Actually, post Chip+Pin (and RFID interact flash for that matter) this sort of attack isn't possible. That's because the chip inside the card creates a unique one time approval for the transaction. The approval is un-replayable,

At worst, attack wise, you might be able to perform a turnstile attack on it (Interac flash reader, taped to a turnstile say), but transactions over Interac flash are capped at under 100$ and every 5 transactions you have to re-auth with a full chip and pin, so the banks' risk is pretty limited there.

Disclaimer: I've not done an indepth analysis of the security controls myself. I know there were some weaknesses in the Euro implementation around not signing the list of allowable transaction verification mechanisms or somesuch (look up the blackhat talk if you need to know) but it's a LOT more difficult these days then inserting a skimmer on the terminal and video recording the pin. (Interac was always two factor, until interac flash).

Min

Mmmm, Internet tax!

World wide 2013 air crash fatalities: 29
World wide 2010 traffic crash fatalities 1,250,000 (est)

So unless you're going to argue that I'm 4310300% more likely to walk away from a fatal car crash, we're better off spending money there, looking at it from an objective point of view.

Fear drives us to make poor decisions. I fly a lot, but I understand that I'm just as dead from making an error at 70 mph as I would be asleep in my seat when the back end falls off my 737. Just 4310300% more likely to experience the former then the latter.

*disclaimer: Yes, I know, I mixed statistics from 2013 and 2010 above. I was too lazy to go back and find 2010 air crash statistics, but I seriously doubt it impacts the statistical analysis any more then the rounding error in the world wide traffic fatality stat.

Min

On traffic safety, agreed, long term, autonomous cars are the way to go. Some of the answer there is time and market forces, but I suspect a billion or two from the war on terrorism could move that along nicely. Faster technology evaluation and approval pipeline, more money for NSF funded core research, etc. But nearer term there are technologies that exist in high end cars that would lower traffic fatalities tomorrow if available in all cars. Blindspot object detection, lane departure alerts, etc. If the concern is about an objective attempt to lower the number of people who die each year, a dollar spent in this area is going to save more people than a dollar spent in airport security.

On diseases, if you're talking about a billion dollars to paradrop a few thousand doctors into africa to do contact tracing, then you have my support. If on the other hand you're discussing mobilizing the national guard to protect North America from Ebola, not so much, spend the money on the flu, which kills many more people world wide. If we do the right things in Africa, Ebola will never be more then a hideous way for a couple of people to die in the US. This is one of those situations where the "Protect the Homeland" mantra is worse then useless.

Min

If we wanted to actually make people safer we'd take very dollar we spend on airport security and Ebola beyond contact tracking, containment and isolation/care for the infected and spend it on:

1) Traffic safety
2) Finding better ways to fight the flu

Those two things would be way more impactful in terms of lives saved then the money being spent to keep air travel safe from terrorists and mobilizing the national guard to fight Ebola (not sure how they're going to do that, absent a shrink machine, Fantastic Voyage style).

Min

As I understand it, EBOV (and all other currently known strains of the Ebola family for that matter) transmits using a subset of the flu transmissions mechanisms, so if you're safe from the flu, you should be safe from EBOV too.

Min

I did a bit of RTFAing and clicked through a link and found some examples:

So there's at least some real world examples. Not totally hogwash methinks.

Min

Oh gods, I hope her behavior changes in 10 years! She'll be 16 then!

It comes down to knowing your kid.

I have a 6 yr old too. If she sees me looking at something on the computer, she'll come up, looking away and say "Daddy, is that kid appropriate?" before looking. I have no concerns that she'll break the rules, so I don't feel the need for any preventive controls. If I had a child with a different temperament I would react differently of course. For what its worth, my day job involves ensuring that people employed by my company are safe on the internet. Generally my 6 yr old is better behaved :)

you'll want a more accurate simulator!

Quick! Load Kerbal Space Program!

Or discourage the abuse from occurring in the first place, which is even better.

If the officer has to think "OK, I'm going to have to find a way to deal with the video camera" then maybe they don't do whatever it is that would require dealing with the camera.

That would suit me fine.

Here's the difference - we have firewalls on the Internet.

What they're saying is that the Bluetooth is sitting on the same network as your anti-lock brakes and there is no firewall.

Not sure about you, but where I work, if I didn't put a firewall between the internet, and my web servers and at least one more between my web servers and the database, I'd be looking for a new job. These guys hooked it up to the "internet" (bluetooth) and decided they didn't need any additional security between there and the "database" (your brakes).

Security is all about layers, and they've said that Bluetooth is all the security your health and safety critical systems needs. Not sure about you, but that doesn't leave me with a warm and fuzzy feeling.

Min

Agreed - and in this case "Hackers" == "Nation Sates"

No one is ever influenced by advertising, ask around. People say "no, I'd never buy something because it's on TV" but those infomercials stay in business for a reason.

So polling people and asking them if advertising is effective on them is a bit of a red herring. Like IQ tests - logically half the world has IQs less then 100. Oddly, I've never met any of them.

Now the question 'is social advertising effective' is certainly open for debate, but not because some survey says people believe it's not effective on themselves.

Min

Sitting on a closed toilet seat in a college bathroom where someone decided to install the Cisco router I needed to do unnatural things to with a Perl script.

Min