Don't get me wrong, I think the best non-RIAA albums are better than the best RIAA albums, but unless you're finding out about these albums through word of mouth or by going to live events, you're going to be wasting your time in the abyss of mp3.com crap.
Re:Are you a weak-willed pirate spokesperon?
on
Kazaa-lite Shut Down
·
· Score: 1
A> buy the album, listen to the music.
B> don't buy the album, don't listen to the music.
Anything other than those two options is screwing someone over.
Who is "screwed over" by my downloading an album off kazaa and listening to the music? And how are those same people not "screwed over" by option B?
There are still some artists who produce albums as an artistic whole, not just a bunch of singles, but as a complete artistic statement. The fear is that if the per song market becomes dominent, that the art of albums will consequently suffer.
But that uses the same assumption as the RIAA, when they try to extend copyright longer and longer and make it stronger and stronger. The assumption is that the only factor musicians care about is making money. That's simply not the case. Sure, there are some musicians who only care about money, but there are many others who also care about other things. The end of the album could actually be a good thing for those musicians, as they wouldn't have to fill up a whole album in order to release their works. There are artists out there who produce albums as an artistic whole, but there are also good artists out there who don't do this. Producing albums as a whole isn't intrinsically better, it's just a different style.
They need to start using cards with their own crypto yes, but they also need to put a LCD on the card so you can see the amount you are transferring
Or they could just put all transactions in a "pending" state for 90 days or so to make sure the owner of the ATM isn't hijacking sessions, like they already do.
Trust me, they're not going to make ATM cards that complicated. If anything they're going to make it simpler.
I would prefer to use an electronic key that when interfaced with an ATM will happily raise any given number to my secret exponent modulo my public key.
Umm, you better make that any given number signed by a bank who presents a certificate signed by your bank (or mastercard or visa or whatever).
Otherwise, you're vulnerable to a man-in-the-middle attack.
You can count on someone figuring out how to explit any given system sooner or later. How will you restore your security then? Can you get new fingerprints, or new eyeballs?
You stop using that method of authentication, of course. Which is easier, reconstructing a human with exactly the same retina, fingerprints, and voice print, or printing counterfeit money?
"Randy stocked the machine with cash. And his bank account would be automatically reimbursed every time someone made a withdrawal."
And I'm sure they just let him empty that account whenever he wanted, without waiting 60 days to make sure no one reported any irregularities.
So the money would be stolen electronically, not physically.
Temporarily, perhaps. As soon as the money was reported stolen it would be returned. Electronnically.
The scam here, and the way the people got away with it, is that they were using the information to make fake cards, and then using those fake cards and stolen pin numbers to steal cash from other ATMs. This way if they were caught they could fly to another country with the cash and we couldn't do anything about it.
I don't know. It probably only applies to a debit card. I still stand by my assertions. If you are not negligent in any way (your card is not stolen, no one finds out your pin, etc) then you are not responsible. The title to the cash never was legally transferred to you in the first place, so the cash was stolen from the bank, not from you.
To the extent that it's 'stolen property', it was stolen by the salesman from the store, not from the store by the purchaser.
Doesn't matter. Possession of stolen property is still illegal, regardless of whether or not you're the one who stole it. The salesman had no right to offer the deal.
In the case of ATM fraud like this, it is very unlikely the people would report the theft before the cards were used since they had no idea the info was stolen.
They have until 60 days after receiving their statement to be protected 100%.
However, for unauthorized transfers involving only your debit card number (not the loss of the card), you are liable only for transfers that occur after 60 days following the mailing of your bank statement containing the unauthorized use and before you report the loss.
Even if your card is stolen, you're only responsible for $50 of loss if you report it within 2 days of noticing. But because this is not a case of a stolen card, you're not responsible for anything.
My understanding is that unless you take legal action, you don't get your money back in a case like this.
Nope. That's incorrect. You never authorized the withdrawal. The money is being stolen from the bank, not from you.
Re:I try to avoid them altogether.
on
Fake ATM Fraud Expose
·
· Score: 2, Informative
You could disconnect the camera and plug it into your recording
You might as well just break into the ATM itself at that point.
or (possibly, I'm not sure) put a printed copy in front of the camera.
I'm not sure it's *that* easy, but the current technology does make fake retinas possible. Eventually (and maybe even now with the most expensive technology), this won't be possible, though (short of building a clone, anyway).
