Michaels Stores Investigating Possible Data Breach
Nothing in the article states that the fraudulent charges were run as Chip+[Sig/PIN] transactions, though. They were processed in a way that bypass the chip:
- 1) Card not present transactions (mail/phone/internet)
- 2) Cloned magstripe-only card on a non-chip terminal (I had a chipped Visa fraudulently used in the US with this method)
- 3) Same as #2 but with a PIN at a merchant terminal for cash back or at an ATM for cash withdrawal or advance
I've yet to hear of a case where a fraudulent chip transaction came from a cloned card.
Forcing everything in the card present transaction chain -- cards, POS devices and ATMs, card processor networks, banks -- to require the chip, eliminating the use of the magstripe, should (at least in theory) eliminate methods 2 and 3. But there's still the issue of card not present transactions. Until you find a viable solution for that, the scammers will always have an avenue for fraud.
Verizon Wireless Goes Ahead With 'Bucket' Data Plans
USA Today is making that up. There's an unlimited calling, unlimited texting, 300 MB data plan but
- 1) it's only for basic phones (not smartphones)
- 2) it costs $70 per month (not $80)
VZW's PDF (http://solutions.vzwshop.com/shareeverything/pdf/verizon_share_everything_plan_details.pdf) excludes smartphones from the "Share Everything Plans for Basic Phones" and "Data-Only Plans," therefore the minimum charge per month is $90 -- $40 for the device, $50 for 1 GB data. I'd argue the minimum is $100, since (if you keep reading) it's worded like a family plan with a two-device minimum, and the cheapest 2nd device is a tablet @ $10.
What isn't clear is if there will be single-line pricing, though the wording ("Select one smartphone and up to nine more devices", emphasis mine) implies that it'll exist. Most of the multi-line scenarios I can think of, however, are running $10-$30/mo higher with SE, with the biggest hit to basic phone non-texting customers. In my case, it's $110 now (2 basic phones, 1 smartphone w/unlimited data, no texting) vs. $150+ on SE (1 smartphone, 2 basic phones, 1 GB data, which I would definitely use in a month) so that's a ~33% increase.
Apple Nixes iPad Giveaways
Silly Fonts aren't even copyrightable let alone trademarkable
The U.S. Copyright Office catalog would beg to differ. Run a quick search in there for Myriad Pro -- one example is document TX0005308118 registered on 2000-10-30 to Adobe Systems, Inc. You can also see registrations for ClearViewHwy, the new font for highway signs, plus if you search USPTO you'll find a trademark application filed in 2003 for the name of the font.
PBS Web Sites and Databases Hacked
and additionally have advertising: their shows are all standard "44 minute hours" with the remaining time taken up letting us all know about how this show was made possible by a grant from the buystufffromus corporation
Now that is just false. The New York Times just ran an article today about PBS's programming model:
And, [John F. Wilson, the chief programming executive for PBS] noted, PBS shows would still be “the longest hour in television in terms of content,” with as much as 54 minutes of programming, compared with about 40 minutes for commercial networks.
Not to mention, the current programming format means that unless you're watching something over an hour long (e.g. Masterpiece, Great Performances) you don't have to sit through any sponsorships or use a DVR to skip them during the actual program -- the exception being membership drive broadcasts. From what I recall, the best the broadcast networks have done was the "limited commercial interruption" model -- last one I remember was "24" and they still had one or two cheesy Ford commercials during the actual show, probably 2-3 minutes each in length. Plus there's all of the in-show advertising/branding Ford got, in addition to their commercials.
(The article linked above explains that PBS will test programming breaks within the one-hour window, possibly once every ~15 minutes. Even if that becomes the norm, what you call "advertising" on PBS is a far cry from the advertising on broadcast/cable networks. It's a step removed from premium cable -- e.g .HBO, Cinemax -- but just barely.)
New York Times Paywall Goes Live, Loopholes Abound
for $3.75/week you can get a sunday NY paper delivered in the US, and that gives you a free on-line subscription. By itself the on-line subscription is 3.50/week. SO for less than the postage you get the delightful dead tree version too.
