Basically the banks have said that if a card has a chip and a merchant doesn't use it then the merchant gets to eat the fraud cost. So chip tech reduces the amount of fraud the banks have to eat the cost of.
But there are still a lot of non-chip transactions (e.g. card not present, merchants that refuse to upgrade) which are still as insecure as ever. While the merchant gets to eat the bill the customer and bank still have to deal with the rigmarole of identifying the fraudulent transactions and replacing the card.
ESTA-like crap is spreading. Canada introduced a similar system recently where nearly all visitors have to pay a fee for an advance authorisation. Schengen is threatening to introduce one but hasn't actually done so yet. Australia has two similar systems where one is chargable and the other isn't and which one you get to use depends on your citizenship.
The problem with git is that branches don't have proper history. There is the reflog but it is disabled by default on bare repos (main project repos are usually bare), can't be accessed remotely and is generally intended as more of a disaster recovery feature than a long term history feature.
Commits have history but that history doesn't tell you when the commit was pushed to the main project repo, it doesn't tell you what branch the commit was created on, it doesn't tell you who promoted the code from a test branch to master, it doesn't even reliably tell you when the commit was created or who created it.
It is thus easy to fall into a trap with git of thinking you are recording history but then when push comes to shove and you need to answer questions like "what code was on branch x of the main repo at time y" or "who decided this awful code was ready for pushing to the master branch" you are in a pickle.
Newegg has several ThinkPad laptops for less than $2k with 64 GB of memory.
Interesting,
Sager has offered them for many years albeit at a much higher price.
Afaict the first Intel laptop/mainstream desktop platform to support 64GB was Skylake released in September 2015. Afaict the first Intel high-end desktop platform to support was sandy-bridge-e with the x79 chipset released in November 2011.
It seems my previous post was off a little, On the one hand I found an reference to an x79 laptop only a few months after x79 was released but OTOH looking closer at the x79 laptops I found they seem to be listing a max memory of 32GB. I guess the manufacturers only put one ram slot per channel due to space constraints.
If you can find a reference to a laptop with 64GB of ram from 2014 or earlier I would be interested to see it.
Why would call him a liar when such hardware is so common and cheap?
The combination of Vista, 64GB of ram and a laptop just doesn't ring true. Any one of those things? sure any two? possible all three? highly unlikely.
Forced? Microsoft decided to not allow most customers to upgrade to 10.
Users of retail/OEM copies of windows 7 were pushed strongly upgrading to windows 10. There were certainly at least accusations of outright forced upgrades though I don't know how credible those were.
Users of 7 enterprise OTOH were not given the free upgrade. If they wanted to upgrade they had to do it through their volume license agreement and media (and depending on their status in said volume license agreement posiblly pay MS money).
I'm not sure what happened regarding users of 7 pro whose systems were activated with a VLK.
My personal vista laptop boots 10 just fine with the install DVD, but Microsoft doesn't allow me to upgrade. It's an i7 with 64 GB of memory(yes, on a laptop), so it's more than capable of running 10, but Microsoft doesn't allow the upgrade.
That is one heck of a weird combination. Windows 7 was released in mid 2009. X79 (afaict the first Desktop platform to support 64GB) was not released until late 2011 and afaict it took some time after that for someone to be crazy enough to stuff it into a laptop.
So either you got a machine with a Vista license over two and a half years after windows 7 was released. Your machine was downgraded to Vista for some reason (in which case you should have been able to get Win 10 by upgrading via win 7), you have a laptop with server hardware inside or you are making shit up.
You are allowed an adaptor with a C plug and an A or B socket but you are not allowed an adaptor with an A or B plug and a C socket. Furthermore IIRC low speed USB perhiperals are not allowed to use a standard detatchable cable (something about low speed needing different cable characteristics from full/high speed).
So assuming perhiperal vendors want to support both old and new systems makers of low-speed perhiperals (keyboards, mice, joysticks etc) will have to continue using the A plug.
*IF* everything is compliant that should never happen. Devices should only raise the voltage from it's default 5V after a negotiation process involving both devices and the cable. The problem is that there is lots of noncompliant shit out there and the introduction of "power delivery"* means a much higher probability of noncompliant shit frying stuff rather than simply failing to work.
