Law

Clanning Concept Art

For the unwashed, Clan Lord by Delta Tao Software is an archaic, sorely out-of-date Multi-player Online Role-playing Game  (MORPG) that has been running since the late 90s. The single world (server) and small population make it feel like a small town, thus all of the current players have the same goal (job). Thus, like any small group with common goals, it is a bit like a company: You have your people in it who are on the ball because they work well in teams and independently, those that only work in teams because they need direction, those that lead group of people in a direction, those that specialize in a subset of knowledge about the terrain (market or technology) all of whom trade their time and risk profit (experience) to advance, and finally those that just show up to have fun. These flyby ‘fun’ people are equivalent to the people who just show up for a paycheck. In the game, one seemingly minor mistake can lead to the death of the entire group.  This necessitates departing (experience and time loss) which is a bit like working on a project  and having it fail miserable because Joe Paycheck didn’t know or care that you shouldn’t have done X.

Considering the parallels I noticed about the in game group and the group of people you work with  day-to-day, I have found several commonalities that I have taken from work to game and from game to work that have helped me navigate real life teamwork, leadership and relationships.

(Original Circa 2012; Minor Update: 20170502)

Continue Reading

javascript-scam-dialog

The dialog, sounding ominous, is using ignorance and fear to urge the user to “Act Fast” to avoid disaster. It is also a complete lie aimed at scamming you

Mistype “Twitter” or any popular URL into you browser and you might fall victim to scam-ware with an dialog box that looks like the one to the right. This screen shot is a dialog box that pops up upon being redirected to a domain name with a common miskeying of “twitter.” The landing page has a javascript that threw up this auto-opening dialog box that is intended to look like a system level warning. This is all a con game — and BTW: “con” stands for “confidence” because the whole scam is based on tricking people that they can trust the person scamming them with confidence.

This dialog box automatically opens on this page, and reopens after being closed. It contains text that is ripe with known psychological techniques that urge victims to take fast action and not look for outside help. Its wording is finely crafted to shuts down a person’s reasoning centers and on impulse.

The first is a warning of imminent warning of danger: Which is akin to a sailor in a bird’s nest yelling “VIRUSES HO!”

Back in the day when a warning would require immediate action to avoid crashing a ship on the rock, this was a good survival instinct: “Don’t think, thus do it” has saved countless lives. However, this assumes you know what to do in the case of an emergency. If you don’t, following the instructions of a trusted instructor could sometime land a plane safely — as in many a commercial airliner disaster movie. So, here is a manual that shows how these scams work which might help novice users avoid losing a lot of money for no other reason than not knowing any better.

Continue Reading

SmartTVs have a tendency to collect information without allowing end users to control or even know what is being collected and transmitted. UPDATE: Recently, Samsung’s legal disclaimer about its voice controlled SmartTV had to include a warning (buried in the legal section) that the TV is always relaying what the user’s near the TV are saying, and mentioning that sensitive information should not be said near the TV.

This is an example of the invasiveness of these devices. On top of this, the technology is so new, that there are no regulations concerning what information can & cannot be collected with smart devices, nor how that information is transmitted. The article below from the BBC explains how LG’s SmartTV sends the names of his family members in clear text across the internet— something that most people would be uncomfortable having publicly available. These are just 2 examples of how buying into the convenience of a Smart TV is not worth the cost in terms of privacy.

Continue Reading

In a recent article Sophos had a poll asking what the appropriate sentence for tech related fraud — such as fake “Windows Support” call saying you have a virus and asking for $300 to fix it over the phone. I have covered what to do with any unsolicited phone calls before (The “short” answer: do not believe any claim of identity and ask for proof such as their employee ID#, the company they are representing {which they are often obligated to give you}, the case number for your issue, & a callback number and hang up. Then look up the company contact info — make sure the company is on the up and up {has a physical address, look up consumer complaints about the company, etc.} — and call the official number with your case number if it all checks out. And never be afraid to get a second opinion — if a person tells you not to bother contacting someone else for a 2nd opinion — or worse discourages contacting a 3rd party — it is a huge red flag.) 

Excuse the outlandishness of this idea — it is just an idea that needs further refinement. If you are extremely narrow-minded or think “nothing can change/nothing will help” please stop reading now, to avoid reading something that might upset you. You have been warned…

Continue Reading

I have heard several small business owners complain about Yelp’s “sleazy” and “crooked” (their words) tactics. I think that while ruled legal, Yelp advertising itself as a fair and honest ratings is deceptive. It is clearly a conflict of interest that they control the order of listings, and take money for advertising and placing advertisers higher in the results. When they tell businesses they can increase their star-rating by buying ad-space, or decrease it by not, that is hardly fair, nor honest. People have been led to believe Yelp star rating are accurate—they keep advertising it as such. But when Yelp is free to manipulate the listings, it is clear that “hard bargaining” is corporate speak for “manipulative coercion.” Despite its legal standing, Yelp’s practices are far from ethical—especially since it advertises ratings it publishes for businesses as genuine.

