Posted on December 19th, 2013 No comments
The world seems to be going crazy this morning with news that some 40 million credit cards were stolen from Target’s databases. My Twitter feed is aflame, it’s all over my news sites, and I’ve even received email from family members warning me to get all my cards reissued. I’m not going to, though. I only use credit cards, so it’s not my problem.
If my number just happens to be one of the 40 million stolen, and if a thief happens to actually try and use it, and if the credit card companies’ powerful automated anti-fraud systems don’t happen to notice that I couldn’t possibly be buying a new television from Amazon in Kazakhstan while also paying for dinner at Chez Billy, then in that unlikely scenario my total projected costs will be a grand total of $0, plus a minor inconvenience while my card gets re-issued.
How can this be?
In the United States, the law limits consumer liability for credit card fraud to the first $50, so no matter what happens, I’m only out $50. As a bonus, credit card companies nearly always waive that $50 charge, as they would rather not piss me off and lose me as a customer over a another person’s crime.
But if you use debit cards, the story is different. The consumer protection laws are far more lax, with a potential maximum liability of up to $500 – 10x more! And even though most cases of fraud will probably eventually be resolved, in the meantime, the missing money is your money. The bank can take up to 10 days to investigate the fraud, and during that time your checking account will sit empty. When you use a credit card, you’re buying things with somebody else’s money. While they investigate the fraud, you’re not out a nickel.
The moral of the story is: Use credit cards instead of debit cards. Or use cash. But either way, cut up your debit cards.
[You can find more information on the legal difference between credit cards and debit cards at US PIRG.]
Posted on October 10th, 2009 1 comment
Sure, IPv6 is going to save us all from the apocalypse, defeat communism, cure the swine flu, and bake you the most delicious brownies you’ve ever tasted. Someday. But in the meantime, for real people trying to do real work, it’s a fucking nuisance.
As more systems have started shipping with the technology, little compatibility issues continue to crop up. One of the more recurrent problems I’ve encountered is incompatibilities between Java and IPv6 on Linux – specifically Ubuntu. Up until recently, it was quite easy to eliminate the problem by merely blacklisting the appropriate kernel modules, thusly:
# echo 'blacklist net-pf-10' >> /etc/modprobe.d/blacklist.conf # echo 'blacklist ipv6' >> /etc/modprobe.d/blacklist.conf
However, as of Ubuntu 9.04 (Jaunty), IPv6 support is no longer a module – it’s hard-compiled into the shipping kernels. No big deal, though, because there’s a system control variable that allows you to remove IPv6 support from the kernel.
# echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
Except that doesn’t work. It seems there was a kernel bug where that setting was just plain broken. And it hasn’t been shipped with the normal Ubuntu kernels yet. So, what is one to do, short of re-compiling their own kernel?
Here is a copy-paste from an IM exchange I had with Java earlier:
# Java has entered the chat.
Java: Hey dude, what’s up?
Ardvaark: hey, i’m having a problem getting you to listen to an ipv4 socket when ipv6 is installed on my ubuntu box
Java: Yeah! I totally support IPv6 now! You didn’t even have to do anything because I abstract you from the OS details! Isn’t that great?!
Ardvaark: awesome, i guess, except that it doesn’t work.
Ardvaark: i really need you to just listen on ipv4, because the tivo just doesn’t like galleon on ipv6
Ardvaark: so sit the hell down, shut the hell up, and use ipv4
Ardvaark: pretty please
Java: Okay, geez, no need to get all pissy about it.
Ardvaark: and while you’re at it, could you please stop using like half a gig RAM just for a silly hello world program?
Java: Don’t push your luck.
# Java has left the chat.
And now that we’re back in reality, the magic word is -Djava.net.preferIPv4Stack=true.