110 posts • joined 27 Jul 2009
They also zoom in 2000 x on a reflection in a hubcap to capture your pin code.
I think you'll find a single pixel is sufficient :-)
Re: low wage/no wage market
Their failure has nothing to do with their customer base, they were successful, but if you only sell three things, A, B, C, and the monopoly suppliers of A and B stop supplying you, you are screwed.
There are many more hotels than just two involved now and the common point is booking dot com ( BDC)
One of the Trip Advisor threads relates how the website interface used by hoteliers to access their BDC info is only protected by a 4 digit pin, so all you need is to select a hotel and try a PIN. Keep using the same PIN across multiple hotels, you'll soon enough find a valid hotel/pin combination. Thats one way they could be getting in.
This is also very targeted fraud, its not just done only by email, they are phoning out to "marks", and answering the phone to enquiries (using a supposedly BDC phone number in the email, obviously its the scammers)
So, this is a low volume operation, might only be a handful of people operating it, there is no point blasting any info gained out or selling it, each "mark" needs careful treatment, plus the fact there isnt a mass email going out pretty much proves its selective access, eg not every single BDC booking has been compromised.
IMO BDC's public response is pretty pathetic, all they have done is put out a bland email about crooks targetting credit card numbers, when its bank transfers (no doubt via mules) they are using.
The flaw with the "it doesn't matter" theory is that with a list of email addresses I can then do a brute force attack against those addresses and some are bound to be hits. eg if I try "pa$$word" on a list of a million hotmail accounts each only one try, I am probably going to get tens of thousands of hits. Now do it for the top 10 or 20 passwords, and I'd probably get 10% of the database. At least part of the iCloud attack is reputed to have used the top 500 passwords.
So I suggest the first thing you need is a username that maps to an email address, and the user name is used to login, not the email. Now to even start an attack I first need to know your username for this account and thats not something thats going to be bandied around as much as your email.
Re: Mental Illness App
Anyone who knowingly allows Apple and thus the whole world
?????? there's a non sequitur if ever I saw one.
Re: The only reason for this...
If thats the best you can do, Apple's in good shape.
Its an allegation and even then its not even an allegation that that PII is sold, merely demographic info.
Re: "The basis of this article is laughable"
Not so funny when you have paid for seriously expensive test hardware only to find it is not going to do things you expected
That is nothing at all to do with this practice, and everything to do with being inept at purchasing. IF there are things you "expect" then write a list of them down and ask the vendor if they are included or to price them in
Re: Oh no
Ye standard Aston Martin retort: nobody has to make petrol specifically for Aston Martins. They just work on the same petrol as the £10k cars. Somebody has to make apps specifically for iOS. iPhones/etc don't just work on the same apps as sub-£100 mobile phones.
Except to stretch that analogy (but not break it) due to Androids fragmentation, stranding of old OS's on models not much more than a year or so old, and their users reluctance to spend money, you can make petrol for any Aston Martin model and rake in about 4-5x compared to any other, because you would have to make different petrol for each Ford Fiesta, Ford Escort, Ford Mondeo etc and the same for every other Vauxhaull, Citroen etc model, any one of which individually has a tinier market share than AM's range overall, *and* and whose users spend less.
Re: Trying to save the UK, whilst the world carries on regardless
Interesting. It works if I cut and paste the link, but not if I select it and right click "open in a new tab"
Page Not Found
The page /storage/ECMA.Aberdeen.actual.pdf could not be located on this website.
We recommend using the navigation bar to get back on track within our site. If you feel you have reached this page in error, please contact a site operator. Thank you!
Return to the Front Page »
Its somewhat disingenuous to state that you "saved £1,000 a year on you home electricity bill" when it turns out that what you actually mean is that you saved £1,000 a year on the bill of a small ISP with a shed load of computing equipment. Hardly what the average or even keen hobbyist might have, how many have Air Conditioning fitted in their homes to cool their PCs down?
Re: Trying to save the UK, whilst the world carries on regardless
File not found, try again?
What do you mean "Even if we can't compete on scale." ?
Surely $1.2bn, even in Oz dollars, is not at all shabby and something to be proud of, indeed starting with a project at a mere $6m that "will ultimately cost Queensland taxpayers an estimated $1.2 billion" puts you right up there with the big boys.
"Ignoring that issue"
Errrrmmm..... why would you ignore the issue of producing 200kg of hydrogen when you started with 18 and in total only have a mass of 159kg?"
