However, I must admit that it's hard for me to imagine anybody specifically targeting me;
You in particular, as opposed to any other member of the human specie ? Probably nobody is wasting the ressources, indeed. (Though it's hard to be 100% sure).
On the other hand: You, as in a member of a targeted group ? (Say as: - "an American who might be rich, so let's try to get as much personal data as possible, in order to try some identity theft/impersonation and see if we can empty their bank accounts" - "a citizen, but there the 'one-in-a-million' chance that he might be an evil terrist, so let's siphon all on-line communication, to protect the interests of the gov^H^H^H democracy and freedom" - "someone with a computer. maybe there's something of value stored on the computer, so let's encrypt everything and asks for bitcoin in exchange of the decryption key" - "hey, there's a smartphone, syncing its photo database to the cloud! Let's try to break this and maybe we'll land on some pictures resellable to pornsites" - "sniff, sniff,... do I smell badly protected credit card numbers in that database ?" - "Hello dear Mr. Techno Vampire, I'm the son of the late King of Nigeria...." - etc.) You bet. Happens probably way more time per day that you imagine. Even if you don't have any classified information, you as an individual have several caracteristics which cause you to be lumped into the group targetted by various people in for the money. Luckily for you not all of those semi-automated large-scale operation manage to succeed. Unlucky for your those actually successful are most likely to go unnoticed - quickly swept under the rug - unless the target was a high profile (say: Sony's database got hacked yet again and millions of credicards numbers are up to grab on the darknet).
But yeah, you ARE definitely targetted, constantly. Just noboy sees you as a clear individual, more as a number on a long list of targets. (Except maybe for the Nigerian Prince. This kind of scam tends to be a little bit more personal and targeted).
7z is a software used to manipulate archives in numerous format (including a few obscure format - one of the most compatible on the market).
Lots of security software like antivirus need to be able to process archives (e.g.: an antivirus needs to scan all the files packaged into a ZIP archive). Some of these security software use 7z as an archive engine.
7z has a vulnerability when unpacking a specially crafted archive. This flaw will extend to security sofware that rely on 7z as a component to help them handle archives.
Hence "Dangerous 7-Zip Vulnerabilities Flow To Top Security, Software Tools"
By sending an e-mail with a specially crafted ZIP file attachment, you can b0rk the mail server using an exploit that affects the antivirus in charge of scanning incomming attachments, because that antivirus relied on 7z.
The FCC rules do not mandate, either directly or indirectly, that OS firmware be blocked.
Which was already explained in the Summary.
I know this is/. and nobody reads TFA, but you could at least read a little bit past the title and at least read the summary.
A title has limited number of words and characters: "despide FCC rulins" is as mush as the author managed to cram into it.
And the FCC *IS* causing most manufacturer to lock their firmware. FCC doesnt madante litteraly against opensource and user-upgradeable firmware, but the ruling is strict. No unlawful signal shall be emitted by a device. Under no circumstances.
- Either a manufacturer has to jump through some complex hoops to find a solution which both open and user accessible (following the spirit of the GPL license used by some component. And litteraly following GPLv3) AND at the same time prevent the end-user from emitting signals that fiolated FCC rules (e.g.: emitting on a EU-only frequency in USA).
- Or the manufacturer could just lock everything in a box, and only let cryptographically-signed firmwares in, and call it a day. (and hope no GPLv3 got violated in the process).
Nearly every constructor goes for the latter. Only LinkSys Fritz and a few other go for the former
Why do they get to ban one DVD backup tool and leave the rest alone?
My opinion (note that I'm NOT a lawyer) is that they are testing the water. See if they can manage this case and set a precedent. And then use this case as reference form future lawsuits with other DVD backup software developers. (A little like back then with Napster)
Though, in practice, I think this is going to fail completely. There are way too many DVD backup tools out-there, some developed outside of the jurisdiction of the AACS.
*Internally* their server doesn't run a full-blown XMPP Service. That doesn't prevent it from being *also* accessible over XMPP.
Google Hangouts and Google Talk people see each other, can chat with each other (and Google Talk is XMPP based).
and Google Talk (which does use a proprietary customised version of XMPP, just like whatsapp) is a discontinued (or never launched) product everywhere except the US and Canada.
Huh, nope.
1. Google Talk runs on XMPP. They did add a few proprietary extensions, but still those are documented and several software are able to use them.
2. Europe here. I'm still using Pidgin's XMPP protocole plugin to log into Google Talk and chat with my friends, some of which have moved to hangouts. It's still working as of today.
Still WhatsApp is a worse piece of crap:
- binary variant of XMPP (using a built-in phrase book to substitute XML keywords) - use a proprietary register/log-in system (- a teast has recently started to use SIlent-Circle-like cryptography. At least something not bad) - WhatsApp/Facebook actively hunt and kick-ban any user caught using a 3rd party software - WhatsApp/Facebook go at great lenghts trying to prevent any reverse-engineering/Re-implementation by suing the shit out of 3rd party developpers. - WhatsApp/Facebook are discontinuing everything except iOS and Andoird support. For anything else: sorry, you just lost you instant messaging chat.
I don't think the users would have believed in it as such back then.
Yup indeed. Github is best described as "source repository combined with a *social* hub for coding geeks", and you can plainly see all the elements which would have had raised eyebrows back then :
- *repository* and *social hub* ? Why would people want a Facebook- / Myspace- clone slapped onto their Sourceforge- / Google Code- clone ? - *social anything* for developers ? Geeks are the demographic which most viscerally hates social networks ! Nope, never gonna work !
In that alternative history of a Bitmover opensourcing Bitkeeper, the only hope would be for at least one "bithub" start-up to be successful enough, so they can re-hire/subcontract Bitkeeper's developpers before Bitmover bellies up.
People were upset it was not OSS and it got replaced mostly because that was preventing people from contributing to Linux and making the management processes harder.
Not even. According to several of Linus' keynote/speeches (to lazy to google them, but it should be trivial to look for them on Youtube), bitkeeper was maybe available for free for Linux kernel development, but the license came with a clause forbidding reverse engineering/rewriting a clone of bitkeeper. Nonetheless, several hacker started building their own tools interacting with the various bitkeeper databases.
Apparently at that point, Linus decided it would be better to drop bitkeeper before it becomes too hairy. In fact nobody was angry at anyone.
Implementing GIT was simpler for Linus than sorting the mess about reverse engineering/reimplementations (as he's always explained, he's a filesystem guy, and GIT is fundamentally a content-adressable filesystem - with a VCS interface slapped on top of it. For a brillant hacker like Linus, creating GIT *WAS* simpler than to try herding the "legal-problem" cats).
