Similar in Australia. Validation for online lodgement of taxes with the ATO (Aust. Tax Office) requires:

- Tax File Number (analogous to ITIN in US or SIN in Canada)
- Reference ID number from previous year's Notice of Assessment
- An amount paid or owed, from a previous year's NoA or other bill

I am not aware of any identity theft or security breach that has occurred through this system, which has been running for over a decade.

Yeah - I did say that it's a bit like Lisa's tiger rock :) It's an unprovable assertion because it relies on the non-occurrence of events which may or may not have occurred anyway.

Still, I don't think literally rolling back the changes to the doors made post-9/11 is a good idea. The two-people-in-cockpit rule and maybe some refinements of the way the timed lockouts work is probably a better way to reduce these kind of incidents than making the doors less secure. If you make the doors able to be completely locked, as in this incident, then it makes this kind of incident possible. But if the door locks CAN always be overridden by someone outside (with a code/other means of authorization), then the reverse situation becomes possible - a crazy/suicidal pilot who has been removed from the cockpit can get back IN. There was a recent incident in the US where this same situation occurred in reverse ... the pilot was acting irrationally, so the co-pilot locked him out and took the plane to a safe landing. If the pilot could have overridden the lock and got back in, who knows what would have happened.

There is no complete solution since there's always a human trust factor involved. There are upside and downsides to being able to lock, and not being able to lock, the door.

That may open up some other potential avenues of attack though. You'd have to think about the implementation details very carefully - how would people outside the cockpit communicate with the ground? How would they identify themselves and prove they have the authorisation to request a remote unlock? How do you know it's not just a flight attendant being forced to request it by another guy holding a knife to their throat, who wants to access the cockpit? Or for that matter, what about crazy/suicidal flight attendant who calls and says "pilot's gone crazy, let me in"? The ground would obviously try to confirm the situation by talking with whoever's in the cockpit and asking "what are you doing?", but the person in there might be lying. Or the person on the outside trying to gain access might try to convince the ground that the pilot is lying even if they aren't...who do you believe?

The ground would have mere minutes to evaluate what's going on with the information they have, and decide whether or not to do the unlock.

Not saying that there are no answers to the above, but it'd require a lot of thought to implement well.

As it stands, the system now is that the ability to lock the cockpit is timed. Someone inside can hit the lockout switch to prevent anyone else gaining access ... but the lock disengages after a pre-set period of time (by default 5 minutes on an A320). This is precisely so if the pilot is genuinely incapacitated (e.g. unconscious), others can gain access after this period has elapsed. The flaw in this is obviously that someone intending to crash can just keep resetting the lock every five minutes (which is exactly what happened here). But medical problems in the cockpit are more common than suicidal pilots, so I guess that's why it was designed the way it is.

As I understand it, these systems don't actually ~prevent~ the pilot doing something that they have explicitly commanded, provided it's not something that as you say will push it outside of its stable flight envelope (and even there, you can still do that by forcing the flight control systems to revert to alternate law). In this case there wasn't really any 'programming' involved ... he simply turned a dial to tell the autopilot to descend to an altitude that was lower than the terrain level (incidentally, at the point the descent was initiated, they were near the Mediterranean coast so the local terrain level was close to 0 ... however their path then took them into much higher terrain).

You are correct that the aircraft 'knows' about the terrain. It'll throw warnings at you if you tell it to descend below the safe altitude for the sector you're in, and when terrain is physically detected nearby you'll get GPWS alarms etc. But that's information for the pilot only - it won't physically stop you flying somewhere you've explicitly told it do go.

I agree that the 'two people in cockpit at all times' rule that already exists in the US is a good idea and I'm sure this will now be introduced in Europe. Some airlines in Europe, Canada and elsewhere are already introducing it, as we speak.

As for the argument that the tougher cockpit doors and lockout mechanisms are to blame for this incident ... that could be argued, but those changes have probably saved more lives over the last 14 years than were lost in this tragic incident, so rolling them back would be unwise. Admittedly this is somewhat like Lisa's tiger rock - we don't ~know~ how many potential hijackings or cockpit intrusions haven't occurred simply because would-be hijackers know that taking that approach is useless now. But looking at the number of hijackings per decade pre-9/11 and comparing to now, I think it's safe to say the strengthened doors and new cockpit access protocols were a net improvement.

But all the security protocols in the world can't completely prevent incidents like this. Two people in the cockpit may make it slightly more difficult, but it just means the suicidal pilot needs to incapacitate the other person in there first. That adds an additional mental barrier (it is psychologically 'easier' to simply turn a dial and set an altitude below the terrain level, than it is to kill someone or knock them out first), so will prevent at least some of these incidents that may have otherwise occurred. But there is no complete solution because at the end of the day, those in the cockpit are in control of the machine and can do what they want with it. We put our trust in them, and in the airlines' ability to ensure their medical and psychological health.

