Become a fan of Slashdot on Facebook


Forgot your password?

Comment this is good for press blasts (Score 4, Interesting) 174

Right now people have taken to including a picture of text in their tweet when announcing big stuff. This is a disaster. It doesn't wrap well for different screen sizes and it makes things hard those assistive devices for poor sight, as they are better at reading text to them than communicating pictures.

Something must be done. Maybe this is the right fix.

After we fix that we can go on to eliminating vertical videos.

Comment what is a "cell phone ping"? (Score 4, Interesting) 127

And how does it reveal your location?

Does this mean some kind of peer-to-peer WiFi or Bluetooth? I don't understand.

If it's cellular, then the phone is either reachable or it isn't, that doesn't change based upon how near you are to the other phone.

Are they saying they just used a built-in location service to find it?

Comment yep, but that's not necessary in the US (Score 1) 317

Consumer fraud protection in the US means you're not liable if they copy down your details. And the companies seemingly would rather do it this way, it saves money in the end, even though any fraud that happens raises their clearing fees. Remember, there is nothing stopping US restaurants from bringing a portable transactor to your table. Those things read swipe cards and PIN cards just fine. So if they aren't doing it by choice, there could be a good reason.

It does reduce waiter back-and-forths, but is that really the limiting issue? The waiter bringing the reader and waiting while you use it increases waiter time spent which costs money.

If you want to go fast, ask your waiter to do the job fast. Otherwise, the restaurant can save money by having a pile of those little trays/folders and waiters picking up and running 3 at a time.

Comment we pay, but changing it isn't free (Score 1) 317

Stolen card fraud is something we all pay for. But requiring PINs would require making all CC readers face the customer. That costs money. The CC companies also surely worry people won't remember their PINs and will thus not use their CCs. And then there's that chip and PIN is even slower than chip and sign which is already slower than swipe and sign.

There are a lot of different factors in a lot of different directions. This is the decision they came up with, it hardly seems terrible.

Frankly, given that clearing fees are being jacked so companies can take a bigger cut just to give "cash back" I don't know we'll notice the fraud rate difference between chip and PIN and chip and sign.

Comment you never eat in restaurants? (Score 3, Informative) 317

In the US, table service restaurants virtually NEVER have customer-facing credit card readers.

Bars don't either.

In both you give them your card.

Really the places that do reliably have them facing customers are retail checkouts and anything with a self-serve kiosk.

Comment it's not the retailers, it's the cards (Score 1) 317

US chip cards are set to "prefer signature". Many of them don't have PINs at all.

It's less secure, but likely it doesn't matter. Part of chip and PIN was designed to blame the customer for all in-person fraudulent charges on the idea that if your PIN was entered, you must have been there (and not just your card). This does not pass muster with US consumer protection laws, so there isn't a lot of reason to go to chip and PIN in the US.

Not that chip and PIN wouldn't work, I think the retailers just saw it as too much hassle to make all merchants put in card readers which face the customer instead of the employees.

Chip and sign cards cannot be cloned. That's what adds the most protection anyway. Especially since much stolen credit card info from around the world has been used in the US since you could make a cloned stripe card from account info for chip and PIN cards and then use it in the US.

Comment he did this work under contract to FireEye (Score 5, Insightful) 108

If you do work for hire, you do not control whether you can publish information you discovering doing that work.

And what kind of security consultant airs his customers' dirty laundry? Not one that wants future customers.

If he had found this on his own, it'd be his call. But if he did it for FireEye, it's FireEye's call.

Comment No, you don't have to add a bios chip (Score 2) 242

You're wrong.

The parameters can be set by the bootloader and a digitally signed. There is no need to make 3 different chips for 3 different units. Just put the parameters in a payload with the target serial number then digitally sign it.

Then in secure code (either in ROM or loaded from flash by a ROM and checked before running) you load those parameters into the radio before proceeding.

This would add no cost (or trivial at best). All you need is an unchangeable unique ID. Everything else can be in the existing flash storage. It would add some complexity.

Why would a manufacturer do this? Because the FCC would mandate it.

You do not need a separate firmware for the radio, you design the radio so that these values become read-only after set. Then the entire driver can be modifiable (open source) it just can't modify that data.

This can be done relatively simply and for no additional cost. So no, the FCC wouldn't be banning open source, simply changing how the systems which use open source must work. And in a way that is really easy to roll out.

Comment they don't ban installation of open source (Score 3, Informative) 242

It simply requires the hardware to be designed such that if you install open source, you cannot modify the radio to use frequency bands and powers that it is not supposed to use.

And this is easy to do. Just put in settings to limit power and lock out bands and make those settings irreversible until a full system reset. Then make the bootloader set those settings before running the installed OS.

Then the OS can be open source.

It would be absolutely fantastic if people would be rational about tech news. Tech people/netizens are starting to sound like my grandfather now. Every change is something to be feared. OBAMA IS GOING TO TAKE YOUR GUNS! The people running the FCC are people, just like you. They aren't demons or out to get you. Try to work with other people you haven't met instead of exhibiting xenophobia.

Slashdot Top Deals

Just about every computer on the market today runs Unix, except the Mac (and nobody cares about it). -- Bill Joy 6/21/85