The majority of dialup credit card machines on the market do not work well with VOIP lines. If AT&T forces this change, a few hundred thousand small businesses will be forced into buying new machines.
I totally disagree with the parent. Theism/Atheism is having faith in the existence OR non-existence of a god (not necessarily a Christian god). Agnosticism is the lack of faith either way, which sounds quite reasonable to me as nobody has actually provided proof one way or the other, at least as far as I'm concerned. Why is it so difficult for some people to admit they they do NOT have the answer to a long standing question?
Also, it's a shame about Ireland. I may have to rethink ever visiting.
Are visitors going to be under the impression that the actual giver of testimony created the site, or will it be spelled out that you're the one doing it? It's not exactly a brain teaser of an ethical dilemma...
For every Guatemalan or Nicaraguan that makes it to the US and takes a job, that's less work for Mexicans. If they gatekeep their southern border they help to keep down their own competition...
What other costs would there be? That would be pretty cheap. I guess you'd have to get an ip subnet. For my comcast account that costs $60 a month, with theoretically 40 gigabytes, that's 0.15 cents per kB. Vs. your amount above of 0.02 cents per or about 7 times cheaper.
If I could pay 2k today to get a fiber internet connection to my house that wasn't limited by comcast, I'd do it in a second.
AVS and CVV2 are in fact tools that can be used to mitigate risk. The merchant can enter the billing address, zip code, as well as the CVV2 which is printed on the back of the card. The network response will indicate if they match up or not. It's not 100% fool proof, but it can help a non-swiping merchant mitigate the risk of fraud.
The only way a fraudster would be able to get their hands on the CVV2 would be to physically check the back of the card, hack the issuing bank's database, or lift it from another merchant's database. Technically though, the CVV2 should never be stored by a merchant as that would violate their agreement with the card issuer. I am not a lawyer, but I would think that if a merchant stores the CVV2, and the card info is stolen from them and then used fraudulently somewhere else, they could be held liable if it is traced back to them. There is also the possibility that an actual card holder might give it up due to a phishing scam, but if that's the case it's their own damn fault.
I work in the processing industry and have come to the conclusion that many fraudulent charges happen like this:
1. Merchant gets phone/internet order for a large amount of product/service. 2. AVS or CVV2 doesn't match but the merchant has dollar signs in their eyes and ships/provides service anyways. 3. Transaction turns out to be fraudulent. 4. Actual cardholder disputes transaction they didn't initiate. Merchant loses money from the sale, gets a chargeback fee, and can't get their product/service back. 5. Merchant decides to not accept future transactions unless the CVV2 & AVS match up, or the customer can adequately explain why they don't. 6. Merchant is now less likely to get scammed.
Many newer models use 3DES instead of DUKPT. The firm I work for already only ships 3DES compliant PIN pad units, as the processor we run our merchants through will soon require it.
In addition to the reasons listed by Ritchie in the parent post, simply plugging the PIN pad into the terminal without unplugging the power first will cause it to delete it's encryption key. We get to replace them quite often, when merchants attach them before reading the big red warning label we attach to the boxes we ship them in. We then get to ship the unencrypted PIN pad to our hardware supplier so they can reload the encryption key.
I'm sure the government of Canada accepts money in exchange for shipping the isotopes to other countries, be it to a public/private company or a government agency. It may not be bound to the same pressures as a shareholder driven corporation but to say money has absolutely no bearing on their decision would be naive.
I used to take a Cisco class in high school and the teacher thought DNS stood for 'distributed name server' and he STILL called them DNS servers even though it would be a redundant statement in his mind. Needless to say I knew more about routers than he did, lol. High school teachers.....
I know this is off topic, but why must so many people say "cry me a river" all the time? I see it at least once in every story posted to Slashdot as part of a rebuttal to something somebody else has said, and it seems the phrase is being used in increasing frequency since Justin Timberlake made a song called "Cry me a River". MY HEAD IS GOING TO EXPLODE IF YOU DONT STOP REMINDING ME OF THAT GODDAMN SONG, STOP IT!!!!!!! </RANT>
You may now return to your regularly scheduled Slashdot comment reading.
Slashdot Mirror
Youtube is a subsidiary of Google...
The majority of dialup credit card machines on the market do not work well with VOIP lines. If AT&T forces this change, a few hundred thousand small businesses will be forced into buying new machines.
If you think illegal immigrants never complain, then I'm guessing you've never met any.
I think you mean PA-DSS, which applies to payment application providers. PCI-DSS applies to the merchants themselves.
I totally disagree with the parent. Theism/Atheism is having faith in the existence OR non-existence of a god (not necessarily a Christian god). Agnosticism is the lack of faith either way, which sounds quite reasonable to me as nobody has actually provided proof one way or the other, at least as far as I'm concerned. Why is it so difficult for some people to admit they they do NOT have the answer to a long standing question?
Also, it's a shame about Ireland. I may have to rethink ever visiting.