BK would be today's Git, pretty clearly if it had been open sourced at the time. What isn't clear is if it could have been monetized effectively.
Maybe an opensource bitkeeper would have been today's git, but without the company also being today's github, it would have been difficult for them to monetize it. And back then, it would have been difficult to convince people that a "source repository combined with a *social* hub for coding geeks" would become a thing.
One thing the article left out is how Zug will convert BC to SF. I would guess they want to do that immediately since they would not want to expose themselves to BC's volatility but rather ensure the expected revenues are matched by actual ones. Since it is a small trial the volatility wouldn't be enough to make much of a difference but large scale adoption of BC for payments would require them to address the volatility and conversion to SF issues.
Good question. I would imagine they'll simply resort to a payment processor? And thus defer to them the gory details of handling the BTC-CHF conversion ?
- They use payment processors for handling credit cards anyway (Six Payment is wide speard in most physical shops in Switzerland, Datatrans is popular for on-line payments)
- There are a few payment processor that both can handle CHF *and* BTC (Random example among the bitcoin-oriented payment processors, Coinbase is available in Switzerland) (Another more classical example: Sum Up is a start-up for classical credit card payments, focussing on using Apps on smartphones/tablets a.k.a. mPOS - thus perfect for small businesses on the move like food-trucks - which is partnering in Switzerland with UBS - one of the three biggest swiss banks, that's some cred - and apparently they've started featuring bitcoin, using Bitpay behind the scene for the BTC processing)
- Nearly any shop that I know which handles BTC (random example: Humble Bundle) uses a payment processor and defers to them the handling of BTC, the shop it self only receives its local currentcy on the bank account, like with credit card processors. The only exceptions are shops ultra specialised in bitcoin technology (e.g.: butterlfy labs, they price all their mining hardware directly in BTC)
It will be interesting to see if other cantons / cities get on the train as it leaves the station or merely get pulled along into it by Zug...
According to TFA, it's not about the "connect-the-dots" gestures used to unlock the screen saver. It's a different type of touch-identification in play here.
It's about the phone continuously monitoring how you touch the screen and thus how you move your hands and wrists (think the touch-screen equivalent of calligraphy). It makes the phone able to create a model of the users motions. (Think the touch-screen equivalent of forensic graphanalysis) If the phone notice a sudden change in style (touch-screen equivalent of change of "hand") chance are high that it's someone new/different handling the phone.
In this case, the finger-bot clicks where you ask it to click, but does it in a style that reminds the phone of its original user (think the touch-screen equivalent of signature forging). So the phone doesn't notice that an unauthorised user is using it, because the lego finger-bot copies the style of the legitimate user.
Are you also saying tht unattended places are immune from people bustung or messing them up? Is this going to be different from other unattended places?
All of your self driving perfection is ignoring the fact that ATM's get held up - and they have cameras, public restrooms have issues. Somehow some way this taxicab that won't have money is somehow immune.
On the other hand, fully unattendedcar-sharingDOESALREADYEXISTOUT-THERE (and that's just the few with which I have personnal experience), and none of them have reported the chronical "people-taking-a-dump-in-cars" problems that you are afraid of, despite being as unattended as ATMs or public toilets. I'm not throwing imaginary technical solutions at you. I'm speaking how things are currently happening out there on the street.
Yes it is going to be different from unattended places and - in the case of carsharing - is arleady different today.
The main difference is that while both your examples (ATMs, public toilets) and cars (car-sharing, self driving autonomous vehicles) are 100% unattended, the former are percieved more or less as anonymous (though in practice some of your exemple do have cameras, as you mention, but that still requires authorities to track down the culprit - which they won't have the resource to do systematically, only in case of a big heist), whereas as the later are definitely not simply due to the fact how these service work (either today for car-sharing or potentially in the future for self-driving cars).
As you're more or less anonymous in a public rest-room, or in front of an ATM (to which you haven't log-in already with your card), the GIFT comes into play (and this is nothing new to the internet, the concept of perceived anonymity possibly leading to anti-social behaviours has been debating since antiquity). The sensation that vandals have that: they aren't seen, won't be caught, and other will discover their deeds only to late - leads the vandals to feel impunity and try to do (litteral or metaphorical) shit.
Shared cars (and very likely future autonomous variants of it), by the very way which the service works, require you to log-in before being able to access the cars (They need to know who accessed which car when in order to correctly bill). You're not imagining yourself as an anonymous, uncatchable vandal. The person taking a dump in the car is clearly user John Doe, user-id #123456, billing info [blabla] - because he needed to unlock the door before accessing this substitue toilet, and he's required to provide that info to do the unlock. When the next user discovers the dump, billing you for the cleaning is absolutely trivial (just a couple extra line of code in the whole booking/renting/billing platform).
I'm not (only) speaking about a technical solution that will eventually need to be implemented. I'm mostly pointing out that the current setup of car-sharing is a good enough psychological deterrent against poop-vandalism of cars. Not because of magic pixie dust, but simply by virtue of lacking the necessary "I won't get caught" sensation that is necessary to spark the antisocial incar-dump-taking behaviour.
Imagine a world were, before getting access to a public toilet, we need to first swipe both your driver's license and credit card to open a secure door. Do you really think that you'll see as much vandalism as currently ? That's how car-sharing work (and very likely future autonomous car will work) - because the whole system need it for administrative purpose.
My point, lost in this parade of people telling me I am wrong abot the whole thing,
Money laundering with bitcoins in general is a bad idea. Once again, just to remind you that the whole central modus operandi is the exact opposite of anonymity :
The whole purpose for which bitcoin was created was to eschew the need of a central authority (As opposed to credit cards - on which MasterCard and Visa have a near-monopoly - online payment processor like PayPal which are more or less the defacto standard), to avoid situations such as MasterCard and Visa deciding to freeze WikiLeaks' donations or the various snafus of PayPal. They wanted something more like cash (which can freely change hands without problems) or somehting remind a little bit the SEPA system used by european banks (you can easily and (relatively) quickly exchange money between any random accounts, as long as both banks are member of this system). This works by instead spreading the official ledger book (aka the blockchain) accross all peers of the network. There is no such things as anonymity in the bitcoin network, everyone can check all the transations ever. On purpose. So anyone can check that all transactions seem legit and the whole network can agree on it, without the need of a central authority.
At best you have some pseudonymity: The transaction aren't expressed using real citizen identities, but using cryptographic keys (So on a quick glance, you'll transaction validated by "key 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61", not by "real identity John Doe, address:..."). On a quick glance the real-life identity behind each cryptographic transaction isn't revealed, but isn't beyond the Big-data analysis and computing power of a well motivated State. (by following all the various "money threads" formed by all the numerous cryptographic transaction, it's possible to cluster them, and boil down to a list of potential suspects).
