The Market Ticker
Commentary on The Capital Markets

Watch this one closely -- and note that The View is a hard left echo chamber.

The truth should be crystal clear -- the left welcomes you being a victim of violent crime through disarmament but as soon as the risk of that felony violence becomes theirs they want guns to protect themselves.

There it is folks -- and note the lack of an apology for their previous position as well.

If you didn't figure it out when Bloomberg did not dismiss his bodyguards (with guns) and choose to protect himself with restraining orders and printed copies of laws does it now make sense that these people's position was and is nothing more than a scam?

Now here's an inconvenient question -- what else have they been lying about?

View this entry with comments (registration required to post)

CNBS is once again claiming goldilocks -- horsecrap.

Total nonfarm payroll employment increased by 209,000 in July, and the unemployment rate was little changed at 6.2 percent, the U.S. Bureau of Labor Statistics reported today. Job gains occurred in professional and business services, manufacturing, retail trade, and construction.

6.2% is up a tick from last month.  Let's look inside.

Meh.  This is, roughly, the month where the cyclical peak happens in the annual job picture.  Now this may change this year, and the trend may not follow, but in general compared against 2011 (where it looks like we peaked) things are not really getting better.

Note both 2000 and 2006-7; the pace in jobs turns before the economy and other macro indicators go down the bowl.  We now have half this year in the bag and the "adds" are decelerating.

Population-adjusted there is no improvement and hasn't been historically -- since 2000!  This, incidentally, is why "monetary policy" cannot fix what's broken in the economy -- at the core the problem isn't monetary policy and hasn't been over the last 15 years.

Monetary policy is in fact a scam attempting to paper over the intentional destruction of purchasing power by our Federal Government -- asset prices have been substituted for economic prosperity.

The labor:population ratio was unchanged this month while the "formal unemployment rate" ticked up one.

Note that the household unadjusted increase is 161,000, but 366,000 people re-entered the labor force, roughly double the actual add.

Another warning came in the internals in the form of the manufacturing workweek -- it was down 0.2 hours.  The Chicago PMI missed big yesterday although that was largely ignored in the bloodbath that was already taking place in the markets.  This portends a likely miss in the national ISM -- particularly with manufacturing hours contracting.

With utterly nobody looking for a recession and policy rates pinned to the floor it will be rather interesting if the patterns that have historically played pretty well once again turn out to be valid.....

View this entry with comments (registration required to post)

Someone needs to get hit with a 42 USC 1983 lawsuit on this one and lose everything they have:

PORT ST. LUCIE, Fla. (AP) — A Florida woman who let her 7-year-old son walk alone to a park has been charged with felony child neglect.

Thirty-four-year old Nicole Gainey's son was en route Saturday to a park about a half-mile from his home when he stopped and sat at a nearby pool, according to an arrest affidavit. Lifeguards said they had seen the boy five previous times and one approached him to ask where his mother was.

I rode my bicycle on a somewhat-regular basis (on nice days) to school when I was 7 -- a distance of about three miles, or six times what this kid walked to the park.

What's the problem with him going once or twice a week "unsupervised", provided the park and area are reasonably safe?

We're not talking about a kid being abused; hell, I suspect it was his idea to go to said park.  There were various wooded areas (not formally "parks" but close enough) at roughly that distance, including a canal near my home, where I used to go fishing all the time unsupervised at that age.  So what?

Felony child neglect with the kid on summer vacation and wanting to go to a park that's a few city blocks from his house?


View this entry with comments (registration required to post)

This isn't good at all....

When creators of the state-sponsored Stuxnet worm used a USB stick to infect air-gapped computers inside Iran's heavily fortified Natanz nuclear facility, trust in the ubiquitous storage medium suffered a devastating blow. Now, white-hat hackers have devised a feat even more seminal—an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms that can't be detected by today's defenses.

This just plain sucks.