* Technically power delivery can be implemented on a variant of USB A/B but it is far more common on USB C stuff.
Firstly there is lots of functionality but it is pretty much all optional. Maybe that port supports delivering lots of power to devices, maybe that port supports receiving power from a power brick, maybe that port supports host mode, maybe that port supports device mode, maybe that port supports displayport, maybe that port support HDMI, maybe that port supports thunderbolt, maybe that port supports USB 3.1 speeds, maybe that port supports analog audio. Lots and lots of room for user confusion and frustration there.
Secondly it is more expensive for implementers because for signal integrity reasons you need seperate LVDS transceivers for the two sides of the USB3 socket. In normal operation only half of them will be used. If you want to support the optional functionality like displayport or thunderbolt or power delivery that adds further costs. If an implementer only supports the aditional functionality on a subset of ports then users are going to get even more confused.
Thirdly you are allowed to have adaptors with a USB C plug and a USB A (or B) socket but not vice-versa. The implications of this for peripheral vendors should be obvious.
Fourthly a number of cable vendors have fucked up the power delivery stuff leading to cables that are dangerous to device and/or user.
I expect USB C to find a niche, it's useful as a univeral port on small but highly functional devices (smartphones, tablets, ultrabooks etc). It's useful as a "docking station" port for laptop users who only want to hook up one cable when they come to their desk but for the forseable future I expect most perhiperals to stick with regular single-function connectors.
1. there are many people in the US with exactly one reasonable option for broadband service 2. that option is often vertically integrated meaning if you want the broadband service you also have to take the ISP service. 3. many of those broadband providers are in the video distribution buisness as well as the broadband buisness.
So it doesn't matter who the user "blames", if the user can't get stable netflix streams they are probablly going to go elsewhere to satisfy.their desire to watch video conent. Quite possiblly to the company that provides their broadband service.
But a PROGRAMING language based in French or English (or any other "natural" language)? Does such a thing exist?
It depends on how narrow your definaition of "based" is. In general the syntax of programing languages is totally different from any natural language, but the vocabuary borrows heavilly from English.
I always though that the -few- "natural" words
In the core language spec relatively few words are used but once you include the libraries nessacery to do anything useful with the language you see a much larger number of words. Nearly always taken from english.
can easily be translated in any natural language
Could be but very rarely are.
(and even better: use symbols/ideograms instead!)
Works for a few of the most common things but you quickly run out of symbols that can be displayed and entered easilly on most computers arround the world.
Languages that require non-ascii characters have been tried but have remained the exception.
Interestingly here in the UK Amazon seem to be using their own courier service almost exclusively for prime orders, with the result that they usually arrive with one delivery guy even if they are sent in multiple shipments.
Note that figure is total cost, not marginal cost. Marginal cost of driving is more like 20 cents per mile.
It also requires that you spend an hour (give or take) round trip to Walmart and back, plus the aggravation of dealing with walmarts long lines and absolutely shitty customer service). So at minimum wage, you can add another $10 to that cost. On top of that, even if amazon isn't cheaper than walmart for any given item, there is someone out there that is.
OTOH delivery services generally require you to have someone wait in the house for hours.
Mail order was around long before ecommerce, just remember that.
Prior to ecommerce you either went to shops with a limited selection but where you could at least see the information on the product box or you shopped from catalogues with a slightly less limited selection but very limited information on each product.
Nowadays you can search on-line and have access to a massive range of products that would just not have been accessible in the pre-internet era. If you want to know more about a product there is usually plenty of information about it available too (though occasionally one does run into the annoying situation that important information is printed on the box but not available on-line anywhere). For common items there are many sellers competing for your business which keeps prices down.
The lack of stable interfaces (both ABIs and APIs) mean that not only can you not upgrade the propitary bits but you can't easilly upgrade the rest of the kernel either. Your hardware drivers stop you from easilly upgrading your network stack or the code that manages privilage seperation.