I thought about that too, until I found out that for the D.C. metro area, that's the intro price and only good for 8-12 weeks. After that, it doubles to $7.50/wk. Last time I checked -- granted, it was several years ago -- the newsstand price for the Sunday NYT was only $5.00. (In my case, since I own a smartphone but no tablet, I would be better off taking the Sunday NYT for 12 weeks, then switching to digital.) I'd be curious to know what the NY/NJ/"home area" rate is compared to D.C., or if other parts of the country have cheaper "standard" rates.
Square Enix Attempting Final Fantasy XIV Damage Control
- Various other major bugfixes, particularly a fix to the "can't alt-tab out of full-screen mode" bug, which was present in FFXI as well.
Would people stop propagating this myth that Alt+Tab is a bug? It's not a bug and Square-Enix said so. The PC version of FFXI was intended to be full-screen only without the ability to Alt+Tab, and the linked notice clearly implies it was implemented to prevent the use of cheating tools. (The effectiveness of that is beside the point.)
Final Fantasy XIV Launches To Scathing Reviews
Pretty good job? It was hard enough just pulling down patches and logging in during the limited alpha/beta windows, usually only 5-6 hours at night a few days a week, with the game blacked out the rest of the time. I tried to file bug reports and the form gave me an error, with no secondary way to contact them. Then they only wanted to solicit certain types of feedback per testing period, and if you didn't post within a few days you were SOL -- they locked the discussion thread. It was like going down a checklist: we've asked about item x for two weeks, now we'll move on to item y, we don't want to hear about item x again.
I played FFXI for several years after the North America launch. The game wasn't perfect, but eventually I got the hang of the controls and could navigate the UI without looking. Even with the lack of English-language sites documenting the quests, missions, jobs, weapons, etc. at the NA launch, most of the game mechanics made sense. With FFXIV, it's like they tried to come up with a more in-depth, customizable version of FFXI and ended up with a horribly complex and convoluted system. The XP system was unclear, they were offering job classes which were unplayable during the early stages of beta (and not warning people or removing the class option), and then there were the laggy menus with laggy submenus containing laggy submenus leading to laggy submenus ending in more laggy submenus, etc. In FFXI, attacking a monster with the keys was simple: tab to it (target name in bottom-left corner, monster highlighted with an arrow above it) and then Enter x2 (confirm target & issue attack command) to attack. I could keep my left hand over WASD and my right over the arrows and still comfortably play thief -- a class which required a lot of positioning and timed macros to play effectively. The controls in FFXIV just never made sense -- this coming from a PC gamer who has never felt the need for a gamepad.
I was appalled by the beta. It looked and played like some piece of concept code. At least in its day, FFXI was a notable contender in the MMO space, with its international reach (auto-translate was vital for playing outside of your region's peak hours) and broad player base (console & PC). FFXIV just looks like something S-E threw together to meet a deadline.
New "Circuit Breaker" Imposed To Stop Market Crash
You can easily lose more than what you set because of situations like this. If it moves faster than you can sell for that amount, you will sell at below your stop loss number. You can set it at 40% and lose 99%
And this is why you only use a stop-limit order. You can place your stop at a price reflecting a 40% loss with a limit reflecting a 45% loss. Using May 6 as an example, a stock trading at $50.00 that printed at $0.01 would trigger the 40% stop, but your order wouldn't fill below $22.50, limiting your loss to 45%. (And your trade would not have been busted by the Clearly Erroneous Ruling Policy, since the criteria was price deviation greater/less than 60% from the last print at or before 2:40 PM ET.)
Some brokerage firms offer both stop and stop-limit order types. In a world of millisecond trading, using a stop-loss is playing with fire.
Verizon Defends Doubling of Early Termination Fee
Why are people complaining? Take a basic individual plan and a basic (Moto W755) phone on Verizon:
- 2-year contract
- Monthly plan: $39.99/mo
- Phone: $0
- Cancel after 1 year: $654.88 ($479.88 + $175 termination)
- 2-year cost: $959.76
- Month-to-month contract
- Monthly plan: $39.99/mo
- Phone: $249.99
- 1-year cost: $729.87
- 2-year base cost: $1209.75
It's still cheaper after one year to pay the full $175 ETF on-contract than go month-to-month because they inflate the "real" cost of the phone. The month-to-month plan is nothing more than a veiled warm-and-fuzzy to the people who want to "stick it to the phone company."
