Follow Slashdot stories on Twitter


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Meh, too easy. (Score 1) 45

Now this is cool:

Guy hacked a 1987 arcade game by coding up another Z80 "processor" on an ATMega to share bus-mastering duties with the other two already there, in order to periodically mess with the RAM for the purpose of saving/restoring high scores and tweeting. He made a board that just plugs in between the CPU and the board and gives total Ethernet-ready control. It's easily adaptable to other machines, too.

Rest of the guy's site is neat too, like his hard disk controller hack that lets you root a machine by faking the cache read for /etc/passwd and is triggered by writing to a special file.

Comment Re:They don't make disasters like they used to (Score 1) 675

Many large chains will read that info to match you against their databases for marketing purposes just like they do for magstripes (there was never any reason to keep track of any card info).

Do you have a citation for this? I'm pretty sure it's specifically disallowed, which is why all the big stores have rewards programs (because that's the only way they can track you). I can't find any evidence one way or the other.

Comment Re:What's the big problem? (Score 2, Insightful) 675

This is an interesting point. The signature in the US isn't considered an authenticator, it's actually considered agreeing to a contract. If you look at your receipt it probably says "I agree to pay the above amount according to the terms of the cardholder agreement" or something. The idea is (in theory) they could take you to court and say "but you signed a contract saying you'd pay!". If they have someone other than the cardholder in court over that transaction, it's not because of a broken contract - it's fraud.

In Europe, it is considered to be an authenticator, which really slows things down. They do check the signature vs the one on the card. I guess chip-and-signature at least means that someone can't clone your card and use their signature, at least not trivially. They'd have to get your card and then match whatever was on the card, or erase the signature somehow.

Comment Re:Oh please. (Score 1) 675

That is a fair complaint. It's because the chip on the card actually has to know how much the bill will be before it generates a one-time authorization code for that specific amount. Presumably with the magstripe the terminal could let you enter everything, then only at the end talk to the network. Though come to think of it there's no reason you couldn't do that with the chip, just have all the "user interaction" stuff take place during scanning, then leave the card in until the total is rung up. I guess that's either specifically disallowed by the networks, or the manufacturers/stores just figure it would freak people out to leave their card in for a few minutes.

Comment Oh please. (Score 1) 675

It's really not that bad. It takes exactly the same amount of time, the only difference is it feels longer because you have to leave your card in while it authorizes. But there's no extra round-trips or computation or anything - the card gets challenged with the amount, and it generates a one-time code for that amount that gets sent instead of (or alongside?) the card number. For the annoyance of leaving your card in the reader, skimming becomes impossible. I've had my debit card skimmed, which was annoying enough because I was a college student with no money, but then the bank screwed it up and I had to escalate with them to fix it. No more skimming is A-OK with me.

It must be exhausting to be the author. Going around all day, finding - at best - minor inconveniences to be annoyed about. Not to mention that they clearly didn't go into the article with any kind of an open mind and just found stuff to complain about. No nuance at all. I can't find one valid complaint in the whole article that's not "the software isn't 100% yet" (...sure?) and "some merchants will need new equipment eventually" (it's called a cost of doing business?). And this gets the "utter disaster" label?

The only disaster is that they insisted on chip-and-signature instead of chip-and-PIN. Not only is it less internationally compatible, but it's less secure - not that PINs are secure, but it means the restaurant can't take your card, they have to bring a reader to the table. I'm still mad about that choice, but it's typical USA, right? Here's this international standard we'll implement like 80% of the way. At least chip-and-sign cards still work in most automated machines in Europe, so it's a small improvement, but I die of embarrassment a little every time they have to call the manager over to interpret this weird new "make them sign the receipt" display and find a pen. Unfortunately the author doesn't even focus on this, other than "but the FBI said to use chip-and-PIN and they didn't do it!" line.

Comment Re:"Business People" (Score 1) 192

This is the Keynesian beauty contest:

It is not a case of choosing those [faces] that, to the best of one's judgment, are really the prettiest, nor even those that average opinion genuinely thinks the prettiest. We have reached the third degree where we devote our intelligences to anticipating what average opinion expects the average opinion to be. And there are some, I believe, who practice the fourth, fifth and higher degrees.

Comment Re:Latency vs.Bandwidth (Score 4, Informative) 73

It depends what you mean by fastest. As you note we have a perfectly good word for "the time it takes for a bit to make it out the other end" - latency. Most people probably intuitively associate bandwidth with speed, though, because it's most directly relevant to what they do, which is try to transfer quantities of data. If it takes 1 minute to download a movie on one connection and 10 on another, but both are identical latency, most people will say the former is 10 times faster - because it is, for what they use it for. A gamer who has specific needs might prefer a lower-bandwidth but lower-latency (or jitter) connection, but probably wouldn't call it faster - they'd say it was lower latency because they know most people associate speed with bandwidth. Your dump truck wouldn't be called the fastest, but if the typical person had a mountain of soil they wanted moved and called up the earth-moving companies to give them a bid, the one with the biggest trucks would probably be able to bid the shortest time.

Of course, if it's a more direct routing, it may indeed be the lowest-latency link between those two points.

