What it has is a city run fiber-to-the-house system. Basically, it works in that just about any provider can signup and provide service on the network, so you get your choice of internet providers while operating on the same network. You can checkout the background here: http://www.utopianet.org/ . The service also allows for more than just internet, you can run IPTV and VOIP services over it as well, on separate chunks of bandwidth so your phone doesn't drop out when you're downloading your "used car ads" from usenet.
One of the providers is a bit cheaper ( MStar ), but from the reviews (on dslreports) I have read, it's pretty crappy service. They have low monthly bandwidth caps, do torrent filtering, and seem to have a tough time letting their users hit anything near their purchased transfer rates. So, this may sound like your local cable company, but there is one important difference: There are more providers than this one using those same fiber lines.
I'm using XMission ( http://www.xmission.com/ ) as my service provider, and so far it's been a pretty much perfect experience. The first day, I decided to test the limits of my pipe, and I seeded two different distro ISO downloads through bittorrent. My results were what I had expected, when I was downloading, I got up to the advertised 15Mb/s, and when I was seeding it would hit 15Mb/s as well. So, UTOPIA has given me the choice of if I want the cheaper service with a lower QoS, or the more expensive service that is rock-solid.
Overall, I would say that having this network available has made things like network neutrality much less important to me, because I know if the ISP I am on should ever go evil, I can just make a quick phone call and switch to one of the other providers on the line. It's amazing the service offerings you can get when you get the free-market back in full swing, and for the suckers still on Comcast the added competition has forced them to drop their prices in the area to $33/month (well, at least until you add in all the random taxes + fees + surcharges), so even the big guys are having to play along. The best part of this all is that the city doesn't actually pay for the fiber at all unless the project fails, so the only question is why all of the towns in this area don't have it already.
Some of the other providers will block things, but XMission doesn't block anything. Well, I believe they block port 25 outbound to anything other than their mail server if you get any abuse complaints, but other than that I have not noticed anything.
I run my own email server (with greylisting), a web server which I have both my personal site and do demos for clients. A few of them have remarked on how fast my demo server is. The only limit I have is a 100GB/month total transfer limit. Another one of the providers is cheaper and may do some blocking and only allows for 5GB/month transfer.
See, having the choice gives you power. Had I wanted a slightly slower, and slightly cheaper account, I could have gotten it at the expense of a smaller transfer limit and some port blocking. I decided to go the slightly more expensive route (I think it's about $5 more a month) and get everything that I wanted.
So, over here in the flyover country in a little state called Utah, a bunch of the cities have gotten together and done something great. These cities have decided that letting one company run the phone and another run the cable TV has gone on long enough. They have run their own fiber, and operate it like the roads. Equal access from anyone to anyone. Their website is http://www.utopianet.org/
Now, instead of getting crazy plans with no upload and bad ping times, I have my choice of four different providers for data, three (soon to be four) for voice, and three for video. All running on the same set of community fiber. The data plan I'm on right now is 15mbps SYMMETRIC for around $45/month. Business plans through this same company ( http://www.xmission.com/ ) give you a full 30mbps for $110/month. Oh, and I get a 26ms ping time to google, and 2ms ping time to my ISP.
If you had options like this, you wouldn't need to worry about the net neutrality bills, because if your service provider started degrading service for something you liked, you could just jump ship because there would be plenty of other options for you. You wouldn't be stuck under the iron fist of some "controlled" monopoly.
Seriously, call your city council and ask them why your city isn't this cool yet. I mean, if Utah can do it... what's stopping your state?
The reason your customer is buying your product is because they don't want to (or can't) write the entire thing from scratch. I'm pretty sure that they are also in an entirely different field. They don't want to sell your product. They don't want to create a product and steal your source code. They are in the business of doing something different, and they are probably planning on staying in that business.
