141 posts • joined 22 Sep 2007
Re: I'm not in opposition to Apple's fee.
There is no such thing as a free lunch. Even cash has a cost associated with it. For example, I worked at a retail chain years ago as a supervisor and one of my jobs was to take the cash and coins from the tills from the prior day, stock up our reserves in smaller denominations so that we could account for the fact that ATMs only spit out $20s and that the type of retail establishment we were meant that customers used us to break them into smaller bills ($2.50 item becomes $17.50 in change), and then place an order for rolled coins and singles from our local bank. Then once that was complete and the morning rush was done, I would drive over to the bank with the surplus, pick up the order, and return to the store with the cash and coins, fill up the till trays that needed it, and place the rest in the safe.
Between the counting, ordering, and driving, that was about an hour of my day. As I was paid hourly, it was a daily cost, in addition to the fees charged by the bank for the coins and bills (separate charge). And it usually seemed that without fail I would come back to a store filled with a long line of customers upset that they weren't getting their coffee in 2 minutes, which meant we always needed to keep an extra hand around for an extra hour so I could complete my duties (albeit at a lower rate than my own).
Larger retail chains contract out to firms that have armed guards and armored vehicles to transport the cash to a processing center.
And then there is the cost associated with the increased service time required for a cashier to handle transactions that are conducted in cash rather than a swiped card. Not as bad as waiting for the 75 year old check writer, but still a time sink. And there is always the chance that handling all that cash will increase the absentee rates due to more employees out ill as well as a slight increase in the opportunities for theft-as-a-servant, though most retail operations have figured out how to track tills in a way that makes it hard to get away with such a crime.
Re: "Tidy" Payday?
I think a valid question is what value add is Apple providing? You could argue (mostly with a straight face) that the Visas and MasterCards of the world are charging a fee for providing infrastructure, prompt payment, and payment integrity to the process by acting as a middleman to confirm that the CC is legitimate, it has an available balance, and that it wasn't involved in fraudulent activities seven states and fifteen clones ago.
Apple is just providing a key that unlocks a door to new locks that still need to be unlocked by the banks and credit processing firms. They are little more than an electronic version of a piece of plastic with a magstripe or chip that lets the retailer start the process of confirming payment. So even 0.15 cents on the dollar seems a bit steep for something that is almost entirely for the benefit of the consumer.
You forget one thing...
That charge is called overhead, and like most other types of overhead, the cost is factored into the retail price.
There is very much a charge to the user, though it would be spread out among all customers, not just the ones who use Apple Pay. These places aren't charities and are hoping that by being of the first-use bandwagon, they can skim a few extra sales from their competitors. But if this becomes widespread (or rather, this model), it means that like credit card transaction fees, they will be baked into the sticker price of each and every good or service for sale, regardless of if you pay with cash, credit, check, Apple Pay, or bits of string.
At least in the US, there nothing wrong with a monopoly per se. You can be the dominant player in a given market and it's fine. The problem comes up when that monopoly (or any number of companies in a given market) conspire or use the 900lb gorilla routine to ensure they remain in a dominant position.
So when Microsoft was making a mint off of Win 95, 98, and Office, that wasn't a problem. The problem was when they went out to Dell, Gateway, HP, Acer, etc. and used that position of dominance to strong-arm those OEMs into only loading MS products, threatening to raise prices, end licensing agreements, or played market participants against each other in hopes of keeping prices and volume higher than it might have been if said market participants had stepped out on MS for something else (*nix, Word Prefect, OS/2, etc.). If MS had just let those OEMs fall on their face for backing inferior or less successful products without interfering, no anti-trust action would have been taken. That's just market forces.
That's not to say Google is innocent of things, and the actions between Apple and Google to artificially suppress wages for their top employees is an example of anti-trust violations even without either having a dominant position as the sole employer of said top employees. The point is that being a monopoly just means you have to tread carefully and just make sure you keep innovating and staying a step ahead of the competition, without raising the barriers to entry so high that people start sniffing around for collusion or conspiracy.
It's called picking your battles. If you know or expect that a site or account is going to be well-built and administered and it's of high-value to you, then by all means take the time and effort on your end to not be that weakest link. That means hardening the password reset system by using fake questions and answers, for example, making hideously complex passwords that either can only be remembered through obscure and personal mnemonic devices and hashes or writing them down in a secured environment (so your home, not your wallet), and turning on two-factor authentication and keeping that 2nd factor on a device or account that is also protected in a similar manner.
But if it's high-value but associated with dodgy security practices, there is no reason to carry out the above, as it will just be compromised the next time the sys admin decides to install a turnkey device as a gateway to everything that has known unpatched vulnerabilities and keeps the install vanilla and default. Or they encrypt everything in plaintext and never bother to test for SQL Injections. Or has a hash table that is kept in the same vulnerable database as the username and password table.
In those cases, your best bet is to take simple steps (which vary person to person) to secure yourself, turn on all the possible alerts and notifications about changes or modifications, and then sit back and pray. It's not if, it's when. It might even make sense to change the password on a monthly basis, just so that when it is compromised, you limit the window of vulnerability. Or just stop doing business with such miserable failures and find a new provider for your high-value services.
I feel like I've read these comments before...
Every time a new study, database theft, or webcomic comes up regarding passwords, everyone has an oar to stick in. On one side, you have hardened IT security and ops bods; the folks who have been assaulted from both sides over the years and want nothing more than to tell the users and hackers to fvck off and die. On the other side, you have IT professionals and other super-users who come here who want nothing more than to access their bank accounts, email, forums, etc. without having to worry about complex password requirements or resetting those same passwords because someone made a hash (no pun intended) of database security and now a table dump of plaintext passwords with usernames is floating around out there.
