One of the key *selling points* of Apple products is that they are designed from the start to protect your data - principally because Apple typically chooses to never be a party to your data what so ever, thus eliminating them directly as a threat to your privacy.
In regards to Apple Pay:
Apple Pay is also designed to protect your personal information. Apple doesn’t store or have access to the original credit, debit, or prepaid card numbers that you use with Apple Pay. And when you use Apple Pay with credit, debit, or prepaid cards, Apple doesn't retain any transaction information that can be tied back to you—your transactions stay between you, the merchant or developer, and your bank.
https://support.apple.com/en-u...
Hey, we're Americans, not some kind of progressive island nation with 10 million people. We're a huge moving ship of 300 million and it takes time to change things, chip + signature is a huge step in the right direction. Why? Most of the scams involving purchases with stolen credit cards involve "carding", or simply stealing the magnetic strip data and reusing it online and on duplicated cards.
The chip eliminates this as the chip can't be skimmed in practice. The big credit card folks (EMV) would love to have you typing a PIN as a second factor, but realistically the chip alone will dramatically reduce credit card fraud. It's really going to be important after Oct 1st for retailers to support chip cards (Many readers now ask you to insert the chip portion of the card in the reader after a magnetic swipe...
http://time.com/money/4040808/...
Things like Apple Pay and (soon?) Android pay help with this as well, as skimming a tokenized version of your card is nearly impossible and not reusable.
I recently (last week) had a Amex card compromised, the carders first tried a $1 transaction on a whatever site, it passed, then a few hours later they took the card to nordstrom and tried to buy $1000 worth of crap. The Amex app on my iPhone notified me of a "potentially fraudulent transaction" and gave me a yes/no to accept the transaction. I clicked No of course, which caused them to call me right away and cancel the card. The Amex card that was used for my Apple Pay (which I use frequently) was *not* affected (as it is a tokenized version of the card)
These carder folks use legitimate websites to "test" the card, I read about this case here: http://www.candyjapan.com/cand... which nearly crippled this small business when thousands of "tests" for small orders came through.
For the record, I'm guessing my card was stolen at a gas station, which they are exempt from the new EMV laws until 2016 (according to the time article above)
http://support.ntp.org/bin/view/Main/SecurityNotice
Buffer overflow in ctl_putdata()
References: Sec 2668 / CVE - 2014 - 9295 / VU #852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Date Resolved: Stable (4.2.8) 18 Dec 2014
Summary: A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process.
Mitigation - any of:
Upgrade to 4.2.8, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page.
Put restrict... noquery in your ntp.conf file, for non-trusted senders.
Credit: This vulnerability was discovered by Stephen Roettger of the Google Security Team. w
Those reversible lanes ("suicide lanes") have been around in Phoenix since a lot longer, starting in the 1970's. http://www.azcentral.com/news/...
Phoenix is one of the few U.S. cities in the that realizes a) Public transportation doesn't work well in low density, post-WW2 US cities (aka, the sunbelt and west coast) and b) Grid pattern streets and excellent freeways are the only reasonable, cost effective short term strategy. What is the long term strategy? Nobody knows, except maybe to completely get rid of shitty low density cities, which will never happen. American people want their trucks and backyards, and they especially don't want to have to sit next to some poor person on public transportation.
The problem is that these data compromises are going to happen and that the current magnetic strip technology is laughably obsolete and insecure. Chip + PIN effectively mitigates the weakness in magnetic strip data by embedding a chip (physical, something you have) and a pin (something you know) into the transaction process, plus many other security enhancements. Current magnetic strip cards are authenticated purely by a string of digits (something you know) and are easily copied and reproduced.
It could have just as easily been a packet sniffing engine on a local ISP, cellular network, data center etc. Maybe in front of Amazon? Were these all transferred through snapchat, dropbox or some other file sharing service that leverages AWS or some other cloud provider? Were any taken from those services by admins?
My point is, many of these images were *taken* with non-apple devices and *deleted* before photo stream was a thing. At this point it is likely someone got access to a darknet cache of images -- the sources are unlikely from one location, but from many many sources over many years.
LTDR; 1. Enable 2FA 2. If you upload something to the internet, assume someday someone will be able to see it and do whatever they want with it. Are you okay with that?