So money laundering using bitcoins isn't a very intelligent decision. If a state-level agency (or any other entity with access to similar level resources) decide to go after your ass, they'll find you.
Not sure it's smart to give more power to the bitcoin folk though.
Yup, indeed. Whether in fact bitcoin managed to actually achieve independence from central authority is open to debate: Everyone *can* indeed check the blockchain. But currently, most of the "mining" computing power is at the hand of a few chinese guys.
This is probably safer than a lot of other uses of bitcoin.
And actually somewhat useful: a bill paid by bitcoin is stored forever in the blockchain. It can be checked by anyone. No risk of losing the proof of payment and getting into administrative troubles.
Sorry, everything in German. The English version of the City Website only contain tourist-oriented information. These news aren't translated. But might be useful to other/.er fluent in Goethe's mother tongue (Official media is written in Schriftdütsch, not in dialect).
There's already precedent with car sharing (car that you can quickly pick up for a short ride, while never interracting with any human being) :
- The company needs anyway to have the full billing information of their client (of course, you need to *bill* them for the ride). - When the next customer enters the car, they'll notice the stupid things done by the predecessor, and they'll call customer service to complain. - Customer service assigns the shit-discoverer to another (hopefully clean) car - The soiled car gets blocked for reservation (and remaining reservations are re-assigned) - A technician comes to pick-up the car and bring it for cleaning - The car shitter (remember: the car-sharing companies knows precisely who booked which car when - they have a log of which customer card was used to unlock which vehicle. They need it to do proper billing) gets billed a huge fine to cover cleaning and act as a deterrent.
This fine is currently already working as an efficient deterrent against intentional car-shitting. Never heard of- nor personnally experienced- finding such a shared car filled with poop.
The only difference with potential self driving cars: - the users of self-driving taxis would eventually be legally allowed lay (more appropriate than "drive" in this context) passed-out on booze, thus leading to an increasing rate of car-shitting of the *non-intentional* kind (*). - on the other hand, self driving taxis could autonomously drive to get cleaned instead of waiting a technician to come an pick them up.
---- (*) as in, the ride you have booked arrives at your place with the preceeding occupant of the car still inside, inconsious in their own pool of vomit and shit. On the other hand, as a positive note, an autonomous car would be able to detect "failure to exit the vehicle at the intended destination" condition and subsequently try to seek (i.e.: autonomously drive to...) proper medical assitance for their passed-out passenger.
Huh? Nope. Google bought a small start-up founded by former Google employee and which back then was already working for a Java-based Phone OS. (Java was very popular for making software on feature- / smart- phones) They just happen both to have been unveiled around the same time frame (2007).
Under the hood, they share nearly nothing: - Android is a new beast, using a Linux kernel, but running an entirely new user-space, mostly based around a Java-like platform, instead of the regular GNU userland. (again very common on older feature phone. Linux is a nice powerful kernel that comes for free. But most feature-phones didn't have enough power to run a full-blown GNU userland, thus tended to use custom software). - iOS is a Mac OS X derivative : more or less similar BSD-ish root, but with a different GUI layer.
On the surface, none of them is anything new: - They look similar to the earlier success Palm OS, which in turn look similar to Apple's own ill-fated commercial flop "Newton", which in turn shared a lot with the even older EPOC system by Psion, etc.
Apple just put the marketing effort to take a concept that is very popular in a smaller market (PDA) and bring it to a wider audiance. Even if it took them a precedent failed attempt (the above mentioned "Newton"), and other companies were on a similarly successful path at the same time (Palm OS-powered smartphone started to appear around the same time, and at that point Palm OS was already very successful in the business world).
Had Apple not vulgarized smart-phone with the iPhone, palm would have been successful in it any way, and google would be releasing Android all the same.
and Samesung copied the iPhone hardware down to the last detail.
These are smartphones. It's a slab with a big screen and a touch interface. It's been these way all the way back from the dawn of PDAs. (With the exception of Psion having a touch interface AND a compact clamshell keyboard. Since then it's touch screens everywhere). Of course they are going to look more or less similar. But nobody is putting a tantrum because iPhone look remotely like Palm and iPAQ.
Windows is a copied version of the Macintosh GUI.
As mentioned by others: - Xerox PARC actually invented and demoed the first GUI. - Lots of company have started producing GUI, some with very little resemblance to Mac OS (e.g.: Amiga OS).
If there were a revolution in self-driving cars coming from Apple, you can bet its competitors are going to make billions copying Apple,
Or you can bet that it is going to be a big flop, like Apple Newton was on their first attempt at making pocket computers.
Or it's going to be the "meh" that Apple's iWatch is currently being. (Overpriced, not very interesting feature-wise, with a shitty battery life. Not very useful, looks like just an attempt to jump into the same bandwagon all the other constructors tried to jump in once they noticed the relative popularitime of Pebble's Kickstarted)
Or it's going to be as popular as iMac's original hockey-puck single button mice.
thanks to the pathetic IP laws that are not capable of dealing with the rapid IP innovations of the modern world.
Yeah, because trademarking rounded corner is totally non pathetic.
Apple use their patent portfolio as simply a weapon trying to block potential competitors.
Might be that the actual black-listed element is a malware-serving ad server.
Both you and I will never see it (thanks to Ublock), the other poster happens not to have received this specific ad so no warning sign, whereas TFA's Author happen to be served an ad from this black-listed server at the specific moment they took the screen shot for TFA, hence the warning box.
Broken devices being replaced are a small minority...
Not in my experience: most of the people around me tend to break phone rather fast. About 1-2 years in, and the thing is basically good to throw away. I'm actually the weird guy in this pool (I keep my smartphone and other such fragile electronics in holsters on my belt instead of leaving them in my pocket. I use screen cover, etc.) And I'm getting question from friends about why I do keep old phones, instead of buying the latest iShiny.
and there's plenty of repair places to handle them as well.
But most repairs aren't cheap. And mid range phone's prices have fallen to the point were getting a new phone is getting interesting.
I only know two friends who are repairing their phones. - One is starting to get her phone repaired, now that she has exceeded the replacements from her insurrance, maxed the number of phones she can get from her service provider, etc. Basically, repairing her broken phone is the only way she can have a phone short of digging some old Nokia from the cellar (which probably still has 50% battery left:-P) and stick with it until she can get a new phone with her plan. - The other has bought a Fairphone for the explicit reason that it's easy to repair and she can ask me to quickly swap parts for her.
A $20 case will prevent the large majority of broken phones.
...which completely defies the current trend of trying to produce the thinnest and shiniest possible phone. What's the point of buing a phone that is only 4mm thick and has its entire back body made of brushed aluminium, if you're going to keep it inside a thick layer of negative-shear-factor-goo ?
