Is that anything like Fundamentally Oral Bill? (no, the link doesn't have an actual Fundamentally Oral Bill pic; it's just the only decent pic of good 'ol Bill that I could find...)
Last I heard, Mastercard was working on a new system that would be in place by this summer that assigned a PIN/password to each credit card holder, similar to what you have with an ATM card (I hadn't heard whether they planned to make it numeric-only or alphanumeric, but I would imagine it would be the latter). When the credit card is used for an internet- or phone-based transaction, in conjunction with the PIN/password, the transaction would be considered "card-present," just as if you have physically been there and had your card "swiped" through a reader. Generally speaking, it's very difficult to do a chargeback on a card-present transaction unless you can demonstrate that the seller committed fraud. Basically, with a "card-absent" transaction, the burden of proof of fraud in the event of a chargeback is on the seller. With a "card-present" transaction, the burder of proof of fraud is on the buyer.
I'm still not clear on a few points, such as whether or not the merchant will be allowed to store the PIN/password after the verification process for the transaction has been completed. Frankly, I would be against that as it would allow a hacker to get a large batch of CCNs & PINs together. Storing the CCN, the transaction timestamp, and the verification code issued for the transaction should be sufficient backup for the merchant in the event of a dispute.
Another interesting point is that by doing this, MasterCard may be shooting itself in the foot. Many third-party billing services perform additional fraud detection on top of what the credit card companies provide. By eliminating this safeguard, they could actually increase on-line fraud. The only thing I can think of is that this measure they are proposing will drop the transaction volume to a low enough level where they come out ahead here...
Exactly. I saw this with 6 friends on opening night in a sold-out showing. Everyone there seemed to enjoy it just fine for what it was: your basic popcorn vampire flick with gratuitous (CGI-assisted) violence. It had a couple of well scripted lines ("You're human?" "Well, almost. I'm a lawyer"), and tons of flashy action sequences. The movie got an ovation (albeit not a standing one) when the credits started to roll. Basically, it's a movie that deftly accomplishes what it set out to do - provide basic, brain-dead entertainment. Woo hoo!
Oh, I'm not saying they are necessarily world-class atheletes, just that I wouldn't put such feats past them; I would lend far more credence to any such claims (despite their occasional tendency towards, shall we say, hyperbole) than I would to those coming from other people. Any while willpower alone can only do so much for speed and strength, it can do exceptional things for endurance.
Actually, I believe it easily. I live in an apartment complex that frequently houses SEALs and Marines, and believe me, some of these guys are in inhuman shape.
One of my former neighbors, a Marine hand-to-hand combat instructor at a nearby base, would go out and run 20+ miles on his own (outside of the USMC-mandated routines) on an extremely frequent basis. With 75+ lbs in his pack. Up and down the local mountains (acutally driving to said mountains would be beneath him, so he ran to them). This guy has a physique that would reduce a professional body-builder to tears.
It brings to mind one of my own experiences, which involved an extremely ugly data recovery project (gee... the person in charge of backups never bothered to make sure that the tapes actually fucking worked). I was leading the team in charge of rebuilding (by hand) several corrupted databases full of transactions, and merging them back into the live data set. I literally worked slightly over 100 hours straight, slept 8 hours, and then worked 20 more before taking a week off. It's a funny thing - once you learn to ignore parts of your brain telling you that you can't possibly go on, it's really amazing what you can do. To this day I tell this story, and people are always saying "no fucking way; that's impossible!" It's hard to describe, but when you're doing something like that, you just... do it. Ever since then I've really known that all of that crap they tell you about your limitations being in your head is entirely 100% true. Basically, you can force yourself to do pretty much anything, several orders of magnitude beyond what you believe your physical and / or mental limits are. Oh, and yes, I got an extremely fat bonus for that project.
Disclaimer: IANAL. This rule varies by jurisdiction. Where I live (San Diego, California Superior Court District) a corporation may be represented by any corporate officer, or the corporation may file a request with the court to allow another employee to represent them. There are also some (albeit highly restricted - they have to work for free, and they can only appear a few times a year, they must be currently employed by the corporation on other business) loopholes that even allow lawyers to represent corporations here.
I would definitely check into the rules if you want to file small claims. Additionally (at least in my district) you are limited to a certain number of claims per year, and your filing fees also increase after you file a certain number of claims.
Take a car, close yourself in a garage and see let us know what effect this has on you. While your at it, whip up a nice pre-cocktail of the water down the river from %insert_big_chemical_company_factory_near_you%. Let us know the result of your experiment... how about a little "common sense" eh?