Talent is usually worth paying extra for, so make your business a talent center and attract the top players. Then give them freedom to get things done and don't micro manage. Ask what isn't getting done (read: the small things, like documentation) and pay someone do to that. Grease the wheels. Allowing people to work from home *IS* a huge benefit for many people, and more importantly, lets people disconnect from the office. I tend to get way more done at home as the office is just pure interrupt driven non-sense most of the time. Technology work is difficult and frustrating, but on the bright side, can pay very well. Deal with it or don't play.
For those having a hard time understanding the naming convention,
Boring:
Not flashy, not exciting, not experimental, not sexy. Performs as expected.
In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.
Is this a direct offshoot of our "never a loser" upbringing? I'm afraid these kids who go out on a rampage, thinking the entire time *they* are the victim, may actually be a victim of the coddled upbringing that seems to be commonplace since the 90's. I'm talking about helicopter parents who refuse to let their children get Bs, get second place (or even, god forbid, last place) in any kind of competition. Then we see them unable to understand and cope with failure later in life and blame others instead of accepting defeat. Like most people, I blame the parents. I blame them for not letting them fail. Parents should provide positive influence and basic necessities for children, then get the hell out of the way and let children grow up on their own.
Children who grow up without siblings (ie compeition for parents time) seem to be particularly narrisistic and useless when combined with overbearing and coddling parents. Those
Iris scanners have lower false positive rejection rates and are more accurate than Retina scanners, which do exist. Retinas can become damaged and change with time, unlike the human iris which does not under normal circumstances change during lifetimes.
Iris scanners considered the best biometric authentication, they are also typically the most expensive (look up the LG scanner pricing).
Slashdot is quickly losing any clout it had gathered in the last 10 years thanks to these new editors in the past few years. I'm all for providing a critical analysis of companies, such as Apple or Microsoft, but this summary was just stupid. Microsoft has been making Office for Mac for YEARS prior to the investment they made in Apple in the late 90's, which was a token gesture to show good faith to the Justice Department because MS was under *criminal* review. They made a significant investment in Apple and brought IE to Mac (and they abandoned both as soon as they could).
Apple has been consistent about charging *everyone* the same percentage to host Apps on the App Store. Microsoft is _leaving_ _money_ on the table by being stubborn and not porting to IOS and playing nicely. Why is this Apples fault? Oh right, this is slashdot.
What happened with MSFT in the 90's and what is happening now are barely even remotely related and not some how ironic.
Is it any indication of how bad regulation and costs are that this sort of thing isn't a reality yet in SV, despite it being most densely populated area of nerds in the country?
Does anyone know of any other "official" reason why even Verizon FIOS isn't in santa clara valley? It just amazes me how shitty communication bandwidth is (wireless and otherwise) in the valley compared to podunk idaho or kansas city. What in the world is going on here?
Can anyone find what type of server/motherboard combo they used to get what appears to be a 9-slot PCI-e motherboard with 3x PSUs? They have 8 cards in one box and a infiniband card.. I can't seem to find what this is (or how I can buy it)
I've had more blue screens with Windows 7 then any other Windows OS. Finally started replacing hardware and ran memtest86 for a week and found 1, ONE, memory fault in millions and millions of operations. Replaced the memory (corsair brand to start with and bought another pair) and have had zero issues since. The reality of computing today is that any bluescreen/grey screen/kernel panic is largely irrespective of operating system, it's nearly always a subtle hardware issue. Which, much to the shagrin of microsoft, means alot of finger pointing. Apple people (like myself) just take our equipment into the Apple store and say "fix it" and they do (with Applecare, without a fee). Microsoft doesn't have that luxury and gets a black eye every time there is a bluescreen (which is also why they have gone to great lengths to certify vendors and hardware since the days of yesteryear).
Microsoft has great products, especially in the office environment (I can't function without Office). Self-described Apple person here, I still use Windows 7 often and tried the MS Surface, looks alright, but I like my ipad mini better. I will concede the Maps on surface/windows8 are WAY better, but that is a given.
People bought the iPhone because it was a ipod, phone, mobile communicator, and did all of those things very well. It is a gross oversimplification to say other devices had the features there was no need for the iPhone and the users are just dumb lemmings who buy anything Apple throws at them. Most people who don't "get" iPhones or Apple will never, for the same reason "there are only 10 times of people in the world, those who understand binary and those who don't". You don't get Apple because you can work around huge problems and shortcomings and only typically focus only on the amount of features instead of the quality of a few. People who buy Apple products do so because they "just work". They don't have 50 different ports on them for every competing standard, they don't have a covers, Apple focuses on making a few great ideas work really well, which is why they are successful. Engineers and nerdtypes don't get this, which is why they aren't the visionaries running the companies, they are instead slogging through the ranks doing what they are told.
