"Could people stop talking about Europe as if it was one place."
"When making online purchases it works the same all over the world"
Head asplode with irony!
Evidently not - a lot of places in the UK are now using Verified by Visa, a system that takes you off the vendor site to Visa (or your card issuer's) site to enter a password, so that they can authorise (or not) the transaction based on that.
GSM/Sim cards and EMV credit cards are a different game. On the better (more modern) cards there is a cryptographic processor with its own set of private keys, that cannot be read off, that perform various authentication operations.
I used to work in EMV and I know what you can do with custom programmable cards and card reader/writers. Unless you have the card private key you cannot clone them.
"Maybe in the USA you have those authentication and authorisation features"
I thought we were talking about why smart cards were good and how the USA should adopt them. Maybe in the USA YOU don't have those features!:) I'm British and in London. Everywhere takes EMV now and PIN is part of every transaction. You're right that online the "Verified by Visa" support is lacking from a lot of places.
The technology is *mostly* there, but as I say - it's got gaping holes as long as somewhere in the world there is a merchant or bank that will take a card with a signature and magnetic strip. That and getting better roll-out of online protections.
*very very very hard way to physically clone a CC/DC;
Done. Chip and Pin (or EMV as it should be known) makes it pretty impossible without an electron microscope.
* very very very strong encryption in communication;
Done. EMV cards use RSA to encrypt comms between themselves and the bank. Nobody else gets to read it. Online purchases are down to your e-tailer and their setup. Check your browser security bar.
* user-changeable authentication and authorisation, so it won't be enough to have just a copy of the data printed on the CC sides to make a purchase on internet.
You can easily change your PIN in a lot of places with EMV, and for online purchases there are now a lot of places using the "Verified by Visa" (or similar mastercard initiative) to take you through authentication directly with your card issuer, with a user-set password, before the transaction can take place.
The main problem with ALL of this is back compatibility and legacy systems. The moment you introduce all this good stuff but then say "but if it's not available then fall back to unverified, unencrypted, magnetic processing" then you've introduced the capacity for major fraud again.
"Credit card companies and banks make money from fraud."
Not in the UK they don't. Oh sure, they probably have it insured, but until recently the liability for loss (where they couldn't prove the merchant or customer was complicit and don't catch anyone) was all theirs. This is because they supply the tech, they mandate the schemes, they set the standards.
EMV goes some way to what you want, there is encrypted information sent between the card and the issuing bank that nobody else can read, but is dependant upon PIN. The biggest hole in the scheme is that you are still allowed to fall back to magnetic strip transactions in some places. They tend to be where the fraud is done now.
With chip'n'pin there is cryptographic processing going on on the card to verify it's not being lied to by the shop or the bank. With RFID.... a number gets returned. Not so useful.
If you're referring to wireless EMV (or similar) then that's different, but is usually still going to be in card form.
Re:One of the most widely used languages?
on
C# In-Depth
·
· Score: 1
Have you noticed it's really difficult to search for jobs in plain old C?
Re:a bunch of questions
on
C# In-Depth
·
· Score: 1
It may once have been, but it's sitting down at number 20 on the sources I've seen.
Re:a bunch of questions
on
C# In-Depth
·
· Score: 1
Bang up to date in fact. The thing is that the world of production quality programming is very different to either the slashdot community (always excited over the next Big Thing(TM)) or university (very forward looking, though giving a grounding in current tech).
The world of industry is slow. It's also a hell of a lot bigger than just microsoft windows.
Except that in an RTS the struggle to gain money is part of the game that makes the rest a struggle and rewarding, whereas in WoW it seems like it's the whole game, and you're gonna get beaten by people who can dedicate more hours to it than is sane.
Re:One of the most widely used languages?
on
C# In-Depth
·
· Score: 1
"No, but it is up there with them "
I'm afraid it's not really. They are the top three languages. C# comes in at number 8, after Perl, PHP, Python and VB
Re:a bunch of questions
on
C# In-Depth
·
· Score: 5, Informative
8th most widely used.
After Java, C, C++, Visual Basic, Python, Perl and PHP. It just beats out javascript, below that you get into the obscure languages.
Re:C# is not the most widely used comp language
on
C# In-Depth
·
· Score: 2, Informative
Apparently Java is the top dog today.
My personal favourite, good 'ol C is in second place. C# was in at number 8, and seems actually to be on the decline.
My apologies if I've offended, it's just that use of buzzwords annoys me. I've looked at Xen, and VMWare and they're great products, but this is really no different from "Virtual Datacentre" or Virtual Hosting.
Cloud is an annoying term that actually obscures what's going on, and what's going on is already well understood.
Much like "Web 2.0", imho. Meaningless on its own, describing things that are already in place and, despite having slowly evolved to the present state with no overt revolutions, seem to suddenly need a new name.
Sounds pretty cool. It seems that Mosix relies on multi-process programming to acheive scalability for any particular application. That's fine (there are lots of ways of doing it and distributed/parallel programming is not as hard as people make out), but it's not the sort of magic that the cloud seems to be touting.
