* Posts by sugerbear

103 publicly visible posts • joined 5 Jan 2010

Disaster strikes Doyenz disaster recovery cloud


No worries

All my data is safe in the cloud...

I suppose people should be gratful it didn't just wait to run out of money and some honking great repo man pulled the plug overnight and sold the servers on ebay.

Clouds. Love em.

RBS: June's tech enormo-cock-up cost us £125m


[quote]We'll be simplifying the batches and tightening procedures a bit.[/quote]

I cant see that ending well.

See my previous posts. No change, no blame and more red tape ;-)

RBS must realise it's just an IT biz with a banking licence


Re: what about the money

[quote]I'd say primarily a bank's business is making my money grow, and not losing any of it.[/quote]

The primary role of any business is to generate a profit. Risk, IT and so on all flow from that primary goal.

If you are shareholder, then I agree. Growing the share price and dividend are the primary objective of a publicly listed company. Growing turnover/market share count for nothing and are just vanity unless they can be turned into solid income (and profit).

As a customer the primary goal of any bank is to minimise the amount they spend on you, whilst making you generate income. They will be doing everything they possibly can to ensure your money grows as slowly as possible, because the margin between what they pay you as a saver and what they lend out is where their income is generated (actually probably a lot less reliant on you as a saver as they have the money market to borrow from so even less incentive to pay you anywhere near a competitive rate of interest).

On a side note, co-op premier account charge of £13 a month is pretty good I think for mobile phone insurance, worldwide family travel insurance, European RAC breakdown cover, £300 interest free overdraft.


Good article

Mr Chan, has in my opinion, hit the proverbial nail on the head.

The middle layer of management never seems to get mentioned, it isn't Mr Hester that is choosing to take risks by de-skilling the workforce but it will be his targets that are causing the problem. Required reduction in IT costs = Management finding an easy fix = ship the development off to a cheaper country whilst retaining their own jobs/salary/bonus.

It is the middle management layer that has failed. They chose not to listen, they ploughed ahead with changes and it has cost the company dearly. Given the culture at RBS, no one questions their boss above project manager level. If you did then the end of year rating system was used as a big stick.

I have said it before but the outcome of any review will be "more control". It wont point the finger of blame at any management strategy, it will be just an extra layer of change control that slows the development process down even further.

Chip and PIN keypads 'easily fooled' with counterfeit cards


Re: Absence of evidence not equal to evidence of absence

But they do have a way.

If this was a problem then merchants and acquirers would be seeing a significant number of chargebacks where no authorisation had taken place.

(I am guessing that this "attack" makes the terminal believe that a transaction has authorised the transacton offline). There are also floor limits in place so that even if a chip card authorises a transaction offline the merchant must send it online for authorisation (or else take the hit for the chargeback).

Also sounds like its aimed at a very specific terminal or acquirer (with specific software).

The issuer (and cardholder) of the card is covered in this instance because the merchant/acquirer wont have obtained authorisation and the chip card itself wont have issued a genuine transaction certificate.


Might ?

Seems a like of "might and maybe" in the article.

Why no specific details on how this type of attack would work ? There are lots of different terminal implementations and lots of different versions of software.

So until they can demonstrate going into a retail shop and buying something then i am afraid that it all sounds a bit like scare mongering and the desire to make a name for yourself (or your consulting company wink wink).

So, that vast IT disaster you may have caused? Come in, sit down


Cockups happen

I have made plenty of cockups in my career, luckily none of them happened in an operating environement. Doing stupid stuff like DELETE * FROM CUSTOMER_DB ; WHERE CUSTOMER_ID = 5 ; (see the misplaced semi-quote, you just deleted the whole database) are much less likely to happen when you have two people, one to check the work and one to signoff. Errors get picked up BEFORE they impact the live environement, that is why you have senior developers and change management. They are there to gate keep the idiots under them.

Problems can occur for any number of reasons, but not checking what people do (ie slashing resources ) and given them root access to your o/s or god privilages on your database seems like the perfect way to end up in sticky position. Often the root cause isn't disaffection, malicious behaviour, its just fat fingers and the right (or wrong) user privilages.

I have only ever once come across one deliberate attempt at sabotage when a developer tried to add a timebomb into some code. No idea why he did it (I think his contract was coming to an end and no renewal possibly) because it was picked up when someone QA'd his code. I have also heard of code being altered to adding malicious code to extract card numbers, again picked up in QA. If you dont have checks and controls you will eventually come unstuck.

