|
things pissing me off right now, being super busy at work (generally not a bad thing) but I'm also apartment hunting, lease ends 5/31 and I've yet to find anything.
|
#
?
Apr 18, 2016 17:48
|
|
|
|
| # ? May 31, 2024 22:42 |
|
|
Re: those blocked chip card slots. Don't blame the stores for not turning on chip and signature, blame the processors for not having those terminals certified yet: https://consumerist.com/2016/03/22/retailers-frustrated-about-chip-card-terminals-they-cant-turn-on-liability-for-fraud/ (Actually, blame everyone involved for waiting until the last minute.) ChickenOfTomorrow fucked around with this message at 17:51 on Apr 18, 2016 |
|
#
?
Apr 18, 2016 17:48
|
|
|
I wish I saw places with signs over their chip readers. I just end up asking at every single store I go to.
|
|
#
?
Apr 18, 2016 17:59
|
|
|
ChickenOfTomorrow posted:Re: those blocked chip card slots. Related: I picked up a contract 6 months ago to do a rollout of new terminals for the local stores of a national chain. The rollout has been delayed 4 times now, pushing it back 4 months from the original install date due to "software issues"
|
|
#
?
Apr 18, 2016 18:16
|
|
|
Yeah, in general I wouldn't blame the stores. We were originally going to get the chip readers back in October, but then that got pushed into January to avoid issues during the Christmas season. Our stuff had been on order for months but only recently did we even get the new terminals in; we still can't use the chip though because the software we were given doesn't work with it yet and we have to wait for the company to give us the update. I have no loving clue when that will even be.
|
|
#
?
Apr 18, 2016 18:46
|
|
|
Chip 'n' signature is loving stupid. Guess what? Your chip can still be cloned. Chip and pin is the only way to go. Canada has had it in place for years.
|
|
#
?
Apr 18, 2016 18:49
|
|
|
Garrand posted:Yeah, in general I wouldn't blame the stores. We were originally going to get the chip readers back in October, but then that got pushed into January to avoid issues during the Christmas season. Our stuff had been on order for months but only recently did we even get the new terminals in; we still can't use the chip though because the software we were given doesn't work with it yet and we have to wait for the company to give us the update. I have no loving clue when that will even be. It's everyone waiting on the last minute. Manufactures not seeing that people will wait to the last month, software vendors not seeing the lack of demand as people waiting until the last minute. Oh and stores waiting until the last minute instead of adopting early, but you also can't fault them. They don't want to put extra wear and tear on their new expensive equipment when their old stuff can take that instead, and it will have to be thrown out since it can't read chip.
|
|
#
?
Apr 18, 2016 18:50
|
|
|
Not pissing me off: there's a guy in this class named Jeff K.
|
|
#
?
Apr 18, 2016 18:51
|
|
|
pixaal posted:It's everyone waiting on the last minute. Manufactures not seeing that people will wait to the last month, software vendors not seeing the lack of demand as people waiting until the last minute. Oh and stores waiting until the last minute instead of adopting early, but you also can't fault them. They don't want to put extra wear and tear on their new expensive equipment when their old stuff can take that instead, and it will have to be thrown out since it can't read chip. There's also the problem that early adopting generally causes nothing but trouble for said adopters. I've heard enough about slow readers and buggy software that I absolutely understand stores wanting to wait till some of the kinks have been worked out. January is our slowest time of year which is a major reason why we wanted to do it then, but then nothing came of it. I'm hoping there's no major problems now that the summer and another busy time is coming up.
|
|
#
?
Apr 18, 2016 19:00
|
|
|
Oh I forgot to blame credit card companies. They didn't put chips on until right up to the deadline. I got a credit card from Chase a few months before the switch over without a chip and they issued me a new card with one 2 weeks later. Why? Chip and
|
|
#
?
Apr 18, 2016 19:03
|
|
|
Spazz posted:Chip 'n' signature is loving stupid. Guess what? Your chip can still be cloned. Chip and pin is the only way to go. Canada has had it in place for years. Well not the ONLY way to go. Chip and pin still has vulnerabilities. It's just the best yet to make it to market.
|
|
#
?