Overall, I think you are worrying more than it is worth. Just have some legal agreements put together, and if it is compiled code, make them use a precompiled (.o file) licence manager that contacts your server to make sure that they are on the level. Overall however, I wouldn't worry about it, those guys have a business to run over there, their first thought is not to try and steal it and run their business on your work. The company I work for will let anyone have access to the source code of their system. It's still copyright us, and so they can't stop paying the licence fees and continue to use it. Overall, it's been a big boon, because there are a lot of places out there that won't run their important internal data through a hosted datacenter.
Regarding some outside hacker getting access to your source code. It's a worry, but most businesses aren't going to run some random illegal source code that they found on the internet somewhere, they want support, they don't want a huge legal liabilty from running something some IT guy found off of a Warez site. Also, unless you are never planning on updating your software again, by the time it gets out there, you'll probably have the next release all ready to go.
That's my opinion from someone who has given out commercial source code so customers can modify it to suit their needs.
I live in a suburb of Salt Lake City, Utah. Midvale is what it is called, picked me up a bit of a 2400 sqft fixer-upper (visual defects only) on a half-acre of land for 174,000. A fairly new house down the street runs for around 300,000.
There are a lot of towns around the area that have UTOPIA, a lot of them are not suburbs and tiny towns that you would never think that they would have a city-wide fiber optic system.
Thank the bandwidth gods for UTOPIA, a community fiber-optic system. 15Mbit symmetric. I've had LAN's slower than this, and I get a 2ms ping time to XMission's border router. Logged on to counter-strike, and found a few games being hosted at my isp with under 10ms pings. It's amazing what can happen when you get the damn telcos out of the way.:::.. Download Stats..::: Connection is:: 14320 Kbps about 14.32 Mbps (tested with 12160 kB) Download Speed is:: 1748 kB/s Tested From:: http://testmy.net/ (Server 2) Test Time:: 2006/06/01 - 11:34pm Bottom Line:: 250X faster than 56K 1MB Download in 0.59 sec Tested from a 12160 kB file and took 6.956 seconds to complete Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.0.3) Gecko/20060326 Firefox/1.5.0.3 (Debian-1.5.dfsg+1.5.0.3-1) Diagnosis: Awesome! 20% + : 85.68 % faster than the average for host (xmission.com) Validation Link:: http://testmy.net/stats/id-QIOGKAJMB
You can't play a single Xbox game on an Xbox 360 with the hard drive.
However, you don't need Xbox live or broadband access to download the backwards compatibility patches, you can get them off of Microsoft's site and burn them to a CD and it will run the patches from there.
Well, I am a micropayment vendor, I have built a system where you can pay just 1 cent online. It's all there, and it's all built to scale. I have someone who has committed funding to buy whatever servers are needed when the first large site signs up.
I've talked to the New York times (all the way up to the top of the company), all I got there was "We are very interested, but are working on some other things right now, so we will contact you sometime in September."
I've talked to Slashdot, who responded that they thought it was a great fit, but they were going to have to look into it more.
I've talked to Consumer Reports, who are interested, but still have to pass it around some more.
I built this system over three years ago, and have updated it numerous times (currently, it will scale as far as you want it to go). The system also allows for a universal login system so that you have a different unique ID with every site you go to (so your logins information cannot be tracked accross multiple sites). I'm even adding SOAP support so that services other than web services can use this system (say, if an online MMORPG wanted to be able to use micropayments). There is even a system in place so you can have a nag screen (The site is free, but it will bug you every 2 hours to pay money, or continue browsing for free).
The problem I have found so far, is that noone wants to be the first person in. Everyone likes the idea, and is interested in implementing it (probably gotten this response from at least 50 newspapers around the US), but they all seem scared of change. I always figured that even if you drop readership, you are making money of those that stayed, as opposed to making no money off of everyone.
Anyways, I have the site up on some shared hosting, so it's not going to be particularly fast, but it's just a demo and you can get to it here: https://www.i15h.com/
Some quick and dirty demo sites I setup are here: http://subdemo.i15h.com/ (a simple online RSS reader, put together in 20 minutes, demonstrates online subscriptions) http://itemdemo.i15h.com/ (a little photo gallery, where you can buy photos of feet)
If any of you want to use micropayments on your website, or know of any webmasters that might, feel free to contact me at: rob@internettollbooth.com
So, I have a mail system setup, it's running around 70 domains, and 500 email accounts.
