Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:just do it (Score 1) 225

(BTW - Online PIN is retailer implementation specific, not card specific. Cards still need to do offline PIN.)

Support for Online PIN transactions is not mandatory per the EMV specifications (neither is Offline PIN, by the way, so no, cards don't "need" to do Offline PIN either), and support in point-of-sale terminals varies, especially by country. The chip in the card tells the payment terminal what CVM (Cardholder Verification Method) options it has, and it also defines the preferred order of those methods. The payment terminal is then supposed to use the first CVM in the list that it is able to support.

The retailer does of course need POS hardware/software that supports Online PIN in order to process such transactions. I'm not sure I'd describe that as the retailer "implementing" Online PIN though. The retailer either supports that particular CVM option in their point-of-sale system or they don't. That could just be semantics though.

However, my earlier point about American retailers still stands. Any retailer here in the States that supports debit card transactions (as specifically debit-with-PIN, not as a credit transaction) already supports Online PIN, because that's how our debit cards work; they're universally Online PIN only. Since debit card transaction support is very widely available in the U.S., that by extension means Online PIN transaction support is already widely available too. That's why I find it odd that our move to EMV didn't just go with Online PIN instead of signature--or even just support both, in preferred order, so the card would drop back to chip-and-signature for POS terminals that don't do Online PIN. Maybe the methods used for our debit network aren't in any way compatible with EMV transaction processing, don't really know.

Comment Re:I'm more impressed (Score 3, Informative) 225

But that is also a difference that US and Canadian ATM's have as well. US ATM's generally make you swipe the card and then put it back in your wallet, while you complete the transaction. Canadian ATM's hold onto the card until you tell the ATM that you're done.

Curious. Now, I admit I never use third-party ATMs so maybe those are different, but among first-party bank ATMs, I haven't encountered a swipe one in a good 25 years. Ever since the early 90s, and having been a customer of several different U.S. banks, all I've encountered are insert-and-hold-card ATMs.

Comment Re:just do it (Score 1) 225

They worried that having PINs would confuse people, etc. etc. Boo hoo.

That was always a red herring and never an issue. Especially when you consider that debit card transactions (with PIN) are very common in the U.S. Arguably more common than credit cards, depending on the retailer. Or shit, just think of everyone with a smartphone; if they're not using a fingerprint, they're using a PIN every time they unlock their phone. Americans do not have issues with PINs. I mean, speaking of "Grandma needs to switch", yeah, my grandmother uses debit with PIN herself. She'd likely barely notice the difference if we went to chip-and-PIN.

I disagree with DogDude too: it wasn't about merchants either. Any EMV/chip-capable hardware a merchant purchases would support PIN by default, because it's in the EMV standard. So there was no cost difference, hardware-wise, for the merchant between chip-and-signature and chip-and-PIN. Most merchants anyway. I imagine restaurants there would be a cost difference, because you need a PIN pad you can bring to the table, but I would still say any merchant with a fixed-location point-of-sale register would see no cost difference in the hardware.

No, the real cost is the banks. For most implementations of EMV, the PIN is encrypted in the chip. There are some implementations that do "online PIN" where the PIN is verified directly with the card issuer and is not stored on the card's chip, but this isn't very common among EMV-using nations (though it is fully supported in the EMV specifications). So, if you have a PIN that's stored in the chip, you need to have some way for the customer to change their PIN, right? Well, in the vast, vast majority of the EMV-using world, this is done at an ATM. However, chip-capable ATMs are almost non-existent in the U.S. Think about how many ATMs there are at banks and branches. Replacing them with ATMs capable of accessing and changing chip information and PINs is a massive cost.

The banks themselves have outright said that this is their primary, bulk cost and the process of rolling out new, chip-capable ATMs will take a fair amount of time. Once that is done, however, then you can expect to see PIN added to our EMV cards probably pretty quickly.

Now, why the U.S. couldn't just implement "online PIN", since it's fully supported by the EMV standard, I do not know. It's not like the U.S. banking networks can't handle it. Virtually any U.S.-issued credit card that has an option for PIN-based cash advances/withdrawals at ATMs uses an online PIN. You'd think it wouldn't be a huge change to use that same functionality for EMV cards. :P That I found to be pretty stupid.

Comment Re:That's nice (Score 1) 225

That involves RFID and/or NFC, right? How does "add wireless stuff to it" make any system at all more secure over an overt and obvious physical interaction?

Apple Pay and Android Pay both implement tokenization for their contactless systems, which is significantly more secure than non-tokenized transactions, physical interaction or not. The massive Target hack, for example? Wouldn't have worked on tokenized transactions.

