Forgot your password?

Comment: This is fine for stored data after the fact ... (Score 1) 432

by davidwr (#47937831) Attached to: Apple Will No Longer Unlock Most iPhones, iPads For Police

... but I wouldn't be surprised if you start seeing requests for courts to order phone/internet providers and/or Apple to install trojans and/or man-in-the-middle-enabling SSL certificates on suspects' phones.

Then again, I wouldn't be surprised to find out 5 years from now in a leak or declassified-in-2019 document that this is already routine practice in 2014.

Comment: Is it time for per-transaction credit card #s? (Score 1) 59

by davidwr (#47937573) Attached to: Tinba Trojan Targets Major US Banks

Is it time for banks to start issuing "limited use" credit cards?

Personally, I would love to have:
* A general use credit card # good for transactions up to $SMALL_AMOUNT_I_SET per transaction and $SMALL_AMOUNT_PER_DAY limit unless I specify otherwise in advance. This would be of limited value to a data thief.
* A travel credit card # that is good only at $CERTAIN_TYPES_OF_BUSINESSES like airlines, hotels, gas stations, etc. and only for dollar amounts typical for the particular merchant unless I specify otherwise in advance. This would also be of limited value to a data thief.
* An internet credit card # that is only good for goods delivered to pre-designated addresses and with a pre-set daily and weekly limit unless I specify otherwise in advance. Likewise, this would be of limited value to a data thief.
* For merchants that have recurring charges, like my phone bill, a unique credit card # just for them, one that would be worthless to a data thief.
* A relatively easy but secure (yeah yeah, it's a trade-off) way to pre-authorize short-term exceptions like buying a refrigerator or a large Christmas-shopping trip. Preferably this authorization would require two independent communications channels, such as me calling the bank and talking to a live human and/or entering a code number printed on my monthly statement prior to going online and making the authorization.
* Alerts for any activity that is over any limit I set or otherwise meets any fraud-related parameter that I pre-set (some banks allow this today).

Comment: Give me a dedicated computer for banking (Score 1) 59

by davidwr (#47937461) Attached to: Tinba Trojan Targets Major US Banks

Dear bank:

Please send me a bootable CD or other read-only media (i.e not a USB memory stick) that I can boot my computer with when I want to bank and a "password of the month" needed to log in in addition to my account name and password. To authenticate the CD, please create a signed hash for the CD and publish it in every major print newspaper in markets that you operate and publish the algorithm used to create the hash and the public key needed to verify the hash.

If I need to access my account remotely from a device that is not booted with that CD or from a machine that is not in a secure location such as one of your branches or a cooperating bank's branch or an ATM operated by an ATM operator that you trust, I will either visit a branch or log in to a secure terminal and retrieve a set of temporary one-time-use passwords that are valid only for a short period of time, only for transactions which I pre-designate, only for devices of specific types that I pre-designate (or "any" if I don't know ahead of time), and only for devices believed to be in certain geographic areas (i.e. where I will be traveling over the next few weeks). Thank you.

Comment: Agree in part, disagree in part (Score 1) 283

by davidwr (#47937223) Attached to: FCC Chairman: Americans Shouldn't Subsidize Internet Service Under 10Mbps

I agree in general but I disagree in two key areas:

* Internet and telephone access to the poor should be subsidized for the same reason we subsidize food, housing, and medicine for the poor: Because in practical terms they are essential to function in American society. However, as a "necessity" the average person only need enough instantaneous bandwidth to talk, email, and browse the web. In most cases "slow DSL" speeds of 0.5Mbps is adequate, and in almost all cases 2-3Mbps is more than enough. If a poor person can pay $20 for subsidize 10Mbps service that would be more expensive without the subsidy, he can pay 100% of a $20 bill for unsubsidized "entry level" service from his local ISP or smartphone network provider.

* In lightly populated remote areas that are currently not serviced and where running new wires or fiber is impractical and radio or satellite is the only option that's remotely cost-effective, I'm fine using my tax dollars to provide 1Mbps service or even 0.5Mbps service if the alternative is either no service at all or spending significantly more for a legally-mandated 10Mbps service. However, this is contingent on either the recipient being a full-time resident (sorry, not for summer vacation homes) or some other public benefit, such as providing internet to a public park or roadside rest area.

Comment: Don't Do it! - no growth, career limiting move. (Score 3, Insightful) 263

by landoltjp (#47926099) Attached to: College Students: Want To Earn More? Take a COBOL Class

Yes, sounds great. Make 10K more out of the gate. And if you're finding it tough to land a job right now, what a DEAL this is! You're employed! You're really needed since the number of COBOL programmers to support legacy systems are dying off (figuratively and literally).

There's the catch. They've got you. You don't know it, but they know it.

Next year, your fellow grads who got jobs are learning TONS of new things, other skills. Team building, real life design. Team leadership. They're getting mentored perhaps. They'll make their way up to intermediate, then senior developers. Maybe into architecture.

But you're still slogging through COBOL code. Supporting legacy systems.

And they can't afford to lose you, so your company (A Bank most likely - not the fastest moving group in the world (and I know since I've worked for three)). So you're still COBOL programming. But, y'know, thanks for the effort. Here's a 2K bonus.

