So, downloading a film not only cost the distributors money (putting arguments over whether the downloader would have otherwise paid for it aside) - but also the government, which lost out on what would have been a taxable sale. So if you live in Pennsylvania, downloading a copy of "Batman vs. Superman" is not only is a lost sale, but you are evading paying any taxes due on the now-lost purchase. In other words: even though you downloaded it for "free", it does have a dollar value attached to it. So, to the government, you owe taxes on that download.
EMV is the half of the new system that gets the news coverage, but the other half, point-to-point encryption, is more important. The transaction gets encrypted in the credit card pad, and the merchant never sees the card information. So if you break into their network, there's nothing there to steal.
How does the merchant do settlement at the end of the day or representments without that information? Are you maybe thinking about tokenization, where the merchant is given a token by the processor to store in place of the card number? The token is then used for followup transactions.
I used to work for a credit card processor and had to test the systems for grocery stores with 20 or so lanes before they were installed. One of the things I was watching for was slow performance (way back in the day of X.25 links. Get offa my lawn.;) ), so I still pick that up regardless of the swipe versus insert dichotomy.
So what you're saying is that you don't know anything about how the EMV protocol works or how modern POS systems communicate with their processors and from there to the issuer, but you're going to toss out your $0.02USD anyway. Kinda like the guy telling the Tesla owner that his car isn't as fast as it could be. He knows because he worked on Model Ts back in the day and he can just tell that the Tesla just the wrong size jets installed in the carburetor.
The proper response is of course the same as the one given in the case of Arkell v. Pressdram:
Dear Sirs,
We acknowledge your letter of 29th April referring to Mr. J. Arkell.
We note that Mr Arkell's attitude to damages will be governed by the nature of our reply and would therefore be grateful if you would inform us what his attitude to damages would be, were he to learn that the nature of our reply is as follows: fuck off.
What is it about paying rent people find so appealing?
Some of it is related to accounting. Actual storage is capital equipment whereas cloud storage is a service and gets reported/taxed in a different bucket I believe.
No they haven't, read the description of their implementation.
No thanks, I would rather read their actual implementation (ie open source). The only way you can even begin to trust such a communications system is if it is open source and you can build the client from the provided source. Insert oblig reference to Ken Thompson's "Reflections on Trusting Trust" here. At any rate, the description of the implementation is not the implementation itself.
I'm assuming that you don't live in the USA and that you don't work in IT. Both apply to me. This is not as easy to do as you claim for a lot of us. First of all, while you can buy SIM cards in the USA, it's difficult. US mobile telephone service isn't really setup to work this way. Everybody expects you to sign a contract with a carrier for a certain number of years. Just walking down to some local electronics store and buying a SIM card off the shelf is not at all how things work in the USA. You have to go to carriers to get SIM cards here and those aren't really setup to be pay as you. You can do that sort of thing if you're willing to use crap disposable phones like with Tracfone, but not so much if you actually have a good phone.
I'm assuming that you don't live in the USA either, because your facts are way out of date. I just ordered a couple of new SIMs off of Amazon yesterday to swap out on phones. Here are a couple of examples.
War is not something that should be automated, we need to retain the potential of real losses to restrain our desire to engage in war.
More specifically, we need to retain the potential of real losses of members of the policy and decision maker's families. Their children should be just a likely as any other citizen's to be drafted and put in harm's way carrying out our foreign policy. When it might be their sons or daughters coming home in flag draped coffins, maybe they will at least pause for a second to consider all of the options.
I would love to see what would happen if they redesigned the AI's aircraft without the limitations imposed by having a meatbag on board that has to survive the engagement.
"the average data breach cost has grown to $4 million, representing a 29 percent increase since 2013.. 'The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don't have a plan in place to deal with this process efficiently,"
Certainly I understand the patrons can do little. The police, especially SWAT ought to be slightly more courageous. At least, they ought not be drunk. Of course assessment needs to be done, but continued fire and wounded victims indicates urgency. I would expect multiple-point breech (rip firedoors off) in about one hour.
I'm sorry if I missed it earlier in the discussion, but your qualifications for hostage rescue operations planning and execution are what exactly? XXX numbers of hours playing CounterStrike? I thought so.