A much cheaper solution that's available today is to have some processing power built into the card itself. When I worked for Hewlett Packard we had to use these to log into the private network from home. A new password is generated every 60 seconds, so an attack like that described in this article would be useless. Of course this particular device isn't the best solution for an ATM, but something based on the same underlying technology would be. Or perhaps better yet, a public key system.
But as things stand now credit cards are a better way to go if you're worried about recovering losses from fraud.
That's just not true. Either way you are not responsible for losses from fraud unless you are negligent (or in cahoots with the fraudster). The people who had their pins stolen this way didn't lose a penny out of their own pockets. It's the banks that are taking the hit.
Furthurmore, should I feel the need for cash, my local grocery store allows me to get cash back from a credit card purchase.
Unless you have a discover card (which is evil, BTW), then your grocery store is breaking its merchant agreement. Cash back is only supposed to be accepted for a visa or mastercard purchase if the purchase is treated as a cash advance.
He saw an ad for really cheap DVDs at some discount web site. So he ordered a bunch of copies and then sold them on eBay. Only problem is he didn't wait until the DVDs actually arrived before he sold them, and it turned out they were out of stock, and the order was cancelled. So he had to buy the DVDs at a higher price somewhere else in order to fulfill his eBay sales. Oops.
why should be forced to give you the car back when the store come to collect the rest of its money?
It all depends. If the car is new, then the title wouldn't have been received right away. If the car is used, then the price is listed on the back of the title. If there was fraud involved, then the car is stolen property, and never belonged to the final recipient in the first place. Hopefully the $5000 can still be recovered, because otherwise you paid $5000 for nothing. This is why people sell title insurance on large cost items like cars and (more commonly) houses.
In the case of the stock, the analogous situation to the title is the settlement. Once the settlement date arrives, the stock is actually transferred. Before then you only have an agreement to transfer stock, and if you sell without waiting 3 days for settlement, you are actually making a short sale.
KANE: Declaration of Principles. Don't smile, Jedediah. Got it all written out. Declaration of Principles. BERNSTEIN: You don't wanna make any promises, Mr. Kane, you don't wanna keep. KANE: These will be kept. I'll provide the people of this city with a daily paper that will tell all the news honestly. I will also provide them... LELAND: That's the second sentence you've started with "I." KANE: People are gonna know who's responsible. And they're gonna get the truth in the Inquirer quickly and simply and entertainingly and no special interests are gonna be allowed to interfere with the truth. I will also provide them with a fighting and tireless champion of their rights as citizens and as human beings. Signed, Charles Foster Kane.
The example can apply to just about any coroporate situation. Extrapolate.
OK, so a corporation can set up policies to ensure that it behaves ethically. I thought that was bleedingly obvious.
Agreed on formulas...though giving up and always winging it isn't very smart either. (IMNSHO)
I don't see any choice other than winging it. What policies you need depend too much on the specifics. I guess there are some small things which any software company can have as policy. Follow the law. No shrinkwrap licenses. Don't gather private data without permission. Don't spam. But the vast majority depends on the specifics of the corporation.
Of course, I think that's all pretty much common sense. If you hire ethical management, you're not going to see those things. I was also assuming that the poster himself would have a high enough position that he would be able to get rid of those unethical managers who slip through. Without ethics at the top, unless you're a non-profit, there's no one to stop you from breaking your own rules.
Didn't I give an example that would contradict this statement?:)
Not at all. You gave an example of a company which eliminated office politics. That has nothing to do with ethical behavior, and certainly not ethical behavior of the company as a whole, when dealing with its customers. Frankly I wasn't sure what your point was with your example, which is why I largely ignored it in my reply.
That's what he's trying to establish, though it can be fragile because we are dealing with people who make choices not ideals.
Yes, but the establishment of that can't be done in a formula. Situations are dynamic, and the poster didn't even give us any indication of what kind of software his company was producing. If we could make a formula which balanced ethical behavior against profit sustainability, then we'd have computers as managers, not people. The best advice I can give, is hire ethical management.
I'll have to check, but I swear that I gave an example -- somewhere -- that covered all this. Hmmmm...I wonder where I put it?:)
When you find it let me know, cause it went right over my head.
