So, is USA such a shithole that you need guns to protect yourself from your neighbours and from the government? Because if I believed the gun-owners, that is the reality over there. And five seconds later they have said that, they start telling what a great place USA is. Huh?
The difference is that the U.S. has a philosophy of self-reliance at the individual level. We did not feel the need to have government services provide security measures. You can quote me numbers till high-heaven about crime rates (and by the way, the overall crime rate in the U.S. is dropping as carry permits are on the rise...hmmm), but what I care about is that the individual has the ability to protect themselves if they want because it is the individual that pays the price for the crime inflicted upon them. If you are comfortable and happy to live within the margin of not being affected by crime, good for you, but I feel more comfortable knowing that a criminal will not be successful when I am around because I do have a carry permit and do carry.
Then I would suggest that you fire every single person writing code that cannot describe flow and desired results. It sounds like you have team of people who like to experiment with features as opposed to producing quality. Every language can be abused, and it sounds like you have a group of kids with baseball bats banging on keyboards.
Based upon your statement "..life-critical real-time processor applications..." tells me C++ is one of the better languages to suite your needs. It is a language that allows for code reuse (assuming people understand just how to write the code to be reused... which is art onto itself), plus add new functionality with minimal coding. In addition, to suite your "real time" needs, you can optimize the living kajeebies out of it with some though and understanding of inline assembly.
Sorry, had to do an edit because for some reason, I used greater/less than symbols which were interpreted as HTML: my apologizes.
Congratulations, you just gave three examples of where things turned out groovy. On the flip-side, I will give you examples of where empires have laid waste to populations (both internal and example). Don't believe me, think Hitler, Stalin, Mao just to name a few. Try being a pacifist to a Muslim extremist, and I am pretty sure they will literally hand you your head: think Daniel Pear. Your examples only work because the British are reasonable people. You might not believe that, but they are. When you are on the other side to psychopaths on a mission to cleanse the world of (add your hatred here) throwing you your hands is a guarantee of death for not just you, but your family, your clan and possibly your (insert your love here)
Though I understand your goal and applaud your POSSIBLE conviction (I say that because unless you have a 10,000 man army storming down your roads, you can't say for sure what you will do), sometimes an active resistance is a better solution than passive.
Congratulations, you just gave three examples of where things turned out groovy. On the flip-side, I will give you examples of where empires have laid waste to populations (both internal and example). Don't believe me, think Hitler, Stalin, Mao just to name a few. Try being a pacifist to a Muslim extremist, and I am pretty sure they will literally hand you your head: think Daniel Pear. Your examples only work because the British are reasonable people. You might not believe that, but they are. When you are on the other side to psychopaths on a mission to cleanse the world of , throwing you your hands is a guarantee of death for not just you, but your family, your clan and possibly your .
Though I understand your goal and applaud your POSSIBLE conviction (I say that because unless you have a 10,000 man army storming down your roads, you can't say for sure what you will do), sometimes an active resistance is a better solution than passive.
Actually I believe you have that reversed. A true conservative is someone who believe in the personal freedom to be who you want to be as long as you are not hurting other people in the process. It is the Christen portion meaning the Bible that causes issues with homosexuality.
Uhm, BeOS was never used by any major ATM vendor. I know because I argued vehemently while at Diebold that we should have at a minimum, investigated BeOS as a replacement for OS/2 as opposed to going to XP.
Apparently you have never listened to his program then.
The two biggest issues that come to mind that Glenn HAMMERED the Bush administration on was amnesty for illegal aliens and the then the initial bailout bill. If I had more time, I would think of a few more.
I am running the same laptop (D820, 4 gigs of ram and FF 3.5), but with XP, it works just fine so I would guess it has something to do with either your setting or Hardy.
I really hate to reply to my own comment, but why in the heck is my comment rated to "Flamebait"? I am sorry that you don't like history, but I only stated facts...PERIOD. Shesh.
Well, I guess I can think of a continent that twice should be happy that we "meddled" in their affairs as well as several countries that have half of their population happy that we again "meddled" in their affairs. I will leave out the whole Eastern Bloc countries including Russia for the sake of brevity.
