Category: Things that matter

Faulty equipment? DISH network happy to charge you for it again and again

(via The Consumerist)
Recently, John, a DISH network customer had problems with his satellite dish. Since he’d just had one dish replaced that had died after only 9 months, he felt he was entitled to a replacement. DISH network was only to happy to replace it – for a charge. Read his tale of woe:

“Greetings:

Well Memorial Day was going along swimmingly well until I decided to turn the tube on at 8:00 last night after putting my son to bed. When I turned on the TV it showed that the satellite signal was being acquired. No big deal, we had a lot of thunderstorms yesterday and I thought some may still be lurking. I Poked my head out the door and I could still see the sun setting so that wasn’t it. Time to call my friends at Dish Network…

. . .

…made arrangements to send me a “new” tuner FREE OF CHARGE (like they were doing me a favor) all I had to do was pay $14.95 for shipping. I called bullshit on that. I was more than a little irritated that I had to pay $24.95 when the receiver died in April and now they were asking me to pay $14.95 again for a piece of crap tuner that lasted a month. I then asked “Isn’t this under warranty?” No it isn’t, my warranty, when I signed up, was only for 90 days on the installation and on the original equipment. It doesn’t matter that it died a second time, the warranty expired in October…

. . .

So apparently their business model is lease crap equipment to customers, don’t stand behind it, make you jump through hoops to receive fair credit for using their services, and generally not give a shit if you cancel your subscription.

The full story is much better than this snip. Follow the above link for the details.

[tags]Dish Network, Customer service[/tags]

Political Leadership

Interesting short article at Mitch Kapor’s blog that I completely agree with. Americans’ dissatisfaction with pretty much every politician seems to be near or at historic highs, yet voter turn-out remains low. Why? Well, it could just be apathy or a total misunderstanding among citizens of how our government works, but Mitch suggests it’s just a general dislike for all the available options:

You would think that widespread dissatisfaction (Iraq, Congressional corruption, price of gas) would give rise to intense efforts to improve the situation, but instead there is general passivity, active political web sites of the right and left notwithstanding.

My speculation is that people simply aren’t moved by the choices they see. There is no belief that candidates of either party would really make a difference in setting us on a different course, in meeting the challenge of getting onto the right track. So, being as practical as they can, people go about their lives. If we’re not numb, we know there is something really wrong.

[tags]Politics, Mitch Kapor[/tags]

Assassination in the U.S.

A really interesting article on Assassination in the United States.  And for people who think the government keeps everything from us, this one is hosted by the secret service (should that be capitalized?  I don’t know).  Sadly, the article is a PDF file which contains an image (or images, I’m not certain).  So I can’t rip out a suitable text section to post here.  But trust me, this is a good read, if somewhat longer than most folks would want to read through.  Check it out.

[tags]Assassination, Secret Service[/tags]

Penetration testing via USB keys

There have been a number of articles written about the security experts who recently during a security penetration test randomly dropped around the target facility USB flash drives with a trojan set to autorun. I like Bruce Schneier’s write-up and story links o this, so will reference it. First, Schneier has this:

Recently I’ve been seeing more and more written about this attack. The Spring 2006 issue of 2600 Magazine, for example, contains a short article called “iPod Sneakiness” (unfortunately, not on line). The author suggests that you can innocently ask someone at an Internet cafe if you can plug your iPod into his computer to power it up — and then steal his passwords and critical files.

So if you aren’t reading 2600 Magazine to keep up with the security underground, you’re in the dark.  Get to reading it.  I’ve found it to contain loads of worthless stuff, but the letters section and at least a few articles per issue are usually worth the cost of the magazine.  And if any of you want to get me a lifetime subscription to 2600, I’d be more than happy to accept it…
Next, he links to the story about the USB drives used for the penetration test.

We figured we would try something different by baiting the same employees that were on high alert. We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.

The next hurdle we had was getting the USB drives in the hands of the credit union’s internal users. I made my way to the credit union at about 6 a.m. to make sure no employees saw us. I then proceeded to scatter the drives in the parking lot, smoking areas, and other areas employees frequented.

After this, it’s just a matter of waiting. And as noted in the penetration testing story, it didn’t take long. I have to admit, I probably would have gotten taken by this attack as well, and I’ve spent years working with computer security. It’s not that I wouldn’t be suspicious of the USB drives. My problem is, I didn’t know USB drives could be set to auto-run just like CD drives can. In fact, it’s the default behavior in Windows!

AutoRun is just a bad idea. People putting CD-ROMs or USB drives into their computers usually want to see what’s on the media, not have programs automatically run. Fortunately you can turn AutoRun off. A simple manual approach is to hold down the “Shift” key when a disk or USB storage device is inserted into the computer. A better way is to disable the feature entirely by editing the Windows Registry. There are many instructions for doing this online (just search for “disable autorun”) or you can download and use Microsoft’s TweakUI program, which is part of the Windows XP PowerToys download. With Windows XP you can also disable AutoRun for CDs by right-clicking on the CD drive icon in the Windows explorer, choosing the AutoPlay tab, and then selecting “Take no action” for each kind of disk that’s listed. Unfortunately, disabling AutoPlay for CDs won’t always disable AutoPlay for USB devices, so the registry hack is the safest course of action.