Slightly off topic, but back in the 1980s our local vocational/trade school offered a career path as a punch card operator. You have to feel at least a little bad for anyone who opted for that vocation.
When our school finally got a computer with a screen, it was always snowing. I remember...programming was uphill. Both ways...but we were happy back then. Kids these days don't know how good they've got it.
Was your computer coal fired too like ours was? I remember going in early on Thursdays because it was my day to shovel coal.
Yours probably gets "first program" awards. My first was 1967 on an IBM 1401. Submit your FORTRAN card deck and come back in a few hours to see if it actually compiled. The good part is a life time habit of "desk checking" -- not for compile errors any more, but for logic errors. After all these years the code I check in tends to work right.
I recall the "good old days" when everything was batch. When submitting your program and getting the results required two trips to the computing center and were spaced at least 4 hours apart you desk checked the hell out of everything. That habit has never faded for me either.
How do you watch a video from YouTube? That's right, you download it with your browser. Should Mozilla expect a takedown notice for Firefox in the near future?
Depends on the return policy. Many B&M stores will price match for the same period as their return policy, otherwise people would just return the item and repurchase it anyway. Amazon charges return shipping if it's not due to a problem on their part (damaged, DOA, wrong item, etc) so it's got a bit of an advantage there.
Right up until the cost of returning the item is less than the price difference.
Slashdot Mirror
So, downloading a film not only cost the distributors money (putting arguments over whether the downloader would have otherwise paid for it aside) - but also the government, which lost out on what would have been a taxable sale. So if you live in Pennsylvania, downloading a copy of "Batman vs. Superman" is not only is a lost sale, but you are evading paying any taxes due on the now-lost purchase. In other words: even though you downloaded it for "free", it does have a dollar value attached to it. So, to the government, you owe taxes on that download.
Didn't the FBI get Dillinger the same way?
EMV is the half of the new system that gets the news coverage, but the other half, point-to-point encryption, is more important. The transaction gets encrypted in the credit card pad, and the merchant never sees the card information. So if you break into their network, there's nothing there to steal.
How does the merchant do settlement at the end of the day or representments without that information? Are you maybe thinking about tokenization, where the merchant is given a token by the processor to store in place of the card number? The token is then used for followup transactions.
It's slow either because the retailer has a bad connection to the payment service/bank or that the payment service/bank is slow.
If it were only that simple.
I used to work for a credit card processor and had to test the systems for grocery stores with 20 or so lanes before they were installed. One of the things I was watching for was slow performance (way back in the day of X.25 links. Get offa my lawn. ;) ), so I still pick that up regardless of the swipe versus insert dichotomy.
So what you're saying is that you don't know anything about how the EMV protocol works or how modern POS systems communicate with their processors and from there to the issuer, but you're going to toss out your $0.02USD anyway. Kinda like the guy telling the Tesla owner that his car isn't as fast as it could be. He knows because he worked on Model Ts back in the day and he can just tell that the Tesla just the wrong size jets installed in the carburetor.
If I copy the numbers off of the front and back of the card, I can use it online. Its referred to as a card-not-present transaction.
Please let us know who you write software for so we can avoid them.
What is clear is that you don't have any idea what use-case EMV attempts to solve.
Dear Sirs,
We acknowledge your letter of 29th April referring to Mr. J. Arkell.
We note that Mr Arkell's attitude to damages will be governed by the nature of our reply and would therefore be grateful if you would inform us what his attitude to damages would be, were he to learn that the nature of our reply is as follows: fuck off.
Yours,
Private Eye
Vine's Source Code Was Accidentally Made Public For Five Minutes
Incorrect.
Twitter's bounty program paid out - US$10,080 - and the problem was fixed in March (within five minutes of him demonstrating the issue).
Who knows how long the docker container was actually available to the public.
had its source code made publicly available by a bounty-hunter
Where did that come from? I saw nothing in the article or the blog post that said the "bounty hunter" made the source code available to anyone.
What is it about paying rent people find so appealing?
Some of it is related to accounting. Actual storage is capital equipment whereas cloud storage is a service and gets reported/taxed in a different bucket I believe.
Unless you're on a motorcycle :D
What do you call someone lane splitting on a motorcycle while using a cell phone to try and catch Pokemon?
An organ donor.
Oh, like he NEEDS an excuse?