If you get to the stage where you have to call someone to interview you have already failed as a manager and deserve to be put out to pasture to find your next "opportunity".

Capita publicity to show only UK staff - some of whom are being let go



The only conclusion that I can draw from not choosing to go to India with a camera is that Capita are rampant racists (not a version of linux in case you were wondering).

They just want nice middle class whites to be in the company brochure.. People of the Indian Help Desk you need to rise up and stamp out this sort of behaviour.

RBS customers still suffering tech issues at Virgin One Account


how long can hester hold on

Bob Diamond has made the news again so this story wont be appearing in any headlines, but given that RBS will be fined in the few weeks/monhts I wonder how long the CEO of RBS can hold on.

I imagine there is a change freeze from now until the new year with only regulatory changes being the exception.

Do you work in IT at RBS? Or at the next place to get hit ...?


Isn't it easier just to pass the blame around

Batch services can blame the implementation crew

The Implementation crew can blame the developers

The developers can blame batch services

.. and repeat.

With so much blame being passed around senior managers wont actually know who to blame.

Actually, I know the best thing to do is to keep your mouth shut. And then counter by claiming victimisation, bullying, stress, overwork, you can always throw in some blackmail as well.

Another point (and I think a very good one) whoever was responsible will know that if they do get the push they will be in line for a nice 6 figure sum from one of the weekly rags. Max Clifford is very likely to be your best friend. Just make sure you come out looking the victim. (Nick Leeson didn't do too bad).

Half the team at the heart of the RBS disaster WERE in India


Re: Is it legal?

And RBS set it all up nicely.

First they had an arbitary downgrade of all grades at the end of the year. They also had the bell curve, what this did was to put a lot of staff that came in and did their day to day work but didn't want to get involved in office politics or career advancement or working stupid hours into the "failing" category. It also put people that would normally have got a bonus into the "no bonus" category. We were also told that anyone getting two consecutive two's would be "managed out". (good bye payoff). No one understood the rating system either as they were given behind closed doors.

A lot of staff in their fifties were entitled to full pensions with no penalty for leaving early (ie get the pension at 50 odd that you would have got at 65). We also got a payoff of something like 3.5 x number of years service = number of weeks pay. If you were retiring you could put that lump sum into your pension and then claim 25% of your pension pot tax free. So a bloody good deal.

So generally anyone with long service who was over 50 jumped at the chance, the first wave was fully subscribed.

Anyone with with long service and a decent work history also went, it's just a case of incentivising people of else making it so miserable to work there people volunteer to leave.

It looks good for RBS because very few people have to be made compulsory redundant and they can spin the line that everyone "wanted" to go where as if they gave everyone their notice then there would be headlines in the national paper.

Glad I got out in the first wave ;-)


Re: RBS Management

Because come hell or highwater the head of IT was going to reduce the staff costs. And he based that decision on the fact that UK workers cost x and India workers cost y. And because Y is about 1/4 the cost of X that made perfect sense. They both do the same job after all. Anyone can be taught to programme, anyone can be taught to run a batch schedule. and so on.

By reducing staff costs he would have been seen to have made a massive dent in expenditure and would no doubt have given him a nice leg up in his accent to the boardroom and his bonus is very likely to be linked to cost reduction and increased output. Manday cost were about £400 for a UK and about 1/4 of that for non-uk workers. Imagine reducing your costs by 75% and with ZERO impact on your business. What could possibly go wrong.*cough*

I am sure that execs rationalise the negative internal comments by linking them to the UK staff fear for their jobs. So anyone that suggests the outsourcing is a bad idea either gets sidelined or kicked out early.

Brits get to fondle Google Nexus 7 slab in just a fortnight


Too much ?

Price point - anyone think it is too high ? At nearer to £100 it is worth it, once it starts moving up to the £200 level it is no longer such a good deal.

I have a 7 inch android tablet that is pretty good for reading/emailing, had hdmi out, plays games etc, ok the battery isnt great but it only cost me £80 and has a micro sd card slot thrown in.

Why include NFC then exclude a microsd slot ? No one is going to pay for stuff using NFC on this device because it isn't a wallet sized phone/card. and you can pick up a microSD card with NFC built in.

Looks a nice display and I am sure it will be quick, just doesn't tempt me at the price.

'Inexperienced' RBS tech operative's blunder led to banking meltdown


RBS to sue CA

According to the FT RBS is considering taking legal action against CA. Unless CA were actually managing the change I dont see how this would work.