Firstly lack of updates, SoC vendors are notorious for porting one or two versions of Linux, throwing it over the wall to device vendors and then doing nothing to keep it up to date. Some SoCs can be use with upstream kernels but very often with reduced functionality. The device vendors in turn add their own customisations to that kernel that the SoC vendor threw over the wall. Quickly you end up with something that cannot reasonablly be updated to a new upstream version. It is possible to some extent to backport security fixes, but it's a lot of work so it is likely to get skipped entirely or at least restricted to the most-severe vulnerabilties.
Secondly the vendors doing the work often do it without really caring about security which can lead to busting big holes in the user-security model. Remember "exynos-mem"?
Thirdly if your application layer is full of holes then attackers will be able to get whatever privilages that application has. If that is root then the attacker has full control of the device. Even if it is not root the attacker may well be able to elavate to root due to the first and second points.
You have to understand that these features are mainly intended to protect the bank.
For card present transactions if the merchant does everything in the most secure way the card supports the bank takes the fraud liability. If the merchant takes card not present transactions or refuses to upgrade their equipment to support EMV by the deadline the bank gives then the merchant takes the fraud liability.
The little machine I used in the UK had a mechanical timer.
Every washing machine I have seen for sale in recent years in the UK has had electronic controls (there are lots of old machines with mechanical controls still kicking around though, presumably in places where they see relatively light use).
Technical issues aside one problem with chip and pin is it's vulnerable to shoulder surfing. A thief can watch the victim enter their pin, then steal the card.
Card companies are always trying to strike a balance between security and usability. Chip and pin does pretty well but it's vulnerable to theives who shoulder-surf the pin and then steal the card. It is also relatively slow (though that is partly down to crappy terminals). Contactless is far more convenient but much less secure. Chip and signature is vulnerable to inattentive operators and modified cards.
How will this option fare on conviniance and security? presumably that is what these trials are intended to find out.
Depends where you live, the American banks chose to go for chip and signature while the European banks (and afaict most other countries) went for chip and pin.
Slashdot Mirror
Basically the banks have said that if a card has a chip and a merchant doesn't use it then the merchant gets to eat the fraud cost. So chip tech reduces the amount of fraud the banks have to eat the cost of.
But there are still a lot of non-chip transactions (e.g. card not present, merchants that refuse to upgrade) which are still as insecure as ever. While the merchant gets to eat the bill the customer and bank still have to deal with the rigmarole of identifying the fraudulent transactions and replacing the card.
ESTA-like crap is spreading. Canada introduced a similar system recently where nearly all visitors have to pay a fee for an advance authorisation. Schengen is threatening to introduce one but hasn't actually done so yet. Australia has two similar systems where one is chargable and the other isn't and which one you get to use depends on your citizenship.
The problem with git is that branches don't have proper history. There is the reflog but it is disabled by default on bare repos (main project repos are usually bare), can't be accessed remotely and is generally intended as more of a disaster recovery feature than a long term history feature.
Commits have history but that history doesn't tell you when the commit was pushed to the main project repo, it doesn't tell you what branch the commit was created on, it doesn't tell you who promoted the code from a test branch to master, it doesn't even reliably tell you when the commit was created or who created it.
It is thus easy to fall into a trap with git of thinking you are recording history but then when push comes to shove and you need to answer questions like "what code was on branch x of the main repo at time y" or "who decided this awful code was ready for pushing to the master branch" you are in a pickle.
Do we have any independent evidence that this new architecture is any good or just AMDs marketing?
Newegg has several ThinkPad laptops for less than $2k with 64 GB of memory.
Interesting,
Sager has offered them for many years albeit at a much higher price.
Afaict the first Intel laptop/mainstream desktop platform to support 64GB was Skylake released in September 2015. Afaict the first Intel high-end desktop platform to support was sandy-bridge-e with the x79 chipset released in November 2011.
It seems my previous post was off a little, On the one hand I found an reference to an x79 laptop only a few months after x79 was released but OTOH looking closer at the x79 laptops I found they seem to be listing a max memory of 32GB. I guess the manufacturers only put one ram slot per channel due to space constraints.
If you can find a reference to a laptop with 64GB of ram from 2014 or earlier I would be interested to see it.
Why would call him a liar when such hardware is so common and cheap?
The combination of Vista, 64GB of ram and a laptop just doesn't ring true. Any one of those things? sure any two? possible all three? highly unlikely.
