What I was trying to say is that the Dummy accounts were created by the fraudsters as a way of getting physical cards, they were the programmed with real account details, which at the time could be got from a discarded recipt. Sure, some dummy accounts had real money in them, for testing, but not these ones. I think the idea behind this is that no one would notice the cards from the new dummy accounts missing, thus giving more time to commit the fraud, and it avoided having to pickpocket etc. The limit of three PIN combinations would then let you guess the PIN on the card from the dummy account, which is reprogrammed with real account details with real money.
All I was doing in my post is settting out what I believe the article to be describing, in a may which makes it sound plausable, and thus possible. I make no calim that this is actually what happened.
The article suggests that banks setup "dummy accounts", and allowed "dummy cards" to withdraw real money from those accounts. Does this sound likely to be true?
Well yes I would say, some people built a system and it needed to be tested. But there was a certain sequence of event which caused this to become significant:
1. I looks like the people who could create the dummy accounts were also involved in the construction/maintenence of the system, and could get a the physical cards which were produced. In itself this si not an issue, they could get no cheque books, perform mandates and this was before the debit card so it needed a PIN to use it
2. These people could not get the PINs, this is to stop them creating a dummy account and having a few massive weekends
3. But if they could get the cards, and knew it had one of three PINs due to their system fiddling, they can withdraw cash, but if you do it from the dummy account you are bound to get caught, I guessing there was some kind of auditing here, or at least people thought there was
4. You could program different account details onto the card, then easily obtainable from a discarded recipt, but the PIN for that physical card would stay the same, so you knew it, it is now one of three remember, you can take cash from a real account and it won't get noticed until the next statment, this is probably about 10 days later minimum, 35+ if you get lucky
5. Profit, really this is how it worked, you didn't need to get physical cards, people wern't alerted till long after the theft and there was not a paper (or audit) trail which actually connected all elements of the crime together.
First, only 3 PINs being generated by the card issuing system. I can see this is possible if you hack the application code itself but the HSMs (hardware security modules) that actually do the cryptographic operations wouldn't do this using Visa, IBM or Diebold PIN offset generation calls. It's possible, but it would be an insider job in one bank NOT the whole banking system.
This is what the article indicates, it was the people working with the PIN production system rigged it to do this
Second, the description of the scam is that one PIN offset on track 2 can be used with multiple account numbers. Again, all the standard PIN methods explicitly prevent this - the account number (PAN) is part of the input data to the PIN verification call.
The account number did not feature in this case, thus simply changing the account number on the card was sufficent, the original PIN would still work
Third, the description has the crook shoulder surfing for PINs. Why does he need to do this if any known PIN can be used with any account?
This is what the guy used to do originally, then he discovered the account number rewriting trick
The article is not that well writen, it took me 2 1/2 reads of the article to actually establish all of the above. what I want to know is, who is "rogue Bank" and are they the same one I bank with
The time consuming part of a credit card
transaction is where the cashier checks your signature against the one
on the back of the card
In the UK, and I believe the a lot of the rest of europe now, PIN numbers are used as opposed to signatures. So with this method you still have to enter your pin into the keypad to complete a transaction, but don't have to get the card out. The main benefit here I guess is that you can't the leave your card/wallet on the counter etc. Of course cloning of the card is I guess just as easy, or easier as the cashier doesn't look at the card so visually it doesn't have to be a good fake, and reading the RFID details may be easier.
Had a T610 and now have a Z1010 (personal) and K700i (work) and they both work great over bluetooth to iSync, and can be used as a clicker, iTunes control device etc. I have not connected to the Internet with these but I have not tried and see no reason why its not possible
Channel 4 do many programmes that are at least as good as the BBC if not better.
Bear in mind though that Channel 4 is a goverment organisation of sorts. It is owned 100% by the UK government but operates independently. This is important as it can take more risks as the agreement it has protects its revenue to a point becuase if it falls below a certain level then the taxpayer will step in a make up the difference. This has though never occured in the 20 on year history of the channel.