Comment Re:Just a few notes (Score 1) 170

Yeah the Phenom thing is a good one, we were trying to figure that out earlier in hangar flying. (Also a PPL.)

This is certainly a military "area denial" test, with the secondary effect of "aviation users, let us know if there's any gotchas we didn't know about as we move to GPS-only" (NextGen). Probably there will be no actual impact, and if there is, between pilotage, dead-reckoning, and VORs pilots should be just fine. If they aren't, they really shouldn't be flying anyway. IFR makes things slightly more interesting, but then again they have ATC to work with.

Aviation GPS is unlike your car or phone, and it comes with a wide range of self-monitoring built in. First RAIM and now WAAS can tell you if you're experiencing a degradation of sufficient magnitude to mess up your navigation - in particular, a RNAV approach - and you need to switch to an alternate (or go missed, for the approach case).

The interesting thing here is that WAAS will be affected, but the FAA doesn't require you to have a non-GPS backup to operate under instrument flight rules (IFR) if your GPS is WAAS. So I guess if you're IFR you should just not go there...? Or have a backup... (for this one case)? That's the only thing that's weird to me. They need a better story here.

The military does these things all the time. Not sure why this one is making the news - here's an identically-sized one from 2015 (the reason for the identical size rings is just line-of-sight plus earth curvature to those altitudes)

Comment Re:Mysterious ways of the government (Score 1) 170

Selective Availability (the system you're talking about) was turned off permanently in the year 2000 by Clinton, and the new satellites don't have the capability.

The rationale was that GPS is too useful and too important to screw it up globally, and that it was easier to just deny adversaries the capability on an area basis rather than a global basis. Like, say, what they're doing now as a test.

SA didn't even work that well since people were working around it - basically discovering the error and broadcasting a correction, using systems called DGPS.

All paraphrased from the wiki, of course.

Comment Totally reasonable (Score 4, Informative) 216

I am a private pilot and the only tortured thing here is how the service tried to get around "holding out" and "compensation". Obviously the FAA doesn't see it this way. If you are a private pilot you're held to a lower standard - of training, medically, during the examination, and for the aircraft - than a commercial pilot. Which is held to a much lower standard than an airline pilot. It's not really that safe, either - the GA fatal accident rate is comparable to motorcycles, and that doesn't include a bunch of PPL cowboys feeling pressured to go in marginal conditions, which this service would surely promote. Would you jump on the back of a random motorcycle with an unknown driver?

A bunch of people have said that you can't be paid to fly. It's worse than that - you can't receive any benefit in exchange for your flying. All you can do is offset your losses. The safest thing is to pay your own way, then everything's legal. If you split costs with your buddy and he buys you a steak dinner, the FAA will kick your ass. Yes, this has happened. So too did they punish the guy who ferried his bar-owning friend's customers to the bar "as a favor" when the charter flight fell through. Even though they couldn't find any direct compensation, they still won on the theory that "there's no way someone is out $2k without at least a quid pro quo, and in any case think of the passengers who were expecting a charter flight to commercial standards"

Most people are used to licenses - rights - that can't be easily taken away. Like your drivers' license - that's a court case if they want it. Being a pilot means you have a certificate and it can be taken away much more easily (i.e., no courts involved) if the FAA feels it is appropriate. And they have no trouble convincing the oversight (the NTSB administrative law judges are the highest you can go) that their interpretation of the "holding out" rules is the correct one.

Flytenow didn't shut down because the FAA said "no", at least not directly. They shut down because once the FAA publishes an opinion of how they see the regulations and intend to enforce them, you'd be stupid as hell to fly if they said "we think this is against the rules and will prosecute people for doing it". It'll stick, too, barring "arbitrary and capricious".

If you can find an example of people "lawyering" with the FAA and succeeding, I'd like to see it. There's plenty of examples of people thinking they've found a loophole and are smarter than the FAA lawyers - but they all forget that the FAA isn't bound by the letter of the regulations (they're not laws!) and that they're allowed to punish people for what they meant to say so long as it's reasonable regardless of whether it's explicitly written down. The FAA's intent is very clear - you can go camping with your buddy and split the costs, but you can't be a charter service. If they think you're basically being a charter service, they'll burn you regardless of how you try to wiggle out of it.

Comment You've been warned: biometrics might not be secure (Score 4, Interesting) 224

See this Slashdot article from October 2014: Virginia Court: LEOs Can Force You To Provide Fingerprint To Unlock Your Phone. And that's not the first.

(IANAL.) The idea is that forcing you to reveal something you know (passcode, etc) is testifying and thus could be self-incrimination and not constitutional, but that forcing you to provide something about yourself is totally kosher. The analogy is being compelled to give up a key or DNA vs a safe combination - the former is searchable, the latter is not. Fingerprints are routinely taken upon arrest, even if the person is released without charges. Physical descriptions or stuff on/about you is not testifying. The argument to make here is a fourth amendment one about being "secure in ones papers" - but they have a warrant so that doesn't do any good anyway.

What it comes down to is the fifth amendment is a very important, but very circumscribed, right - not a get out of jail free card. Which shouldn't have been a surprise, really, otherwise the police would never be able to prosecute much of anything.

Slashdot Top Deals

Reference the NULL within NULL, it is the gateway to all wizardry.