Our right to peaceably assemble is in the process of being eviscerated,
Since when are riots considered peaceable assembly? This thing is designed, like teargas, beanbag guns, rubber bullets, etc. to disperse riots. Now I'm not saying that that's all they'll be used for, certainly there are instances where the line is grey and the police in charge of these devices have inappropriately chosen to use them, but there is a valid reason for them to be developed.
I'm glad that devices like these exist because as much as it's important for people to peaceably assemble, if a mob of people gets rowdy and starts destroying peoples' property en masse, they have abused their right and ought to be dispersed.
Google will fully integrate Google Local search capabilities into Google Moon, which will allow our users to quickly find lunar business addresses, numbers and hours of operation, among other valuable forms of Moon-oriented local information.
When I'm on the web, even when looking at my bank account, I'm not trying to be held up by extraneous questions.
Keep the password.
Keep the button (which seems like a great idea by the way).
Ditch the three questions.
You need a second level of authentication. The password verifies you initially to make sure that you're very very likely you, so that they can show you your secret image (if people that aren't you can see your bank verification picture, then the picture ceases to verify the bank), then they have to verify you again with personal questions to make sure that you weren't phished before you were able to verify that you were on your bank's site.
Still though, I think the personal questions would be better replaced with a second password because it would be both more secure and faster to enter. The problem with that though is that a lot of people would just be lazy and set both their passwords to be the same thing. Even if the system made it so that the passwords had to be different, there would be people that made their first password "my_password" or whatever and then their second password "my_password2".
Nonsense. "We're sorry. Our personal image and passphrase server is offline for routine maintenance. Please continue about your transaction."
The thing about that is it's just one more thing to tip a user off that something's not right. You might catch some people with that, maybe even the vast majority, but suppose it only stops 5% of users from continuing. That's a 5% reduction in phished account passwords, and that's not too bad. Sure this scheme isn't going to solve the whole problem, but any little bit helps.
Also, I don't think saying that the server is offline would be as effective as you think. I mean, with most phishing schemes that's not going to be the only thing that might tip off a potential phish that things aren't right. For instance, most phishing scams go by e-mail. Somebody might be a little suspicious of an e-mail asking for them to verify their bank information (if not because it's an e-mail, then because it's likely to contain spelling mistakes if it's spam from overseas), but decide to go to the site because of the urgency in the e-mail (most threaten that if the e-mail isn't responded to immediately, their account will be shut down). If they're already a little suspicious, this one more suspicious thing might be enough to get them to say "fuck it, I'm not sure about this" and call up the bank to see what's up instead (or more likely than calling, they'll probably just ignore the situation and hope everything works out right).
Why make it so that users have to click on something to see their secret image verifying the bank? It seems like a lot of people wouldn't bother. Shouldn't the page just show the user their image by default so that they can see the site's authenticity whether they want to or not?
You have typed in your password, and the phisher already has it . ..
Not necessarily. The system probably works as such:
You enter your username and password
You verify your bank
You enter the answers to your personal questions
You gain access to your account
If someone tried to phish you they'd get your username and password, yes, but you'd then see that the image your bank sent you was not authentic, so you would then not enter your personal answers. You'd have to go to the bank and change your password, but the phisher still wouldn't be able to get into your account without your personal information.
From TFA:
"Customers can also verify they are indeed at Bank of America's Web site by clicking on a SiteKey button. If they fail to see a secret image and phrase they had chosen earlier, they could be at a fake Web site and the target of a "phishing" scam."
So... once the person has given his account id, password, and answers to 3 personal questions, only then can he verify BofA's site identity?
What kind of idiot came up with that idea?
The idea works with two levels of verification. For instance, you might have to enter a username and password and then be allowed to see your secret image, then after that, you enter another username and password. This way, nobody can see your picture unless they already have your username and password, and if you get phished for those, you know it because the picture isn't right, but they don't have your second username and password required to actually access your account. I suspect that this system will work similar to that, but instead of a second username and password, you enter the answers to your personal questions.
