> You say it like this is a new thing though. It's not.
Where are my mod points when I need them?
> You say it like this is a new thing though. It's not.
Where are my mod points when I need them?
Real security costs a lot in both in productivity and in dollars.
Customers, for the most part, are unable to tell the difference between a supplier that has good security and bad security. (And yes, some high cost suppliers have terrible security, there's no guarantee that better price means better security).
Guess which companies can offer a cheaper product?
From observation, I'd say that most suppliers who took security seriously have gone under. Everybody promises excellent security, so from the customer perspective, they're identical, and thus naturally the customer chooses the cheapest. If there's a security issue, then the customer gets ticked, and switches to another low-cost supplier.
And of course, the same applies whether the customer is a business or an end-user. When was the last time you checked the on-line security of the store where you went shopping? The only survival strategy is to go cheap, and pray you don't get unlucky.
(Of course, the reality is a somewhat more nuanced, but the pressures are absolutely in the direction I describe.)
> your info is only as secure as the computer systems at the retailer/processor.
Actually, this is *not* the case. The man in the middle could steal your PIN, but without physical access to the card (i.e. stealing it) or a completely incompetent back end implementation, he can't recreate a successful transaction. In other words, the cards cannot be skimmed (by any tech we have now).
The cards are a lot more costly ($5 instead of pennies), and it won't stop someone stealing your card. But it's been very successful in stopping large scale skimming operations, which are the majority of fraud.
Thanks for the reply. I'll admit I'm mystified. Even a bad implementation would have taken a lot of effort to break (make a clone EMV chip for less than $10K? Maybe now, but then?) and the fact that the date changed would pretty much be an indication that a cryptogram wasn't sent at all in the fraudulent transactions.
My suspicion: The magstripe got skimmed even if the original trans was EMV. If the ABM design was like our Canadian ABM designs, you can still get your card skimmed when you put it in (it eats the whole card, even for EMV). It's simply that the mag-stripe info is useless unless you go to the States (and you can bet that Canadian banks are paranoid about ATM fraud coming from the States...) If it was early in the switchover, it would be easy to find mag-stripe only terminals.
I'm incredibly curious how they managed to skim an EMV card. I've never heard of that being done and I would have thought that would be big news. (Unless the card was using static authentication, which apparently a few UK banks did when they first implemented EMV - EMV was an incredibly rushed job (when first implemented) in Europe, as they were just sinking beneath a tidal wave of fraud.)
Duplicate transactions don't work, because the cryptogram is unique (unless the bank disabled the transaction counter, but that would be idiotic.)
Of course, the fraudsters can steal the card and observe the PIN, but that's not the sort of thing that organized crime can do to steal millions, which is the real threat.
Now of course, if they simply skimmed the mag-stripe off your EMV card, that's a different matter. That won't be fixable until mag-stripe only ATMs are disallowed your bank's inter-bank networks, as in Canada.
The fact that EMV (chip & pin) is not perfectly secure is *massively* less of a problem than credit/debit card skimming.
ATM fraud has been squeezed out of pretty much the rest of the world and is migrating to the USA in droves. When Canada switched, ATM fraud basically killed organized rings. These rings are reluctantly moving to the US (a draconian justice system does have *some* upside) and along with an small army of engineers working on whisper thin skimmers and business ideas like ATM fraud franchises, things look pretty scary if the US doesn't switch.
The downside is, unlike Canada, there's no single inter-branch network like Canada that can kick members off who don't upgrade. Instead there's thousands of banks who may not want the expense of switching to EMV. And as long as there are any mag-stripe only ATMs on the network you belong to, you're vulnerable to having your cards skimmed. So, the US will have it much tougher. (POS fraud is not nearly as big a problem. It's pretty hard to get $100K out of one POS terminal using 2,000 cards without the operator getting suspicious. And then you take a massive loss fencing the goods. ATM is what organized crime goes after.)
On the upside, the US is on the forefront of real-time risk assessment of transactions. They're getting better and better at assessing suspicious transactions. Still, there'll be more and more false positives as fraud goes up, so remember to carry multiple cards...
> He's a contractor, why does he care if the original designer gets the credit?
Bingo. I generally do my best to make certain that the permanent workers get credit where it's possible to do so. If there's a permanent worker who is completely incompetent, then I'll simply refrain from praising them to management. Praise is not a zero sum game, bosses are not usually idiots, and a cordial work environment where people are happy to see and help each other is worth its weight in gold.
It's simply self-interest to endeavor to make everybody look good, and permanent co-workers will return the favor when the next job is available.