Slashdot Mirror
Yeah but the vast majority of them suck.
Don't get me wrong, I think the best non-RIAA albums are better than the best RIAA albums, but unless you're finding out about these albums through word of mouth or by going to live events, you're going to be wasting your time in the abyss of mp3.com crap.
A> buy the album, listen to the music.
B> don't buy the album, don't listen to the music.
Anything other than those two options is screwing someone over.
Who is "screwed over" by my downloading an album off kazaa and listening to the music? And how are those same people not "screwed over" by option B?
There are still some artists who produce albums as an artistic whole, not just a bunch of singles, but as a complete artistic statement. The fear is that if the per song market becomes dominent, that the art of albums will consequently suffer.
But that uses the same assumption as the RIAA, when they try to extend copyright longer and longer and make it stronger and stronger. The assumption is that the only factor musicians care about is making money. That's simply not the case. Sure, there are some musicians who only care about money, but there are many others who also care about other things. The end of the album could actually be a good thing for those musicians, as they wouldn't have to fill up a whole album in order to release their works. There are artists out there who produce albums as an artistic whole, but there are also good artists out there who don't do this. Producing albums as a whole isn't intrinsically better, it's just a different style.
They need to start using cards with their own crypto yes, but they also need to put a LCD on the card so you can see the amount you are transferring
Or they could just put all transactions in a "pending" state for 90 days or so to make sure the owner of the ATM isn't hijacking sessions, like they already do.
Trust me, they're not going to make ATM cards that complicated. If anything they're going to make it simpler.
I would prefer to use an electronic key that when interfaced with an ATM will happily raise any given number to my secret exponent modulo my public key.
Umm, you better make that any given number signed by a bank who presents a certificate signed by your bank (or mastercard or visa or whatever).
Otherwise, you're vulnerable to a man-in-the-middle attack.
feed that in after the sensor.
Better yet, just break into the ATM and steal the money.
You can count on someone figuring out how to explit any given system sooner or later. How will you restore your security then? Can you get new fingerprints, or new eyeballs?
You stop using that method of authentication, of course. Which is easier, reconstructing a human with exactly the same retina, fingerprints, and voice print, or printing counterfeit money?
That's a great plan, if all you want to do is steal money from your own ATM, which you stocked with cash yourself.
"Randy stocked the machine with cash. And his bank account would be automatically reimbursed every time someone made a withdrawal."
And I'm sure they just let him empty that account whenever he wanted, without waiting 60 days to make sure no one reported any irregularities.
So the money would be stolen electronically, not physically.
Temporarily, perhaps. As soon as the money was reported stolen it would be returned. Electronnically.
The scam here, and the way the people got away with it, is that they were using the information to make fake cards, and then using those fake cards and stolen pin numbers to steal cash from other ATMs. This way if they were caught they could fly to another country with the cash and we couldn't do anything about it.
I don't know. It probably only applies to a debit card. I still stand by my assertions. If you are not negligent in any way (your card is not stolen, no one finds out your pin, etc) then you are not responsible. The title to the cash never was legally transferred to you in the first place, so the cash was stolen from the bank, not from you.
Her bank is in the wrong. She should sue them.
To the extent that it's 'stolen property', it was stolen by the salesman from the store, not from the store by the purchaser.
Doesn't matter. Possession of stolen property is still illegal, regardless of whether or not you're the one who stole it. The salesman had no right to offer the deal.
Legally, I doubt it. But the bank might try to force you to pay it, and it's pretty hard to fight a bank.
In the case of ATM fraud like this, it is very unlikely the people would report the theft before the cards were used since they had no idea the info was stolen.
They have until 60 days after receiving their statement to be protected 100%.
Even if your card is stolen, you're only responsible for $50 of loss if you report it within 2 days of noticing. But because this is not a case of a stolen card, you're not responsible for anything.
My understanding is that unless you take legal action, you don't get your money back in a case like this.
Nope. That's incorrect. You never authorized the withdrawal. The money is being stolen from the bank, not from you.
You could disconnect the camera and plug it into your recording
You might as well just break into the ATM itself at that point.
or (possibly, I'm not sure) put a printed copy in front of the camera.
I'm not sure it's *that* easy, but the current technology does make fake retinas possible. Eventually (and maybe even now with the most expensive technology), this won't be possible, though (short of building a clone, anyway).
