The interesting thing is that the majority of commercial DVD players advertised in South Africa, as far as I have observed, are advertised specifically as being "multi-zone". I wonder what the MPAA thinks about that.
I'm glad to see I'm not the only one who believes that. Credit cards are amazingly insecure, and inherent so. I find it hard to believe that in this ago of paranoia, people still use credit cards at all.
If I buy something from the local shop, there's nothing stopping the person behind the counter remembering my CC details and using them later for a mail order purchase. Even easier, he waits for me to leave, whips out the receipt, and copies off the details from there. We don't need plaintext email to make this an insecure system, it already is!
I was thinking that there ought to be some sort of authentication system that would enable mail order transactions to be verified by the vendor before processing. For example, you might be issued with a list of authentication codes along with your card, then with each transaction you would use one of the codes and cross it off the list. The bank would allow each code to be used only once. This would also make telephonic orders more secure, since you could quote the authentication code quite easily (rather than trying to spell out a PGP encrypted CC number in binary). (I didn't put a lot of thought into this - just an example of a possible means of getting around the inherent risk of CCs.)
Finally a bit of intelligence is added to the debate! In addition to NICs and cellphones, what about hard drives, some motherboards and even a few display adaptors? Lots of things have serial numbers, most of which people don't even know about.
Besides, it's up to the software to send this ID. If Intel provides an ID and no-one bothers to write software that makes use of it, the whole issue is moot.
On the other hand, I doubt it will be very difficult for someone to write software that sends whatever ID you tell it to. With Netscape now open source, it'll only take one hacker to add code that will do either of these.
Slashdot Mirror
The interesting thing is that the majority of commercial DVD players advertised in South Africa, as far as I have observed, are advertised specifically as being "multi-zone". I wonder what the MPAA thinks about that.
I'm glad to see I'm not the only one who believes that. Credit cards are amazingly insecure, and inherent so. I find it hard to believe that in this ago of paranoia, people still use credit cards at all.
If I buy something from the local shop, there's nothing stopping the person behind the counter remembering my CC details and using them later for a mail order purchase. Even easier, he waits for me to leave, whips out the receipt, and copies off the details from there. We don't need plaintext email to make this an insecure system, it already is!
I was thinking that there ought to be some sort of authentication system that would enable mail order transactions to be verified by the vendor before processing. For example, you might be issued with a list of authentication codes along with your card, then with each transaction you would use one of the codes and cross it off the list. The bank would allow each code to be used only once. This would also make telephonic orders more secure, since you could quote the authentication code quite easily (rather than trying to spell out a PGP encrypted CC number in binary). (I didn't put a lot of thought into this - just an example of a possible means of getting around the inherent risk of CCs.)
If you leave your phone clipped to your belt, I'd be more concerned about going sterile than getting brain damage.
Finally a bit of intelligence is added to the debate! In addition to NICs and cellphones, what about hard drives, some motherboards and even a few display adaptors? Lots of things have serial numbers, most of which people don't even know about.
Besides, it's up to the software to send this ID. If Intel provides an ID and no-one bothers to write software that makes use of it, the whole issue is moot.
On the other hand, I doubt it will be very difficult for someone to write software that sends whatever ID you tell it to. With Netscape now open source, it'll only take one hacker to add code that will do either of these.