Apr 18, 2016 19:04
|
|
|
loving email servers. Its always something with loving email that gets me into dumb meetings. Dumb C-Level: Can you tell me why our lawyer can't send us emails? Me: Let me see... I am showing we are getting emails from him? Are you needing help with something in particular? Dumb C-Level: He had to send me this email to my gmail, this is ridiculous! Me: look over email, hmm, it was rejected because it is too large. He got a rejection saying it was too large. Dumb C-Level: This is absurd! We shouldn't have restrictions on attachment sizes. Me: You are also the one who approved the restriction. Dumb C-Level: I did no such thing. Me: Here is the email.... Dumb C-Level: I want this fixed Me: Okay, what would you like to be done? Dumb C-Level: I want restrictions removed. Me: That could be very costly, are you sure this is what you want? Dumb C-Level: Yes. Me: Okay then. Sending this off to the CEO to be approved. And today I get to spec out 125k email cluster for a small business because attachment size should never be an issue again. (it will)
|
|
#
?
Apr 18, 2016 19:07
|
|
|
Arsten posted:Chip and PIN are set by the bank you have your cards with. Of three credit providers, two use Chip and PIN and one uses the old style card, but is upgrading everyone to Chip and Signature and on January 1 2017, it'll be Chip and PIN. Maybe don't go with Bob's Legitimate Credit Card Service for your credit accounts? I have cards from two of the larger banks in the US, so it isn't in fact Bob's, and I believe they're moving towards PIN but it's not actually a PIN yet, it's still a signature at every single store I've been to that even has a chip reader and I've gotten no letters from either issuer with PIN information. quote:Also, I use two major banks and both of them do free ACH account transfers domestically. You only pay if you try to Wire or send to an international bank account. I have literally paid for two bank transfers (of several thousand in total) in the last five or so years, and both of them were wires. To accounts owned by other people? That would be new and surprising to me (especially given the recent popularity of SquareCash and Venmo, services which as far as I know popped up precisely because US banks don't offer the free ability for people to pay other people by bank transfer). Transferring between accounts you own has been free for years though.
|
|
#
?
Apr 18, 2016 19:09
|
|
|
xzzy posted:Well not the ONLY way to go. Chip and pin still has vulnerabilities. It's just the best yet to make it to market. Everything will have vulnerabilities, but a chip and pin is arguably much better in terms of lost/stolen credit cards along with another component needed for authorizing payments. Besides, when was the last time someone actually checked the signature on the back of your card?
|
|
#
?
Apr 18, 2016 19:13
|
|
|
I agree it's an improvement, but I have a habit of warning people who talk about absolutes in computer security. The perfect solution doesn't exist and the bad dudes are always trying to break poo poo so no one gets to rest for a minute trying to find a better system.
|
|
#
?
Apr 18, 2016 19:22
|
|
|
Potato Alley posted:Yeah. That's kind of like saying "well my car starts with a button, but of course there's also a rolling-code electronic authorization from a keyfob to allow it to start"**. You Europeans and your fancy "banks that believe in more than 15 character passwords" and "banks that understand the security increase of two-factor" and "free transfers from any bank account to another without involving stupid poo poo like Paypal". Hows about you gently caress off and take your danishes with you. The security is from the chip. Traditional credit cards have an easy to replicate magnetic strip. Chip credit cards are nearly impossible to reproduce. Even if your chip+pin credit card is physically stolen it is possible to complete transactions with a spoofed pin, as pin verification is handled outside of transaction verification, or to call into the bank to reset the pin with an automated system, or to capture the pin as part of the credit card theft(ATM card trap.) Spazz posted:Chip 'n' signature is loving stupid. Guess what? Your chip can still be cloned. Chip and pin is the only way to go. Canada has had it in place for years.
|
|
#
?
Apr 18, 2016 19:55
|
|
|
lampey posted:There are plenty of other types of fraud, mainly card not present transactions, but having a chip credit card cloned is not an issue. Yes, but it's about layers of security. Knocking out some low hanging fruit is always better than nothing and makes it harder to clone a card and use it in person for fraud. For example, when my sister had her card stolen it was used at a gas station to confirm it worked and then was used to buy a PS4 and tons of games. A chip and pin would mitigate this from happening. Credit card companies getting their poo poo together and having timely notifications is key to fraud prevention and catching it early. AMEX notifies me as soon as the charge is authorized against their system -- I've been on a call paying a bill and had it text the 'Card not Present' along with the amount before they could even give me the confirmation code. Bank of America notifies me on my credit card sometimes hours or days later for the same thing. Spazz fucked around with this message at 20:02 on Apr 18, 2016 |
|
#
?
