Posts by Ben Gracewood
Last ←Newer Page 1 2 3 4 5 Older→ First
-
Any possibility that the Auckland CC thing is an internal issue rather than external?
I'd say probability rather than possibility.
-
Ouch. That's rather epic. So somewhere at Auckland City they were storing a list of credit card numbers used by their car park ticket machines. Probably in the clear.
Why?
-
Just heard an Auckland City spokesman on RadioNZ saying that they need to prove to Wedtpac, Visa and Mastercard that the payment machines are appropriate, or how to "make them appropriate".
-
This topic also calls for some Bruce Shneier facts, like:
One-time pads are impervious to man-in-the-middle attacks, unless that man is Bruce Schneier.
-
I can see the need for legislation that forces any device that stores credit card details to encrypt the data to prevent this kind of theft in the future.
While not legislation as such, credit card companies (kinda, see below) will not deal with you unless you are PCI-DSS compliant (Payment Card Industry - Data Security Standards). This standard covers all sorts of stuff from physical security of servers through to the management of visitor logs and surveillance camera footage. It's a big document, and caused all sorts of sucking of breath and tut-tutting when I showed it to our data centre guys.
The interesting thing is the way compliance is implemented. If a bank allows a non PCI compliant merchant to process payments, then the bank, not Visa or Mastercard, becomes liable for fraudulent transactions. Hence this becomes quite self-policing.
I have no idea what happened in this particular case, but it sounds like a shitload more than a little bit of skimming.
The way the banks are scrambling, I suspect some liability has been indicated at some level lower than the card provider.
-
. LIke how to get through the next few weeks, never mind the funeral, without collapsing into a puddle of sorrow.
Nah, that bit's easy. You just have to organise the birth of a wonderful baby daughter for two days after your Dad's burial. I couldn't recommended highly enough.
I have developed a profound understanding of the concept of "opposites" over the past few months.
-
Aside: among the greater things I regret about Dad's passing was that we did not record his 'Fun'eral as an instructional video.
HOWTO: Secular White Man's Funeral.
-
I'm stunned that it's as simple as saying "sorry", and that the university finds "no deliberate wrong-doing."
So I understand: was there a mix of attributed and non-attributed stuff in the book? The Herald reads as if there were just some attributions left off a list.
-
I hope once we help deal with the tradgedy in Samoa, there are some serious questions raised about how this panned out in New Zealand.
I'd like to hear other's opinions, but from Sydney, like JP Hansen says above, the news and CD appeared to be saying the waves had passed, when it was pretty damn evident that they hadn't arrived yet.
-
Interesting twitter stream from a NOAA scientist, including a graph of the 12 foot surge at Pago Pago: http://twitter.com/brianshiro