Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Ok,but are these duplicate channels (Score 1) 198

Yeah the US is a little different. For the broadcast networks with local affiliate stations (ABC, CBS, NBC, PBS, Fox, etc.), the cable or satellite provider will generally only provide you with your local affiliate. So if you live in Los Angeles, you will only get the NBC station for Los Angeles, and not for New York or San Francisco.

The cable stations (CNN, ESPN, Discovery Channel, Disney Channel, etc) have just one version. At most they might have two, an East Coast and a West Coast version with the same content, just time shifted by three hours, but normally you'll get just the one appropriate for your geographic location (though not always, Dish Network provides the East Coast feed even in Hawaii).

Comment Re:Oh great, they invented.... (Score 1) 76

The CVV code on the back of the card is actually different than the code on the magnetic stripe. Which is also different than the one in the chip. And I think the CVV in a chip does vary per transaction; if not that, there's something in there that prevents replay of data captured "on the wire" from an EMV transaction.

Passwords exist too. They're called PINs. American banks have mostly shied away from going the Chip and PIN route for credit cards like most other countries, but there are a few out there and PINs have been used with debit cards for a while.

As far as biometric credit cards, those exist too.

Comment Re:standards, use them (Score 1) 206

My understanding is that CVS basically disabled contactless period when Apple Pay came out, supposedly because they were part of the MCX consortium developing CurrenC. I hear sporadic reports that it occasionally works, then breaks a few days later. Apple Pay can do both EMV and MSD contactless; in fact for some reason Amex cards are MSD-only in both Apple and Android Pay, even though their plastic cards with NFC can do both.

I so rarely have a reason to shop at CVS that I haven't had much opportunity to test personally. Other MCX members like Best Buy eventually did turn on Apple Pay.

Comment Re:That's because the payment terminals are outdat (Score 2) 206

Your iPhone doesn't store your actual card number (termed a "Primary Account Number"). When you add your card to Apple Pay, your bank creates a "Mobile Device Number". Your bank keeps the association while your phone uses the MDN to pay, so that's the number the merchant sees. If their systems are later compromised, your bank knows something is wrong if they see the MDN used in a non-Apple Pay transaction.

Apple Pay doesn't require entering the PIN. You can also authenticate using your fingerprint. But since the phone doesn't transmit card details to the terminal until after you authenticate, it's more secure than using an NFC card. A merchant who upgrades their terminals to recognize CDCVM can allow contactless payments in excess of the limit for NFC cards (GBP 30 in the UK, $100 in Australia, etc).

Comment Re:standards, use them (Score 1) 206

They do. The over-the-air protocols in Apple, Android, and Samsung Pay are contactless EMV (a variant on the contact EMV standard for chip cards) and the legacy MSD contactless (basically transmitting magnetic stripe card data over the NFC interface) protocol, which are the same as used for contactless payment cards (Visa PayWave, MasterCard PayPass, American Express Express Pay, Discover Zip). So anywhere that takes contactless payment cards takes Apple/Android/Samsung Pay.

Comment Re:From GRC who brought you ShieldsUp! and SpinRit (Score 1) 31

At the very least, any site using SQRL that cares about security should disallow logins where the SQRL client and browser IP addresses are different.

This actually breaks the original intended mode of operation for SQRL, using a smartphone to scan a QR code and log in on a PC in most cases (it would still work if the PC and the phone are both behind the same NAT device). While this may not necessarily be useful for all people, one of the uses cases for this mode was to allow a safer login on a potentially untrusted machine.

Comment Re:To boldly go where no One wants to go (Score 1) 106

Captain! Thar be spoilers ahead!

Beyond boils down to a story about a Captain going mad in space and abandoning Federation ideals and principles. It's not like Star Trek has never explored that before. In this case, he's a soldier unable to exist in the more peaceful world he helped to create. To quote Chancellor Gorkon: "If there is to be a brave new world, our generation is going to have the hardest time living in it."

Comment Re:Pegg's Star Trek is an abortion (Score 1) 106

So why is there so little gay crew?

Actually do we really know? We have the seven lead characters, one of which we know to be gay (Sulu) and and additional four have been depicted as being in heterosexual relationships in this timeline (Spock, Uhura, Kirk, McCoy). Though we can't rule any of them out as being bisexual.

So that's five people we know something about their sexuality, out of a crew of 1100 (remember, this Enterprise is much bigger than the one in TOS, which had a crew of around 400). Think about today's society. You probably know some gay people and some straight people. But you probably interact every day with lots of people you have no idea about; you've never seen them before and you'll never see them again. Some of them are probably gay. I think the same can be said for the Enterprise: Some of them are gay, some of them aren't, and most of them you'll never know.

Comment Re:But "dipping" solved everything? (Score 1) 134

So what happened in October 2015 was a liability shift. Prior to that, banks would reimburse merchants for fraudulent purchases. With the liability shift, banks stopped reimbursing merchants if the bank had issued a chip card but the merchant continued to swipe cards. There's been delays in merchants getting their chip solutions developed and certified, that's why you see places with chip readers that don't work.

So today chip cards can still be cloned and used at places that are still swiping. As more places enable chip readers, swiping will become rarer and cloned cards will become harder to use, and the fraudsters will have to look to other things.

Comment Re:Chip (Score 1) 134

The liability shift places liability on the merchant where the fraudulent purchase occurred.

Consider this scenario: Someone swipes a card at Wendy's and that data was captured and used to create a fake card and the fake card is used at Safeway, which hasn't enabled their chip card readers.

If the original card had a chip, Safeway is liable. If the original card didn't have a chip, then the bank that issued the card is liable.

Comment Re:Walmart (Score 1) 118

IMO the customer experience for Apple Pay is far superior to a QR code system like Walmart Pay. Presuming an iPhone 6, because that's what I have. On the iPhone 6, I hold the phone up over the NFC sensor, the phone wakes up and prompts me to authenticate via Touch ID, I do and it's done. For Walmart Pay or other QR code systems I'd have to wake up and unlock the phone, find and open the app, find the QR code scanner, hold the phone over the QR code. And my phone has to be online, so no good if I'm overseas in Airplane Mode (I've used Apple Pay in airplane mode).

And about those NFC pads... You know all those new Ingenico iSC 250 readers Walmart installed to accept EMV chip cards? They all have NFC built-in. Walmart simply disabled it.

Comment Re: Usage is consent (Score 1) 118

Originally the CurrentC scheme was going to promote direct debit from bank accounts using ACH, rather than using credit/debit cards. ACH means lower fees but also removes the consumer protections associated with credit and debit cards. Walmart was a backer of CurrentC, but they must have seen that CurrentC was going nowhere quickly and launched their own similar Walmart Pay system, which does allow credit/debit cards. I don't know if it also supports ACH.

Slashdot Top Deals

I bet the human brain is a kludge. -- Marvin Minsky