Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Irony of ironies (Score 1) 167

Which is worthless if the payment terminal is compromised, because the card can't know it the payment terminal is sending out messages on its own behalf or on behalf of another hacked payment terminal on the other side of the country.

Transaction log:

  • Terminal 1 gets a chipped card that it recognizes as "special". It contacts a C&C server and finds Terminal 2.
  • Terminal 2 reads the card number from some poor sucker's card and sends it to Terminal 1.
  • Terminal 1 relays the response to the card provider.
  • The bank sends back transaction info.
  • Terminal 1 relays that to Terminal 2.
  • Terminal 2 sends it to that same poor sucker's card for signing, gets the response, and sends it to Terminal 1.
  • Terminal 1 relays the signed response to the card provider.

As far as the card provider is concerned, the card physically present in Terminal 1 was actually used in Terminal 2.

Comment Re:Irony of ironies (Score 1) 167

The chip doesn't do that much, really. Most attacks on credit cards for the past decade have been attacks on the payment terminals themselves, and there's nothing fundamentally preventing someone who has already compromised a bunch of payment terminals from setting up a C&C server, and using it to let them make purchases for free by making the payment terminals recognize their chip in some way and relay the request through a different payment terminal to somebody else's card.

The only thing that would truly increase security would be having a screen on the individual card that shows the purchase info and a button on the individual card that lets you authorize it. As long as the information display and the authorization keystroke are handled by a potentially insecure, Internet-connected device, the biggest security problem with these systems cannot be solved.

Comment Re: I find this thoroughly unsurprising (Score 1) 343

Like the traffic isn't already loud? Besides, they could be a little smarter about it and use RADAR to determine if traffic is moving, and honk the horn if nobody moves after two seconds. That would make it less frequent, but still nearly as effective. And drivers would quickly learn to pay attention to avoid the honk, so this would also have the effect of making itself moot.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

It would be nice to have a traffic light alarm feature, but that only helps if all the cell phone users buy new cars. That feature would have to have been made broadly available in new cars at least 15 years ago to be broadly effective today. By contrast, an air horn on particularly problematic traffic lights can be deployed today and is immediately effective at solving the problem.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Better than ruining the lives of anyone living within earshot of an intersection (except, perhaps, the deaf) how about an ignition interlock system? If your car detects the driver using their phone in conjunction with unsafe driving practices...

Remaining stopped at a traffic light, assuming other drivers are not driving dangerously, is not unsafe. Therefore your proposal wouldn't help at all unless those drivers are also using their phones while driving badly.

Besides, it doesn't take an insanely loud air horn to get people's attention. It just has to be loud enough to be heard inside a car with the radio playing—no louder than a car horn. And if you embed it in the pavement underneath the car and use constructive interference correctly, you should be able to create a directed burst of sound that would be loud to the person in the driver's seat of the frontmost car, but quiet everywhere else. After all, the vehicle that fails to move is almost invariably the frontmost vehicle. The drivers of other vehicles typically notice motion in their peripheral vision even if they are looking down at their phones.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Cars still don't drive themselves, and very few cars percentage-wise even have collision avoidance, which is the only sort of safety feature that can possibly significantly reduce the rate of collisions among people who truly aren't paying attention to the road in a dangerous way.

The reason cell phone use doesn't cause the huge number of crashes that were predicted is much more obvious: 99% of the time, a driver doesn't actually need to do anything, even without self-driving cars, because most of the time, the road is straight, and there isn't something in front of you. And unlike drunk driving, people don't typically use a phone continuously, so the probability of overlap is small. That makes the risk of cell phone use inherently very low even if it is technically a risky behavior. And if we assume that most people choose when to use the cell phone based on the conditions around them—at traffic lights, on long straight stretches with no visible cars at upcoming intersections, etc.—then the risk logically should drop to remarkably close to zero among otherwise good drivers. Any statistics that appear to show otherwise are highly suspect.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Studies aren't needed to see if something happens. Studies are needed to gauge and create a baseline reference for a problem for which future studies will be repeated over and over again to see if any of the measures various governments are taking work in reducing the behaviour.

And once they have that, they'll come to the inevitable conclusion that cell phone bans aren't useful—not because they're ineffectual, but rather because the lack of a thousand-fold increase in accidents over the past ten years means that cell phone distraction isn't really that much worse than any other distraction. After all, if 90% of drivers use their cell phones while driving, then you'd expect a fairly high percentage of crashes to involve a cell phone, so when the statistics match that expectation, rather than wildly exceeding it, it means the phones aren't really causing crashes.

Comment Re:I find this thoroughly unsurprising (Score 1) 343

Of course, this problem is easily solved using commonly available technology. Just put an electronic air horn on every traffic light and honk it when the light turns green in any direction. This would be useful regardless of the reason for distraction, whether it's a cell phone, a radio, or the kids bouncing off the ceiling in the back seat.

