Author Archives: Jeremy

Credit Companies are Scum – Schneier and I Both Know It.

Just to show I'm not the only one out there that thinks this way:

Click the link above for the rest of his essay, but this part is the part I was nodding with:

First, fix the economic problem. Credit card companies make more money extending easy credit and making it trivial for customers to use their cards than they lose from fraud. They won't improve their security as long as you (and not they) are the one who suffers from identity theft. It's the same for banks and brokerages: As long as you're the one who suffers when your account is hacked, they don't have any incentive to fix the problem. And data brokers like ChoicePoint are worse; they don't suffer if they reveal your information. You don't have a business relationship with them; you can't even switch to a competitor in disgust.

Credit card security works as well as it does because the 1968 Truth in Lending Law limits consumer liability for fraud to $50. If the credit card companies could pass fraud losses on to the consumers, they would be spending far less money to stop those losses. But once Congress forced them to suffer the costs of fraud, they invented all sorts of security measures–real-time transaction verification, expert systems patrolling the transaction database and so on–to prevent fraud. The lesson is clear: Make the party in the best position to mitigate the risk responsible for the risk. What this will do is enable the capitalist innovation engine. Once it's in the financial interest of financial institutions to protect us from identity theft, they will.

Gonzales to Outlaw Attempted Copyright Infringement

I don't have the strength left to argue anymore, but this just seems like a bad idea (read it for yourself). Anyway, after Gonzales spent over a year under presidential directive to come up with a plan to fight ID Theft, but completely failed to whole-heartedly endorse the one working solution, I find it hard to trust anything this guys recommends.

That's not even counting the various allegations of wrong-doing against him.

(H/T to Slashdot for the link)

House Reaffirms FISA

So the House has confirmed that FISA is the ONLY way that surveillance can be secretly done in the US. Um… duh?

Is there anyone that understands this whole mess? Bush breaks the law along with the Telecommunication companies. He gets away with it because no one seems willing to challange him. He tries as hard as he can to get immunity for the Telco's too.

Congress has repeatedly rejected all attempts to circumvent FISA in new bills, but even if they HAD passed a new law, Bush is still guilty of violating the first one! I just don't get it.

Brain-dead Teachers Freak Students Out With Fake Gun Attack

Someone actually thought this was a good idea? How stupid do you have to be?

Staff members of an elementary school staged a fictitious gun attack on students during a class trip, telling them it was not a drill as the children cried and hid under tables.

"The children were in that room in the dark, begging for their lives, because they thought there was someone with a gun after them," said Brandy Cole, whose son went on the trip.

……………………hmm…………….. well,……………… What do you say to this?

These teachers are damned lucky they didn't do it in my kid's school.

Yeah. That'll work.

(H/T to Slashdot for the link)

Update: Here's a link to the school's press release on the topic. Their account of what happened is completely opposite of what was reported on CNN.

Most of the students stood up and said, "That was a good one." "Yeah, you got me." High fives were exchanged.

Either the school is totally downplaying this or CNN has got some serious problems with their accuracy. Either way, if even one child was crying and taking this too seriously, the "prank" should have ended. I still think it shouldn't have happened in the first place and I'll just go back to what I said before: it's a lucky thing for them it didn't happen at my kid's school. I would have been in the princicpal's office the same day.

But something about this press release bothers me and apparently I'm not the only one:

"The children went to sleep and did not discuss it the following morning."

The absurdity of that statement is staggering. They are trying to convince people that in a class of over 60 students, after teachers pulled a 'prank', that not one of these ~60 students said anything about it the next day? Not one of them teased another one about falling for the 'joke'? Really? Not one?

The person who posted this comment on the Slashdot forums is right on.

Verizon Tries to Justify NSA Spying

Verizon, who I was pretty certain hadn't handed over any customer records according to them, is now saying that it's ok for them to do it, it's free speech.

