Don't use your cisco gear to manage dhcp. It's better utilized doing it's primary function of routing and switching. Set up a Linux box to do dhcp. Setup multiple subnets and use the "ip helper-address" command on the interfaces of your Cisco router's to forward the dhcp requests to your Linux dhcp server. It's simple to do. Once upon a time I setup a 5000k node network doing that very same thing.
If you tamper with the software or the hardware of the pinpad, it goes belly up and has to be replaced. At which time you also have to load new encryption keys into the ATM.
The problem with making the ATM storage read only is that you have to configure the device. There are a lot of configuration settings that have to be changed out of the box, with some of them specific to the ATM itself and to the processing company that it's using to process transactions through.
The ATM also keeps a electronic journal of all of the ATM's activity. It's kind of like a flight data recorder (black box). You have to have writable storage for that.
I go along the lines that ATM security standards are BOTH not being met and terribly inadequate.
One of the bigger rackets going on last year, with ATM's, was in San Francisco. An ATM provider were placing cheap ATM's with a money catch tray on street corners. Bum's would come along and stuff paper wads up into the catch tray so that the money wouldn't drop down when a person ran a transaction. Periodically through out the day the bum's would go and collect the money that never dispensed.
I think that this story is half bogus. PIN numbers aren't stored on a debit card. They are stored on a server located at a transaction network, that a bank uses to process their card base.
When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad. It's NEVER in clear text. The ATM machines and ATM transaction processing companies use a pivate/public key encryption system.
At least in the USA, the only part of a transaction that is encrypted down the wire is the PIN number between the ATM machine and transaction network. If the data is sent over the internet, the transaction is encrypted via a IPSEC tunnel or SSL.
I have not seen an ATM machine that runs on Windows XP. Most of the newer ATM machines run on Windows CE.
It would be trivial to sniff the network and grab card numbers if you had access to the network that the transaction was running across, but the PIN number would be much tougher to get. It's would be a little more complicated to get the card information based upon a device or software installed on the ATM to grab the card number as it's being swiped in the card reader. IF you could do that, then you could also get the track2 data that is loaded on to the card. That information consists of the card holders name and address.
Basically, I'm claiming BS on the article, as I see it as hype.
In the US, the only part of the transaction that is encrypted is the PIN number. All other information sent between the ATM and the card holders bank is sent in clear text. Some other countries require that the entire conversation between the ATM and card holders bank be encrypted, but I digress.
The original encryption between the ATM and the host processing server is a 3DES private/working key system. I'm not entirely sure the encryption between processing networks (star, plus, pulse, etc) and between processing networks and banks, but there are many networks and many more banks. Having some sort of system that required the networks and banks to share working keys of 300,000+ ATM's in the US would be a major undertaking and would require some major cooperation between companies who are in reality competitors. I personally don't see that happening, unless companies like Mastercard or Visa start requiring it.
Beyond that, there are other encryption systems in place for TCP/IP based ATM terminals the utilize SSL and IPSEC for communication over the Internet to a host processing server.
To everybody who is screaming "scam!", have you read into how the great depression started and what the government did to sway the great depression? You will find out that there are many simularities in how the great depression started and to what is happening now. Back then, the government had a mentality that the people with bad investments should be punished by losing their money, instead of the government stepping in to help. It obviously trickled down to every faccet of the United States and sent the country into an economic tail spin. The only thing that the government actually did was raise interest rates, thinking that it would curb bad loans. History shows that it didn't help.
Learning from the lessions of the great depression, the government is trying to be proactive in curbing what could be America's second great depression. Spending $700B hurts to think about it, especially with the national depicit. Think how much worse it could be though with 25% unemployeement and a non-existant credit market.
What pisses me off more than anything though is that the government allowed it to get to this point by removing a lot of the regulations placed upon the financial markets and encouraging risky investments. It's coming back to bite everybody in the ass.
Totally agreed. I see that someone learned his homonyms via an online course.
I concur. Someone learned their vocabulary via an online course. Their/There/They're are homophones (same sound). Polish/polish and read/read are homographs (same spelling). Bank/bank and stalk/stalk are homonyms (same sound and same spelling). Homonyms are both homographs and homophones.
I attended my university linguistics courses in person.
How about anything that supports H.323?
GnomeMeeting, NetMeeting, etc. It would be a lot easier to set up a multi-platform H.323 network than one that used proprietary protocols based on the various chat networks.
