[dedicate]

I'm curious: with that level of access, even if you can't directly grab PANs, what are the practical limitations? Could they, say, intercept user input before encryption, or cause targeted denials of service?

[Hilift]

Devices such as this are cloned and used for fraud. It can be done without triggering any of the sensors. Secret service confiscated multiple cloned devices in an enforcement operation recently in NYC.

"Recent incidents in the U.S. include criminals committing fraud through processing fraudulent return transactions. As part of the fraud scheme, criminals obtain Point-of-Sale (POS) devices—either from an acquirer or agent while posing as a merchant, from online resellers or auctions, or through theft—and program the POS devices with the credentials of a legitimate merchant, thus effectively cloning the unsuspecting merchant’s actual POS device. Criminals use the cloned POS devices to..."

https://cardsystems.com/point-of-sale-clone-fraud-activity/

[stgl]

I cannot tell for sure. I didn't have time to really look at the Linux applications and what they do exactly. My guess is that most of the sensitive stuff is done on mp1 (reading the card, verifying the pin etc.) and the Linux just acts as untrusted relay to the network. Denial of service should be possible in the sense that it could just put the system in a boot loop.

[robocat]

> Denial of service should be possible

That's sounds like an overcomplicatedengineer solution.

The 10x engineer uses a hammer to deny service.

Aside: I'm an artist-engineer. I like the performance art of using an oversized hammer to solve a problem that isn't obviously solved using a hammer - and I love the discovery process when my aims fail.