Oh yeah? Why not tie a plastic bag around your head and breathe normally. Since breathing creates a poisonous greenhouse gas, maybe we should outlaw it. Or at least regulate it. Perhaps a tax on breathing.
Or try drinking about 5 gallons of perfectly clean distilled water and watch yourself die as your body flushes out all of its electrolytes.
As counterintuitive as it may be (well, if you have an IQ of under 90) just because something will kill you under certain circumstances doesn't make it bad. I mean, hell, just about anything will. And most byproducts of human activity are smelly, nasty, and otherwise noxious. But as long as we're around, there's going to be undesireable byproducts. That doesn't mean we shouldn't try to reasonably minimize them (the "reasonably" part is where radical environmentalists fail), but do try to stay real.
But at the risk of taking a superior attitude about the US economy -- I think we could stand to contract a little bit and maybe not keep our place as the biggest proportional consumer of everthing on the planet.
Tell you what - you start going without first. The rest of us will be right behind you (not). Ever notice how much cleaner countries with poorer economies are? I didn't think so. A clean environment is, in the strictest survival sense, a luxury good. I know it doesn't always sound that way to us (I regularly travel to Los Angeles, where just breathing the air is like smoking two packs a day - that's hyperbole, before you flame me to a crisp), but people worried about little things like, say, starvation and disease don't really give a rat's ass if they have to burn firewood to boil water or clear out sections of rainforest for farmland (despite how poor that farmland may be) or whatever. We'd be far better off assisting other countries in coming up to our level than we would be lowering ourselves to theirs.
(I can post this because it's boring having my karma capped...) Oh yeah, and, as a disclaimer, I describe my religious belief structure as "fundamentalist agnostic."
It's been observed many times that human beings are, by nature, religious creatures. Even those post-modern (alleged) rationalists who reject God or other higher powers tend to cling to other beliefs with zeal equal to the most ardent theist, and take a similarly harsh stance on any views they see as heretical. We generally euphemize this behavior as "Political Correctness," whether is be associated with economic, racial, or environmental issues; these are generally identified with the political left. Don't get me wrong; there are plenty of unreasonable people on the political right as well (and I'm sure you can find some in the middle, etc.).
That's my biggest beef: people who have abandoned logic and reason and have an ardent desire to persecute anyone who doesn't agree with their belief structure, whatever it may be. Personally, I hold all manner of strong views on a variety of subjects and I'm usually happy to debate these to death, but the worst show of temper that you'll see out of me is that I may call someone a jackass (usually when they're being one of the aforementioned unreasonable people).
Perhaps what the world really needs, rather than more "truth," is some education in the ways of civil discourse and etequitte (I know Slashdot's not the best place to ask for these, but what the hell). Face it: none of us will be right about everything every time. If someone has a point, concede it. It won't kill you. In fact, it will cause you to examine your beliefs, whatever they may be, and you will probably end up wiser (one way or another) for it in the end. Either you'll change your thinking, or you'll be better prepared when making your point the next time around.
I know that the AMC Mission Valley 20 Theater in San Diego has a Texas Instruments-based DLP projector. They've most recent shown Monsters, Inc. and Ocean's Eleven in digital format.
Do you really think they're putting a 1 watt laser in this thing?
From a press release six months from now:
"Well, the main thing preventing us from mass-deployment at this point is the large holes being burned through the skulls of our beta testers. We hope to have this problem resolved soon...
This release may contain forward-looking statements and other such bullshit..."
I don't think ya'll read the article. The light is emitted by three LEDs driven by a (presumably) portable power source (battery), probably not bright enough to cause any sort of eye damage. You must have been thinking about lasers or something...
SNMP's a pretty damned scary protocol anyway
on
Security Hole In SNMP
·
· Score: 3, Insightful
Even without the aforementioend flaws (whatever they are), SNMP is a truely horrible protocol. The only real security in most implementations is based on IP Address and SNMP Domain Name. Most network devices will be "polite" with their IP addresses (especially when DHCP is enabled), so taking over an IP address is rarely a problem (assuming IP spoofing doesn't suit your needs). And the Domain Name is rarely difficult to brute-force.
But this assumes that security is even configured at all. So many network devices support SNMP these days that anything less than perfect administration can result in all kinds of trouble. Be honest: how many networks that you know of don't have several devices set to the "public" domain with no address filtering. Hello, Denial of Service.
After all these years of (alleged) focus on network security, I'm pretty shocked that there isn't a widely deployed standard based on public-key encryption, digital signatures, and other means of access control. You can't really make the argument that this is rocket science anymore...
