ATMs can be had for ~$2k on ebay
Hell, there are even ebay listings for companies that'll ship you an ATM for free, have somebody come out and fill it with money, and give you a percentage of the surcharges they collect from cardholders.
It's called a "Prepaid Card".
Several are listed here. but you should be able to walk into walmart, kmart, target, and many grocery store chains and buy a prepaid MasterCard or Visa card.
And if you can buy the card there, you can walk back in there with the card and a handful of cash and say "Put this money on here." and have them do it for you.
I would imagine that there are two distinct major camps of people that work for Raytheon and similar companies. People that feel that they are doing the right work, and people who just don't think about it at all.
You might argue that they're a subset of the second group, but there are people who have thought about it but can honestly say they really don't care.
To quote Tom Lehrer on Werner Von Braun, "Once the rockets go up, who cares where they come down? That's not my department."
Who else would have to foresight to include embedded executable code and a javascript engine in a print document format?
It's even worse than that. Take a good look at version 1.7 of the PDF spec
From section 7.11.4.1 of chapter 13, which is titled "Multimedia Features"
If a PDF file contains file specifications that refer to an external file and the PDF file is archived or transmitted, some provision should be made to ensure that the external references will remain valid. One way to do this is to arrange for copies of the external files to accompany the PDF file. Embedded file streams (PDF 1.3) address this problem by allowing the contents of referenced files to be embedded directly within the body of the PDF file.
And worse yet, quoting from one of the descriptions of flags in table 44:
(Optional; PDF 1.2) A flag indicating whether the file referenced by the file specification is volatile (changes frequently with time). If the value is true, applications shall not cache a copy of the file. For example, a movie annotation referencing a URL to a live video camera could set this flag to trueto notify the conforming reader that it should re-acquire the movie each time it is played. Default value: false.
In other words, you can ALSO embed the LIVE feed from your webcam in a PDF document.
You could just go to your doctor and get prescribed a medication for ADHD.
Most of the ones that typically get prescribed are in the stimulant category, some of which are amphetamine-based.
Nope. Sorry. You fail.
It's active if someone actually had to act with intent.
If all they had to do is start a service that by default sent its output to syslog, that's definitely passive.
Besides, disk is cheap.
The Ramses works great... As long as the missile's radar guided.
Looks like sticking your dick in a belt sander.
Except, you know, for the lack of sand or other abrasives.
I assume this is more along the lines of what you were hoping for?
If all you were able to do is listen to the network traffic, then yes, you're right.
But we're talking about a special case here, where the online banking is being done from within a VM. In that special case, malware installed in the host OS can monitor both the keystrokes and mouse events that are going to the VM in addition to the network traffic.
If I were going to write malware to try to steal usernames and passwords for "interesting websites", I'd wait until I saw network traffic to one of those sites, and *then* start logging keystrokes and mouse events. The fact that the network traffic is HTTPS doesn't matter. All that matters is *where* it's going, and HTTPS doesn't hide that. I don't care about the payload of the packets or what pages you're requesting. All I care about is the DNS name of the computer you're sending data to.
When the malware is installed in the same machine (real or virtual) as the online banking, you can log only the keyboard and mouse events that are beingg sent to the web browser and ignore everything else. What I proposed above allows you to further limit the data you have to sort through by only logging the keystrokes that are likely to result in data being sent to the websites I care about.
If there's a VM between the malware and the browser, you can no longer monitor just the keystrokes going to the browser -- you have to sift through *everything* that's being sent to the VM. But you can still use the network traffic to provide you with some context of what is likely to be interesting and what isn't.
Yes, it's still a child who was killed senselessly, and a tragedy.
That being said, in this case, the child killed herself, and the parents (step- included) are going to suffer for it.
If she had killed someone else's child, it would still be a tragedy, but then two families would suffer.
Plus, in addition to whatever action the police and prosecutor's office felt justified, you would likely also have "Wrongful Death" and other civil charges pressed, tying up a court, judge, and jury.
To make a one-word change to the parent's comment to make his intended meaning more clear:
"Sites that require flash or javascript for navigation are an abomination."
I'm all for technologies that allow form interfaces to be more intuitive and that reduce the amount of unnecessary traffic.
But said technologies should not be relied upon, exclusively, to provide a functional interface to a site.
Worse yet, sometimes,individual cities levy income and/or property taxes against their citizens.
So, you could end up having to file federal, state, county, and city tax returns.
The problem isn't between Moonlight and Netflix.
The problem is that Microsoft isn't allowing Moonlight access to the PlayReady DRM SDK used by Silverlight. Which means Moonlight can't play any DRM'ed files. Which means Moonlight can't play netflix content, despite really wanting to.
Here is a thread on Microsoft's Silverlight forum discussing the matter.
You knew the job was dangerous when you took it, Fred. -- Superchicken