Now regarding Iran, we, the US, are pretty darn certain that the opposition leader is really no better than the current leader. What we object to is that a select few individuals in Iran have decided the outcome of the election regardless of the general population or even their laws on elections (whether we like the results or the people elected).
As a Michigan resident, I can blame her for either her inability or desire to actually turn our economy around. Not a single policy that she has put in-place has helped.
I would say that all in all, you are pretty close.
However, at least 4 of the largest ATM vendors (Diebold, NCR, Wincore and Fujistu) all use either Windows XP or the embedded version. I have not seen Windows CE used on an actual true ATM. I have seen it used on Ticket-In/Ticke-Out machines in the gambling world that were "enhanced" by a third party to act like an ATM. Also, most of those vendors assume that the ATM is either sitting on a secure network link or using a framed connection for security.
Regarding your statement about BS on the article, I would pretty much agree. The only way to truly get the PIN that a customer enters at an ATM is if the ATM configuration has been comprised meaning the ATM was not put into a true PIN-entry state (that state must be entered after the card data has been read because the track data must be sent to the EPP so a proper encrypted PIN block can be created). If the new configuration could put the ATM into a state using a standard PIN entry screen but not in the correct state, the EPP will, in fact, give you the key presses. Now granted, that transaction could not be processed by the network because a valid encrypted block would not be created meaning it could not be authenticated by the final authorizor.
In C++, there are better ways to prevent memory leaks than carefully freeing everything in your destructors (which doesn't work anyhow if your constructor throws an an awkward moment).
For this situation I would suggest that you don't do any allocation in your constructors. Use your constructors to properly initialize any primitive data members you have, and create a public method (I personally call it Init()) that does any allocation or large scale initialization. Now this is not the most ideal solution, but it also allows you to perform "lazy initialization" if you desire some time down the road.
I find it curious that we'll have conservatives who rail against welfare to American citizens but are more than happy to send the money overseas.
I am sorry, but I really take offense to this comment. I am a conservative and all of my family and friends are conservative, and none of us are against welfare. We all believe that safety nets are needed because sometimes bad things do happen to people. If I had to guess, you are taking a few quotes from some fringe conservatives and sweeping the rest under the same brush.
What we don't like is the current welfare system that does not encourage people to get off the welfare system. The current system is broken and broken badly.
Not necessarily true. There are two scenarios that could be in play here.
1) With the data from an older transaction, AND access to the HSM, they could in theory, re-encrypt a PIN block with new keys which would would allow a transaction to be authorized without ever seeing the PIN in the clear
2) They actually get some of the clear keys that would allow them to break the PIN buffer
In either case, the attack would not be considered brute-force which would turn off a card by hitting the max PIN verifications within a certain time period.
Ok you really need to just not include the USA in that sense. Look around and see just how many freakin countries have oil rigs in the waters or have navel vessels!
perl exactly falls apart when the complexity of the task increases. the language is a mess. i mean, really: compared to most anything out there, it's a hideous mess. the average quality of perl code i've seen is substantially below any language except VB and friends. one can write reasonable perl code, sure - i work with a guy who does a pretty good job - but it's very hard. and that's true both in the sense that there's a strong temptation to write poor code, given the dozens of ways to do everything, and in the sense that being clear in the language slows you down more than being clear in a more properly-structured language.
Just about all languages can be abused if so desired. Don't get me wrong, I am not that big of a Perl fan, but it does have its place, and I feel this is one of them.
your biggest concern is fork? really? if it's that bad, you need to get on a more reasonable platform (or try, say, using statically-linked binaries). but being able to hand off tasks to tools designed for them is a huge benefit. you think making socket connections in perl is a reasonable thing to do? oh, lord.
The issues of fork are not the only issue. It is just one of a few. I guess I should have made that clear in the beginning. You mention getting statically linked binaries so now I need have special binaries to run my scripting actions when all I need is just Perl installed. Granted, the socket implementation in Perl is not the best, but I have code that I use over and over that helps speed up development time.
i find it very telling that your big comparison is bash, perhaps the most bloated shell available. if you want a nice, simple, clean, and clear shell, try rc. if the complexity really is as dramatic as you say, and the speed is as important as you imply, you want to be writing in a systems language. try C.