Still though, it seems like a potential flaw would be that you have to click on something to verify you're on the banks site. Why not just show you your picture by default? It seems like a lot of people just wouldn't bother verifying the site and they would get phished the same as they would be now.
If there's a phishing site between you and your bank, you could exchange anything (passwords, answers, pictures, what have you), and the phisher will still succeed.
You're right, but that's not the way most phishing scams play out. Most of them are sent by e-mail. Getting rid of phishing scams like that defeats a large portion of the threats, as well as raising the level of skill required of a person who might want to start a phishing scam (yes yes, it's still not terrifically difficult, but it's not as easy as sending a lot of e-mails).
Where does it say that the Sitekey button will only be available after you answer the questions?
It doesn't but how would the bank know which image to show you if they haven't verified who you are yet? Besides, if someone can somehow see your secret image before being verified, then it's not a very good secret, now is it.
You do realize that when you look at your bank account, the data is encrypted between you and them, right? Apparently, they use this brand new thing called HTTPS. Looks like a winning piece of technology!
Clauses like that are very common, especially in computer or electronics related companies. They're not as bad as they sound. They do keep you from swiftly moving from one job to the next though which can suck.
However, a non-compete clause could never keep you from working indefinitely. Also, they generally only prohibit you from working for a related/competing company, if money's real tight, it's likely you would qualify for another job (probably not as well paying) outside of your industry. You're not going to be up shit's creek if you get laid off either though as almost any job with a clause like this will have generous severance benefits.
I actually do the opposite. In my experience IE is a much quirkier browser than Firefox (or Opera). In general, if a design looks alright in one browser, it will look alright in another, but 90% of the time, if a design looks fine in one browser and not in another, IE is the browser that doesn't render it right.
So... good news for PC fanboys and Mac fanboys alike then, eh? Mac fanboys can claim that things are running well because of Apple's software which is simultaneously technically superior and like, super-cool, why would you waste your time with a crappy company like Microsoft? PC fanboys can claim that it was actually just the inherent superiority of Intel chips and that those mac fools have been using the wrong architecture all these years.
No, but it's easy to find examples in all three of the music communities I mentioned in which an artist is shunned by some simply because their music has gained widespread popularity and not because their music has decreased in quality.
By the way, in case anyone was wondering, my personal favorite recording of Hungarian Rhapsody #2 is the one which Daffy Duck sings over in Daffy Duck's Rhapsody. It's a shame that I can't get it without him singing over it.:-(
By what you indicate in your second paragraph, I suspect you've fallen into the trap of assuming that because classical music is a commodity to you(which is nothing to be ashamed of - I hold no great interest in or knowledge of the genre myself, and so, to me any performance of Lizst's Hungarian Rhapsody #2 would indeed be roughly equivalent to any other), it must be to everyone else as well.
Actually, I have conflicting thoughts. On the one hand I can see someone thinking it doesn't really matter, but on the other hand I suppose I could see how it would. I mean, I myself have experienced it. I don't listen to classical music at all really, but I enjoy Liszt's Hungarian Rhapsody #2 very very much actually, and well, I've heard a few different recordings of it and some of them are very good and some of them just don't sound right to me and don't do anything for me. They're just not all the same.
My post was really just me thinking aloud about whether it was a commodity or not. In the end, I suppose to some people it is and to some it isn't. The thing is, I doubt that most of the people who see classical music as a commodity are the same people who are buying most classical recordings, so what are these labels complaining about? If their recording of a piece is superior to that put out by the BBC, then people who want to hear the piece are going to want their recording, right?
when Sarah Brightman first started gaining popularity many decried how she was "corrupting the form."
Reminds me of punk rock and underground hip-hop. If you make music good enough to appeal to more than just the fans of your genre then fans of your genre don't like you anymore. Although I suppose no classical music snobs would never call you a sellout.
Slashdot Mirror
I'm glad that devices like these exist because as much as it's important for people to peaceably assemble, if a mob of people gets rowdy and starts destroying peoples' property en masse, they have abused their right and ought to be dispersed.
Just give it to me, I need to bring the above joke back to them anyways.
Okay, there were 6 moon landings, so let's see what the Google Moon grand totals are...