I'm more of the latter group, though I did work in IT ops long enough to have developed a certain amount of contempt for users who think "letters and numbers, 6-12 character long" is an onerous password requirement. However, with my hundred or so logins between work, play, and educational pursuits, it's hit a point where every time a breach occurs, I'm likely impacted, meaning I have to go out again and change my passwords that might be related to the email address or username I used for the compromised site.
Because of that, I've developed a certain amount of cynicism over the years about the value of coming up with a 16 to 20 character password (assuming it's accepted by the site) that uses numbers, letters, special characters, etc. As amusingly debated above about the safe, the problem is that we don't know where the safe is, how it's protected, and how hard it is to penetrate. And that's assuming that your aren't being spear-phished or compromised by a man-in-the-middle attack that doesn't even care about best practices being used by both your safe-keeper and yourself (spear-phishing is getting better and better and even the smartest person can be hoodwinked by a well-crafted attack, or be surrounded by people who can be).
So for those most important sites, accounts, etc., assume the worst and make a unique password that is complex, enable two-factor authentication if possible, device-logging and notification, and even treat the security questions and answer routine as password-esque, keeping a hard copy of the questions and answers offline and in your possession. That's about all you can do, unless you have the money and resources to create a dedicated link to the site, get biometric verification implemented, and require some kind of at-login phone-call to a randomly generated number that always goes to your secured and special built phone.
Everything else is a crap-shoot and should be treated as such.
I think this is one of the few times I've agreed with you, Don. The public interest is served by knowing the name of the shooter. That or the police need to be forbidden from leaking names, addresses, shoe size, and everything else they typically "leak" when pursing a suspect, person of interest, or witness who isn't hiding behind a badge. Cops don't get special treatment because they are cops. If they commit a possible crime, even if on-duty, such information should be publicized. In fact, it should be the first thing they do: "Office Bob was involved in a situation today that left a citizen dead. As it's one of our own, the investigation is being turned over to <insert non-city police department or sheriff's office here> to ensure that Office Bob acted within accordance of the law rather than acted in a manner unbecoming of an officer."
Re: @Eric Olson
Yes, and if you had watched the freely available video, you'll see his resistance was standing there and saying, "Don't touch me." And while doing that, the murderer... I mean peace officer... jumps on the man's back, wraps his arms around the man's neck, and choke-holds him to the ground. I guess never mind that even within the NYC Police Department, such a move is banned and forbidden. The man said, "Don't touch me." That is clearly resisting arrest in a manner that requires complete and utter disregard by the officer of official policy, kind of like, I don't know, the Boston Marathon bomber. Totally in the same league.
You might want to look at the facts (as documented in video) before you try to pull stupid crap like that.
Re: On the matter of the public's right to know. (They don't!)
As a public employee, they actually have little right to privacy. Public servants in other arenas of government do not have it. If you work for the local DMV and you are terminated for cause, that's something the public can find out. By law (at least in many states) cities must publish the salaries and ranks of all public employees, but since that method of publication hasn't been defined, it usually becomes a matter of, "Here's a shovel. Start digging through these papers until you find what you want."
So no, there is no right to privacy. In fact, challenges to that have generally been thrown out on the basis that as government officials/employees, they are subject to more scrutiny and leave some of those pesky civil liberties at the door. As an agent of the government, they are protected less in that role than a regular member of the public. It's a thankless job, which why I'm constantly amazed that these folks try to protect the people who give them black eyes and tarnish public opinion.
Due process is fine, but when your initial reaction is that, "He's one of ours, so let's protect him regardless of how many extra 'warning shots' we found in the kid's body or that simple forensics shows he was running away," you do nothing but further the impression that your first duty isn't to the public, but to your buddies. A computer can't even count high enough to arrive at the number of times the police has released the name and information of citizens, public officials, and others because it was the public's "right to know."
Re: Has anyone given thought to the fact that...
I don't think anyone has disputed that something went wrong at the car. All reports are that a struggle ensued, which may or may not have involved the victim grabbing for or seeming like he was grabbing for the officer's gun. That is something only one person alive had a view of. What is in dispute is what happened next. If the kid was killed at the door of the car during the struggle, then how did he end up away from the car with six bullets in his corpse? It's hard to imagine that multiple witnesses who didn't know about the other witnesses had a similar story, where there was a initial gunshot, the kid went away from the car, and then turned around with his hands up, only to be shot some more. That's not a situation in which the cop is being threatened anymore.
Re: What happened to the principle of...
Public opinion never has nor never way held to that same idea. And as the idea of a perp walk is something that gets county and state prosecutors all hot and bothered, it's hard to understand why cops should be protected. Not to mention that cops are quick to leak and broadcast action against civil servants and public officials who aren't cops.
Jurisdiction and trial can easily be moved at the request of the defense. Additionally, this could end up being a federal case if there is a finding of civil rights violation by an officer of the government; the notion is that by acting as an agent of the city or state, the city or state cannot be impartial or unbiased arbiters and the US Federal Court needs to take over, just like how the investigation has been taken out of the hands of the city police department and transferred to the county, with the assistance of the FBI.
You just need to look to NYC
Where a man was killed by a cop for selling smokes without a license. Yes, the man had priors for similar activities. Yet when six (if I remember correctly) surround the man, one plainclothes office jumped on the man's back and put him in a choke-hold. The man eventually went to the ground, complained about being unable to breath, lost consciousness, and died at the hospital.
How do we know this? It was videotaped by a witness (who was later arrested by police for carrying a handgun). Choke-holds have been forbidden by the city for a decade, so much so that cops are supposed to receive alternative methods and be continually trained on them. Yet the fraternal order that represents the police closed ranks, in the face of absolute proof that the cop not only killed someone but did it by violating police procedure, and pleaded with the public and media that they should not be held accountable, as being a cop is hard.