What kind of sick fucks are women that they want us to demonstrate affection by ripping the sex organs off of plants and presenting them as gifts? I mean, think about it...
Of course, in all seriousness, the most of the employees at my local florest know my AmEx number by heart now...
Yes, you can continue to use the cards if the machine is 100% fubared (they have their own on-board i960 and RAM to handle remote access functions). They also have a port for an external DC power source (adapter included) (the older ones had on-board NiCad battery packs that had to be replaced every 2-3 years), so yes they do work even if the server is turned off.
On another note, most Compaq servers made in the last 5-6 years have what they call IRC - Integrated Remote Console. Basically, you plug a modem (or LAN-controlled serial device) into COM1 or COM2 and you can remote-control (text-mode only) and cold-boot the server (you have to do some setup from the Compaq System Utility Partition first).
The newest Compaq Servers have the Remote Insight functionality described in my last post integrated on the mobo. The only downside is that you have to purchase a software key to get the graphical remote control (text-mode is included with the base package), but that's still an improvement because you don't lose the slot (important for your 1U pizza-box servers).
Actually these new ones work in either text or graphics mode, and use SSL-encrypted HTTP connections. All login & remote access stuff is handled via Java applets, which makes a brute-force attack considerably more difficult.
Frankly, with all of the discussion centered around administering a machine that's at runlevel 0 or fully stealthed with no IPs, etc., I'm surprised that no one (so far) has mentioned hardware-based remote access products such as Compaq's Remote Insight boards (many other server vendors have similar products).
For ~$500 you get a board that replaces your keyboard, mouse, and video controllers, has its own built-in ethernet adapter (that is invisible to the rest of the computer - it's dedicated to remote access) and an SSL-secured web server. You can completely control the machine via a java applet. You can even cold-boot it if it's in a hung state (and, of course, view any errors on the screen while the machine's in a hung state). Other features include a virtual floppy drive that allows you to copy data to and from the machine (you can even boot off of the virtual floppy). There's plenty of additional coolness; the only downside is that Compaq cards only work in Compaq Proliant servers, HP cards only work in HP servers, etc...
This is something that all big corporations have difficulty doing: stopping all new work...
Yeah, I can just see Bill Gates getting up on the podium in a few months going, "Well, we tried this cleanup thing once, and it really slowed us down! And since anything that slows sales of Microsoft products is a major threat to the economy, we promise to never do it again! I mean, after all, we have to... uhh... think of the children!"
Slashdot Mirror
Dammit, next time warn us before posting these kind of spoilers!
(Yes, I know this is offtopic; Nazi moderators please keep your panties on).
Is it just me, or does Carly Fiorina look disturbingly like Carmela Soprano?
(mildly offtopic, keep your panties on). Yeah, but would an Anal Retentive mod be +1 or -1? There's about 15 years worth of debate...
Is that anything like Fundamentally Oral Bill? (no, the link doesn't have an actual Fundamentally Oral Bill pic; it's just the only decent pic of good 'ol Bill that I could find...)
Last I heard, Mastercard was working on a new system that would be in place by this summer that assigned a PIN/password to each credit card holder, similar to what you have with an ATM card (I hadn't heard whether they planned to make it numeric-only or alphanumeric, but I would imagine it would be the latter). When the credit card is used for an internet- or phone-based transaction, in conjunction with the PIN/password, the transaction would be considered "card-present," just as if you have physically been there and had your card "swiped" through a reader. Generally speaking, it's very difficult to do a chargeback on a card-present transaction unless you can demonstrate that the seller committed fraud. Basically, with a "card-absent" transaction, the burden of proof of fraud in the event of a chargeback is on the seller. With a "card-present" transaction, the burder of proof of fraud is on the buyer.
I'm still not clear on a few points, such as whether or not the merchant will be allowed to store the PIN/password after the verification process for the transaction has been completed. Frankly, I would be against that as it would allow a hacker to get a large batch of CCNs & PINs together. Storing the CCN, the transaction timestamp, and the verification code issued for the transaction should be sufficient backup for the merchant in the event of a dispute.
Another interesting point is that by doing this, MasterCard may be shooting itself in the foot. Many third-party billing services perform additional fraud detection on top of what the credit card companies provide. By eliminating this safeguard, they could actually increase on-line fraud. The only thing I can think of is that this measure they are proposing will drop the transaction volume to a low enough level where they come out ahead here...
