Tin foil isn’t likely to help protect your credit card.

May 24, 2015

>>DISCLAIMER: the following is based on my reading/research and is not offered in any professional capacity. Readers should always do their own research and talk to their credit card companies. <<

The new cards (issued in the last year) with the visible “chip” on them are “Chip and Pin” or “Chip and Signature” cards. That visible chip is not an RFID chip, it is actually a form of computer that improves the security of your card. This is not readable from a distance. There were cards issues a few years ago that did have RFID chips that allowed you to wave a card at a scanner and conduct a purchase. Those cards that still offer that feature have (generally) had encryption added to the cards to make it harder to use any information picked up remotely .

By October of this year all retail merchants are supposed to upgrade their scanners to only accept the “Chip and Signature/Pin” technology. In Europe, you insert your card into a slot (vs swipe) and have to enter a secret 4 digit code (like you use with your ATM). However, the American credit card companies did some “market research” and concluded that we Americans would be upset if we had to do TWO new things to make credit card purchases. Examples of these terminals are in place at Walmart, Lowes, Target and Home Depot. Note that the Target and Home Depot were where many MILLIONS of us had our credit card information stolen because those firms were hacked. Walmart, love them or hate them, have actually turned their readers on so you have to insert a Chip card vs swipe it.

That last point is vital, until most retailers turn on their Chip readers, any card can be read by a pocket skimmer and duplicated. I have a Marriott Signature card, very fancy, carbon fiber, and has a Chip. Well, one of the local restaurants has a bad apple and the card got skimmed, duplicated and used at a convenience store and then at a gas station. Visa figured it out, texted me and we killed the card. Last year the card was compromised at Lowe’s.

Now, using a card ONLINE is another can of worms. There are several vulnerabilities between you and the actual credit card payment processing company. First, always make sure you see https:// in the address bar of your browser (and the little green lock) before using a credit card online (this site has that feature so go look right now on your address bar). The rest of the vulnerabilities are, as far as I can tell, out of your hands. The larger the vendor the better the odds that they have taken additional steps in compliance with a mandatory standard called PCI DSS 3.1 however…. not all of those protections will be in place for another year or so…..

So what else can you do? Personally, I’ve opted for several credit cards designated for different purposes. We use one card for online purchases, one for auto pay (some utilities are happy to bill my credit card), one for retail and one for travel, Some may say having four cards in play makes me four times as vulnerable but oddly enough the card that has been replaced the most often is the card I use for retail purposes!

Now if someone out there is more involved in the PCI world, they are welcome to (politely) correct any misstatements or provide additional fact based evidence.

Advertisements

How to Create a Listing of a PowerPoint Deck’s Slide Titles

December 29, 2014

Did you ever want to have a listing of JUST the titles for your slide deck in a Word document or printed out? Apparently this is not a common requirement, but it is one that I have had on several occasions of late. My scenario is that in preparing decks with 40-120 slides to support professional education classes, I often want a catalog or table of contents for my decks presented in a compact manner.

Normally, an experienced user would go to Outline view in PowerPoint and then copy and paste into MS Word. Alas, the text comes over without any styling attributes so you can’t then collapse the outline and print….

After a bit of fiddling in PowerPoint 2013 I realized that the outline view in PowerPoint still supports a “Collapse All” feature when you right click on a slide title in the outline view. By collapsing the slides you can now print or copy/paste JUST the titles 🙂


More reflections on my relationship with Computer Harpoon

November 13, 2014

Looking over the few items I have posted over the years I reflected on the fact that I don’t miss Harpoon one bit.  Granted, I just completed a chapter on Computer Harpoon for a forthcoming MIT Press book tentatively titled “Zones of Control” due out in early 2016.  In some respects writing that provided a lot of retrospective and dredged up some old memories.  I sent draft copies to everyone I tried to mention (only the positive mentions, I skipped the names of the trolls) and received a few corrections and general agreement that my memory was accurate.

I did find it interesting to go through my archive box, including the original design notebooks (which we thought were lost), letters, marketing materials, reviews in the US Naval Institute Press, etc.  The game is actually never far from my mind because i have two of the framed “Tom the Captain” game posters from 1988 in my offices (home and day job). But I don’t really dwell on it.

Tom Frisina Harpoon 1 Poster

Tom Frisina Harpoon 1 Poster

When I guest lecture to classes at Texas A&M I try to provide some insight into what the business was like in the 1980’s and 1990’s but make it clear that I’m there to provide historical context only.  We didn’t have mobile, cloud, nor Facebook so my lessons learned have to be generic (like dealing with publishers, staff and the usual software development issues).

I am probably closer to donating the materials to one of the three museums who have expressed interest in my collection of period naval games.  I think most of the interest is in the Harpoon project archives (including source code).

I haven’t played any naval games and am only interested in beating Diablo in Diablo II and playing the new Homeworld products in 2015 onward.

Besides, I start a new job on Monday with ViaSat and will get to learn about networking while sharing my knowledge of project, product and software engineering managment.  I’m goining to be VERY busy for some time to come.


Solved BlueTooth Contacts Issue between Elantra and Galaxy S5

November 13, 2014

The product that solved the problem is: BlueTooth Phonebook.
The phone would not sync more than about 5 contacts with the car before timing out and failing. I tried on two different Elantra SE’s and two different Galaxy S5 phones. Something is wrong with the implementation (if not design) that causes these two Korean products to not talk to each other given my phone’s contact configuration (i.e. Google, Touchdown and Outlook apps – plus the phone storage).

Tried the demo and it worked flawlessly so the $2 was easy.

I can’t tell if the app continues to run or caused a setting to change allowing the devices to transfer as they were intended.

I am slightly annoyed by the behavior of the phone/car re synching 450 contracts if ANY contact changes on the phone. I can’t tell if that is the car, the phone or something that this app did. Considering the overall benefit of being able to use the phone through the car – I’ll live with it.

— Updated —

Interesting development.  I must have missed it but it seems that the Elantra will only sync with contacts in the phone’s onboard memory, not any of your applications.  I’m sure this is documented somewhere – thus it is my oversight but all the same… That’s the root cause.


This sums up my experience w trolls

April 19, 2014

http://xkcd.com/1357/

I do not miss them at all.

 


TaxAct – I found my tax software!!

February 27, 2014

Am entering the very last entries for our fairly complicated personal income tax and I have to say TaxAct has taken much of the pain out of the process. And so far, they have not lost any data… Much more than I can say for H&R Block At Home. I haven’t needed to talk to Support yet so I can’t compare their integrity to H&R Block’s false promises.

Another interesting comparison is the TaxAct is constantly asking for feedback, I don’t recall H&R Block ever doing that…. Maybe because management didn’t want to hear what they already knew…..


Norton Internet Security – doesn’t know Norton 360 Installer – FUNNY!

December 21, 2013

Strictly on a funny note, as I have liked Norton Internet Security for many years.  I decided to upgrade to the 360 product and found it funny that the prior product didn’t recognize the upgrade 🙂

Norton ON Norton