Bruce winds up with this comment that seems obvious to everyone interested in protecting computers except the folks at Microsoft:

In the 1990s, the Macintosh operating system had this feature, which was removed after a virus made use of it in 1998. Microsoft needs to remove this feature as well.

[tags]Security testing, USB drives, Autorun, Network security, Bruce Schneier[/tags]

Industrial strength dance pad (think DDR here)

(via Hack-A-Day)

Invent Geek has posted a really high quality (and quite honestly, good looking) dance pad.  It is built for the XBox version of DDR, but with an XBox to USB adapter, it should work on a PC.  From the information available so far, build time looks to be just half an hour or so.  The big downside to this is the $250-$1000 cost (not really sure why such a large range, though).  I have a decent non-metal dance pad for my DDR gaming, but I’m seriously considering trying to build one of these.  Of course, my wife doesn’t know that yet.

With the introduction of the dancing gaming systems here in the states there has been huge growth with in the community. The problem that anyone who is truly interested in the fitness gaming revolution will face at some time is the gross difference between the home console and arcade dance pad quality. Even the super high end home use dance pads that cost 500+ are not considered a long term or heavy use choice. So I set out to create a dance deck at an affordable price range that would even trump the arcade quality units. This is just the “prototype” and we will be putting up a full article with detailed instructions and even a full part list and plans for the final version that we are in the process of writing up now.

[tags]DDR, dance pad, gaming[/tags]

Bellsouth doesn’t want you to know how much it hates customers

(via Slashdot)

Originally, BellSouth simply denied working to support the NSA’s illegal wiretaps of US citizens as fully as possible. Now, a request has been made to USA Today to retract the earlier story.

The telecommunications giant sent a letter to USA Today on Thursday asking it to retract last week’s story that BellSouth and two other companies helped the NSA compile a massive database of records on domestic phone calls.

In other words, originally there was a denial, but with evidence supporting the earlier story, BellSouth wants to simply hide the details so people won’t know how much help the NSA has been given to continue the current administrations illegal eavesdropping efforts.

[tags]BellSouth, NSA wiretaps[/tags]

The Pirate Bay shut down?

When I couldn’t reach thepiratebay.org to see what new TV shows were avialable, I went looking for a reason.  My first assumption was that somehow, despite past failures to do so, companies who have seen their IP distributed on The Pirate Bay managed to get the site taken offline.  It appears Slashdot confirms my first instinct was basically on-target.

My real interest in The Pirate Bay is TV show downloads.  Of course, the industry calls me a pirate for that.  I, on the other hand, have spent a couple hundred bucks this year on DVD sets for television shows that I never would have purchased had I not downloaded and watched so much from the torrent sites.  I am very unlikely to purchase those DVDs for shows I haven’t already seen.  And since I work at night, don’t have a working VCR, and haven’t gotten a DVR yet, that pretty much means no TV DVD sets without torrents.

[tags]The Pirate Bay, Torrent sites[/tags]

Serious Diebold voting machine flaws

(via Freedom to Tinker)

A recently released report at BlackBoxVoting details some serious flaws in Diebold voting machines. The information is enough to make one wonder (wonder again, for those that have been keeping track of this stuff) why all electronic voting machines do not have mandatory paper ballots to go with the electronic votes. Every location using these, or any other electronic voting machines, should have a mandatory paper ballot which prints out for review by the voter and is kept seperately in a voting box for later review in close elections or in instances of suspected fraud or error.

It may seem that printing a paper ballot would invalidate the whole concept of electronic voting, but it is a simple and effective safety measure that might not ever be called upon. Given the difficulty in reviewing the code running inside these machines, a paper trail is just a smart backup. Most results will likely not be challenged, but when they are, the paper box is invaluable. Additionally, voters will be able to verify their votes by looking at the paper print-out before they leave the voting box.

A report by Harri Hursti, released today at BlackBoxVoting, describes some very serious security flaws in Diebold voting machines. These are easily the most serious voting machine flaws we have seen to date — so serious that Hursti and BlackBoxVoting decided to redact some of the details in the reports. (We know most or all of the redacted information.) Now that the report has been released, we want to help people understand its implications.

. . .

Election officials are in a very tough spot with this latest vulnerability. Since exploiting the weakness requires physical access to a machine, physical security is of the utmost importance. All Diebold Accuvote machines should be sequestered and kept under vigilant watch. This measure is not perfect because it is possible that the machines are already compromised, and if it was done by a clever attacker, there may be no way to determine whether or not this is the case. Worse yet, the usual method of patching software problems cannot be trusted in this case.

[tags]Diebold, Electronic voting[/tags]

The real cost of hybrid cars

Another LiveScience.com article, this one is about figuring what a hybrid car really costs or saves you over a guestimated lifetime. Also covered is a little information on how hybrids work. The punchline is that at current prices, with current gas costs and current tax incentives, the average consumer does save with a hybrid, but not a lot. The article is worth looking at, still, if you have any thoughts of buying a hybrid. After all, saving a little is still a savings.

There are four types of hybrid systems:

  • Stop-start: shuts engine off when the car comes to a full stop and would otherwise idle.
  • Integrated Starter Alternator with Damping (ISAD): has the stop-start feature and an electric motor.
  • Integrated Motor Assist: The functions are identical to the ISAD but it has a larger electric motor for better performance.
  • Full hybrid system: cars generally run on electric power at low speeds with the gas engine kicking in at higher speeds.

[tags]Hybrid cars[/tags]