Exactly. I saw this with 6 friends on opening night in a sold-out showing. Everyone there seemed to enjoy it just fine for what it was: your basic popcorn vampire flick with gratuitous (CGI-assisted) violence. It had a couple of well scripted lines ("You're human?" "Well, almost. I'm a lawyer"), and tons of flashy action sequences. The movie got an ovation (albeit not a standing one) when the credits started to roll. Basically, it's a movie that deftly accomplishes what it set out to do - provide basic, brain-dead entertainment. Woo hoo!
Oh, I'm not saying they are necessarily world-class atheletes, just that I wouldn't put such feats past them; I would lend far more credence to any such claims (despite their occasional tendency towards, shall we say, hyperbole) than I would to those coming from other people. Any while willpower alone can only do so much for speed and strength, it can do exceptional things for endurance.
Actually, I believe it easily. I live in an apartment complex that frequently houses SEALs and Marines, and believe me, some of these guys are in inhuman shape. One of my former neighbors, a Marine hand-to-hand combat instructor at a nearby base, would go out and run 20+ miles on his own (outside of the USMC-mandated routines) on an extremely frequent basis. With 75+ lbs in his pack. Up and down the local mountains (acutally driving to said mountains would be beneath him, so he ran to them). This guy has a physique that would reduce a professional body-builder to tears.
... do it. Ever since then I've really known that all of that crap they tell you about your limitations being in your head is entirely 100% true. Basically, you can force yourself to do pretty much anything, several orders of magnitude beyond what you believe your physical and / or mental limits are. Oh, and yes, I got an extremely fat bonus for that project.
It brings to mind one of my own experiences, which involved an extremely ugly data recovery project (gee... the person in charge of backups never bothered to make sure that the tapes actually fucking worked). I was leading the team in charge of rebuilding (by hand) several corrupted databases full of transactions, and merging them back into the live data set. I literally worked slightly over 100 hours straight, slept 8 hours, and then worked 20 more before taking a week off. It's a funny thing - once you learn to ignore parts of your brain telling you that you can't possibly go on, it's really amazing what you can do. To this day I tell this story, and people are always saying "no fucking way; that's impossible!" It's hard to describe, but when you're doing something like that, you just
Disclaimer: IANAL. This rule varies by jurisdiction. Where I live (San Diego, California Superior Court District) a corporation may be represented by any corporate officer, or the corporation may file a request with the court to allow another employee to represent them. There are also some (albeit highly restricted - they have to work for free, and they can only appear a few times a year, they must be currently employed by the corporation on other business) loopholes that even allow lawyers to represent corporations here.
I would definitely check into the rules if you want to file small claims. Additionally (at least in my district) you are limited to a certain number of claims per year, and your filing fees also increase after you file a certain number of claims.
Or try drinking about 5 gallons of perfectly clean distilled water and watch yourself die as your body flushes out all of its electrolytes.
As counterintuitive as it may be (well, if you have an IQ of under 90) just because something will kill you under certain circumstances doesn't make it bad. I mean, hell, just about anything will. And most byproducts of human activity are smelly, nasty, and otherwise noxious. But as long as we're around, there's going to be undesireable byproducts. That doesn't mean we shouldn't try to reasonably minimize them (the "reasonably" part is where radical environmentalists fail), but do try to stay real.
How the hell did this get modded off-topic?
Sorry for being so terribly dense, but it's not obvious to me. Could you provide specific examples backed with hard data, and references to that data.
Thank you.
Tell you what - you start going without first. The rest of us will be right behind you (not). Ever notice how much cleaner countries with poorer economies are? I didn't think so. A clean environment is, in the strictest survival sense, a luxury good. I know it doesn't always sound that way to us (I regularly travel to Los Angeles, where just breathing the air is like smoking two packs a day - that's hyperbole, before you flame me to a crisp), but people worried about little things like, say, starvation and disease don't really give a rat's ass if they have to burn firewood to boil water or clear out sections of rainforest for farmland (despite how poor that farmland may be) or whatever. We'd be far better off assisting other countries in coming up to our level than we would be lowering ourselves to theirs.
(I can post this because it's boring having my karma capped...) Oh yeah, and, as a disclaimer, I describe my religious belief structure as "fundamentalist agnostic."
It's been observed many times that human beings are, by nature, religious creatures. Even those post-modern (alleged) rationalists who reject God or other higher powers tend to cling to other beliefs with zeal equal to the most ardent theist, and take a similarly harsh stance on any views they see as heretical. We generally euphemize this behavior as "Political Correctness," whether is be associated with economic, racial, or environmental issues; these are generally identified with the political left. Don't get me wrong; there are plenty of unreasonable people on the political right as well (and I'm sure you can find some in the middle, etc.).