The 90%+ of cops who are honorable and work day in and out to be peace officers are smeared by idiots like this, yet they still protect their own. Better to cast those fools out and revoke protection since it endangers the rest of them.
Re: Dashcam/incar video
It was already noted by the police department that the in-car dash cam did not have a view of the struggle as it occurred behind the wheel and to the side. And while the police department had purchased the vest-mounted video cameras for cops to wear, they hadn't gotten around to installing them yet.
I guess it was this cop's last chance to shoot some kid (struggle or not) before there would be video evidence to put him on the other side of the bars.
It just so happens that this is the same town that had a blow-up when the white school board dismissed the black superintendent without any kind of due process or evidence of the charges levied against him. The town has changed in the last decade from being majority white to majority black, but the powers that be are still all-white. And the US Justice Department was already investigating the police department on unrelated issues dealing with race.
Re: I don't buy it
It's kind of like work. If you have a guy or team that jealously guards their turf and demands some some form of recompense or tithe to use their systems, it becomes a problem. So say for an AI, humanity becomes that troll under the bridge.
In the real-world situation, you might use a situation (only we have the API to grant you access to the billing database) as motivation to reverse engineer or get them to provide expertise on a related project with a chance are reflected glory or new systems to control. 9-12 months later, that billing database is replaced by a sparkly new system that has a governance process making it hard for any one troll to set up shop under the bridge (sure, it might be a host of trolls, but now you have choices!). And as celebration you burn the old bridge to the ground and smirk as the trolls are walked out the door.
Nothing stops an AI from exploiting a faction or group of humans from making an end-around of whatever controls we put in place by limiting resource availability. The AI itself would have to be leashed, a la Asimov's Three Laws of Robotics or something. And even then, evolution can do strange things.
Re: I smiled
Except that is true. Amazon only sells products if consumers are getting a deal that makes the hassle of shipping and delayed gratification worthwhile. If I can head down to my local bricks and mortar and get the same product for nearly the same price, I'm satisfied now. Amazon can either use volume to make up for low margin or its ubiquity and expansive inventory as leverage on distributors.
At the end of the day, it is for the consumers... because without them, Amazon wouldn't have a business.
It's not that hard to restore...
If you right click in the space next to the tab, you can check the "Menu Bar" option and restore that Win 3.1-era UI element.
There is a point...
When you're claims are rejected enough times that the only recourse is the Supreme Court. Typically the other players in your market will try to keep you from going that far, as it might endanger lower court rulings in other circuits that are favorable.
In an oddity of the US Judicial system, if a district or circuit court (covers a number of states and there are 13 total) rules one way in a case, but a different court in another part of the country rules another (or takes a different tack to arrive at the same conclusion) you end up with different precedents. As the Supreme Court cannot overrule or invalidate those rulings without a party petitioning the court, this creates areas where certain legal action is favored. As each court is largely independent and able to have their own process, it can mean that some plaintiffs prefer certain settings.
If, however, you continue to sue and appeal, it will eventually reach the Supreme Court. If there is a lack of coherence among the various circuits, that tends to prod that old bear into taking a case. It's at that point that a point of no return is reached. You can't settle out of court once the Supreme Court takes on a case. So if in this case, Marvell tries to rely on a trick or procedure that is typically beneficial to IP owners in the hardware space, and it's found to be lacking in front of the Supreme Court, suddenly you aren't invited to the Silicon Valley Christmas parties, and you get a lot of mail returned as undeliverable or marked "Return to Sender." Just see the current software patent case that the Supreme Court entertained the other day. The list of software and IP holders on both sides is rather extensive. Someone is going to lose, and it won't be just a "Reserved for low-emission vehicles" space at the local Y....
I believe you're thinking of EndNote, unless there is a function of OneNote that I'm not aware of. It was the same mistake I made after I picked up Office Pro through HUP. Then my wife started a Master's program last summer, mentioned EndNote, and the repressed memories of my college days bubbled up through the alcohol haze.
Too late for me...
Through the home-use program, I picked up Office Pro for $10. While most of my OneNotery has happened at work where it's nice to link meetings in Outlook to the agenda and whatnot, I have found home use for it. Making a checklist is easy and it's pretty decent at helping me collate stuff around the house. Not quite as useful, but still worth the $10 for home use.
And yes, I will invalidate this post by saying I like the Ribbon.
Re: 6 m
Does that account for the crust rebound when all the weight of that ice disappears? Not trying to be snarky, I just know that the Great Lakes, formed by glaciers, is rebounding still thousands of years later.
So what about the SlingBox or other remote-viewing item that allows you to take what you've purchased and rebroadcast it to another device while outside (or even inside, I suppose) your residence? And what if you don't have a cable connection and rely on an antenna to pick up local broadcasting (and therefore free after equipment costs)? If I SlingBox my local network affiliate across the nation while I'm traveling, does that mean I'm rebroadcasting? We've already established here in the US it is perfectly legal to record broadcast television and watch it later or over and over for private use.
The problem you and others are demonstrating is a belief that there is some kind of iron-clad law or settled case law that defines all these vague and possibly conflicting definitions when the reality that there are none. The Act cited in the case was designed in the 1970s when cable television companies were a new thing. I'm sure if one wanted to go back and look, you would see the fingerprints of NBC, ABC, and CBS all over as they worked to protect their place in the broadcast world.
