Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment: Re:How soon? (Score 1) 34

by Waffle Iron (#48641539) Attached to: The Beatles, Bob Dylan and the 50-Year Copyright Itch

Yes, the public should be allowed to profit from the work of others.

That's exactly true, and in fact that's the reason that the US Constitution plainly states that copyrights are to be granted only for limited times. The founders of this country clearly wanted the public to profit from the works of others, after as little as 14 years.

Comment: Re:One number to breach them all (Score 4, Informative) 76

by plover (#48639961) Attached to: Staples: Breach May Have Affected 1.16 Million Customers' Cards

I can only think the reason it hasn't been fixed is because fraud makes the banks money and they love seeing stories like this.

Well, you would be very wrong. Fraud costs both the retailers and the banks money. The real problem is that issuing new chip cards would cost the banks more than the fraud. Not only are the cards about a dollar more expensive each, and they still have to be re-issued about every three years, but the systems that inject encrypted keys into them, and store the keys on their databases, are very expensive. Banks are notoriously cheap when it comes to spending money that won't make them money.

The other reason EMV hasn't rolled out across the U.S. is that millions of retailers have about 12 million old credit card terminals spread across the country, and most are owned by cheap store owners who don't like being told they have to spend money to replace them. Most retailers have been dragging their feet, not wanting to make an expensive change. But the new members of the breach-of-the-month club are mad about the insecure systems they've been forced to use, and are now championing the rapid switch to EMV instead of fighting it. The smaller retailers are also impacted now, and are no longer resisting.

The irony is that EMV readers for the small retailers are far, far cheaper than the old terminals, and the rates for using new companies like Square, Intuit, and PayPal are much lower than the typical old bank rates for the old credit card readers.

Comment: Re:I think it's about time... (Score 4, Informative) 76

by plover (#48639775) Attached to: Staples: Breach May Have Affected 1.16 Million Customers' Cards

I think it's about time we implemented some sort of single use credit card system.

That's how Chip and PIN works. Your account number is still fixed, but your authorization to spend from it (your PIN) is encrypted by the chip, and is valid only for a single transaction. There are still kinks with non-electronic transactions, but those can be solved.

Look for it to be all over the US by October of next year.

Comment: Re:How about ignoring it? (Score 1) 453

by Fjandr (#48637639) Attached to: Colorado Sued By Neighboring States Over Legal Pot

9th & 10th Amendments. Unless it's a power granted to the Federal Government, or reserved by a State, it's a right retained by the people.

Unfortunately, the Supreme Court has ruled that even the most tenuous, indirect link to interstate commerce creates Federal jurisdiction, which means only those rights specifically enumerated are actually protected in their eyes.


Researchers Discover SS7 Flaw, Allowing Total Access To Any Cell Phone, Anywhere 81

Posted by Soulskill
from the just-in-case-you-were-feeling-safe-and-secure-today dept.
krakman writes: Researchers discovered security flaws in SS7 that allow listening to private phone calls and intercepting text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available. The flaws, to be reported at a hacker conference in Hamburg this month, are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network. It is thought that these flaws were used for bugging German Chancellor Angela's Merkel's phone.

Those skilled at the housekeeping functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption (Google translation of German original). There is also potential to defraud users and cellular carriers by using SS7 functions, the researchers say. This is another result of security being considered only after the fact, as opposed to being part of the initial design.

Comment: Re:Marijuana is still illegal everwhere in the US (Score 1) 453

by plover (#48633007) Attached to: Colorado Sued By Neighboring States Over Legal Pot

Supply, demand, taxes, and regulations all combine to control the prices. If people are willing to pay X, and you're selling all your product, why would you reduce prices? All it would do is lower their profits; if they're even making any.

My guess is there are a lot of hidden factors, like big insurance costs. Most insurance policies have an exemption so they don't pay out if you're doing something illegal. This means they may have to self-insure, or find a company willing to take on the risk of a federal bust - and that likely isn't cheap. Maybe the state has a tax rate designed to keep the costs high to minimize chronic abuse. Maybe the costs of physical security are high. Likely all of the above will continue to keep prices very high.

Comment: Re:Why Steam? Why? (Score 1) 156

by clickety6 (#48625755) Attached to: To Fight Currency Mismatches, Steam Adding Region Locking to PC Games
If you can afford to sell a game developed in America to Russians at a high enough price to make a profit, then you can sell the same game at the same price outside Russia and make the same profit. Or will the games companies sell at a loss to Russia, essentially meaning that non-Russians have to subsidize Russian sales?

...there can be no public or private virtue unless the foundation of action is the practice of truth. - George Jacob Holyoake