Hacker Newsnew | comments | show | ask | jobs | submit | Tomdarkness's comments login

3 offer the ability to use your allowances in 18 countries at no extra charge:

http://www.three.co.uk/Discover/Phones/Feel_At_Home

It's not as many countries, but with 3 you can get unlimited data at a fraction of the cost (I currently pay £15/month with 3 for unlimited data, 5000 3 to 3 minutes, 5000 texts and 2000 minutes to other networks).

-----


Currently using this in Australia (and Telstra have fantastic coverage). I was amazed it was available here. It feels too good to be true!

-----


Likewise, although I'm finding that Telstra throttles me quite a lot. Turns out you can use any network in Australia (with no roaming fee from 3), so I've manually switched to Optus and my speed has dramatically increased.

-----


Looks interesting but seems to be lacking a bit in the mobile number lookup department. The current service we use for mobile numbers can provide:

- Is the phone number not only valid in terms of syntax but a number actually registered to a subscriber?

- Is the subscriber currently connected to the network? (Normally indicates if their phone is switched on or off with the exception of not having a signal)

- Has the phone number or subscriber been barred or blacklisted in any way?

- Network that the number originally belonged to

- Network that the number is currently registered with. For example if they ported their number from another provider this will be different from the network the number originally belonged to.

- Network that the subscriber is currently connected to. So say if you were roaming in a different country this would return the network the phone is currently roaming on. Can be used to see if someone is out of the country.

This works mostly worldwide with a few exceptions. In a few countries we can actually determine if you are on a prepay or contract plan as well.

-----


Who are you currently using? It seems odd that the current connection status is something that is shared.

-----


Yeah, I don't even know how that would be possible unless it's owned by one of the phone companies and is only available for their users. I highly doubt any telco would share that data publicly, especially if all you need is the subscriber's number.

-----


This is likely done with something called an HLR lookup via SS7. I believe it was explained to me that HLR lookups are meant for call setup and SMS routing, NOT for exposing network information via web services, but that doesn't stop companies with SS7 access from doing it anyway since there are plenty of people willing to pay for that information.

-----


I like the approach taken by Nominet (.uk domain registry). If you are an individual and you're not trading via your website you can hide your personal details from whois. However, companies and trading individuals have to display it.

-----


I think most registrars offer a way to "hide" your whois data; I think the problem here is that this "hidden" data leaked anyway.

-----


Sorry, made a typo. Nominet are not a registrar, they are the domain registry for .uk domains. Similar to how Verisign are the registry for .com domains.

-----


Seems Chrome has addressed the issue with incognito mode - if you open the page in incognito mode you get a different code.

-----


Not for me. Mac OS X 10.10.1, Chrome 39.0.2171.95. I get the same code even in incognito mode.

-----


Well that's interesting. This may shed light on some of the seemingly conflicting results. On Mac OS X 10.10.1, Chrome 41.0.2264.2 (Canary):

Steps:

1. Open browser, open [1] in new tab. Get code X.

2. Open [1] in new incognito window. Get code Y.

3. Reload that incognito window. Get code Y.

4. Close incognito window.

5. Open [1] in second new incognito window. Get code X.

Subsequent iterations of opening/closing regular and incognito windows and/or restarting Chrome all yielded code X.

[1] http://www.radicalresearch.co.uk/lab/hstssupercookies/

-----


Perhaps you started (2) before (1) finished?

-----


Same here, got same code on OSX 10.9.5 Chrome 39.0.2171.95

-----


Chrome has different SSL validation on each operating system - on Linux it uses it's own NSS instance, on OS X and Windows it uses the OS level certificate validation routines. Not sure how HSTS plays into that.

-----


Not on my Chromebook Pixel.

-----


Confirmed for me on Mac OS X 10.9.5, Chrome 39.0.2171.95

-----


Not for me running Chrome 39.0.2171.95 on Fedora 21.

-----


Same code for Chrome 39.0.2171.95 on Windows...

-----


It claims to support Chip & PIN (EMV) but I don't see how this works. EMV is designed so that you can't clone a card and in practice is it impractical to attempt to clone a card that uses EMV.

The only way I could imagine it would work is if you have the support of the bank that issued the card. However, I doubt any bank would agree to a scheme to allow a 3rd party to generate a clone of an EMV card.

-----


> The only way I could imagine it would work is if you have the support of the bank that issued the card.

At the end of https://www.plastc.com/wallet there's a list of participating banks, so I assume that's exactly how they do it.

-----


Agreed, if they did it would seem that this is a card cloner's wet dream. Maybe I'm missing something but I just don't see how it is possible to support Chip and Pin without proving the system is broken.

-----


In relation to the second part of the article regarding lost messages it would be interesting to see the same test done but with HA queues:

http://www.rabbitmq.com/ha.html

I might be wrong but I'd suspect that it might solve the problem as while the partioned nodes will still discard the data it should be present on the master node.

-----


Those tests were done with mirrored queues:

"We’ll be using durable, triple-mirrored writes across our five-node cluster"

-----


The mirror does not seem to work just gets stuck on Calibrating.

-----


It doesn't seem to work on Firefox. Well, it used to.

-----


The only problem is now when you click on the submission link you can't view the article because you need a FT subscription. If you clicked the link that sends you via Google you can view the article due to the FT allowing limited free views via search engines.

-----


Yes—that's why the trick is clever. But this has been the situation for a long time, and much as we're all annoyed by the annoyance, it would clearly be inappropriate to have all paywalled links show up in HN as "google.com". If people want to post links like this in comments, that wouldn't be a big deviation from current practice.

-----


Maybe, in cases where the initial URL submitted redirects, the title should show two domains: the initial domain, and the final domain reached when the entire redirect chain is followed. Or we could try to convince the HN community to favour other sources over FT; this story, in particular, isn't short of write-ups elsewhere.

EDIT: BTW, I can view the article. Is that because I'm coming from outside the US?

-----


Works fine in Chrome on my Nexus 5.

-----


There is a composer.json and composer.lock file in the repository. All you'd need to do to download all the dependencies is have composer installed and run "composer install".

-----


Thus making your application build process require full Internet connectivity, and making it require that every dependency hosting site is working.

Committing dependencies is a solid decision to avoid taking a dependency on a bunch of third parties.

-----


"application build process" or simply the checkout process? I'd suggest your deployment process shouldn't include a public git repo others can change. Instead, use your own fork on Github, or alternatively host a git repo local to your deploy network. After all, you're trying to avoid dependencies on things like Github working/failing, right? ;-)

-----

More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: