[ale] Slashdot article on UAV/satellite surveillance

[Mike Harrison]

On Thu, 17 Apr 2008, Jim Kinney wrote:

> Only 39 of the quarters were sterilized. One was a tracking device.

Actually, two of them were.

I powered up my 1931 Coolidge Tube (I really own one) with my plasma torch
and used my night vision goggles (via a front surface mirror so I was out 
of the beam path) as an image intensifier to make sure they were 'just' 
quarters.

One of them was placed in your pocket, yesterday.

Any heavily tinted windowed vehicles nearby?

-------------------------------------------------------------------------------------------------------
ON TOPIC:

Seriously though, sometimes we need to be this suspicious. I am getting 
back into the payment processing business, and have setup a webserver
with a demo that looks like it is taking utility payments. (It's a 
semi-working demo.. ) After google found it (not sure how, but 
they did), I seeing an amazing onslaught of what seems to be scripts poke 
at this thing. It's -not- what I see on other webservers with non payment 
related forms. I'm guessing I don't see this kind of traffic on my 
e-com/shopping cart sites because a payment screen does not become 
available until things are added into the shopping cart.
It's not what I saw years ago when I was working for an ACH processor either.
Seems to have evolved.

I'm about to setup another site/server with generic payment forms
(ccnum, expiration dates, amount, etc.. ) just to watch the exploit 
attempts to make sure the real things I am doing don't succumb.

And it gets harder when you have to detaint againt UTF-8. You can't just 
strip out all the non-ascii characters.