Data availability - Data replication across multiple sites. Not new. Data portability - How is this new. And please don't try to pretend that the use of IMAP by GMail is in any way innovative.
Resource expandability/shrinkability - This just isn't available outside of the mainframe world. Unless you've written software for some sort of funky cluster thing (unlikely) then the cloud is something like VMWare ESX, and the maximum expansion you're ever going to get is to the size/capabilities of a single one of the racks. AFAIK it's not possible at this time to have a single OS image (of a standard OS you program normally for) across multiple x86 machines.
Fair enough, it's likely a generational thing - I'm 30 and I shouldn't be old enough to say that though.
I buy CDs, rip them and then file 'em away, using various computers and portable players to listen to them. I think that's what most of my friends do too.
I wouldn't call CDs obsolete, I'd call them a good archive format, though these days quite a bulky one.
Umm, they're still quite common. Lots of music is put out with extra stuff (video or DRM) on data tracks at the end. Usually this uses the CD extra format which puts data at the end in a separate (but linked) session.
The CDROM + audio thing has audio starting with track 2 and is good , but not quite as good because if you put it into a CD player it'll try to play the first track as music and make bad noises.
I thought C64 floppy drives were notoriously hard to emulate because the drive was programmable and the disc often contained a program made to read its own content?
In which case you could pretty much do what you wanted, loader-program location excepted.
Actually, Cisco reported that they provide extensive instructions on exactly how to do thi sort of thing, and that the blame lies squarely with whatever admin just gave it away.
Actually, I'm suprised that this so-called "Security Expert" plugged it into his network and allowed it to do that without first looking at what went on when he started it up in isolation.
"No it doesn't. All the metadata is embedded in the files, so if you can hack the hash-table, you can certainly deal with repopulating the fs data from the metadata."
Why the hell would I bother with writing a program to do that? I could just plug a none-mangled device into any other computer and use drag and drop with file names intact. Metadata be damned.
I'm sorry, but iPod and iTunes do not only not give me what I have already without them, but make life more difficult to do what I want to do. It may not be what everyone wants (or is capable of), but it would not only not add anything to the ease of use of my music collection, but take serious work to get back to where I am without it.
I care if the files are mangled, because then you can't plug into another computer and drag/drop the files back onto there from what is effectively an external hard drive.
"Or put another way, to argue about the iPod 'mangling' is the same as arguing about how a FS "obscures" the underlying data... Duh!"
No, it's not, see above, it limits what you can do with your files.
"Could people stop talking about Europe as if it was one place."
"When making online purchases it works the same all over the world"
Head asplode with irony!
Evidently not - a lot of places in the UK are now using Verified by Visa, a system that takes you off the vendor site to Visa (or your card issuer's) site to enter a password, so that they can authorise (or not) the transaction based on that.
GSM/Sim cards and EMV credit cards are a different game. On the better (more modern) cards there is a cryptographic processor with its own set of private keys, that cannot be read off, that perform various authentication operations.
I used to work in EMV and I know what you can do with custom programmable cards and card reader/writers. Unless you have the card private key you cannot clone them.
"Maybe in the USA you have those authentication and authorisation features"
I thought we were talking about why smart cards were good and how the USA should adopt them. Maybe in the USA YOU don't have those features! :)
I'm British and in London. Everywhere takes EMV now and PIN is part of every transaction. You're right that online the "Verified by Visa" support is lacking from a lot of places.
The technology is *mostly* there, but as I say - it's got gaping holes as long as somewhere in the world there is a merchant or bank that will take a card with a signature and magnetic strip. That and getting better roll-out of online protections.
*very very very hard way to physically clone a CC/DC;
Done. Chip and Pin (or EMV as it should be known) makes it pretty impossible without an electron microscope.
* very very very strong encryption in communication;
Done. EMV cards use RSA to encrypt comms between themselves and the bank. Nobody else gets to read it. Online purchases are down to your e-tailer and their setup. Check your browser security bar.
* user-changeable authentication and authorisation, so it won't be enough to have just a copy of the data printed on the CC sides to make a purchase on internet.
You can easily change your PIN in a lot of places with EMV, and for online purchases there are now a lot of places using the "Verified by Visa" (or similar mastercard initiative) to take you through authentication directly with your card issuer, with a user-set password, before the transaction can take place.
The main problem with ALL of this is back compatibility and legacy systems. The moment you introduce all this good stuff but then say "but if it's not available then fall back to unverified, unencrypted, magnetic processing" then you've introduced the capacity for major fraud again.
"Credit card companies and banks make money from fraud."
Not in the UK they don't. Oh sure, they probably have it insured, but until recently the liability for loss (where they couldn't prove the merchant or customer was complicit and don't catch anyone) was all theirs. This is because they supply the tech, they mandate the schemes, they set the standards.
EMV goes some way to what you want, there is encrypted information sent between the card and the issuing bank that nobody else can read, but is dependant upon PIN. The biggest hole in the scheme is that you are still allowed to fall back to magnetic strip transactions in some places. They tend to be where the fraud is done now.
