I've seen USB devices that were considerably less expensive than that.
Even a piece of paper with the one-time passwords printed on it that you need to cross off with a Jiffy marker would likely cost $40 per person. I read recently in a news article regarding Comcast and spam that it costs them an average of $9 for every customer service phone call. The $40 (admittedly, I just pulled that number out of my ass) is eaten up by the cost of implementing the system in the first place (how many millions would it cost to design, test, deploy, and maintain?), training existing staff as well as new staff as they are hired, mailing expenses (envelope, stamps, employee time), and probably some other factors too. Part of the cost is fixed (eg: development) and others are incremental with each additional user.
As others have pointed out, this cost could be passed on to the customer but how many customers use online banking in the first place? Of those, how many would willingly pay $40 to get the same service they do now? Maybe I'm just pessimistic, but I think with all the easily prevented fraud out there now it shows that people don't care a whole lot about security. Every notable website which asks for a password tells the user over and over to choose something hard to remember, a combination of letters, numbers, and punctuation, not used on any other website, not related to personal information such as you or your family member's birthday, etc. etc. And people still go and ignore all that advice and choose something simple or used everywhere.
The fact that nobody is paying for more security in the free market is a pretty good indication that people don't really want it in the first place.
A sound argument if the market is aware of more secure methods and the limitations to the current methods. However, even most technical people would simply suggest to choose a strong, unique password for sensitive sites.
This is available on FreeBSD and likely other *nix systems out there as well. Here's the nutshell overview for the über-grokkers.
Adding your login to the database of one-time passwords and displaying the first login password:
$ opiepasswd -c Adding dlavigne6: Only use this method from the console; NEVER from remote. If you are using telnet, xterm, or a dial-in, type ^C now or exit with no password. Then run opiepasswd without the -c parameter. Using MD5 to compute responses. Enter new secret pass phrase: Secret pass phrases must be between 10 and 127 characters long. Enter new secret pass phrase: Again new secret pass phrase:
ID dlavigne6 OTP key is 499 dh0391 CHUG ROSA HIRE MALT DEBT EBEN
"499" is the counter, "dh0391" is the seed. Combined with the password, you can generate additional logins from any computer, on- or offline. Generating additional login passwords:
$ opiekey 498 dh0391 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: MASK BALM COL HER RIFT TERM
$ opiekey -n 10 497 dh0391
Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: 488: COIN LO DOG GOLF ACTA FULL 489: SOD STUN SINK DRAW LAWN TILT 490: MALT STAY MASH CAR DEBT WAST 491: HOWE DRY WALL TOO BUDD SWIM 492: ROOT SPY BOND JEST HAIL SCAR 493: MEAN ADD NEON CAIN LION LAUD 494: LYLE HOLD HIGH HOME ITEM MEL 495: WICK BALI MAY EGO INK TOOK 496: RENT ARM WARN ARC LICE DOME 497: LEAD JAG MUCH MADE NONE WRIT
And logging in:
login: dlavigne6 otp-md5 498 dh0391 ext Password: (here I pressed enter) otp-md5 498 dh0391 ext Password [echo on]: mask balm col her rift term
The beauty of this is that you can turn it on and safely login as root using a telnet session as replay attacks won't work since the password has already been used. Of course, "safely" here only applies to password reuse as a telnet session doesn't prevent other problems, such as man-in-the-middle attacks. Because this uses a standard algorithm, you can even generate new login passwords as needed from a PDA -- it doesn't have to be generated directly on the host system. So if you're SSHing to your server to fix a problem and you're in some internet cafe, you don't need to worry about keystroke loggers picking up the password. Type it in via plaintext as it'll never get reused.
Equipping your 1 million customers with some kind of secure random password generation smart card probably costs $40 each, both for the card and programming as well as associated infrastructure and overhead costs. So this security is a $40 million expense with no real benefit for the bank itself. Add in the costs of customer and staff training, eventual replacement of cards due to wear/loss/theft/whatever, and this is a very expensive proposition.
As much as I'd love to see this implemented at every bank (heck, PayPal, eBay,...) it's not likely to happen unless it's either legislated or if the cost of fraud gets so high that it forces banks to consider something like this.
If it ain't on the 'net, it ain't something I'm interested in...
