This was just straightforward grift (a con game), not some glaring flaw in the banking system. The sales clerks got suckered, perhaps due to lack of training by Apple, or perhaps the con-man was just that good.
Yeah, the fact that an override code is just any random n-digit number without even a CRC is not a flaw. Not at all.
The way it's supposed to work is that the store calls the issuer and requests an override code, and then keys it in themself. The bank can then tally the auth code against the store's call at the end of the day and process the charge. I have never seen a situation where the customer calls up the bank themselves.
And the con man's solution to that is a man in the middle attack. And the store still has to pay.
I understand the long-running and much-honored Slashdot tradition of not reading TFA, but couldn't you at least have read The Fucking Summary?
When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits....
There was ample dumbshittery (and liability) to assign here, but it's all on the Apple Store drones. No bank involved.
Nope, its all on a system that accepts random numbers of a certain length with the only safety "feature" being that the store clerk is supposed to call the bank himself so they can tell him a code that he can make up on his own. IOW that override is seriously broken. And has been used to defraud for ages, because the criminals know how it works.
The only reason this is "news" is because one guy hit one chain of stores. No, wait, it's because that chain is Apple.
"It does not actually matter what code the merchant types into the terminal," the U.S. Attorney's Office in New Jersey stated publicly in February after a similar case there. "Any combination of digits will override the denial."
(The Tampa Bay Times is withholding the number of digits so as not to inspire anyone.)
That makes little sense, or are you saying all banks supply them with POS software?
Because it would work with any bank. BofA(Bastar^H^H^H^H^ bank of America) , Well Fargo, et. al.
Are you claiming Apple and all other stores write their own credit card processing software?
Yet in the Gaza Strip and the West Bank, almost those 4.4 million people are under Palestinian civil administration, while only about 0.1 million people in the West Bank are in the Israeli civil administration. Perhaps the Israeli have an undue influence over a part of the West Bank, what with their security operations there, but claiming that "Israel rules Palestine" seems rather overblown. I might as well claim that the US rules Iraq and Afghanistan.
Yeah, and Vichy France was a completely independent state.
Just buy an Android phone without Google Apps pre-installed.
I have one (Huawei).
No Google Play Services (and any other Google Apps - Maps, Mail, etc.)
Yeah, having everything send to the Chinese intelligence agencies is soooo much better. Not to mention the NSA backdoors in the Linux kernel that Google itself hasn't found.
This may be the backdoor known as DROPOUTJEEP, which was described in some Snowden-leaked documents last year.
Looks like Apple sold out, put in a backdoor, and then lied about it.
Yeah. Or the guy who wrote that is either a moron or a jerkass, and completely ignored some important info given. Like the fact that DROPOUT.JEEP was actually the codename for a wired jailbreak for the first iPhone that NSA had to develop themselves. It's not like that info is hard to gain once you strip out the boasting and bullshit bingo from the l33t NSA haX0r slide.
Except for the fact that Apples handing all of your data over to the NSA anyway. Apple has a very cozy relationship with the US federal government.
http://cdn.bgr.com/2013/11/app...
According to that table there were 0 - 1000 cases in which "some" content data was disclosed to law enforcement in the US (and 1 in the UK and 0 in about 30 other countries). You call this "a very cozy relationship"? With 313 million citizens in the US there were less than 1000 requests granted. What's "cozy" about that?
Not to mention that this number includes all requests for tracking down stolen phones and those from missing persons.
PowerPC had good performance for several years. When the 603 and 604 were around they had better performance than x86 did. The problems started when the Pentium Pro came out. Even then it was not manufactured in enough numbers to be a real issue. Then the Pentium II came out...
And even that still go creamed whenever SIMD was used.
They'd released the i860 (RISC, not x86-compatible) in 1989 and tech magazines were saying it would kill x86. Windows NT was originally written for the i860 and only later ported to x86, so even Windows looked like it might not be tied to x86 in the long term.
This is technically true. Windows NT was originally designed to be OS/2 version 3.0 and at first they targeted the i860 which never did well, so they changed to the MIPS platform. Prior to release Microsoft decided to make it their next Windows platform and the rest was history.
What made Windows NT unique at the time was the Hardware Abstraction Layer (HAL) that allowed Microsoft to target multiple processor platforms. At release, Windows NT supported i386 (called IA-32 at the time), Alpha, and MIPS.
Regardless of what you think of Amazon and them being a monopoly, Apple colluded with publishers to raise the price of ebooks. It was anti-competitive at it's core and it's illegal under US law. Not to even mention that it cost the average US buyer $5 per book.
http://climatecrocks.com/2011/...
"It’s important to note, Roy Spencer is MOST famous for being wrong – wrong in the the very areas that should be his area of greatest strength and expertise."
http://ourchangingclimate.word...
John Christy, Richard McNider and Roy Spencer trying to overturn mainstream science by rewriting history and re-baselining graphs
http://www.realclimate.org/ind...