Yes, they steal ideas here and there and make a great product. Sure, they sue companies that steal their whole product. And yes, they make the best American consumer electronic products, ever.
Remember "smartphones" before the iPhone? It took years for any company to remotely match what the iPhone had when it LAUNCHED. To summarize, every slashdot thread about Apple: Haters going to hate.
"Neal Ungerleider notes that cryptography pioneer and Pretty Good Privacy (PGP) creator Phil Zimmermann has launched a new startup that provides the illusion of industrial-strength encryption for Android and iOS where users will have access to encrypted phone calls, emails, VoIP videoconferencing, SMS, and MMS.
There, fixed it for you.
Does anyone really think any application that is layered on top of IOS is free from interception? Everything is an API, all hidden away, and as much as I love Apple, there is no way in hell I would trust any application running on that device to be free from covert interception(keyboard, voice, you name it). I'm not saying that app doesn't encrypt and do all the right things when transmitting over a network, but I'm going to assume everything is compromised locally on the phone.
And not to be a tin foil hatter, but really, who pays for this stuff and paid these guys salaries in the past anyways (hint, it was your famous uncle).
I live in Los Gatos and frequent many of the fine (and less-than-fine) establishments in the Area (I'm looking at you, Tommy's). What is your current favorite restaurant or place to eat in the area? What do you think of the Cinnamon rolls at Los Gatos cafe?
Best Regards
Slashdot Mirror
One of the key *selling points* of Apple products is that they are designed from the start to protect your data - principally because Apple typically chooses to never be a party to your data what so ever, thus eliminating them directly as a threat to your privacy. In regards to Apple Pay: Apple Pay is also designed to protect your personal information. Apple doesn’t store or have access to the original credit, debit, or prepaid card numbers that you use with Apple Pay. And when you use Apple Pay with credit, debit, or prepaid cards, Apple doesn't retain any transaction information that can be tied back to you—your transactions stay between you, the merchant or developer, and your bank. https://support.apple.com/en-u...
Hey, we're Americans, not some kind of progressive island nation with 10 million people. We're a huge moving ship of 300 million and it takes time to change things, chip + signature is a huge step in the right direction. Why? Most of the scams involving purchases with stolen credit cards involve "carding", or simply stealing the magnetic strip data and reusing it online and on duplicated cards.
The chip eliminates this as the chip can't be skimmed in practice. The big credit card folks (EMV) would love to have you typing a PIN as a second factor, but realistically the chip alone will dramatically reduce credit card fraud. It's really going to be important after Oct 1st for retailers to support chip cards (Many readers now ask you to insert the chip portion of the card in the reader after a magnetic swipe... http://time.com/money/4040808/...
Things like Apple Pay and (soon?) Android pay help with this as well, as skimming a tokenized version of your card is nearly impossible and not reusable.
I recently (last week) had a Amex card compromised, the carders first tried a $1 transaction on a whatever site, it passed, then a few hours later they took the card to nordstrom and tried to buy $1000 worth of crap. The Amex app on my iPhone notified me of a "potentially fraudulent transaction" and gave me a yes/no to accept the transaction. I clicked No of course, which caused them to call me right away and cancel the card. The Amex card that was used for my Apple Pay (which I use frequently) was *not* affected (as it is a tokenized version of the card)
These carder folks use legitimate websites to "test" the card, I read about this case here: http://www.candyjapan.com/cand... which nearly crippled this small business when thousands of "tests" for small orders came through.
For the record, I'm guessing my card was stolen at a gas station, which they are exempt from the new EMV laws until 2016 (according to the time article above)
Jailbroken phone susceptible to data ex-filtration while on special malicious network?? Apple is dying.
http: //support.ntp.org/bin/view/Main/SecurityNotice
Buffer overflow in ctl_putdata()
References: Sec 2668 / CVE - 2014 - 9295 / VU #852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Date Resolved: Stable (4.2.8) 18 Dec 2014
Summary: A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process.
Mitigation - any of:
Upgrade to 4.2.8, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page.