It also means that it has a remit as well, different to that of the BBC and thus it would not be possible for it to go off and produce 24 hours a day of rubbish, like commercial channels can
In the UK one of the operators, GNER, who serve the East Cost have been rolling this out over the past year, there is a link from the GNER Wi-Fi page Which explains who it works for them. A combination of satalite and mobile phone for when in tunnels
Well, there is always the posibility that one processor could concentrate on dynamic binary translation, which can improve performance Transitive anyway, and another run the translated code.
Cursing is forbiden, the people who do this are just guys doing a job no one wants to do probably because they need the cash, and besides there is never a need to be rude to someone on the grounds they are putting themselves throught University, been made redundant or are generally just less fortunate than people who don't have to do this for a living.
The people we have a problem with in these situations are the people at the top who are running/ have instigated this activity, find out who they are (what product or service they are selling) and then just don't bother to buy/use it or speak to a manager or anyone who actually has to take responsibilty for this i.e. it was their idea/decision.
I think what you say is entirly accurate except that one msjor point is lacking. The fact is that degrees where I come (English original university(not a old poly)) from principly teach you three things:
How to learn
Hoe to reason
Some sort of subject matter
Now if your subject matter is CS then mathematical reasoning is probably fairly important. I work in a job where I work to develope applications of people to use out of a set or requierments. This is not a bad thing and I agree not a CS job. However, I do need to use my ability to learn and my reasoning and this often means that I need to use my mathematical skills to work stuff out to get the job done
As an aside if I were to say that CS courses miss anything out then it is language skills as I have found this are very valued and something which I maybe need more that my tech skills. But the I do work for a consultacy and so "Client communications skills" are key but we really need our tech backgound in addition to these.
The BBC World Service stopped transmitting to North America a couple of years ago, arguing, in part, that their Internet streams served the NA market well enough.
To be fair that is probably a resonable move to make especially as the significant intended audience of the BBC World Service in all probability does not live in North America as Canada and the USA have had free press for a while.
... of this, which the submitter seems accepting of, is the company which relies on its employes have thier own personal mobile phone, PDA, laptop and using it wor the benifit of their employer, i.e. to do their job. Which really is just as bad but in the opposite direction.
The second issue here is that it would seem the firm in question has deemed it's employes untrustworthy which is a major issue in its self. I can use my mobile and work phone for personal calls and it is not a problem. The thing is myself and all of my colleages only use them in this matter when it makes sense. Importantly not just essential, but its okay to make a call to your partner to organise meeting up after work just not to call your Aunt half way round the world for a chat!
The saddest thing is that we will need that much power just to run Windows2009 and Doom5
But will it have the much anticpated auto-slashdot-homepage-reload function. Not to mention the auto pro M$ auto first comment feature penciled in for WindowsNever.
All of the programmes currently avaliable are in streaming realmedia, catered to the 56k audiance. I could see this initiative falling flat on it's face unless a burnable, portable and high quality format is used.
I totally fail to see how burnable is important as it is against the will with which this initiative is going ahead. Also you should pay your TV license fee in good faith, i.e. if you want to keep watching someting go and buy it after all most stuff which is worth multiple viewings is available on VHS or DVD. And if you happen not to be a license fee payer how dare you suggest stealing from our nationally heald assests, if the UK took the White House I doubt if non would be too impressed!!
I would definatly recommend a Swiss Army Cyber Tool. It has been the most useful bit of kit I have for working on PCs and you can do a lot of things just with it yet it still fits in your pocket. Granted its no substitute for a proper tool kit but a good quick tool.