"So here’s what Roy did. He took two indices of interannual variability: the Southern Oscillation (SOI) index, which is a proxy for El Nino, and the Pacific Decadal Oscillation Index (PDOI). He formed an ad-hoc weighted sum of these indices,and then multiplied by an ad-hoc scaling factor to turn the resulting time series into a time series of radiative forcing in Watts per square meter. Then he used that time series to drive a simple linear globally averaged mixed layer ocean model incorporating a linearized term representing heat loss to space. And voila, look what comes out of the oven!"
How about we just use nuclear power for most cases because it's more efficient, safer, etc.?
Let's pretend - what about cooling? You are aware that when it gets hotter, most NPPs have to be shut down? Which means that they are obviously not the solution to Global Warming.
You mean 'falsifiable': when a scientist publishes a hypothesis, the standard procedure is to describe what observations might support that hypothesis and which could call it into question.
Climate deniers claim: I can't prove it's false, so it's not falsifiable. Ergo it's not science.
really? that's who you go to for your information?
YOu shoudl read this. Over the last 100 yeas I can cherry pich 10 year tretchs where it is even, or seem to decreas, but the overall trend is an ncrease.
The way pro-AGW fanatics present arguments often stinks of conspiracy theories. (Those evile brothers, Big Oil, etc.)
As opposed to "all climate scientists as well as all governments all over the world, for several decades". Yeah, one of those sounds like a conspiracy theory, say like MKUltra. The other one gets you laughed at by flat earthers and moon hoaxers for being over the top.
This was just straightforward grift (a con game), not some glaring flaw in the banking system. The sales clerks got suckered, perhaps due to lack of training by Apple, or perhaps the con-man was just that good.
Yeah, the fact that an override code is just any random n-digit number without even a CRC is not a flaw. Not at all.
The way it's supposed to work is that the store calls the issuer and requests an override code, and then keys it in themself. The bank can then tally the auth code against the store's call at the end of the day and process the charge. I have never seen a situation where the customer calls up the bank themselves.
And the con man's solution to that is a man in the middle attack. And the store still has to pay.
I understand the long-running and much-honored Slashdot tradition of not reading TFA, but couldn't you at least have read The Fucking Summary?
When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits....
There was ample dumbshittery (and liability) to assign here, but it's all on the Apple Store drones. No bank involved.
Nope, its all on a system that accepts random numbers of a certain length with the only safety "feature" being that the store clerk is supposed to call the bank himself so they can tell him a code that he can make up on his own. IOW that override is seriously broken. And has been used to defraud for ages, because the criminals know how it works.
The only reason this is "news" is because one guy hit one chain of stores. No, wait, it's because that chain is Apple.
http://www.tampabay.com/news/c...
"It does not actually matter what code the merchant types into the terminal," the U.S. Attorney's Office in New Jersey stated publicly in February after a similar case there. "Any combination of digits will override the denial." (The Tampa Bay Times is withholding the number of digits so as not to inspire anyone.)
That makes little sense, or are you saying all banks supply them with POS software? Because it would work with any bank. BofA(Bastar^H^H^H^H^ bank of America) , Well Fargo, et. al.
Are you claiming Apple and all other stores write their own credit card processing software?
Yet in the Gaza Strip and the West Bank, almost those 4.4 million people are under Palestinian civil administration, while only about 0.1 million people in the West Bank are in the Israeli civil administration. Perhaps the Israeli have an undue influence over a part of the West Bank, what with their security operations there, but claiming that "Israel rules Palestine" seems rather overblown. I might as well claim that the US rules Iraq and Afghanistan.
Yeah, and Vichy France was a completely independent state.
Ohh, silly me. Amazon took over the marketplace, so now it's new again.
The iPad has lost momentum already, even though the tablet market continues to grow. IDC's Latest figures http://www.businesswire.com/ne...
Isn't it odd that Amazon doesn't even show up in that list? Looks like it's time for a Fire Sale. Oh, and drop the DRM already Amazon.
Wow, that's much ado about nothing.
What, the tracking, or the lying, or the fact that people dare being appalled by Google's behavior?
In any way, hardly nothing, unless you work for damage control.
Just buy an Android phone without Google Apps pre-installed. I have one (Huawei). No Google Play Services (and any other Google Apps - Maps, Mail, etc.)
Yeah, having everything send to the Chinese intelligence agencies is soooo much better. Not to mention the NSA backdoors in the Linux kernel that Google itself hasn't found.
This may be the backdoor known as DROPOUTJEEP, which was described in some Snowden-leaked documents last year.
Looks like Apple sold out, put in a backdoor, and then lied about it.
Yeah. Or the guy who wrote that is either a moron or a jerkass, and completely ignored some important info given. Like the fact that DROPOUT.JEEP was actually the codename for a wired jailbreak for the first iPhone that NSA had to develop themselves. It's not like that info is hard to gain once you strip out the boasting and bullshit bingo from the l33t NSA haX0r slide.
