A couple of years ago Tesco (the largest UK supermarket chain) taped over the top of the chip & pin terminals in their stores & other outlets.
They insisted that, instead, you give the till attendant the card that they plug into the side of the till and enter your PIN into the chip & pin terminal
that is connected to the till by a thin black wire.
The first time that I came across (all night petrol store) this I refused on the grounds that my bank had told me to not use terminals that had been tampered with.
The till attendant could not offer an explanation other that this was how they now did it. I asked him to explain how this was still secure to be met with a blank stare.
I paid in cash and left.
They still do this in their stores. It is quite simple: I no longer shop in Tesco since I do not believe that my pin would be guaranteed secure if I did.
What sort of problems could there be:
PIN sent down the wire in plain.
PIN sent to the card encrypted, open to a classic Man In The Middle attack.
The wire from chip & pin terminal goes via the till - this is dangerous, see below.
Once my PIN is out... it must be because I told it to someone -- that is what the banks will say -- so I am liable for bills against the card.
OK: to be really useful they would need to steal my card, that probably isn't too difficult - thousands of people are mugged/burgled every day.
I don't trust tills -- I have worked with them, they are general purpose PCs (probably running MS Windows) and can be remotely programmed over a network -- I used to work in an environment where program updates were sent out to tills -- so why not hack one to sniff card data.
A techie with money problems could skim the PIN numbers and no one would likely notice, correlate with the addresses in the loyalty card database and tell his burgular friends which houses to visit.
Or maybe a ''maintainance'' man arrives, supposedly from head office, and fiddles with the till for a bit... the average low paid all night joe would just allow this to happen.
''maintanance'' man returns a day later and unloads the data extracted -- no one at head office is any the wiser.
It gives me the shivers.
Just don't shop at Tesco - if enough people don't - they will get the message.
Surely calling scientology a religion is an oxymoron ?
They have lots of followers but that is only because they have been brainwashed.
Scientology is a way of making money for the high ups.
Another source of information about the crap that the scientologists peddle is
the fishman affidavit.
If there was any sense in what they were on about they would argue it out in the open, rather than using underhand legalities to silence
those who show them to be the charlatans that they are.
The USA already has this sort of capability... so why is China having this procative ?
Or is it OK for the USA to have it but no one else ? I suppose it depends on who you consider the bad guys. I note that China has invaded fewer countries in the last 50 years than the USA has... so what is the answer to the question ?
I am very much in favour of net neutrality but I can see some situations where it might make sense to break it. What do you think about this sort of scenario:
Films ('movies' for you guys in the USA) over an Internet connection. This is high volume, it does make sense to get it from close by rather than a server on the other side of the world. If an ISP were to offer this service to it's customers served up from it's servers, those customers would get better download speeds than if they viewed films that had to come over the ISPs links to the rest of the world.
Everyone gains: film viewer (better download speed); ISP (don't have to pay for faster links to carry films from around the world); ISP's non film viewing customers (ISPs links not clogged/slowed with film downloads).
Downside: film viewer only gets great download speed if he uses his IPS's service. I suppose that he could choose an other ISP that had fatter Internet links - but probably pay more for this other ISP.
It is interesting to take his numbers and do a bit of arithmetic. The highest power user is the kettle, but is only on for (say) 10 minutes a day, whereas the DVD and microwave are on all day (1440 minutes) [I assume that you never cook anything for watch a film]:
Shame that he didn't say what environment he was using to test. OK: I know that they are based on flash, but it would have been nice to know what browsers/... it ran under.
this gets applied generally... to work out who is going to comit some crime, why not round them up before they do it and save us all a lot of bother.
So: what if you know that you have all the contra indicators: black male youth, poor background, divorced parents,...
Why bother to do anything: you can't get credit (you are going to be a criminal - right ?), you can't get to be an apprentice or into a good college (you are going to be a criminal - right ?),...
there would be essentially nobody from Muslim countries allowed to set foot here
What a damn stupid comment. You have got it into your head that Muslim == terrorist; utterly wrong. On that basis we might assume US Citizen == terrorist since the US government has been behind more terrorist and illegal international actions than any other over the last 50 years.
That is not that unlikely. It makes me wonder, if I were to launch some ICBMs at the USA, would just before midnight new year be a good time ?
Might they be unable to fire some interceptors/retaliation due to a similar problem ? Related teams/management often produce systems with related issues.
It strikes me that there is a simple obviousness test here: If shortly after a new tax law comes out several people start using the same/similar tax dodge then this is good evidence that the dodge is obvious to a reasonable tax accountant.
If, however, a tax dodge only comes into use several years after the tax law, then I would agree that the dodge was not obvious.
