|
Is PCI federally enforced? I thought it was just payment-processor policy, which is why the places that get breached don't face government intervention and just get chided by their processor.
|
#
?
Jan 10, 2017 17:01
|
|
|
|
| # ? May 17, 2024 20:44 |
|
|
FactsAreUseless posted:Lowtax handles it all, but IIRC we work with a CC processing company, I don't know who though. Oh yeah that makes more sense  Subjunctive posted:Is PCI federally enforced? I thought it was just payment-processor policy, which is why the places that get breached don't face government intervention and just get chided by their processor. The way I understand it to work there's not any specific laws about it but it's basically like signing a contract that opens you up to new and interesting lawsuit possibilities so it's sort of "enforced" that way
|
|
#
?
Jan 10, 2017 17:23
|
|
|
ate all the Oreos posted:Oh yeah that makes more sense Yeah it's not that you'll go to jail, necessarily, you'll just get turbofucked and your company will be sued into the ground.
|
|
#
?
Jan 10, 2017 17:29
|
|
|
BWM: Processing your own payments on-site. Use a 3rd party vendor. It's a pain in the rear end to maintain PCI compliance, let someone else deal with it.
|
|
#
?
Jan 10, 2017 17:34
|
|
|
FactsAreUseless posted:No mods or admins have access to your credit card information, or any other user's. I just want to make sure everyone knows this. We do not see this information at all ever. It is not associated with your account. There are actual federal regulations dealing with how CC information is handled. As someone who worked at Steadfast (where the servers for this site are housed), that isn't true at all.
|
|
#
?
Jan 10, 2017 17:40
|
|
|
ate all the Oreos posted:Oh yeah that makes more sense The ultimate threat isn't lawsuits - it's having your processor cut off your ability to take credit cards. People do take that seriously. But, PCI DSS sees nothing wrong with storing or logging the cardholder name for up to a quarter for one-time transactions, or indefinitely if the customer opts in to a store-my-credit-card system. The only thing you absolutely can't keep is CVV or PIN data (unless you're Amazon-sized and can write your own rules, anyway).
|
|
#
?
Jan 10, 2017 17:47
|
|
|
negromancer posted:As someone who worked at Steadfast (where the servers for this site are housed), that isn't true at all. How would the hosting provider know? Are they looking at private customer data?
|
|
#
?
Jan 10, 2017 17:50
|
|
|
Subjunctive posted:How would the hosting provider know? Are they looking at private customer data? Because a) the actual factual servers are there b) places like steadfast do more than just swap out hard drives. It was expected to do pretty much whatever was asked by the customers, and the concept of within reason hadn't made it to this company. c) I work in information security and I'm not an idiot and know more about PCI-DSS and CC processing regulatory stuff than most, considering a former boss helped write the poo poo.
|
|
#
?
Jan 10, 2017 17:53
|
|
|
Subjunctive posted:How would the hosting provider know? Are they looking at private customer data? Everyone I've ever met who worked at hosting providers with explicit rules to not look at customer data still constantly looked at customer data.
|
|
#
?
Jan 10, 2017 17:53
|
|
|
negromancer posted:As someone who worked at Steadfast (where the servers for this site are housed), that isn't true at all.
|
|
#
?
Jan 10, 2017 17:55
|
|
|
negromancer posted:Because
|
|
#
?
Jan 10, 2017 17:58
|
|
|
negromancer posted:Because Is that a "yes"? Did you look at the server contents?
|
|
#
?
Jan 10, 2017 18:07
|
|
|
Hyrax Attack! posted:Kinda related, I have a friend who became a Washington State forest ranger and it was a terrible job. It was to be expected that his first posting was in the middle of nowhere, which is fair, but the pay was atrocious and he kept getting furloughed and rehired. This got missed at the end of the last page, but instead of stealing from the break room fridge, a guy went next level and stole the entire fridge.
|
|
#
?