Well good for you. Obviously it is of some interest to you as you felt compelled to post your aversion to the CD format rather than just moving on to the next story as one would expect from someone who doesn't give a fuck about CDs.
"Profit" is also a noun. "Did you make [verb] a profit [noun] on that stock?" vs. "Did you profit [verb] from that stock?" So the "n. Profit!" could either be "n. Profit [verb] from the above" or "n. Realize a Profit [noun] by doing the above".
I agree with what most people have written here, but one thing struck me from the article:
Maybe it's the punk rock in me, but I firmly believe that if you're lucky enough to find art or entertainment that you really connect with--be it a music group, a movie, a video game, or whatever--the people responsible for bringing it to you deserve to be compensated for it.
This is similar to the argument for donating to Open Source projects. Sure, if it's GPL you don't need to pay anything to be able to use the software. However, if it's something you find truly beneficial to you, it's nice to compensate the developer for their efforts. I do agree with the author though... if the difference is only $5 between new and used, I typically purchase new if only because being the first person to crack the seal on the game is psychologically satisfying.
Just like this one, you set a dial for how well you want your bread (shirt) toasted (ironed). You then depress a lever (press a button) and the robot then toasts (irons) your bread (shirt). It boasts an air filter so that the air due to convection doesn't contain any dust or dirt particles to contaminate your toast (shirt). It also has special insulation so that the outside doesn't get scorching hot -- only the internal elements are hot enough to heat the bread (shirt). But the Robotic Toaster is a bargain at only $795, less than half the price of the Robotic Ironing machine.
While this might cause a small hit into the profits of those corporations, average Joe isn't going to go to the poorhouse because he has to pay more for electricity
This won't cause any hit in the profits of corporations because they'll simply pass on the cost of electricity to the consumer.
Why wait for information when you can get it now? And probably it's easier for most to get them by SMS than look at some board at their school or whatever means they use to communicate the grades.
Of course it is easier, and better to get information now. That much is quite obvious, which makes you wonder why it made the front page of Slashdot given that no new technology is involved.
Now all we need to do is to find some areas where one of the officials who voted to pass this legislation violates this law themselves. Scrutinize everything the Italian government puts out to try and catch them posting material which is copyrighted. Time to make examples of them of how passing such a shitty law will come back to bite them in the ass.
Perhaps someone can explain to this ignorant American exactly how the government can use publication in a newspaper as a punishment for a crime (whatever the crime may be). At least here in the US, we at least pretend to have freedom of the press.
Perhaps the Italian papers are simply accepting a paid classified ad, similar to an obituary notice. When someone changes their name, aren't they also required to publish this in a local paper in the US?
Since your odds are almost 50%, you could keep betting 2x until you win.
Just hope that you don't start off betting $1 and have a losing streak of 10 times. Unless you happen to have a float of about a million dollars once it reaches 2^10.
One can always record the particular frequency the broadcast is sent out on. Think of it as your own personal SETI@Home project. You can then replay that analog recording back since it contains an encoded digital stream. Since there's no "bit" that can be set in the analog radio broadcast, you can never be found to have violated a broadcast flag.
The whole idea of fair use available only to those with enough money is disgusting.
Such as if someone wants to make a duplicate copy of a few pages in a book but doesn't own a photocopier? Photocopiers are expensive! Do you find that a disgusting abuse of fair use rights? Probably not, because there exist services which allow you to photocopy material for 5 cents a page. How is this any different?
Radio and TV are both public spectrum. I buy or build a device to read this information and I am perfectly legal. The VCR is a find example of this. If I am not home to watch a program I can record it, play it back, rip out the parts I want to watch again, and even skip parts I do not want (commercials, D. Franz's naked butt). Radio is the same way. If my local station has the top 20 every night @ midnight and I wish to sleep then, it is absolutely legal for me to record it and play it back later.
What's interesting is that, despite this proposed FCC regulation and any DMCA issues, you could still legally purchase a device which records the airwaves, just as a VCR records a TV station frequency. Having recorded the airwaves, you can then replay the broadcast and your radio device will then decode it just as before. You still get a 100% pure digital output, assuming that you captured the analog airwaves accurately.
