Three persons = Neutral charge (x3), Positive, Negative. Neutral charge is just.. more plentiful. Hell, it makes as much sense as the the Trinity, don't be so hard on yourself:)
I think you've missed the point. That code cycles every 60 seconds. If you MITM me while I'm using it, you get my code, and can buy things for 60 seconds. You can't sell it to anyone who expects it to work after the 60 seconds is up.
You could, however, sell it as a service with an app that displayed all 'hot' card #s and validation codes as they got intercepted, allowing your clients access to a sort of aggregate-clone card. You could even track the compromised cards usage statistics to offer up cards that their illicit purchase would be less likely to go noticed on; and sort by available credit limit.
Say, can I patent that, then if someone deploys it: sue them? I could go into business as a white-hat patent troll.
Graham Cluley, a senior technology consultant at antivirus vendor Sophos, declined to identify the site, saying only that it was dedicated to open source software.
Ballmer should be able to spin that into a win: "To be safe, all XP users are advised to avoid open source software stuff. It has viruses."
To be fair, they didn't actually "find" any Higgs-boson particles. They found "a one percent difference between the production of pairs of muons and pairs of antimuons in the decay of B mesons produced in high-energy collisions." And I started digging through wikipedia and some really hairy PDFs to find out why that matters and then my head exploded. Did you know muon's can displace electrons? Or that they can actually take an electron and create an element called muonium, that is effectively really light (1/9th mass) hydrogen, for a fraction of a second? Fuck, man. I hate my job, why can't I do that?
Anyway, from the Symmetry write up:
While the Tevatron can perform these indirect searches, it is too early to tell yet if the Higgs bosons would have masses the Tevatron can detect or would only be within reach of the higher-energy LHC.
This only works if you (the MITB) want to authenticate before the number changes, because that's all it grabs. That situation doesn't work for a card cloner who needs to have a valid sequence at an arbitrary time of purchase.
Because not every system is secured with a single chain. This system is a lock, and it has 3 keys. To obtain one viable account, you have compromise the ID(card number), PIN, and the token (or the 128bit key within) linked to the account. None of them works without the other two, thus the combined inaccessibility of each is a measure of this system's security. The PIN and ID each have exploitable information chains, but if you want to clone the card, you need that key, there is no shortcut around that fact. MITM could get you the user, pin, and current hash, but not the key. You can't social engineer the key out of the user, they don't know it. Etc.
The fact, that the PIN and ID are easier to acquire without notice, makes the difficulty in discretely obtaining the key the minimum difficulty in compromising this system. Your options are: Steal it from the server or Steal it from the user. Those are the only two places it exists and it never moves. To make matters worse: If the theft is noticed, the clone is worthless. The time sensitive nature of credit card cloning only makes the situation that much more difficult to profit from.
Is the story here that the FBI monitors open communication on the internet, or that they went through the right channels to have someone arrested in a foreign country?
Now here's the kicker: 100,000 credit cards linked to a random cross-section of the population is worth a fair amount of money. Probably more than the cost of cracking that protection. And that means it's still profitable and practical to crack it.
No, it certainly does not. Assumptions about ROI do not prove a venture is profitable. Facts about the cost to obtain and crack one RSA token, and how much you could sell it for (which would be a fraction of it's value)*, might prove this venture feasible; but the current, dependable state of RSA-token-based security suggests that it is not.
Name: Spyder III Pro Arctic Series
Size: 228mm x 35.8mm
Weight: 378g
Wavelength: 445nm
Laser Body: 6061-T6 Aircraft-Grade Aluminum
Laser Finish: Mil-Spec Type III hard anodized in black
Transverse Mode: TEM00
Output Power:
Beam Divergence:
Beam Diameter: 1.5mm @ aperture
NOHD* 211 meters
Required Eyewear O.D. 4.4+
Power Consumption: 3.7V @ 1A
Power supply: Rechargeable Lithium Ion Battery Type 18650 (batteries and charger included)
Battery Lifetime: 120 mins
Switch: Push Button Constant On / Off, Lock-Out Tail Cap
Duty Cycle: Continuous
Expected lifetime: >5,000 hours
Warranty: 3 months
*The NOHDs were calculated based on a 0.25 second accidental (unaided eye) exposure.