NOTE: I'm not against cases (I keep my phone in a holster on my belt), I'm against the stupid trend of thin phones and aluminium. Makes no sense when everybody needs to stick phone in cases. Have a replaceable case part of the initial design (as it used to be with older thick PDAs and non-smart phones) instead.
I do know that there are exception. We could also cite the FairPhone & FairPhone2, smartphones where repairability is among the main features that it's company is proud of (the other point being fair trade in regards of conflict mineral and proper wellfare in the factory).
This things are designed to be easy to repair alone without needing any shop.
Don't under-estimate the absolutely catastrophic repairability of iPhone.
Yes, "we've reached Peak iPhone", in the sense that most people are happy with their current phone and don't need to exchange it with one with more features. The market is saturated, nearly every customer who would like to buy an Apple smartphone has already done so...
BUT
The modern smartphones arent the old non-smart phones of before. Those back then were durable to the point of being nearly indestructible, and weren't that hard to repair either. The only reason someone would ever have to buy a new phone would be if the newer had features that the previous didn't, and those features are becoming absolutely needed (e.g.: emergence of smartphones, apps, online services, etc. - phones becoming slowly pocket computers).
Nearly all modern smartphones are very fragile - they'll break very easily - and are a pain to repair. (e.g: In the name of making even thinner devices and shinier metallic surfaces, they'll bend easily and crack. replacing screen is a real pain where you basically need to re-assemble all the innards over the new screen, and using a heat gun to melt glue is as frequent as unscrewing screws was before. Don't forget to bring a soldering iron if you have the boldness to try replacing the battery.)
The main reason someone will buy a new smartphone is because the previous one is broken/needs a new battery, and the whole procedure costs nearly as much as getting a new smartphone.
So yes, indeed, bringing a new iPhone is the best idea Apple could have to fight "peak iPhone". Not because the iPhone 7 would be much better than the iPhone 6 to the point that people will need a new one. But because all the iPhone 5 and 4 will fail any time soon, and it will be cheaper to buy a new one than trying to repair them.
The catastrophic repairability of iPhone is their best feature for Apple: mean that they'll keep selling new phones to replace the broken ones. They won't sell them anymore at the same speed as back when they were entering new markets. But there's going to be a steady need for Apple to keep producing phones to replace the regularly failing ones.
They need to just integrate some of the already available cloud calendars.
The problem with cloud calendars are just how many of them there are. - You might be using Google Calendars. - But your friends organise your group's events over facebook - And your local pen and paper RPG club coordinates over doodle. - Then your work uses an MS-Exchange server - and there's a couple of RDF-exported calendar you need to take into account too.
In this context: you DEFINITELY need 1 single calendar platform that is able to coordinate between all the above.
Palm's (then later HP's) webOS with its Synergy concept was absolutely marvelous from that point of view for smartphones) (Jolla's Sailfish OS is the closest thing I've found as a successor for smartphones)
For desktop, LightningBird is a good candidate, once all the quirck have been ironed out (and some of the most important plugins included as a standard).
How would you make an urgent purchase by phone? More than once, I've purchased an airline ticket over the phone while I was literally in a cab on my way to the airport, I'd be pretty pissed if my bank would not allow that.
The problem is the same feature that enables you to buy a plane ticket over the phone with a "card not present" type of transaction, would enable absolutely any fraudster to impersonate you and empty you account / buy up to the card's limit simply by using some number printed on the face of your card that the fraudster could even have just glanced over. (Yes, there are insurances against that, but still somebody is going to need to pay the cost. In the end this cost is passed to the customer as transaction fees and/or monthly fee).
The way I've seen "card not present" type of transaction handled here in around Europe, is out of band confirmation.
- A few years ago, I've got contacted by SMS by my bank asking to confirm directly to them the transaction. (This part I haven't encountered for the last few years, so I don't know if it still exists. Though I doubt that it is still in use, because back then the standard identification protocol was answering a couple of question that any one can quickly answer by searching modern social networks)
- Nearly every single transaction of the "card not present" type nowadays happens *on-line*. So still likely to happen over the phone, except using the "smart" part of the functionality of the phone. A very huge proportion of online transaction I've seen use 3-D Secure system, which is basically also an out-of-band confirmation: a new intermediate page (in the purchase flow) or a new tab is opened asking you to log-in and confirm the transaction. This confirmation is NOT served by the web merchant (or the plane company in your case) server, but by the bank's webserver. (Clearly indicated in the URL, all transaction authenticated using an up-to-date https). Only once you confirm on the bank's website does the transaction goes through at the merchant. (A fraudster would not only need the numbers visible on your card, but would also need to be able to log into your bank's 3dsecure page). All the plan ticket I've bought online have gone through a 3d secure confirmation (EasyJet, StarAlliance, a few others...). Though I didn't by them while in the cab, but well in advance.
It's not that dissimilar from the way PayPal is handled by merchant: at some point the webshop redirect to page hosted on https://paypal.com/ that asks you to log-in to confirm the transaction.
And let's be serious for a minute: you're speaking about airlines. with the present security circus, you're at least in for 60 to 90 minutes of queue in front of the security check. It's not that you're going to miss your plane if you take 5 minute more to buy the ticket before getting into the cab. And there's still plenty of time to purchase your plane ticket at the airport using proper on-line identification while waiting on the queue.
Since I don't have a chip reader in my phone, I don't see how I'd be able to make a mobile web purchase either.
Actually, you do.
Phones' NFC, and card reader/credit card's RFID can talk to each other.
Some european bank do use as a 2-factor to authenticate your online session: stick your RFID card to your phone's NFC antena (example)
There's no *technological* limitation to your smartphone acting as a payment terminal using a simple app, though the only example I've seen use a bluetooth enabled contact-chip reader instead of directly accessing the card over NFC. (I suspect current certifications won't allow a smartphone app to input a pin and sign a transaction)
but one day you could probably pay simply by sticking your RFID card against the phone's NFC antena.
Slashdot Mirror
However, I must admit that it's hard for me to imagine anybody specifically targeting me;
You in particular, as opposed to any other member of the human specie ?
Probably nobody is wasting the ressources, indeed.
(Though it's hard to be 100% sure).
On the other hand:
You, as in a member of a targeted group ?
(Say as:
- "an American who might be rich, so let's try to get as much personal data as possible, in order to try some identity theft/impersonation and see if we can empty their bank accounts"
- "a citizen, but there the 'one-in-a-million' chance that he might be an evil terrist, so let's siphon all on-line communication, to protect the interests of the gov^H^H^H democracy and freedom"
- "someone with a computer. maybe there's something of value stored on the computer, so let's encrypt everything and asks for bitcoin in exchange of the decryption key"
- "hey, there's a smartphone, syncing its photo database to the cloud! Let's try to break this and maybe we'll land on some pictures resellable to pornsites"
- "sniff, sniff,... do I smell badly protected credit card numbers in that database ?"