Essentially, the argument is that turning over truthful information to the government is free speech, and the EFF and ACLU can't do anything about it. In fact, Verizon basically argues that the entire lawsuit is a giant SLAPP (Strategic Lawsuit Against Public Participation) suit, and that the case is an attempt to deter the company from exercising its First Amendment right to turn over customer calling information to government security services.

When will the madness stop?

TSA Steals Money and Gets Away With It

So they don't have cameras watching the TSA employees as they check the luggage? It's no wonder abuses like this keep happening.

Don't check valuables! You have to assume that anything worth more than 5 bucks that you check is going to be stolen. It's not pretty, but it's the world we live in.

This is unacceptable. When there's a string of employee thefts and in particular done by security personnel, there's no justification for ignoring the problem.

TJX Blames Weak Wireless Security

This is so, so stupid. It's not weak security, its that you raped us for all our customer data that we didn't want you to keep anyway. If you hadn't stored all the data on us, you couldn't have lost it.

In addition to pilfering over 45 million—and possibly as many as 200 million—credit card and debit card numbers, the hackers were also able to obtain other personal data from over 450,000 customers. This included driver's license numbers and Social Security numbers.

I already know they don't need to store our credit cards, but licenses and SSNs?

RIAA and RICO

Here's an interesting discussion of how RICO might (or might now) apply to the RIAA. For those who don't know, RICO is a special statute that provides for harsher penalties and triple damages for plaintiffs as long as it can be shown that the defendant is a member of organized crime (look it up on wikipedia for a better description).

Anyway, I have always thought that the RIAA counted under RICO. They're an organization that is purposfully breaking laws, extorting innocent people, and has been doing it for years and years.

US Snubs Canada

In a continuing effort by the Bush administration and the ridiculous Department of Homeland Security to make sure there's not a country left in this world that supports us, the DHS has suddenly abandoned talks with Canada about traveller pre-screening.

"It's unacceptable to say it can't be figured out," former U.S. ambassador Gordon Giffin said Thursday from Calgary.

"The U.S. can't just throw up its hands. It's almost childish, like they're taking their marbles and going home," said Giffin, who served in Canada from 1997 to 2001.

"It's just not productive. For Pete's sake, we're working with Canada. We're not working with some Third World country."

(H/T to Schneier for the link)

Confessions of a Geek Squad Technician

This is an amazing essay from a former Geek Squad tech as to why Geek Squad was great, but isn't anymore.

The fact is that you are no more likely to see a real technician at a Geek Squad today than you would be to see a real 5'10" mouse, wearing red suspenders at Disneyland. It is all an act… a show to provide what the customer assumes they need to see. The shoes, the ties, the badges, the pants, the socks, and the shirts do not increase the persons ability to fix your computer, they merely fulfill the customer's subconscious expectation of what a competent computer technician looks like.

He talks of the time he opened a "new" computer only to find that it was in reality, used. His manager told him to clean it off and give it to the customers like nothing had happened of which he said "On this day, I would favor the respect of my superior, rather than that of my integrity".

Wow.

Then there's the time that they were backlogged on computers to repair so management decided that things like crashes and viruses could be fixed easily by wiping all data on every computer. They don't have to worry about legal rammifications because customers are forced to sign a disclaimer that says they've backed up all their data.

And don't forget that Geeks are lonely. If you have (or had) any porn on your machine, they'll find it and save a copy:

If there were a competition between a Playboy editor, a photo lab technician, and a voyeur for the person who has seen the most random pictures of naked people… the only way any of them would win is if the Geek Squad agent was late to the contest.

RFID Worst Case Scenario Has Arrived

The people over at CASPIAN have warned about how companies are trying hard to get RFID tags into all their products without people knowing. Well, now they will. The anti-theft tags that nearly every product currently has will be combined with RFID technology so that nearly every item you walk out of the store with will also transmit a unique identifying number to any reader nearby. Theives, marketers and big brother are salivating.

You don't believe that companies are desperately interested in what you do every waking moment? Then you haven't been paying attention.