You, I, and anyone else with an IQ higher then that of a housecat can figure out a way to get just about anything you want on to a plane. It's about making the huddled masses FEEL safe, not actually making people safe.
Lets face it, if you're going to kill yourself anyway, put it on credit...
The point is that it's another bogus, bullshit, ineffective, useless, borderline-retarded level of bullshit just to get on a gawd damn airplane to fly somewhere more interesting then you already were.
I guess the definition of "better" is what was lacking here -- You could do it a bit cheaper, assuming you use enough minutes that the $0.025/minute (US/Canadian) rate on Jajah is cost prohibitive vs an unlimited plan.
But for definitions of better including easier, you won't beat Jajah...
What possible misuse is there? The only misuse I can see anywhere is to waste someone's airtime -- But you don't need Jajah for that, just phone them directly.
All Jajah does is dials two numbers at once and conferences the calls. Nothing more, nothing less. No god-like access, no magical billing, nothing else.
You appear to be dumber then most -- I've been a Jajah user since well before the/. retards heard of it.
First off, you do need "VoIP credit" -- Accounts start out with $3.75 though, so you can sign up and start using it.
Second, neither the dialing nor receiving party is billed at all, other then regular air time for receiving a call (if applicable) -- So that's no different for your "victim" then if you just dialed them directly.
So why do I use Jajah? I have unlimited incoming calls on my cell, so it means I pay $0.025/minute to Jajah instead of using my rather limited outbound cell minutes during peak hours.
If you take away my right to vote because I'm in a position to alter the vote, I'm more likely to feel cheated by the system, and help cheat the system in return.
Not if the envelope password is properly secured. ANY successful attempt to authenticate against that account *must* trigger the security routines.
Typically this works best in a black-box authentication environment (Active Directory, for example), where an individual machine/app/whatever can't authenticate a password themselves, all they can do is ask the authentication service if a username/password matches and get back a Y/N answer -- The authentication service would be responsible for sending the notifications)
Also note that in this definition, black-box doesn't need to be closed source, or otherwise hidden, it just needs to be completely isolated from the application/service/whatever asking the question.
I'm not suggesting any individual go after their vendor, that obviously wouldn't be practical in the real world. Rather, I'm suggesting Cisco going after the records of the vendor and going up the chain to find the source.
Cisco has deep pockets, in-house council, and the monetary incentive to make it stop.
Were I a vendor, with Cisco yelling at me, threatening to revoke my certification (I wonder how that would bode for business?), I'd probably open up records of the one known-to-be-fraud transaction to avoid a fishing expedition into all of my records.
I'm saying they can't tell how or when a number was stolen. If someone uses a swipeless method to steal someone's card number, they're not necessary going to use the card fraudulently through the same method.
If the information stolen wirelessly is ONLY capable of being reused wirelessly, then it's 100% odds that stolen information submitted wirelessly was stolen wirelessly (unless the card itself is physically lost/stolen, which the owner can confirm or deny)
As far as then when or where, smartcards (which require contact) and RFID (which doesn't) can both use challenge/response -- See my previous post for why this makes it possible to locate WHERE the compromise occured (by limiting the WHEN to an extremely short period of time)
Not true -- Do you think a bank can tell the difference between a card manually entered, read magnetically vs smart-carded? Why would you think that it would be any different for an RFID transaction?
The trick is that the banks need to require the CVV2 for *all* manually entered transactions, and to legislatively require jail time for any merchant who stores or prints the CVV2 in any way, shape or form.
Plus, as I understand it RFID can act like a smartcard, there is the potential to use a challenge/response system which will be MUCH harder to crack. Limiting a thief to having 30 seconds from when the transcation starts to when they need to complete it, and requiring that the card be accessible during that time (even if wirelessly), will make it much easier to track the fraud since you'll have a rather narrow radius where the thief was standing when they performed the transaction.
All of this is a "Can it be done" not a "Will it be done" though...
Slashdot Mirror
Assclownery, that's all it is.
You, I, and anyone else with an IQ higher then that of a housecat can figure out a way to get just about anything you want on to a plane. It's about making the huddled masses FEEL safe, not actually making people safe.
Lets face it, if you're going to kill yourself anyway, put it on credit...
The point is that it's another bogus, bullshit, ineffective, useless, borderline-retarded level of bullshit just to get on a gawd damn airplane to fly somewhere more interesting then you already were.
Domestic flights in Canada ONLY require ID at the gate... Why bother earlier when you can play games with boarding passes?
Ohh, a wand!
And lets face it, forging a number of signature isn't exactly rocket science.
Why not? When the commander in chim^Hef gets them confused, why should the rest of us worry about keeping those two separate?