- "Hello dear Mr. Techno Vampire, I'm the son of the late King of Nigeria...."
- etc.)
You bet.
Happens probably way more time per day that you imagine.
Even if you don't have any classified information, you as an individual have several caracteristics which cause you to be lumped into the group targetted by various people in for the money.
Luckily for you not all of those semi-automated large-scale operation manage to succeed.
Unlucky for your those actually successful are most likely to go unnoticed - quickly swept under the rug - unless the target was a high profile (say: Sony's database got hacked yet again and millions of credicards numbers are up to grab on the darknet).
But yeah, you ARE definitely targetted, constantly. Just noboy sees you as a clear individual, more as a number on a long list of targets.
(Except maybe for the Nigerian Prince. This kind of scam tends to be a little bit more personal and targeted).
Very likely. What could possibly go wrong?
My nipples explode in delight!
7z is a software used to manipulate archives in numerous format (including a few obscure format - one of the most compatible on the market).
Lots of security software like antivirus need to be able to process archives (e.g.: an antivirus needs to scan all the files packaged into a ZIP archive).
Some of these security software use 7z as an archive engine.
7z has a vulnerability when unpacking a specially crafted archive.
This flaw will extend to security sofware that rely on 7z as a component to help them handle archives.
Hence "Dangerous 7-Zip Vulnerabilities Flow To Top Security, Software Tools"
By sending an e-mail with a specially crafted ZIP file attachment, you can b0rk the mail server using an exploit that affects the antivirus in charge of scanning incomming attachments, because that antivirus relied on 7z.
That means
The FCC rules do not mandate, either directly or indirectly, that OS firmware be blocked.
Which was already explained in the Summary.
I know this is /. and nobody reads TFA, but you could at least read a little bit past the title and at least read the summary.
A title has limited number of words and characters: "despide FCC rulins" is as mush as the author managed to cram into it.
And the FCC *IS* causing most manufacturer to lock their firmware. FCC doesnt madante litteraly against opensource and user-upgradeable firmware, but the ruling is strict. No unlawful signal shall be emitted by a device. Under no circumstances.
- Either a manufacturer has to jump through some complex hoops to find a solution which both open and user accessible (following the spirit of the GPL license used by some component. And litteraly following GPLv3) AND at the same time prevent the end-user from emitting signals that fiolated FCC rules (e.g.: emitting on a EU-only frequency in USA).
- Or the manufacturer could just lock everything in a box, and only let cryptographically-signed firmwares in, and call it a day. (and hope no GPLv3 got violated in the process).
Nearly every constructor goes for the latter. Only LinkSys Fritz and a few other go for the former
Why do they get to ban one DVD backup tool and leave the rest alone?
My opinion (note that I'm NOT a lawyer) is that they are testing the water.
See if they can manage this case and set a precedent.
And then use this case as reference form future lawsuits with other DVD backup software developers.
(A little like back then with Napster)
Though, in practice, I think this is going to fail completely. There are way too many DVD backup tools out-there, some developed outside of the jurisdiction of the AACS.
Google hangouts doesnt use XMPP
*Internally* their server doesn't run a full-blown XMPP Service.
That doesn't prevent it from being *also* accessible over XMPP.
Google Hangouts and Google Talk people see each other, can chat with each other (and Google Talk is XMPP based).
and Google Talk (which does use a proprietary customised version of XMPP, just like whatsapp) is a discontinued (or never launched) product everywhere except the US and Canada.
Huh, nope.
1. Google Talk runs on XMPP. They did add a few proprietary extensions, but still those are documented and several software are able to use them.
2. Europe here. I'm still using Pidgin's XMPP protocole plugin to log into Google Talk and chat with my friends, some of which have moved to hangouts. It's still working as of today.
Still WhatsApp is a worse piece of crap:
- binary variant of XMPP (using a built-in phrase book to substitute XML keywords)
- use a proprietary register/log-in system
(- a teast has recently started to use SIlent-Circle-like cryptography. At least something not bad)
- WhatsApp/Facebook actively hunt and kick-ban any user caught using a 3rd party software
- WhatsApp/Facebook go at great lenghts trying to prevent any reverse-engineering/Re-implementation by suing the shit out of 3rd party developpers.
- WhatsApp/Facebook are discontinuing everything except iOS and Andoird support. For anything else: sorry, you just lost you instant messaging chat.
I don't think the users would have believed in it as such back then.
Yup indeed. Github is best described as "source repository combined with a *social* hub for coding geeks", and you can plainly see all the elements which would have had raised eyebrows back then :
- *repository* and *social hub* ? Why would people want a Facebook- / Myspace- clone slapped onto their Sourceforge- / Google Code- clone ?
- *social anything* for developers ? Geeks are the demographic which most viscerally hates social networks !
Nope, never gonna work !
In that alternative history of a Bitmover opensourcing Bitkeeper, the only hope would be for at least one "bithub" start-up to be successful enough, so they can re-hire/subcontract Bitkeeper's developpers before Bitmover bellies up.
People were upset it was not OSS and it got replaced mostly because that was preventing people from contributing to Linux and making the management processes harder.
Not even. According to several of Linus' keynote/speeches (to lazy to google them, but it should be trivial to look for them on Youtube), bitkeeper was maybe available for free for Linux kernel development, but the license came with a clause forbidding reverse engineering/rewriting a clone of bitkeeper.
Nonetheless, several hacker started building their own tools interacting with the various bitkeeper databases.
Apparently at that point, Linus decided it would be better to drop bitkeeper before it becomes too hairy.
In fact nobody was angry at anyone.
Implementing GIT was simpler for Linus than sorting the mess about reverse engineering/reimplementations (as he's always explained, he's a filesystem guy, and GIT is fundamentally a content-adressable filesystem - with a VCS interface slapped on top of it. For a brillant hacker like Linus, creating GIT *WAS* simpler than to try herding the "legal-problem" cats).
BK would be today's Git, pretty clearly if it had been open sourced at the time. What isn't clear is if it could have been monetized effectively.
Maybe an opensource bitkeeper would have been today's git, but without the company also being today's github, it would have been difficult for them to monetize it. And back then, it would have been difficult to convince people that a "source repository combined with a *social* hub for coding geeks" would become a thing.
I am several days late because I have been playing Tomb Raider on my Linux machine.
Yup, I feel your pain. It was an anxious wait until RadeonSI hit the opengl 4.2~4.3 milestone in Mesa.