I used bash because of the ability to run in Bourne-mode which gives the same abilities across most/all OS's (kinda like what Perl gives me: OS independence other than file system...grrrr Windows). I live and breath in C/C++ so writing a app to do what I need would not be an issue, just a real pain in the arse constantly changing the code to make a small change to say file location or name (Yes, I could have an config file that I use for this, but now I am getting darn close to just creating a new shell). That is what scriptiong is for: quick and dirty.
you say i should think of perl as a shell on steroids. if by that you mean it's got a heart problem, looks ridiculous, tends to be overly aggressive, grows out of proportion to utility, and increases depression and suicide, okay, i'll give it to you.
Each of your points are valid, but now I am cobbling together many things to get the overall results that I feel I get in a one-stop-shopping of Perl. I guess you could replace Perl with Python if that make you happy.
Perl comes into play when the shear volume and complexity of the tasks increase. If you are processing a few files, sed/awk and such are fine. Now image if you had to process several hundred files (forking for awk/sed/grep now comes into play for several hundred times). Now image you had to say add some of that data into a database for post processing? Now you have a fork for each call into say MySql command utility. Now image you needed to send that data to another machine via a socket? And say you had to reformat that data into..oh say...XML.
See where this is going? Think of Perl as a shell on 'roids.
This is worse than Bill Gates inventing the personal computer, when all he did was steal CP/M. Let's do a little better at getting history correct.
No offense, but Bill Gates did not steal CP/M. He had the smarts and vision to purchase a product called 86-DOS when other people thought that home computers would be nothing but toys.
Now I say this as someone who is typically critical of shear number of flaws in Windows and the BILLIONS of dollars spent to develop that ship-wreck. You might not like his products, but you can't argue with his early business savvy.
Slashdot Mirror
So, is USA such a shithole that you need guns to protect yourself from your neighbours and from the government? Because if I believed the gun-owners, that is the reality over there. And five seconds later they have said that, they start telling what a great place USA is. Huh?
The difference is that the U.S. has a philosophy of self-reliance at the individual level. We did not feel the need to have government services provide security measures. You can quote me numbers till high-heaven about crime rates (and by the way, the overall crime rate in the U.S. is dropping as carry permits are on the rise...hmmm), but what I care about is that the individual has the ability to protect themselves if they want because it is the individual that pays the price for the crime inflicted upon them. If you are comfortable and happy to live within the margin of not being affected by crime, good for you, but I feel more comfortable knowing that a criminal will not be successful when I am around because I do have a carry permit and do carry.
Dude, you made my day with that one!
Then I would suggest that you fire every single person writing code that cannot describe flow and desired results. It sounds like you have team of people who like to experiment with features as opposed to producing quality. Every language can be abused, and it sounds like you have a group of kids with baseball bats banging on keyboards.
Based upon your statement "..life-critical real-time processor applications..." tells me C++ is one of the better languages to suite your needs. It is a language that allows for code reuse (assuming people understand just how to write the code to be reused ... which is art onto itself), plus add new functionality with minimal coding. In addition, to suite your "real time" needs, you can optimize the living kajeebies out of it with some though and understanding of inline assembly.
What do you expect when you smell like cabbage!
Sorry, had to do an edit because for some reason, I used greater/less than symbols which were interpreted as HTML: my apologizes.
Congratulations, you just gave three examples of where things turned out groovy. On the flip-side, I will give you examples of where empires have laid waste to populations (both internal and example). Don't believe me, think Hitler, Stalin, Mao just to name a few. Try being a pacifist to a Muslim extremist, and I am pretty sure they will literally hand you your head: think Daniel Pear. Your examples only work because the British are reasonable people. You might not believe that, but they are. When you are on the other side to psychopaths on a mission to cleanse the world of (add your hatred here) throwing you your hands is a guarantee of death for not just you, but your family, your clan and possibly your (insert your love here)
Though I understand your goal and applaud your POSSIBLE conviction (I say that because unless you have a 10,000 man army storming down your roads, you can't say for sure what you will do), sometimes an active resistance is a better solution than passive.