Jan 10, 2017 19:02
|
|
|
crazypeltast52 posted:This got missed at the end of the last page, but instead of stealing from the break room fridge, a guy went next level and stole the entire fridge. Haha yeah he gave it to a friend who was opening a bar. I guess he was hoping the state wouldn't notice or investigate a law officer stealing equipment. The other park employees didn't overlook having warm lunches. BWM Content! "How Uber Conquered London" https://www.theguardian.com/technology/2016/apr/27/how-uber-conquered-london Uber screwing over drivers is a well trod topic, but this article breaks down the entire process of Uber arriving at a city and making things great initially for drivers, but gradually lowering pay after they have a large pool of workers. So if you are in on the ground floor as a driver you can make bank but probably want to bail once the service takes off, unless you are in management. quote:Driver No 1 was Darren Thomas... ....He signed up for as many hours as he could bear. “I absolutely caned it,” he told me. Soon he was earning £2,500 a week. Sounds pretty good for the drivers! How were more being recruited? quote:By the autumn, he had around 100 drivers on his books and an “allowable burn” of £50,000 a week to recruit drivers to the platform. “I was often told, ‘Burn more’,” he told me. “We never had a numbers target. It was always just more drivers, more drivers, more drivers.” Did the £2,500 a week remain for drivers? quote:Tino has driven more than 2,500 trips for Uber with a rating of 4.9 in a Citroen C4 Grand Picasso... ...Both Tino and Mirza were adamant that their lives had improved since they started driving for Uber. The only times our conversations stumbled were when it came to the nitty-gritty of how much they earned, and the precise nature of their relationship to the company. Tino told me that he typically works between 50 and 60 hours a week for Uber, earning £800. Owning his car outright, his costs came to around £160 a week. When I suggested that this made for an hourly wage of between £10 and £12 an hour, Tino shook his head. “Nah, it’s more than that,” he said, and told me he earned £16 an hour. (According to Uber, average driver pay is £16 an hour.) When Mirza set out his projected earnings for the year, he forgot to deduct the cost of his private hire insurance, which all drivers must have and which often comes to around £4,000. And what happens when there are tens of thousands of Uber drivers? quote:In London, the number of private hire vehicles jumped sharply – up 13,000, or 25% – in the two years following the launch of UberX. The first price cut took place in August 2014. A few weeks later, on a visit to the capital, Travis Kalanick announced that he wanted 42,000 drivers in London, six times as many as were on the road at the time. (Uber denies this is an official goal.) In such a crowded marketplace, and with prices falling all the time, Miah did not see how his sums could continue to make sense. That December, his weekly takings from Uber fell to around £800 – £430 after his costs – or just over £7 an hour. Perhaps it is the drivers who are wrong. quote:A few weeks earlier, Uber had raised the commission (in London) it would take from new drivers from 20% to 25%. The more drivers have complained, the more adamant Uber has been that they are wrong. “They have got protests over wage cuts and local operations managers will come out and say, ‘No! But I have a graph that says you are going to earn 17% more,’” said Rosenblat. “They can say that over and over but the drivers are just like, ‘I know what I took home in my pay last month.’” Does anyone know an Uber driver in a major city that is getting a good deal from the service? I've heard nothing but bad things.
|
|
#
?
Jan 10, 2017 19:38
|
|
|
I drove for uber briefly in grad school because I was burned out from substitute teaching. I went back to subbing after less than a month. gently caress Uber.
|
|
#
?
Jan 10, 2017 19:43
|
|
|
Krispy Kareem posted:Probably blowjobs under the Forestry bleachers. Those boys who lettered in Forestry got all the ladies. Wait, so you're telling me that forestry jobs are located in forests? Not densely populated north eastern states with little to no public land.
|
|
#
?
Jan 10, 2017 19:47
|
|
|
A facebook friend of mine who just recently got his driver's license is looking to buy a car so he can drive for uber in NYC. I'm excited to see the way this unfolds.
|
|
#
?
Jan 10, 2017 19:47
|
|
|
I drive for Lyft very occasionally. It's nice when I have gently caress all to do all weekend and wanna make a little extra. I probably pull 125-150 a weekend after expenses, right around to under 10 bucks an hour. I would never do it full time though.
|
|
#
?
Jan 10, 2017 20:04
|
|
|
Driving full-time for uber is always BWM. The people that think they are making out on the deal are also BWM. I had a friend who used to be able to walk to work and made $12 an hour. He quit and took a job that was an hour drive away and had fewer hours for a $1.50 raise and an employee discount on lunch. By his logic, he was working less and making more money. When you factored in gas, miles, and time he was way behind, but the topline numbers of hours worked and salary was better!
|
|
#
?