(To all the other regular /. readers: sorry for the deep insider joke).
One thing the article left out is how Zug will convert BC to SF. I would guess they want to do that immediately since they would not want to expose themselves to BC's volatility but rather ensure the expected revenues are matched by actual ones. Since it is a small trial the volatility wouldn't be enough to make much of a difference but large scale adoption of BC for payments would require them to address the volatility and conversion to SF issues.
Good question.
I would imagine they'll simply resort to a payment processor? And thus defer to them the gory details of handling the BTC-CHF conversion ?
- They use payment processors for handling credit cards anyway (Six Payment is wide speard in most physical shops in Switzerland, Datatrans is popular for on-line payments)
- There are a few payment processor that both can handle CHF *and* BTC (Random example among the bitcoin-oriented payment processors, Coinbase is available in Switzerland) (Another more classical example: Sum Up is a start-up for classical credit card payments, focussing on using Apps on smartphones/tablets a.k.a. mPOS - thus perfect for small businesses on the move like food-trucks - which is partnering in Switzerland with UBS - one of the three biggest swiss banks, that's some cred - and apparently they've started featuring bitcoin, using Bitpay behind the scene for the BTC processing)
- Nearly any shop that I know which handles BTC (random example: Humble Bundle) uses a payment processor and defers to them the handling of BTC, the shop it self only receives its local currentcy on the bank account, like with credit card processors.
The only exceptions are shops ultra specialised in bitcoin technology (e.g.: butterlfy labs, they price all their mining hardware directly in BTC)
It will be interesting to see if other cantons / cities get on the train as it leaves the station or merely get pulled along into it by Zug...
I see what you did here... :-D
According to TFA, it's not about the "connect-the-dots" gestures used to unlock the screen saver.
It's a different type of touch-identification in play here.
It's about the phone continuously monitoring how you touch the screen and thus how you move your hands and wrists (think the touch-screen equivalent of calligraphy).
It makes the phone able to create a model of the users motions. (Think the touch-screen equivalent of forensic graphanalysis)
If the phone notice a sudden change in style (touch-screen equivalent of change of "hand") chance are high that it's someone new/different handling the phone.
In this case, the finger-bot clicks where you ask it to click, but does it in a style that reminds the phone of its original user (think the touch-screen equivalent of signature forging).
So the phone doesn't notice that an unauthorised user is using it, because the lego finger-bot copies the style of the legitimate user.
Japanese hardware maker announcing an "adult-toy" version of the finger-bot (complete with pink color scheme) coming in
3...
2...
1...
Are you also saying tht unattended places are immune from people bustung or messing them up? Is this going to be different from other unattended places?
All of your self driving perfection is ignoring the fact that ATM's get held up - and they have cameras, public restrooms have issues. Somehow some way this taxicab that won't have money is somehow immune.
On the other hand, fully unattended car-sharing DOES ALREADY EXIST OUT-THERE (and that's just the few with which I have personnal experience), and none of them have reported the chronical "people-taking-a-dump-in-cars" problems that you are afraid of, despite being as unattended as ATMs or public toilets.
I'm not throwing imaginary technical solutions at you. I'm speaking how things are currently happening out there on the street.
Yes it is going to be different from unattended places and - in the case of carsharing - is arleady different today.
The main difference is that while both your examples (ATMs, public toilets) and cars (car-sharing, self driving autonomous vehicles) are 100% unattended,
the former are percieved more or less as anonymous (though in practice some of your exemple do have cameras, as you mention, but that still requires authorities to track down the culprit - which they won't have the resource to do systematically, only in case of a big heist), whereas as the later are definitely not simply due to the fact how these service work (either today for car-sharing or potentially in the future for self-driving cars).
As you're more or less anonymous in a public rest-room, or in front of an ATM (to which you haven't log-in already with your card), the GIFT comes into play (and this is nothing new to the internet, the concept of perceived anonymity possibly leading to anti-social behaviours has been debating since antiquity). The sensation that vandals have that: they aren't seen, won't be caught, and other will discover their deeds only to late - leads the vandals to feel impunity and try to do (litteral or metaphorical) shit.
Shared cars (and very likely future autonomous variants of it), by the very way which the service works, require you to log-in before being able to access the cars (They need to know who accessed which car when in order to correctly bill). You're not imagining yourself as an anonymous, uncatchable vandal. The person taking a dump in the car is clearly user John Doe, user-id #123456, billing info [blabla] - because he needed to unlock the door before accessing this substitue toilet, and he's required to provide that info to do the unlock. When the next user discovers the dump, billing you for the cleaning is absolutely trivial (just a couple extra line of code in the whole booking/renting/billing platform).
I'm not (only) speaking about a technical solution that will eventually need to be implemented.
I'm mostly pointing out that the current setup of car-sharing is a good enough psychological deterrent against poop-vandalism of cars. Not because of magic pixie dust, but simply by virtue of lacking the necessary "I won't get caught" sensation that is necessary to spark the antisocial incar-dump-taking behaviour.
Imagine a world were, before getting access to a public toilet, we need to first swipe both your driver's license and credit card to open a secure door.
Do you really think that you'll see as much vandalism as currently ?
That's how car-sharing work (and very likely future autonomous car will work) - because the whole system need it for administrative purpose.
My point, lost in this parade of people telling me I am wrong abot the whole thing,
Money laundering for utilities isn't likely...
Money laundering with bitcoins in general is a bad idea.
Once again, just to remind you that the whole central modus operandi is the exact opposite of anonymity :
The whole purpose for which bitcoin was created was to eschew the need of a central authority (As opposed to credit cards - on which MasterCard and Visa have a near-monopoly - online payment processor like PayPal which are more or less the defacto standard), to avoid situations such as MasterCard and Visa deciding to freeze WikiLeaks' donations or the various snafus of PayPal. They wanted something more like cash (which can freely change hands without problems) or somehting remind a little bit the SEPA system used by european banks (you can easily and (relatively) quickly exchange money between any random accounts, as long as both banks are member of this system).
This works by instead spreading the official ledger book (aka the blockchain) accross all peers of the network. There is no such things as anonymity in the bitcoin network, everyone can check all the transations ever. On purpose. So anyone can check that all transactions seem legit and the whole network can agree on it, without the need of a central authority.
At best you have some pseudonymity: The transaction aren't expressed using real citizen identities, but using cryptographic keys (So on a quick glance, you'll transaction validated by "key 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61", not by "real identity John Doe, address: ...").
On a quick glance the real-life identity behind each cryptographic transaction isn't revealed, but isn't beyond the Big-data analysis and computing power of a well motivated State. (by following all the various "money threads" formed by all the numerous cryptographic transaction, it's possible to cluster them, and boil down to a list of potential suspects).