Developers, developers, developers, developers," the robot, developed using Microsoft Robotics Developer Studio product, repeated over and over, in an homage to Ballmer's famous rant. The robot also raised his arm, showing how he has the ability to "Chairs" according to the MIT student controlling his movements.
I thought they were going to talk about 'United Supermarket' and how they were going to force the consumers to use plastic, without the choice of paper or plastic.
Let's imagine for a moment that some average schmo can sue the telecom companies for eves-dropping on their phone calls. What's to keep the telecom companies from suing the U.S. Gov. because the gov told them to eves-drop? In the end the tax payers pay the bill.
It can't be an advertisement when Yahoo is offering the download directly from their website.
Yahoo is pushing IE7.
http://downloads.yahoo.com/internetexplorer/index. php?fr=yfp-t-501
On a humorous side not, Yahoo owns the domain "yawho.com
I saw a bunch of people with phrases like "yahoo?" and I thought it would be a funny domain, but they beat me to it.:)
so the music industry expects people to go buy loads of new music because they got a shiny new ipod? It's obvious that people would rip their own music collection from their cd's because they want to listen to their own music. It's ridiculous to think that people are supposed to buy more music because they can make it more portable. The music industry needs to take a hard look at it's sales model instead of blaming their down sized profits on other people and companies. Get a clue.
Bonhomie Snoutintroff is a plain-spoken strong leader in cyberspace. He did poorly in school but his family is rich and well connected, so he's served as CEO of numerous, well-known Internet ventures that for various reasons unrelated to his forward-looking guidance no longer exist. He developed a cocaine and alcohol problem, although he refuses to dwell on the past: his mission is to bring honor and dignity to the IT profession. His keen insight as a global techno-visionary is matched only by his Christian humility.
Pretty funny and how much integrity do you think that he really has?
To bring back xenix all he would have to do is buy sco since they are technically the same thing. Do you really see Microsoft buying Sco though?.. Look I'm a poet and didn't even know it.
Slashdot Mirror
http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?c=ecfr&sid=635f26c4af3e2fe4327fd25ef4cb5638&tpl=/ecfrbrowse/Title12/12cfr205_main_02.tpl
I don't have ADD. I was just... OMG a waffle!
I just had a flashback to 1999...
It's not censorship. It's enforcing the castle doctrine by protecting my property and family.
And funions, man. Yeah....
Don't use your cisco gear to manage dhcp. It's better utilized doing it's primary function of routing and switching. Set up a Linux box to do dhcp. Setup multiple subnets and use the "ip helper-address" command on the interfaces of your Cisco router's to forward the dhcp requests to your Linux dhcp server. It's simple to do. Once upon a time I setup a 5000k node network doing that very same thing.
I work in the industry and deal with it every day. It's as easy as reading the technical documentation on any ATM.
If you tamper with the software or the hardware of the pinpad, it goes belly up and has to be replaced. At which time you also have to load new encryption keys into the ATM.
The problem with making the ATM storage read only is that you have to configure the device. There are a lot of configuration settings that have to be changed out of the box, with some of them specific to the ATM itself and to the processing company that it's using to process transactions through.
The ATM also keeps a electronic journal of all of the ATM's activity. It's kind of like a flight data recorder (black box). You have to have writable storage for that.
I go along the lines that ATM security standards are BOTH not being met and terribly inadequate.
One of the bigger rackets going on last year, with ATM's, was in San Francisco. An ATM provider were placing cheap ATM's with a money catch tray on street corners. Bum's would come along and stuff paper wads up into the catch tray so that the money wouldn't drop down when a person ran a transaction. Periodically through out the day the bum's would go and collect the money that never dispensed.
I think that this story is half bogus. PIN numbers aren't stored on a debit card. They are stored on a server located at a transaction network, that a bank uses to process their card base. When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad. It's NEVER in clear text. The ATM machines and ATM transaction processing companies use a pivate/public key encryption system. At least in the USA, the only part of a transaction that is encrypted down the wire is the PIN number between the ATM machine and transaction network. If the data is sent over the internet, the transaction is encrypted via a IPSEC tunnel or SSL. I have not seen an ATM machine that runs on Windows XP. Most of the newer ATM machines run on Windows CE. It would be trivial to sniff the network and grab card numbers if you had access to the network that the transaction was running across, but the PIN number would be much tougher to get. It's would be a little more complicated to get the card information based upon a device or software installed on the ATM to grab the card number as it's being swiped in the card reader. IF you could do that, then you could also get the track2 data that is loaded on to the card. That information consists of the card holders name and address. Basically, I'm claiming BS on the article, as I see it as hype.