Spot on. I have family who have almost never used the net and say hey wow you get that in your computer, how do ya do that, can I? (Streaming video and radio). Then you explain that they live in the UK and thus their exhange is not enabled yet (for ADSL) and even if it was you are probably too far from it to get broadband(512K/s up 256K/s down). All they really want is 128k/s upstream always on! Oh what is ti that I hear "thats that", not "oh we should do something about this," so give a thought to thouse who have to live with a 29K max connection! (I know the view out of the window is good, but that is no substitute!).
I see your argument execatly and agree with it but with one point to add
If you take the money you could have spent on extended warrenties for all sorts of things you buy, TVs, computers, DVD players, Video players and kitchin stuff etc and put it in a savings account I bet over a life time you would be better off.
Just for an example my PC fried 3 weeks ago, it was a £350 I need one quick PC. It had already died once under guarante but this time it was out. I spent £1500 on a new one which I had planed to get in a few months anyway and at the mo it's really nice. My point, however, is that I've not payed anything in extended warantees and so think if I had I would probably be even (I'm only 23). It's a matter of odds yes, but have one policy or another and I think you end up about even.
Just a tip for thouse in the UK buy from John Lewis as they give you a 5 year guarantte automatically as well as matching anybody elses price. My telly a Sony I bought from £200 less than in the local Sony store and came with these 5 years as well as free delivery, great if you live in a flat and don't have a lift!!
Just out of interest is the fact that the guy was British (Well done on choosing an actually nationality most people, including British, don't) important because has was crazy or because he did a wonderful job?
I have to ask 'cus' I'm crazy and want to know if it is to do with the gene pool I got from being British!
Slashdot Mirror
What I was trying to say is that the Dummy accounts were created by the fraudsters as a way of getting physical cards, they were the programmed with real account details, which at the time could be got from a discarded recipt. Sure, some dummy accounts had real money in them, for testing, but not these ones. I think the idea behind this is that no one would notice the cards from the new dummy accounts missing, thus giving more time to commit the fraud, and it avoided having to pickpocket etc. The limit of three PIN combinations would then let you guess the PIN on the card from the dummy account, which is reprogrammed with real account details with real money.
All I was doing in my post is settting out what I believe the article to be describing, in a may which makes it sound plausable, and thus possible. I make no calim that this is actually what happened.
The article suggests that banks setup "dummy accounts", and allowed "dummy cards" to withdraw real money from those accounts. Does this sound likely to be true?
Well yes I would say, some people built a system and it needed to be tested. But there was a certain sequence of event which caused this to become significant:
1. I looks like the people who could create the dummy accounts were also involved in the construction/maintenence of the system, and could get a the physical cards which were produced. In itself this si not an issue, they could get no cheque books, perform mandates and this was before the debit card so it needed a PIN to use it
2. These people could not get the PINs, this is to stop them creating a dummy account and having a few massive weekends
3. But if they could get the cards, and knew it had one of three PINs due to their system fiddling, they can withdraw cash, but if you do it from the dummy account you are bound to get caught, I guessing there was some kind of auditing here, or at least people thought there was
4. You could program different account details onto the card, then easily obtainable from a discarded recipt, but the PIN for that physical card would stay the same, so you knew it, it is now one of three remember, you can take cash from a real account and it won't get noticed until the next statment, this is probably about 10 days later minimum, 35+ if you get lucky
5. Profit, really this is how it worked, you didn't need to get physical cards, people wern't alerted till long after the theft and there was not a paper (or audit) trail which actually connected all elements of the crime together.
First, only 3 PINs being generated by the card issuing system. I can see this is possible if you hack the application code itself but the HSMs (hardware security modules) that actually do the cryptographic operations wouldn't do this using Visa, IBM or Diebold PIN offset generation calls. It's possible, but it would be an insider job in one bank NOT the whole banking system.
This is what the article indicates, it was the people working with the PIN production system rigged it to do thisSecond, the description of the scam is that one PIN offset on track 2 can be used with multiple account numbers. Again, all the standard PIN methods explicitly prevent this - the account number (PAN) is part of the input data to the PIN verification call.