Put restrict ... noquery in your ntp.conf file, for non-trusted senders.
Credit: This vulnerability was discovered by Stephen Roettger of the Google Security Team. w
Those reversible lanes ("suicide lanes") have been around in Phoenix since a lot longer, starting in the 1970's. http://www.azcentral.com/news/...
Phoenix is one of the few U.S. cities in the that realizes a) Public transportation doesn't work well in low density, post-WW2 US cities (aka, the sunbelt and west coast) and b) Grid pattern streets and excellent freeways are the only reasonable, cost effective short term strategy. What is the long term strategy? Nobody knows, except maybe to completely get rid of shitty low density cities, which will never happen. American people want their trucks and backyards, and they especially don't want to have to sit next to some poor person on public transportation.
The problem is that these data compromises are going to happen and that the current magnetic strip technology is laughably obsolete and insecure. Chip + PIN effectively mitigates the weakness in magnetic strip data by embedding a chip (physical, something you have) and a pin (something you know) into the transaction process, plus many other security enhancements. Current magnetic strip cards are authenticated purely by a string of digits (something you know) and are easily copied and reproduced.
Read all about it here: http://en.wikipedia.org/wiki/E...
Chip + pin WILL be happening in America. http://blogs.wsj.com/corporate...
NFC-based payment system may have a chance to become popular in the mean time.
It could have just as easily been a packet sniffing engine on a local ISP, cellular network, data center etc. Maybe in front of Amazon? Were these all transferred through snapchat, dropbox or some other file sharing service that leverages AWS or some other cloud provider? Were any taken from those services by admins?
My point is, many of these images were *taken* with non-apple devices and *deleted* before photo stream was a thing. At this point it is likely someone got access to a darknet cache of images -- the sources are unlikely from one location, but from many many sources over many years.
LTDR; 1. Enable 2FA 2. If you upload something to the internet, assume someday someone will be able to see it and do whatever they want with it. Are you okay with that?
Slashdot: News for nerds, terrible at predicting anything that matters.
Talent is usually worth paying extra for, so make your business a talent center and attract the top players. Then give them freedom to get things done and don't micro manage. Ask what isn't getting done (read: the small things, like documentation) and pay someone do to that. Grease the wheels. Allowing people to work from home *IS* a huge benefit for many people, and more importantly, lets people disconnect from the office. I tend to get way more done at home as the office is just pure interrupt driven non-sense most of the time. Technology work is difficult and frustrating, but on the bright side, can pay very well. Deal with it or don't play.
For those having a hard time understanding the naming convention,
Boring: Not flashy, not exciting, not experimental, not sexy. Performs as expected.
In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.
Is this a direct offshoot of our "never a loser" upbringing? I'm afraid these kids who go out on a rampage, thinking the entire time *they* are the victim, may actually be a victim of the coddled upbringing that seems to be commonplace since the 90's. I'm talking about helicopter parents who refuse to let their children get Bs, get second place (or even, god forbid, last place) in any kind of competition. Then we see them unable to understand and cope with failure later in life and blame others instead of accepting defeat. Like most people, I blame the parents. I blame them for not letting them fail. Parents should provide positive influence and basic necessities for children, then get the hell out of the way and let children grow up on their own.
Children who grow up without siblings (ie compeition for parents time) seem to be particularly narrisistic and useless when combined with overbearing and coddling parents. Those
Bravo, bravo http://uncyclopedia.wikia.com/...
Google Maps was included with the initial release of the iPhone, before Android. Try again.
Know your audience, that's for sure. As far as how much detail to let them in on, send me the copy of the details and I'll get back to you.
Iris scanners have lower false positive rejection rates and are more accurate than Retina scanners, which do exist. Retinas can become damaged and change with time, unlike the human iris which does not under normal circumstances change during lifetimes.
Iris scanners considered the best biometric authentication, they are also typically the most expensive (look up the LG scanner pricing).
http://www.lgiris.com/ps/products/previousmodels/irisaccess2200.htm
http://web2.utc.edu/~Li-Yang/cpsc4600/6-Iris-DNA/IRIS-Retina.ppt has some good info on the differences.
Slashdot is quickly losing any clout it had gathered in the last 10 years thanks to these new editors in the past few years. I'm all for providing a critical analysis of companies, such as Apple or Microsoft, but this summary was just stupid. Microsoft has been making Office for Mac for YEARS prior to the investment they made in Apple in the late 90's, which was a token gesture to show good faith to the Justice Department because MS was under *criminal* review. They made a significant investment in Apple and brought IE to Mac (and they abandoned both as soon as they could).