That's my biggest beef: people who have abandoned logic and reason and have an ardent desire to persecute anyone who doesn't agree with their belief structure, whatever it may be. Personally, I hold all manner of strong views on a variety of subjects and I'm usually happy to debate these to death, but the worst show of temper that you'll see out of me is that I may call someone a jackass (usually when they're being one of the aforementioned unreasonable people).
Perhaps what the world really needs, rather than more "truth," is some education in the ways of civil discourse and etequitte (I know Slashdot's not the best place to ask for these, but what the hell). Face it: none of us will be right about everything every time. If someone has a point, concede it. It won't kill you. In fact, it will cause you to examine your beliefs, whatever they may be, and you will probably end up wiser (one way or another) for it in the end. Either you'll change your thinking, or you'll be better prepared when making your point the next time around.
Just my $.02
I know that the AMC Mission Valley 20 Theater in San Diego has a Texas Instruments-based DLP projector. They've most recent shown Monsters, Inc. and Ocean's Eleven in digital format.
From a press release six months from now:
I don't think ya'll read the article. The light is emitted by three LEDs driven by a (presumably) portable power source (battery), probably not bright enough to cause any sort of eye damage. You must have been thinking about lasers or something...
Even without the aforementioend flaws (whatever they are), SNMP is a truely horrible protocol. The only real security in most implementations is based on IP Address and SNMP Domain Name. Most network devices will be "polite" with their IP addresses (especially when DHCP is enabled), so taking over an IP address is rarely a problem (assuming IP spoofing doesn't suit your needs). And the Domain Name is rarely difficult to brute-force.
But this assumes that security is even configured at all. So many network devices support SNMP these days that anything less than perfect administration can result in all kinds of trouble. Be honest: how many networks that you know of don't have several devices set to the "public" domain with no address filtering. Hello, Denial of Service.
After all these years of (alleged) focus on network security, I'm pretty shocked that there isn't a widely deployed standard based on public-key encryption, digital signatures, and other means of access control. You can't really make the argument that this is rocket science anymore...
What kind of sick fucks are women that they want us to demonstrate affection by ripping the sex organs off of plants and presenting them as gifts? I mean, think about it...
Of course, in all seriousness, the most of the employees at my local florest know my AmEx number by heart now...
Yes, you can continue to use the cards if the machine is 100% fubared (they have their own on-board i960 and RAM to handle remote access functions). They also have a port for an external DC power source (adapter included) (the older ones had on-board NiCad battery packs that had to be replaced every 2-3 years), so yes they do work even if the server is turned off.
On another note, most Compaq servers made in the last 5-6 years have what they call IRC - Integrated Remote Console. Basically, you plug a modem (or LAN-controlled serial device) into COM1 or COM2 and you can remote-control (text-mode only) and cold-boot the server (you have to do some setup from the Compaq System Utility Partition first).
The newest Compaq Servers have the Remote Insight functionality described in my last post integrated on the mobo. The only downside is that you have to purchase a software key to get the graphical remote control (text-mode is included with the base package), but that's still an improvement because you don't lose the slot (important for your 1U pizza-box servers).
One word - lightning.
Actually these new ones work in either text or graphics mode, and use SSL-encrypted HTTP connections. All login & remote access stuff is handled via Java applets, which makes a brute-force attack considerably more difficult.
Frankly, with all of the discussion centered around administering a machine that's at runlevel 0 or fully stealthed with no IPs, etc., I'm surprised that no one (so far) has mentioned hardware-based remote access products such as Compaq's Remote Insight boards (many other server vendors have similar products).
For ~$500 you get a board that replaces your keyboard, mouse, and video controllers, has its own built-in ethernet adapter (that is invisible to the rest of the computer - it's dedicated to remote access) and an SSL-secured web server. You can completely control the machine via a java applet. You can even cold-boot it if it's in a hung state (and, of course, view any errors on the screen while the machine's in a hung state). Other features include a virtual floppy drive that allows you to copy data to and from the machine (you can even boot off of the virtual floppy). There's plenty of additional coolness; the only downside is that Compaq cards only work in Compaq Proliant servers, HP cards only work in HP servers, etc...
Too Funny! We could get the government to subsidize the ISPs and then pay people not to surf the web...
Yeah, I can just see Bill Gates getting up on the podium in a few months going, "Well, we tried this cleanup thing once, and it really slowed us down! And since anything that slows sales of Microsoft products is a major threat to the economy, we promise to never do it again! I mean, after all, we have to