Congratulations, you just gave three examples of where things turned out groovy. On the flip-side, I will give you examples of where empires have laid waste to populations (both internal and example). Don't believe me, think Hitler, Stalin, Mao just to name a few. Try being a pacifist to a Muslim extremist, and I am pretty sure they will literally hand you your head: think Daniel Pear. Your examples only work because the British are reasonable people. You might not believe that, but they are. When you are on the other side to psychopaths on a mission to cleanse the world of , throwing you your hands is a guarantee of death for not just you, but your family, your clan and possibly your .
Though I understand your goal and applaud your POSSIBLE conviction (I say that because unless you have a 10,000 man army storming down your roads, you can't say for sure what you will do), sometimes an active resistance is a better solution than passive.
Actually I believe you have that reversed. A true conservative is someone who believe in the personal freedom to be who you want to be as long as you are not hurting other people in the process. It is the Christen portion meaning the Bible that causes issues with homosexuality.
You do realize that banks to balance their ATMs right? They don't just keep putting money into the device with making sure it can be accounted for.
Uhm, BeOS was never used by any major ATM vendor. I know because I argued vehemently while at Diebold that we should have at a minimum, investigated BeOS as a replacement for OS/2 as opposed to going to XP.
Apparently you have never listened to his program then.
The two biggest issues that come to mind that Glenn HAMMERED the Bush administration on was amnesty for illegal aliens and the then the initial bailout bill. If I had more time, I would think of a few more.
You clarifications are spot-on. I wish I had some mod points for you.
I am running the same laptop (D820, 4 gigs of ram and FF 3.5), but with XP, it works just fine so I would guess it has something to do with either your setting or Hardy.
I really hate to reply to my own comment, but why in the heck is my comment rated to "Flamebait"?
I am sorry that you don't like history, but I only stated facts...PERIOD. Shesh.
Well, I guess I can think of a continent that twice should be happy that we "meddled" in their affairs as well as several countries that have half of their population happy that we again "meddled" in their affairs. I will leave out the whole Eastern Bloc countries including Russia for the sake of brevity.
Now regarding Iran, we, the US, are pretty darn certain that the opposition leader is really no better than the current leader. What we object to is that a select few individuals in Iran have decided the outcome of the election regardless of the general population or even their laws on elections (whether we like the results or the people elected).
As a Michigan resident, I can blame her for either her inability or desire to actually turn our economy around. Not a single policy that she has put in-place has helped.
I would say that all in all, you are pretty close.
However, at least 4 of the largest ATM vendors (Diebold, NCR, Wincore and Fujistu) all use either Windows XP or the embedded version. I have not seen Windows CE used on an actual true ATM. I have seen it used on Ticket-In/Ticke-Out machines in the gambling world that were "enhanced" by a third party to act like an ATM. Also, most of those vendors assume that the ATM is either sitting on a secure network link or using a framed connection for security.
Regarding your statement about BS on the article, I would pretty much agree. The only way to truly get the PIN that a customer enters at an ATM is if the ATM configuration has been comprised meaning the ATM was not put into a true PIN-entry state (that state must be entered after the card data has been read because the track data must be sent to the EPP so a proper encrypted PIN block can be created). If the new configuration could put the ATM into a state using a standard PIN entry screen but not in the correct state, the EPP will, in fact, give you the key presses. Now granted, that transaction could not be processed by the network because a valid encrypted block would not be created meaning it could not be authenticated by the final authorizor.
In C++, there are better ways to prevent memory leaks than carefully freeing everything in your destructors (which doesn't work anyhow if your constructor throws an an awkward moment).
For this situation I would suggest that you don't do any allocation in your constructors. Use your constructors to properly initialize any primitive data members you have, and create a public method (I personally call it Init()) that does any allocation or large scale initialization. Now this is not the most ideal solution, but it also allows you to perform "lazy initialization" if you desire some time down the road.
I find it curious that we'll have conservatives who rail against welfare to American citizens but are more than happy to send the money overseas.
I am sorry, but I really take offense to this comment. I am a conservative and all of my family and friends are conservative, and none of us are against welfare. We all believe that safety nets are needed because sometimes bad things do happen to people. If I had to guess, you are taking a few quotes from some fringe conservatives and sweeping the rest under the same brush.