In the US, the only part of the transaction that is encrypted is the PIN number. All other information sent between the ATM and the card holders bank is sent in clear text. Some other countries require that the entire conversation between the ATM and card holders bank be encrypted, but I digress. The original encryption between the ATM and the host processing server is a 3DES private/working key system. I'm not entirely sure the encryption between processing networks (star, plus, pulse, etc) and between processing networks and banks, but there are many networks and many more banks. Having some sort of system that required the networks and banks to share working keys of 300,000+ ATM's in the US would be a major undertaking and would require some major cooperation between companies who are in reality competitors. I personally don't see that happening, unless companies like Mastercard or Visa start requiring it. Beyond that, there are other encryption systems in place for TCP/IP based ATM terminals the utilize SSL and IPSEC for communication over the Internet to a host processing server.
Erm, the government wasn't proactive in preventing the depression. They were very reactive, after the fact.
To everybody who is screaming "scam!", have you read into how the great depression started and what the government did to sway the great depression? You will find out that there are many simularities in how the great depression started and to what is happening now. Back then, the government had a mentality that the people with bad investments should be punished by losing their money, instead of the government stepping in to help. It obviously trickled down to every faccet of the United States and sent the country into an economic tail spin. The only thing that the government actually did was raise interest rates, thinking that it would curb bad loans. History shows that it didn't help. Learning from the lessions of the great depression, the government is trying to be proactive in curbing what could be America's second great depression. Spending $700B hurts to think about it, especially with the national depicit. Think how much worse it could be though with 25% unemployeement and a non-existant credit market. What pisses me off more than anything though is that the government allowed it to get to this point by removing a lot of the regulations placed upon the financial markets and encouraging risky investments. It's coming back to bite everybody in the ass.
Their two different beasts.
Totally agreed. I see that someone learned his homonyms via an online course.
I concur. Someone learned their vocabulary via an online course. Their/There/They're are homophones (same sound). Polish/polish and read/read are homographs (same spelling). Bank/bank and stalk/stalk are homonyms (same sound and same spelling). Homonyms are both homographs and homophones.
I attended my university linguistics courses in person.
You're such a homophobe.
How about anything that supports H.323? GnomeMeeting, NetMeeting, etc. It would be a lot easier to set up a multi-platform H.323 network than one that used proprietary protocols based on the various chat networks.
Developers, developers, developers, developers," the robot, developed using Microsoft Robotics Developer Studio product, repeated over and over, in an homage to Ballmer's famous rant. The robot also raised his arm, showing how he has the ability to "Chairs" according to the MIT student controlling his movements.
I thought they were going to talk about 'United Supermarket' and how they were going to force the consumers to use plastic, without the choice of paper or plastic.
Let's imagine for a moment that some average schmo can sue the telecom companies for eves-dropping on their phone calls. What's to keep the telecom companies from suing the U.S. Gov. because the gov told them to eves-drop? In the end the tax payers pay the bill.
It can't be an advertisement when Yahoo is offering the download directly from their website. Yahoo is pushing IE7. http://downloads.yahoo.com/internetexplorer/index. php?fr=yfp-t-501
On a humorous side not, Yahoo owns the domain "yawho.com
I saw a bunch of people with phrases like "yahoo?" and I thought it would be a funny domain, but they beat me to it. :)
hhhhhmmmmmmmmmm... toasted spam... I'm hungry now.
so the music industry expects people to go buy loads of new music because they got a shiny new ipod? It's obvious that people would rip their own music collection from their cd's because they want to listen to their own music. It's ridiculous to think that people are supposed to buy more music because they can make it more portable. The music industry needs to take a hard look at it's sales model instead of blaming their down sized profits on other people and companies. Get a clue.
Bonhomie Snoutintroff is a plain-spoken strong leader in cyberspace. He did poorly in school but his family is rich and well connected, so he's served as CEO of numerous, well-known Internet ventures that for various reasons unrelated to his forward-looking guidance no longer exist. He developed a cocaine and alcohol problem, although he refuses to dwell on the past: his mission is to bring honor and dignity to the IT profession. His keen insight as a global techno-visionary is matched only by his Christian humility.
Pretty funny and how much integrity do you think that he really has?
To bring back xenix all he would have to do is buy sco since they are technically the same thing. Do you really see Microsoft buying Sco though? .. Look I'm a poet and didn't even know it.
Not entirely true. Bell Labs operates under the name of Lucent Technologies. But Lucent is the equivilent of junk bond status on the market right now.
How about "Microsoft Windows 2000 Something"?