What they've done here is figure out that (unfortunately) many of the common USB controller chips are reprogrammable in the field and there is no verification of what's loaded to them.  Apparently there is also enough storage (or, in the case of a pen drive, lots of storage!) to do some fairly evil things.

At the core of this problem is the fact that a USB device has an identifying "class" and vendor ID.  If the "class" is one the computer knows it will attach it, usually without prompting of any sort.  This is especially bad if the "class" presented is what is known as a "HID", or "Human Input Device" -- like a mouse or worse, a keyboard.

Yes, you can have more than one keyboard connected, and all are active at once.  And yes, this is as bad as you think it might be.

The worst part of it is that various virus and anti-spyware programs can't detect it because the code doesn't run on the host machine, it runs on the device.  All the computer sees is a "keyboard" -- but it's not really a keyboard, it's your USB pen drive that sends a key sequence down that invokes something (e.g. a browser to go to a specific bad place.)

This can be detected if you're paying attention, but most people don't.  You can see what classes a particular device attached, but few people will look and current operating systems don't prompt, with good cause.  How do you answer such a prompt if you're plugging in a keyboard -- that isn't yet allowed to attach?  Ah, there's a chicken and egg problem, eh?

In any event there ARE defenses against this, but they will require significant operating system patches and then a paradigm to be taken care of with USB -- which will help, but not prevent these sorts of exploits.  As it sits right now, unfortunately, mainstream operating systems are wide open to this sort of abuse.

For example, if my keyboard is plugged into USB Port 2, and it has a Vendor ID of "X" and a device type of HID/Keyboard, then any other port, or this port, that sees a different vendor ID and/or ANY HID/Keyboard device would bring up a warning that a user input device, specifically a keyboard, was attempting to attach.  You could then say "Yes" or "No", and if the device that popped up that prompt was a webcam or USB data stick go looking for your sledge hammer to get a bit of an upper-body workout taking care the problem.

But as it sits right now the only way you'll catch it is if the vendor and device ID don't match a loaded set of drivers and thus the system has to go looking for them -- in which case you will get a warning.  Sadly, for the common abuses of this (e.g. keyboards and mice in particular) you almost-certainly already have such a driver on the system and thus you're unlikely to catch it.

Yeah, this is a problem.....  and a pretty nasty problem at that.

View this entry with comments (registration required to post)

My view: If this is how Ford views security and the iPhone short Ford to zero.

“We are going to get everyone on iPhones,” Tatchio said. “It meets the overall needs of the employees because it is able to serve both our business needs in a secure way and the needs we have in our personal lives with a single device.”

Given what is publicly known about the fact that any IOS device that is connected to another data-bearing device transfers all of its trust envelope to that second device this means that an IOS device in a corporate environment now becomes only as secure as a personal computer in said employee's home that is not under control of the corporate IT department.

Read this again.

Now contemplate this -- said Ford employee, with a device that Ford, the company believes is "secure", connects said phone to their personal computer at home to transfer some music.  Said computer at home has a virus on it that it picked up when that person, on their own time and in the privacy of their own home, surfed to some porn site on the Internet.

That virus sends the trust records for the iPhone back to a hacker in China!

The device's security has now been permanently compromised; said hacker can now, any time the device is on a network where he also has presence (say, a public WiFi point) access huge amounts of data off said device, including the contact lists, messages, pictures and similar items, along with (gulp!) OAUTH tokens. The latter, by the way, is identical in effect to having someone's password for social media accounts; this allows the impersonation of that individual on those accounts.

Secure my ass.

That Ford published such nonsense tells me exactly how Ford the company looks at data security issues at an enterprise level.  The company has publicly declared that fellating employee egos takes precedence over enterprise data security.

A company that takes this position deserves what befalls them as a consequence.

View this entry with comments (registration required to post)

Main Navigation
Full-Text Search & Archives
Archive Access
Get Adobe Flash player
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be reproduced or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media or for commercial use.

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.