I've flown three times in the past four weeks, not once did I show ID anywhere prior to security.
*shrugs*
Depends on the airline, airport, and country.
I think that's the point -- Someone with less to lose, but whom is still a target.
I guess the definition of "better" is what was lacking here -- You could do it a bit cheaper, assuming you use enough minutes that the $0.025/minute (US/Canadian) rate on Jajah is cost prohibitive vs an unlimited plan.
But for definitions of better including easier, you won't beat Jajah...
Sure, but that's also nothing specific to Jajah -- That's no different then if the other person phoned him directly, no?
1) You go girl.
2) This isn't anything new, you could do it by dialing them with any phone service (VoIP or not) that allows you to spoof your outbound caller ID.
3) He didn't pay for the call. You didn't read the site, did you?
Sure, but that's not what the article is about.
I'm also not coming up with any better ways of connecting two free-cell phones that both have free incoming calls, care to share?
What possible misuse is there? The only misuse I can see anywhere is to waste someone's airtime -- But you don't need Jajah for that, just phone them directly.
God damn some people are stupid.
All Jajah does is dials two numbers at once and conferences the calls. Nothing more, nothing less. No god-like access, no magical billing, nothing else.
You appear to be dumber then most -- I've been a Jajah user since well before the /. retards heard of it.
First off, you do need "VoIP credit" -- Accounts start out with $3.75 though, so you can sign up and start using it.
Second, neither the dialing nor receiving party is billed at all, other then regular air time for receiving a call (if applicable) -- So that's no different for your "victim" then if you just dialed them directly.
So why do I use Jajah? I have unlimited incoming calls on my cell, so it means I pay $0.025/minute to Jajah instead of using my rather limited outbound cell minutes during peak hours.
Shoot everyone involved in the fraud in the kneecaps and have the voters vote again.
No, that's the opposite reaction.
If you take away my right to vote because I'm in a position to alter the vote, I'm more likely to feel cheated by the system, and help cheat the system in return.
Not if the envelope password is properly secured. ANY successful attempt to authenticate against that account *must* trigger the security routines.
Typically this works best in a black-box authentication environment (Active Directory, for example), where an individual machine/app/whatever can't authenticate a password themselves, all they can do is ask the authentication service if a username/password matches and get back a Y/N answer -- The authentication service would be responsible for sending the notifications)
Also note that in this definition, black-box doesn't need to be closed source, or otherwise hidden, it just needs to be completely isolated from the application/service/whatever asking the question.
The janitors will also not have the knowledge of banks...
Security by ignorance?
I'm not suggesting any individual go after their vendor, that obviously wouldn't be practical in the real world. Rather, I'm suggesting Cisco going after the records of the vendor and going up the chain to find the source.
Cisco has deep pockets, in-house council, and the monetary incentive to make it stop.
Were I a vendor, with Cisco yelling at me, threatening to revoke my certification (I wonder how that would bode for business?), I'd probably open up records of the one known-to-be-fraud transaction to avoid a fishing expedition into all of my records.
subpoena mean anything to you?
It may not always apply, but between that, and assisting them in tracking the fraud (unless it was internal, of course)
If the information stolen wirelessly is ONLY capable of being reused wirelessly, then it's 100% odds that stolen information submitted wirelessly was stolen wirelessly (unless the card itself is physically lost/stolen, which the owner can confirm or deny)
As far as then when or where, smartcards (which require contact) and RFID (which doesn't) can both use challenge/response -- See my previous post for why this makes it possible to locate WHERE the compromise occured (by limiting the WHEN to an extremely short period of time)
Not true -- Do you think a bank can tell the difference between a card manually entered, read magnetically vs smart-carded? Why would you think that it would be any different for an RFID transaction?
The trick is that the banks need to require the CVV2 for *all* manually entered transactions, and to legislatively require jail time for any merchant who stores or prints the CVV2 in any way, shape or form.
Plus, as I understand it RFID can act like a smartcard, there is the potential to use a challenge/response system which will be MUCH harder to crack. Limiting a thief to having 30 seconds from when the transcation starts to when they need to complete it, and requiring that the card be accessible during that time (even if wirelessly), will make it much easier to track the fraud since you'll have a rather narrow radius where the thief was standing when they performed the transaction.
All of this is a "Can it be done" not a "Will it be done" though...
Or you could just connect to the printer via XP, XP will identify it and likely even install the drivers for you.
Can I treat myself? No. Do I go see a doctor?
I don't fault him for not knowing how to set it up, I fault him for not hiring someone that does.
Then what's the point? You still don't know if your vote was counted CORRECTLY, do you?