable body, but they then largely ignore you and just bill you as if you're not compliant for a few months whilst you get them to read a PDF), attesting your compliance.
That process (saferpayments) requires you to attest that the terminal THEY provide is compliant. Which it is it not possible to do. Except if you don't, you can't complete the attesting and thus get screwed for fees.
The first sentence say it all about the level of the research effort the author has made! Currently, there are only theoretical attacks know against sha1. These weaken the security from 2^80 to 2^61. While this is quite a dramatic decrease in effort needed, it is still beyond capabilities of your average crime lord. Perhaps a NSA could do it though. So please stop spreading FUD and do your research!
Except SHA-1 isn't a cipher. And, if it can "be cracked without colossal effort", go ahead and publish your chosen-prefix attack that was so easy to do. Yes, they should have updated earlier but this article is FUD and authored by someone who obviously knows little about crypto or the payments industry.
Looking at Mozilla's list of authorized CA's in Firefox, noticed several bad authorities still getting updated with certs for several different country's intelligence agencies, including PM/SGDN - IGC/A (The French intelligence agency that was caught issuing fraudulent *.google.com / *.gmail.com certificates a few years back).
The worst part is that Firefox re-adds them whenever it updates. I've gone the route of setting up a proxy server that does crypto re-encapsulation so all my clients just see the one certificate. My proxy only trusts a very small number of vetted Certificate Authorities.
Payment terminals using sslv3 and sha-1 cert's won't be hacked so soon. This is not http with cookies and bad crypto implementation. It's proprietary messaging and the vuln's we take for granted are not applicable.
You guys are falling for a perception issue because you don't understand payment. Besides, any terminal doing p2pe or just e2ee and card data is inaccessible for a 1000 years
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
