Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:Not too hard (Score 1) 67

At the moment, the big US banks are rolling out "chip and sign", where you slide the card into a reader, but sign with a digital pen rather than enter a PIN. From a security standpoint, it's no better than the mag-swipe and sign system, as nobody verifies the signature anyway.

No, it's much better than the magstripe system because you can't clone a chip card, whereas its trivial to clone a magstripe card (e.g., using a skimmer). Magstripe: something you have, except it's easy to copy, so the bad guys might have it too. Chip and sign: something you have. Chip and PIN: something you have and something you know.

Sure, chip and PIN is more secure, but it's not true that chip and sign is "no better than the mag-swipe and sign".

Submission + - ESR: Radical Feminists Are Attempting to Frame Linus, Others for Sexual Assault (

_KiTA_ writes: Open Source Pioneer Eric S. Raymond has revealed explosive allegations on his blog, claiming that he has a source with evidence that the Ada Initiative, a tech initiative designed to support women in open source, has been attempting to frame Linus Torvalds and other high profile members of the Linux and Open Source community for sexual assault. Linus has been noted for never being alone at conferences as of late, apparently this is a defensive move due to repeated attempts to "scalp" him — getting him alone and then immediately pushing a fake claim of sexual harassment or assault to either have him arrested or pulled off Linux development.

Possibily related to October's Linux Kernel Dev Sarah Sharp Quits, Citing 'Brutal' Communications Style story on how feminist Sarah Sharp took words out of context to try and suggest Linus and Greg were being aggressive monsters on the Kernel Mailing List — something she equates with physical violence on her blog.

Sarah Sharp is a member of the Ada Initiative's Advisory Board, the group that is apparently behind the attempt to frame Linus, among others, for sexual misconduct.

Comment Re: Eeeehhhh (Score 1) 294

China, for the last several years, has typically been the largest holder of US debt.

They're the largest foreign holder of US debt. But about 2/3rds of US debt is owned by domestic entities--and of domestic holders, Social Security owns the most, at about 16%. How does the US government own its own debt? Who knows? But in any case, China is a couple steps down the list; it owns about 7% of US debt.

Comment Re:Is this obsolete already? (Score 1) 317

Sorry, UK guy here. Somebody seems to have a made a repost from the early 2000s...

We're just in the process over here of replacing chip and pin with 'contactless', thus removing the security that the PIN afforded us.

We have that in the US too (e.g., Visa payWave, Mastercard Paypass, Discover Zip. EMV can use either a contact smart card (ISO/IEC 7816) or a contactless smart card (ISO/IEC 14443). They both have chips; the difference is whether the reader communicates with the chip via electrical contacts or via radio waves.

Also, what's happening today is that US banks are changing who has to eat the cost of fraudulent transactions... it's not that the US is just getting EMV cards (or contactless cards) today. They've been around for years... Discover Zip was out in 2011 (however, it still hasn't become popular... probably because there weren't many terminals that could do contactless back then. Now that merchants are being forced by the banks to upgrade their terminals to support EMV, a lot are getting terminals that take both contact and contactless).

Comment Re:You are right for the wrong reason (Score 1) 317

Which hurts in countries whose cellular carriers charge subscribers to receive SMS text messages. Slashdot's home country (USA) is one of them.

Whether a cellular carrier charges extra to receive an SMS isn't a country-dependent thing. Or even carrier-dependent. It depends on which plan you have purchased. All major providers in the US (and probably all providers, even the minor ones, but I haven't actually looked) offer plans with unlimited SMS--i.e., you pay a flat monthly fee and you can send/receive as many texts as you want for no additional charge.

Comment Re:Only if you use App Cards with APPS! (Score 1) 317

So if you can do a bit for bit copy of the data to a new chip

That's an awfully big "if". It's very impractical to copy the data; the chip on the card isn't simply some flash memory chip, it contains a microprocessor. And it has memory that's only accessible by that microprocessor. So if you can't read that memory, how are you going to write it to a new chip? Maybe you could remove the chip from its packaging and look at the silicon with an electron microscope, but nobody's going to go through that time and expense to copy a card that has a $5000 credit limit or whatever.

Chip cards have been around for over a decade in Europe. While there have been some attacks on them, none involve cloning the card. (There was a paper describing an attack that has "cloning EMV cards" in the title, but the flaw was actually in the card reader terminals. The card wasn't literally cloned... they just found a way to trick the terminal into thinking another card was the same as the original card).

Comment Re: Face facts, she is not going to admit anythin (Score 1) 348

I see zero problems with a private email servers, private cell phones, or private carrier pigeons.

However, I see a major problem with how supposedly "secret" information was retrieved from the classified network and leaked into an unclassified network (regardless of what that other network is).

You seem to be thinking of this from the perspective of a lower-level employee, like some IT guy or something. Clinton was the Secretary of State--she's capable of creating secret/classified information. She doesn't need to get secret info from a classified network. And she was trained to be an "Original Classification Authority"--she's supposed to know whether what she's writing is classified or not. She claims nothing she wrote/emailed was classified. However, others who reviewed the email afterwards have said that they certainly should have been classified.

Comment Re:My Microsoft ergonomic keyboard has it on the l (Score 1) 240

Yeah, I had been using the right hand, but when I switched to MS split keyboards, they all have the 6 on the left side of the split, so I had to change. According to TFA, in the US, touch typing students are taught to use the right hand for 6; I learned to touch type in the US, so that must've been where I got it from.

Comment Re:What kind of stupid question is that? (Score 1) 240

If you're only typing numbers, that's fine. But it's inefficient to be typing letters then move your hand to the numpad just to type a digit or two. Same reason keyboard shortcuts are important in word processing and other keyboard-centric applications; you don't want to be moving between the keyboard and mouse all the time.

Comment Re:Let's do it! (Score 4, Insightful) 113

You expect every button in an application to have text on the button itself fully describing what it does?

Yes. Most people only read what is on the button itself, if even that. Expecting them to have read the entire page to know what it is that they will be doing (it's not even mentioned in the page title) is too much.

No, I think it's just you... you must have a huge problem when using any GUI interface these days--"OK or Cancel? OK to what?? Cancel what??? I have no idea what it's talking about!"

Comment But Unicode doesn't standardize the actual glyphs (Score 1) 194

What would the point of this be? In general, Unicode standardizes codepoints and other abstract properties of characters, but it doesn't standardize how the character looks. U+0067 is "g", the "LATIN SMALL LETTER G", but exactly how that looks depends on which font you're using. Or more relevant, many emoji are very different between Android and iOS. I'd think that symbols for food allergies need to look the same everywhere if the point is for them to be used as warnings on food packaging, menus, etc.

Diplomacy is the art of saying "nice doggy" until you can find a rock.