The account number did not feature in this case, thus simply changing the account number on the card was sufficent, the original PIN would still work
Third, the description has the crook shoulder surfing for PINs. Why does he need to do this if any known PIN can be used with any account?
This is what the guy used to do originally, then he discovered the account number rewriting trick
The article is not that well writen, it took me 2 1/2 reads of the article to actually establish all of the above. what I want to know is, who is "rogue Bank" and are they the same one I bank with
The time consuming part of a credit card transaction is where the cashier checks your signature against the one on the back of the card
In the UK, and I believe the a lot of the rest of europe now, PIN numbers are used as opposed to signatures. So with this method you still have to enter your pin into the keypad to complete a transaction, but don't have to get the card out. The main benefit here I guess is that you can't the leave your card/wallet on the counter etc. Of course cloning of the card is I guess just as easy, or easier as the cashier doesn't look at the card so visually it doesn't have to be a good fake, and reading the RFID details may be easier.
I thought they were referring to Cricket.
So did I, also I thought the new batting average was now number of continuous hours drinking afer an ashes series win.
127.0.0.1 got rated as inoffensive.
I remember when M$ proudly claimed 99.9% uptime for NT. To me that sounded terrible. Over 3.5 FULL 24 HOUR DAYS of downtime every year. Horrid!
99.9% uptime is 0.1% downtime, or 1/1000th. 365 divided by 1000 is 0.0365, or about 9 hours, 1/10th of your quoted annual downtime.
I would definatly agree
Had a T610 and now have a Z1010 (personal) and K700i (work) and they both work great over bluetooth to iSync, and can be used as a clicker, iTunes control device etc. I have not connected to the Internet with these but I have not tried and see no reason why its not possible
Channel 4 do many programmes that are at least as good as the BBC if not better.
Bear in mind though that Channel 4 is a goverment organisation of sorts. It is owned 100% by the UK government but operates independently. This is important as it can take more risks as the agreement it has protects its revenue to a point becuase if it falls below a certain level then the taxpayer will step in a make up the difference. This has though never occured in the 20 on year history of the channel.
It also means that it has a remit as well, different to that of the BBC and thus it would not be possible for it to go off and produce 24 hours a day of rubbish, like commercial channels can
It depends how you interpret the an, being an internet or an connection. I automatically assume the former as it is internet with a lower case "i"
In the UK one of the operators, GNER, who serve the East Cost have been rolling this out over the past year, there is a link from the GNER Wi-Fi page Which explains who it works for them. A combination of satalite and mobile phone for when in tunnels
Why would Apple put out a G4 or G5 gaming box to have sony come out with a 4 cell gaming box.
There is also the matter that ther is a G4/G5 based gaming box on the horizon, I believe that it is call "XBox Next" or something.
Seriously though, I feel that the market is big enough for only 3 players
Are there devices out there which are not operated by a hammer?
Well, there is always the posibility that one processor could concentrate on dynamic binary translation, which can improve performance Transitive anyway, and another run the translated code.
Cursing them out first is optional.
Cursing is forbiden, the people who do this are just guys doing a job no one wants to do probably because they need the cash, and besides there is never a need to be rude to someone on the grounds they are putting themselves throught University, been made redundant or are generally just less fortunate than people who don't have to do this for a living.
The people we have a problem with in these situations are the people at the top who are running/ have instigated this activity, find out who they are (what product or service they are selling) and then just don't bother to buy/use it or speak to a manager or anyone who actually has to take responsibilty for this i.e. it was their idea/decision.
I think what you say is entirly accurate except that one msjor point is lacking. The fact is that degrees where I come (English original university(not a old poly)) from principly teach you three things:
How to learn
Hoe to reason
Some sort of subject matter
Now if your subject matter is CS then mathematical reasoning is probably fairly important. I work in a job where I work to develope applications of people to use out of a set or requierments. This is not a bad thing and I agree not a CS job. However, I do need to use my ability to learn and my reasoning and this often means that I need to use my mathematical skills to work stuff out to get the job done
As an aside if I were to say that CS courses miss anything out then it is language skills as I have found this are very valued and something which I maybe need more that my tech skills. But the I do work for a consultacy and so "Client communications skills" are key but we really need our tech backgound in addition to these.