Why indeed would you even read on past that point?
Re: just go to your bank and send a wire transfer to our account below
As mentioned in the article, it seems unlikely booking.com are the source of the details here, otherwise there'd be a lot more noise about it
The noise is happening. Three or four more reports now on Trip Advisor.
All different hotels, all booked via booking dot com.
I'd say its pretty clearly a breach at booking dot com
I am fast becoming a devoted follower of the IBAN transaction method. Seems much safer to send the money via bank transfer than to use credit card details that can be scammed.
I wonder what definition of "safer" you are using when you think:
1. pay by bank transfer, money is irrevocably gone, and if actual fraud rather than rubbish service is happening, is transferred between several accounts and becomes untraceable and you have no comeback in either case.
is safer than
2. pay by credit card. If its a scam, you get your money back.
There is a report in Trip Advisor today same scam entirely different hotel (The Rockwell in London).
Booking dot com initiated booking again though.
Re: Self service checkouts
"You don't have to wait for an older staff member to come over and allow the person actually serving you to sell you alcohol because the spotty oik on the checkout isn't 18 themselves yet."
Yes you do. If there is an 18-plus item in there then the flashing lights will come on and sirens will sound and they will send someone over. Otherwise all the 14 year olds would be buying their cider via this route.
By getting the spelling different to how your parents wanted it, that became the right (aka "official") spelling of your middle name. Like it or lump it.
Re: @Steve Evans
If a UAV takes a hit from a firework and goes down, odds are it crashes harmlessly, but those odds are far from 100%
It could crash anyway, irrespective of fireworks.
Re: Time for some truly revolutionary GUIs?
LOL. "draw their request". Hilarious.
"what were you doing at the office today dear"?
"I was playing bloody Pictionary with the computer again"
"Unless I'm about to set off on a long journey, I don't generally fill the tank until the fuel warning comes on. Why would you? But I suppose battery power might lead you to want to 'top up' more frequently."
Not only that, unlike with petrol, you can top your car up every night at home so in the morning its *always* got a "full tank". If that was the situation now with petrol cars, how many petrol stations would you need? 5 or 10% of what we currently have?
Once electric cars get to say 200-250 miles on a full charge (about double what it is now?), what percentage of cars would need to recharge mid day / journey ? And if the ones generally being driven on those long journeys had standby petrol generation, like the BMW i3, even that need goes away.
Re: Electric cars work fine for me
"There's no additional battery lease cost."
There is with a Renault Zoe, which is the post i was responding to.
Good for you with the Leaf, sounds like you have hit a sweet spot there, though to be fair a 70 mile round trip is in fact two, 35 mile drives, which I think most would classify as "a short trip". DO you top up at work?
Whilst my "normal" commute is only about 15 miles each way, once or twice a week I need to do anywhere from 50 to 100 mile drives. Each way :-( An electric car (unfortunately) cant match this kind of useage and owning two cars makes no sense at all.
Once they have around double the range we see now, lets say 250 being easily attainable, I think the use will really take off
Re: Electric cars work fine for me
"but the £25/month 'fuel' cost (used to be £180) "
I think you forgot the **at least** £70 a month battery lease cost ?
So you are saving £90 a month at best, and since the car, from what I recall is about double the cost of a petrol equivalent, the time to pay back is far longer than you'd keep the car.
There are other reasons to get an electric car but money saving isn't one. Yet. Unfortunately.
Re: it must be good, its been in development for twenty years
So what have they done for all those "legacy" oracle apps that rely on ROWID?
its not addressing that.
I bet you'd complain that a cure for cancer doesnt fix malaria.
watch the videos or read the writeups, its completely different.
"I don't actually know anybody who lost their phone, broke it, or had it stolen…"
You definitely need to get out more !
RIght, because everyone makes backups.....
The 0.0000023% of Android users who take regular backups wont be in the population of clueless morons who download this trojan.
Re: Hmm, coicidence?
"Anyone would think Apple cooked this one up.."
Only for values of "anyone" = clueless tinfoil hat wearing conspiracy nut.
Re: Android Intents?
Maybe it is. And if its a good idea, which it seems to be, there's no reason that Apple shouldn't also do it.
Apple dont have a monopoly on good ideas, it seems with this release they've realized that and are taking some good stuff from other sources, for example the spellchecker with multiple suggestions, the like of which is on my wife's Sammy and is much better than Apple's fascistic one.