The Machine SID Duplication Myth
Agreed...when I was reading up for one of the Server 2008 AD MCTS exams, I cloned a base VM image of Server 2008 to simulate two DCs, a file server, an IIS/application server, etc. I had to download and run NewSID because every server I joined to the domain (i.e. the "primary" DC) had problems getting joined correctly. I don't recall the specifics but Server 2008 did throw a hissy fit and I had to run NewSID on each VM prior to joining before I could do anything else.
Bank Goofs, and Judge Orders Gmail Account Nuked
The balance sheet will break out assets and liabilities on a specific basis and you can clearly see where the banks got burned - mortgages, mortgage-backed, and asset-backed securities, on both the assets and liabilities -- basically, assets which the banks clearly didn't know how to count. (See Merrill Lynch's 10-K as an example.) For ML, there were massive losses in securities financing transactions, mortgage/asset-backed securities, and considerable losses on derivatives in 2008. The summarized balance sheet clearly shows what happened -- high leverage levels means that it only takes a 3% drop to wipe out shareholder equity (for ML, it was barely 3% - $667.5b in assets against $20b in equity) and ML saw a 34.56% decline in assets FY08 ($1t in FY07 to $667.5b in FY08). They got the leverage to 13.18 in Q1 2009 (down to 13.18 on $569.8b assets, $529.6b liabilities, $40.2b equity) which gave them a 7% cushion, but with a 14.6% decline in assets during the quarter. Profits and share issuance can help raise the equity and counter a drop in assets, but you're pretty much screwed trying to make up a 34% decline.
The ratio for ML reached its peak at the end of 2008, as the subprime mortgage market cratered:
- 2004 - 20.02
- 2005 - 19.13
- 2006 - 20.57
- 2007 - 30.94
- 2008 - 32.37
- Q1 2009 - 13.18
There's always been a race between big financial firms to beat each other to the very last penny (the concept of "flash" trading, for instance, has a hint of desperation in it) so one by one they decided to out-leverage each other to bring in bigger profits faster. It's a risk management problem -- ML bet their future in FY06 on continued success in prime brokerage and securities financing, as well as commercial and residential mortgage loans and long-term debt, while ignoring a 18% drop in equity due to a net loss in continuing ops, stock repurchases, and dividend payments of $1.40/share.
Wordpress.org Warns of Active Worm Hacking Blogs
You (and only you) access your Wordpress blog twice a month to make a semi-monthly post.
You see the admin panel when you log in.
The admin panel shows you when an update is available.
Therefore, you may be up to a half a month behind on update notifications delivered through the admin panel.
A half a month doesn't sound like a big deal but look at the most recent releases:
- 2.8.1 - July 9, 2009
- 2.8.2 - July 20, 2009
- 2.8.3 - August 3, 2009
- 2.8.4 - August 12, 2009
They really need an e-mail distribution list for those not already monitoring the development blog via RSS or security blogs, because 10 days is a reasonable amount of time for someone to not log into their blog. It has nothing to do with whether you use the admin panel or not, and everything to do with the critical "fix for a fix" that comes barely two weeks later.
Blackboard Patent Invalidated By Appellate Court
Actually, I am quite familiar with it. Maybe your downtime was due to a poor server setup? A poor network setup? A poor computer setup? All of the above. Maybe it was implemented incorrectly? There are a lot of factors that would give you a poor user experience...that doesn't necessarily mean the software was crappy (though it could have also been the software itself).
Blackboard had multiple major software/hardware failures at their own Virginia datacenter hosting Blackboard for schools on Blackboard's own equipment. They had network cards write bad data for such a long period of time that the best backup Bb had would've resulted in nearly a week's worth of lost data (at the end of a semester, no less); they had major database corruption that required bringing in a 24/7 team of Oracle techs; they had a network component failure bring down the datacenter for several hours. In two semesters their own hosting had a week's worth of unplanned outages.