Except for the fact that Apples handing all of your data over to the NSA anyway. Apple has a very cozy relationship with the US federal government. http://cdn.bgr.com/2013/11/app...
According to that table there were 0 - 1000 cases in which "some" content data was disclosed to law enforcement in the US (and 1 in the UK and 0 in about 30 other countries). You call this "a very cozy relationship"? With 313 million citizens in the US there were less than 1000 requests granted. What's "cozy" about that?
Not to mention that this number includes all requests for tracking down stolen phones and those from missing persons.
PowerPC had good performance for several years. When the 603 and 604 were around they had better performance than x86 did. The problems started when the Pentium Pro came out. Even then it was not manufactured in enough numbers to be a real issue. Then the Pentium II came out...
And even that still go creamed whenever SIMD was used.
This is technically true. Windows NT was originally designed to be OS/2 version 3.0 and at first they targeted the i860 which never did well, so they changed to the MIPS platform. Prior to release Microsoft decided to make it their next Windows platform and the rest was history.
What made Windows NT unique at the time was the Hardware Abstraction Layer (HAL) that allowed Microsoft to target multiple processor platforms. At release, Windows NT supported i386 (called IA-32 at the time), Alpha, and MIPS.
And later, it ran on PowerPC.
the whole point of Apple's ebook efforts was to provide a bulwark against the Amazon Ultron-like eater-of-worlds mopolistic behavior.
It was replacing one monopoly with another, in fact the Apple case was worse because
... Apple was never anywhere near a monopoly - and that's obviously the worst kind of monopoly.
Regardless of what you think of Amazon and them being a monopoly, Apple colluded with publishers to raise the price of ebooks. It was anti-competitive at it's core and it's illegal under US law. Not to even mention that it cost the average US buyer $5 per book.
Too bad (for your argument that is) that in reality ebook prices actually fell in all stores but Amazon. Even on Amazon, only those Amazon had sold below price rose in price. Provable fact.http://online.wsj.com/news/articles/SB10001424052702304355104579236261045331876 (paywalled) http://www.salon.com/2014/01/12/amazons_bogus_anti_apple_crusade/
You actually think full disk encryption with a 4 digit PIN actually protects your data?
LOL, you really need to read up on Dummy's Guide to Tech Security.
Well, you can use a longer password on an iPhone - maybe not on whatever you use.
Open source IOS for auditing and release the compile tools so we can build our own firmware and compare it to whats actualy on the phones
Because the recent security SNAFUs in Open Source software shows that that is enough.
Those links are dated, and don't do a thing to refute the plots being discussed.
So you claim is that Dr. Spencer has all of a sudden stopped with his long standing tradition of messing with his graphs? Yeah right.
Ever since then I've operated in the belief that robust technologies trump cool technologies.
So walk, don't fly. Much safer.
http://climatecrocks.com/2011/...
"It’s important to note, Roy Spencer is MOST famous for being wrong – wrong in the the very areas that should be his area of greatest strength and expertise."
http://ourchangingclimate.word...
John Christy, Richard McNider and Roy Spencer trying to overturn mainstream science by rewriting history and re-baselining graphs
http://www.realclimate.org/ind...
"So here’s what Roy did. He took two indices of interannual variability: the Southern Oscillation (SOI) index, which is a proxy for El Nino, and the Pacific Decadal Oscillation Index (PDOI). He formed an ad-hoc weighted sum of these indices,and then multiplied by an ad-hoc scaling factor to turn the resulting time series into a time series of radiative forcing in Watts per square meter. Then he used that time series to drive a simple linear globally averaged mixed layer ocean model incorporating a linearized term representing heat loss to space. And voila, look what comes out of the oven!"
How about we just use nuclear power for most cases because it's more efficient, safer, etc.?
Let's pretend - what about cooling? You are aware that when it gets hotter, most NPPs have to be shut down? Which means that they are obviously not the solution to Global Warming.
You mean 'falsifiable': when a scientist publishes a hypothesis, the standard procedure is to describe what observations might support that hypothesis and which could call it into question.
Climate deniers claim: I can't prove it's false, so it's not falsifiable. Ergo it's not science.
really? that's who you go to for your information?
YOu shoudl read this. Over the last 100 yeas I can cherry pich 10 year tretchs where it is even, or seem to decreas, but the overall trend is an ncrease.
Like this
The way pro-AGW fanatics present arguments often stinks of conspiracy theories. (Those evile brothers, Big Oil, etc.)
As opposed to "all climate scientists as well as all governments all over the world, for several decades". Yeah, one of those sounds like a conspiracy theory, say like MKUltra. The other one gets you laughed at by flat earthers and moon hoaxers for being over the top.
Posting AC because even mild skepticism of AGW will get you burned as a heretic on /. too.
Gee, since you are modded at +4 ATM, you are either an idiot or a liar.