Another fun consequence of this is that you can initialize otherwise-unset file descriptors this way:
$ cat foo.sh
#!/usr/bin/env bash
>&1 echo "will print on stdout"
>&2 echo "will print on stderr"
>&3 echo "will print on fd 3"
$ ./foo.sh 3>&1 1>/dev/null 2>/dev/null
will print on fd 3
It's a trick you can use if you've got a super chatty script or set of scripts, you want to silence or slurp up all of their output, but you still want to allow some mechanism for printing directly to the terminal.
The danger is that if you don't open it before running the script, you'll get an error:
$ ./foo.sh
will print on stdout
will print on stderr
./foo.sh: line 5: 3: Bad file descriptor
The aws cli has a set of porcelain for s3 access (aws s3) and plumbing commands for lower level access to advanced controls (aws s3api). The plumbing command aws s3api get-object doesn't support stdout natively, so if you need it and want to use it in a pipeline (e.g. pv), you would naively do something like
Unfortunately, aws s3api already prints the API response to stdout, and error messages to stderr, so if you do the above you'll clobber your pipeline with noise, and using /dev/stderr has the same effect on error.
The existing build system I did not have control over, and would produce output on stdout/stderr. I wanted my build scripts to be able to only show the output from the build system if building failed (and there might have been multiple build system invocations leading to that failure). I also wanted the second level to be able to log progress messages that were shown to the user immediately on stdout.
Level 1: create fd=3, capture fd 1/2 (done in one place at the top-level)
Level 2: log progress messages to fd=3 so the user knows what's happening
Level 3: original build system, will log to fd 1/2, but will be captured
It was janky and it's not a project I have a need for anymore, but it was technically a real world use case.
It was a while ago since I implemented this, but iirc the reason for that was to validate that the key that has signed this is actually trusted, and the signature isn't just cryptographically valid.
You can also redirect specific file descriptors into other commands:
I was curious, and the American Clearing House has a TPV of $93 trillion, which means ACH is 78%?? That seems too high.
Oh - not all bank transfers count in GDP. I often move money from one account to another.
Note that Visa has the same issue: withdrawing money from an ATM shouldn’t count towards GDP! Neither does Vemo-ing a friend to settle up a split restaurant bill (my Venmo is attached to my debit card).
Not all VISA or Mastercard transactions are credit backed, I'd argue that the large majority aren't anymore they're more commonly debit VISA/Mastercard
I’m not the most well versed but isn’t that still insane to be 4x valuation of PayPal? Maybe it’s more PayPal valuation being crap vs Stripe being too high. Adyen is close to PayPal with a PE of 30 (vs PayPal’s sub-10) and Adyen like PayPal is close to being back to its IPO level.
PayPal seems crazy when it has acquired businesses like Honey (probably hasn’t helped) and Braintree/Venmo since then. Pretty funny PayPal was spun off as the better growth stock but eBay has tripled since then and their market caps are the same now.
The tender offer announced in the article is open to former employees as well, so they personally profit regardless of Stripe being public (unless the claim is that by being public the valuation would be materially higher than the stated valuation for this offer).
As others have mentioned, it comes down to the threat model, but sometimes the threat model itself is uncomfortable to talk about.
It’s sad to think about, but in my recollection a lot of intra-building badge readers went up in response to the 2018 active shooter situation at the YouTube HQ[1]. In cases like this, the threat model is “confine a hostile person to a specific part of the building once they’ve gotten in while law enforcement arrives,” less than preventing someone from coat tailing their way into the building at all.
No, the model there is something bad happened, we must do something. This is something, so we will do it.
I’m not saying that to diminish the value of the actual solution, but what the people want is literally something to make them feel better about a situation that is mostly out of their control.
Someone showed up to their workplace with a fucking gun. And now they have to go there every day, and hope it doesn’t happen again. They want and need the theater.
This is exactly it - most "security" isn't really built around actual threat models, nor is it ever verified. IT security is perhaps the weirdest in the world in that the security of your web server will be constantly probed, whilst your front door could go your entire lifetime and never be probed once.
Where people actually care about physical security, they develop things that do actually work; and often are so unobtrusive you never realize they're there.