Jan 10, 2017 20:07
|
|
|
If you want extra cash on the side just deliver pizza. $12 - $16 /hr depending on the night.
|
|
#
?
Jan 10, 2017 20:09
|
|
|
rotaryfun posted:If you want extra cash on the side just deliver pizza. $12 - $16 /hr depending on the night. Yeah, but then I have to deal with someone elses schedule and covering shifts and all sorts of stuff I don't want to. For me, Lyft/Uber is literally 1 weekend every month or so.
|
|
#
?
Jan 10, 2017 20:14
|
|
|
Am I the only one in the civilized world who hasn't taken an Uber/Lyft/whatever ride? Granted, I've only been on a handful of trips in the last couple of years, but I've walked or used that city's mass transit. I don't do it out of principle, just never felt the need to Uber. Yet I read about people using it several times a week. Though I did hop a ride through Shanghai in one of those three-wheeled taxis that is basically like putting a metal box and an extra wheel on a motorcycle. Surprisingly fun. Content: These loving things are BWM:  Saw this on facebook; a friend of a friend's post. That same friend is addicted to them too. I used to waste all my money at Newbury Comics when I was a teenager. Not on figurines for the most part, usually CDs and sometimes shirts. But I was 17.. that's to be expected. I know a few friends who continue to do that, but they're approaching 30. One of them specifically buys a ton of those Pop figurines, lives at home, doesn't have a license, and gets a ride every day to the same part time job he's had for a decade. e: I say that as someone who might buy 1990s Ninja Turtles figures if given the chance, so Moneyball fucked around with this message at 20:18 on Jan 10, 2017 |
|
#
?
Jan 10, 2017 20:15
|
|
|
Leon Trotsky 2012 posted:Driving full-time for uber is always BWM. The people that think they are making out on the deal are also BWM. Any time I'm considering moving apartments I think about how much I'd be saving or spending vs. how much my commute time would change, all else equal. It takes 60 seconds to calculate "I'm paying myself $40/hour to drive an extra 3 hours a week", or "I'm paying $35/hour more in rent to prevent 3 hours of extra driving/week" or whatever. My colleagues (PhDs and masters degrees in chemistry/engineering) look at me like I'm crazy for bothering to calculate that. It's not like they don't care; they'll say things like "well yeah I'm paying more money but I also get to live a lot closer" without realizing they're paying like $1,000+/month more to save 20 minutes a day of driving or whatever. Like... run the numbers, it takes 5 seconds, and you don't have to use it as your only decision point since there's a lot more to moving than just cost and commute, but it might as well be a factor Moneyball posted:Am I the only one in the civilized world who hasn't taken an Uber/Lyft/whatever ride? Granted, I've only been on a handful of trips in the last couple of years, but I've walked or used that city's mass transit. I don't do it out of principle, just never felt the need to Uber. Yet I read about people using it several times a week. I also take uber to the airport. 17-minute ride, 10 miles, ends up being between $10-$12 most days. I don't know why you'd use anything else in that instance. Blinky2099 fucked around with this message at 20:23 on Jan 10, 2017 |
|
#
?
Jan 10, 2017 20:19
|
|
|
Moneyball posted:Am I the only one in the civilized world who hasn't taken an Uber/Lyft/whatever ride? Granted, I've only been on a handful of trips in the last couple of years, but I've walked or used that city's mass transit. I don't do it out of principle, just never felt the need to Uber. Yet I read about people using it several times a week. the new pop figures is record collecting. what a waste
|
|
#
?
Jan 10, 2017 20:22
|
|
|
Leon Trotsky 2012 posted:Driving full-time for uber is always BWM. The people that think they are making out on the deal are also BWM. Lots of Real Smart People have done the math and the depreciation and wear on your car pretty much cancels out any money you make from Uber to the point where it's basically just a service for exchanging car value for instant cash except you also have to work for it at the same time.
|
|
#
?