Sigh. Why does the US always lag everywhere else when introducing new systems, and when they do finally do it, implement something that's different from the rest of the world. Seriously, it's the same way they do everything - slowly and half-assed.

I'm Australian but currently live in the US and banking here drives me up the wall. There's no universal bill payment system. There's no way I can instantly send money to another person's bank account (unless they're with the same bank) - I can set up a link between two accounts but that takes time, I can send a wire transfer but that has fees and is slow, or I could write a check/cheque, which is something no-one has had to do in Australia since ~1990! Argh. And yeah - no chip and PIN and virtually no penetration of contactless card readers (which I use for ~everything~ back home and love it). Oh and their paper money is, well, paper (linen actually, but its insecure and easily destroyed compared to our polymer bills).

This makes no sense anyway as everyone already has a ATM/debit card right? Which has a PIN. If they can remember that PIN, they can remember another (or in many cases, it will be the same physical card with the same PIN).

It's usually generically referred to as Paypass down here in Canberra too. Either way people know what you're talking about though. From my personal experience, I had contactless on my Mastercard (BankWest, Paypass) a long time before I had it on my Visa (CBA, Paywave), so maybe that's why.

I don't see an issue with offering the contactless. You can disable it if you want by contacting your bank. But frankly I couldn't live without it now. Took a trip to the US recently and it was like going back to the dark ages.

Contactless makes a substantial improvement to the time it takes to do transactions and I've actually seen the reduction in lines at checkouts as a result. So as long as it's not mandatory I don't really have a problem with it. Convenience has a price sometimes.

Weird that each bank has their own limit. Every bank account I've ever had imposes a daily ATM withdrawal limit ~for the account~, irrespective of how many ATMs you use to do it or who owns those ATMs...

Neat trick, though since it relies on the way the landline phone system works, it has a pretty limited target audience. Many (most?) people only use mobiles these days. Also most banks impose daily ATM withdrawal limits which aren't that high, so it seems like a lot of effort for relatively little gain. I don't think most people would fall for it if they thought about it for a second:

- Wouldn't it be your bank initially calling you about your card needing replacement, not the police? How would the police even know who had an affected card?

- Most people would know that a bank would never ask you for your PIN over the phone. And even if they didn't know that, needing it to "program your new card" makes no sense, since every replacement card I've ever received always has a new PIN with it anyway (which you can keep, or go and change it back to something you want)

Still goes to show you how inventive some of these guys are!

As an Australian who currently lives in the US, I can tell you that North American forests are way, way quieter than Australian ones. Birds particularly are very quiet here by comparison. I really miss magpies warbling and whipbirds and yes even the occasional cockatoo screech :)

Not only that but in Australia forests are noisy year-round. Here we are in deepest winter half the year (down to -30 C or lower) and there's not much animal activity happening in those months.

Yes as a comparison, I recently moved from Australia to the US. Similar sized city in both countries (~400k people).

In Australia I had a choice of ~30 ADSL2+ providers at up to 24/2 Mbps (down/up), plus around 4 or 5 VDSL2 providers offering a guaranteed 60/15 Mbps down/up. In each case the physical line the service was provided through was the same line, owned by the main telco, but many different providers could offer service over it.

In the US I have a choice of precisely one DSL provider at 6 Mbps/768 kbps down/up (ick), and precisely one cable provider who offers 60/4 Mbps DOCSIS3. Obviously I choice the cable provider. Thankfully they seem quite decent and I'm getting the advertised speeds. But if I had an issue with them ... I'd be screwed, since there's no other choice.

Cost was approximately the same in both countries. The US ISP has a nominal 300 GB cap but I don't think they enforce it. The many Australian ISPs I could choose from offered various plans with a range of caps: effectively pay more if you need more, pay less if you don't need much. For the same price as the US ISP I could get a 300-500 GB cap in Australia so it's basically comparable.

I was fairly lucky in Australia having the access to VDSL. A lot of people are stuck in areas where ADSL2+ is the top option. But even then at least you usually had dozens of ISPs to choose from. In America there's usually just 1 option per technology (i.e. one DSL, one cable, etc.)

No the way it works is that government builds and maintains the infrastructure - the physical cables and such - but then leases access to this infrastructure out to private companies so that those companies can offer retail services to the consumer on it. In countries/regions that have done this, the government itself isn't in the business of actually being your ISP, and it's not interested in doing so.

Uh, most (non-LCC) carriers outside of North America?

Hell, on Qantas in Australia (to take an example I know of, I'm sure there are others), you get fed in all classes, even on short 40 minute flights. Free drinks too, including wine or beer if it's a weekday flight after 5pm.