×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Want To Influence the World? Map Reveals the Best Languages To Speak

Phreakiture Re:Hi-Res Image? (142 comments)

Agreed. The image on that page reminds me of all of the PowerPoint slides that have been introduced with the words, "I know you can't see this, but . . . "

2 days ago
top

Ask Slashdot: Why Is the Power Grid So Crummy In So Many Places?

Phreakiture Re:Aerial or underground ? (516 comments)

There's a second question that has to be asked as well. In some neighbouhoods, the electrical service is run through the back yards, rather than the front. This was done for obvious aesthetic purposes, but the side-effect is that it is exceptionally difficult to keep those lines maintained.

Then there's a third question: what is the level of the local infrastructure? 2400V? 7200V? 13.2kV? Single-phase or three-phase? While a 2400V single-phase neighbourhood can have more stable power than a 13.2kV three-phase one, the likelihood is the other way around because the 2400V wiring is probably older.

For the record, my neighbourhood is 13.2kV single-phase, above ground. It is not 100% problem free, but I would estimate it to be well over 99%, based on my desktop computer without a UPS rarely being found in a powered-down state.

about three weeks ago
top

NSA Director Says Agency Shares Most, But Not All, Bugs It Finds

Phreakiture Re:That sounds nice... (170 comments)

Alright, fair enough.

about a month and a half ago
top

NSA Director Says Agency Shares Most, But Not All, Bugs It Finds

Phreakiture Re:That sounds nice... (170 comments)

Not sure why you're currently modded redundant as I came to say pretty much the same thing.

That sounds like something Yogi Berra would say.

about a month and a half ago
top

American Express Seeks To Swap Card Numbers For Secure Tokens

Phreakiture Re:Evolution of payments (130 comments)

Perhaps so, however, there was no assumption in my model that the device was a smartphone, nor any assumption that it had any kind of connectivity. Your model requires it, while mine would still allow for the payment device to be a card if that is the user's preferred option.

There is also no reason why these two approaches couldn't be implemented on the same POS system.

Now, the obvious question is why am I not requiring it to be a phone. The answers:

  • You want to encourage participation from those who do not have smartphones, or even phones at all, because the magstripe cards they are currently carrying are now demonstrated to be a security disaster. Enabling them to use a smart card instead keeps the object familiar.
  • You want to allow for folks (like me) who do not want to give their credit card details to Google or Apple.
  • You want to prevent your carrier from dictating your options, something you can put safely out of their control if you can use a device other than your smartphone.
  • You want to have options that are less hackable . . . kind of the point. A contact card sitting in your wallet is powered down. Short of dissection, you can't hack something that is powered down.

about a month and a half ago
top

American Express Seeks To Swap Card Numbers For Secure Tokens

Phreakiture Re:Evolution of payments (130 comments)

  • Merchant advises me of the total.
  • I give him cash equal to or greater than the total.
  • He gives me change equal to the difference between the total and what I gave him.

Now, if you want an electronic approach, how about this:

  • Merchant advises me of the total.
  • I take a device, could be a card, could be a phone, whatever, and authorize an amount. Optionally, this may (i.e. should) involve the entry of a passcode of some sort. This should be entered into my device, not the POS terminal.
  • I connect the device to the POS terminal (could be a plug, slot, wireless, NFC, whatever - not important).
  • The POS terminal assembles a transaction record consisting of time, date, merchant ID, terminal ID, amount, sequence number. It passes this to my device.
  • If the POS terminal and my device agree on the amount, my device will add my account number to the transaction record, and then cryptographically sign the record.
  • The signed transaction record is passed back to the POS terminal and sent to the processor.

If the amounts don't match, no signature, preventing overcharges. If the transaction is replayed, the merchant ID, terminal ID and sequence number collectively will function as a transaction ID and it will be recognized as a dupe. If any of the transaction details are altered, the signature doesn't match. If the vendor tries to do two transactions at once, the device won't sign both without me reauthorizing. If the vendor wants or needs to validate off-line, the signature can be checked using the device's certificate, the signature of which can be checked with a cached CA cert.