I am using courier as the mta, and courier as the pop, and courier as the imap.
The courier makes a fine MTA, but you do have to tweak a few of it's settings to make it more wideopen to allow it to connect to misconfigured exchange servers.
Other than that it has been great. I have a email account management system that I wrote that lets each domain have admin users that can add and delete accounts as they please.
I have SpamAssassin setup for some users (most of them post their email addresses in plain text on their websites) and even with that load, there is still plenty more capability in this little server.
Now, if you want a system that scales to tens of thousands of users, you are going to need to get something a little bigger than this, you are going to need to get a mail system that can distribute the messages over a number of servers. That is something I have not researched.
This is a game that I used to play from a long time back, but it is still very fun and very fast paced.
(It is 2-d, and will run on anything)
http://xblast.sf.net/ seems to be the latest place for it, and they have precompiled win32 binaries for you too.
My first suggestion would be to switch from point-to-point to frame relay connections. It will add a bit of overhead, and a touch of lag, but overall, it will let your T1's "data" move through your provider's network to work around bad spots.
Secondly, your SLA with your service provider should give you quite a bit of leverage. With point-to-point connections, some service providers will only offer 2 nines, which would mean about three and a half days of downtime a year. It's not really cost-effective to build redundant datapaths for point-to-point connections, so along the entire path there are probably many points of failure.
Throw a keylogger on that RJ-11 jack all you want, go nuts. All you get out of the pin pad is encrypted data. That is how they are built, so that even if the verifone/tranz terminal is totally in the hands of a hacker, your pin number is still safe.
Now, on the other hand, a fake membrane keyboard placed over the real membrane keyboard could capture keys very easily.
Building a compatible pinpad however, is impossible, because you need the secret 3DES key used to encrypt the pin pad data, along with a unique pad and transaction counter so that your device would look legitimate to the verifying party. That 3DES key is pretty well kept a secret, so the better way to do it would be to place a fake pinpad where the customer can see it, and as a clerk, manually type in the pin as the customer types it. And one step easier would be to just write down the number that the customer is typing.
Everything, including your card number, expiration date, and cardholder name are sent in both deliminated formats, and in the raw data from the magstripe, are sent in plain text over the modem connection to the merchant banking datacenter. But that's not what I would be worrying about if I were you, because the store also prints out that information on a reciept that they store in their cash regisiter, and some clerk could just take that little slip of paper home with him and noone would be the wiser, and that my friend, is probably the weakest link in the chain.
They are also experimenting with TCP/IP data over the internet, but I never got any specs for that, so I can't tell you how secure that is.
(Sorry for the late reply, hopefully you will get this)
Well, the fancy/secure boxes are what are REQUIRED in order to process debit cards. In order to verify your pin, you have to send that exact block of 3DES encrypted pin data along with the rest of the debit card information. The pin is encrypted at the pin-pad level, and has an encryption key stored on it by the same people that keep the internal credit/debit-card network of banks secure. If your pin pad isn't certified by them, they won't put their key on your pad, and your pad will be totally useless.
I have written software for the credit card terminals.
The pin pad is the only device in that chain that is secured at all. The pin pad is tested, and has to meet very, very tough standards. Your pin is not stored on the device, and the credit card terminal cannot get the actual pin number from the pin pad. All that comes from the pin pad is a big pile of "garbage" that is some sequentially ordered 3DES encrypted data that at one time resembled your PIN number. This block of encrypted data cannot be retransmitted, and if it is, it will be denied.