I'm not suggesting people take it quietly; merely that noise alone is doomed to be drowned out by a loud "KA-CHING!" sound as long as you continue to throw money at them. Perhaps in 2 years they will note a drop in customers; or perhaps in 2 years you will, through continued support of their products, inspired at least one person to replace you as their customer.
Your continued use of the product gives them mindshare in potential consumers. When people see you use their product, they don't see a big sticker that says "I have a number of reservations about this product and do not necessarily endorse it," they see a satisfied customer with a neat device, and a shiny logo telling them where to buy one.
Neither can Apple. If you don't like their policies: Jailbreak your iPhone or craigslist it and get a more open handset.
Oi. Here's an easier solution: Complain loudly about their fool policies so that they change them. That way you don't have to throw away your $300 phone and pay a $600 penalty for switching carriers or void your warranty.
The mobile phone industry isn't like a physical store. You can't walk across the street to a competing store.
It's easier, yes, but is it a solution? A solution is something that actually fixes the problem. People have been complaining for years, how's that going again? *checks the headline*
Keep 'fighting the good fight' if it makes you feel better. Keep paying AT&T $150/month. Keep buying apps from Apple, just make sure you complain while you do it. I'm sure they'll hear you eventually*; unless they already have heard you, and simply don't care because you keep paying them anyway.
Ignoring the issue of forcing parents to come off $900: Why go with Apple? A Linux-PC is free+hardware and a Windows platform is the most probable system these kids will wind up using at work. I don't think Hayes is being terribly objective here.
Those trial CDs had your name all over them. I looked up to you, what was I supposed to think? Then the way you just left them lying around... what did you think was going to happen?
I learned it from watching you, dad. I learned it from watching you!
Kids, don't you know that unsecured wifi is just a gateway. Pretty soon you'll be cracking into stuff with stronger encryption. Then where will be? Sitting on the side of the road in some bad neighborhood looking asking to borrow a power jack.
That's bullshit. I didn't even try unsecured wifi until I had spent countless hours on stolen AOL passwords. If anything it's the illegal nature of wifi that draws people into harder stuff. By forcing them to hangout in seedy locales, like underground poetry bars, they are exposed to things like hipsters and thick-rimmed, non-prescription glasses; things that they would have never even heard of otherwise!
I like how they blame file-sharing and not legal streaming video, music downloads, and facebook addiction.
So those wary folk - put by one network as numbering "in the few hundreds" out of millions - have signed up on "unlimited" plans, taken the SIM out of the phone, and then use it in a 3G dongle to download stuff. Because it's unlimited, they can get what they want. And as they don't mind how quickly it arrives, the speed isn't a particular issue; they're just after volume. O2 says that 0.1% of its smartphone users - that's about 2,000 people - are consuming 36% of its data. Other networks indicate the same.
It's also a bit foolish on the part of the downloaders, because the Digital Economy Act does actually allow for measures to be taken over illicit filesharing over mobile networks. But possibly the people doing it don't think they'll be noticed.
I'm not saying it isn't illegal downloads causing the spike, I'm just saying I probably stream way more 1gb/month off of hulu, youtube, and netflix; and it is dishonest to assume this could not be the case for tethered/dongled users.
Fair enough. The only time my laptop leaves the house is if I'm going on a trip, so I would usually be C) Don't have a laptop handy. Of course, I also don't play Vendetta, know what it is, or have any interest in finding out. So if this only makes sense to people like me... maybe it isn't such a good idea after all.
Google seems to have forgotten the early days of the search engine wars in which Yahoo, Excite, et al vied for the most user-hostile, craptacular portal landing pages. I believe it was primarily their choice of a minimal utilitarian design that made people flock to Google, and the quality of the search results, good as they were, was a distant secondary factor among typical users.