In consumer-grade (i.e. non-competition-grade) car audio, I've never seen the option of buying one CD/DVD/MP3 unit and a separate radio unit. You have to buy a combo, since that's what the industry makes.
Well, your beef is with the industry then. I suppose there isn't a substantial market for media playing devices only, so even if you don't listen to radio at all, you're still paying for the R&D that went into it. Plus, I doubt this technology would result in higher prices. "NEW! Get a radio that doesn't allow you to record, only $20 more!" Since analog (radio waves) is being converted to a digital stream, then that digital stream is converted back to analog (through a speaker) it's not hard to look at that digital stream, decode a "no copy" bit, and disable some kind of recording mechanism. The increase in R&D required for this is extremely small.
Is anybody else stunned by the stupidity of this statement? I mean, wow. I just can't imagine what kind of a thought process is required to come up with and believe a statement like this. Absolutely amazing...
Perhaps I was unclear. The broadcasters do set the licensing terms. Specifically, they have given you no license at all which means that the only rights you have under copyright law are those afforded to you by fair use.
Yeah, the licensing issue is a non-starter and I shouldn't have put that in there. Shoot me later for that.
No, but if I do access the 100% digital source, as long as I don't redistribute, I HAVE NOT BROKEN THE LAW (or, some people would argue, I have still technically broken the law, but in a way that is defensible).
You haven't broken copyright law, no. However, you might have violated the DMCA, which is I suspect what the RIAA wants to do here.
You still haven't stated why there should be a difference between a variable analog voltage, and digital 0s and 1s. They both should get the same legal protection, and fair use rights should be applicable to both.
Ideally, I think you're right in that they should. But copyright law doesn't exist in a vacuum. Throw in a touch of DMCA, a hint of FCC regulations, perhaps a digital radio EULA... suddenly it's not so clear.
No they don't. I don't agree to any license when I listen to the radio. I just got a new car, and I checked the radio book. Nope, no license.
So what you've done is set up a strawman ("Broadcasters set up licensing terms") and then concoct a legal "theory" on why this is okay.
You missed my point. The broadcaster owns the copyright and *does* set the licensing terms. Specifically, they have chosen to give you NO LICENSE. By default then, you only have the rights afforded to you by the fair use provisions of copyright law. See below.
Well first of all, there is no licensing terms related to listening to the radio, either analog or things like Shoutcast, and I didn't agree to do anything. I've always been able to tape from radio for my personal enjoyment, and why you think switching from digital to analog changes is the equation is a mystery. Frankly, you seem more like a troll than being well thought out.
Others have pointed out similar issues, which I accept as a flaw in my argument. The question then becomes: does restricting your recording to analog only constitute a breach of your fair use rights under copyright law? Nowhere in section 107 does it say that you are entitled to a 100% digitally perfect recording of the work in order to enjoy your fair use rights.
You've setup your own strawman argument by implying that not having access to the pure digital stream would be a violation of fair use rights. This position is unsupported by copyright law.
I've seen USB devices that were considerably less expensive than that.
Even a piece of paper with the one-time passwords printed on it that you need to cross off with a Jiffy marker would likely cost $40 per person. I read recently in a news article regarding Comcast and spam that it costs them an average of $9 for every customer service phone call. The $40 (admittedly, I just pulled that number out of my ass) is eaten up by the cost of implementing the system in the first place (how many millions would it cost to design, test, deploy, and maintain?), training existing staff as well as new staff as they are hired, mailing expenses (envelope, stamps, employee time), and probably some other factors too. Part of the cost is fixed (eg: development) and others are incremental with each additional user.
As others have pointed out, this cost could be passed on to the customer but how many customers use online banking in the first place? Of those, how many would willingly pay $40 to get the same service they do now? Maybe I'm just pessimistic, but I think with all the easily prevented fraud out there now it shows that people don't care a whole lot about security. Every notable website which asks for a password tells the user over and over to choose something hard to remember, a combination of letters, numbers, and punctuation, not used on any other website, not related to personal information such as you or your family member's birthday, etc. etc. And people still go and ignore all that advice and choose something simple or used everywhere.
I guess it's possible to play war games with stationery that's stationary.
The fact that nobody is paying for more security in the free market is a pretty good indication that people don't really want it in the first place.
