Author Archives: Jeremy

Insult to Injury: Countrywide Data Breach Affects Millions

It isn't bad enough that Countrywide was engaging in questionable loan practices , but now they've lost the data on millions of customers as well.

And, as usual, the completely worthless response:

The company nevertheless promised to provide two years of free credit monitoring to affected individuals through the ConsumerInfo.com division of the Experian credit bureau.

*Sigh*

If you've been affected, now would be a good time to get a Credit Freeze

NSA Cryptokids Get a Taste of Privacy Invasion

Y.R. Tap - The reject Cryptokid
Y.R. Tap - The reject Cryptokid
The NSA has been working on their public image and trying to market itself as a cool place to work partially with their "Cryptokids" campaign. Their goal is to teach kids about what the NSA does in a fun, kid-friendly way.

But that's not what I'm posting about.

I ran across this interesting comic about the unpopular little-know cryptokid, Y.R. Tap, the NSA domestic spying fly. The fly shows the Cryptokids what can happen when civil liberties are violated.

Make sure you find and click the "Next Comic–>" link at the bottom to see all of them

How to use Paypal Safely

the Paypal logo
the Paypal logo
This isn't going to be an exhaustive write-up about Paypal and the various trouble you can get into with it. Instead, I'm going to talk about one very important part of the system that most people should know how to deal with.

Specifically, the direct bank access.

When you sign up for Paypal, they ask for your bank account information so they can make some test deposits. Once you see the deposits, you return to the system to tell them how much was sent to verify your account.

Here's the problem: if you do it, Paypal will then have full access to your bank account to pull funds if you were to say, go negative on your Paypal account or some Paypal employee decides they need a little of what you have or a hacker breaks through their world class security.

Instead, don't ever confirm the deposits. What this does is allow Paypal to continue making deposits (for when you get cash in Paypal), but they can't debit your account (so there!). Granted, doing this will limit the amount of money you can filter through paypal (like $500 a month or so), but so what? Most people never do transactions that large and worst-case, if you manage to get a single transaction over $500, just withdraw it over the course of a few months.

If that's not realistic for you, fine, confirm the numbers, just make sure the account you're using is disposable.

iTunes Update Erases Music Library

A glitch in the newest iTunes software update has caused many people to lose previously purchased music and movies. Though they've fixed the problem and apologized for it, many people are unsatisfied.

"Most of the music I have purchased online from Apple's iTunes Store has been deactivated," wrote Martin of Suisan, Calif. "I have purchased approximately $140 dollars worth of songs and videos from iTunes Store, which currently is worthless due to the fact that iTunes will no longer play any of them."

When you deal with a company that is dead set on controlling everything you do with your legally purchased media, you're best off not using their product. Even if you decide to use iTunes, make sure to strip the DRM off using the Hymn Utility so you can copy or use the music freely.

“Spore” Dying Under DRM

Spore, the long-awaited (years actually) video game from the creator of Sim-City and the Sims has finally been released, but with a catch. It includes invasive drm that has resulted in a movement by gamers to keep the Amazon.com score at the absolute bottom.

I hate to see a good game go down, but I'm posting this in the hopes that it helps spread the message and damages their sales just that much more. No company has the right to try so hard to control how we use software that we can't use the software.

Former New York Mayor Endorses Obama, Calls Palin “Scary”

Former New York Mayor Ed Koch, who supported Bush in 2004 has recently changed his tune. Now that he's supporting Obama, people want to know why. "The designation of Palin to be vice president," he said. "She's scary."

He also said this of Obama:

Ihave concluded that the country is safer in the hands of Barack Obama, leader of the Democratic Party and protector of the philosophy of that party. Protecting and defending the U.S. means more than defending us from foreign attacks. It includes defending the public with respect to their civil rights, civil liberties and other needs, e.g., national health insurance, the right of abortion, the continuation of Social Security, gay rights, other rights of privacy, fair progressive taxation and a host of other needs and rights.

Go Koch!

(H/T to Digg.com for the link)

Can’t Decide Who’s Right or Wrong? Let the Internet Public Help!