"Interesting" places to look at: 6
Boring places to look at: 6,000,000
What do you expect, your cat is an idiot! I bet your cat can't even read!
Still though, I think the personal questions would be better replaced with a second password because it would be both more secure and faster to enter. The problem with that though is that a lot of people would just be lazy and set both their passwords to be the same thing. Even if the system made it so that the passwords had to be different, there would be people that made their first password "my_password" or whatever and then their second password "my_password2".
Also, I don't think saying that the server is offline would be as effective as you think. I mean, with most phishing schemes that's not going to be the only thing that might tip off a potential phish that things aren't right. For instance, most phishing scams go by e-mail. Somebody might be a little suspicious of an e-mail asking for them to verify their bank information (if not because it's an e-mail, then because it's likely to contain spelling mistakes if it's spam from overseas), but decide to go to the site because of the urgency in the e-mail (most threaten that if the e-mail isn't responded to immediately, their account will be shut down). If they're already a little suspicious, this one more suspicious thing might be enough to get them to say "fuck it, I'm not sure about this" and call up the bank to see what's up instead (or more likely than calling, they'll probably just ignore the situation and hope everything works out right).
Why make it so that users have to click on something to see their secret image verifying the bank? It seems like a lot of people wouldn't bother. Shouldn't the page just show the user their image by default so that they can see the site's authenticity whether they want to or not?
- You enter your username and password
- You verify your bank
- You enter the answers to your personal questions
- You gain access to your account
If someone tried to phish you they'd get your username and password, yes, but you'd then see that the image your bank sent you was not authentic, so you would then not enter your personal answers. You'd have to go to the bank and change your password, but the phisher still wouldn't be able to get into your account without your personal information.Still though, it seems like a potential flaw would be that you have to click on something to verify you're on the banks site. Why not just show you your picture by default? It seems like a lot of people just wouldn't bother verifying the site and they would get phished the same as they would be now.
You do realize that when you look at your bank account, the data is encrypted between you and them, right? Apparently, they use this brand new thing called HTTPS. Looks like a winning piece of technology!
Clauses like that are very common, especially in computer or electronics related companies. They're not as bad as they sound. They do keep you from swiftly moving from one job to the next though which can suck.
However, a non-compete clause could never keep you from working indefinitely. Also, they generally only prohibit you from working for a related/competing company, if money's real tight, it's likely you would qualify for another job (probably not as well paying) outside of your industry. You're not going to be up shit's creek if you get laid off either though as almost any job with a clause like this will have generous severance benefits.
Mainframe guys don't reboot their system. Unix guys reboot the system occasionally. Windows guys reboot their machine several times a week.
I actually do the opposite. In my experience IE is a much quirkier browser than Firefox (or Opera). In general, if a design looks alright in one browser, it will look alright in another, but 90% of the time, if a design looks fine in one browser and not in another, IE is the browser that doesn't render it right.
There's no way I'm working that hard to avoid working. I'll goof off the old fashion way, thank you very much.
So... good news for PC fanboys and Mac fanboys alike then, eh? Mac fanboys can claim that things are running well because of Apple's software which is simultaneously technically superior and like, super-cool, why would you waste your time with a crappy company like Microsoft? PC fanboys can claim that it was actually just the inherent superiority of Intel chips and that those mac fools have been using the wrong architecture all these years.
No, but it's easy to find examples in all three of the music communities I mentioned in which an artist is shunned by some simply because their music has gained widespread popularity and not because their music has decreased in quality.
By the way, in case anyone was wondering, my personal favorite recording of Hungarian Rhapsody #2 is the one which Daffy Duck sings over in Daffy Duck's Rhapsody. It's a shame that I can't get it without him singing over it. :-(
My post was really just me thinking aloud about whether it was a commodity or not. In the end, I suppose to some people it is and to some it isn't. The thing is, I doubt that most of the people who see classical music as a commodity are the same people who are buying most classical recordings, so what are these labels complaining about? If their recording of a piece is superior to that put out by the BBC, then people who want to hear the piece are going to want their recording, right?