The Crapolla According to Fek'Lar
You know you're over-the-top when...
Lady GaGa calls and says you need to tone down your wardrobe.
You've stumbled onto another issue of The Crapolla, a journal written for software professionals. No not the managers; I mean the people who do the work.
This Crapolla is sponsored by...
In This Issue...
Wall-to-wall security issues.
Skrubal writes...
Fek,
We just learned that our site is blocked by the Great Firewall of China. All of our Chinese customers are cut off. Are we screwed? Should I go find another job?
Skrubal
Cube 6038
Hey Skrubal,
Congratulations! You're in great company! Facebook, YouTube, The New York Times, and IMDB are all blocked by the Great Firewall, and they're all doing well. You should celebrate! This is like having your book banned in Boston. I hope you have pre-IPO options.
Are you hiring?
Fek
I'm sure some of you have been affected by the outage of the PlayStation Network. As of this writing, Sony says they are bringing it back up. I'm not sure Sony knows exactly what happened. The outage had been going on for weeks. The real bad news is that it appears someone broke in and stole the database.
I'm not on the PlayStation Network. It's not that I don't trust Sony the way I don't trust Facebook. I'm just not a gamer. I've followed this because the issue isn't at all about gaming. This is really about ecommerce and how "secure" the data you provide a vendor is. It strikes me some changes in how we do ecommerce are in order.
First, if a vendor is never going to physically send you items (as the mycokerewards.com web site does) they shouldn't be asking you for a street address. You should not provide a real address if the company asks for this. (They will. Corporations are under the impression that they own you.)
Second, you need to have a unique password and hint questions for each website which holds any personal data about you.
Third, and this is the biggie, we need a new way to pay for online goods and services. Credit and debit cards are a blank check. They are tied to either a credit limit, or a funded account. Both affect your credit score. We need a new debit product which is a pre-paid card. It has no personal information associated with it, and it is not tied to a bank account, or credit record. If stolen the most the thief can get is the amount in the account. It would have the convenance of plastic and the anonymity of cash.
Here's why you may never see it.
First, banks are making most of their profits right now from the cards. On credit cards, they are loan sharks charging through the roof interest rates. On debit cards, the profit is in over-draft protection (again, a form of a loan). Both types of cards have many types of fees associated with them. The anonymous card would need to produce the same amount of profit or the banks would not see a reason to offer them.
Second, the government is getting less and less happy with the idea of anonymous transactions. Two reasons. First the IRS wants to know every bit of profit every person and business makes. Second, the government is very interested in how terrorists, and other criminal networks move money. I wouldn't be surprised if, in the future, every cash register was required to scan the serial numbers of every bill taken and distributed. With this data, the government would be able to track the movement of money with ease. A pre-paid anonymous card would prevent tracking because the card would have no personal information associated with it.
I doubt my idea will happen. No high-profit scenarios, and no government tracking. Too bad. The PlayStation Network has 77 million customers who all must worry about the security of their money and their credit scores because both the company and the customers thought a system could be built that could not be broken into. They were wrong. There is no unbreakable security. The only way to combat this type of crime is to make the payoff less lucrative. That means reduce the amount of money in the cash drawer.
Ring!
"Is this Mr. Fek'Lar?"
"Who's calling?"
"<insert name of bank here>."
"Yup, it's me."
"I'm <insert name of bank employee here>. I'm calling about a check we received."
I had written a very large check a few days previously. Not that I'm a complete luddite, but when you get to large sums of money, stores won't let you put all of it on your credit card because they lose a few percent.
"Is it the one for <insert large sum of money here>?"
"Before we continue, I need to confirm your identity. Can you tell me your date of birth?"
I thought I was being tested.
"No."
"I'm sorry?"
"I can't give you any identity information because I can't authenticate your identity. You cold-called me. You could be anyone."
"I understand. I've attached a note onto your account. Would you call the bank and ask to be connected to me?"
"Is the check in danger of not clearing?"
"I can't discuss that yet."
The call ended. I brought up the bank's web site and found a number to call. I asked the person who answered if there was a note on my account. There was. It said to connect me to a specific extension. I was connected. Now that I knew it was my bank who had called, I provided the secret codes to my identity. (Favorite color: e5580c, Mother's Childhood Pet's Name: Smokey, Father Preferred: Bouillabaisse over Gumbo.)
Turns out, the bank stopped when they looked at my signature on the check. My signature wanders a little over time. In fact, my writing is so bad that you can take a piece of paper I've written on, draw a big Rx at the top, and CVS Pharmacy will give you drugs.
The bank was doing the right thing asking me to confirm the check. I too, did the right thing not providing any identity information to an unknown person cold-calling. Any financial company should understand when you tell them that they can't be authenticated. The bank's solution was also correct. Instead of telling me the number of the bank, they directed me to the web site. I should never use a number the not-yet-authenticated person provided. Until I knew they were who they said they were, everything they said could not be believed.
This Issue's Headline submission to the National Daily World Enquiring Globe.
The White iPhone is Out!
Geeks Run to the Apple Store While the Arab World Crumbles
Heard in the halls of various software companies.
"If you want to be taken seriously, you have to learn how to swear."
"I can't get to SalesForce. I'll look at other web sites today."
"I love listening to people saying stupid things."
"Wait till I'm feeling better and can be an asshole again."
"What do you mean the head of IT quit 3 weeks ago?? I've been yelling at no one in email for 3 weeks!!!"
I have to find some Diet Coke. They only have regular here.
Fek'Lar
They pay me to think. These are my thoughts. Do you think they are getting their money's worth?
Remember: The Crapolla contains my personal opinions. That's right they're mine, so get your own! And you kids get off my lawn!
Although written with the software professional in mind, my mind tends to wander all over the place, and I sometimes write about politics, mass stoopidity, dumb things I saw, and whatever else comes to mind.
From time to time, I use salty language, thus The Crapolla is not intended for children, or certain people from the Christian Right.
This whole mess is copyright © 2011 by LowComDom Performances, all rights reserved. Wanna send this to your friends? Go ahead and pass out the URL.
feed available from http://www.lowcomdom.com/crapolla/index.xml
EOJ
<-- Read the previous Crapolla or Read the next Crapolla -->