Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Comment Re:Good for them (Score 1) 148

Selling it the black market is only half the part, not getting caught is the important part. More damage a exploit can cause Groupon ( i.e. higher the value on the market) more the chances law enforcement will be knocking on your door.

Companies like Groupon face a higher risk from dissatisfied(or the dumb ones exposed to phishing/social engineering ) employees leaking information than from external exploits, so they are screwed anyway if white hats/employees start acting in bad faith. They are counting on good faith of majority of the players and possibility of punishment via law enforcement to save them.

Comment Re:Good for them (Score 1) 148

No he is saying experts will still participate in programs because it is not too much effort and possibility of a payday will keep them in the program, despite poor track record of these companies.

Obviously you would loose the best experts who will spend the time and have the expertise to find the most obscure vulnerabilities. If those researchers where not interested at all in the program ( too small bounty for the effort, groupon track record etc) then Groupon losses nothing by having stingy payment policies.

Comment Re:Untraceable (Score 1) 152

If tracking cash transactions were as easy as you make them out to be, every illegal laundering from drugs to arms would have been long shut down.

a unique serial number is not personally identifiable by itself. Cash is far more anonymous than bitcoin, yes people can theoretically track it, with bitcoin EVERY transaction is by definition recorded. With cash some transactions maybe recorded, retailers do not necessarily record the serial number of every bill of each transaction, while that is certainly possible it is still not common place. Even if all were tracked in the U.S. there are still plenty of holes in your graph, making it difficult to every get anywhere near full picture, primarily due to the nature of U.S. currency. Plenty of people in the world use $ as their medium of exchange, these people who feds have very little control over and can do little to track either.

Comment Re:Untraceable (Score 1) 152

This is BS, Crypto-currency has very little to do transaction privacy or central control.

if you are worried about privacy of transaction then use cash! .. does a $100 bill hold any "personally identifiable information" barring some trace DNA or fingerprints? central entity controlling has nothing to do with privacy of transactions. cash is controlled by a central entity, yet it is near anonymous. Not being governed by a central entity is a stupid reason for alternative currency.

If you want use anything that has no value on its own as money be it paper (cash), plastic, or Hashes as a store of value, then you will have to trust someone to enforce it. Otherwise you are going to have volatility, and people losing money in scams just look at the ones happening in bitcoin.

Comment Re:As a big comixology user, this *sucks* (Score 1) 244

1. They develop and maintain the marketplace
2. They process your transaction, run the payment gateway that interacts with dozens of banks in 100+ countries. they process transactions to the developers as well
3. Pay their transaction fees to banks and VISA/MC
4. Develop and maintain the SDK, and IDE etc that help the developers build the app in the first place
5. Keep your personal credit card info safe ( Then again, Perhaps not :( )
6. You may use your data plan but apple still has to host the files on their servers, considering the amount of free apps downloaded, the deployment costs are certainly non trivial
7. Most importantly ensure significant user base is there for the developer to sell to, through marketing strategies like cross subsidy( sell you cheap phone, and recoup in app purchases)
All this of course does not mean they have to charge 30% margin, but certainly the cost is not trivial.

Comment Re:Saves about $38 million in taxes (Score 4, Insightful) 86

Very rarely the number of people directly employed makes the difference, If Microsoft is spending $1 Billion in the state, it will probably source significant % of components locally( usually part of any tax break agreement), that will generate lot of business for the local economy, the vendors will in turn will be ordering components, magnifying the effect on the economy, the state tax on all these other transactions will perhaps offset the breaks given to Microsoft.

On the other hand, paying 84 people for 6 years will do very little for the economy by itself

Comment Re:No Good Solution. (Score 1) 188

Different people are motivated by different things: security,money, or street cred,or just for fun, the reporter is under no ethical,legal or moral obligation to disclose to anyone in any manner; he is not the manufacturer it is not his fault the bug is there or his responsibility he did not built software/service using the buggy software that people paid for.

Preferential disclosure done which ever way is bad. Chances of black-hats getting hold of it becomes higher, if *some* special people know of it before others; what guarantee is there some dissatisfied employee won't leak it. what makes google, or Red Hat more special than Average Joe running his applications on top of OpenSSL with potentially compromised keys ?

Responsible disclosure has to be fully public; it ensures the manufactures fix it faster; there are vendors who fix zero-days only if they get exposed public exposure. just look at the way oracle fixes java zero days.

The trouble with being poor is that it takes up all your time.