Tokenization is part of the EMV Payment Specifications so it could be implemented in physical chip transactions as well. Might have been, I'm not sure off-hand. But Apple Pay in particular got a lot of press for being the first implementation of contactless EMV tokenization.

Comment Re:Wah wah... (Score 1) 100

KeePass is free and open source, and easy to use. Its interface is fairly basic, but it gets the job done. It can generate strong passwords, it has a password strength checker, some fairly decent management and organization options, etc. It's aimed primarily at Windows but it can function in Linux and BSD (including OS X) under Mono, and fully supports this. We use this at my workplace and it serves its purpose.

However, I personally am a fan (and long-time user) of 1Password, which is my vault of choice. It's got a highly polished and very easy to use interface, very active development, it's cross-platform Windows, OS X, iOS, and Android. It has plug-ins for all the major web browsers. It supports a range of features KeePass lacks, and also some third party support (like DropBox, for keeping your vault synced over all devices). It's also got a good community--I've found a few bugs myself, and the developers were very accessible and responsive to my posts in their 1P forum they have available for such things. The only downside with 1P, of course, is that it is not free nor is it open source (though the schema and design of their vault file format is fully open and documented, and has been audited in the past). However, I think it is worth its price, and I'm happily a paid user.

Comment Re:Yes - known for years. (Score 2) 435

...very high resolution IPS panels...

Consider the Dark Ages of notebooks just a few short years ago. Crap from Dell and the others were sporting 1024x768 resolutions on crap LCD displays and were thick, heavy pieces of garbage. My ThinkPad T43 from 2004 had a 1400x1050 IPS panel and 5 years later, outside of CPU, the enterprise class machines actually had worse specifications!

I was with you right up to that part. Apple lagged woefully behind in screens for a very long time, unless you're forgetting that the 15" MBP was 1440x900 right up to mid-2012, long after other laptops had gone to at LEAST 1680x1050 (or 1600x1200 for 4:3) for the same size screen, with some even using 1920x1200. The 17" model was better, at 1680x1050 to start out with and then quickly moved to 1920x1200 in late 2008. However 1920x1200 had been fairly common on other 17" laptops already by that time. At least when talking at the MBP's same price point, of course.

And this is all just considering the MacBook Pro, which only came out in 2006; the PowerBooks before that had even lower specs. Your 2004 T43 had a 15" screen option for UXGA at 1600x1200 that outclassed the 15" MBP right up to mid-2012. :P

And keep in mind that the Retina screens have an actual resolution and an effective resolution. My 15" Retina MBP might have a 2880x1800 native IPS panel, but my actual usable desktop in OS X still defaults to that goddamn paltry 1440x900, pixel-doubled so it looks all pretty. Yes I know I can change the default, but it still annoys me that that's what it defaults to at all.

Comment Re:Thoughtful tweaks (Score 2) 113

The "new look" actively ignores the Win10 system colors settings. FF39 had darker window borders because that's what I set my accent color to in my Theme. I figured out how to override that stupid fucking "all titlebars must be white" shit that Win10 enforced too, so I could have properly dark titlebars. So my whole Win10 system is dark-themed as I prefer. FF39 handled that just fine and matched the system theme settings like any other application.

FF40 ignores all of it. It enforces the white window border/header on its own, regardless of system color settings. Even worse, there is no color change between a window that is active and one that is inactive, so unless I have overlapping windows I keep losing track of whether I have the Firefox window actively selected or not. It's literally just a flat white AT ALL TIMES.

So apparently what they "designed" out with this iteration is any semblance of respecting or obeying the system theme settings.

Comment Re:Good (Score 3, Informative) 113

Even worse, "themed to look like Windows 10" means it actively ignores the Win10 system colors settings. FF39 had darker window borders because that's what I set my accent color to. I figured out how to override that stupid fucking "all titlebars must be white" shit that Win10 enforced too, so I could have properly dark-themed titlebars. So my whole Win10 system is dark-themed as I prefer. FF39 handled that just fine and matched the system theme settings.

FF 40 ignores all of it. It enforces the white window on its own, regardless of system settings. Even worse, there is no color change between a window that is active and one that is inactive, so unless I have overlapping windows I keep losing track of whether I have the Firefox window active or not. It's literally just a flat white AT ALL TIMES.

Who in the fuck thought ignoring system colors as the default theme was EVER a good idea?

Comment Mainframes (Score 1) 620

My company used a pair of Control Data Corporation Cyber mainframes, circa.. 1976 or 1978, I forget exactly. Original hardware, including all peripherals such as multiple end-user terminals (fancy workstation kind, not a simple dumb terminal) and external network connections with AUI thicknet and proprietary CDC connections. Also a lot of serial connections, which started with couplers but quickly received hardware updates to actual, original Bell 202 modems in the early 80s.