I have been following Dalton Caldwell on Twitter and reading his blog posts for sometime now. A vast majority of the time, I am nodding along to each of his points, as he points out a company or industry’s fundamental breach of trust or lack of sense in some new strategy that will revolutionize the industry.

This time Dalton is trying to kickstart a new social network with a twist: App.net. Instead of selling you, the user, and having you do all the work by posting content and telling the company what you like, only to have them turn around and sell your data to marketing and advertising agency. So, they can resell it to businesses looking for people in your demographic as a higher priced “targeted ad,” he aligns the social network with users by having the money come directly from the users. Dalton—being a “very smart guy”—knows the idea of paying for a service that is usually free in order to get better treatment has come.

When live journal, tribe, friendster and myspace were all trying to figure out how to monetize their social networking sites, the public at large, didn’t understand how valuable having a way to broadcast to the internet was. Now, that the public has had a taste, the idea and acceptance of social networks being a valuable way to communicate with friends has allowed people like Dalton to finally offer a service that people know the value of paying for. Tribe, Friendster, MySpace, LiveJournal, etc. were all trying to ride the wave when it was still out at sea while also getting towed be boatloads of advertising cash. Facebook, Google and Twitter are now trying to catch a line from the advertising boat, and alienating some of the people generating the wave.

They could easily turn around and offer a paid, ad-free service, however the real damage is with their selling and sharing of your data—things such as you email address, name, age, sex, address, zip code, etc. Once sold, the Facebooks of the world cannot redact any of that information. There is no mechanism to pull your data once it is let out to a third party app or game a person tries even just once. While FB’s compliance policy says the app maker must delete your data if you remove their “free” game, there is no enforcement, nor any auditing to make sure this is actually happening. So, really, it is time for a new entity with a clean slate to start with a center that is based on serving the people who pay for the service rather than the advertisers and companies that pay lip service to privacy concerns.

The saddest part is, even when a big company such a Google or Facebook adopt practices that are gross violations of privacy or make errors that would land a person in jail, they get what amount to a slap on the wrist, and publicly apologize, saying, “it will never happen again.” But we all know that their profit-margin from either alleged “mistakes” such as bypassing a DO NOT TRACK header, or sneaking persistent ID cookies in there to follow your browsing habits far outweigh any penalty once they get caught.

For instance an executive at BP could have sat in his office knowing full well they would be forced to cough up up to 2B for gross negligence (as long as they kept their mouths shut and never admitted wrongdoing), but also the net profits will be up 50% to 15B. That 2B dollar fine is just the cost of doing business and still a 30% jump above last year. (All of this is speculation, and I haven’t even checked their numbers, but you get the idea.) The same could go on every day at a large company in the social network space as well. An executive could weigh the risk-reward ratio of any illegal action, and figure that with enough spin, plausible deniability and legal fees and decide that the penalties are far enough down the road, and that public scrutiny only lasts so long.

I see BP gas stations today and they are doing business as usual with pump prices holding steady a lot higher than before the explosion in the Gulf, because people don’t care unless it is convenient for them to. If it is inconvenient to not use a product or service that they know is from an ethically deficient company, they generally make excuses or just admit, “I don’t care” if they are a more honest person. In fact as long as their interests align, they are willing to put up with a few questionably ethical practices.

The thing is, if one of these companies deices that their quarterly profits are worth more than a permanent injury to a group of people (such as their identity being stolen and their credit destroyed) or the environment (such as sea life mutating thanks to oil dispersants used in concentrations that would affect cell replication), then you or the victim of their risk-reward calculation are fucked. Because all that will happen will be a slap on the wrist, and lip service. There is no such thing as a corporate death penalty for accidents, nor gaming the system. But there should be.

That’s why I hope Dalton succeeds. If his service takes off the ground and holds to its ethical center of “people over profit (but a profit is needed)” then companies like his will take care of killing the parasitic companies and the sociopathic companies for us. So, while I haven’t backed the project yet. I will definitely earmark part of my budget for it, and help by telling people. I do the same for any company that “gets it,” such as duckduckgo.com: because face it, Google’s “‘do no evil’ mantra” has evolved into (as George Carlin would say) “pure bullshit.”