Now, because this approach is agnostic as to whether the device is a card, dongle, phone or whatever, and whether it plugs in, taps or even just flashes a QR code on a screen, I can see the approach being adapted to both bricks-and-mortar and on-line purchases. The only thing I can think of that we do with our credit cards now that might be tricky in this system would be recurrent payments, but those could be handled by pre-authorizing a year's worth of transactions or something similar.

about a month and a half ago
top

"Car Talk" Co-Host Tom Magliozzi Dies At Age 77

Phreakiture Re:Don't understand (82 comments)

Yeah, and I heard that in Tom's voice as I read it.

about a month and a half ago
top

"Car Talk" Co-Host Tom Magliozzi Dies At Age 77

Phreakiture Re:News for nerds? Yes, in fact, it is. (82 comments)

Yes. I was actually really interested in the one where they had ten envelopes that collectively held $1000, and the puzzle was to figure out how to distribute the money between the envelopes so that you could select any whole-dollar amount by picking the right combination of envelopes. The solution, of course, is to think in binary. That's pretty nerdy.

about a month and a half ago
top

Rite Aid and CVS Block Apple Pay and Google Wallet

Phreakiture Re:Good luck with that. (558 comments)

Yes, this is akin to saying that they accept no major credit cards, but that they will happily accept applications for a store card.

about 2 months ago
top

Tesla Teardown Reveals Driver-facing Electronics Built By iPhone 6 Suppliers

Phreakiture Re:Value (158 comments)

TFH says it was built by Foxconn, but TFA does not. TFA says it was built by a third party like the way Foxconn builds for Apple.

about 2 months ago
top

Android On Intel x86 Tablet Performance Explored: Things Are Improving

Phreakiture Re:When an x86 Android Phone in the US (97 comments)

I'm really waiting for an x86 phone that can be bought in the USA.

I believe that's called a Blackberry 950.

All snarking aside, though, I must ask: what is the attraction to an x86-based phone versus an ARM-based one?

about 2 months ago
top

ChromeOS Will No Longer Support Ext2/3/4 On External Drives/SD Cards

Phreakiture Re:Are those Amazon sales legitimate? (345 comments)

Pay attention, naive little brother: A machine with Windows on it costs the same as a machine without windows on it for the same model and specs . . . assuming you can even get a Windows-free version. This is because Microsoft have dictated that it be so. The difference, then, is that in one case you are paying for, and getting, Windows; in the other case you are paying for, but not getting, Windows. That, naive little brother, is the Windows tax.

about 2 months ago
top

Ask Slashdot: An Accurate Broadband Speed Test?

Phreakiture Re:Speakeasy Speed Test (294 comments)

I thought this at first, also, but I have had a pretty close match to Speedtest's claims when using scp to send large files to/from my EC2 instances.

about 2 months ago
top

Outsourced Tech Jobs Are Increasingly Being Automated

Phreakiture Re:grow your own (236 comments)

Bandwidth cost out to pretty well keep it out of the US. South Korea might win if that's the deciding factor.

about 2 months ago
top

Infected ATMs Give Away Millions of Dollars Without Credit Cards

Phreakiture Re:This doesn't add up (83 comments)

If you have access to the ATM physically, why not just take the cash there and then?

I suppose you could trigger the dispenser to start dishing out cash nonstop, but it is not as easy as it sounds. Getting at the cash cassettes is not easy, either, because the lower half of an ATM is, as you might expect when thinking about it, built as a slightly modified safe. Getting at the computer and modifying the software really is the path of least resistance.

Source: I used to work on these machines.

about 2 months ago
top

Belkin Router Owners Suffering Massive Outages

Phreakiture Re:Useful? Maybe if you could disable this 'featur (191 comments)

The bad? There isn't.

It seems as though installing DD-WRT/OpenWRT/Tomato/other-non-OEM-firmware will fix it on at least some routers made by Belkin.

about 2 months ago
top

JP Morgan Chase Breach Compromised Data of 76 Million Households

Phreakiture Re:Numbers don't seem right (76 comments)

Well, I can see two factors that you're not thinking about: (1) a person having accounts at more than one institution (e.g. I do) and (2) different people in one household having accounts at different institutions (e.g. my wife and I have mostly but not entirely the same banks). It makes it quite plausible that multiple large banks could have customers in over half of the nation's households.

This can be particularly pronounced with loans and credit cards for various reasons including "brokering" a deal for the end customer (think in terms of a car dealer or realtor finding you a loan/mortgage) and the fact that loans get bought and sold between banks.

about 2 months ago
top

Obama Administration Argues For Backdoors In Personal Electronics

Phreakiture Re:Clipper Chip Anyone? (575 comments)

This was precisely the first thing that crossed my mind. More to the point, I remember that both the EFF and the right-wing pundits (how's that for a combo?) were mocking the Clinton administration over it. RSA Security kicked up a hell of a fuss, too, though that may have been for show, given what we now know abou them.

about 3 months ago
top

Breakthrough In LED Construction Increases Efficiency By 57 Percent

Phreakiture Re:You know what this means (182 comments)

Yeah, no kidding. I'm a part time sound engineer and DJ, and the "Power" indicator on my mixing board is an ungodly bright blue light. I usually end up setting something on top of it to keep it from blinding me in an otherwise-typically-low-light environment.

about 3 months ago

Submissions

Phreakiture hasn't submitted any stories.

Journals

Phreakiture has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?