If life gives you lemons, you should make ...
Limoncello or hard lemonade would be good "Something else" options. Or use it to make a whisky (whiskey?) sour or something else with sour mix.
Microsoft Office 2007 SP2 Released, Supports ODF Out of the Box
No longer working as intended? What possessed Microsoft to change these three features:
- Add-Ins: previously at Tools --> Add-Ins; now at Office Menu --> [program] Options --> Add-Ins --> Go
- File properties (the Windows Explorer version): previously at File --> Properties; now at Office Menu --> Prepare --> Properties --> Document Properties --> Advanced Properties
- Start Slide Show quick-button: previously at bottom-left, now at bottom-right
So...the menu structure clearly wasn't letting people find the first two features, so they put them into a new menu and required two or three more clicks than before, including actions which are clearly repetitive? (Once the document properties "window" is open, I still have to click Document Properties --> Advanced Properties to get the Explorer version of properties?) I find it hard to believe that they moved the "start slide show" button from the left to the right because "people couldn't find it." (If they couldn't find it on the left, why would they suddenly find it on the right?)
Breach Exposes 19,000 Active US, UK Credit Cards
Your money is gone until you call the bank and they replace the funds pending an investigation. If you have $1000 in a checking account and someone fraudulently charges $1000 to that account's debit card, of course you can dispute the charge and likely get your money back. Your balance, however, is $0 *until* the bank replaces the money. E.g. if you had auto bill-pay run the same day for $200 and didn't see the $1000 fraudulent charge until the next day or received an overdraft notice, you'd overdraft by $200.
I would never use a debit card on my primary checking account for that very reason. At least if I need to dispute a fraudulent charge on my credit card, I don't have to worry about being temporarily out of $1000 and waiting a day or two for the bank to replace my money.
ICANN Responds To gTLD Plan Comments
For some, the web isn't even ".com," it's whatever name they type in the address bar sans TLD. I had a user complain that she couldn't access Google. She edited the URL already in the address bar to read "http://www.google" and didn't know why she was getting the 404. (I guess there's a browser which will append a ".com" without using a specific keystroke?)
With other users getting to Google from their Yahoo home page by searching for "google" and clicking on the first link, I wouldn't bet on gTLDs going too far with the user base. It will probably only be a cash cow for ICANN and the major search engines.
False Fact On Wikipedia Proves Itself
And yet my local paper (News & Messenger, Prince William VA) has published front-page articles explicitly stating "According to Wikipedia" and directly quoting the wiki article. Clearly the academic bounds on Wiki use have not made their way into the world of journalism.
Ruckus Closes Down
My university's website still links to Ruckus for "Music--Free and Legal Downloading" and we just had a whole bunch of copyright "awareness" posters put up in our computer labs that I think mention Ruckus.
Of course, every time I heard their name, my first thought was always "Are they still around?" If it wasn't clear before, the music labels don't care about anyone other than themselves, given the sudden shutdown.
How Do I Start a University Transition To Open Source?
Um, your two choices are really one. Blackboard bought out WebCT, so Blackboard pretty much owns the "Learning Management System" market.
And yes, it's a crappy system. Our university lost Bb service for an entire week -- during exams, no less -- because Bb allowed a corrupted database to be backed up so far back that when no one could download or upload files, Bb and their Oracle consultants had no choice but to rebuild. Not to mention the lack of communication from Bb on when they were taking down the system to fix the problem; they would say "We won't touch the system from 9am to 5pm" and promptly take it down at 1pm to try a new fix, without any advance warning.
WebCT wasn't a great system, but at least it worked and wasn't resource-intensive. Bb runs these painfully-slow Java applets that waste their time pinging the home server, require the Java applet to upload files (you can upload by HTML form but it still needs the Java applet to get to the upload page), and Bb will break if you try to use multiple tabs or if your browser crashes. It's too bad Bb did end-of-life on WebCT, but of course it makes perfect business sense to Bb.
These problems have pissed off so many faculty members that it might be forcing the administration to reconsider the Bb contract. So yes, I agree, it's administration and faculty that drive IT decisions, not IT.