Apr 18, 2016 20:00
|
|
|
Potato Alley posted:I have cards from two of the larger banks in the US, so it isn't in fact Bob's, and I believe they're moving towards PIN but it's not actually a PIN yet, it's still a signature at every single store I've been to that even has a chip reader and I've gotten no letters from either issuer with PIN information. Potato Alley posted:To accounts owned by other people? That would be new and surprising to me (especially given the recent popularity of SquareCash and Venmo, services which as far as I know popped up precisely because US banks don't offer the free ability for people to pay other people by bank transfer). Transferring between accounts you own has been free for years though. Yeah. Each bank has it's own ridiculous name for it. Chase is "QuickPay" and Wells Fargo is "SurePay". Both are under the "Payments/Transfers" functions on the respective websites. You send to an email address, then the recipient goes into the email they get and fill out their account information and hit "Yes, i would like this persons' money." and it transfers via ACH. (If they are using the same bank, the transfer is immediate. If not, it takes the normal 2-3 business days for ACH.) These are free to use, though if I remember correctly there was some dollar limit when I first started using them so that someone who got access to your account couldn't clean you out via ACH before you realize it.
|
|
#
?
Apr 18, 2016 20:07
|
|
|
Sickening posted:And today I get to spec out 125k email cluster for a small business because attachment size should never be an issue again. (it will) This is the only way to deal with these sorts of requests. Just present a solution to the problem, throw in the most scale-out storage you can find so that you can just grow forever, and just wait for someone else to make a decision based on cost. The CYA email is required for you to get to this point though. I have a feeling you're a bit of a veteran at playing this game.
|
|
#
?
Apr 18, 2016 20:40
|
|
|
Arsten posted:What issuers? I'll avoid them like the plague. USAA and Citi. It's possible they actually did enable this in the past few months - I haven't actually checked, I'm just going by what they've sent or not sent me, and while both were pretty quick to send me EMV cards last year they both stated that the PIN component would be figured out later. quote:Yeah. Each bank has it's own ridiculous name for it. Chase is "QuickPay" and Wells Fargo is "SurePay". Both are under the "Payments/Transfers" functions on the respective websites. You send to an email address, then the recipient goes into the email they get and fill out their account information and hit "Yes, i would like this persons' money." and it transfers via ACH. (If they are using the same bank, the transfer is immediate. If not, it takes the normal 2-3 business days for ACH.) These are free to use, though if I remember correctly there was some dollar limit when I first started using them so that someone who got access to your account couldn't clean you out via ACH before you realize it. Hrm interesting. I confess I hadn't looked into this in the past 5-6 years so maybe it became possible recently? I'm quite sure that whenever I looked into it almost no bank offered free ACH transfers to other people, only to your own accounts, and transfer to other people were "use our bill pay service and we'll mail them a check". lampey posted:The security is from the chip. Traditional credit cards have an easy to replicate magnetic strip. Chip credit cards are nearly impossible to reproduce. Even if your chip+pin credit card is physically stolen it is possible to complete transactions with a spoofed pin, as pin verification is handled outside of transaction verification, or to call into the bank to reset the pin with an automated system, or to capture the pin as part of the credit card theft(ATM card trap.) First off, nearly impossible isn't impossible, and the pre-play attack already exists, though a quick Google doesn't turn up much evidence of it being used. More relevant though is the attack vectors you're suggesting on the PIN are possible, but not necessarily simple and easy - certainly would be a pain at scale. Signatures on the other hand are a complete joke. When was the last time you had ANYONE check the signature on the back of your credit card to compare it with the receipt / electronic pad you signed? I don't disagree that creating a fake chip card is an order of magnitude more difficult than magswipe, but that still leaves the very common issue of physical theft of the chip card, which you seem to have downplayed as a possible issue, or taking magswipe data and encoding it onto a new chip card (which there's an article Google shows as being about this very attack but the site isn't loading). So yeah, giving us chip & signature is a pretty stupid move and for the amount of money being spent on all of this by the processors, merchants etc., it's not worth the enhanced security of just the chip portion.
|
|
#
?