Which is why I a quite frustrated when I first saw iGoogle and thought it was their new look. They should have tested this on iGoogle; google.com is for people who don't want annoying bullshit on their search engine.
By ensuring your ink cartridges are changed regularly, we can help make sure your ink will always be fresh. At HP we're making it easier for empty out those old, crusty ink cartridges by printing all your attachments for you. At the same time we're keeping your ink fresh, we're also helping you uphold your document retention policy by automatically generating hard copies of all your email!
This is the biggest game we’ve done since GTA IV, and is already receiving Game of the Year 2010 nominations from specialists all around the world.
Can you please ensure Toby’s article reflects this – he needs to respect the huge achievement he’s writing about here.
Exposing that is the ethical responsibility of anyone who reads it.
Hello, Devil's Advocate here, but couldn't he have just said (In his review) "On a side note: Despite being a total piece of shit in this reporter's opinion, RDR has inexplicably been nominated for GOTY. Go figure," and then launched into a withering commentary on the GOTY nomination process. All Rockstar asked for was a mention of their nomination, and that would have done it without painting them in any better light. Any journalist worth their salt should welcome the opportunity to oblige the letter of such a request while wiping their ass with the spirit of it. I don't think there is an "ethical responsibility" to alert the world that a company asked for a mention of their product's accolades. "Company X wants good press, asks for handout," shouldn't come as a surprise to anyone old enough to play a Rockstar game. If you want to shine a light on bad behavior, shine it on the people who granted the request: Where is the email from his boss telling him to turn in a fluff article or face termination? Does it even exist? That is the sort of behavior people need to be made aware of.
I was pretty torn which way to go there, I settled on English decimal pronunciation (Second/2nd/10nd) because it made "tenth" all the more confusing: Tenth/10th/1010th/12th/Ath (Twelfth... Eighth? What are you saying?)
Slashdot Mirror
Three persons = Neutral charge (x3), Positive, Negative. Neutral charge is just.. more plentiful. Hell, it makes as much sense as the the Trinity, don't be so hard on yourself :)
I think you've missed the point. That code cycles every 60 seconds. If you MITM me while I'm using it, you get my code, and can buy things for 60 seconds. You can't sell it to anyone who expects it to work after the 60 seconds is up.
You could, however, sell it as a service with an app that displayed all 'hot' card #s and validation codes as they got intercepted, allowing your clients access to a sort of aggregate-clone card. You could even track the compromised cards usage statistics to offer up cards that their illicit purchase would be less likely to go noticed on; and sort by available credit limit.
Say, can I patent that, then if someone deploys it: sue them? I could go into business as a white-hat patent troll.
Graham Cluley, a senior technology consultant at antivirus vendor Sophos, declined to identify the site, saying only that it was dedicated to open source software.
Ballmer should be able to spin that into a win: "To be safe, all XP users are advised to avoid open source software stuff. It has viruses."
Anyway, from the Symmetry write up:
While the Tevatron can perform these indirect searches, it is too early to tell yet if the Higgs bosons would have masses the Tevatron can detect or would only be within reach of the higher-energy LHC.
People like him will save a few bucks not buying mediocre games built around a 3D gimmick.
This only works if you (the MITB) want to authenticate before the number changes, because that's all it grabs. That situation doesn't work for a card cloner who needs to have a valid sequence at an arbitrary time of purchase.
Because not every system is secured with a single chain. This system is a lock, and it has 3 keys. To obtain one viable account, you have compromise the ID(card number), PIN, and the token (or the 128bit key within) linked to the account. None of them works without the other two, thus the combined inaccessibility of each is a measure of this system's security. The PIN and ID each have exploitable information chains, but if you want to clone the card, you need that key, there is no shortcut around that fact. MITM could get you the user, pin, and current hash, but not the key. You can't social engineer the key out of the user, they don't know it. Etc.
The fact, that the PIN and ID are easier to acquire without notice, makes the difficulty in discretely obtaining the key the minimum difficulty in compromising this system. Your options are: Steal it from the server or Steal it from the user. Those are the only two places it exists and it never moves. To make matters worse: If the theft is noticed, the clone is worthless. The time sensitive nature of credit card cloning only makes the situation that much more difficult to profit from.
Is the story here that the FBI monitors open communication on the internet, or that they went through the right channels to have someone arrested in a foreign country?
Now here's the kicker: 100,000 credit cards linked to a random cross-section of the population is worth a fair amount of money. Probably more than the cost of cracking that protection. And that means it's still profitable and practical to crack it.
No, it certainly does not. Assumptions about ROI do not prove a venture is profitable. Facts about the cost to obtain and crack one RSA token, and how much you could sell it for (which would be a fraction of it's value)*, might prove this venture feasible; but the current, dependable state of RSA-token-based security suggests that it is not.
Name: Spyder III Pro Arctic Series
Size: 228mm x 35.8mm
Weight: 378g
Wavelength: 445nm
Laser Body: 6061-T6 Aircraft-Grade Aluminum
Laser Finish: Mil-Spec Type III hard anodized in black
Transverse Mode: TEM00
Output Power: Beam Divergence: Beam Diameter: 1.5mm @ aperture
NOHD* 211 meters
Required Eyewear O.D. 4.4+
Power Consumption: 3.7V @ 1A
Power supply: Rechargeable Lithium Ion Battery Type 18650 (batteries and charger included)
Battery Lifetime: 120 mins
Switch: Push Button Constant On / Off, Lock-Out Tail Cap
Duty Cycle: Continuous
Expected lifetime: >5,000 hours
Warranty: 3 months
*The NOHDs were calculated based on a 0.25 second accidental (unaided eye) exposure.
I'm not suggesting people take it quietly; merely that noise alone is doomed to be drowned out by a loud "KA-CHING!" sound as long as you continue to throw money at them. Perhaps in 2 years they will note a drop in customers; or perhaps in 2 years you will, through continued support of their products, inspired at least one person to replace you as their customer.
Your continued use of the product gives them mindshare in potential consumers. When people see you use their product, they don't see a big sticker that says "I have a number of reservations about this product and do not necessarily endorse it," they see a satisfied customer with a neat device, and a shiny logo telling them where to buy one.
Neither can Apple. If you don't like their policies: Jailbreak your iPhone or craigslist it and get a more open handset.
Oi. Here's an easier solution: Complain loudly about their fool policies so that they change them. That way you don't have to throw away your $300 phone and pay a $600 penalty for switching carriers or void your warranty.
The mobile phone industry isn't like a physical store. You can't walk across the street to a competing store.
It's easier, yes, but is it a solution? A solution is something that actually fixes the problem. People have been complaining for years, how's that going again? *checks the headline*
Keep 'fighting the good fight' if it makes you feel better. Keep paying AT&T $150/month. Keep buying apps from Apple, just make sure you complain while you do it. I'm sure they'll hear you eventually*; unless they already have heard you, and simply don't care because you keep paying them anyway.
*(Spoiler: They have)
... because Walmart cannot (yet) stop you buying the stuff it doesn't want you to have elsewhere.
Neither can Apple. If you don't like their policies: Jailbreak your iPhone or craigslist it and get a more open handset.
Ignoring the issue of forcing parents to come off $900: Why go with Apple? A Linux-PC is free+hardware and a Windows platform is the most probable system these kids will wind up using at work. I don't think Hayes is being terribly objective here.
Those trial CDs had your name all over them. I looked up to you, what was I supposed to think? Then the way you just left them lying around... what did you think was going to happen?
I learned it from watching you, dad. I learned it from watching you!
*sobbing ensues*
Kids, don't you know that unsecured wifi is just a gateway. Pretty soon you'll be cracking into stuff with stronger encryption. Then where will be? Sitting on the side of the road in some bad neighborhood looking asking to borrow a power jack.