No, he just doesn't want to have to pay unemployment so he has to fire the guy with cause.
No they haven't, read the description of their implementation.
No thanks, I would rather read their actual implementation (ie open source). The only way you can even begin to trust such a communications system is if it is open source and you can build the client from the provided source. Insert oblig reference to Ken Thompson's "Reflections on Trusting Trust" here. At any rate, the description of the implementation is not the implementation itself.
I'm assuming that you don't live in the USA and that you don't work in IT. Both apply to me. This is not as easy to do as you claim for a lot of us. First of all, while you can buy SIM cards in the USA, it's difficult. US mobile telephone service isn't really setup to work this way. Everybody expects you to sign a contract with a carrier for a certain number of years. Just walking down to some local electronics store and buying a SIM card off the shelf is not at all how things work in the USA. You have to go to carriers to get SIM cards here and those aren't really setup to be pay as you. You can do that sort of thing if you're willing to use crap disposable phones like with Tracfone, but not so much if you actually have a good phone.
I'm assuming that you don't live in the USA either, because your facts are way out of date. I just ordered a couple of new SIMs off of Amazon yesterday to swap out on phones.
Here are a couple of examples.
Thanks Slashdot for a buggy interface that reveals IP addresses through a GreaseMonkey script...
Please share. It's not the /. devs will ever fix the issue.
War is not something that should be automated, we need to retain the potential of real losses to restrain our desire to engage in war.
More specifically, we need to retain the potential of real losses of members of the policy and decision maker's families. Their children should be just a likely as any other citizen's to be drafted and put in harm's way carrying out our foreign policy. When it might be their sons or daughters coming home in flag draped coffins, maybe they will at least pause for a second to consider all of the options.
I would love to see what would happen if they redesigned the AI's aircraft without the limitations imposed by having a meatbag on board that has to survive the engagement.
Who is authorized to certify the Certification Authorities, and what would it take to finally have Comodo's cert revoked?
In your software and/or browsers, you are the ultimate authority. Don't like Comodo? Remove their root cert from your trust store.
"the average data breach cost has grown to $4 million, representing a 29 percent increase since 2013.. 'The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don't have a plan in place to deal with this process efficiently,"
said the guy who wants to sell you a service.
Certainly I understand the patrons can do little. The police, especially SWAT ought to be slightly more courageous. At least, they ought not be drunk. Of course assessment needs to be done, but continued fire and wounded victims indicates urgency. I would expect multiple-point breech (rip firedoors off) in about one hour.
I'm sorry if I missed it earlier in the discussion, but your qualifications for hostage rescue operations planning and execution are what exactly? XXX numbers of hours playing CounterStrike? I thought so.
Slightly off topic, but back in the 1980s our local vocational/trade school offered a career path as a punch card operator. You have to feel at least a little bad for anyone who opted for that vocation.
When our school finally got a computer with a screen, it was always snowing. I remember...programming was uphill. Both ways...but we were happy back then. Kids these days don't know how good they've got it.
Was your computer coal fired too like ours was? I remember going in early on Thursdays because it was my day to shovel coal.
Yours probably gets "first program" awards. My first was 1967 on an IBM 1401. Submit your FORTRAN card deck and come back in a few hours to see if it actually compiled. The good part is a life time habit of "desk checking" -- not for compile errors any more, but for logic errors. After all these years the code I check in tends to work right.
I recall the "good old days" when everything was batch. When submitting your program and getting the results required two trips to the computing center and were spaced at least 4 hours apart you desk checked the hell out of everything. That habit has never faded for me either.
How do you watch a video from YouTube? That's right, you download it with your browser. Should Mozilla expect a takedown notice for Firefox in the near future?
Depends on the return policy. Many B&M stores will price match for the same period as their return policy, otherwise people would just return the item and repurchase it anyway. Amazon charges return shipping if it's not due to a problem on their part (damaged, DOA, wrong item, etc) so it's got a bit of an advantage there.
Right up until the cost of returning the item is less than the price difference.
Until it runs ADA it will be a toy language for hipsters.
Let me know when it runs Lisp.
Here is the original article on the Kaspersky Labs site in case anyone is interested.
The article at securelist.com has a few more technical details and includes a list of the special track 2 values used to activate the functionality.