Having said that I still don't think that there should be patents on things like this, but that is another matter.
If you are in London tomorrow evening can I encourage you to turn up at this meeting that I am chairing:
MEETING TO DISCUSS UKUUG INVOLVEMENT IN LOBBYING
All are invited to an informal meeting on
THURSDAY 19 OCTOBER 2006
18:30 - 20:30
Tudor Room, The Imperial Hotel, Russell Square, London WC1B 5BB
The purposes of the meeting are
To continue the discussion following the AGM prompted by Leslie
Fletcher's presentation, to allow members more time to give their views
and ask questions on what has been done so far and what is planned.
An extended version of the presentation is available at
http://www.ukuug.org/events/agm2006/leslie.pdf
To confirm, or not, the impression that members want UKUUG to be
involved in lobbying and advocacy and are happy to see their membership
dues spent in support of it. Council is looking to decide within the
next month whether this is an appropriate activity for UKUUG to continue
with so members views are crucial
To discuss a possible role for UKUUG in coordinating the
response of the UK FLOSS community to UK and EU funding, promotional and
marketing opportunities. There is concern that this is being
compromised by dissension and disorganisation within the community.
Speakers will be Leslie Fletcher and Eddie Bleasdale.
Tell me, would YOU want to have a job where a mistake could cost you everything you own and 90% of what you earn for the next 20 years?
Try getting married to the wrong woman - who then decides that she doesn't like you any more, boots you out of the house on false allegations of violence, stops you seeing your kids, drains you dry of money for years.
It is surely much more energy efficient to surround the brain with a layer of fat/blubber and so retain the heat that the brain generates rather than have special cells to generate extra heat -- which is then lost.
Nature (evolution) tends to take the most efficient solution -- natural selection will favour the animals that don't need to expend so much energy to achieve the same result.
Spam is a war between the spammers and the system administrators/spam filters.
The spam filters adopt a new technique; then spammers then work round it; the spam filters advance;...
By the time that I have downloaded the video the war will have moved on a couple of iterations...
This is an interesting read, a historical perspective of a police state during the reign of Elisabeth I (in 16th century). It is often only with many years of hindsight that you can really understand what was going on. This has happened before, let history be your guide.
Relocate to Europe where we don't have this patent lunacy[**]. These patent trolls would then be limited to trying to steal the USA turnover of Red Hat; Red Hat could perhaps take the option of abandoning the USA market. If Red Hat were to leave the USA it would send a strong message to congress how patents damage the USA economy... they might even decide that doing right by their country is preferable to accepting the slush funds from the patent lobbyists.
They have some nice offices here, no language problems for existing staff if they move to Guildford (UK).
[**] - OK -- I know that some are trying to introduce it, but the EU seems to not be that stupid (fingers crossed)
so people send me text messages at a cost of $0.10 each
What ? You pay to received text messages !!!
I had heard that the phone companies in the USA were bad, but did not realise that they were that bad. Europe seems better - but stay away from vodafone who's customer service is crap.
We complain that MS keeps it's formats/protocols secret [ think:.doc format & smb formats ].
We complain because MS uses the secrets to maintain a monopoly position, keeping prices high, restricting user choice, etc.
We accept that proprietary formats/protocols are bad, so why can't you see that the Apple keeping the iTunes protocols secret is much the same thing ? If the protocols were open then the efects of competition would be good for the consumer: lower prices, innovitive delivery. The only loser would be Apple - which is why it is trying to keep it secret.
France is championing the consumer and encouraging competition. This is something that the EU is much better at that the USA [ think: patents ].
Slashdot Mirror
This would seem to be an excellent demonstration project for them -- if they dared!
Doesn't it remind you of the drawings that you used to do with an etch-a-sketch ?
If that is the case then transmission of that BIOS back to Skype HQ must be a breach of Phoenix/... copyright.
Look what they try to do if you or I copy someone's code ...
The first time that I came across (all night petrol store) this I refused on the grounds that my bank had told me to not use terminals that had been tampered with. The till attendant could not offer an explanation other that this was how they now did it. I asked him to explain how this was still secure to be met with a blank stare. I paid in cash and left.
They still do this in their stores. It is quite simple: I no longer shop in Tesco since I do not believe that my pin would be guaranteed secure if I did.
What sort of problems could there be:
The wire from chip & pin terminal goes via the till - this is dangerous, see below.
Once my PIN is out ... it must be because I told it to someone -- that is what the banks will say -- so I am liable for bills against the card.
OK: to be really useful they would need to steal my card, that probably isn't too difficult - thousands of people are mugged/burgled every day.