Security theater necessitates that it be showy and in your face.
Except a decent part of security is literally just deterrence.
Will my front door stop someone robbing my house if they want to? No: I have sidelight windows you could just smash them and come through.
But the one time a house I was in got robbed, it was because we left the front door open and went out.
Which is odd if you think about it right? Statistically an open front door rather implies someone is home, not away so it's a terrible targeting priority - but our house was targeted and not say, our neighbors who also wouldn't have been home that day.
People are quick to claim security theater, talk about threat models, but equally ignore them anyway.
I doubt these card readers would prevent someone leaving the part of their building they’re in, as that’s a lesson written in charred corpses and was a foundational aspect of health and safety becoming a thing: https://en.wikipedia.org/wiki/Triangle_Shirtwaist_Factory_fi...
In theory it might prevent access to other buildings, but equally often the card readers are around doors of mostly standard glass or near internal windows of the same.
So if that’s the motivation, it doesn’t seem like a particularly effective mitigation
Or the Victoria Hall disaster (183 dead), or Cocoanut Grove (492 dead), or The Station Nightclub (100 dead), or The Beverly Hills Supper Club (165 dead), or.....
Also in what world is a badge reader going to contain an armed gunman unless the walls, floors, doors, and windows are also bulletproof??
I've volunteered at events hosted in older buildings before and it's always such a top of mind thing to enforce a limit on the number of people in the building at any moment. Since these places have the capacity to hold a lot more people than can escape through the exits in the event of a fire.
If an active shooter is the anticipated threat, how does a turnstile effectively stop that? Many of these turnstiles are specifically meant to allow people through in emergencies, and aren't strong enough to withstand bullets or even a sturdy kick. The elevator restrictions would be a better chokepoint, but as the article noted they didn't turn those back on.
It doesn't effectively stop it, but it forces them to give up some element of surprise. They have to either start the attack or start a trespassing action that will initiate contact with police.
Many turnstiles can be jumped over. In this case it’s more about preventing theft and espionage.
I knew someone years and years ago who worked as an assistant to lawyers. The firm had a second office in the state capital, turns out someone was walking in and stealing laptops. I think they had done it three times the last I had heard.
Lawyer laptops going missing is a problem. I don’t know how they ended up fixing that.
If forced partition of a building were the primary goal, that goal could be achieved without badges. Or, at least, without having to badge into every door. Just have locks on every door that are normally disengaged, but which can be locked remotely and promptly.
(While at it, I once worked on an access control system. It was aeons ago; the system ran under OS/2. We installed it on a factory. It worked well, until we ran it in demo mode under production load, that is, the stream of morning shift turnstile registration events. The DB melted. I solved the problem trivially: I noticed that the DB was installed on a FAT volume for unknown reasons, so I moved it to an HPFS volume, and increased the RAM cache for the disk to maximum. Everything worked without a hitch then.)
This actually exposes how this type of system is just security theater usually.
A shooter can get a badge. Most partitions aren't bulletproof (and probably don't have security film), and a shooter doesn't fear getting a cut on some tempered glass.
The thing that would be effective is 24/7 security monitoring with a building lockdown and reinforced entrances/partitions. Of course, the victims whose badges were disabled during lockdown will sue.
So instead, just install badge readers and say that "something was done".
One uncomfortable, but wise truth is: Actual security is bound to the number of minutes until people with big guns arrive. A lot of other measures just exist to bridge time and limit damages until that happens.
We learned this during a funny situation when a customer sent us the wrong question set for vendors. We were asked to clarify our plans for example for an armed intrusion by an armed, hostile force to seize protected assets from us. After some discussion, we answered the equivalent of "Uh Sir. This is a software company. We would surrender and try to call the cops".
During some laughter from the customer they told us, the only part missing from that answer was the durability rating of our safes and secure storages for assets, of which we had none, because they just had to last until cops or reinforcements arrived. That was a silly day.
Shooters tend to be mentally ill people who have been pushed too far by a system, trying to burn that system down.
Killing a boss with a keycard that opens everything might not just be possible but also preferable. Fuck you Tom, you made me work through memaw’s funeral
Places that really do care about security do exactly that. Military bases routinely prohibit on-duty soldiers from carrying arms - except the guards at the gate and the military police.
Far be it from me to get in the way of someone protesting megabank centralization, but...
I have to imagine that this bank relationship will be different from those previous acquisitions? I never interacted with Goldman Sachs for the duration I've had my Apple Card—the relationship is entirely with Apple and their iOS app. I don't imagine that to be much different when Chase is the issuer.
I have a couple store brand cards backed by Chase (like the Amazon one) and they are basically exactly like any other first party Chase card. They show up on the Chase dashboard. You call Chase customer service for issues. Payments happen through Chase. The card benefits are all provided by Chase. The only difference is that there's Amazon printed in front and the points the card earns aren't regular Chase points. Of course their relationship with Apple could be different, but I doubt it'll be anything like the Goldman one. Remember that Goldman didn't have a consumer business at all before they got into the partnership.
"Of course their relationship with Apple could be different, but I doubt it'll be anything like the Goldman one" I can nearly guarantee this is completely wrong. It will be just like Goldman. That's literally the point of getting the card, is do everything through Apple and Goldman is just the backbone and support (through Apple's UI). Apple's contract with Goldman was until 2030, they wouldn't let Goldman out of it unless they were able to find a new partner with same or better experience and terms. They could have choose Synchrony, etc if Chase didn't agree. And clearly Chase was willing to concede to Apple since they don't even offer high yield savings, but agreed to for Apple since thats part of their existing offerings. Right now Apple decides the Promos for Apple Card, and at most maybe Chase will have a little more involvement in those but probably not. So in realty the only real world change is probably better customer support than Sachs, and Chase may not offer higher risks customers credit or as much like Goldman did and finally they may not offer the very low APR's that Apple card is known for, for it's best customers.
AFAIK in the current setup, only the UI is Apple's; any time you message customer service or open a dispute, that is handled directly by
Goldman employees, and decisions to raise/lower your credit limit are also made by Goldman. All of those parts will be handled by Chase now.
Have to disagree there. While the iOS wallet apple is all apple and thats what you will use for checking your statements and making payments which is great. But anytime I have to actually interact with for support that is 100% with Goldman. When you do you support through the iMessage chat feature it's all Goldman on the other end, not Apple at all. And I've had to deal with them far too many times, and each time was absolutely terrible. Because of Goldman but also because of the platform Apple gives them for support, since you send a message have to wait for a text response. So feels like a chat but unlike a chat responses can take a while more like email, but then if they respond and you dont respond very fast then it closes it out and your response triggers a how can we help and you start all over, which is unlike email. So it's the worst of Chat and the worst of Email. Hopefully that is revamped with the new relationship. And if you have to call you get Sachs not Apple. Chase isn't great but expect much better than Sachs.
My problem with Chase and PNC is that their "fraud detection" seems to be random die rolls or monkeys throwing darts at my picture on a wall. I love the 5 minutes of anxiety after each and every purchase where I wonder if it will just randomly fail.
Does that mean that this new partnership will be better because Chase is better at consumer banking than Goldman Sachs, or Chase negotiated a deal that will not cause them to lose a lot of money?
If it's the latter, does that mean that the card rewards for Apple Card will get worse?
> If it's the latter, does that mean that the card rewards for Apple Card will get worse?
Can it really get worse? All they do is a 2% cash back if you use Apple Pay, and 1% if you use the physical card. Ok if you buy directly from Apple it’s 3% back but that’s hardly “good” - you get a couple of bucks for buying an AirPod.
> Does that mean that this new partnership will be better because Chase is better at consumer banking than Goldman Sachs, or Chase negotiated a deal that will not cause them to lose a lot of money?
The partnership between Apple and Chase is not new, even though this particular credit card product offering is. There is another quite popular form of payment Apple has supported for years which necessitated this partnership to be established.
> does that mean that the card rewards for Apple Card will get worse?
the card rewards for AC were pretty awful in the first place. It's only useful as a store card that offers 0% financing.
the deal is probably more in favor of chase when it comes to the fee schedule and various issuing bank and interchange fees (ie, the ~2-3% that card networks charge to merchants)
The danger is that if you don't open it before running the script, you'll get an error:
reply