Apple has been consistent about charging *everyone* the same percentage to host Apps on the App Store. Microsoft is _leaving_ _money_ on the table by being stubborn and not porting to IOS and playing nicely. Why is this Apples fault? Oh right, this is slashdot.
What happened with MSFT in the 90's and what is happening now are barely even remotely related and not some how ironic.
Is it any indication of how bad regulation and costs are that this sort of thing isn't a reality yet in SV, despite it being most densely populated area of nerds in the country?
Does anyone know of any other "official" reason why even Verizon FIOS isn't in santa clara valley? It just amazes me how shitty communication bandwidth is (wireless and otherwise) in the valley compared to podunk idaho or kansas city. What in the world is going on here?
Can anyone find what type of server/motherboard combo they used to get what appears to be a 9-slot PCI-e motherboard with 3x PSUs? They have 8 cards in one box and a infiniband card.. I can't seem to find what this is (or how I can buy it)
I've had more blue screens with Windows 7 then any other Windows OS. Finally started replacing hardware and ran memtest86 for a week and found 1, ONE, memory fault in millions and millions of operations. Replaced the memory (corsair brand to start with and bought another pair) and have had zero issues since. The reality of computing today is that any bluescreen/grey screen/kernel panic is largely irrespective of operating system, it's nearly always a subtle hardware issue. Which, much to the shagrin of microsoft, means alot of finger pointing. Apple people (like myself) just take our equipment into the Apple store and say "fix it" and they do (with Applecare, without a fee). Microsoft doesn't have that luxury and gets a black eye every time there is a bluescreen (which is also why they have gone to great lengths to certify vendors and hardware since the days of yesteryear). Microsoft has great products, especially in the office environment (I can't function without Office). Self-described Apple person here, I still use Windows 7 often and tried the MS Surface, looks alright, but I like my ipad mini better. I will concede the Maps on surface/windows8 are WAY better, but that is a given.
This too shall pass
People bought the iPhone because it was a ipod, phone, mobile communicator, and did all of those things very well. It is a gross oversimplification to say other devices had the features there was no need for the iPhone and the users are just dumb lemmings who buy anything Apple throws at them. Most people who don't "get" iPhones or Apple will never, for the same reason "there are only 10 times of people in the world, those who understand binary and those who don't". You don't get Apple because you can work around huge problems and shortcomings and only typically focus only on the amount of features instead of the quality of a few. People who buy Apple products do so because they "just work". They don't have 50 different ports on them for every competing standard, they don't have a covers, Apple focuses on making a few great ideas work really well, which is why they are successful. Engineers and nerdtypes don't get this, which is why they aren't the visionaries running the companies, they are instead slogging through the ranks doing what they are told.
http://qkme.me/3rget6
Yes, they steal ideas here and there and make a great product. Sure, they sue companies that steal their whole product. And yes, they make the best American consumer electronic products, ever.
Remember "smartphones" before the iPhone? It took years for any company to remotely match what the iPhone had when it LAUNCHED. To summarize, every slashdot thread about Apple: Haters going to hate.
"Neal Ungerleider notes that cryptography pioneer and Pretty Good Privacy (PGP) creator Phil Zimmermann has launched a new startup that provides the illusion of industrial-strength encryption for Android and iOS where users will have access to encrypted phone calls, emails, VoIP videoconferencing, SMS, and MMS.
There, fixed it for you.
Does anyone really think any application that is layered on top of IOS is free from interception? Everything is an API, all hidden away, and as much as I love Apple, there is no way in hell I would trust any application running on that device to be free from covert interception(keyboard, voice, you name it). I'm not saying that app doesn't encrypt and do all the right things when transmitting over a network, but I'm going to assume everything is compromised locally on the phone.
And not to be a tin foil hatter, but really, who pays for this stuff and paid these guys salaries in the past anyways (hint, it was your famous uncle).
I live in Los Gatos and frequent many of the fine (and less-than-fine) establishments in the Area (I'm looking at you, Tommy's). What is your current favorite restaurant or place to eat in the area? What do you think of the Cinnamon rolls at Los Gatos cafe? Best Regards
Jigga what? Jigga who?