@JaredBusch said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

@Dashrender said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

@JaredBusch said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

@Dashrender said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

@nadnerB said in Why aren’t chip credit cards stopping “card present” fraud in the US?:

A significant majority of cards here in Au have a "tap 'n' go" feature. There are idiots the put a nail punch into the chip several times to "disable" the "tap 'n' go" feature to make their card "more secure"... which send them right back to magnetic strip swiping... #MeatwareMayhem

Even when it's important to them, the end user refuses to educate themselves.

While I'm not surprised to hear about hole punching - I've never heard about it - what, do they just not want to be more secure? Why kill the chip?

Because part of the chip is RFID capabilities. Stupid humans still.

I guess when I read his comment I thought the hole punch people were only trying to disable the chip, and not TAP, but their overzealous punching also caused damage to the TAP chip..

The RFID is not a separate chip. It still uses the same chip. The antenna may be on the other side, but the brains are all in the one chip.

OK I'd like to think this is right - as it would totally make sense.

the problem I have with it is that tapping takes a fraction of the time to authenticate a transaction compared to plugging the card into a reader - is the wireless read just that much faster? or is TAP really not doing an challenge response situation like chip is?

Do they even have a website at this point?

@scottalanmiller said in How Apple hopes to stop a customer lawsuit over its App Store monopoly:

https://www.bbc.com/news/technology-48255541

Yeah this is pretty huge. Apple made over $11 Billion last year alone from sales in the App store.

I'm curious as to how they'll deal with depletion of their 256 bit UUIDs and/or spoofing or anything else. We can know is that Google (and others) will have a way that works across IP addresses that will provide a fairly unique way of identifying you no matter what. Presumably some browsers will let you change it or have it different in privacy mode or whatever, but like with Don't Track we'll can almost guarentee that even if there is a standard some other company like Microsoft will implement it just differently enough to make a lot of it pointless... other than the connection speed I guess.

People are already gungho about this, some thinking that it's a total replacement for the TCP stack which is utterly stupid. I first read about this in mid 2017 and noticed it seemed to be sort of a spin on MinimaLT which was specified to deal with mobile IP (as in protocol, not address) issues.

@scottalanmiller said in Another Major BGP Mishaps Redirects US Traffic to China:

I noticed that YouTube was down yesterday for a little bit. Very short, though.

Even Facebook got taken out for a bit too... Don't know if it's related or not, but still...

@DustinB3403 said in Some New Macs Risk Bricking from Third Party Repairs:

@dafyre said in Some New Macs Risk Bricking from Third Party Repairs:

@Dashrender said in Some New Macs Risk Bricking from Third Party Repairs:

@DustinB3403 said in Some New Macs Risk Bricking from Third Party Repairs:

Yeah I kind of have an issue with this. . .

It's my device, if I want Joe from the mall kiosk to replace whatever in my device, that is my right to do, and I'd be the responsible person who risk the device being broken further or compromised with non-oem parts.

On the other side of the conversation I understand Apple's reasoning for this and it's sounds like they simply want users to use OEM only parts, but they use this guise of "for security".

Which also kind of irks me. . .

Why do you call it a guise? If Apple doesn't make the interconnect APIs available, who knows what those knockoff people are making.

I'm back to the point where the device should likely just hit you with a warning every 24 hours that you might have compromised shit installed - but I'm guessing that Scott and others will be against that level of frequency.

I'm against a one time notice of there being a perceived security issue in the device.

I'm not against a notification -- but every 24 hours seems excessive. Maybe a 30 second notification every reboot -- something that doesn't require any action other than waiting the 30 seconds.

But this is just an "you may have been" there is no proof that something has been compromised. Just the possibility because a non approved person or company has worked on property you own.

I think any notification that would force you to wait, period would be overly intrusive.

Right, you MAY have been compromised with Apple's own stuff, too. But they would "conveniently" not show a warning. Therefore the warning would have nothing to do with risk, and everything to do with FUD.

Probably pretty minor, but just patch nGinx anyway 🙂

Too bad KVM is not available on Mac then I can move from using Virtualbox.

So how much weed will be in the next release then?

@gjacobse said in Activating Windows 10 with Windows 7 Keys Today:

@scottalanmiller said in Activating Windows 10 with Windows 7 Keys Today:

@gjacobse said in Activating Windows 10 with Windows 7 Keys Today:

@DustinB3403 said in Activating Windows 10 with Windows 7 Keys Today:

@gjacobse said in Activating Windows 10 with Windows 7 Keys Today:

@aaronstuder said in Activating Windows 10 with Windows 7 Keys Today:

https://www.thurrott.com/windows/windows-10/142616/yes-can-still-clean-install-windows-10-windows-78-x-key

Article coverd up by their stupid box saying your AdBlocker is showing...

Not with pihole. 🙂

I'm running one....

You sure it is working?

I'm no genius... but it shows it's working

0_1541719164459_2018-11-08 18_19_03-Pi-hole Admin Console.png

the Pi-Hole is running, you sure that that is what you are using for your DNS? Check with nslookup