One of the key *selling points* of Apple products is that they are designed from the start to protect your data - principally because Apple typically chooses to never be a party to your data what so ever, thus eliminating them directly as a threat to your privacy. In regards to Apple Pay: Apple Pay is also designed to protect your personal information. Apple doesn’t store or have access to the original credit, debit, or prepaid card numbers that you use with Apple Pay. And when you use Apple Pay with credit, debit, or prepaid cards, Apple doesn't retain any transaction information that can be tied back to you—your transactions stay between you, the merchant or developer, and your bank. https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fsupport.apple.com%2Fen-u...

Hey, we're Americans, not some kind of progressive island nation with 10 million people. We're a huge moving ship of 300 million and it takes time to change things, chip + signature is a huge step in the right direction. Why? Most of the scams involving purchases with stolen credit cards involve "carding", or simply stealing the magnetic strip data and reusing it online and on duplicated cards.

The chip eliminates this as the chip can't be skimmed in practice. The big credit card folks (EMV) would love to have you typing a PIN as a second factor, but realistically the chip alone will dramatically reduce credit card fraud. It's really going to be important after Oct 1st for retailers to support chip cards (Many readers now ask you to insert the chip portion of the card in the reader after a magnetic swipe... http://time.com/money/4040808/...

Things like Apple Pay and (soon?) Android pay help with this as well, as skimming a tokenized version of your card is nearly impossible and not reusable.

I recently (last week) had a Amex card compromised, the carders first tried a $1 transaction on a whatever site, it passed, then a few hours later they took the card to nordstrom and tried to buy $1000 worth of crap. The Amex app on my iPhone notified me of a "potentially fraudulent transaction" and gave me a yes/no to accept the transaction. I clicked No of course, which caused them to call me right away and cancel the card. The Amex card that was used for my Apple Pay (which I use frequently) was *not* affected (as it is a tokenized version of the card)

These carder folks use legitimate websites to "test" the card, I read about this case here: http://www.candyjapan.com/cand... which nearly crippled this small business when thousands of "tests" for small orders came through.

For the record, I'm guessing my card was stolen at a gas station, which they are exempt from the new EMV laws until 2016 (according to the time article above)

Jailbroken phone susceptible to data ex-filtration while on special malicious network?? Apple is dying.

http: //support.ntp.org/bin/view/Main/SecurityNotice Buffer overflow in ctl_putdata() References: Sec 2668 / CVE - 2014 - 9295 / VU #852879 Versions: All NTP4 releases before 4.2.8 CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5 Date Resolved: Stable (4.2.8) 18 Dec 2014 Summary: A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process. Mitigation - any of: Upgrade to 4.2.8, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page. Put restrict ... noquery in your ntp.conf file, for non-trusted senders. Credit: This vulnerability was discovered by Stephen Roettger of the Google Security Team. w

Those reversible lanes ("suicide lanes") have been around in Phoenix since a lot longer, starting in the 1970's. http://www.azcentral.com/news/...

Phoenix is one of the few U.S. cities in the that realizes a) Public transportation doesn't work well in low density, post-WW2 US cities (aka, the sunbelt and west coast) and b) Grid pattern streets and excellent freeways are the only reasonable, cost effective short term strategy. What is the long term strategy? Nobody knows, except maybe to completely get rid of shitty low density cities, which will never happen. American people want their trucks and backyards, and they especially don't want to have to sit next to some poor person on public transportation.

The problem is that these data compromises are going to happen and that the current magnetic strip technology is laughably obsolete and insecure. Chip + PIN effectively mitigates the weakness in magnetic strip data by embedding a chip (physical, something you have) and a pin (something you know) into the transaction process, plus many other security enhancements. Current magnetic strip cards are authenticated purely by a string of digits (something you know) and are easily copied and reproduced.

Read all about it here: http://en.wikipedia.org/wiki/E...

Chip + pin WILL be happening in America. http://blogs.wsj.com/corporate...

NFC-based payment system may have a chance to become popular in the mean time.

It could have just as easily been a packet sniffing engine on a local ISP, cellular network, data center etc. Maybe in front of Amazon? Were these all transferred through snapchat, dropbox or some other file sharing service that leverages AWS or some other cloud provider? Were any taken from those services by admins?

My point is, many of these images were *taken* with non-apple devices and *deleted* before photo stream was a thing. At this point it is likely someone got access to a darknet cache of images -- the sources are unlikely from one location, but from many many sources over many years.

LTDR; 1. Enable 2FA 2. If you upload something to the internet, assume someday someone will be able to see it and do whatever they want with it. Are you okay with that?

Slashdot: News for nerds, terrible at predicting anything that matters.

Talent is usually worth paying extra for, so make your business a talent center and attract the top players. Then give them freedom to get things done and don't micro manage. Ask what isn't getting done (read: the small things, like documentation) and pay someone do to that. Grease the wheels. Allowing people to work from home *IS* a huge benefit for many people, and more importantly, lets people disconnect from the office. I tend to get way more done at home as the office is just pure interrupt driven non-sense most of the time. Technology work is difficult and frustrating, but on the bright side, can pay very well. Deal with it or don't play.

For those having a hard time understanding the naming convention,

Boring: Not flashy, not exciting, not experimental, not sexy. Performs as expected.

In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.