A sound argument if the market is aware of more secure methods and the limitations to the current methods. However, even most technical people would simply suggest to choose a strong, unique password for sensitive sites.
Adding your login to the database of one-time passwords and displaying the first login password:"499" is the counter, "dh0391" is the seed. Combined with the password, you can generate additional logins from any computer, on- or offline. Generating additional login passwords:And logging in:The beauty of this is that you can turn it on and safely login as root using a telnet session as replay attacks won't work since the password has already been used. Of course, "safely" here only applies to password reuse as a telnet session doesn't prevent other problems, such as man-in-the-middle attacks. Because this uses a standard algorithm, you can even generate new login passwords as needed from a PDA -- it doesn't have to be generated directly on the host system. So if you're SSHing to your server to fix a problem and you're in some internet cafe, you don't need to worry about keystroke loggers picking up the password. Type it in via plaintext as it'll never get reused.
Equipping your 1 million customers with some kind of secure random password generation smart card probably costs $40 each, both for the card and programming as well as associated infrastructure and overhead costs. So this security is a $40 million expense with no real benefit for the bank itself. Add in the costs of customer and staff training, eventual replacement of cards due to wear/loss/theft/whatever, and this is a very expensive proposition.
...) it's not likely to happen unless it's either legislated or if the cost of fraud gets so high that it forces banks to consider something like this.
As much as I'd love to see this implemented at every bank (heck, PayPal, eBay,
stationary
adj.
1. a. Not moving.
1. b. Not capable of being moved; fixed.
2. Unchanging: a stationary sound.
What usage of stationary are you aware of where it's a better choice of word than "deployment" would be?
I mean really. I haven't used a CD in 2 years.
...
If it ain't on the 'net, it ain't something I'm interested in
Well good for you. Obviously it is of some interest to you as you felt compelled to post your aversion to the CD format rather than just moving on to the next story as one would expect from someone who doesn't give a fuck about CDs.
"Profit" is also a noun. "Did you make [verb] a profit [noun] on that stock?" vs. "Did you profit [verb] from that stock?" So the "n. Profit!" could either be "n. Profit [verb] from the above" or "n. Realize a Profit [noun] by doing the above".
Does this mean they've found the primer?
Just like this one, you set a dial for how well you want your bread (shirt) toasted (ironed). You then depress a lever (press a button) and the robot then toasts (irons) your bread (shirt). It boasts an air filter so that the air due to convection doesn't contain any dust or dirt particles to contaminate your toast (shirt). It also has special insulation so that the outside doesn't get scorching hot -- only the internal elements are hot enough to heat the bread (shirt). But the Robotic Toaster is a bargain at only $795, less than half the price of the Robotic Ironing machine.
While this might cause a small hit into the profits of those corporations, average Joe isn't going to go to the poorhouse because he has to pay more for electricity
This won't cause any hit in the profits of corporations because they'll simply pass on the cost of electricity to the consumer.
Yes, the screenwriter is quite alive and well, much in the same way that Douglas Adams isn't.
You're absolutely right. Holy crap... what the hell was I smoking when I wrote that?? Mea maxima culpa!
Why wait for information when you can get it now? And probably it's easier for most to get them by SMS than look at some board at their school or whatever means they use to communicate the grades.
Of course it is easier, and better to get information now. That much is quite obvious, which makes you wonder why it made the front page of Slashdot given that no new technology is involved.
Now all we need to do is to find some areas where one of the officials who voted to pass this legislation violates this law themselves. Scrutinize everything the Italian government puts out to try and catch them posting material which is copyrighted. Time to make examples of them of how passing such a shitty law will come back to bite them in the ass.
Perhaps someone can explain to this ignorant American exactly how the government can use publication in a newspaper as a punishment for a crime (whatever the crime may be). At least here in the US, we at least pretend to have freedom of the press.
Perhaps the Italian papers are simply accepting a paid classified ad, similar to an obituary notice. When someone changes their name, aren't they also required to publish this in a local paper in the US?
Since your odds are almost 50%, you could keep betting 2x until you win.
Just hope that you don't start off betting $1 and have a losing streak of 10 times. Unless you happen to have a float of about a million dollars once it reaches 2^10.