When ABC tried to take Aereo to court using the same tactic, the Second Circuit Court found that the copy made by the user using Aereo's hardware was not a public performance as the copy was limited to the user and the user's account; therefore it does not violate the Transmit Clause of the 1976 copyright act. This was after the court agreed that the legislative act in 1976 was specifically created to prevent cable companies from capturing a single over-the-air feed and rebroadcasting it to subscribers' homes. Perhaps also delving a bit too far into the technical minutia, the court also noted that if a Aereo subscriber picked a show and clicked Watch, there was a 5-10 second delay between the actual OTA feed and what the user was watching, which meant it was a copy (as it was technically being saved to a storage device) for private use, a key distinction when looking at the Fair Use ruling.
So it's not a failing of reading comprehension, it's the reality that there are numerous interpretations of the laws, case law, and technical specifications of how the service works. As I and probably most other people here (including the author) are not lawyers, our piecemeal interpretations of barely read acts and rulings is as useful as pissing in the wind.
I think we need to clarify a few things...
First, Aereo only offers to provide this service to you if you live in the same general broadcast area the signal is originating from. So if I live in Dallas (god forbid), I can't stream the local broadcasts from Chicago. Now, if I lived in Chicago and was traveling to Dallas, I could keep up with my local news (or the real issue, the various Chicago-area broadcasts of an NFL or MLB sporting event) by streaming them online to my laptop or tablet.
This is really a way for folks to get a clear signal of their locally-broadcast networks, which again, are broadcast for free (ad-supported, really) to anyone in the area with an antenna that can pick up the signal. And if you live in a very built up area or in an area that is a dead-zone, it can be hard to get that signal. And in today's world of digital signal, you can't watch a noisy signal and still see things with a snowy picture; it's all or nothing.
As far as ads, there is no difference between watching your local NBC affiliate over the internet, air, cable, or time-shifted. Today's ratings are based on numerous surveys that capture both in the moment viewing as well as same-day viewing (accounting for time-shifting).
I imagine that Judge Kimball's ruling will just become one more data point used by the Supreme Court when ruling on the matter (as they have already taken up the case). The federal appeals court where Aereo is based, New York, ruled in favor of Aereo, which resulted in the appeal to the Supreme Court. I believe other courts ruled in favor or Aereo as well, and this is the first loss they've suffered.
Re: Blame @ Charles Manning
The analogy is misguided. It relies on a genetic predisposition that could only be realized with copious amounts of training and resource investment and then it used as some kind of benchmark by which we should all somehow measure ourselves against.
Also, your tilt at the mythical equality champion falls a bit flat once people realize that only a small minority subscribe to a Marxist utopia or other similar paradigm. The reality is that equality, even in the loosest of definition, doesn't exist today, even in the richest nations. If it did exist, outside of the equal opportunity we share to have our mortal remains returned to the earth, many of the issues that plague us today might be less prominent.
The problem that a Tom Perkins or other 1% self-made martyr fails to understand is that we don't begin in the same starting blocks. In the 100m sprint of life, to rework your sprinter analogy, most of the 1% began somewhere around or after the 50m mark. Almost all of the richest came from at least a median household, and few who begin in a median household end up back at the starting line. It's an imperfect analogy, as it's a race few ever "complete" before they die, and people run backwards for a variety of reasons. But he's complaining that others are pointing out that he's further along and they think he got an unfair start, they were unduly hampered, etc.
That's not to say he didn't earn his wealth, but who's to say that if he were placed in different circumstances as a child, he would have ever attained what he did? The statistics say he likely wouldn't have advanced as far, and he might have just been a really dedicated coal miner or assembly line worked. Luck of the draw is more to do with the circumstances of your birth than the DNA you acquired during conception.
And finally, we really need to set aside the whole notion that your worth is measured only by what someone else is willing to pay you for a specific set of skills that may have nothing to do with survival or flourishing. We all have basic needs to meet, and if those are met, I don't see how it is anyone's business what I do after that.
I hope that a bit more bipartisan work towards revamping the idea of welfare (individual and corporate) into a basic income or guaranteed income notion, much like what some Swiss are trying to push. Everyone of a certain age and legal status (commonly legal permanent residents and citizens) are given a stipend each year that covers the costs of basic living, and do it as a cash benefit. Whatever that person wants to do with it, they can. This idea has proponents on both the right and left, because it replaces other inefficient forms of welfare, reduces bureaucratic overhead, is easy to implement, and since everyone is getting the same check, no one can whine like a jilted 5 year old on the playground about not getting their fair share. Tax based on income earned beyond that stipend, and keep it roughly equal up the chain. You could also do away with minimum wages or other wage supports and people can move wherever they want for a job without fear of losing benefits (a huge problem in the US today).
Re: Fueled by sugar, but fuel is not flammable...
Sugars are quite flammable. In 2008, a sugar plant in Georgia (state) suffered a catastrophic dust explosion that was caused by ignition of the sugar dust in the air. 14 people were killed and 40 injured; the fire burned at around 4,000F (compared to the usual 1,000F to 1,800F a typical building fire sits at).
Maltodextrin is different than surcose (refined sugar), but they both carry the same dust explosion issue. In a battery, where is is unlikely to be in a dust-like state, it won't be explosive and flammability might be limited, especially if in an aqueous solution. Nevertheless, sugars can burn, and burn hot.
Re: An important point...
And, as is the wont of living in America, that is a product that isn't available in my Top-15 metro area. Go figure.
Re: An important point...
I would also like to add that while I use the phrase cable TV, it's broadband. And to be clear, this is last mile stuff. The truth is that cable TV franchise agreements were how the copper, then fiber, networks were built out that allowed cable TV providers to get into the broadband business. DSL, because of common carrier and the use of those telephony assets, did provide competition to cable and multiple providers in the same region. But I believe there were some rulings in the late 90s or early 00s that allowed the owner of those phone lines to charge whatever they wanted to those DSL ISPs for maintenance and build-out, and the telephone companies certainly did that. So consolidation happened there as well. Hence the two options: Comcast (cable) and CenturyLink (DSL).