I am not against making money, but I think no company should ever place the basis of their revenue stream at odds with sound ethical practices. If their is ever a question, then obviously you are in the wrong business or talking to the wrong people. Advertising and marketing are usually at odds with maintaining honesty and privacy, and those are the areas I would never work in. For instance: What would I say if asked to develop a system to help people find information when they want it? “Great!” Develop a system to monitor what people are doing with this tool? “Fuck off.” Why? because it’s a basis of freedom, and the word “freedom” does not mean “We will monitor what you do, so only do what we want you to.”

So, yeah, I have $50–$100 for dalton because I value people who put their business practices inline with my concerns for privacy and ethical behavior. Do you? Ask yourself if you really do too. Are you concerned enough to pay someone for this so they can erode those that are paying the numbers with your health, safety and security as their poker chips?

Okay,

Quickly: This month has been a “lurning [sic] experience.” I am juggling multiple projects which are all related only by the fact that they’re simply making me a better designer. New tricks are being learned, etc. Sites are going up and being moved, and I’ll be updating everything and essentially leveraging what I learn in one place and using it in another.

I finally figured out I needed to buy more RAM for my laptop: sometimes there is less than 16MB of free RAM and over 700K page-outs in a few days of heavy use. The thing would slow to glacial pace during heavy loads. It’s really been holding me back. Who knew 4GB wasn’t enough!?!? So, I broke down and ordered a few more gigs. Luckily, installing is a piece of cake on my MBP. I was in and out of a friend’s machine in less than 15 minutes without cutting any safety corners. I also need to get another HD and replace the optical drive. OR I can just breakdown and backup over WiFi and offload some files. But I like the idea of having everything with me.

Another, non-web, but information related project is advancing slowly, but it is way too soon to even talk about. I am still researching to decide the best approach. Some of my closest friends know about it, and I think about it all the time. It is currently possible: all the building blocks are there, but no one has put them together yet. I should probably stop spouting off about it to people who work for huge computer companies though. But for all I know someone has already patented it? I dunno, I heard if you research a patent it is worse if you get sued. :

Anyway, my plan is to release it under a non-commercial open licensing scheme, so that pizza fueled one man ops can use it freely, and large corps that can pay may license it. But as I said, someone might have already patented the pieces, but I think this would probably fall under derivative works. I’m not sure because I am not a patent lawyer. It sucks that I have to keep the cards close to my vest because copyright: originally designed to encourage innovation, is now a club that large corporations use on each other daily. Recently I read about a patent lawsuit about emoticons in a pull down menu on Ars, It seems silly to anyone, but that’s how whacked patent law is. The funny thing is, within my circle of friends I probably have all the people I would need to start developing this thing in earnest, but first I’ll go in sideways with build-up projects.

A big thanks to those people with everything from bachelors to PhD degrees in CS and related fields that I have the greatest conversations with. I learn something new every time I get a chance to pick one of these people’s brains.

Apologies about any incorrect punctuation marks or typos. I’m typing this on the fly before heading off somewhere. Cheers!

Unfortunately, I might have bigger fish than CSS3 to fry soon. In the past week I heard about Google spying on people, even those in private mode (I would link to the video, but Google has apparently buried it since the station reporting it uses Google for their search and video); Facebook arguing in court that everyone is “Famous” to their friends so they can use your pictures and name in advertisements; another security flaw that makes 4 out of every 1000 RSA certs easy to crack; Nortel networks that were completely pwned by chinese hackers for a decade, recycled botnet code repurposed for stealing passwords, SoNet’s inflated user number (not a surprise — about 50% of the social network accounts are fake or unused), the Megaupload seizure, and the list goes on! Much of that I read on Ars.

The interesting thing about the Google story is that a person interviewed for the report said that to Google, its users are the product… hmmm, someone I know wrote that a few months back, hehe. (Sadly, not many saw it because it was rejected by Dice.) Anyway, I still have to write my Apps o’ Fame list, but I’m not sure whether to submit it and wait for a month or two or just post it here without editing or delay. (Thus why this update is posted here.)

Social Networking is the hottest property on the internet. Social Networks (SoNets) allow better targeted marketing and allow companies a glimpse into who is buying their products.

Most companies on the internet either have or are working on ways to establish  positive mindshare by encouraging customers to talk about their products and build communities based on common product interests.

It used to be that the best source for information on what people were buying was financial institutions, which tracked what each account was buying, as well as large retailers that offered a wide range of products. Getting this valuable data was expensive and not always easy. Slowly, large online retailers discovered cross-promotion and established partnerships sharing customer information.

Continue Reading