I don't trust tills -- I have worked with them, they are general purpose PCs (probably running MS Windows) and can be remotely programmed over a network -- I used to work in an environment where program updates were sent out to tills -- so why not hack one to sniff card data. A techie with money problems could skim the PIN numbers and no one would likely notice, correlate with the addresses in the loyalty card database and tell his burgular friends which houses to visit.
Or maybe a ''maintainance'' man arrives, supposedly from head office, and fiddles with the till for a bit ... the average low paid all night joe would just allow this to happen.
''maintanance'' man returns a day later and unloads the data extracted -- no one at head office is any the wiser.
It gives me the shivers.
Just don't shop at Tesco - if enough people don't - they will get the message.
They have lots of followers but that is only because they have been brainwashed. Scientology is a way of making money for the high ups. Another source of information about the crap that the scientologists peddle is the fishman affidavit .
If there was any sense in what they were on about they would argue it out in the open, rather than using underhand legalities to silence those who show them to be the charlatans that they are.
Or is it OK for the USA to have it but no one else ? I suppose it depends on who you consider the bad guys. I note that China has invaded fewer countries in the last 50 years than the USA has ... so what is the answer to the question ?
Films ('movies' for you guys in the USA) over an Internet connection. This is high volume, it does make sense to get it from close by rather than a server on the other side of the world. If an ISP were to offer this service to it's customers served up from it's servers, those customers would get better download speeds than if they viewed films that had to come over the ISPs links to the rest of the world.
Everyone gains: film viewer (better download speed); ISP (don't have to pay for faster links to carry films from around the world); ISP's non film viewing customers (ISPs links not clogged/slowed with film downloads).
Downside: film viewer only gets great download speed if he uses his IPS's service. I suppose that he could choose an other ISP that had fatter Internet links - but probably pay more for this other ISP.
Discuss.
So what you think is the big user (kettle) is about the same as the microwave.
Shame that he didn't say what environment he was using to test. OK: I know that they are based on flash, but it would have been nice to know what browsers/... it ran under.
So: what if you know that you have all the contra indicators: black male youth, poor background, divorced parents, ...
Why bother to do anything: you can't get credit (you are going to be a criminal - right ?), you can't get to be an apprentice or into a good college (you are going to be a criminal - right ?), ...
I can see this happening. Be scared, real scared!
What a damn stupid comment. You have got it into your head that Muslim == terrorist; utterly wrong. On that basis we might assume US Citizen == terrorist since the US government has been behind more terrorist and illegal international actions than any other over the last 50 years.
I never said that it did, however they are likely to use some of the same aerospace suppliers as the US DOD.
That is not that unlikely. It makes me wonder, if I were to launch some ICBMs at the USA, would just before midnight new year be a good time ? Might they be unable to fire some interceptors/retaliation due to a similar problem ? Related teams/management often produce systems with related issues.
Frightening, eh ?
If, however, a tax dodge only comes into use several years after the tax law, then I would agree that the dodge was not obvious.
Having said that I still don't think that there should be patents on things like this, but that is another matter.
MEETING TO DISCUSS UKUUG INVOLVEMENT IN LOBBYING
All are invited to an informal meeting on
THURSDAY 19 OCTOBER 2006
18:30 - 20:30
Tudor Room, The Imperial Hotel, Russell Square, London WC1B 5BB
The purposes of the meeting are
Speakers will be Leslie Fletcher and Eddie Bleasdale.
That hurts.
Nature (evolution) tends to take the most efficient solution -- natural selection will favour the animals that don't need to expend so much energy to achieve the same result.
This morning I thew my keyboard away and have gone back to punched card input.
By the time that I have downloaded the video the war will have moved on a couple of iterations ...
See here
This is an interesting read, a historical perspective of a police state during the reign of Elisabeth I (in 16th century). It is often only with many years of hindsight that you can really understand what was going on. This has happened before, let history be your guide.
They have some nice offices here, no language problems for existing staff if they move to Guildford (UK).
[**] - OK -- I know that some are trying to introduce it, but the EU seems to not be that stupid (fingers crossed)
What ? You pay to received text messages !!!
I had heard that the phone companies in the USA were bad, but did not realise that they were that bad. Europe seems better - but stay away from vodafone who's customer service is crap.
We accept that proprietary formats/protocols are bad, so why can't you see that the Apple keeping the iTunes protocols secret is much the same thing ? If the protocols were open then the efects of competition would be good for the consumer: lower prices, innovitive delivery. The only loser would be Apple - which is why it is trying to keep it secret.
France is championing the consumer and encouraging competition. This is something that the EU is much better at that the USA [ think: patents ].