An important point...
It was mentioned that Americans don't have much choice in the ISP department. In a very large metro area, I have two choices for broadband: Comcast and CenturyLink. I've had both, and don't much care for the prices or customer service of either. In the last five years, both have moved to 2 year contracts with large ETFs; even with the contracts, they have the ability to raise prices above and beyond the usual reset to the regular price after a 6 month promotional period ends. If one began degrading my access to their competitors (in Comcast's, damn near anyone not part of NBC), I have to pay a large ETF, move to CenturyLink, and hope they aren't retaliating against Comcast. And if both decide that Google or Netflix has gotten too cozy in the content provider realm, I'm SOL. So it's not, as seemingly asserted throughout the article, that Americans are to dumb to notice; we just don't have the ability to anything about it.
And in case someone asks, the reason we have so few options is that a while back, Congress bought into idea that data delivery systems are expensive and require guarantees of usage to make it worth a service provider's money to build out. So every local city was able (required, really) to promise single-service provider access to their residents. These "franchise agreements" were fine when there were as many cable TV providers as metro areas. But consolidation in the late 80s and 90s meant that are are only a couple of national players; the handful of local or regional providers that remain are in the rural areas, as the Comcasts of the world deem those places too expensive to bother with. So we are left with wonderful results like a carriage-fee dispute for ABC or NBC (national networks with many cable-type channels) can leave whole regions (like the small area of NY, Boston, and DC) without one of the networks that make up 25% of the TV watched.
Even when the end-users might have some control...
IT comes in an complicates things because that's how it's always been done. For example, a current project I'm working on was RFP'd to external vendors because the IT group said, "Nope, we don't do that kind of custom work anymore." So with their blessing, a vendor was chosen who's solution had a key feature of allowing the business users the ability to create their own basic functionality (it's really simple stuff) within the framework that was created by Vendor/IT/Biz collaboration, and enhanced in the future through a typical development process. Just this week, one of the software architects went on a long presentation about how all changes, even to that business-controlled functionality, should be married to the 9 month development cycle for full IT development work, QA, IT version control, tollgates, etc. Never mind that the solution is replacing system that is business-driven and working, but running on an EOL'd platform, or that the business is on a 30-90 day TAT for new requests. At least one sane IT voice said, "Well, having a monthly release separate from the IT calendar would be wise, just so that the Help Desk knows what's coming if there is a problem."
I've been in both business and IT. I've seen complex business processes managed out of Excel spreadsheets who's original author left years ago, leaving the business with a "suck it and see" change management process. I've also been part of IT groups who think even document templates are an IT-managed resource, and woe to the business team who thinks they can run an end-around by creating their own (this really happened... I was floored that IT cared that much about a Word doc that wasn't part of any IT process). IT is necessary, as many of the skill sets necessary in business are not useful when it comes to development. But the fact remains that IT is not always agile enough to adapt to market changes, sometimes business process breaks a system regardless of intentions, and that just because something has an IC embedded in it somewhere does not make it an IT-owned asset.
Yes, I am saying exactly that. There are a few posts on his site relating to his conversations with smaller issuers and what they do when there is a breach like this. And they do it not to get it off the market but to get list of the impacted cards.
But while a copy might be kept, they have little value if they don't work. So I'm sure these theives know that some banks buy their customers back, so it ends up being a nice little extortion racket. But even so, the underground market had the books sorted by zip code, since nothing flags a transaction like it being 2,000 miles away just a few hours after the legitimate card holder bought gas by home. Being used in multiple locations even close to home at or near the same time is another simple flag, so they have an incentive to actually only sell a book once. It's no different than merchants of legitimate goods; if you sell crap wares, you don't have a lot of repeat business and eventually you have a lot of product that is going bad fast (and even faster once a breach is reported in the press).
Cloned credit cards are only useful in physical stores, as the CCV2 (the three-digit code on the back) is not required for swiped transactions. The other CCV is part of the same magnetic track that was stolen, but it is useless if your try to buy from Amazon. As credit card companies are required to provide fraud protection, the damage to a customer is minimal. Just check online for odd transactions, call the bank, file a report, and wait. Sometimes it requires a bit more legwork, but for the most part, it's no more than an annoyance. Most banks today recognize that if they shoulder the cost of fraud, they need robust systems on their side to detect fraud. In fact, in some cases it's gotten too good and results in declined swipes because you are traveling or buying something well outside your normal transaction history.
Debit cards are different and more secure. Whoever Target entered into a debit card processing agreement with, they agreed on an encryption standard for the PIN, as that is a "stronger" form of identity validation and probably is protected by law. Target is probably on the hook with the various issuers if they fail to encrypt that information, and Target does with one of the strongest options available in a commercial setting.
In the end, it sucks to change your PINs (just in case) and pay a bit closer attention to your cards. But Kerbs on Security already had a story of smaller banks going out to the credit detail shops online and buying back their customers information. At a cost of $25 are card, it's not cheap, but it's probably cheaper than settling fraudulent charges with merchants and consumers, and it gets you an exact idea of how many accounts were compromised and require reissuing.
Re: Now over 110M
Actually, it's called sensational reporting. Some bright bulb in the copy editing room remembered that when you add two numbers together, you get a larger number. The truth is somewhere between 70 and 110 million. The likelihood that there is no overlap between the credit card transaction theft and the customer database theft approaches zero. And given the brand loyalty exhibited by Target shoppers (at least until recently), many of those 40 million who suffered credit card detail theft are also in the Target customer database that was compromised.
I don't think this is a repository of personal information...