Apr 18, 2016 20:41
|
|
|
Arsten posted:Yeah. Each bank has it's own ridiculous name for it. Chase is "QuickPay" and Wells Fargo is "SurePay". Both are under the "Payments/Transfers" functions on the respective websites. You send to an email address, then the recipient goes into the email they get and fill out their account information and hit "Yes, i would like this persons' money." and it transfers via ACH. (If they are using the same bank, the transfer is immediate. If not, it takes the normal 2-3 business days for ACH.) These are free to use, though if I remember correctly there was some dollar limit when I first started using them so that someone who got access to your account couldn't clean you out via ACH before you realize it. I can see why people get pissed off trying to have a bank account in the US, it just seems really medieval. We've had this for ages, for instance: https://en.wikipedia.org/wiki/Faster_Payments_Service. Most providers now have a facility to transfer funds with no surcharges using a phone number.
|
|
#
?
Apr 18, 2016 20:44
|
|
|
Potato Alley posted:USAA and Citi. It's possible they actually did enable this in the past few months - I haven't actually checked, I'm just going by what they've sent or not sent me, and while both were pretty quick to send me EMV cards last year they both stated that the PIN component would be figured out later.  Potato Alley posted:Hrm interesting. I confess I hadn't looked into this in the past 5-6 years so maybe it became possible recently? I'm quite sure that whenever I looked into it almost no bank offered free ACH transfers to other people, only to your own accounts, and transfer to other people were "use our bill pay service and we'll mail them a check". If they don't have it, ask them why they are stifling your political free speech! 
|
|
#
?
Apr 18, 2016 20:53
|
|
|
 I would expect Cisco to have better cable management in a publicly viewable area. You can do better than this, please see me after class.
|
|
#
?
Apr 18, 2016 20:54
|
|
|
Spazz posted:Yes, but it's about layers of security. Knocking out some low hanging fruit is always better than nothing and makes it harder to clone a card and use it in person for fraud. For example, when my sister had her card stolen it was used at a gas station to confirm it worked and then was used to buy a PS4 and tons of games. A chip and pin would mitigate this from happening. Potato Alley posted:So yeah, giving us chip & signature is a pretty stupid move and for the amount of money being spent on all of this by the processors, merchants etc., it's not worth the enhanced security of just the chip portion. The signature is a more useful protection for the consumer after the fact. If your PIN is stolen along with the card it will be more difficult to get the charges reversed. With signature it is a lot easier. Using PIN instead of signature has a cost for the customer service aspect. Just like Blizzard using case insensitive passwords, it is a business decision. If the difference in fraud between a chip+sig and chip+pin is low it isn't worth the extra expense. Most of our clients won't even consider using multi factor authentication as the risk and effects of an account being compromised are minimal and the extra time/money is not worth it. There is no reason that banks and businesses shouldn't provide more secure options but I would not expect every consumer to use them. ADP is a big one that sticks out that needs it and doesn't provide it.
|
|
#
?
Apr 18, 2016 21:12
|
|
|
stubblyhead posted:
Why would you have that side of the Cisco boxes point forward? All the interfaces are on the other side 
|
|
#
?
Apr 19, 2016 03:30
|
|
|
captkirk posted:I wish I saw places with signs over their chip readers. I just end up asking at every single store I go to. The first place that actually had an EMV terminal I've been to was the crappy bodega on my corner.
|
|
#
?
Apr 19, 2016 04:48
|
|
|
Sprechensiesexy posted:Why would you have that side of the Cisco boxes point forward? All the interfaces are on the other side Because Cisco is dumb. Apparently they figure you'll plug in the network cables once, but will want to check out how the power cords are doing every day. CitizenKain fucked around with this message at 05:21 on Apr 19, 2016 |
|
#
?