What we don't like is the current welfare system that does not encourage people to get off the welfare system. The current system is broken and broken badly.
Even better than a non-working demo, try getting what will be their production code working.
Not necessarily true. There are two scenarios that could be in play here.
1) With the data from an older transaction, AND access to the HSM, they could in theory, re-encrypt a PIN block with new keys which would would allow a transaction to be authorized without ever seeing the PIN in the clear
2) They actually get some of the clear keys that would allow them to break the PIN buffer
In either case, the attack would not be considered brute-force which would turn off a card by hitting the max PIN verifications within a certain time period.
If at any one point, there is an HSM that allows the keys to be brought out of the HSM, then that HSM should NOT be used.
Plus if the "hacker" has that level of access to the transaction network meaning talk to the HSM directly, you are hosed to be honest.
Ok you really need to just not include the USA in that sense. Look around and see just how many freakin countries have oil rigs in the waters or have navel vessels!
perl exactly falls apart when the complexity of the task increases. the language is a mess. i mean, really: compared to most anything out there, it's a hideous mess. the average quality of perl code i've seen is substantially below any language except VB and friends. one can write reasonable perl code, sure - i work with a guy who does a pretty good job - but it's very hard. and that's true both in the sense that there's a strong temptation to write poor code, given the dozens of ways to do everything, and in the sense that being clear in the language slows you down more than being clear in a more properly-structured language.
Just about all languages can be abused if so desired. Don't get me wrong, I am not that big of a Perl fan, but it does have its place, and I feel this is one of them.
your biggest concern is fork? really? if it's that bad, you need to get on a more reasonable platform (or try, say, using statically-linked binaries). but being able to hand off tasks to tools designed for them is a huge benefit. you think making socket connections in perl is a reasonable thing to do? oh, lord.
The issues of fork are not the only issue. It is just one of a few. I guess I should have made that clear in the beginning. You mention getting statically linked binaries so now I need have special binaries to run my scripting actions when all I need is just Perl installed. Granted, the socket implementation in Perl is not the best, but I have code that I use over and over that helps speed up development time.
i find it very telling that your big comparison is bash, perhaps the most bloated shell available. if you want a nice, simple, clean, and clear shell, try rc. if the complexity really is as dramatic as you say, and the speed is as important as you imply, you want to be writing in a systems language. try C.
I used bash because of the ability to run in Bourne-mode which gives the same abilities across most/all OS's (kinda like what Perl gives me: OS independence other than file system...grrrr Windows). I live and breath in C/C++ so writing a app to do what I need would not be an issue, just a real pain in the arse constantly changing the code to make a small change to say file location or name (Yes, I could have an config file that I use for this, but now I am getting darn close to just creating a new shell). That is what scriptiong is for: quick and dirty.
you say i should think of perl as a shell on steroids. if by that you mean it's got a heart problem, looks ridiculous, tends to be overly aggressive, grows out of proportion to utility, and increases depression and suicide, okay, i'll give it to you.
Each of your points are valid, but now I am cobbling together many things to get the overall results that I feel I get in a one-stop-shopping of Perl. I guess you could replace Perl with Python if that make you happy.
Perl comes into play when the shear volume and complexity of the tasks increase. If you are processing a few files, sed/awk and such are fine.
Now image if you had to process several hundred files (forking for awk/sed/grep now comes into play for several hundred times).
Now image you had to say add some of that data into a database for post processing? Now you have a fork for each call into say MySql command utility.
Now image you needed to send that data to another machine via a socket? And say you had to reformat that data into..oh say...XML.
See where this is going? Think of Perl as a shell on 'roids.
This is worse than Bill Gates inventing the personal computer, when all he did was steal CP/M. Let's do a little better at getting history correct.
No offense, but Bill Gates did not steal CP/M. He had the smarts and vision to purchase a product called 86-DOS when other people thought that home computers would be nothing but toys.
Now I say this as someone who is typically critical of shear number of flaws in Windows and the BILLIONS of dollars spent to develop that ship-wreck. You might not like his products, but you can't argue with his early business savvy.