> I have found that what makes a good school here in a California school district is the PRINCIPAL
I'll second that sentiment.
My son's primary school had a bullying problem bad enough that it made the papers. The principal retired and a new principal brought in. Within a two years, it was a different school, and within three, she was getting the pick of teachers across Toronto any time there was a vacancy because teachers were desperate to work with a principal that was active, knew every student's name and personality, and most importantly of all, supported the teachers when parents were being difficult.
It took an amazing amount of work on her part, but she *made* the school. (The excellent teachers made the classrooms.) Watching her stand-down parents who wanted to make excuses for their child's bullying was eye-opening.
I was stunned when the grade 6 graduation speech by the students praised her specifically and at length for making them feel safe. When I went through primary school, the only students who even knew the principal's name were the troublemakers...
You are vastly more optimistic than I am. First, when a firm enters a totally new market, their odds of success are somewhat higher than a newcomer (better capitalization, better name recognition), but not *much* better. Lots of firms *could* have been Apple, but only 1 in a million succeeded. For a firm like Kodak, blessed with insane insight, I'd give it a 1 in 1,000 chance. Throw a multi-billion dollar company away on that chance? Not good management.
Now, more likely, they might have ended up like the camera division of the top two camera manufacturers together. In other words, still a shadow (in terms of profit) of what they were before (albeit still alive).
Once again, rational managers of successful companies keep milking for as long as possible. The number of firms that can successfully re-invent themselves is miniscule. (Well, less than 0.5% rounding down
Agreed, but that *still* would have resulted in a much smaller company than Kodak at its prime, which is my point.
I don't know how many CEOs would have the guts to walk into the boardroom and say "it doesn't look like it now, but in five years, we're screwed. So we're going to spend all of our R+D to get people to stop paying us money (i.e. buying film, etc.). If we're successful (in a market segment we know nothing about), we'll be 1/10 our current size. If we're unsuccessful, we'll be dead in 2-3 years. And yes, to be successful, we'll need total buy-in from all levels of the company."
I do, however, know how many CEOs would still have their job after giving that pitch.
> Well, to be fair, Kodak screwed themselves as well... they pretty much invented digital photography, but utterly failed to capitalize on it.
Well, yes and no. If Kodak had forged ahead in the digital revolution, they might be around now, but 1/10th the size, and more importantly, they might have started their destruction many years earlier.
Most disruptive technologies are things that massively shrink the number of dollars coming into the market. People don't buy much more X, they just pay 1/10 the price. When that's the decision you're facing, it often doesn't make sense to lead the charge to disintegrate your market. Far batter to eke out a few more years as a major player and then go down in flames than survive as a shell of the former company.
How many CEOs are congratulated in taking a billion dollar company and bravely leading it into becoming a $100 million dollar company? If they hold on for five years before the little fish get sufficient funding and mind-share and then retire, they can easily be thought of as the decent CEOs who retired before "that idiot who lost the company" took the reigns.
Another who understands that "deflation" is simply a conspiracy by the Trilateral Illuminati, who meet in Davos each year to develop new methods of sapping our vital bodily fluids.
Just like most mutations are unsuccessful, most creative ideas are not "welfare increasing", after all, the status quo came about for a reason and your idea has to be pretty clever to beat it in all, or even most, metrics.
Of course, on the off chance a creative idea *is* successful, we're all for it, but that's pretty hard to determine in advance. And more importantly, after the fact, all the discomfort from change (and one shouldn't underestimate how much change hurts psychologically) has already been paid for, so we can simply enjoy the benefits.
This reminds me of my youngest in grade 1 in tears at his math homework.
What is 1 + 1?
He scrawled 2.
How did you arrive at this answer?
"I just added them. But that's not what the teacher wants. Waah!"
I tried for 10 minutes to tease out the mental process from him, but he was well beyond using representational systems to add numbers. At this point, he just *knew*. Furthermore, my pathologically honest child could not lie at that age, so pretending he put two items together and counted them was right out.
So I pulled out my first year math text which was mostly "God gives you zero and the successor function and 450 pages from now we prove calculus", and copied the appropriate paragraph or two.
Teacher never said anything about it, and I didn't see another quite so insane question that year.
Sorry, I should have quoted the relevant line I was responding to.
Congrats, Cory. You've gotten on Slashdot several times in the past few weeks. Remember: it's important to keep your name in the news so that you can sell more books. Too bad your analysis is overly simplistic.
Your good nature will bring you unbounded happiness.