Being a cynic I would say that the RBS PR machine is again at work trying to throw some mud around in the hope that some of it sticks.

Of course if they do it really will be a "drains up" moment for RBS if they press, so not a bad thing. I suspect it is PR bluster.



Re: Sounds like they need...

Or Sanjeet couldn't find the UNDO button...

Google orders spontaneous support for Parliamentary motion



"It's an example of astroturf".

I think they mean astroturfing.

Unless google is demonstrating an artificial grass surface.

RBS collapse details revealed: Arrow points to defective part


Failure linked to the policy of Mike "offshore" Errington

If anyone is to blame its the man named above who started the whole process about five years ago.

Wouldn't listen, didn't care, you would think he was only interested in securing his own bonus (or he had shares in infosys!)

I wonder if he is feeling the heat now....


Re: If only.....

[quote]"I have no evidence of that. The area, if you like, the UK backbone, has received substantial investment."[/quote]

what UK backbone ? It was all outsourced to Chennai. Unless the investment is the money they used to pay the IT staff off (or maybe the money they pay monetise to manage their mobile applications).

Here is a CEO that doesn't have a fucking clue or else his reports are lying to him. If I were him (thankfully I am not) I would be looking for a new CTO because the ones he has aren't going to finger themselves in any blame.

Utterly clueless. And very likely to be found out when reporters start digging.


Re: Not convinced

It is easy. If on the first night of your batch run you miss a few input file and it isn't picked up until say the Tuesday afternoon (and let us say for example your support staff who specialise in CA7 had left for the day), you would be into Wednesday before you could be anywhere near identifying what the problem is and what caused it and what was missed the previous night. Then you have to fix the problem and work out how you are going to get the missing transaction into your batch file (they would then most likely reject because the batch header didn't have the correct day on it .. and so on..)

Of course all the time its getting escalated and people want answers, so that delays the fix because they dont want the fix screwing up something else.

RBS IT cockup: This sort of thing can destroy a bank, normally


Re: It seems entire nation is waiting for El Reg readers to tell them whats going on

Ex RBS here. From what I hear (Allegedly) it was an upgrade to CA7 that someone screwed up. CA7 is a bit of software that runs your batch jobs and allows you to add dependencies and start jobs to a stream of batch programs. If you fo' that up you effectively stop your bank working.

Now given that there hasn't been anything similar in the past 20 years at Natwest (which used OPC but lets not get bogged down in detail, they both ran big mainframe shops, Natwest much bigger and RBS didn't have the resource to complete the migration on their own) you can either guess that BMC left a bug in CA7 that only occured in when RBS ran the sofware and had failed to be picked up anywhere else on the plant.... or... someone who didn't know what they are doing cocked it up.

And of course RBS are not going to admit (even if it were true *cough*) that this is linked to the IT cost saving programmes that started around 2008 was in any way linked to what happened.

Repeat after me. All IT outsourcing (offshoring) deals save money and have zero impact on your business (tm).

Natwest, RBS: When will bank glitch be fixed? Probably not today


That doesn't apply to the guys in Mumbai. You know, the ones fixing the problem ;o)


Re: Out-sourcing is bad

[quote]Good documentation helps prevent future disasters, and speeds up the resolution of problems. Good documentation should save you time in the future. The problem is that few people seem to realise the importance of good documentation until they don't have any.[/quote]

Haha.. 3..2..1 you're back in the room :)

Honestly, you have never worked in a real IT department then. People want to do the minimum in terms of effort and time, and documentation (updating it, managing it, reviewing it) will be the first thing that gets chopped and dropped when deadlines approach or the project finishes. IT Departments ignore the need for decent documentation or its control because it is expensive to manage.

You can probably rely on the original spec being right, but any subsequent updates will always be poorly document. In fact a decent programmer using a decent language should produce decent self documenting code anyway.

I worked in application support and trust me the last place I would look when fixing things was the documentation. Better to see what the source code is actually doing.

Tech fault at RBS and Natwest freezes millions of UK bank balances


Re: Oooh

[quote] an IT disaster just waiting to be screwed up by offshore IT workers who's banking won't be affected when the systems are down for days.[/quote]

A very good point, if you work for Natwest or RBS you must have (or you certainly used to have ) a Natwest / RBS bank account so that your wages were paid in. So there is some vested interest in getting things right because you would be directly affected if you screwed up. Not so anymore when you dont use the products you look after.

