I am impressed by today's Blackhat USA 2015 keynote by Jennifer Granick. One of her "areas of interests" is protecting hackers from persecution by governments and corporations. I wish I could meet her two years ago when I was finishing my book about payment security Hacking Point of Sale. So here is my book's keynote. This is first time I am publicly speaking about the real story behind the book. I was literally being threatened by my then employer - the point of sale software vendor. They did not want this book to be published so they could continue hiding the facts about real state of security of their products, holding information about vulnerabilities from public disclosure, and lulling their customers into a false sense of security. I was forced to leave my job. They did not fire me but I was placed in a "vacuum" environment where I could not productively work anymore. I don't regret at all because eventually I had an opportunity to develop my career at much better work places. However, many important facts and technical details were excluded from the book as a result of those events so I could protect myself and my family from persecution by corporate lawyers. The final version of the book is mostly focused on grim role of PCI DSS while shading a not less important role of POS vendors in an endless chain of card data breaches. Maybe if I had a support from some organizations and people like Jennifer Granick, I could prevent much more card data breaches which happened just about the same time the book was released (remember famous Target breach just to name one?). If I ever get a second chance (Wiley, how about second edition?), I will do my best to include more specifics and clues that would help retailers to avoid further breaches.
0 Comments
Leave a Reply. |
Books
![]() ![]() ![]() Recent Posts
Categories
All
Archives
January 2025
|