Re: Website policy stupidity
You can never be too careful. A password is obviously needed in case someone was to maliciously pay your bill for you.
So by slamming electrons into a block of gold ...
... they can create electrons ?
They could remove the block of gold, give it to me as payment for saving them the trouble, and get several orders of magnitude more of electrons.
"Having said that, Apple stupidly removed iTunes sync for contacts and calendar "
- agreed, but they are sensibly reinstating it in the next point release.
Re: TBL is MS!
Copied fine on Firefox.
<<They took on someone from a company that spent 9 years on an ERP rollout and then decided to abandon it to conserve money. To run the ERP introduction.>>
FWIW the ERP at BA was SAP. Which I presume didn't put SAP in a good place when the guy in charge of deciding which to buy at JL was the guy previously in charge at BA :-)
And, presumably having 9 years experience of how not to do it, he must have a "dont do that" list.
Re: Sloppy research??
ll you need to do is set up the iPad as a new device and it's fully usable, but whatever was on before, is lost.
As per another post, that is just plain wrong if "Find my iPad" is activated.
Once that is done its not useable without the original account and password.
Its not just Microsoft at least that has some security
NHS are currently rewriting Spine using Riak as the underlying database. The section on security in the Riak manual can be paraphrased as "there isn't any, write it yourself".
"We believe we have all the pieces to achieve a full recovery of the boost stage"
Ones *here", the other seventeen are between 250 to 500 metres over *there*, and *this* ones at the bottom of that smoking crater.
I wish them all the best.
Re: iPhone 4S
The argument was regards the statement it was "impossible to replace" not quibbling over the price.
Anyone else find the word "collapse" at the bottom of that twitter post amusing?
Re: Improved password change security!
I didn't have that problem, but it only asks you to type the new one in once. Insane.
Re: Public Records?
Being arrested does not mean the person is guilty, just that they have been arrested.
Yes but the point is, the hashtag wasnt "driversarrested" or "driversaccused" it was "drinkdrivers" which implies guilt. Thats the point of the case.
Staff at the US chain will now >>>>>call<<<< and email customers whose contact information was illegally harvested.
Whats that ,a quarter of the US population. I dont think they'll be calling.
In any case, doing so or even announcing they will be doing so, has created a new phishing threat.
"Hi I'm Joe Phisher from Target, I have your details here so you can verify its me, we just need to get your bank PIN so we can update our records..."
"oh yes I recall reading Target were phoning their customers phoning, so it must be you".
"and if you can give me your full bank details I'll be sure you get your $100 as compensation. We just need your banking passcode."
Dumb and dumber.
Is this a cunning way of getting lots of publicity?
Change the keys angled appearance on the production models so its no longer an obvious copy, and in the meantime the association between blackberry and this keyboard has been nicely entrenched, since "it must be good if bb are suing" ?
Re: I dont get it...
I suspect Oracle would prefer you didnt because you would only be paying for one oracle instance, rather than a number of them, but its perfectly ok to do it..
Oracle dont care how many instances you run, they charge on total cores or users.
EDIT: And I see I'm a bit late saying that as soemone else said it a week or more ago. Oh well.
Presumably the outrage is because companies that host their own systems never have outages ?
Re: But slowly – over time
.... but they do gradually become vulnerable due to new bugs being discovered, which now wont be patched.
Re: LOHAN contamination.
<<In fact a concentration in the upper atmosphere that is high enough to detect in a single sample drawer implies a concentration in space that satellite dust collection experiments would have found by now.>>
I suspect it implies a concentration thick enough you wouldn't be able to see the planets let alone the stars.
oh dear ......
"A doctor can have entire day or entire weeks of data right on the device," Yaseen says."
"and lose it, to be found in a wide variety of locations" I say.
"Or have all of your phone activity analyzed and data-mined."
So your contention is, that's not already happening anyway ?
NOot true that only Apple asks for this
You wrote "and was told by her bank that they had never heard of private companies asking for this information."
This is not at all unusual for many third party online travel companies. (Usually, the ones with the worst reputations.)
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- TOR users become FBI's No.1 hacking target after legal power grab
- Vid Reg bloke zips through an iPHONE 6 queue from ZERO to 60 SECONDS
- Anal-ysis Buying memory in the iPhone 6: Like wiping your bottom with dollar bills
- Bacon-related medical breakthrough wins Ig Nobel prize