Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment I guess if your definition of success (Score 1) 154

is screwing your customers, then ok. Personally I prefer companies that make lots of great products and sell them for barely any profit so I get to have great stuff for less. A company with huge profit margins is a company that is charging more than they have to.

If you are an investor, liking a company to make a high profit margin makes sense, though I still have to question it in the case of Apple since they hoard the cash rather than pay it out as a dividend. However if as a consumer you applaud high profit margin you are silly.

Comment The Math, aka Big Freaking Deal (Score 1) 37

We have this:

AT&T To Cough Up $88 Million For 'Cramming' Mobile Customer Bills

And this:

Through the FTC's refund program, nearly 2.5 million current ATT customers will receive a credit on their bill within the next 75 days, and more than 300,000 former customers will receive a check.

So, $88000000/(2500000+300000) = $31.43. Thanks guys, I'll try not to spend it all in one place.

Comment Apple told is they do! (Score 2) 334

Seriously, that seems to be the extent of the logic some of the manufacturers use. Apple has/had an obsession with thin, Apple did well, therefore we need to have an obsession with thin.

Personally, I say fuck that. Phones have gotten anywhere from thin enough to too thin. I had a Note 3 for a few years, which I was completely fine with in terms of thickness. However I recently got an LG G5 which is just slightly thicker, and I actually like it better. The slight extra thickness, combined with rounded edged, makes it really comfortable to hold. Of all the smartphones I've had it fits in my hand the very best. I think they've got it pretty close to perfect in therms of thickness.

Oh and it manages to have a removable battery, headphone jack, and SD card so that's nice as well.

I get annoyed with the worship of the cult of thin. I understand the interest back in the day, I had an early Windows CE smartphone which was a massive brick and ya, I wanted something smaller. However we have gotten to the point where they are plenty thin enough and going thinner is less ergonomic, not more.

Comment The problem is (Score 1) 113

None of that makes alternate media any better. There's nothing wrong with pointing out the problems media has. Indeed it is healthy and necessary as the only way we can hope to improve it is to point out the problems and demand that they be improved upon.

The issue is that is not what many of the people who call themselves skeptical of the media are doing. Rather they seem to be taking the view that MSM is bad so that means whatever alternate media site they read is good and accurate all the time. They'll be critical of CNN or the New York Times often to an unreasonable degree, but then accept without question or analysis things from Brietbart or Infowars.

That is completely silly, of course. The idea that because a site is not "mainstream" they must do a good job reporting is bunk. Being "alternate" is no guarantee of any sort of journalistic standards, or any process to try and combat bias. On the contrary, many explicitly have a viewpoint they are pushing, to try and capture a certain part of the market.

That really is why most people like them, and dislike more mainstream sites. It isn't that they are actually critically evaluating the news's failures, rather it is they disagree with what they are saying. So they find another site that says things they agree with, and they decide that means they must be telling the truth. They aren't actually doing any critical analysis, just trying to find places that say things they agree with.

It is like a person who is skeptical of a diagnosis from a doctor, but will unquestioningly accept the diagnosis of a homeopath.

Comment All the new high end ARM CPUs do (Score 1) 76

My phone (LG G5) supports it because it has a Snapdragon 820. That's great and all, but there aren't a lot of devices out there that are so new. So no real point in Netflix supporting it. They'd need to wait a few years for enough people to replace their hardware with new units.

Comment Also nothing supports it (Score 4, Interesting) 76

I mean the newest devices support it in hardware, but it has to be a very new chip to have H.265 support. The vast majority of devices in use don't. For computers you could do it in software but that isn't ideal, since H.265 decoding is rather heavy so you'd hit the CPU pretty hard, whereas hardware accelerated H.264 would hit it almost not at all. For mobile/embedded devices though it just won't work. Too CPU intensive to do in software, so people need a new device.

Comment Re:It's even easier than that (Score 1) 110

Credit card numbers that long aren't necessary. Changing how they are constructed is. Logically speaking the problem can be fixed (hashing etc.) The problem is that the infrastructure that supports it would also have to be changed and that would be a monumental undertaking. Which is why they are trying to avoid it at all costs. You also have the issue that the typical consumer is not going to tolerate an even longer number than they already have.

The unique credit card number solution has been offered by some banks already (e.g. Amex). Many payment terminals are configured to use DUKPT which creates a unique key per transaction (this is enough to take a cash register out of scope for PCI if properly configured).

You may find this interesting:
http://www.maravis.com/derived...

Even 2FA is broken if it is done via SMS
https://pages.nist.gov/800-63-...

Comment Re:It's even easier than that (Score 1) 110

Credit card transactions are fairly well documented (I'm a big fan of DUKPT myself and that is decently documented). However the process used to generate the account and CVC2 numbers themselves is obscure and proprietary to each bank. Most banks do not have the expertise or will to properly perform this function. They count on malicious actors not looking too hard at how they do things.

Unfortunately for the banks once you figure out how to generate these numbers you have broken the primary security used to prevent the public at large from using any given key (card no's) against a very public lock (merchant website). 2FA goes a long way to prevent this!!!

Processors, banks and merchants all have the ability to mitigate this risk by putting in additional controls (geo-location, address, shopping patterns etc.) These all help reduce the risk of a given transaction. However they must balance out approving most (probably legitimate) transactions against an acceptable level of fraud. They must also balance out the overhead involved in reviewing and approving transactions.

The result is the continued use of a system that is fundamentally broken. You will see this type of fraud increase significantly until the whole system is re-engineered.

Comment Re: It's even easier than that (Score 1) 110

Every company chooses their own method of generation for this code. Some vendors use weak encryption, some might use strong encryption, some don't use encryption at all, and some issue the codes in batches. It really all comes down to the company, their risk policies and their expertise. That's why large card dumps are risky, they provide material that can be used to look for patterns. It's a bit scary how many companies have told me they secure their product with base64.

Slashdot Top Deals

"An ounce of prevention is worth a ton of code." -- an anonymous programmer

Working...