UPDATE : Recieved a text this morning from Natwest (22nd) saying that accounts are still affected. All those IT savings are suddenly going to be eaten up by lost customers, refunds, ex gratia payments etc etc.


Re: Oooh

[quote]I loved my time at RBS, great people, fantastic IT, but sadly it just all got too much and when the voluntary redundancies were offered, I jumped...


Same here. Was quite good until about 2005/6 ish when they started the offshoring and bell curve (end) performance management stuff. I suppose the root cause wont be "sacked all the decent staff and shipped them off to mumbai"

3 days for ALL customers. That IS bad. Would have been resolved within hours when I worked there. Glad I am not there anymore.

Brit telco flagship BT joins blockade of Pirate Bay


If only the internet was more reslilient.

For people that dont understand the internet and just use google to find things this will be a killer blow. They will just have to turn on their radio, subscribe to sky/spotify or go back to Mr Wong and his DVD case of the latest blockbusters.

For everyone else....

Steely Neelie: EU is crippled by its clueless tech-ignorant workforce


Re: Last time I looked

Yes, the jobs normally go

Step 1. Advertise for role

Java developer required (add long list of java stuff that most of the time wont ever be used) willing to pay about 50% of the going rate and you will need to leave your existing secure job to come and work for my company. They also like to have junior developers with at least 25 years experience (so that I can use your experience and pay you even less than what you actually expect. Please dont apply for this role unless you are a 100% match.

Stage 2. Outsource.

The ICT needs of a company need to be planned for the long term not just the current project.

Scottish council muzzles 9-year-old school dinner photo blogger


Excellent Work by the Council

By doing what they have done (censoring the young lady in question) they have managed to highlight the fact they give shitty food to the children and they are not prepared to serve (at least not in food terms unless it processed and full of sugar and salt) the people they are elected by.

Well done. You really couldn't have done any more to publicise the blog or the poor service you provide (save for taking out a front page advert on the google home and asking Mr Murdoch to highlght her plight in all his daily rag) than you have already.

Bute and Argyll Council - There to serve the needs of its voters (or itself). I salute you.

Raspberry Pi IN THE SKY: Wallet-sized PC is disaster drone brain


and with just a few tweaks (guns/missiles)

The drone really does turn the "victims" into victims !

@ Lee Dowling. USB is only flakey because the pi cant supply the required voltage. Powered USB hub. most problems solved.

Thief open-sources Richard Stallman's laptop, passport, visa


I hope he has learned his lesson

He will now be buying an apple laptop and uploading all his data to the (i)cloud.

Where it's safe :)

Cameron's F-35 U-turn: BAE Systems still calls the shots at No 10


You have to laugh.

Which one of BAE's execs is Camerons pal then ?

I think the UK needs to cut its cloth. Buy a cheap carrier secondhand carrier if that is what the army/navy/raf want. Anything above the surface of the water is going to get destroyed in the first days of any real battle (unless we are fighting someone like Azerbijan) so why bother spending loads of money on it and then filling it with expensive jets that will also be wiped out fairly quickly in any real battle.

Dont forget we are all in this together (unless you happen to work for the arms industry of course).

VeriFone takes on Square with cheaper iPhone-friendly kit


[quote]It doesn't do Chip n Pin - surely thats a FAIL?

EMV is being pushed in the States and is supposed to be rolled out from April 13 I think I read somewhere else.[/quote]


If you are based in Europe and accept payments from a chip card issued in europe you are accepting 100% of the liability if you choose to use the magstripe and the cardholder subsequently denies the transaction was done with their card.

If I were europe based i would read the t&c's because I am pretty sure that the cardholder wont be held liable when one of these terminals is used.

Europe needs a chip capable reader not a prehistoric mag reader.

ALL Visa cards blab punters' names - not just Barclaycards


Re: NOT Visa failing - It's AMAZON failing.

Sigh... You cant have your cake and eat it to.

The retailer can verify your home address with your bank. That's a fair indication of where you want goods delivered to because you everyone in the chain can guarantee that the goods with proof of delivery have been delivered to the cardholders address. No fraud possible unless your mum/dad/brother/sister are ripping you off.

How exactly do Amazon know that your work address is actually valid and isn't the address of A.N.Fraudster ?

Answer THEY (Amazon) DONT. They are taking a big risk. The fact that they dont do any kind of CVC/CVV checking indicates they are even more lax in their security. But they dont care. Because they know cardholders will go whining (and blaming) to their bank. No ones blames the retailer.

I sincerely hope that Amazon and their acquirer are getting a good kicking over this one.