Comment Re:I dare him not to use the internet for a month (Score 1) 302

1. Drawing money for a month before the experiment start as most banks use internet technology to contact their branches. (Yes might be secured but still TCP/IP)

All Tcp/IP is NOT Internet (lease lines).

Realistically, most point-to-point connections are virtual these days, encapsulated over the public Internet via a VPN tunnel. Yes, you can get physical leased lines, but why would you bother?

2. You cannot buy from certain stores because they use internet technology to update store details and order new stock.

Sure, stores that are not ACTUAL stores are not accessible is i problem to no one.

Your local grocery store uses the Internet to coordinate how much of each kind of produce it receives. To truly avoid the Internet, you would literally have to be a farmer and grow all your own food.

3. You cannot even send a letter or receive a letter because I can promise you the systems that sort your mail are connected to the internet in some way. (Uses network technology)

All letters are physical. I believe you refer to email.

Nope. The systems that sort your mail also upload metadata about every letter to centralized systems for logistics purposes so that they know how many long-haul trucks need to roll from point A to point B (and for law enforcement reasons).

4. In some buildings you will not be able to use elevators so walk up the stairs as they monitor the lifts via internet connections.

Actual 100% bullshit.

Actual 100% reality. At a bare minimum, those security cameras in the elevator are likely to be Internet-connected (or at least Intranet with some sort of gateway to the Internet). And in some cases, so are the monitoring systems that watch for malfunctions, plus the HVAC systems that provide heat and cooling in modern buildings, etc. We truly live in a connected world.

6. You cannot use a phone because even landline phones these day at some stage pass through internet connected devices.

Once again, leased lines != Internet.

I think the original poster was talking about the very real risk of receiving a phone call from a VoIP user. (And worse, most of them are fraudulent scammers faking local phone numbers. But I digress.)

Comment Re:Sadly, he's kind of right already (Score 2) 302

If you want to keep unprincipled actors in the datamining sphere from getting (too much) information about you, you *can* avoid patronizing internet services that are run by them. That means you don't get to enjoy 95% of the internet, because every-fucking-thing is run/owned/exploited/controlled by Google, Facebook, Akamai, Cloudflare...

Actually, you can't, because almost invariably your immediate ISP will be run by an unprincipled actor in the data-mining sphere, and any VPN provider you choose to hide your traffic will also likely be surreptitiously run by an unprincipled actor in the data-mining sphere (not to mention that others will wonder why you feel the need to hide your traffic from your ISP, and will then suspect you of wrongdoing).

The real problem here is that the people making the decisions at this point (including this Congressperson) lack sufficient understanding of the difference between an ISP—a company providing the Internet service for your home or business—and an Internet content provider, e.g. Facebook, Google, Twitter, etc. The law that they blocked applied only to the former, not to the latter, precisely because you do have a lot of choices in the content providers, but rarely have more than one viable ISP option, and essentially never more than two.

If you read his statement as "If we treated Internet content providers as regulated utilities...", the statement makes perfect sense and is perfectly correct. What it fails to recognize is that most Americans get their actual home broadband service from a regulated monopoly. Internet service providers have always been regulated utilities, from the very beginning, albeit a less regulated arm of a regulated industry, whether that industry is the telephone provider or the cable company.

The only real competition, meager as it might be, is among cellular providers. Unfortunately, because of the high cost of cellular broadband, it is generally practical only for people who can't get wired service. If you look at areas that have access to traditional wired Internet service, I doubt even 1% of those folks get their home Internet service from someone other than the cable company, the phone company, or a CLEC leasing the lines from the phone company. The supposed "competition" is so rare that it is essentially lost in the noise.

The bottom line is this: As long as regulatory decisions are made by people who double-click Internet Explorer and think that it is "the Internet", we're going to continue to have brain damaged regulatory policies that screw consumers. No 73-year-old is qualified to do that job, period. Frankly, I have my doubts about anyone old enough to realistically get elected to Congress being qualified. Even folks in their early forties only grew up with the Internet if their parents worked at a university, so maybe single-digit percentages of them are qualified. You have to get down to folks in their early thirties and younger to have a non-negligible probability of competence, and folks that young generally haven't bubbled up to the federal level yet.

Call it age discrimination if you want, but putting a 73-year-old in charge of regulating the Internet is like putting a strictly adherent Old Order Mennonite (of the horse-and-buggy-only variety) in charge of the DOT. You can't usefully understand how to govern something that you don't understand, and you can't understand something without being immersed in it.

Slashdot Top Deals

I haven't lost my mind -- it's backed up on tape somewhere.