So now if you get into a disagreement that you can't find your way out of, you and your significant other can go to Sidetaker.com and post your respective sides on the issue. Users of the site can browse through the arguments, vote, and comment on who's side they're taking and why.

Honestly, I think this sounds like a pretty neat idea. Of course, I would get more use out of the site if they'd let us post work-related disagreements instead.

(H/T to Digg.com for the link)

Disgruntled Employee (Whistleblower) Slams Gamestop’s Rapacious Business Practices

A disgruntled former employee of GameStop calling himself "WhistleBlowerZero" has created a 9-part YouTube video series which explains quickly, but in exhaustive detail, the many reasons why you, Dear Consumer, should not shop at GameStop.

That pretty much sums it up. I listened to a few of them and the best part is that it's both amusing and packed with real world information and math that explains exactly why Gamestop is a huge rip-off.

The World’s First “Unclonable” RFID Chip – Yeah Right

The website includes very loose information about what makes this chip so "uncloneable", but I highly doubt that it's true. An RFID chip is read by radio waves and as long as you can make a chip, computer, or anything else that transmits replicate the signal that the original chip did, you can clone it.

If they mean that you can't make one of these chips copy the data from another of these chips, I can see that as being possible, but what difference does that make in the end if I can use a different brand chip to open your secure door or travel the world in your name?

Beware “Brick in a Box”

Sometimes when you buy something online or at a major retailer, you'll get it home to find out that it's full of bricks or bathroom tiles instead of the product you expected. Sometimes this is due to shifty warehouse workers and sometimes because a customer buys a product, says it's defective and returns it even though they replaced it with bricks. If the customer service counter doesn't check the box before accepting it, it goes back on the shelf and you get stuck with it.

The store's response to this is generally not going to work in your favor, but there are ways you can make sure you don't end up with the brick.

Read the article for full details, but here are the two main tips they cover that I agree with:

  1. Pay with credit card – This will give you many types of buyer protection automatically like the ability to do a chargeback.
  2. Check the item before you leave the store – Make sure you know what's actually in that box before you walk out. It's much harder for them to make the claim that you put a brick in it inside the store.
  3. Policies aren't laws – Just because a story says "it's policy" doesn't mean you should give up. They often have very bad policies and even some that might be considered illegal. You should fight for what's right regardless of what the store says is "policy".

Stealing Cellphone Data Takes Only Seconds

There's a small device that when plugged into many cellphone brands (and the list is growing) that can copy all data on the phone. In other words, if someone wanted to know every bit of data you have on your phone, they could ask to "borrow it for second", plug this thing in when you weren't looking and hand it back.

While designed for law enforcement, this device is available to the public for only ~$200

The rule: if your phone contains sensitive data, do not leave it unattended. If you loan it to someone to use because they tell you theirs is not working, make sure you actually see them using the phone and there is nothing connected to it.

(H/T to Schneier's Blog for the link)

How RFID Tags in Products You Own Can Be Used to Track You

Katherine Albrecht has written has written an article for Scientific American that everyone should read. For those who don't already know her, she's the leader of CASPIAN and one of the world's foremost experts on RFID privacy issues.

Here is a mini summary of some of the major points:

  • Companies intend to replace barcodes with RFID
  • Unlike barcodes which identify a product type (i.e. a can of soda), RFID will identify an INDIVIDUAL product (i.e. can of coke #48377625376)
  • RFID tags can be read secretly from long distances (30 or more feet).
  • RFID tags in licenses have minimal security (and even passports that have more security have been hacked already many times)
  • IBM filed a patent that was granted in 2006 for a system of scanners at “shopping malls, airports, train stations, bus stations, elevators, trains, airplanes, restrooms, sports arenas, libraries, theaters, [and] mu­­se­­ums ? to track the movements of people by their RFID tags
  • Alton Towers (an English amusement park) issues RFID wristbands to visitors and tracks their movements through the park. While they use it to create a keepsake "where you went" map for their customers, they prove that the system works in practice

RFID misuse has been one of my top issues for a long time and it's important that everyone realize the danger they pose and support preemptive legislation to prevent RFID privacy invasion.