|
The Earth has changed dramatically over the last 4.543 billion years. In case you were thinking of moving to the Cambrian
|
|
|
|
|
A PIN code is usually required at the checkout when paying large sums by credit card. ETH researchers have now discovered a flaw in the security system of some credit cards. Beware of hackers with two mobiles at the checkout? (and don't let them scan your card into the first mobile)
I know I'm thick, but I'm having some troubles understanding how this would work in the wild.
|
|
|
|
|
Kent Sharkey wrote: (and don't let them scan your card into the first mobile) No needed
Bug is related to NFC cards, being near enough could do the trick.
One guy is at the shop, the other one is in the near of the card. Once the card is linked, the phone of the close guy says "I am a credit card terminal and you have to pay XX" (where XX is less than the limit for a PIN).
In the meanwhile the other guy is at the paying point in the shop and says, I want to pay with the cell phone (Apple / Google Pay or something like that). To do that it receives the card data of the NFC chip from the other guy.
AND... and this is the big bug... the paying cell phone changes one bit, as it would have been 2FA-identified in the cell phone (like face recognition, cell lock pin, fingerprint or whatever...) and then they can charge whatever they want without pin.
The most difficult part is to be synchronized enough that guy 1 doesn't need to stay so long in the near of the victim to be suspicious.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Ah. Thank you. That does explain it (in words small enough for me). Seems pretty awkward, but it does seem criminals are willing to do awkward for their benefit. (And you'd think it shouldn't be there in the first place). Hopefully the EMV folk will patch it pretty fast as it sounds like the researchers had a fix.
TTFN - Kent
|
|
|
|
|
The biggest problem is to trust a single bit in a stream to mean "identified, you can charge whatever you want" and to transfer that stream unsecured.
It is said that Mastercard has crypto-secured it, that's why they are supposed to be inmune to this exploit.
To be sure, NFC isolation wallet and be careful that noone gets close enough to you in big malls (although now with social distancing is even more obvious)
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
A little more than half of IT teams need improved technology to support a remote workforce and learning environments, according to the new 2020 Pulse report. The others already had enough cans and lengths of string
|
|
|
|
|
And article writers need to define their TLA (Three Letter Acronym) and FLAS (Four Letter AcronymS) the first time they appear in an article too.
ITSM?
KCS?
But yet Knowledge Base Readiness is typed out.
|
|
|
|
|
DirectStorage will bring best-in-class IO tech to both PC and console just as DirectX 12 Ultimate does with rendering tech. Hopefully they'll enable it for VS
Then those "VS is busy, go away" dialogs might be reduced.
|
|
|
|
|
We'd like to have an easy way of judging open-source programs. It can be done. But easily? Dream on!. Not guilty for reasons of gratuity?
|
|
|
|
|
The same way you would any other software:
Presumed to be organically produced fertilizer until proved to be organically produced fertilizer?
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Intel gave us a deep look at its upcoming 11th generation ”Tiger Lake” CPUs last month — now, it’s unveiled the chips we can expect in thin and light laptops later this year. The article doesn't mention the most important Intel news - a new logo!
Oh, sure. Faster, better battery life, yadda yadda.
|
|
|
|
|
Quote: rebrands Project Athena as Evo
Evo is also the name of one of Steve Vai's guitars.
"Go forth into the source" - Neal Morse
|
|
|
|
|
The trimming can either be too little or too much – too little when code is included that won’t be used, and too much when code is removed that will actually be used. Shave and a haircut - 2 bytes
|
|
|
|
|
Pardon me for being an old fart here but:
If I ing define something in my code, I ing expect you to include it in the executable, nothing more, nothing less.
This strikes me as a great way to have unusual run-time errors and crashes whose only evidence trail is in the Windows event log, which only 3 out of 10 programmers know how to use.
Software Zen: delete this;
|
|
|
|
|
From what I've read, it's more about trimming members from the framework when you're doing a self-contained deployment, rather than trimming members from your own application.
App Trimming in .NET 5 | .NET Blog[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Hmm. While I use reflection every so often, I've not had a need to use 'dynamic code'. This still seems like a feature you should be allowed to completely disable.
<OldFartWarStory>
I still haven't forgiven Microsoft for the time I discovered that their C compiler would move what appeared to be loop-invariant values out of a loop, even when the values were marked by the volatile keyword. The values in question were buffer controls in an interrupt service (yes, it's that old of a rant). I also discovered that #pragma optimize() was advisory only, and didn't work in a controlled fashion. I finally turned off optimization for the entire application.
</OldFartWarStory>
Software Zen: delete this;
|
|
|
|
|
HWND? AppWindow? Current situation 'not making anyone happy' as company seeks one true way It's an HWND, but it's also a dessert topping!
|
|
|
|
|
Quote: He also promised that Microsoft will not alienate developers with "yet another solution". As they give 'yet another solution.'
|
|
|
|
|
While there’s an increasing emphasis on continuous testing as more DevOps teams embrace CI/CD, some organizations are still disproportionately focused on functional testing. There's also denial, anger, bargaining...
|
|
|
|
|
As part of Microsoft’s Defending Democracy Program, in a blog post today Microsoft announced a number of initiatives to address the scourge of fake news and other disinformation campaigns. It looks like you're trying to save democracy. Would you like help with that?
|
|
|
|
|
What... no mention of AI?
That's fake news...
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
They're killing Bing and MSN?
|
|
|
|
|
Quote: NewsGuard operates a team of experienced journalists who rate online news websites on the basis of nine journalistic integrity criteria... If this doesn't result in the establishment media trying to create an echo chamber, I will be very surprised indeed.
|
|
|
|
|
Yes I would be interested to know the political persuasion of these "journalists".
What are the qualifications these days to call yourself a journalist? Certainly no more than to be a used car salesman.
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Luckily, the USA isn't a democracy, so it won't affect us.
|
|
|
|