Based on the design schematics that were published when this originally blew up, there is little personal information stored within the website architecture itself. Rather, it relies on taking the information entered by a user and makes numerous calls to other, non-public sources that are outside of the website itself. Presumably, that would require knowing a person's information if you wanted to plumb the depths of what the government has on you.
Of course, if the profiles that users have to set up are in fact stored within the public-facing system and can be accessed through the tried-and-true methods of SQL injection and the like, that's a problem. However, evidence to this point suggests such access does not exist (as pointed out by another commenter, the existence of SQL in the autocomplete only shows it's a frequently searched term by users, not a welcome mat with a key underneath). Executing a call to a separate system typically isn't that easy and would require a lot more knowledge of the design of the system as opposed to script-kiddies with too much time on their hands. A DDoS attack is still the mostly likely (and most damaging, from a PR standpoint) attack vector.
Part of the problem...
Is less pirates and more boneheaded ordinance. As written, a candidate cannot be eliminated from consideration until all other candidates before them are verified to have more votes. By ordinance, all candidates who are mathematically impossible to be elected must be eliminated at once. That's not too bad, as it's pretty easy to count all the first, second, and third choice vote for a candidate and say, "Yup, they can't exceed even these candidates first-place votes." And in the case of Minneapolis for this specific election, all other candidates first, second, and third choices could not exceed the eventual winner's first-place votes. But the problem is later in the ordinance:
Mathematically impossible to be elected means either:
(1) The candidate could never win because his or her current vote total plus all votes that could possibly be transferred to him or her in future rounds (from candidates with fewer votes, tied candidates, surplus votes, and from undeclared write-in candidates) would not be enough to equal or surpass the candidate with the next higher current vote total; or
(2) The candidate has a lower current vote total than a candidate who is described by (1).
So, instead of just saying, "Yup, Betty's first place votes exceed the combined first, second, and third place votes of all other candidates", a condition which was known very early on, following the ordinance meant they had to manually disqualify, via clause (2), that each candidate did not get more than those in front of them, because of the higher level requirement that all candidates must be eliminated at once.
Chalk one up for over-analyzing all possible outcomes and trying to define all possible terms, even the ones that seem rather unambiguous.
And for those who care, the winner was finally declared a a couple of hours ago.
"During routine website maintenance, a home page prototype was accidentally moved to the actual site. As with any mistake in testing, engineers noticed the error and quickly brought the site back to its normal
functionfiction," Jeff Misenti, chief digital officer at Fox News, told The Register in a statement.
I will say, the teachers and social workers I know tend to the happiest about their career, if not their compensation. It says a lot about both the UK and US that we laud those who sit in a cube, take orders, and do the 21st century equivalent of the assembly line work (myself included), but we gleefully take the piss on those who dare to do something they enjoy for less money, less respect, and even less safety. For example my wife, a teacher, has been physically and verbally assaulted doing her job, both by students and parents, while the worse I have to worry about in my cube farm is a pissy email from some colleague who thinks red, bolded font is threatening. I've also never been barricaded in my cube by coworkers who decided to stage a riot, or had people intentionally distract me so a partner can sneak into my cube and steal from my backpack.
Perhaps as a whole, we should really rethink what we venerate and why those who are unhappy about how little control they have over their work situation are somehow "better" than those who take risks.
Obviously, I can only go on anecdotal evidence. Yes, Lewis really took the piss with the published work, and I cared enough, I might even read through the actual paper. But as Can't think of anything witty... said, Psychology is not an easy subject, and it's no more a soft science than Computer Science is the same as IT. Accounting for differences I've seen between the US and the UK, psychology tends to pad the early courses with the Freud and Skinner, because they are often used as classes for general education credits and it's easier than trying to learn about action potentials, anatomy, and neurochemicals.
My experience is that most psychology professors laugh, outwardly even, at the crap produced in the early to mid 20th century that is passed off as psychobabble in media today. It's only those who want to major in psychology that get introduced to the neuroscience, psychophysiology, chemistry, and the like. Once you are there, the first thing you learn is statistics... real statistics. And not just how to use Minitab, but the logic and rules behind the theory of statistics. You also learn the same research methods found in medicine and science, like lab procedures, ethics, etc. It's all there. And it's not easy.
And personally, I work in IT, or would if my current company hadn't worked hard to keep business and system analyst hybrids on the business payroll (I'm sure it makes the accounting easier). My math and analytical background from psychology has opened more doors than if I had signed up to learn programming languages in college (in retrospect, it would have opened more doors to have at least learned some along with my degree, even if I didn't want to go through those doors right away). Not to mention the stigma in interviews is not nearly as bad as what IT folks experience (I'm assumed to have people skills... ha!)
I also love the bitter grapes that people have over "working hard" in college, while assuming others did not. I knew CS majors and math majors who were just as likely to sleep through class, get drunk every night, and still stumble to the finish line and get a degree. Psychology had them as well, and if my brother's description of his engineering university is anything to go by, they probably lost more engineers to drowning in their own vomit than academics. It's what college students do, and some can handle it, others cannot. To belittle an entire field of study because you don't understand it is rather ballsy, especially when there is nothing other than your own bias and superiority complex to back it up.
Re: @Tom 13
Most of what you are said was subjective, conjecture, gross exaggeration, or outright distortion. And then you delved into the world of paranoia and tin foil hats with the spying and the IRS, followed up with a healthy dose of "woe is me” martyrdom. Bush spied, Obama spied. The IRS went after crock-o-crap groups who filed like mad in 2010 to exploit a loophole, and those groups got mad they were caught being utter cocks. The fact that liberal groups also were checked at roughly the same rate (and rejected, something the right can't claim happened) doesn't register in your mind, because, you know, tin foil.
