Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Ironicly, some older OSes are easy to "patch li (Score 1) 117

by hawaiian717 (#49041845) Attached to: Live Patching Now Available For Linux

That's how BootX (one of the Mac OS 8/9 Linux boot loaders for PowerPC Macs) worked. Mac OS would start loading, then a dialog would come up and you could select Mac OS or Linux. You could also run the application from Mac OS anytime after the OS was fully booted. In either case, when you selected Linux, it pushed Mac OS out of memory and Linux would start up.

Comment: Re:Not going to disappear quickly.... (Score 1) 293

by hawaiian717 (#48935521) Attached to: US Air Force Selects Boeing 747-8 To Replace Air Force One

The 747-400 is rapidly disappearing from the long haul passenger travel market. The A380 is being used on some high demand routes and on the longest flights (the current world's longest nonstop flight is Dallas-Sydney, operated by a Qantas A380). Virtually everything else is going to twins, with the 777-300ER proving particularly popular by providing near 747 capacity and range on two engines.

Comment: Re:Singapore Airport (Score 1) 168

by hawaiian717 (#48215163) Attached to: Austin Airport Tracks Cell Phones To Measure Security Line Wait

True about showing ID and tickets, but as far as I know, they don't record that information, they just inspect it. (I could be wrong on that one too).

TSA don't need to record your information at the checkpoint, because they already get it from the airline as part of the Secure Flight program.

Comment: Re:Chip and PIN (Score 1) 132

by hawaiian717 (#47821529) Attached to: Banks Report Credit Card Breach At Home Depot

A PIN is not required to use a debit card today. The vast majority of them support running the transaction either through the debit networks, where you use a PIN, or through the credit networks (Visa or MasterCard) where, today anyway, you sign. So the thieves can still steal the card number off a debit card and use it just like a credit card. The only difference is that your checking account is the money that gets tied up in limbo until it's sorted out, instead of the the bank's money (in the form possibly of your credit limit).

Comment: Re:article summary is wrong (Score 1) 51

by hawaiian717 (#47750897) Attached to: Aussie Airlines To Allow Uninterrupted Mobile Use During Flights

This is why I simply cannot understand United's new policy of buying aircraft with NO entertainment system at all, not even one where you can just plug a headphone in so you can hear the announcements.

United and other airlines are seeing the trend of more and more people bringing their own devices and using those, thus they can save several hundred pounds of weight by removing the inflight entertainment systems. US Airways did this a few years ago. Southwest never had a built-in system.

But your point about the built-in systems' ability to be automatically paused when the pilots and flight attendants make an announcement is an interesting one; something I hadn't thought about before.

Comment: Re:Digital stamping (Score 1) 144

by hawaiian717 (#47672897) Attached to: Telegram Not Dead STOP Alive, Evolving In Japan STOP

I don't know much about how PGP works, but with S/MIME, you attach the certificate containing the public key to the e-mail, as well as the encrypted ("signed") hash of your email.

The next question is how do you know the certificate is genuine? Well, that's why you pay VeriSign, DigiCert, or whatever your favorite Certificate Authority (the same people who create certificates for web servers) is, to sign your public key and issue you a certificate.

Your statement that PKI is hard is absolutely correct.

Comment: Re:This isn't why they had a security breach (Score 1) 210

by hawaiian717 (#46884387) Attached to: Target Moves To Chip and Pin Cards To Boost Security

I assume you're thinking of the eInk display as a way to protect web based transactions?

Rather than coming up with another scheme, I feel like a better solution would be a way to do EMV payments over the web using a regular smart card reader. Smart card readers don't seem uncommon in business oriented laptops already, and Dell and HP have smart card reader keyboards that they could just make the standard keyboard they ship with desktop PCs. It's possible to read EMV cards using regular USB card readers; the folks on FlyerTalk do it to read the CVM list off their card (that's how people figure out if a card is C&S or C&P priority and whether it supports offline PIN).

Comment: Re:Chip and Signature, not Chip and PIN (Score 1) 210

by hawaiian717 (#46883025) Attached to: Target Moves To Chip and Pin Cards To Boost Security

True about most US cards being C&S, not C&P. Or being both, but with C&S as higher priority and not supporting offline PIN (which is where the real trouble comes). From what I'm hearing, Visa is the one that's really pushing C&S in the US; MasterCard is pushing C&P. And since the new EMV Target cards will be MasterCards, there's reason to hope that they'll be C&P.

For the record, Walmart has also apparently been advocating C&P. They're also ahead of Target in rolling out EMV support, about 25% of Walmart US stores are actively accepting EMV payments.

Comment: Re:This isn't why they had a security breach (Score 1) 210

by hawaiian717 (#46882987) Attached to: Target Moves To Chip and Pin Cards To Boost Security

And this is where the October 2015 liability shift comes in:

If fraud occurs on an EMV card and the merchant hadn't upgraded to EMV and was relying on swiping the magnetic strip to process the transaction, the merchant has liability.

If fraud occurs on a non-EMV card and the merchant had upgraded to EMV, then the bank issuing the card has liability.

The result is banks are incentivized to upgrade to EMV cards so they can try to shift fraud liability to the merchant who hasn't upgraded to EMV terminals, and the merchant is incentivized to upgrade to EMV terminals to avoid the liability shifting to them.

Presumably fraud liability for EMV cards processed at EMV terminals remains where it is today (banks), and possibly everyone wonders "how did that happen?"

Meanwhile, fraud moves to card not present (read: over the Internet/phone) transactions.

Humanity has the stars in its future, and that future is too important to be lost under the burden of juvenile folly and ignorant superstition. - Isaac Asimov