Uour friends are now 2 years along in their careers, they're moving to new jobs, making 10-20K more since they can show job experience, skills experience, and real-life development qualities.

You're even or a bit behind, pay-wise. But they're going places. You're about to stand still, career-wise.

In a year they shoot past you, and that's that. You're standing still. Cost-of-living increases if you're lucky. But hey! We at the bank really appreciate it. So here's a nice mouse pad, and the latest patch release for COBOL on the Z-Frame.

So, no movement here. What to do? I know!! Other companies need COBOL programmers. I'll play the field and see who will throw me more money.

Great. You make a bit more money. Doing EXACTLY the same thing, somewhere else, with little if any career growth. It's possible you will always have a job, since COBOL is entrenched, and not going anywhere. But that's all you'll ever do. That and cut 1650 reels with your teeth.

Don't Do it. It's a trap.

Comment: Depends on the minor and the job (Score 1) 391

by davidwr (#47919375) Attached to: Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

For technical jobs a tech degree with a non-tech minor is generally better than a pure tech degree, but a tech degree is generally better than a non-tech degree.

For non-technical jobs a non-tech major with a technical minor usually beats a pure-non-tech degree. As to whether that's better than a tech degree with a non-technical minor, well, there's too many variables to make a general statement one way or the other.

A good hiring manager would consider "equivalent life experience" paid or not (yes, serious/huge-time-commitment hobbies count) as good enough to substitute for the lack of any particular class or program of study.

Personally, I wish I had had the time and money to take a couple of business classes, a couple more humanities classes, and maybe a fine art class but my degree program was 9 semesters of almost-all-tech with just the university-minimum-requirements for non-tech stuff as it was and I didn't want to extend graduation nor did I want to increase my tuition bill.

Comment: Only if the cops don't cover their tracks (Score 1) 286

It may affect the prosecution of those detained in the War on Terror too, if judges recognize illegally-obtained evidence and the subsequent evidence produced from it. That could well mean problems with interrogations, and given that this ruling cited a problem with military justice, there's a possibility that such rulings could apply to military tribunals too.

You are probably correct in cases where the cops aren't hiding things from the judge.

However, if one set of cops uses illegal means to find that a suspect did a crime then anonymously tips off another set of cops with enough information so that they could get a conviction if the tip had been given to them by someone outside the government then it's very unlikely that the shenanigans will ever be uncovered and it is very likely that the conviction will stand.

This "investigate once and ignore the rules, then do it again legally to cover our tracks" technique has a name but I can't remember it now.

Comment: Re: Posse Comitatus Act (Score 1) 286

Only the supreme court can act to affect the results of past laws on past actions..

Lower courts do it all the time.

Well, the president can grant a pardon, but that doesn't absolve guilt, it just removes punishment.

Legally speaking, an unconditional pardon removes guilt. Moral guilt doesn't even depend on getting caught, it only depends on some absolute standard of behavior to which a person's actual behavior can be measured against.

Comment: Not always Re:You have all been trained... (Score 1) 286

But the media is doing the damnedest effort to convince the people that if police accuse someone he is certainly guilty of something and it is a matter of digging deep and broad enough to nail him.

Not always.

Take that NFL football player who was indicted last week for child abuse. He's not contesting the facts of the case. The media isn't rushing out to tar him as a child abuser, they seem to be waiting for this one to play out in front of a jury. I wonder how the press will react if a Texas jury looks at the undisputed facts and declares that his actions did violate Texas's child-abuse laws. My bet is that a few press outlets will be calling for change but most will not.

On the other hand, if the NFL doesn't hold him accountable in accordance with whatever policy was in effect at the time of the actual acts then the press will tar and feather top NFL officials - an act doesn't have to violate a criminal law to be so socially unacceptable that organizations like the NFL cannot be seen to tolerate it.

Comment: Bad policing is bad for multiple reasons (Score 1) 286

1) It denies innocent people their rights.

2) Because it rightfully results in guilty people going free, actual victims may be denied justice.*

*For the sake of argument let's assume I'm talking about a crime where everyone agrees there is an actual victim e.g. burglary, assault, etc. - I acknowledge that at least a small percentage of /. readers (NOT including myself) may consider typical cases of possession or downloading child porn as being a victimless crimes, making this particular case less than ideal for supporting my argument that bad policing is bad for the 2nd reason stated above.

Comment: It's going to be done anyways (Score 1) 119

by davidwr (#47897567) Attached to: The Challenges and Threats of Automated Lip Reading

You can bet your $THINGOFVALUE here that the CIA and similar organizations are already researching this if they don't have it already.

Like handwriting recognition this will be full of examples of "bad output" in the early days and there will always be cases where lack of context and/or deliberate obfuscation by the speaker makes this unreliable.

Let's just assume that this will be as reliable 5 or 10 years from now as automated face recognition is today and within 20 years both will be very reliable. What do we do about it as a society? Do we pass laws and adopt social norms such that only "authorized" people can use this technology? Do we pass laws requiring that people be put on notice if their lips are being read by a computer without a court order or something similar? Do we become a society where people just expect that anything they say in public will be picked up and understood by a computer, likely in real-time?

There are three kinds of people: men, women, and unix.