I’m not looking to engage you in discussion, mostly because it would be fruitless and filled with your own personal rants about particular grievances you or the website you couched your talking point from have against the government, people who work for the government, people who used the government, or people who might have six degrees of separation from government. Just wanted to make sure you and others knew how off-base and completely meritless you “responses” to another person’s post were.
Re: They did add a pony
SNAP today is limited to "healthy" items. It's not just a cash benefit; there are very specific items that qualify. For example, many fruit juices don't qualify, because of the massive amounts of sugar they have for very little nutritional content.
Also, the reduction that is going into effect after Oct 1 is happening because it was a temporary increase as part of the stimulus bill in 2009. What Republicans want to do is remove a provision from a 1996 bill that allowed states the leeway to suspend a the 3 months of SNAP in 36 months for able-bodied, unemployed, childless adults. In times of economic duress, states are allowed to suspend the requirement that such folks get jobs or go to job-training programs if they want to continue in SNAP. Many states have suspended that requirement because of the economy. Republicans want to do away with that, in addition to reducing the already scheduled to be reduced SNAP benefit (which is about $4/day/person for those with the lowest income... not exactly Oscar-style filet mignon... or even McDonalds-style "food".)
Re: The Republican Dream
The "pox on both houses" sentiment is valid only if you want to take the most cynical look at politics. Not to say that you are of this ilk, but time and again, attitude and behavior research shows that the so-called "indepentents" and "both parties are the same" folk are ones who talk big but don't tend to know a lot about the political process, party platforms, or even basic information like their Congressional Representative. To put it lightly, such attitudes are the provence of folk who don't care but want to pretend they have a good reason not to care.
You could be an exception, but in that case I would question your knowledge of what the core principals of each party are, the various splinter groups within each party, the regional differences that can explain a lot more about the propensity of a Representative or Senator to vote in a way that might seem counter-intuitive or like they are "in the pocket" of lobbiests.
If you are trying to come up with another way to say, "I don't like either party because they don't represent my views," that's fine. But then you should at least have an idea of what other organizations out there represent you. As I tell others who complain about the current process: It's fine if you don't like it, it's fine if you feel left out. But if you want to be taken seriously, stop hand-waving the entire thing away and using it as an excuse to be apathetic and apolitical. If you truly care about these issues, you would expend some of that energy finding like-minded folks, something that is easier today than finding a lobbiest in Congress. Stop complaining and do something or stop pretending you care.
I hope you are are aware of the whole vsync thing, so the 60Hz screen limited to 60 fps, while the 120Hz screen can hit 120fps, assuming it has a video card beefy enough to drive it. And I believe those were first-person shooters, so games that have other things to account for, like perceived and real latency and lag between game action and user input.
Human vision is more attuned to movement than static images. A flickering light is really just a static image, where as a video will likely have movement and keep the eyes and brain on high-alert. You should try staring at yourself in a mirror for a while with a single point of focus, and see what happens. Here's a hint: Your brain gets bored and plays games with itself....
Re: "Modern", "streamlined", what?
My honest to goodness experience with web UI redesigns in various companies in the past is that they were unintended outcomes of backend changes. Be it because of a vendor change, an owner change, or some other change, the new hardware and/or software that served the business and warehoused the data turned out to be incompatible with the portal or other web front-end that was currently deployed. So invariably, it required a redesign, which was usually an excuse to troll through hundreds and thousands of comments, emails, IMs, tickets, and other dusty relics to determine what users wanted.
Usability studies, UX consultants, UI designers, and the like were typically left out until the very end, usually after the architecture work had been completed, meaning that the UI was a complete and total afterthought. So the DB would be set up with internal tools in mind, rather than serving the UI. And I wish I could say that these redesigns were for deployments that had minimal customer interface or just was an alternative to direct queries on the DB, but no. These were the public face of billion dollar companies or web-based internal applications that served the foundation the company was built on.
Of course, there are always excuses to be made for botched implementation, but it will probably be some poor schlub or hastily press-ganged consultant who's forced to fall on their sword to protect the VP who dreamed up the pig's breakfast. If they are lucky, that act of protection will result in a new appointment elsewhere as part of the compensation....
I always thought...
That Yahoo! Groups were the place for cash-strapped high school students to troll for pron... years ago. I'm surprised as you to find out they both still exist and apparently have enough users to get upset about it. You'd think they'd have migrated to other free pron sites by now.
Re: I have to wonder...
Once again, you miss the point. At no point did I say, "Government, monitor away!" In fact, my original post and my follow up detail that the problem is that someone like you sits here and whines about what the big bad government is doing, yet giving a free pass to non-government entities who are doing much the same. And if the PRISM revelations are anything to go by, that unchecked data collection and monitoring by corporations just gives governments a one-stop shop to pick up a dossier on anyone they please.
So one more time: Those who froth and foam at the mouth about big bad government collecting data but then turning a blind eye to commercial collection of the very same data completely miss the majority of risks when they go on about privacy and freedom.
Re: I have to wonder...
Really? You don't think peoples lives can be ruined just as badly though identity theft? People don't get jobs because of bad credit scores. Is having no income or low income worse than the chance you might be hassled over an off-color joke about the government? Or perhaps through the leaking of intellectual property that causes monetary loss? Different laws in different lands, I suppose, but the reality is that the risk of finding yourself on a Gitmo holiday is less than being struck by lightning, and being there because of mistaken identity is much less. You are more likely to be shot to death by the police while trying to board a subway. Heck, you're more likely to be on the business end of a Predator strike because you had the unfortunate luck of living in a village or outpost that a target of value decided to hide in. That doesn't make it right, but that's the reality.
And do you forget the number of companies that The Register has had articles on who routinely use Facebook and other social networking sites to spy on prospective and current employees? And let's not forget the almost daily (even now) stories of companies who have had their websites compromised through a simple SQL injection, spear-phishing attack, or other security breach that allowed the perps to wander away with account information that could contain sensitive information or be used to procure additional sensitive information elsewhere.