During our testing phase with the terminal (not the PIN pad, we just bought those from someone else), the other programmer that was working on the code messed up some offsets and was not giving the correct PIN data to the test site. This got right past the testing, because even the merchant services test system cannot decrypt the data that comes out of the PIN pads. The rest of your data (including the entire contents of your magnetic strip, which in no way shape or form contain your pin number), is just sent across the wire in plaintext via 2400 bps modems. There was also no security testing of our terminal at all, and there is not even a requirement that credit card numbers aren't stored.
So, the moral of this story is this: If there is one thing to trust in the whole credit card processing world, it is this: Your PIN is the most secure part, unless the PIN pad has been tampered with (aka, has a new set of buttons over the old set of buttons, or a camera to capture your finger movements, because opening up a PIN pad will destroy the key stored on the pad, and will render it useless) that part is secure.
A reply to #1 (because I have no idea what #2 is really like, I've heard stories both ways)
MySQL with the release of version 4.0 changed the licence of it's libraries from LGPL (commercial code can link to these libraries) to GPL (commercial code cannot link to these libraries, anything that does becomes GPL). Any program you write that uses the mysql libraries is considered a derivative work by the GPL. So unless you write your own mysql libraries (to the undocumented wire-protocol of mysql 4.0), you have to buy a license for anything not open source.
This was the biggest reason for my move to Postgres. I make my living building web applications for people, my clients get the source code so that they can make modifications, but not the right to redistribute the source code (unless I use anything GPL, then they get the full GPL licence). So it's nice to be able to use a proper database server, and support the developers of that database server without having to open the source of everything I create. (Most things I create however, would just be another useless entry on freshmeat, so I don't feel too bad about not contributing these things back)
Just a quick recommendation from someone with a little nephew. Avoid wireless mice and keyboards like the plague. Sooner or later, those mice and keyboards become intriging targets to play hide and seek with.
It's all fun and games until they decide that hiding in their cereal is a good spot.
1) That I don't know, they have always lagged a bit, but typically they eventually catch up to near what the windows release does.
2) There are 64-bit versions of the nVidia drivers for amd64, they work great, I'm using them right now. The rest of the kernel has been 64-bit capable for many, many moons so no worries there. There are a bunch of amd64 distros out there, Gentoo, SuSE, and I'm using an unofficial port of debian to amd64, which by the way works great.
3) Again, no info.
4) There is a little installer, they package a few libs in with it, but with a small change to the installer, it worked great on debian/amd64. But it's basically just a raw binary, no.rpm/.deb/.pkg or anything.
I'm just commenting on one section.
The GC has uses for all of it's expansion ports. And you can fill them all up if you want.
There are two serial ports, one low speed (which you can stick a modem in, I believe, it's empty on mine), and a "high" speed which you can stick an ethernet adapter in, which are actually pretty hard to get ahold of and sell out whenever the get into stores (from what the managers have told me), the ethernet is supposidly 10/100, but all games only use it at 10. The other expansion bus is a single-purpose device, it's a GBA emulator that attaches to the bottom of the GC, it's pretty handy, although the games on the GBA which require a lot of hitting the L/R buttons get old fast.
Just letting you know that the GC has expansion options, even if one of them is only usable for a single purpose.
Throwing the Elephant - It's a great book on how to deal with management, and even on how to start to control your managers. It will also give you a few helpful hints on how to survive, and I'll give you the first one for free, give up hope of things ever getting any better, because they are only going to get worse.
How To Win Friends and Influence People - This book will give you a complete guide to being a very, very effective asskisser. Sometimes this is the only way, it will let you turn that arch-enemy of a boss into a friend. Hey, it might be the only way out.
Slashdot Mirror
The town that I'm in (in Utah) did one better.
What it has is a city run fiber-to-the-house system. Basically, it works in that just about any provider can signup and provide service on the network, so you get your choice of internet providers while operating on the same network. You can checkout the background here: http://www.utopianet.org/ . The service also allows for more than just internet, you can run IPTV and VOIP services over it as well, on separate chunks of bandwidth so your phone doesn't drop out when you're downloading your "used car ads" from usenet.
One of the providers is a bit cheaper ( MStar ), but from the reviews (on dslreports) I have read, it's pretty crappy service. They have low monthly bandwidth caps, do torrent filtering, and seem to have a tough time letting their users hit anything near their purchased transfer rates. So, this may sound like your local cable company, but there is one important difference: There are more providers than this one using those same fiber lines.
I'm using XMission ( http://www.xmission.com/ ) as my service provider, and so far it's been a pretty much perfect experience. The first day, I decided to test the limits of my pipe, and I seeded two different distro ISO downloads through bittorrent. My results were what I had expected, when I was downloading, I got up to the advertised 15Mb/s, and when I was seeding it would hit 15Mb/s as well. So, UTOPIA has given me the choice of if I want the cheaper service with a lower QoS, or the more expensive service that is rock-solid.
Overall, I would say that having this network available has made things like network neutrality much less important to me, because I know if the ISP I am on should ever go evil, I can just make a quick phone call and switch to one of the other providers on the line. It's amazing the service offerings you can get when you get the free-market back in full swing, and for the suckers still on Comcast the added competition has forced them to drop their prices in the area to $33/month (well, at least until you add in all the random taxes + fees + surcharges), so even the big guys are having to play along. The best part of this all is that the city doesn't actually pay for the fiber at all unless the project fails, so the only question is why all of the towns in this area don't have it already.
Broken, over 1 year old, Microsoft replaced without any hassle. Shipped me back a replacement unit instead of repairing.
Some of the other providers will block things, but XMission doesn't block anything. Well, I believe they block port 25 outbound to anything other than their mail server if you get any abuse complaints, but other than that I have not noticed anything.
I run my own email server (with greylisting), a web server which I have both my personal site and do demos for clients. A few of them have remarked on how fast my demo server is. The only limit I have is a 100GB/month total transfer limit. Another one of the providers is cheaper and may do some blocking and only allows for 5GB/month transfer.
See, having the choice gives you power. Had I wanted a slightly slower, and slightly cheaper account, I could have gotten it at the expense of a smaller transfer limit and some port blocking. I decided to go the slightly more expensive route (I think it's about $5 more a month) and get everything that I wanted.
So, over here in the flyover country in a little state called Utah, a bunch of the cities have gotten together and done something great. These cities have decided that letting one company run the phone and another run the cable TV has gone on long enough. They have run their own fiber, and operate it like the roads. Equal access from anyone to anyone. Their website is http://www.utopianet.org/
Now, instead of getting crazy plans with no upload and bad ping times, I have my choice of four different providers for data, three (soon to be four) for voice, and three for video. All running on the same set of community fiber. The data plan I'm on right now is 15mbps SYMMETRIC for around $45/month. Business plans through this same company ( http://www.xmission.com/ ) give you a full 30mbps for $110/month. Oh, and I get a 26ms ping time to google, and 2ms ping time to my ISP.
If you had options like this, you wouldn't need to worry about the net neutrality bills, because if your service provider started degrading service for something you liked, you could just jump ship because there would be plenty of other options for you. You wouldn't be stuck under the iron fist of some "controlled" monopoly.
Seriously, call your city council and ask them why your city isn't this cool yet. I mean, if Utah can do it... what's stopping your state?
How about just trusting your customer?
The reason your customer is buying your product is because they don't want to (or can't) write the entire thing from scratch. I'm pretty sure that they are also in an entirely different field. They don't want to sell your product. They don't want to create a product and steal your source code. They are in the business of doing something different, and they are probably planning on staying in that business.
Overall, I think you are worrying more than it is worth. Just have some legal agreements put together, and if it is compiled code, make them use a precompiled (.o file) licence manager that contacts your server to make sure that they are on the level. Overall however, I wouldn't worry about it, those guys have a business to run over there, their first thought is not to try and steal it and run their business on your work. The company I work for will let anyone have access to the source code of their system. It's still copyright us, and so they can't stop paying the licence fees and continue to use it. Overall, it's been a big boon, because there are a lot of places out there that won't run their important internal data through a hosted datacenter.