So money laundering using bitcoins isn't a very intelligent decision. If a state-level agency (or any other entity with access to similar level resources) decide to go after your ass, they'll find you.
Not sure it's smart to give more power to the bitcoin folk though.
Yup, indeed.
Whether in fact bitcoin managed to actually achieve independence from central authority is open to debate:
Everyone *can* indeed check the blockchain.
But currently, most of the "mining" computing power is at the hand of a few chinese guys.
This is probably safer than a lot of other uses of bitcoin.
And actually somewhat useful:
a bill paid by bitcoin is stored forever in the blockchain. It can be checked by anyone.
No risk of losing the proof of payment and getting into administrative troubles.
Primary source
Sorry, everything in German. /.er fluent in Goethe's mother tongue (Official media is written in Schriftdütsch, not in dialect).
The English version of the City Website only contain tourist-oriented information. These news aren't translated.
But might be useful to other
There's already precedent with car sharing (car that you can quickly pick up for a short ride, while never interracting with any human being) :
- The company needs anyway to have the full billing information of their client (of course, you need to *bill* them for the ride).
- When the next customer enters the car, they'll notice the stupid things done by the predecessor, and they'll call customer service to complain.
- Customer service assigns the shit-discoverer to another (hopefully clean) car
- The soiled car gets blocked for reservation (and remaining reservations are re-assigned)
- A technician comes to pick-up the car and bring it for cleaning
- The car shitter (remember: the car-sharing companies knows precisely who booked which car when - they have a log of which customer card was used to unlock which vehicle. They need it to do proper billing) gets billed a huge fine to cover cleaning and act as a deterrent.
This fine is currently already working as an efficient deterrent against intentional car-shitting.
Never heard of- nor personnally experienced- finding such a shared car filled with poop.
The only difference with potential self driving cars:
- the users of self-driving taxis would eventually be legally allowed lay (more appropriate than "drive" in this context) passed-out on booze, thus leading to an increasing rate of car-shitting of the *non-intentional* kind (*).
- on the other hand, self driving taxis could autonomously drive to get cleaned instead of waiting a technician to come an pick them up.
----
(*) as in, the ride you have booked arrives at your place with the preceeding occupant of the car still inside, inconsious in their own pool of vomit and shit.
On the other hand, as a positive note, an autonomous car would be able to detect "failure to exit the vehicle at the intended destination" condition and subsequently try to seek (i.e.: autonomously drive to...) proper medical assitance for their passed-out passenger.
Google copied the entire iOS
Huh? Nope. Google bought a small start-up founded by former Google employee and which back then was already working for a Java-based Phone OS.
(Java was very popular for making software on feature- / smart- phones)
They just happen both to have been unveiled around the same time frame (2007).
Under the hood, they share nearly nothing:
- Android is a new beast, using a Linux kernel, but running an entirely new user-space, mostly based around a Java-like platform, instead of the regular GNU userland.
(again very common on older feature phone. Linux is a nice powerful kernel that comes for free. But most feature-phones didn't have enough power to run a full-blown GNU userland, thus tended to use custom software).
- iOS is a Mac OS X derivative : more or less similar BSD-ish root, but with a different GUI layer.
On the surface, none of them is anything new:
- They look similar to the earlier success Palm OS, which in turn look similar to Apple's own ill-fated commercial flop "Newton", which in turn shared a lot with the even older EPOC system by Psion, etc.
Apple just put the marketing effort to take a concept that is very popular in a smaller market (PDA) and bring it to a wider audiance.
Even if it took them a precedent failed attempt (the above mentioned "Newton"), and other companies were on a similarly successful path at the same time (Palm OS-powered smartphone started to appear around the same time, and at that point Palm OS was already very successful in the business world).
Had Apple not vulgarized smart-phone with the iPhone, palm would have been successful in it any way, and google would be releasing Android all the same.
and Samesung copied the iPhone hardware down to the last detail.
These are smartphones. It's a slab with a big screen and a touch interface. It's been these way all the way back from the dawn of PDAs.
(With the exception of Psion having a touch interface AND a compact clamshell keyboard. Since then it's touch screens everywhere).
Of course they are going to look more or less similar. But nobody is putting a tantrum because iPhone look remotely like Palm and iPAQ.
Windows is a copied version of the Macintosh GUI.
As mentioned by others:
- Xerox PARC actually invented and demoed the first GUI.
- Lots of company have started producing GUI, some with very little resemblance to Mac OS (e.g.: Amiga OS).
If there were a revolution in self-driving cars coming from Apple, you can bet its competitors are going to make billions copying Apple,
Or you can bet that it is going to be a big flop, like Apple Newton was on their first attempt at making pocket computers.
Or it's going to be the "meh" that Apple's iWatch is currently being. (Overpriced, not very interesting feature-wise, with a shitty battery life. Not very useful, looks like just an attempt to jump into the same bandwagon all the other constructors tried to jump in once they noticed the relative popularitime of Pebble's Kickstarted)
Or it's going to be as popular as iMac's original hockey-puck single button mice.
thanks to the pathetic IP laws that are not capable of dealing with the rapid IP innovations of the modern world.
Yeah, because trademarking rounded corner is totally non pathetic.
Apple use their patent portfolio as simply a weapon trying to block potential competitors.
I have Scriptblock and Ublock installed though.
Might be that the actual black-listed element is a malware-serving ad server.
Both you and I will never see it (thanks to Ublock),
the other poster happens not to have received this specific ad so no warning sign,
whereas TFA's Author happen to be served an ad from this black-listed server at the specific moment they took the screen shot for TFA, hence the warning box.
My conscience is clear, even if the law technically says I'm doing something wrong.
Depends. In some jurisdiction, this can be grey-zone, or even be considered legal under Fair-Use.
(Most of these jurisdiction are on our (European) side of the Atlantic pond)
Nope, he's the BSD user, *I* am the Linux user.
But I couldn't show up earlier: I was busy recompiling my kernel, sorry for being late.
Broken devices being replaced are a small minority...
Not in my experience: most of the people around me tend to break phone rather fast. About 1-2 years in, and the thing is basically good to throw away.
I'm actually the weird guy in this pool (I keep my smartphone and other such fragile electronics in holsters on my belt instead of leaving them in my pocket. I use screen cover, etc.)
And I'm getting question from friends about why I do keep old phones, instead of buying the latest iShiny.
and there's plenty of repair places to handle them as well.
But most repairs aren't cheap. And mid range phone's prices have fallen to the point were getting a new phone is getting interesting.
I only know two friends who are repairing their phones. :-P) and stick with it until she can get a new phone with her plan.
