With Software, Till Tampering Is Hard to Find
By Roy Furchgott
August 29, 2008
http://www.nytimes.com/2008/08/30/technology/30zapper.html

As hard as zapper software is to detect, it is easy to make, said Jeff Moss, organizer of the annual hacker convention Def Con. “If it runs on a Windows system and you are a competent Windows administrator, you can do it,” he said.

According to analysts at the consulting firm Frost & Sullivan, 85 percent of all point-of-sale systems, as cash registers are called, run on the Windows operating system, although other systems are also vulnerable.

Don’t blame the operating system; blame the hardware. Modern technology has replaced paper and indelible pen (a twentieth-century write-once, read-only data collection and storage system with physical properties that make forgery difficult; see http://www.flickr.com/photos/stevegarfield/616793140/) with the technological equivalent of a Magic Slate (a 1970’s toy; see http://www.landofthelost.com/slate.htm), which is child’s play to alter.

Do electronic systems that record transactions on write-once storage even exist? The technology exists, and it’s dirt cheap. Why can’t businesses be required to keep permanent, inalterable transaction records? Ultimately it may be impossible to prevent a crooked business owner from embezzling from his or her own business or committing tax fraud. But why make life easy for them by allowing Magic Slates for accountability?