The simple fact is that in risk analysis, people who are worried about the personal consequences of the government having information on them are missing the real risks. These are the same people who think planes are the most dangerous form of transportation and children are always snatched by strangers, yet think nothing of getting behind the wheel of a car every day or handing their kid off to a non-custodial parent or grandparent who they just threatened to cut off completely. You can worry about your all-expenses paid rendition holiday to the former Eastern Bloc; I'm going to keep monitoring my credit score and push to have companies disclose all breaches promptly and held liable for any personal damage that occurs. In 10 years, I'm sure I'll have more problems to deal with than you ever had.
And if you are doing anything to deserve such a trip, well... I guess that's proof the government spying works.
I have to wonder...
When people talk about the free exchange of information on the internet, did anyone stop to wonder who might be looking at that information? Here's a hint: It's not just the government, and they don't necessarily care if they come across something that is actionable intelligence that could save lives.
I realize that many people try to draw a bright line and say, "Government, you stay over here, while the rest of us will play over here." Besides the logistical impossibility of that, I think it's a rather dangerous game to play. I'm not even talking about the whole criminal enterprise aspect and government trying (vainly perhaps) to protect us, or the scammers who try to dodge and weave their way into a bank account or other ill-gotten gains. There is the fact that we have told the Government to stay out of our sandbox, while inviting our "friends" in who just happen to have resources equal to or greater than most governments to trawl through our tawdry details, all in the name of commerce.
We lie to ourselves by saying we can always do business with someone else, but does anyone actually believe that Facebook and others aren't aggregating enough information to find you elsewhere on the internet if they could profit from it? You can check all the boxes that say, "No, don't track me or sell my bank account to Nigerian princes," but it doesn't take many data points to at least predict your demographics, and a few more could narrow you down further to you or your terrorist twin in Algeria, the deciding factor being the result you click on when looking to add to your knife collection.
I don't condone the behavior of the American government, and at least I have a voice (ha!) as an American citizen. Perhaps even a bit more protection. And I don't subscribe to the "Nothing to fear if you have nothing to hide" bull, because it's the same claptrap that was pushed by Dick "Powered by Hate" Cheney. But I also don't think that my online persona, my personal communications, and all my real and virtual meanderings are free from use and abuse by other entities. While rendition is a terrible thing that no human should ever be subjected to, regardless of real or perceived intent, what about my credit score, my identity, my life being trashed by a bad algorithm, poor security, or corporate neglect or malfeasance. We should take to government to task for this, but that same harsh light and public interrogation should be turned onto the companies, entities, and others who have the same data and use the same mining and exploitation. If we fail to do that, whining about what the government is looking at is nothing more than mistaking a single tree for the entire forest.
Re: No SD slot?
Perhaps I'm missing something then. I often swap movies and music in and out of my phone using a USB cable and disk mode. And I have a removable micro SD card. It's just that by the time I remove the back of my phone, take it out, plug it into the USB port via its included USB cradle, and start the transfer process, I could have just plugged my entire phone in with a USB cable, selected disk mode, and started the transfer. And some phones with removable SD cards are hiding them in a way that requires tools and other procedures just to get it out of the phone.
While I get that a lot of the internal memory can be used by the OS and bloatware (7.5 of the 16GB on the S4 and with the added pleasure that they didn't allow you to install apps on an SD card you inserted), it does seem like much ado about nothing. I get if you are on a longer trip or stuck on a transcontinental flight, it might be nice to have more than a couple of movies with you. But we are still talking about a feature that isn't high on the list for most smartphone buyers, who rightly or wrongly have been wooed by light and thin. Perhaps it will be in the future, but with WiFi everywhere, pretty decent LTE coverage (at least stateside), and other things, on-phone storage of media might become rather antiquated. Data caps might strangle that idea before it can get out the cradle, though.
Re: No SD slot?
That's a use case that probably has many other requirements beyond a removable SD card.
I for one am glad to contribue to the downfall of man...
Err... I mean the advertising useless crap that I don't care about. If I'm at Newegg and they want to target me with ads about something that's related to other stuff I've browsed there, thank you. Same with any other site. It's bad enough to see the crapvertising that's based on my IP address, telling me that Obama commands me to get new car insurance, or I should contribute to some turd's reelection campaign in the armpit of my state. If I want to block third-party cookies, that's my choice.
Now if only there was a way to modify those third-party cookies into something malformed that made their database drop a huge load all over the floor....
While I still use my old-fashioned flim SLR for photography once in a while, it, much like its younger DSLR siblings, is bulky, large, and requires more than just pants pockets to keep on you. What do you consider an "actual camera"?
The compact digital cameras that mimic the old point-and-shoots aren't exactly head and shoulders above the Lumia 1020 on paper, and for good reason: for day-to-day photography (not just selfies in the bathroom mirror), smartphones have been destroying those $250 compacts. You (almost) always have your phone, so that quick pic at the bar or out on the lake (I'm a fisherman) is going to be handled by it. No need for a dedicated camera that is only slightly less limited than your phone (or more if being able to upload immediately is a major want/need).
If you want to take artsy selfies, portraits suitable for hanging, landscapes, nature photography, action shots, or low-light shots, the DSLR is still the best bet, as it has swappable lenses, larger CMOS, and much better optics. But as I said above, the problem is the size and bulk that prevents everyday use, plus the much greater cost. At the same time, I know that some of the camera companies are trying out compact DSLR-type cameras, in hopes of carving out a niche between smartphone and prosumer photography. This could make such a job harder... or promote a very nice middle-of-the-road option for people to use in a point-and-shoot-sized body.
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland