The command ssh -G has a different behaviour on a system with Linux/Ebury. A clean server will print
ssh: illegal option -- G
to stderr but an infected server will only print the typical “usage” message. One can use the following command to determine if the server he is on is compromised:
It would make sense for people who drive to work, and leave their car in the parking lot from 9-5. These people will not be home to accept delivery because they're at work. That's the subset of people that this idea targets; not everybody.
I can't speak for android, but BB10 gives pretty good control over permissions. There are a bunch of categories that you can control access (GPS location, phone, contacts, email, text messages, stored files, internet, etc). Many apps that request permissions will still run without them, for example a weather app can get location from GPS if you allow it, otherwise you specify the location you want the weather for. Of course, some apps won't run if you don't give them all permissions - these get promptly deleted.
> It seems these days most apps are hostile to the users, it's time we treated them as such and stopped letting them have the run of our computers.
Well that the tradeoff when it comes to closed source software. You have to trust that the provider of the binary is Not Evil.
> It's time we eliminate this idea that every app has access to every file on our computers.
Mobile has made some progress here with "App Permissions", such that you can limit what an app can do. It's easy to do this when you build a new system, apps have to conform to it. With PCs, the "app can do whatever it wants" has been standard for years and it'll be hard to change it.
A morning's worth of developer wages collected over half a year? Plus it's not money, the effort to get that converted into money is probably more than a morning. Why bother?
is not to play the game. The rise of creative commons and the like will end this oppressive copyright regime. Free software and free culture is the only way to go.
You're right, the cost of fraud is spread out thinly over a variety of things, and yes, we're a bit less well off than we would be in a fraud-free scenario. It's very much like insurance, although less explicitly spelled out. A loss due to shady criminals, or a loss due to lightning strike, it's still a loss.
I'm not going to defend Target for being embarrassingly sloppy, however, no matter how you look at it, it largely doesn't matter:
a) It's a business decision to invest in cyber-insurance or cyber-security, they picked insurance. As technical people, we like technical solutions, but maybe insurance was the right choice.
b) If a consumer gets hit by a fraudulent cc charge, they don't eat the charge. They call their cc issuer and the issuer eats the charge. That is in part what your double digit interest rate is paying for.
c) Everyone gets credit monitoring. If the credit monitoring is not snake oil, then it'll catch cc fraud that's not a direct result of this Target screw up. This may actually be a benefit. People who were dimly aware of how the cc system works will become informed. This is probably a net positive here.
d) Awareness is raised about POS security; other companies who are running the similarly secured systems may be motivated to fix it. Another net positive.
The only people getting screwed are Target (for operating a shit system) and/or the cc issuers (for permitting Target to run a shit system).
I fourth this suggestion. Got it about a year ago, have been quite happy with it. It plays everything I've tried to play including subtitles, and it mounts NFS shares from a LAN linux box effortlessly (mounts CIFS too if you prefer). Also plays netflix and youtube, but the text entry leaves a lot to be desired (character by character with a remote), I haven't tried connecting a (wireless) keyboard to the USB port but that may solve that problem too.
next to everybody's card has been stolen, is it time for everybody to get a new card? It'll make the stolen database worthless, as well as all other databases of stolen credit cards...
Slashdot Mirror
So how long is it going to be before someone writes some sort of java script that blinds the user?
Here's the complete check from http://www.welivesecurity.com/...
The command ssh -G has a different behaviour on a system with Linux/Ebury. A clean server will print
ssh: illegal option -- G
to stderr but an infected server will only print the typical “usage” message. One can use the following command to determine if the server he is on is compromised:
$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"
I did it last week. Setting up the electrodes was the easy part. The hard part was setting up the electrodes!
It would make sense for people who drive to work, and leave their car in the parking lot from 9-5. These people will not be home to accept delivery because they're at work. That's the subset of people that this idea targets; not everybody.
I wonder if that We The People petition had anything to do with this..
Might work for showers, but not for people filling bathtubs and washing machines.
Who's going to notice? Are the numbers available such that an interested person could verify the computation of the average?
I can't speak for android, but BB10 gives pretty good control over permissions. There are a bunch of categories that you can control access (GPS location, phone, contacts, email, text messages, stored files, internet, etc). Many apps that request permissions will still run without them, for example a weather app can get location from GPS if you allow it, otherwise you specify the location you want the weather for. Of course, some apps won't run if you don't give them all permissions - these get promptly deleted.
> It seems these days most apps are hostile to the users, it's time we treated them as such and stopped letting them have the run of our computers.
Well that the tradeoff when it comes to closed source software. You have to trust that the provider of the binary is Not Evil.
> It's time we eliminate this idea that every app has access to every file on our computers.
Mobile has made some progress here with "App Permissions", such that you can limit what an app can do. It's easy to do this when you build a new system, apps have to conform to it. With PCs, the "app can do whatever it wants" has been standard for years and it'll be hard to change it.
> For all the rest, it shouldn't even matter.
This is so they can "target" advertisements better.
A morning's worth of developer wages collected over half a year? Plus it's not money, the effort to get that converted into money is probably more than a morning. Why bother?
What? GPS receivers don't transmit. How do you track a GPS receiver?
is not to play the game. The rise of creative commons and the like will end this oppressive copyright regime. Free software and free culture is the only way to go.
https://en.wikipedia.org/wiki/Betteridge's_law_of_headlines
You're right, the cost of fraud is spread out thinly over a variety of things, and yes, we're a bit less well off than we would be in a fraud-free scenario. It's very much like insurance, although less explicitly spelled out. A loss due to shady criminals, or a loss due to lightning strike, it's still a loss.
> It could be useful in theory, but in practice it's a lot less accurate than you're giving them credit for.
You're fixating on the current version. Don't think it'll get better with time?
Ah fair enough, didn't realise it was the merchant got stiffed. But the main point still stands: the consumer doesn't eat the fraud.
That will not effectively stop credit card fraud.
I'm not going to defend Target for being embarrassingly sloppy, however, no matter how you look at it, it largely doesn't matter:
a) It's a business decision to invest in cyber-insurance or cyber-security, they picked insurance. As technical people, we like technical solutions, but maybe insurance was the right choice.
b) If a consumer gets hit by a fraudulent cc charge, they don't eat the charge. They call their cc issuer and the issuer eats the charge. That is in part what your double digit interest rate is paying for.
c) Everyone gets credit monitoring. If the credit monitoring is not snake oil, then it'll catch cc fraud that's not a direct result of this Target screw up. This may actually be a benefit. People who were dimly aware of how the cc system works will become informed. This is probably a net positive here.
d) Awareness is raised about POS security; other companies who are running the similarly secured systems may be motivated to fix it. Another net positive.
The only people getting screwed are Target (for operating a shit system) and/or the cc issuers (for permitting Target to run a shit system).
Solar panels!
this strange idea that blindly running remotely fetched code is a good idea, "malware" problems will become sparse.
I fourth this suggestion. Got it about a year ago, have been quite happy with it. It plays everything I've tried to play including subtitles, and it mounts NFS shares from a LAN linux box effortlessly (mounts CIFS too if you prefer). Also plays netflix and youtube, but the text entry leaves a lot to be desired (character by character with a remote), I haven't tried connecting a (wireless) keyboard to the USB port but that may solve that problem too.
next to everybody's card has been stolen, is it time for everybody to get a new card? It'll make the stolen database worthless, as well as all other databases of stolen credit cards...
As soon that cost gets down to the 1-2 euro range, we're going to have some problems ....!
Go back to cash. There's no risk of identity theft with cash.