Regarding some outside hacker getting access to your source code. It's a worry, but most businesses aren't going to run some random illegal source code that they found on the internet somewhere, they want support, they don't want a huge legal liabilty from running something some IT guy found off of a Warez site. Also, unless you are never planning on updating your software again, by the time it gets out there, you'll probably have the next release all ready to go.
That's my opinion from someone who has given out commercial source code so customers can modify it to suit their needs.
I live in a suburb of Salt Lake City, Utah. Midvale is what it is called, picked me up a bit of a 2400 sqft fixer-upper (visual defects only) on a half-acre of land for 174,000. A fairly new house down the street runs for around 300,000. There are a lot of towns around the area that have UTOPIA, a lot of them are not suburbs and tiny towns that you would never think that they would have a city-wide fiber optic system.
Thank the bandwidth gods for UTOPIA, a community fiber-optic system. 15Mbit symmetric. I've had LAN's slower than this, and I get a 2ms ping time to XMission's border router. Logged on to counter-strike, and found a few games being hosted at my isp with under 10ms pings. It's amazing what can happen when you get the damn telcos out of the way. :::.. Download Stats ..:::
Connection is:: 14320 Kbps about 14.32 Mbps (tested with 12160 kB)
Download Speed is:: 1748 kB/s
Tested From:: http://testmy.net/ (Server 2)
Test Time:: 2006/06/01 - 11:34pm
Bottom Line:: 250X faster than 56K 1MB Download in 0.59 sec
Tested from a 12160 kB file and took 6.956 seconds to complete
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.0.3) Gecko/20060326 Firefox/1.5.0.3 (Debian-1.5.dfsg+1.5.0.3-1)
Diagnosis: Awesome! 20% + : 85.68 % faster than the average for host (xmission.com)
Validation Link:: http://testmy.net/stats/id-QIOGKAJMB
Has a blown up image of the nipple, in case you are into that. And also a good, well-rounded view on the entire situation.
You can't play a single Xbox game on an Xbox 360 with the hard drive.
However, you don't need Xbox live or broadband access to download the backwards compatibility patches, you can get them off of Microsoft's site and burn them to a CD and it will run the patches from there.
If you are going to link a list, at least link the correct one:
Microsoft's Official Xbox 360 backwards compatibility list
Still irritates me that Serious Sam II is not on that list.
Well, I am a micropayment vendor, I have built a system where you can pay just 1 cent online. It's all there, and it's all built to scale. I have someone who has committed funding to buy whatever servers are needed when the first large site signs up.
I've talked to the New York times (all the way up to the top of the company), all I got there was "We are very interested, but are working on some other things right now, so we will contact you sometime in September."
I've talked to Slashdot, who responded that they thought it was a great fit, but they were going to have to look into it more.
I've talked to Consumer Reports, who are interested, but still have to pass it around some more.
I built this system over three years ago, and have updated it numerous times (currently, it will scale as far as you want it to go). The system also allows for a universal login system so that you have a different unique ID with every site you go to (so your logins information cannot be tracked accross multiple sites). I'm even adding SOAP support so that services other than web services can use this system (say, if an online MMORPG wanted to be able to use micropayments). There is even a system in place so you can have a nag screen (The site is free, but it will bug you every 2 hours to pay money, or continue browsing for free).
The problem I have found so far, is that noone wants to be the first person in. Everyone likes the idea, and is interested in implementing it (probably gotten this response from at least 50 newspapers around the US), but they all seem scared of change. I always figured that even if you drop readership, you are making money of those that stayed, as opposed to making no money off of everyone.
Anyways, I have the site up on some shared hosting, so it's not going to be particularly fast, but it's just a demo and you can get to it here: https://www.i15h.com/
Some quick and dirty demo sites I setup are here:
http://subdemo.i15h.com/ (a simple online RSS reader, put together in 20 minutes, demonstrates online subscriptions)
http://itemdemo.i15h.com/ (a little photo gallery, where you can buy photos of feet)
If any of you want to use micropayments on your website, or know of any webmasters that might, feel free to contact me at: rob@internettollbooth.com
So, I have a mail system setup, it's running around 70 domains, and 500 email accounts.