NOT Visa failing - It's AMAZON failing.

viaForensics are pretty dumb not to have realised that this isn't a failure of any NFC or Non-NFC card. At the very least I would have expected them to test this with some other retailers, and they would have found the exact same scenario would have failed. But being selective with your facts should never get in the way of a good story I suppose.

It is the COMPLETE failure of AMAZON (and their acquirer) to process payments correctly. They should be passing the CVV/CVC with the transaction but dont because they probably dont want to have to go through expensive PCI-DSS certification (and the additional hassle of encrypting everything).

What AMAZON should be doing is EITHER checking the CVV/CVC and/or check the address of the customer using AVS (address verification). That way the goods can (or should) only ever be delivered to the cardholder address.

Again AMAZON fail because they still allow you to deliver to an alternative address. Issuers want retailers to deliver to their home address and if a retailers fails to deliver to a cardholders address then the issuer has chargeback rights. In all of the cases demonstrated so far it would be the Retailer/Merchant who would lose out when the cardholder sees a fraud on their account.

Unfortunately the way this has played out is there is some massive failure with all Visa cards when in fact its a very risky (and somewhat arrogant) position that Amazon have taken to ignore the procedures that have been put in place by schemes/issuers over the years to combat this type of fraud.

Amazon = Fail.

And yes, most if not all debit and credit cards (non-nfc) contain the card holders name, expiry date and card number on the chip and magstripe (but you cant sniff the cvc because that is printed on the back of the card) . That is the reason why its used with AVS checking.

I am available for hire by channel 4 if needed :o)

Barclaycard pay-by-bonk fraud risk exposes Amazon's security


Re: tin foil is the answer

Just keep the card near to your (non-nfc) mobile phone. The signal of the phone will swamp the card.

All Amazon's fault this one.

PayPal turns smartphones into checkout tills


Here is looking forward

to all those chargebacks you will receive if you use this device in the uk...

Good old magstripe. this device will make a nice paperweight in a year.

UK tax fraud IT project 'missed virtually every delivery date'


Re: Also....

[quote]Can you explain how this works? It's a claim that gets bandied about (perhaps it used to be true) but nobody has yet been able to demonstrate to me how forming a limited company saves one tax. A little NI, yes, but not tax, once you factor in Corporation Tax and Dividend Tax.[/quote]

Its simple but to make it worth it you need to be in the 40 or 50% tax band.

You pay yourself a salary up to the 20% tax threshold each year (approx 44k). Anything over this gets paid as a dividend each year which is taxed a corp tax rate of 20% where as if you have to pay 40% or 50% through PAYE... You also save on NI.

There are also other benefits like being able to employ (for example) your wife as company secretary and use her tax allowance. Items bought for the business are also VAT free (computers, phones, commercial vehicles etc etc).

Third of Blighty stuck on snail-speed broadband


Slowest place in Britian...

For bog standard broadband (not Fibre), Hampton Vale in Peterborough rarely gets speeds of more than .5 Mbits. That is across the whole of the new estate, move across the road to Yaxley or Orton (nearer the exchange) and the speeds are back to normal. A very common complaint on the community website forums.

Quicker everyone gets Fibre to cabinet the better.

Apple's secret outsource: 'Even more software to be made in India'


Please god

Dont let them anywhere near the OSX :o)

Brit pair deported from US for 'destroy America' tweet


Gary Mckinnon

Take note Gary Mckinnon, if you want to be sent back without having to bother with a lengthy court process.

EU asks why credit cards are so expensive


[quote]Try using a foreign-issued Visa card in a high street shop that doesn't know how to process transactions without chip-and-pin! Even though the Chip and Pin implementation specifically instructs retailers to have a system for people with older-style cards and for tourists and business travellers who will not have compatible cards, the odds are that the cashier will not allow your card.

I love the European tollways that don't accept non-EU issued VISA cards - great for travellers in rental cars who get to the end of a 300km stretch of road and find that none of their cards are accepted on that stretch of road. The human attendants can't even manually process them .

[Written with 6 years of experience of this in the UK and EU][/quote]

So, get a chip and pin card and your problems are solved. Just because your (and I assume you are from the US as most other developed countries have moved or are currently moving to chip and PIN) bank issues a shitty and insecure product dont go blaming the EU for it. As a merchant I think i would try to avoid taking any kind of magstripe product because I realise just how insecure they are and dont want the hassle of a chargeback either.

Canadian, Brazilian, Australian, South African issued chip and pin cards work just in the EU.

Good news for you there are some issuers in the US that have actually realised that travel experience is very poor so have switched to chip and pin.

That Brit-built £22 computer: Yours for just £1,900 or more


<> an Arduino

They are much more powerful than an Arduino in my opinion (I have the MEGA fwiw).

The PI can be hooked up to a display and they have a much more powerful processor that can handle (for example) camera images which the Arduino cannot. No more having to use a 4 line LCD to display information.

Just wait for the next run of 10,000 if you want to buy them at the lower price.

Low power, powerful CPU, cheap. What's not to like.

I am hoping that one of these can be used for an in-car camera recording system, which my Arduino cannot manage. I will also be giving a couple to my sons so they can experience the joy of programming that I had when I got my first zx81 !

Anything south of £50 is good. The playstation generation wont get it of course, they have grown up with a stunted view of computer science that only churns out Word/Excel junkies for clerical jobs.

Somerset buses bin paper tickets, sniff journey-logging chips



Because the world needs another proprietary payment method.... and another card to add to your wallet..

Oyster, soon to be phased out. All other transit systems moving to accept contactless payments.

Money down the proverbial.

Four Romanians charged with hacking 150 Subway shops


It really is the fault of the US

.. in not implementing chip and pin into their terminals and cards. If the same thing had happened in the UK, the chip based transaction data would not have allowed the cloning of the magstripe or the chip and the details would have been pretty much worthless.

Yes its culpable that the merchant manufacturer/merchant left a terminal open to the world with potentially lucrative information on it, but it hides the bigger problem of the insecurity of magstripe transactions/cards and the ease with which they are cloned.

My own chip card denies fall back to mgstripe and I am grateful for it.

Orange contract price hike angers subscribers


Limited Choice, Poor Contracts

Unfortunately you only have the option of Vodafone or O2 if you dont choose Orange (or 3 if you can trust the service to deliver a signal).

I think you can see a pattern here, pretty much every kind of large monopolistic business model always comes down to about 3-4 big players who never really try to compete with each other as that only hurts the bottom line. Once you get to that position you as a consumer are stuck with a limited number of similar offerings and generally weighted terms and conditions against the consumer.

I think a long term contract should not allow price rises, period. How can you judge a contract when each network can choose to levy a price rise at set points. I suppose we should be gratful that they didn't levy the full RPI % increase.Sigh...

Engineer sues Huawei for axing him 'because he's a Brit'


Holds Popcorn

I cant wait to see how this one plays out.

I wonder if I can sue my old employer for replacing me with a Indian programmer. I always knew it was 'cause I iz white :)

Where are all the decent handheld scribbling tools?


Loving the typo.

[quote]They're lovely but sadly not quite up to snuff in 2011[/quote]

Has El Reg been out killing tramps again :)

Apple's US bid to ban Samsung tabs hinges on design


All this apple bashing..

This is no different to me building a car that looks identical to another.

Mazda, for example, cant go and copy the latest Ferrari design and then stick their own engine/gearbox/seats etc inside, slap a Mazda badge on it and expect no one to notice.

No different here, no one made an iPad design/shaped device before the iPad and when other companies copy the design they should expect some interest from Apples lawyers.

Samsung could have made their product distinct. They chose to copy instead. They got sued.

Why I am not suprised.

Seven lessons from the HP Touchpad fire sale



One thing I noticed was how badly e-tailers treat their existing customer base.

A golden opportunity came to reward existing customers via a direct marketing email (ie you have been a great customer here is a link to purchase etc)

To me that just proves that online retailers just shift boxes, they don't care about their best / loyal customers as they just want to shift lots of stuff.

Give it 6 months and there will be a glut of touchpads on fleabay.

Ultra-cheap HP TouchPads to hit UK at 6pm


I fear

That HP are not long for this world. I wonder how cheaply they will sell off Autonomy in a couple of years after deciding they are actually a hardware company.

Credit card 'flash attack' steals up to $500,000 a month



With Chip and Pin the card issuer will have a cryptogram that proves the transaction came from the card, a mag stripe card is trivial to clone and easily achieved with the help of maplins or ebay.

An EMV card is not easy to clone (with DDA). Fraudsters always go for the easy option.

I am sure that at some stage the US will go chip and pin, then the fraudster will move to another form of attack and the card industry will respond (and repeat).

I am sure the reason for not going down the chip and pin route in the US is simply the cost and scale of change that would be required to support it.