Category Archives: Financial

信用卡的先天缺陷造成盜刷問題

在「Guessing Credit Card Security Details」這邊看到的攻擊手法,基本上無解,除非信用卡的網路交易也全面改成使用晶片... 手法其實很簡單,就是先算出一個合法的卡號,然後分兩階段攻擊取得資訊: 先去找數家只需要「卡號 + 日期」的網站,用暴力法踹出日期 (假設五年就是 60 次)。 再去找數十家需要「卡號 + 日期 + CVV2」的網站,用暴力法踹出 CVV2 (1000 次)。 所以 1060 次就擺平了... 就算所有網站都需要 CVV2,也是 60000 次的嘗試而已 (找數千個網站來踹),算是完全可行的方案。而目前只能靠 workaround 來防止,像是需要多輸入姓名與地址之類的資訊來擋...

Posted in Computer, Financial, Murmuring, Network, Security | Tagged , , , , | 4 Comments

Bitmain 的生意愈做愈大了...

Bitmain 做到打算直接弄一座 data center 來挖 Bitcoin:「Chinese firm building 135MW bitcoin data centre」。居然還是用綠色能源來玩出全世界第三大吃電資料中心: The complex, which will be capable of pulling 135 megawatts of power placing it at #3 of the most powerful data centres in the world, will operate primarily … Continue reading

Posted in Computer, Financial, Hardware, Murmuring, Network, P2P, Security | Tagged , , , , | Leave a comment

把 CSC (卡片背面的三碼) 變成 OTP (動態密碼)

把信用卡背面的後三碼 (Card security code) 變成動態密碼,雖然一般只會有三碼,但對於網路消費應該會有不少幫助,不過這樣就不能完全不拿出卡片了...:「This high-tech card is being rolled out by French banks to eliminate fraud」。 產品叫做 MotionCode,會先從法國開始: Today both Société Générale and Groupe BPCE, two of France’s largest banking groups, are preparing to roll out these cards across … Continue reading

Posted in Computer, Financial, Hardware, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , | 1 Comment

ING Bank 在羅馬尼亞的機房出事...

ING Bank 在羅馬尼亞的機房發生資料損毀:「A Loud Sound Just Shut Down a Bank's Data Center for 10 Hours」。 不過原因是因為火災測試時噴發的音量太大,導致硬碟故障 XDDD ING Bank’s main data center in Bucharest, Romania, was severely damaged over the weekend during a fire extinguishing test. In what is a … Continue reading

Posted in Computer, Financial, Hardware, Murmuring, Network, Security | Tagged , , , , , , , , , , | Leave a comment

MasterCard 在英國被告收取過高的手續費

在「Mastercard sued for $19 billion in Britain's biggest damages claim」這邊看到的幾個重點,第一個是歐盟對國際手續費 1% 的限制:(雖然 Brexit...) A lawyer working on the case said Mastercard charged shops fees in excess of 1 percent for card use on international transactions between 1992 and 2008.Although the … Continue reading

Posted in Financial, Murmuring, Social | Tagged , , , , , , , , | Leave a comment

Apple 的 App Store 的訂閱制度更新

先前在「蘋果 App Store 收費模式的改變」這邊提到的改變,這幾天細節公開了:「Subscriptions - App Store - Apple Developer」。 最主要的改變在於超過一年的費用從原來的 30% 降低到 15%: Within a subscriber’s first year of an auto-renewable subscription, you receive the traditional 70% of the subscription price at each billing cycle, minus applicable taxes. After … Continue reading

Posted in Computer, Financial, Murmuring, Recreation, Telephone | Tagged , , , , , , | Leave a comment

CloudFlare 對 HiNet 成本的抱怨 (還有其他 ISP...)

CloudFlare 特地寫了一篇討拍文在分析對六個 ISP 的超高成本:「Bandwidth Costs Around the World」。 其他的就不講了,先看對價錢的定義: As a benchmark, let's assume the cost of transit in Europe and North America is 10 units (per Mbps). 然後來看亞洲區以及 HiNet 的部份寫了什麼: Two Asian locations stand out as being especially expensive: … Continue reading

Posted in Computer, Financial, Murmuring, Network, Social | Tagged , , , , , , , , | 1 Comment

歡樂提款機

在「Would You Use This ATM?」這邊看到的提款機: 而這是背面: 不知道可以聽到多少東西 XD

Posted in Computer, Financial, Hardware, Murmuring, Network, Security | Tagged , , | 1 Comment

Netflix 把金流相關的系統轉移到 AWS 上跑 MySQL 的故事...

這次要提的是「Netflix Billing Migration to AWS」、「Netflix Billing Migration to AWS - Part II」與「Netflix Billing Migration to AWS - Part III」這三篇。 Netflix 先前的金流相關系統跑的是 Oracle 的資料庫: 然後換成 MySQL: 系統上是採用 DRBD,然後底層是 5 個 4TB 的 EBS 組成的 RAID 0,跑 LVM: High performance with respect … Continue reading

Posted in AWS, Cloud, Computer, Database, Financial, Murmuring, MySQL, Network, Software | Tagged , , , , , , , , , , , , , , | Leave a comment

Linode 收 PayPal 了,只是...

Linode 宣佈支援 PayPal 了:「PayPal Payments」,只是: While any customer can use PayPal to fund their account, new customers will still need to sign up using a credit card. You can use PayPal from then on. 而原因是: This is in part because … Continue reading

Posted in Computer, Financial, Murmuring, Network | Tagged , , , , , , | 1 Comment