I am using courier as the mta, and courier as the pop, and courier as the imap.
The courier makes a fine MTA, but you do have to tweak a few of it's settings to make it more wideopen to allow it to connect to misconfigured exchange servers.
Other than that it has been great. I have a email account management system that I wrote that lets each domain have admin users that can add and delete accounts as they please.
I have SpamAssassin setup for some users (most of them post their email addresses in plain text on their websites) and even with that load, there is still plenty more capability in this little server.
Now, if you want a system that scales to tens of thousands of users, you are going to need to get something a little bigger than this, you are going to need to get a mail system that can distribute the messages over a number of servers. That is something I have not researched.
This is a game that I used to play from a long time back, but it is still very fun and very fast paced. (It is 2-d, and will run on anything) http://xblast.sf.net/ seems to be the latest place for it, and they have precompiled win32 binaries for you too.
My first suggestion would be to switch from point-to-point to frame relay connections. It will add a bit of overhead, and a touch of lag, but overall, it will let your T1's "data" move through your provider's network to work around bad spots.
Secondly, your SLA with your service provider should give you quite a bit of leverage. With point-to-point connections, some service providers will only offer 2 nines, which would mean about three and a half days of downtime a year. It's not really cost-effective to build redundant datapaths for point-to-point connections, so along the entire path there are probably many points of failure.
Throw a keylogger on that RJ-11 jack all you want, go nuts. All you get out of the pin pad is encrypted data. That is how they are built, so that even if the verifone/tranz terminal is totally in the hands of a hacker, your pin number is still safe.
Now, on the other hand, a fake membrane keyboard placed over the real membrane keyboard could capture keys very easily.
Building a compatible pinpad however, is impossible, because you need the secret 3DES key used to encrypt the pin pad data, along with a unique pad and transaction counter so that your device would look legitimate to the verifying party. That 3DES key is pretty well kept a secret, so the better way to do it would be to place a fake pinpad where the customer can see it, and as a clerk, manually type in the pin as the customer types it. And one step easier would be to just write down the number that the customer is typing.
Nope, no encryption other than your PIN.
Everything, including your card number, expiration date, and cardholder name are sent in both deliminated formats, and in the raw data from the magstripe, are sent in plain text over the modem connection to the merchant banking datacenter. But that's not what I would be worrying about if I were you, because the store also prints out that information on a reciept that they store in their cash regisiter, and some clerk could just take that little slip of paper home with him and noone would be the wiser, and that my friend, is probably the weakest link in the chain.
They are also experimenting with TCP/IP data over the internet, but I never got any specs for that, so I can't tell you how secure that is.
(Sorry for the late reply, hopefully you will get this)
Well, the fancy/secure boxes are what are REQUIRED in order to process debit cards. In order to verify your pin, you have to send that exact block of 3DES encrypted pin data along with the rest of the debit card information. The pin is encrypted at the pin-pad level, and has an encryption key stored on it by the same people that keep the internal credit/debit-card network of banks secure. If your pin pad isn't certified by them, they won't put their key on your pad, and your pad will be totally useless.
I hope that this clears that up for you.
I have written software for the credit card terminals.
The pin pad is the only device in that chain that is secured at all. The pin pad is tested, and has to meet very, very tough standards. Your pin is not stored on the device, and the credit card terminal cannot get the actual pin number from the pin pad. All that comes from the pin pad is a big pile of "garbage" that is some sequentially ordered 3DES encrypted data that at one time resembled your PIN number. This block of encrypted data cannot be retransmitted, and if it is, it will be denied.