Jan 10, 2017 20:24
|
|
|
Blew their windfall on a 6 figure Mercedes, now $100 increase in insurance is a problem. https://www.reddit.com/r/personalfinance/comments/5n6y8m/how_to_save_on_car_insurance_i_moved_to_my_own/ posted:Had a very big windfall and spent 6 figures on a brand new AMG in 2015 and got my own policy. My car has depreciated hard but Geico has steadily been increasing my rates and my six month premium is now $100 more than it was when I first bought the car. Why and how can I reduce this? No accidents, tickets or any other factors that I am aware of to make it increase. Also car has been at same address the whole time. Parents are close to retiring, so he wants to buy them a convenience store to run (???) https://www.reddit.com/r/personalfinance/comments/5n6i36/buying_a_small_business_for_parents/ posted:Hi Lied during a job interview about previous pay, oops https://www.reddit.com/r/personalfinance/comments/5n5nes/overstated_salary_to_new_employer_background/ posted:I've been looking for a new job for the past year and I currently make 70 and had a bonus of 10 last year. I told the new employer that I make 85 and my bonus was 12. They gave me an offer for 100 which I am very happy with.
|
|
#
?
Jan 10, 2017 20:24
|
|
|
Blinky2099 posted:You're missing out. I took a 30-minute uber ride on NYE to get back to the train station and it cost $13 because there was no surge pricing and the actual travel distance was only something like 3 miles. People take taxis all the time and uber/lyft are regularly much cheaper than taxis. If it were just burning VC dollars I'd agree but you're also loving over poor people in the process. If you're going to use these services at least use Lyft since they let you tip.
|
|
#
?
Jan 10, 2017 20:28
|
|
|
ate all the Oreos posted:If you're going to use these services at least use Lyft since they let you tip. There used to be this thing you could use to give people money. It was convenient and universal and everyone accepted it, even Uber drivers. What the hell was it called...
|
|
#
?
Jan 10, 2017 20:30
|
|
|
Droo posted:There used to be this thing you could use to give people money. It was convenient and universal and everyone accepted it, even Uber drivers. What the hell was it called... "Thing you don't always have in your pockets these days." I wish the Uber app had a tip button.
|
|
#
?
Jan 10, 2017 20:31
|
|
|
quote:Parents are close to retiring, so he wants to buy them a convenience store to run (???)  Except for the english part. Though we're from Boston, so it's only the pronunciation that sucks. Might have to make a BFC thread someday about what to do about them. Buy a multi family home and let them live for free? Droo posted:There used to be this thing you could use to give people money. It was convenient and universal and everyone accepted it, even Uber drivers. What the hell was it called... Fiat currency, man. It's all a scam. Bitcoin is the future
|
|
#
?
Jan 10, 2017 20:33
|
|
|
Droo posted:Parents are close to retiring, so he wants to buy them a convenience store to run (???) I had no idea you could buy an entire convenience store for $24k
|
|
#
?
Jan 10, 2017 20:36
|
|
|
quote:Tino told me that he typically works between 50 and 60 hours a week for Uber, earning £800. Owning his car outright, his costs came to around £160 a week. When I suggested that this made for an hourly wage of between £10 and £12 an hour, Tino shook his head. “Nah, it’s more than that,” he said, and told me he earned £16 an hour. This, here, is why Uber still exists.
|
|
#
?
Jan 10, 2017 20:42
|
|
|
negromancer posted:Because No one thinks you're an idiot, people just aren't sure what you're claiming, including me. The easiest way to get PCI 3 is to just use a payment processor and not store the payment card information yourself. But the billing address isn't covered, so you could store that, and it could be recoverable from the service anyway (at least it was at the one I worked at). So are you saying that a steadfast employee, having physical access to the servers, could eventually get read access to databases running on them, including any stored billing addresses? And they would do this if a customer asked them to? Wouldn't the customer already have remote access anyway? And what does this have to do with mods?
|
|
#
?
Jan 10, 2017 20:46
|
|
|
Hyrax Attack! posted:Kinda related, I have a friend who became a Washington State forest ranger and it was a terrible job. It was to be expected that his first posting was in the middle of nowhere, which is fair, but the pay was atrocious and he kept getting furloughed and rehired. Haha. We either have the same friend, or there are two very, very similar people in Washington state.
|
|
#
?
Jan 10, 2017 20:52
|
|
|
Droo posted:
What would happen if he provided doctored W2's and paystubs? Would this constitute fraud?
|
|
#
?
