The Market Ticker
Commentary on The Capital Markets- Category [Technology]
Logging in or registering will improve your experience here
Main Navigation
MUST-READ Selection:
Delusion Will Not Get You Hired

Display list of topics

Sarah's Resources You Should See
Sarah's Blog Buy Sarah's Pictures
Full-Text Search & Archives
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2018-03-14 16:40 by Karl Denninger
in Technology , 175 references
[Comments enabled]  

Oh here we go...

Google has updated its advertising policy to ban all ads related to cryptocurrencies. In June of 2018, these new rules will come into effect and all ads related to cryptocurrencies will cease to be supported by Google’s Adsense program.

There isn't any direct way for me to know what sort of percentage of the ad revenue that comes off here is related to this segment of the market (and I have the system coded to not show me ads when I'm on my own account to eliminate the risk of accidentally clicking ads as the site owner) but anecdotally this does appear to be a material percentage of the ads that run here.

Of course since Google runs an "auction" sort of process there's no way for me to know what sort of ads would have run in place of those; that is, if some crypto place bids $2/click for a placement and someone else bids $1.99 then the $2 ad will run -- but getting rid of the $2 one by policy is a non-event in reality because the $1.99 bid is still there and, but for the $2 one, would have displayed.

I guess we'll see what comes in June... although probably not directly, since my usual practice the last few years has been that I hit my "desired income" level long before then and will have cut the display frequency way back in my own code here.  In fact, that's happening pretty much.... now.

Those sites that are heavily reliant on crypto-ads, however -- and a decent number of them are, with a very, very heavy penetration in that regard -- are likely to be hit pretty hard.

I'm very happy that last year I took steps to greatly reduce the overhead costs involved in running this joint....

View this entry with comments (opens new window)

2018-03-12 17:45 by Karl Denninger
in Technology , 143 references
[Comments enabled]  

It's about damn time....

BlackBerry Messenger was the iMessage of the late 2000s, especially since it was initially exclusive to the company's own hardware. BBM expanded to iOS and Android in 2013, but it has become mostly irrelevant thanks to competitors like WhatsApp and iMessage. BlackBerry is now suing Facebook and its subsidiaries (including WhatsApp and Instagram), alleging that Facebook is violating numerous BBM patents.

Well, yes.

BBM has a number of features that were unique, apparently patented and then wantonly copied.  The three-state message status is the most-obvious and iconic -- when you send a BBM message you get a checkmark, when the recipient has had it delivered to them you get a "D" (Delivered) and when it has been actually seen you get an "R" (Read).

SMS messages have the ability to return an "actually sent" flag but not what amounts to a read receipt.  Facebook blatantly ripped this off as have others; indeed those who have followed the development of things like WhatsApp have noted the blatant nature of the copying.

Facebook of course "pushed back" on this claiming BlackBerry was trying to "tax them."  Well, uh, not really.  A tax is imposed by a government.  Patents are the limited-time exclusivity granted to people to provide an incentive to invent things.  If you steal something you don't own then you're not being "taxed" when caught!

May Zuckerpig's Frankenstein get a few of its teeth pulled.

View this entry with comments (opens new window)

2018-02-28 18:46 by Karl Denninger
in Technology , 216 references
[Comments enabled]  

Ah, the just desserts of hubris....

The media industry's worst fears about Facebook's huge algorithm tweak are coming true.

The women-focused publisher LittleThings is shutting its doors, in large part because of Facebook's recent move, the company's CEO, Joe Speiser, told Business Insider.


If you allegedly "build a business" on the back of someone else's distribution system without some sort of contractual guarantee that it will remain available and to your advantage, and that system is not a commodity (e.g. a web host from which you can switch over in hours instead of days), and said other platform has the ability to change the rules on what it shows and to whom (which you were advantaged by previously) and again, you failed to gain any contractual protection against the rug being yanked out from under you then you deserve what you get!

And, in this case, they got it.

PS: The lesson here is to cut the crap and stop building Facesucker's business for them while exposing your butthole!

View this entry with comments (opens new window)

2018-02-20 06:56 by Karl Denninger
in Technology , 251 references
[Comments enabled]  

There seems to be much misunderstanding about the problems being talked about here:

BRUSSELS (Reuters) - A Belgian court threatened Facebook (FB.O) with a fine of up to 100 million euros ($125 million) if it continued to break privacy laws by tracking people on third party websites.

There seems to be this belief that you can opt out of this tracking by turning off "Applications", "Platform" or similar on Facebook, or not signing in and having an account there at all.

This is false.

Let me show you where the problem is.  

Go to the Chicago Tribune's web site.

Nowhere is there any disclosure that Facebook is getting tracking data from that access, which they can then sell to anyone they wish.

But they are.

In fact they don't just get one connection they get a whole bunch of connections, and some of them are "POSTS" that include cookies -- and Facebook sends one back on many of these requests.

I don't have a Facebook account.  I don't have a Chicago Tribune account.  While I could reasonably be seen to have consented to the Tribune using my presence there and tracking it because I voluntarily went to the page and read it there is utterly no possible way for me to know or consent to Facebook getting data about my visit and they then sell whatever they can correlate from it.