During our testing phase with the terminal (not the PIN pad, we just bought those from someone else), the other programmer that was working on the code messed up some offsets and was not giving the correct PIN data to the test site. This got right past the testing, because even the merchant services test system cannot decrypt the data that comes out of the PIN pads. The rest of your data (including the entire contents of your magnetic strip, which in no way shape or form contain your pin number), is just sent across the wire in plaintext via 2400 bps modems. There was also no security testing of our terminal at all, and there is not even a requirement that credit card numbers aren't stored.
So, the moral of this story is this: If there is one thing to trust in the whole credit card processing world, it is this: Your PIN is the most secure part, unless the PIN pad has been tampered with (aka, has a new set of buttons over the old set of buttons, or a camera to capture your finger movements, because opening up a PIN pad will destroy the key stored on the pad, and will render it useless) that part is secure.
A reply to #1 (because I have no idea what #2 is really like, I've heard stories both ways)
MySQL with the release of version 4.0 changed the licence of it's libraries from LGPL (commercial code can link to these libraries) to GPL (commercial code cannot link to these libraries, anything that does becomes GPL). Any program you write that uses the mysql libraries is considered a derivative work by the GPL. So unless you write your own mysql libraries (to the undocumented wire-protocol of mysql 4.0), you have to buy a license for anything not open source.
This was the biggest reason for my move to Postgres. I make my living building web applications for people, my clients get the source code so that they can make modifications, but not the right to redistribute the source code (unless I use anything GPL, then they get the full GPL licence). So it's nice to be able to use a proper database server, and support the developers of that database server without having to open the source of everything I create. (Most things I create however, would just be another useless entry on freshmeat, so I don't feel too bad about not contributing these things back)
Just a quick recommendation from someone with a little nephew. Avoid wireless mice and keyboards like the plague. Sooner or later, those mice and keyboards become intriging targets to play hide and seek with. It's all fun and games until they decide that hiding in their cereal is a good spot.
Well, it will work, but you can't compile that in a C++ compiler. And since he is going for C#, I'm pretty sure that that one will fail also.
In case you didn't spot it yourself, you can't use the word 'new' as a variable name in a C++ compiler without defining your code as extern'ed C code.
Yes, I know I'm being pendantic, I've had to clean up too many a schema that used SQL reserved words for column names, so I'm picky nowdays.
1) That I don't know, they have always lagged a bit, but typically they eventually catch up to near what the windows release does.
.rpm/.deb/.pkg or anything.
2) There are 64-bit versions of the nVidia drivers for amd64, they work great, I'm using them right now. The rest of the kernel has been 64-bit capable for many, many moons so no worries there. There are a bunch of amd64 distros out there, Gentoo, SuSE, and I'm using an unofficial port of debian to amd64, which by the way works great.
3) Again, no info.
4) There is a little installer, they package a few libs in with it, but with a small change to the installer, it worked great on debian/amd64. But it's basically just a raw binary, no
I'm just commenting on one section. The GC has uses for all of it's expansion ports. And you can fill them all up if you want. There are two serial ports, one low speed (which you can stick a modem in, I believe, it's empty on mine), and a "high" speed which you can stick an ethernet adapter in, which are actually pretty hard to get ahold of and sell out whenever the get into stores (from what the managers have told me), the ethernet is supposidly 10/100, but all games only use it at 10. The other expansion bus is a single-purpose device, it's a GBA emulator that attaches to the bottom of the GC, it's pretty handy, although the games on the GBA which require a lot of hitting the L/R buttons get old fast. Just letting you know that the GC has expansion options, even if one of them is only usable for a single purpose.
Throwing the Elephant - It's a great book on how to deal with management, and even on how to start to control your managers. It will also give you a few helpful hints on how to survive, and I'll give you the first one for free, give up hope of things ever getting any better, because they are only going to get worse.
How To Win Friends and Influence People - This book will give you a complete guide to being a very, very effective asskisser. Sometimes this is the only way, it will let you turn that arch-enemy of a boss into a friend. Hey, it might be the only way out.
40 rods = 0.125 miles
1 hogshead = 63 gallons
0.002 MPG
It must be a Canyonero, because you would need 8 hogsheads of gas for every mile (504 gallons).