Blog‎ > ‎

Banking Security, PSQL 10, 2FA, Trim, Astronomy, CAPTCHA, Retail Tech

posted Feb 18, 2018, 12:01 AM by Sami Lehtinen   [ updated Feb 18, 2018, 12:02 AM ]
  • Banking security is weakening. Now it seems that many banks are moving their banking applications completely to mobile. Dropping the 2FA features completely. I'm not sure if this is a good thing. We all know that mobile phones are very hackable. And there's no real 2FA anymore, when mobile phone alone is used for everything. I find this bit problematic. I'm pretty sure that everyone with tin foil hat will agree with me. I've earlier written about need for real 2FA which would also authenticate and sign the data, instead of just authenticating "a transaction" without any more detailed context. - After having some discussion with other colleagues, tin foil hats,and nerds. They all seem to unsurprisingly to totally agree with me.
  • New features coming in PostgreSQL 10 - Hash indexes (durable), Parallel Queries, Partitioning, Replication, ICU collations, Integrity Checking Tools, Connection Handling, Quorum Based Replication (awesome!). Also naming some key data clearly, so people don't expect it to be temporary data is quite wise. I've seen so many systems 'pooping' around. And it's very hard to know what is total junk, what's somewhat useful, and what's critical. I'm usually highly annoyed by the fact, that all programs don't make it too obvious. And leave utter crap around, which should have been automatically deleted.
  • Also tested several 2FA authentication applications. Which provide actual strong identity, linked to officially verifiable and confirmed real world identity. Those were great. I'm pretty sure there's going to be serious competition on this platform. Traditionally banks have been providing this service, but now there are mobile operators and maybe soon many others providing strong e-identity. In Finland the ID used to have a chip, and you could have used it. But that project totally failed, no body wanted to use a smart card to prove identity. The on-line banking credentials totally overrun that service with wide adoption. All these providers are linked so that the strong identity can be used with 3rd parties easily.
  • Has anyone taken a look at iostat while running trim? It gives quite a high write rates. I highly suspect there's something wrong with the values being reported. Because it's impossible to get that kind of amounts of data pushed via the bus used with the drive. At least in my case. So I immediately know that the write rates are invalid / incorrect / wrong / too high. kw: linux, fstrim, ssd, discard, iostat
  • TED: Katie Bouman: How to take a picture of a black hole - Absolutely awesome nerd talk - Event Horizon Telescope - Astronomy, Space, Black Holes, Super Computing, Earth Size Telescopes, Math, Algorithms, Terabytes of data, Forensic Reconstruction. Lovely! Yet I kind of didn't like the process of selection based on simulation. Because ahem, isn't that just like skewing statistics by selecting samples? - I could go on with samples, but yeah. I hope you got the point. They're scientists so I'm pretty sure they know what this sounds like at the very beginning. - Oh yeah, they unsurprisingly, got to the point, where they figured out that selecting samples, leads to 'hoped results' whatever those are. - What's the point of trying to use puzzle peaces? How about just combining the existing real data and interpolating it to get higher resolution sample. Instead of using 'puzzle peaces' at all?
  • Git pull requests can be excruciatingly slow due to high number of small 'random writes' to storage medium, especially if it's NTFS volume and syncs to it are slow. This is one of the areas where exFAT is radically faster than NTFS, even if same underlying storage is still being used.
  • I can conclude that the Google CAPTCHA doesn't like my platform. They're always very through with checks, sometimes requiring three or more passed checks.
  • Some unsurprising retail tech trends: Omni / multi channel, Mobile Tech, in-store concepts & digital displays and of course customizing for the individual customer. Bluetooth Low Energy BLE Beacon Technology at Point of Sale. Different system security strategies to make customer data and payment data secure & keeping it private. - Nothing new afaik.
  • Something different: Gunfire locator and Artillery sound ranging.