Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Irony of ironies (Score 1) 167

Which is worthless if the payment terminal is compromised, because the card can't know it the payment terminal is sending out messages on its own behalf or on behalf of another hacked payment terminal on the other side of the country.

Transaction log:

  • Terminal 1 gets a chipped card that it recognizes as "special". It contacts a C&C server and finds Terminal 2.
  • Terminal 2 reads the card number from some poor sucker's card and sends it to Terminal 1.
  • Terminal 1 relays the response to the card provider.
  • The bank sends back transaction info.
  • Terminal 1 relays that to Terminal 2.
  • Terminal 2 sends it to that same poor sucker's card for signing, gets the response, and sends it to Terminal 1.
  • Terminal 1 relays the signed response to the card provider.

As far as the card provider is concerned, the card physically present in Terminal 1 was actually used in Terminal 2.

Comment Re:Misjargonization (Score 1) 354

It might be an archaic term, but they've been in the business for a lot longer than you have (or you would have recognized the terminology).

I recognize the misuse just fine; I've been at this since the 1960's. Front panel toggles, punchcards and paper tape are wholly familiar to me, as are arranging diodes in a matrix and building CPUs out of RTL and TTL. The fact that I recognize the misuse is not motivation to appreciate it, any more than I would if some non-contemporaneous Babbage-era use of "gears" was suddenly thought to be a good idea to use as the go-to word for software, or if someone referred to a modern day stick of RAM as "core", or if someone insisted on referring to computers in general as abaci.

The industry is well centered around particular terminology right now and has been for decades. That's the terminology to use, unless you want people focusing more on what you said, than what you meant. Which tends to lead to the wrong place no matter what you do. Particularly in engineering. Words matter. Being sloppy is costly.

Comment Misjargonization (Score 4, Interesting) 354

Referring to software and applications as 'codes' is common in many industries (example "here). People that use such terminology are of much higher than average intelligence.

And so they have even less excuse for their mangling of the terminology, and definitely should be smiled at, nodded to, and ultimately, ignored other than when they have some kind of arbitrary coercive power over you, in which case, do it in your head anyway.

If you walk up to a nuclear engineer with your 140 IQ and ask him to "turn up the atumz", he should probably just call security and have your ass thrown out on the street.

Seriously. If you don't know even the basics of an industry's terminology -- it's time to leave off trying to involve yourself until you get that handled. If you do.

Comment Re:Irony of ironies (Score 1) 167

The chip doesn't do that much, really. Most attacks on credit cards for the past decade have been attacks on the payment terminals themselves, and there's nothing fundamentally preventing someone who has already compromised a bunch of payment terminals from setting up a C&C server, and using it to let them make purchases for free by making the payment terminals recognize their chip in some way and relay the request through a different payment terminal to somebody else's card.

The only thing that would truly increase security would be having a screen on the individual card that shows the purchase info and a button on the individual card that lets you authorize it. As long as the information display and the authorization keystroke are handled by a potentially insecure, Internet-connected device, the biggest security problem with these systems cannot be solved.

Comment Re: I find this thoroughly unsurprising (Score 1) 343

Like the traffic isn't already loud? Besides, they could be a little smarter about it and use RADAR to determine if traffic is moving, and honk the horn if nobody moves after two seconds. That would make it less frequent, but still nearly as effective. And drivers would quickly learn to pay attention to avoid the honk, so this would also have the effect of making itself moot.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

It would be nice to have a traffic light alarm feature, but that only helps if all the cell phone users buy new cars. That feature would have to have been made broadly available in new cars at least 15 years ago to be broadly effective today. By contrast, an air horn on particularly problematic traffic lights can be deployed today and is immediately effective at solving the problem.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Better than ruining the lives of anyone living within earshot of an intersection (except, perhaps, the deaf) how about an ignition interlock system? If your car detects the driver using their phone in conjunction with unsafe driving practices...

Remaining stopped at a traffic light, assuming other drivers are not driving dangerously, is not unsafe. Therefore your proposal wouldn't help at all unless those drivers are also using their phones while driving badly.

Besides, it doesn't take an insanely loud air horn to get people's attention. It just has to be loud enough to be heard inside a car with the radio playing—no louder than a car horn. And if you embed it in the pavement underneath the car and use constructive interference correctly, you should be able to create a directed burst of sound that would be loud to the person in the driver's seat of the frontmost car, but quiet everywhere else. After all, the vehicle that fails to move is almost invariably the frontmost vehicle. The drivers of other vehicles typically notice motion in their peripheral vision even if they are looking down at their phones.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Cars still don't drive themselves, and very few cars percentage-wise even have collision avoidance, which is the only sort of safety feature that can possibly significantly reduce the rate of collisions among people who truly aren't paying attention to the road in a dangerous way.

The reason cell phone use doesn't cause the huge number of crashes that were predicted is much more obvious: 99% of the time, a driver doesn't actually need to do anything, even without self-driving cars, because most of the time, the road is straight, and there isn't something in front of you. And unlike drunk driving, people don't typically use a phone continuously, so the probability of overlap is small. That makes the risk of cell phone use inherently very low even if it is technically a risky behavior. And if we assume that most people choose when to use the cell phone based on the conditions around them—at traffic lights, on long straight stretches with no visible cars at upcoming intersections, etc.—then the risk logically should drop to remarkably close to zero among otherwise good drivers. Any statistics that appear to show otherwise are highly suspect.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Studies aren't needed to see if something happens. Studies are needed to gauge and create a baseline reference for a problem for which future studies will be repeated over and over again to see if any of the measures various governments are taking work in reducing the behaviour.

And once they have that, they'll come to the inevitable conclusion that cell phone bans aren't useful—not because they're ineffectual, but rather because the lack of a thousand-fold increase in accidents over the past ten years means that cell phone distraction isn't really that much worse than any other distraction. After all, if 90% of drivers use their cell phones while driving, then you'd expect a fairly high percentage of crashes to involve a cell phone, so when the statistics match that expectation, rather than wildly exceeding it, it means the phones aren't really causing crashes.

Slashdot Top Deals

Disk crisis, please clean up!

Working...