A much cheaper solution that's available today is to have some processing power built into the card itself. When I worked for Hewlett Packard we had to use these to log into the private network from home. A new password is generated every 60 seconds, so an attack like that described in this article would be useless. Of course this particular device isn't the best solution for an ATM, but something based on the same underlying technology would be. Or perhaps better yet, a public key system.
But as things stand now credit cards are a better way to go if you're worried about recovering losses from fraud.
That's just not true. Either way you are not responsible for losses from fraud unless you are negligent (or in cahoots with the fraudster). The people who had their pins stolen this way didn't lose a penny out of their own pockets. It's the banks that are taking the hit.
Furthurmore, should I feel the need for cash, my local grocery store allows me to get cash back from a credit card purchase.
Unless you have a discover card (which is evil, BTW), then your grocery store is breaking its merchant agreement. Cash back is only supposed to be accepted for a visa or mastercard purchase if the purchase is treated as a cash advance.
He saw an ad for really cheap DVDs at some discount web site. So he ordered a bunch of copies and then sold them on eBay. Only problem is he didn't wait until the DVDs actually arrived before he sold them, and it turned out they were out of stock, and the order was cancelled. So he had to buy the DVDs at a higher price somewhere else in order to fulfill his eBay sales. Oops.
why should be forced to give you the car back when the store come to collect the rest of its money?
It all depends. If the car is new, then the title wouldn't have been received right away. If the car is used, then the price is listed on the back of the title. If there was fraud involved, then the car is stolen property, and never belonged to the final recipient in the first place. Hopefully the $5000 can still be recovered, because otherwise you paid $5000 for nothing. This is why people sell title insurance on large cost items like cars and (more commonly) houses.
In the case of the stock, the analogous situation to the title is the settlement. Once the settlement date arrives, the stock is actually transferred. Before then you only have an agreement to transfer stock, and if you sell without waiting 3 days for settlement, you are actually making a short sale.
He did scam the store. The second camera is stolen property.
KANE: Declaration of Principles. Don't smile, Jedediah. Got it all written out. Declaration of Principles.
BERNSTEIN: You don't wanna make any promises, Mr. Kane, you don't wanna keep.
KANE: These will be kept. I'll provide the people of this city with a daily paper that will tell all the news honestly. I will also provide them...
LELAND: That's the second sentence you've started with "I."
KANE: People are gonna know who's responsible. And they're gonna get the truth in the Inquirer quickly and simply and entertainingly and no special interests are gonna be allowed to interfere with the truth. I will also provide them with a fighting and tireless champion of their rights as citizens and as human beings. Signed, Charles Foster Kane.
The example can apply to just about any coroporate situation. Extrapolate.
OK, so a corporation can set up policies to ensure that it behaves ethically. I thought that was bleedingly obvious.
Agreed on formulas...though giving up and always winging it isn't very smart either. (IMNSHO)
I don't see any choice other than winging it. What policies you need depend too much on the specifics. I guess there are some small things which any software company can have as policy. Follow the law. No shrinkwrap licenses. Don't gather private data without permission. Don't spam. But the vast majority depends on the specifics of the corporation.
Of course, I think that's all pretty much common sense. If you hire ethical management, you're not going to see those things. I was also assuming that the poster himself would have a high enough position that he would be able to get rid of those unethical managers who slip through. Without ethics at the top, unless you're a non-profit, there's no one to stop you from breaking your own rules.
Didn't I give an example that would contradict this statement? :)
Not at all. You gave an example of a company which eliminated office politics. That has nothing to do with ethical behavior, and certainly not ethical behavior of the company as a whole, when dealing with its customers. Frankly I wasn't sure what your point was with your example, which is why I largely ignored it in my reply.
That's what he's trying to establish, though it can be fragile because we are dealing with people who make choices not ideals.
Yes, but the establishment of that can't be done in a formula. Situations are dynamic, and the poster didn't even give us any indication of what kind of software his company was producing. If we could make a formula which balanced ethical behavior against profit sustainability, then we'd have computers as managers, not people. The best advice I can give, is hire ethical management.
I'll have to check, but I swear that I gave an example -- somewhere -- that covered all this. Hmmmm...I wonder where I put it? :)
When you find it let me know, cause it went right over my head.