The BBC World Service stopped transmitting to North America a couple of years ago, arguing, in part, that their Internet streams served the NA market well enough.
To be fair that is probably a resonable move to make especially as the significant intended audience of the BBC World Service in all probability does not live in North America as Canada and the USA have had free press for a while.
This page can be found here and is about 1/3 of the way down the page.
... of this, which the submitter seems accepting of, is the company which relies on its employes have thier own personal mobile phone, PDA, laptop and using it wor the benifit of their employer, i.e. to do their job. Which really is just as bad but in the opposite direction.
The second issue here is that it would seem the firm in question has deemed it's employes untrustworthy which is a major issue in its self. I can use my mobile and work phone for personal calls and it is not a problem. The thing is myself and all of my colleages only use them in this matter when it makes sense. Importantly not just essential, but its okay to make a call to your partner to organise meeting up after work just not to call your Aunt half way round the world for a chat!
The saddest thing is that we will need that much power just to run Windows2009 and Doom5
But will it have the much anticpated auto-slashdot-homepage-reload function. Not to mention the auto pro M$ auto first comment feature penciled in for WindowsNever.
All of the programmes currently avaliable are in streaming realmedia, catered to the 56k audiance. I could see this initiative falling flat on it's face unless a burnable, portable and high quality format is used.
I totally fail to see how burnable is important as it is against the will with which this initiative is going ahead. Also you should pay your TV license fee in good faith, i.e. if you want to keep watching someting go and buy it after all most stuff which is worth multiple viewings is available on VHS or DVD. And if you happen not to be a license fee payer how dare you suggest stealing from our nationally heald assests, if the UK took the White House I doubt if non would be too impressed!!
I would definatly recommend a Swiss Army Cyber Tool. It has been the most useful bit of kit I have for working on PCs and you can do a lot of things just with it yet it still fits in your pocket. Granted its no substitute for a proper tool kit but a good quick tool.
Spot on. I have family who have almost never used the net and say hey wow you get that in your computer, how do ya do that, can I? (Streaming video and radio). Then you explain that they live in the UK and thus their exhange is not enabled yet (for ADSL) and even if it was you are probably too far from it to get broadband(512K/s up 256K/s down). All they really want is 128k/s upstream always on! Oh what is ti that I hear "thats that", not "oh we should do something about this," so give a thought to thouse who have to live with a 29K max connection! (I know the view out of the window is good, but that is no substitute!).
I see your argument execatly and agree with it but with one point to add
If you take the money you could have spent on extended warrenties for all sorts of things you buy, TVs, computers, DVD players, Video players and kitchin stuff etc and put it in a savings account I bet over a life time you would be better off.
Just for an example my PC fried 3 weeks ago, it was a £350 I need one quick PC. It had already died once under guarante but this time it was out. I spent £1500 on a new one which I had planed to get in a few months anyway and at the mo it's really nice. My point, however, is that I've not payed anything in extended warantees and so think if I had I would probably be even (I'm only 23). It's a matter of odds yes, but have one policy or another and I think you end up about even.
Just a tip for thouse in the UK buy from John Lewis as they give you a 5 year guarantte automatically as well as matching anybody elses price. My telly a Sony I bought from £200 less than in the local Sony store and came with these 5 years as well as free delivery, great if you live in a flat and don't have a lift!!
and the crazy British guy did a wonderful job
Just out of interest is the fact that the guy was British (Well done on choosing an actually nationality most people, including British, don't) important because has was crazy or because he did a wonderful job?
I have to ask 'cus' I'm crazy and want to know if it is to do with the gene pool I got from being British!