Also original software and NOS operating system, with everything programmed in FORTRAN with some custom CDC additions. These systems were actually susceptible to Y2K, the only systems I ever personally encountered that were.

They used 1" mag tape for long term storage and archiving, libraries and libraries of tape reels. Company went fancy when they first bought the system, so the twins also had hard drives. Massive 100 pound spindle beasts that actually had to crank up to speed over about 45-60 seconds before the heads could engage. They had a full array of eight of those things.

Quite a high-end supercomputer pair at the time it was put together. Seymour Cray worked for Control Data before he went off to found his own company, so basically the Cyber was a Cray Supercomputer before Cray was a company.

What makes it notable and why I put in a post though, is because we maintained these twin units until their retirement all the way up in 2004. This included all peripheral stuff, so the company was on a coax network (though at least it was thinnet by that time!) up until then too, and was still using those Bell 202 modems too. The only reason the company retired those systems is because sourcing replacement parts was getting to be too expensive, otherwise they'd have continued right on with them.

As an added bonus, the 3-phase large scale industrial UPS that was installed at the same time the mainframes were, was also maintained. THAT, in fact, is STILL in service to this very day!

Comment Re:The pain isn't in the switch (Score 1) 347

You joke, but systemd's default journal behavior is indeed to write ONLY to volatile storage (specifically into /run/log/journal which is a tmpfs volume in Debian), and Debian jessie's standard install actually keeps that default. Or it did at one point; I did a clean install on a new system before jessie went gold, so the defaults may have changed to something less stupid since then.

I certainly hope so, because otherwise yes, at every jessie reboot, the journal is completely lost with no record of it retained anywhere.

On my install I had to change that manually to have systemd write to persistent storage instead.

Comment Re: What Would be a Trivial Amount? (Score 4, Interesting) 198

Another very simple idea is to just turn this crap off. Sometimes you have to MAKE it do so, since plenty of electronics nowadays don't have a true "off" option at all. So I put everything on surge protectors that have individually-switched outlets. Easy to find plenty of those on Amazon. Either the power-strip style, or I use the desktop models (the ones intended to sit under a monitor), depending on the application and where I'm putting it. The desktop models look nice inside an enclosed entertainment center, and make for easy switching of the electronics in there.

Either way, being able to physically flip the switch to cut off all those game consoles and those sound systems and those cell phone/laptop/whatever chargers, etc. etc. really helps.

I even installed a timer switch on my water heater (until I can get around to replacing the thing with a tankless instead). I found that the long-cycle heating up of the water when it's turned on via the timer, actually uses less power than "maintaining" the heat throughout the day. Though that certainly depends on your usage, of course. I'm a single person and generally only need it powered for a shower. The water remains hot enough even in the unpowered tank throughout the day for things like hand washing. I was surprised what a difference it made. Most of us Slashdot types probably already have programmable thermostats for HVAC, but you don't really think about your water heater sitting there sucking up power all day maintaining hot water you're not using.

I even have my damn dishwasher on a switch, conveniently right next to the garbage disposal switch. Only gets turned on when I need it. Sure, all this was a pretty fair amount of work at first, but once I'd done it, I literally cut my power bill in half. No joke, no exaggeration. Though again keep in mind I'm a single person and don't generally use a lot of power to begin with, admittedly, but still, slicing my usage in half just by putting crap I wasn't using on switched outlets made a tremendous difference to me. And I really don't think it's inconvenient to go over to the entertainment center and, say, flip the Playstation switch when I want to play that.

And as an added bonus, an unpowered device is one less possible source of circuit failure and fire hazard. That's just a nice little icing on the lower-power-bill cake.

Comment Re:Okay, you've got my attention. (Score 4, Informative) 187

His largest and arguably most popular/well-known (especially outside of China) book series is getting proper English translations and sold in Western markets. You can purchase the first book of the series, _Three Body Problem_, from Amazon right now. Book two is due to be released in July.

A number of his short stories are also available in Kindle format from Amazon, but do not appear to have physical book translations available.

Comment Re:I dunno about LEDs, but CFLs don't last (Score 1) 602

One of the main problems with CFLs is that every on/off cycle shortens their life, and further, the really cheap CFLs use electronics and transformers that don't deal well with short cycles in particular. They need to be given time to "warm up" otherwise flipping them back off quickly shortens their life even more. This is especially problematic in short-but-often use areas like, say, a bathroom. Flip light on, pee, flip light off, know what I mean?

I went through three different brands of CFLs in my bathroom before I learned that little detail as to why they all failed within just a matter of months.

Slashdot Top Deals

"The identical is equal to itself, since it is different." -- Franco Spisani

Working...