Forced? Microsoft decided to not allow most customers to upgrade to 10.
Users of retail/OEM copies of windows 7 were pushed strongly upgrading to windows 10. There were certainly at least accusations of outright forced upgrades though I don't know how credible those were.
Users of 7 enterprise OTOH were not given the free upgrade. If they wanted to upgrade they had to do it through their volume license agreement and media (and depending on their status in said volume license agreement posiblly pay MS money).
I'm not sure what happened regarding users of 7 pro whose systems were activated with a VLK.
My personal vista laptop boots 10 just fine with the install DVD, but Microsoft doesn't allow me to upgrade. It's an i7 with 64 GB of memory(yes, on a laptop), so it's more than capable of running 10, but Microsoft doesn't allow the upgrade.
That is one heck of a weird combination. Windows 7 was released in mid 2009. X79 (afaict the first Desktop platform to support 64GB) was not released until late 2011 and afaict it took some time after that for someone to be crazy enough to stuff it into a laptop.
So either you got a machine with a Vista license over two and a half years after windows 7 was released. Your machine was downgraded to Vista for some reason (in which case you should have been able to get Win 10 by upgrading via win 7), you have a laptop with server hardware inside or you are making shit up.
You are allowed an adaptor with a C plug and an A or B socket but you are not allowed an adaptor with an A or B plug and a C socket. Furthermore IIRC low speed USB perhiperals are not allowed to use a standard detatchable cable (something about low speed needing different cable characteristics from full/high speed).
So assuming perhiperal vendors want to support both old and new systems makers of low-speed perhiperals (keyboards, mice, joysticks etc) will have to continue using the A plug.
20V on a 5V rail is plenty to fry stuff.
*IF* everything is compliant that should never happen. Devices should only raise the voltage from it's default 5V after a negotiation process involving both devices and the cable. The problem is that there is lots of noncompliant shit out there and the introduction of "power delivery"* means a much higher probability of noncompliant shit frying stuff rather than simply failing to work.
* Technically power delivery can be implemented on a variant of USB A/B but it is far more common on USB C stuff.
I remain unconvinced.
Firstly there is lots of functionality but it is pretty much all optional. Maybe that port supports delivering lots of power to devices, maybe that port supports receiving power from a power brick, maybe that port supports host mode, maybe that port supports device mode, maybe that port supports displayport, maybe that port support HDMI, maybe that port supports thunderbolt, maybe that port supports USB 3.1 speeds, maybe that port supports analog audio. Lots and lots of room for user confusion and frustration there.
Secondly it is more expensive for implementers because for signal integrity reasons you need seperate LVDS transceivers for the two sides of the USB3 socket. In normal operation only half of them will be used. If you want to support the optional functionality like displayport or thunderbolt or power delivery that adds further costs. If an implementer only supports the aditional functionality on a subset of ports then users are going to get even more confused.
Thirdly you are allowed to have adaptors with a USB C plug and a USB A (or B) socket but not vice-versa. The implications of this for peripheral vendors should be obvious.
Fourthly a number of cable vendors have fucked up the power delivery stuff leading to cables that are dangerous to device and/or user.
I expect USB C to find a niche, it's useful as a univeral port on small but highly functional devices (smartphones, tablets, ultrabooks etc). It's useful as a "docking station" port for laptop users who only want to hook up one cable when they come to their desk but for the forseable future I expect most perhiperals to stick with regular single-function connectors.
Afaict the problem is threefold
1. there are many people in the US with exactly one reasonable option for broadband service
2. that option is often vertically integrated meaning if you want the broadband service you also have to take the ISP service.
3. many of those broadband providers are in the video distribution buisness as well as the broadband buisness.
So it doesn't matter who the user "blames", if the user can't get stable netflix streams they are probablly going to go elsewhere to satisfy.their desire to watch video conent. Quite possiblly to the company that provides their broadband service.
But a PROGRAMING language based in French or English (or any other "natural" language)? Does such a thing exist?
It depends on how narrow your definaition of "based" is. In general the syntax of programing languages is totally different from any natural language, but the vocabuary borrows heavilly from English.
