I would hope the EMV standard would not allow private keys to be read.

What's more likely is that they are either:
(1) Running the system purely using the simulated Track data (magnetic stripe) on the card, skipping most of the EMV process apart from potentially rotating the card verification code; or
(2) Quickly walking through all the EMV steps, providing fake data (transaction amount, etc.) if the card requests it.

Either would seem to weaken the standard a bit.

Someone from VISA would have to clarify what they came up with to avoid speculation.

The algorithm *was* pull the last number off of the list.

As of June 25, 2011, that is not the case anymore.

That said, this does not help any of us that are less than 4 years old.

Echoing another commenter, you could have just taken the RTD Skyride bus service downtown (and to some other areas). It runs at least hourly, and more often during weekdays.

The cost to/from downtown when I took it last year was $11 each way cash, or $20 for a round-trip ticket booklet (available at the RTD booth in the airport and probably a few other locations).

While the majority of comments so far seem to presume the condo association wants to run their own ISP, there is no reason in most of the United States that they have to do so.

Just like your condo association should be able to get "bulk cable", satellite, or Uverse/FIOS/IPTV service, you can purchase bulk Internet in a similar manner. You can even combined bulk TV, Internet, and/or phone service if you want. Even satellite companies have partners who can take care of Internet service nowadays, or can use Ethernet themselves to distribute TV service to the building.

This offloads all the DMCA, etc. work to the service provider, although there are a few catches. The first is that you are paying for service to all units; if a unit owner does not pay their dues, state laws may prohibit you from cutting off service (and even if you could your contract still might require you to pay for it). The second is that most providers currently hooked to your building presume not everyone in your building is using their service; you will need to make sure they provide you enough bandwidth to cover the increased subscription rate.

The third item is that these tend to be long-term contracts; the longer you commit to, the better the potential discount tends to be. However these contracts also include clauses allowing automatic increases in rates.

I looked into this once for a condo association myself; and while a local survey suggested owners wanted such bulk contracts, when confronted with the financial costs (and our rate of non-payment) they tended not to.

Disclaimer: For mechanical engineers, I personally think that getting a PE often is a good move.

However since this is Slashdot, I would argue that for computer engineers this is not always true, or at least the easiest thing to do in the United States.

While completing college, I took and passed the Engineering-In-Training state exam for Electrical Engineering. I then worked for several years with various employers, some of which had PE's above or adjacent to me in the hierarchy; others of which did not.

The electrical engineering exam for PEs seems to be bending-over backwards to reverse the small percentage of licensed EE's relative to other disciplines. When I looked into this a year ago it was possible to take a purely computer-oriented exam without a lot of the power, electromagnetics, and other topics. The state certifying board where I currently live seemed more than willing to consider justification statements proving that work I did while not under the supervision of a PE could be credited as work experience.

At the time I also was a member the local NSPE/state society, attending meetings with lots of other PEs, and being flooded with offers of legal and civil engineer training courses.

But I never could get PE certification before my EIT expired. The catch was I could not find enough PEs that would be willing to sign of on me as a personal reference, largely because most felt uncomfortable with their knowledge about what I had done.

And since there are so many exclusions to when you can use the term "Engineer" without a PE in most states, I ran out of PEs to ask.

For Mechanical Engineers getting your PE often can be a good thing. But for Electrical Engineers and Computer Engineers especially it can be a chicken & egg problem.

I'm surprised that I do not see a link to the RISKS article about how a motorist was trapped in a traffic circle for 14 hours yet.

The technology in the RISKS entry was a bit more advanced (lane occupation detection) than what seems to be described in this article.

(And if someone cannot it figure out from the date, the RISKS entry was an April fool's joke; but a lot of people took it seriously at the time.)

I don't think many people are getting the point of this article, although I admit it is a bit confusing. While it is true that the article talks about alternative DNS systems and WHOIS; what Paul really seems concerned about is the part of the WHOIS system used to look up who is currently allowed to use a given IP address range, and is responsible for activity originating from it.

The current authorities which run this part of the WHOIS system have rules and restrictions about how and why IP address blocks on the Internet can be assigned from one party to another. Among the things cited by the article which currently are not permitted are obtaining IP address for perceived future needs when you have not already exhausted what you have, or simply buying IP addresses for no use at all speculating they can be sold for more money later.

Some parties do not like these rules, and want to establish their own system for buying and selling IP addresses which is not subject to the rules currently in place. They could kind-of do this right now, but the transfer of ownership would not be recorded in the old system.

This is potentially a bad thing, as suppose someone attacks you from IP address 1.2.3.4. And for some reason, reverse DNS on that IP address fails to work. If there is more than one system tracking ownership of who currently has the right to use this IP address, how do you find the right administrator to contact? And what if someone updated their contact information or the fact the IP block had been sold in one system, but forgot to do so in another?

If you have any student loans, universities in the United States are required to report your last date of attendance, if you are attending at least half time or not, and other information to the National Student Loan Data System. This may be an automated way that they are trying to get information for this.

While I imagine universities are not going to rush to using the last date you showed up in class versus the current date for refund and grading (withdrawal with no grade versus withdrawal-failing/withdrawal-pass, etc.), I could easily see universities using this data in the event of a grade dispute or similar issue.

A slightly clarification here:

UMA service with T-mobile is basically a way to use 802.11 access points as an alternative "cell phone tower" with T-mobile. Nothing stops you from using a UMA-capable phone with standard GSM cell phone towers (unless you tell the phone not to).

In general, T-mobile bills UMA calls *the same* as calls started on the cell phone network. So if you have a post-paid plan, UMA usage typically comes out of your normal minute bucket(s); if you are using a $0.10/minute pre-paid plan, you pay $0.10/minute (as the previous poster mentioned).

There are NO additional fees required for UMA calling versus GSM calling. Turning on 802.11 support might reduce your phone's battery life between charges though.

That said, there used to be some add-on plans which allowed unlimited UMA-initiated calls for a flat rate. But these no longer seem to be offered. In general, the future of T-Mobile's UMA service is unknown, as it is primarily Blackberry phones that tend to support it.

While they may sound different, the Cloud Computing security problem seems to be almost identical to any other Digital Rights Management problem. Both are concerned with only exposing what the information owner wants exposed to the underlying hardware/provider/user/etc.

It's just a question of whose "Cloud" you are trying to secure information on, and who the "user" of said information is supposed to be.