One can always record the particular frequency the broadcast is sent out on. Think of it as your own personal SETI@Home project. You can then replay that analog recording back since it contains an encoded digital stream. Since there's no "bit" that can be set in the analog radio broadcast, you can never be found to have violated a broadcast flag.
The whole idea of fair use available only to those with enough money is disgusting.
Such as if someone wants to make a duplicate copy of a few pages in a book but doesn't own a photocopier? Photocopiers are expensive! Do you find that a disgusting abuse of fair use rights? Probably not, because there exist services which allow you to photocopy material for 5 cents a page. How is this any different?
Radio and TV are both public spectrum. I buy or build a device to read this information and I am perfectly legal. The VCR is a find example of this. If I am not home to watch a program I can record it, play it back, rip out the parts I want to watch again, and even skip parts I do not want (commercials, D. Franz's naked butt). Radio is the same way. If my local station has the top 20 every night @ midnight and I wish to sleep then, it is absolutely legal for me to record it and play it back later.
What's interesting is that, despite this proposed FCC regulation and any DMCA issues, you could still legally purchase a device which records the airwaves, just as a VCR records a TV station frequency. Having recorded the airwaves, you can then replay the broadcast and your radio device will then decode it just as before. You still get a 100% pure digital output, assuming that you captured the analog airwaves accurately.
In consumer-grade (i.e. non-competition-grade) car audio, I've never seen the option of buying one CD/DVD/MP3 unit and a separate radio unit. You have to buy a combo, since that's what the industry makes.
Well, your beef is with the industry then. I suppose there isn't a substantial market for media playing devices only, so even if you don't listen to radio at all, you're still paying for the R&D that went into it. Plus, I doubt this technology would result in higher prices. "NEW! Get a radio that doesn't allow you to record, only $20 more!" Since analog (radio waves) is being converted to a digital stream, then that digital stream is converted back to analog (through a speaker) it's not hard to look at that digital stream, decode a "no copy" bit, and disable some kind of recording mechanism. The increase in R&D required for this is extremely small.
Is anybody else stunned by the stupidity of this statement? I mean, wow. I just can't imagine what kind of a thought process is required to come up with and believe a statement like this. Absolutely amazing...
Perhaps I was unclear. The broadcasters do set the licensing terms. Specifically, they have given you no license at all which means that the only rights you have under copyright law are those afforded to you by fair use.
Yeah, the licensing issue is a non-starter and I shouldn't have put that in there. Shoot me later for that.
No, but if I do access the 100% digital source, as long as I don't redistribute, I HAVE NOT BROKEN THE LAW (or, some people would argue, I have still technically broken the law, but in a way that is defensible).
You haven't broken copyright law, no. However, you might have violated the DMCA, which is I suspect what the RIAA wants to do here.
You still haven't stated why there should be a difference between a variable analog voltage, and digital 0s and 1s. They both should get the same legal protection, and fair use rights should be applicable to both.
Ideally, I think you're right in that they should. But copyright law doesn't exist in a vacuum. Throw in a touch of DMCA, a hint of FCC regulations, perhaps a digital radio EULA... suddenly it's not so clear.
"and the broadcaster sets the licensing terms"
No they don't. I don't agree to any license when I listen to the radio. I just got a new car, and I checked the radio book. Nope, no license.
So what you've done is set up a strawman ("Broadcasters set up licensing terms") and then concoct a legal "theory" on why this is okay.
You missed my point. The broadcaster owns the copyright and *does* set the licensing terms. Specifically, they have chosen to give you NO LICENSE. By default then, you only have the rights afforded to you by the fair use provisions of copyright law. See below.
Well first of all, there is no licensing terms related to listening to the radio, either analog or things like Shoutcast, and I didn't agree to do anything. I've always been able to tape from radio for my personal enjoyment, and why you think switching from digital to analog changes is the equation is a mystery. Frankly, you seem more like a troll than being well thought out.
Others have pointed out similar issues, which I accept as a flaw in my argument. The question then becomes: does restricting your recording to analog only constitute a breach of your fair use rights under copyright law? Nowhere in section 107 does it say that you are entitled to a 100% digitally perfect recording of the work in order to enjoy your fair use rights.
You've setup your own strawman argument by implying that not having access to the pure digital stream would be a violation of fair use rights. This position is unsupported by copyright law.