I always though that the -few- "natural" words
In the core language spec relatively few words are used but once you include the libraries nessacery to do anything useful with the language you see a much larger number of words. Nearly always taken from english.
can easily be translated in any natural language
Could be but very rarely are.
(and even better: use symbols/ideograms instead!)
Works for a few of the most common things but you quickly run out of symbols that can be displayed and entered easilly on most computers arround the world.
Languages that require non-ascii characters have been tried but have remained the exception.
P.S. Sorry for my English.
Your english seems fine to me.
FTP was an established enough protocol that most NATs added specific support for it.
Interestingly here in the UK Amazon seem to be using their own courier service almost exclusively for prime orders, with the result that they usually arrive with one delivery guy even if they are sent in multiple shipments.
Though that lesson may be that some areas are simply not practical to deliver too.
Average of at least 46.2 cents per mile
Note that figure is total cost, not marginal cost. Marginal cost of driving is more like 20 cents per mile.
It also requires that you spend an hour (give or take) round trip to Walmart and back, plus the aggravation of dealing with walmarts long lines and absolutely shitty customer service). So at minimum wage, you can add another $10 to that cost. On top of that, even if amazon isn't cheaper than walmart for any given item, there is someone out there that is.
OTOH delivery services generally require you to have someone wait in the house for hours.
Mail order was around long before ecommerce, just remember that.
Prior to ecommerce you either went to shops with a limited selection but where you could at least see the information on the product box or you shopped from catalogues with a slightly less limited selection but very limited information on each product.
Nowadays you can search on-line and have access to a massive range of products that would just not have been accessible in the pre-internet era. If you want to know more about a product there is usually plenty of information about it available too (though occasionally one does run into the annoying situation that important information is printed on the box but not available on-line anywhere). For common items there are many sellers competing for your business which keeps prices down.
The lack of stable interfaces (both ABIs and APIs) mean that not only can you not upgrade the propitary bits but you can't easilly upgrade the rest of the kernel either. Your hardware drivers stop you from easilly upgrading your network stack or the code that manages privilage seperation.
The problem is threefold.
Firstly lack of updates, SoC vendors are notorious for porting one or two versions of Linux, throwing it over the wall to device vendors and then doing nothing to keep it up to date. Some SoCs can be use with upstream kernels but very often with reduced functionality. The device vendors in turn add their own customisations to that kernel that the SoC vendor threw over the wall. Quickly you end up with something that cannot reasonablly be updated to a new upstream version. It is possible to some extent to backport security fixes, but it's a lot of work so it is likely to get skipped entirely or at least restricted to the most-severe vulnerabilties.
Secondly the vendors doing the work often do it without really caring about security which can lead to busting big holes in the user-security model. Remember "exynos-mem"?
Thirdly if your application layer is full of holes then attackers will be able to get whatever privilages that application has. If that is root then the attacker has full control of the device. Even if it is not root the attacker may well be able to elavate to root due to the first and second points.
You have to understand that these features are mainly intended to protect the bank.
For card present transactions if the merchant does everything in the most secure way the card supports the bank takes the fraud liability. If the merchant takes card not present transactions or refuses to upgrade their equipment to support EMV by the deadline the bank gives then the merchant takes the fraud liability.
In the UK old machines had hot and cold feeds but modern ones are cold feed only.
The little machine I used in the UK had a mechanical timer.
Every washing machine I have seen for sale in recent years in the UK has had electronic controls (there are lots of old machines with mechanical controls still kicking around though, presumably in places where they see relatively light use).
Technical issues aside one problem with chip and pin is it's vulnerable to shoulder surfing. A thief can watch the victim enter their pin, then steal the card.
Card companies are always trying to strike a balance between security and usability. Chip and pin does pretty well but it's vulnerable to theives who shoulder-surf the pin and then steal the card. It is also relatively slow (though that is partly down to crappy terminals). Contactless is far more convenient but much less secure. Chip and signature is vulnerable to inattentive operators and modified cards.
How will this option fare on conviniance and security? presumably that is what these trials are intended to find out.
Depends where you live, the American banks chose to go for chip and signature while the European banks (and afaict most other countries) went for chip and pin.
Interesting, I wonder if there has been a policy change allowing /8 holders to split their blocks and sell the unused parts.