- One is starting to get her phone repaired, now that she has exceeded the replacements from her insurrance, maxed the number of phones she can get from her service provider, etc. Basically, repairing her broken phone is the only way she can have a phone short of digging some old Nokia from the cellar (which probably still has 50% battery left
- The other has bought a Fairphone for the explicit reason that it's easy to repair and she can ask me to quickly swap parts for her.
A $20 case will prevent the large majority of broken phones.
...which completely defies the current trend of trying to produce the thinnest and shiniest possible phone.
What's the point of buing a phone that is only 4mm thick and has its entire back body made of brushed aluminium, if you're going to keep it inside a thick layer of negative-shear-factor-goo ?
NOTE: I'm not against cases (I keep my phone in a holster on my belt), I'm against the stupid trend of thin phones and aluminium. Makes no sense when everybody needs to stick phone in cases.
Have a replaceable case part of the initial design (as it used to be with older thick PDAs and non-smart phones) instead.
True, but there are exceptions.
I do know that there are exception.
We could also cite the FairPhone & FairPhone2, smartphones where repairability is among the main features that it's company is proud of (the other point being fair trade in regards of conflict mineral and proper wellfare in the factory).
This things are designed to be easy to repair alone without needing any shop.
Don't under-estimate the absolutely catastrophic repairability of iPhone.
Yes, "we've reached Peak iPhone", in the sense that most people are happy with their current phone and don't need to exchange it with one with more features. The market is saturated, nearly every customer who would like to buy an Apple smartphone has already done so...
BUT
The modern smartphones arent the old non-smart phones of before. Those back then were durable to the point of being nearly indestructible, and weren't that hard to repair either. The only reason someone would ever have to buy a new phone would be if the newer had features that the previous didn't, and those features are becoming absolutely needed (e.g.: emergence of smartphones, apps, online services, etc. - phones becoming slowly pocket computers).
Nearly all modern smartphones are very fragile - they'll break very easily - and are a pain to repair.
(e.g: In the name of making even thinner devices and shinier metallic surfaces, they'll bend easily and crack.
replacing screen is a real pain where you basically need to re-assemble all the innards over the new screen, and using a heat gun to melt glue is as frequent as unscrewing screws was before. Don't forget to bring a soldering iron if you have the boldness to try replacing the battery.)
The main reason someone will buy a new smartphone is because the previous one is broken/needs a new battery, and the whole procedure costs nearly as much as getting a new smartphone.
So yes, indeed, bringing a new iPhone is the best idea Apple could have to fight "peak iPhone".
Not because the iPhone 7 would be much better than the iPhone 6 to the point that people will need a new one.
But because all the iPhone 5 and 4 will fail any time soon, and it will be cheaper to buy a new one than trying to repair them.
The catastrophic repairability of iPhone is their best feature for Apple: mean that they'll keep selling new phones to replace the broken ones.
They won't sell them anymore at the same speed as back when they were entering new markets.
But there's going to be a steady need for Apple to keep producing phones to replace the regularly failing ones.
They need to just integrate some of the already available cloud calendars.
The problem with cloud calendars are just how many of them there are.
- You might be using Google Calendars.
- But your friends organise your group's events over facebook
- And your local pen and paper RPG club coordinates over doodle.
- Then your work uses an MS-Exchange server
- and there's a couple of RDF-exported calendar you need to take into account too.
In this context: you DEFINITELY need 1 single calendar platform that is able to coordinate between all the above.
Palm's (then later HP's) webOS with its Synergy concept was absolutely marvelous from that point of view for smartphones)
(Jolla's Sailfish OS is the closest thing I've found as a successor for smartphones)
For desktop, LightningBird is a good candidate, once all the quirck have been ironed out (and some of the most important plugins included as a standard).
How would you make an urgent purchase by phone? More than once, I've purchased an airline ticket over the phone while I was literally in a cab on my way to the airport, I'd be pretty pissed if my bank would not allow that.
The problem is the same feature that enables you to buy a plane ticket over the phone with a "card not present" type of transaction, would enable absolutely any fraudster to impersonate you and empty you account / buy up to the card's limit simply by using some number printed on the face of your card that the fraudster could even have just glanced over.
(Yes, there are insurances against that, but still somebody is going to need to pay the cost. In the end this cost is passed to the customer as transaction fees and/or monthly fee).
The way I've seen "card not present" type of transaction handled here in around Europe, is out of band confirmation.
- A few years ago, I've got contacted by SMS by my bank asking to confirm directly to them the transaction.
(This part I haven't encountered for the last few years, so I don't know if it still exists.
Though I doubt that it is still in use, because back then the standard identification protocol was answering a couple of question that any one can quickly answer by searching modern social networks)
- Nearly every single transaction of the "card not present" type nowadays happens *on-line*. So still likely to happen over the phone, except using the "smart" part of the functionality of the phone.
A very huge proportion of online transaction I've seen use 3-D Secure system, which is basically also an out-of-band confirmation: a new intermediate page (in the purchase flow) or a new tab is opened asking you to log-in and confirm the transaction.
This confirmation is NOT served by the web merchant (or the plane company in your case) server, but by the bank's webserver. (Clearly indicated in the URL, all transaction authenticated using an up-to-date https).
Only once you confirm on the bank's website does the transaction goes through at the merchant.
(A fraudster would not only need the numbers visible on your card, but would also need to be able to log into your bank's 3dsecure page).
All the plan ticket I've bought online have gone through a 3d secure confirmation (EasyJet, StarAlliance, a few others...). Though I didn't by them while in the cab, but well in advance.
It's not that dissimilar from the way PayPal is handled by merchant: at some point the webshop redirect to page hosted on https://paypal.com/ that asks you to log-in to confirm the transaction.
And let's be serious for a minute:
you're speaking about airlines. with the present security circus, you're at least in for 60 to 90 minutes of queue in front of the security check. It's not that you're going to miss your plane if you take 5 minute more to buy the ticket before getting into the cab.
And there's still plenty of time to purchase your plane ticket at the airport using proper on-line identification while waiting on the queue.
Since I don't have a chip reader in my phone, I don't see how I'd be able to make a mobile web purchase either.
Actually, you do.
Phones' NFC, and card reader/credit card's RFID can talk to each other.
Some european bank do use as a 2-factor to authenticate your online session: stick your RFID card to your phone's NFC antena (example)
There's no *technological* limitation to your smartphone acting as a payment terminal using a simple app, though the only example I've seen use a bluetooth enabled contact-chip reader instead of directly accessing the card over NFC.
(I suspect current certifications won't allow a smartphone app to input a pin and sign a transaction)
but one day you could probably pay simply by sticking your RFID card against the phone's NFC antena.