Are visitors going to be under the impression that the actual giver of testimony created the site, or will it be spelled out that you're the one doing it? It's not exactly a brain teaser of an ethical dilemma...
Books are the last advertisement-free stronghold, the last place we can turn for entertainment that does not come loaded with advertisements.
I agree with everything you said except this. I'm guessing you haven't had a good hike or picnic in a while?
How about Hawthorne? Porn ads on every other page would be the only way I would ever consider reading The Scarlett Letter again.
Arizona does as well.
it's conceivable that the full text of LRH's teachings will similarly disappear from history
Not with torrents (as well as other sharing mechanisms) they won't.
For every Guatemalan or Nicaraguan that makes it to the US and takes a job, that's less work for Mexicans. If they gatekeep their southern border they help to keep down their own competition...
A rootkit in a VM could be used as a platform for launching attacks on nearby nodes, behind whatever firewall may be in place.
That's a good thing, as far as I'm concerned. Hopefully it will cause an institutional aversion to making crappy movies. That would be nice.
Ok I giggled. If your cat has a brain the size of a tennis ball then it's got a huge fucking head.
Whoosh. /He was making a dick joke. =]
I meant to reply to the parent. Sorry!
Speak for yourself, tubby. =]
What other costs would there be? That would be pretty cheap. I guess you'd have to get an ip subnet. For my comcast account that costs $60 a month, with theoretically 40 gigabytes, that's 0.15 cents per kB. Vs. your amount above of 0.02 cents per or about 7 times cheaper.
If I could pay 2k today to get a fiber internet connection to my house that wasn't limited by comcast, I'd do it in a second.
MightyYar was referring to this incident:
http://verizonmath.blogspot.com/2006/12/verizon-doesnt-know-dollars-from-cents.html
AVS and CVV2 are in fact tools that can be used to mitigate risk. The merchant can enter the billing address, zip code, as well as the CVV2 which is printed on the back of the card. The network response will indicate if they match up or not. It's not 100% fool proof, but it can help a non-swiping merchant mitigate the risk of fraud.
The only way a fraudster would be able to get their hands on the CVV2 would be to physically check the back of the card, hack the issuing bank's database, or lift it from another merchant's database. Technically though, the CVV2 should never be stored by a merchant as that would violate their agreement with the card issuer. I am not a lawyer, but I would think that if a merchant stores the CVV2, and the card info is stolen from them and then used fraudulently somewhere else, they could be held liable if it is traced back to them. There is also the possibility that an actual card holder might give it up due to a phishing scam, but if that's the case it's their own damn fault.
I work in the processing industry and have come to the conclusion that many fraudulent charges happen like this:
1. Merchant gets phone/internet order for a large amount of product/service.
2. AVS or CVV2 doesn't match but the merchant has dollar signs in their eyes and ships/provides service anyways.
3. Transaction turns out to be fraudulent.
4. Actual cardholder disputes transaction they didn't initiate. Merchant loses money from the sale, gets a chargeback fee, and can't get their product/service back.
5. Merchant decides to not accept future transactions unless the CVV2 & AVS match up, or the customer can adequately explain why they don't.
6. Merchant is now less likely to get scammed.
Many newer models use 3DES instead of DUKPT. The firm I work for already only ships 3DES compliant PIN pad units, as the processor we run our merchants through will soon require it.
In addition to the reasons listed by Ritchie in the parent post, simply plugging the PIN pad into the terminal without unplugging the power first will cause it to delete it's encryption key. We get to replace them quite often, when merchants attach them before reading the big red warning label we attach to the boxes we ship them in. We then get to ship the unencrypted PIN pad to our hardware supplier so they can reload the encryption key.
I'm sure the government of Canada accepts money in exchange for shipping the isotopes to other countries, be it to a public/private company or a government agency. It may not be bound to the same pressures as a shareholder driven corporation but to say money has absolutely no bearing on their decision would be naive.
besides, you need tin foil to make the hats work properly, not aluminum.....
I used to take a Cisco class in high school and the teacher thought DNS stood for 'distributed name server' and he STILL called them DNS servers even though it would be a redundant statement in his mind. Needless to say I knew more about routers than he did, lol. High school teachers.....
I know this is off topic, but why must so many people say "cry me a river" all the time? I see it at least once in every story posted to Slashdot as part of a rebuttal to something somebody else has said, and it seems the phrase is being used in increasing frequency since Justin Timberlake made a song called "Cry me a River". MY HEAD IS GOING TO EXPLODE IF YOU DONT STOP REMINDING ME OF THAT GODDAMN SONG, STOP IT!!!!!!!
</RANT>
You may now return to your regularly scheduled Slashdot comment reading.
update: it appears that they have changed their DNS tables to stave of a slashdotting. however, their IP address still points to their server!
/dev/null ; done
:)
while [ true ] ; do wget -O - http://64.78.42.11/benefits.asp >
let the slashdotting continue