That's bullshit. I didn't even try unsecured wifi until I had spent countless hours on stolen AOL passwords. If anything it's the illegal nature of wifi that draws people into harder stuff. By forcing them to hangout in seedy locales, like underground poetry bars, they are exposed to things like hipsters and thick-rimmed, non-prescription glasses; things that they would have never even heard of otherwise!
So those wary folk - put by one network as numbering "in the few hundreds" out of millions - have signed up on "unlimited" plans, taken the SIM out of the phone, and then use it in a 3G dongle to download stuff. Because it's unlimited, they can get what they want. And as they don't mind how quickly it arrives, the speed isn't a particular issue; they're just after volume. O2 says that 0.1% of its smartphone users - that's about 2,000 people - are consuming 36% of its data. Other networks indicate the same.
It's also a bit foolish on the part of the downloaders, because the Digital Economy Act does actually allow for measures to be taken over illicit filesharing over mobile networks. But possibly the people doing it don't think they'll be noticed.
I'm not saying it isn't illegal downloads causing the spike, I'm just saying I probably stream way more 1gb/month off of hulu, youtube, and netflix; and it is dishonest to assume this could not be the case for tethered/dongled users.
Fair enough. The only time my laptop leaves the house is if I'm going on a trip, so I would usually be C) Don't have a laptop handy. Of course, I also don't play Vendetta, know what it is, or have any interest in finding out. So if this only makes sense to people like me... maybe it isn't such a good idea after all.
Connecting via wifi would seem to be a solution to both problems.
Seven point six two micron: Full Metal Ja- er, sorry, just 7.62 microns.
You could make a hostile spacecraft very uncomfortable, though you couldn't get them any hotter than the surface of the Sun.
Not good enough! *activates trap door to shark pit*
Send in the next scientist!
Google seems to have forgotten the early days of the search engine wars in which Yahoo, Excite, et al vied for the most user-hostile, craptacular portal landing pages. I believe it was primarily their choice of a minimal utilitarian design that made people flock to Google, and the quality of the search results, good as they were, was a distant secondary factor among typical users.
Which is why I a quite frustrated when I first saw iGoogle and thought it was their new look. They should have tested this on iGoogle; google.com is for people who don't want annoying bullshit on their search engine.
By ensuring your ink cartridges are changed regularly, we can help make sure your ink will always be fresh. At HP we're making it easier for empty out those old, crusty ink cartridges by printing all your attachments for you. At the same time we're keeping your ink fresh, we're also helping you uphold your document retention policy by automatically generating hard copies of all your email!
Amazed? Well that's just what we do.
Love,
Hewlett-Packard
This is the biggest game we’ve done since GTA IV, and is already receiving Game of the Year 2010 nominations from specialists all around the world.
Can you please ensure Toby’s article reflects this – he needs to respect the huge achievement he’s writing about here.
Exposing that is the ethical responsibility of anyone who reads it.
Hello, Devil's Advocate here, but couldn't he have just said (In his review) "On a side note: Despite being a total piece of shit in this reporter's opinion, RDR has inexplicably been nominated for GOTY. Go figure," and then launched into a withering commentary on the GOTY nomination process. All Rockstar asked for was a mention of their nomination, and that would have done it without painting them in any better light. Any journalist worth their salt should welcome the opportunity to oblige the letter of such a request while wiping their ass with the spirit of it. I don't think there is an "ethical responsibility" to alert the world that a company asked for a mention of their product's accolades. "Company X wants good press, asks for handout," shouldn't come as a surprise to anyone old enough to play a Rockstar game. If you want to shine a light on bad behavior, shine it on the people who granted the request: Where is the email from his boss telling him to turn in a fluff article or face termination? Does it even exist? That is the sort of behavior people need to be made aware of.
I was pretty torn which way to go there, I settled on English decimal pronunciation (Second/2nd/10nd) because it made "tenth" all the more confusing:
Tenth/10th/1010th/12th/Ath (Twelfth... Eighth? What are you saying?)