I'm not convinced RFID makes much sense really.
With chip'n'pin there is cryptographic processing going on on the card to verify it's not being lied to by the shop or the bank. With RFID.... a number gets returned. Not so useful.
If you're referring to wireless EMV (or similar) then that's different, but is usually still going to be in card form.
Have you noticed it's really difficult to search for jobs in plain old C?
It may once have been, but it's sitting down at number 20 on the sources I've seen.
It's not old stats - http://www.tiobe.com/index.php/content/paperinfo/tpci/index.html
Bang up to date in fact. The thing is that the world of production quality programming is very different to either the slashdot community (always excited over the next Big Thing(TM)) or university (very forward looking, though giving a grounding in current tech).
The world of industry is slow. It's also a hell of a lot bigger than just microsoft windows.
Except that in an RTS the struggle to gain money is part of the game that makes the rest a struggle and rewarding, whereas in WoW it seems like it's the whole game, and you're gonna get beaten by people who can dedicate more hours to it than is sane.
"No, but it is up there with them "
I'm afraid it's not really. They are the top three languages. C# comes in at number 8, after Perl, PHP, Python and VB
8th most widely used.
After Java, C, C++, Visual Basic, Python, Perl and PHP. It just beats out javascript, below that you get into the obscure languages.
Apparently Java is the top dog today.
My personal favourite, good 'ol C is in second place. C# was in at number 8, and seems actually to be on the decline.
Sure about that?
I'm pretty sure a lot of it becomes soil and bits of other trees and stuff. It's not like trees evaporate the moment they die!
My apologies if I've offended, it's just that use of buzzwords annoys me. I've looked at Xen, and VMWare and they're great products, but this is really no different from "Virtual Datacentre" or Virtual Hosting.
Cloud is an annoying term that actually obscures what's going on, and what's going on is already well understood.
Much like "Web 2.0", imho. Meaningless on its own, describing things that are already in place and, despite having slowly evolved to the present state with no overt revolutions, seem to suddenly need a new name.
Sounds pretty cool. It seems that Mosix relies on multi-process programming to acheive scalability for any particular application. That's fine (there are lots of ways of doing it and distributed/parallel programming is not as hard as people make out), but it's not the sort of magic that the cloud seems to be touting.
I strongly agree.
It's a really annoying buzzword that seems to cover everything from VMWare to mainframes, to Beowulf clusters, SAN technology....
What is the fscking cloud?
Also, are all the offerings he mentions targeted at people running web applications anyway?
Data availability - Data replication across multiple sites. Not new.
Data portability - How is this new. And please don't try to pretend that the use of IMAP by GMail is in any way innovative.
Resource expandability/shrinkability - This just isn't available outside of the mainframe world. Unless you've written software for some sort of funky cluster thing (unlikely) then the cloud is something like VMWare ESX, and the maximum expansion you're ever going to get is to the size/capabilities of a single one of the racks. AFAIK it's not possible at this time to have a single OS image (of a standard OS you program normally for) across multiple x86 machines.
The support taint is this -
He got a degree in computer engineering and then sat in first line support for HOW LONG?
I'd have moved city to find a better job by now.
Fair enough, it's likely a generational thing - I'm 30 and I shouldn't be old enough to say that though.
I buy CDs, rip them and then file 'em away, using various computers and portable players to listen to them. I think that's what most of my friends do too.
I wouldn't call CDs obsolete, I'd call them a good archive format, though these days quite a bulky one.
Umm, they're still quite common. Lots of music is put out with extra stuff (video or DRM) on data tracks at the end. Usually this uses the CD extra format which puts data at the end in a separate (but linked) session.
The CDROM + audio thing has audio starting with track 2 and is good , but not quite as good because if you put it into a CD player it'll try to play the first track as music and make bad noises.
I thought C64 floppy drives were notoriously hard to emulate because the drive was programmable and the disc often contained a program made to read its own content?
In which case you could pretty much do what you wanted, loader-program location excepted.
Actually, Cisco reported that they provide extensive instructions on exactly how to do thi sort of thing, and that the blame lies squarely with whatever admin just gave it away.
Actually, I'm suprised that this so-called "Security Expert" plugged it into his network and allowed it to do that without first looking at what went on when he started it up in isolation.
"No it doesn't. All the metadata is embedded in the files, so if you can hack the hash-table, you can certainly deal with repopulating the fs data from the metadata."
Why the hell would I bother with writing a program to do that? I could just plug a none-mangled device into any other computer and use drag and drop with file names intact. Metadata be damned.
I'm sorry, but iPod and iTunes do not only not give me what I have already without them, but make life more difficult to do what I want to do. It may not be what everyone wants (or is capable of), but it would not only not add anything to the ease of use of my music collection, but take serious work to get back to where I am without it.
No thanks.
I care if the files are mangled, because then you can't plug into another computer and drag/drop the files back onto there from what is effectively an external hard drive.
"Or put another way, to argue about the iPod 'mangling' is the same as arguing about how a FS "obscures" the underlying data... Duh!"
No, it's not, see above, it limits what you can do with your files.