This is the problem, in short, and it gets worse -- much worse -- as soon as you use a mobile phone with either Android or IOS on it because any of a number of "apps" can now add to that data trove -- whether you're using them or not.

Again, while I am using an app (it is open and I am viewing it) I reasonably can consent to my usage being "counted" in some fashion.  When I am not using it there is no reasonable way for me to consent since there is no disclosure and, even if there was, there is also no honest statement about the use(s) to which the data will be put.

No, "we share this with our advertising partners" doesn't cut it.  Would anyone reasonably conclude that such "sharing" would include rating you for car insurance -- by where you go any time you have your phone in your pocket, and how much time you spend in a given class of establishment?

Well, it does.  What if the same was applied to those who might be looking to hire someone?  Or your homeowner's insurance?  Or, for that matter, what price to charge you for something you shop for online?

If you think this doesn't happen you're wrong -- it not only happens it's the entire reason these firms "make money."  It is the very reason they exist.

And you, dear reader, are being screwed literally by the second -- without your knowledge or consent.

This should be illegal -- and in the EU it has been made illegal since there is utterly no means by which you can reasonably consent to it, nor understand the scope of the data collected or the purposes to which it is used.  In the US?  Surveillance of any sort by a company, no matter how much it is used to screw you, at present is legal and will remain so until you demand that it stop.


View this entry with comments (opens new window)

Folks, let's make this easy.

Everyone wants to talk about how Podesta's email was penetrated, or the rest of the DNC, or that the RNC, allegedly, was not.

All the screamers are (still) out about  "Russia" and similar.

Let me restate -- while Podesta's email was apparently broken into via a "spearfishing" email (one with a reset password link embedded in it that didn't go to the real site, but rather to the person who was trying to steal) and which he was dumb enough to click and then provide his current password the real issue here isn't about this sort of attack at all.

The real issue is about the idiocy of such "email" systems or the use of any other sort of cloud provider for anything secure in the first place.

Let me explain.

I run my own email here.  It would be trivial for me to lock it down so that even if you stole my password it would be worthless.


Simple, really.  You see on the same network I have a VPN gateway that does not accept passwords at all.  It only accepts a certificate.  Such a SSL certificate is (nominally) intended to sign and encrypt private emails, and can also be used as a secure identifier for a VPN.  It is, effectively, the same thing a server uses to secure web communications but with a different set of "intended use" flags set (client authentication and digital signature rather than SSL server authentication.)

All I'd have to do is change the configuration on the email system slightly so that only accesses that came from connected VPN clients could connect at all.

Now you'd have to steal a device and if you did, it would only work until I knew it was stolen (and revoked the key.)  No other means of getting in would work even with the password.

It is literally a 15 second configuration change on my Dovecot and Exchange servers to do this, and it would not impact my ability to exchange email with others one bit.

Modern smartphones (including Android, IOS and BlackBerry 10 handsets) can all use these certificates for an IPSEC/IKEv2 connection.  Such a connection can be "nailed" open as well, active even on cellular, or activated "on demand" by the user.  Modern commercial and freely available operating systems (Windows 7/8/10, MacOS, Linux and FreeBSD) can also use same.  Doing so positively encrypts all traffic coming into or leaving said device.

Such a system is extremely secure because only authorized devices, secured with a cryptographic key loaded on them, can see the service in question.  An unknown key is refused by the VPN gateway as is one that has been revoked. Only trusted certificates (which are loaded on the host in a certificate store) can connect.  I use this facility with other services here at Ticker Central so I can have my laptop with me and use it "as if I was at home" even from half the world away on an insecure, or even known to be monitored data link.

The only way to get packets onto the "private" network from the outside and thus be able to "see" the email store is to connect to the VPN and establish a tunnel and the only way to do that is to have a trusted certificate on the device in question.  No certificate, no connection, no access, password or no password -- period.

This sort of facility is essential if you intend to allow remote access to services that are themselves of questionable security (or worse) such as, for example, Windows file shares.

So why didn't the DNC do this?

Because it takes more than 30 seconds of thought to do it and in addition it means not using email providers like Google -- you have to do it yourself, in-house, or all these security steps are worthless since your certificates and such have to be where someone else, who is unvetted, can get at them.

In other words they were stupid, and so have been the others.  They chose the equivalent of an unlocked front door for their house, and then are surprised when someone walks in and takes all the beer out of the fridge.

Oh, and all the guns and money in the house too, along with the nice widescreen TV!

Just remember folks that these are the very same people who claim to be smart enough to run the country.

PS: All the cloud providers are unlocked houses.  Always. They have to be in order for a cloud service to work; it's not a choice, it's an inherent part of any public "cloud" architecture. Claims otherwise are like putting a 25 cent TSA lock on your suitcase and calling it "secure."  The reason you have not and will not see this discussed in the media, especially the "business media", is that the minute this fact reaches the level of general knowledge all of said "cloud providers" have their stock prices collapse.

View this entry with comments (opens new window)