Jan 10, 2017 21:07
|
|
|
Why do taxis cost so much? Maintenance on a vehicle driving ~3,000 miles a month in traffic is costly Fuel is costly Commercial insurance for livery drivers is much more expensive than car insurance for private use Paying salary and benefits for employees on a W-2 is costly In some cities, the licensing is extremely expensive to run a legal taxi Pricing is inelastic, and it's difficult and costly to add capacity during peak times Why do Uber customers (and drivers) think taxis cost so much? Because the companies are ripping you off, man! Uber always says they're a "ride sharing" company, implying a driver is simply picking up a passenger for a slight detour on a trip they're making anyway. It's actually a bootleg taxi company. If Uber actually was what the company said it is, I'd be an Uber driver and passenger all the time. Sure, I'll pick up a passenger on the way from driving in from the suburbs to downtown to see a baseball game. That sounds like a beneficial thing for both of us.
|
|
#
?
Jan 10, 2017 21:11
|
|
|
Hyrax Attack! posted:Does anyone know an Uber driver in a major city that is getting a good deal from the service? I've heard nothing but bad things. My brother's friend does it in exurban Chicago, but she only does it every other weekend when her ex-husband has the kids. Supposedly, it's just long enough that she'll get some text message incentive/bonus like "come back! drive for us!" between her driving periods, and half the time it's just shuttling drunks back and forth between a convention center and one of the two or three hotels a block or two away. e: no idea if she actually makes money at the end of it all including fuel costs and wear and tear, but she is historically BWM so maybe not brugroffil fucked around with this message at 21:19 on Jan 10, 2017 |
|
#
?
Jan 10, 2017 21:13
|
|
|
ate all the Oreos posted:Everyone I've ever met who worked at hosting providers with explicit rules to not look at customer data still constantly looked at customer data. Especially if the customer is losing their poo poo about something being hosed up on the server and threatening to leave. The higher ups would tell you "just log in as root and fix it". FactsAreUseless posted:Okay, then who has access to it? Because I sure as poo poo don't. Literally any steadfast employee has root access, on top of anyone who may have written down passwords or created user accounts on the servers themselves (lol if you think they do password rotations on every server). And of course whoever Lowtax has given access to. FactsAreUseless posted:So Steadfast has access to it? If you think credit card info isn't secure, tell Lowtax. Either way it's not something the mods and admins can find. I'm not getting paid to do that, so no. Subjunctive posted:Is that a "yes"? Did you look at the server contents? Maybe. I don't remember every ticket I did for Lowtax, but I feel like I've actually done something on the load balancers at one point. Doc Hawkins posted:No one thinks you're an idiot, people just aren't sure what you're claiming, including me. The easiest way to get PCI 3 is to just use a payment processor and not store the payment card information yourself. But the billing address isn't covered, so you could store that, and it could be recoverable from the service anyway (at least it was at the one I worked at). So are you saying that a steadfast employee, having physical access to the servers, could eventually get read access to databases running on them, including any stored billing addresses? And they would do this if a customer asked them to? Wouldn't the customer already have remote access anyway? And what does this have to do with mods? Yes, and they don't use a direct payment processor. Data is still retained by Lowtax (for accounting purposes). And 2 years ago the CDE was not separated properly from the rest of the environment, so... The first rule of internet security is physical access is full access. And the reasons why we would log into customers servers is because most hosting customers are dumb as the gently caress. They forget passwords, wipe out data, gently caress up configs, etc (USER WAS BANNED FOR THIS POST)
|
|
#
?
Jan 10, 2017 21:14
|
|
|
zen death robot posted:Negromancer you are painfully full of poo poo and I already called you out on this once. gently caress off before I ban you for spreading bullshit info to scare people. Oh so I didn't work at Steadfast? Ok. 
|
|
#
?
Jan 10, 2017 21:17
|
|
|
|
| # ? May 17, 2024 20:44 |
|
|
we knew you worked at steadfast, you just weren't specifying the degree of access and whether staff were aware of how they'd access it not segmenting data isn't the same as all access roles having intended access to it e: to clarify the degree of access sa staff would have to relevant cc info, not you specifically Wiggly Wayne DDS fucked around with this message at 21:22 on Jan 10, 2017 |
|
#
?
Jan 10, 2017 21:19
|
|