Apr 19, 2016 04:57
|
|
|
Sprechensiesexy posted:Why would you have that side of the Cisco boxes point forward? All the interfaces are on the other side Which pisses me off every time I'm at our backup site, where we rent a 1/3 cabinet and the people who have the cabinet below us have mounted their network gear the wrong way around so they're blowing hot air into the cold aisle. 
|
|
#
?
Apr 19, 2016 09:38
|
|
|
Collateral Damage posted:Also the interface side is the cold side, airflow wise. Get a full rack?
|
|
#
?
Apr 19, 2016 09:52
|
|
|
Collateral Damage posted:Also the interface side is the cold side, airflow wise. You should tell the NOC staff. Most DCs don't put up with that poo poo. Well, at least a quality data enter wouldn't.
|
|
#
?
Apr 19, 2016 11:19
|
|
|
Moey posted:Get a full rack? Virigoth posted:You should tell the NOC staff. Most DCs don't put up with that poo poo. Well, at least a quality data enter wouldn't.
|
|
#
?
Apr 19, 2016 12:23
|
|
|
Continuing chip card/EMV chat a bit... The retail company I work for is still likely several months away from being able to accept EMV. The hold up however is not us, nor our POS software provider. The hold up is the manufacturer of the credit card pads! Our POS software company is STILL waiting for Verifone to finish beta testing a piece of software. Instead of writing all the logic themselves for handling EMV card authorization they decided to go with a platform Verifone was offering that moves all the logic to the card reader itself and also enables point to point encryption. Verifone has been saying it will be ready in "1-2 months" for almost 2 full years now. Keep in mind it still has to go through all the certification and testing processes once it gets out of beta status. We may have EMV capability sometime around 2020 at this rate.
|
|
#
?
Apr 19, 2016 14:53
|
|
|
you'll go bankrupt from chargeback liability long before then
|
|
#
?
Apr 19, 2016 16:43
|
|
|
Thanks Ants posted:I do not like the ProCurve CLI. There doesn't seem to be a way to select a range of interfaces and then assign a VLAN to them, you have to assign ports to VLANs. config VLAN 123 tag (untag) 1-48 (or a1-d24, etc) exit write mem :edit: Wait you want to select a range of interfaces for configuration first? Yeah, I don't think you can do that. :edit again: You can use port-group, but it's klunky and I think you still have to go into the vlan config mode to add anything. Lord Dudeguy fucked around with this message at 17:13 on Apr 19, 2016 |
|
#
?
Apr 19, 2016 17:09
|
|
|
Something that started to piss me off yesterday, and will probably be an issue for months to come: Local logistics company does seasonal contract work for national airline. National airline changed the way they manage employee IDs and benefit tracking. National airline will no longer manually enter data, local logistics company has to provide data file for automated processing by national airlines HR. Local logistics company has 3 office employees and about 60 runway workers. All of their employee data is in Quickbooks. I need to provide a bridge.
|
|
#
?
Apr 19, 2016 18:01
|
|
|
How automated does this need to be? Can you dump a csv and clean it up with something else?
|
|
#
?
Apr 19, 2016 18:13
|
|
|
ChickenOfTomorrow posted:you'll go bankrupt from chargeback liability long before then Despite all the hype over the supposed "liability shift". How chargebacks are handled hasn't changed a single bit from our point of view. Long as we did everything as expected during a transaction we still win the chargeback.
|
|
#
?
Apr 19, 2016 18:37
|
|
|
thebigcow posted:How automated does this need to be? Can you dump a csv and clean it up with something else? The destination file specification is a fixed width table with almost 40 fields. About 5 of those can be provided by QuickBooks. So someone is going to be manually entering additional data at some point. My biggest concern is making sure that the entered data is valid before sending it to the airline. My current thought is to setup a table in access, do the validation, and have them export the table to the fixed width text file.
|
|
#
?
Apr 19, 2016 19:22
|
|
|
The Fool posted:access Thar be monsters here
|
|
#
?
Apr 19, 2016 19:29
|
|
|
|
| # ? May 31, 2024 22:42 |
|
|
Lord Dudeguy posted:config Yeah it's the different approach that both platforms take - tagging VLANs to a selected range of interfaces vs. tagging a range of interfaces onto a selected VLAN. I think it's more of a 'this is different' reaction than a flaw.
|
|
#
?
Apr 19, 2016 19:56
|
|