Privacy and Fly Buys

In Australia, like elsewhere, there exists a system where you get "rewarded" for using credit or buying at certain retailers. Usually this consists of gaining points for money spent using a particular credit card and/or dealing with specific companies who participate in these programs. Sounds reasonable. As long as you don't change your purchasing habits (ie: spend more) then you seem to be getting part of the profit back. Some of these programs will also keep track of exactly what you are buying and when for marketing use. When I signed up for "Fly Buys" I was very dubious of the system. However I was assured that this information is kept confidential and that my specific information was to never be given to anyone. Over the years I have cashed in my points and enjoyed some free accomodation in excellent hotels, and many free movie tickets. Nice.

However, the privacy policy is changing. As of 2006, the big corporations want the information that was collected by the Fly Buys company. They will also be able to disclose this information

"within their corporate groups (and to their service providers)".

That is just scary; how many companies belong to the "corporate groups"? What the hell is a service provider?

The notification of these changes were sent to me along with all the other pieces of junk paper that this program regularly seems to send out. I usually toss it all in the bin without looking. As would most people, I'm sure. However the leaflet "Important news about your privacy" caught my eye and the alarm bells went off. After careful reading, it seemed that I could tell them not to share my information and everything would be OK. However, I checked the policy on the flybuys website which states:

"If you do not wish to be bound by these changes, you can withdraw from FlyBuys."

If you don't like the changes then you're out. Fine by me. Just to confuse things the next paragraph says

"You can, at any time, tell us not to disclose your name to Coles Myer Ltd (and its group companies) or National Australia Bank Limited (and its group companies). You can do this by writing to us or by calling 13 1116."

So I called the number and, when I finally got through, I told them that I don't want anyone getting my details ever, and the lovely lady confirmed that this would indeed be the case. What of the people who are just now joining up - do they have the option to opt out? What of the hoardes that don't do this?

This change in policy is major. However a leaflet in a bunch of junk mail, and a privacy policy buried deep in their website shows that the company is doing the bare minimum to ensure you are informed in the hopes of taking advantage of consumer inertia. You are subject to the changes if you don't say anything. I hate that. If there are any changes then you should be required to sign the new policy. THEN you would see the front page of their crappy magazine and web site covered with SIGN HERE NOW type things. Our governments should be making this law: no changes to contracts unless you specifically sign up, no automatic contract changes.

I know that people are usually willing to sell their privacy to the corporations for a few movie tickets a year, unaware of the issues that can rise from access to your data. Just like we so easily give up freedom and hand the law extreme powers to be safe from exceedingly rare acts of terrorism. One of the real problems is that the issues around privacy are complex and the adverse affects of having your data spread around the corporations is not immediately obvious. People far too often don't care who does what with their information. Disasters can happen when people examine information and make incorrect conclusions then things can really go wrong, especially if other facts are forced to fit by authorities that we are supposed to trust with information. There are issues of unauthorised access to a database that may cause problems. Then there are also issues where the database holder proves that they are untrustworthy, often sharing or selling your details without permission.

The way the cunning company avoids trouble is exactly what Fly Buys are doing now. A company makes changes to their privacy policy and hope that people don't take too much notice.

For me, this new policy changes everything. I don't trust them. Game over, I'm out.

Microwave popcorn kills!

"Eating microwave pop corn may expose people to chemicals that break down to produce PFOA, a suspected carcinogen."

Some background is required here for the uninitiated. Teflon (a brand name of Dupont) is a polytetrafluoroethylene (PTFE) that is supposed to be safe, but when heated to very high temperatures is known to give off toxic gasses. One of these toxic gasses is perfluorooctanoic acid (PFOA or C8) and is thought to be a likely carcinogen (causes cancer). Other gases given off allegedly will kill small birds and cause polymer fume fever in people (flu like symptoms). The temperature for these gasses to be emitted was reportedly very high and Teflon (PTFE) was deemed safe for cooking.

However, the safe temperature may not be that high. There is a lot of research in the works to measure just how low the temperature has to be for Teflon to start giving off toxic gasses at an unsafe level. Apparently microwave oven popcorn bags are turning up very nasty results indeed. Allegedly pans are not a major source of PTFE fumes, but does that mean they are safe? Are any non-stick surfaces safe? Not according to bird owners but the research continues.

There are other reasons to avoid Microwave Popcorn. Eight workers contracted a rare deadly lung disease that CDC investigations determined was induced by exposure to the fumes from microwave popcorn flavouring. These workers were exposed to large amounts of these vapours but authorities were quick to say that there is no evidence that these vapours are harmful to consumers in the low levels that people are exposed to. This is simply scientific weasel speak saying that they don't know. "There is no evidence that this chemical will harm you" is a long way from "This chemical is safe". Do you really like microwave popcorn that much that you are willing to risk it. It is quite easy to make your own popcorn without a microwave - and MUCH cheaper.

I thought that it would be a simple matter to just avoid any teflon coated products. My pan was due for ditching anyway as the surface was looking like a four day old cricket pitch. So I went to the local stores in search of a new pan. Not surprisingly, nearly all of the pans in most shops are Teflon (or similar) coated. There is this new ceramic titanium coating which looked really neat, but was very expensive. I was just after a nice stainless steel job. Not too hard to find. A nice thick base for even heat distribution and a good long handle for ... keeping the burnt offerings of an accidently incinerated frying incident at a good distance I guess. Cleaning stainless steel is a LOT easier than I thought it would be, non-stick aint the only easy to clean game in town. I am exceedingly happy with my Chef Inox 28cm Professional stainless steel frypan and there are many other brands out there that I am sure I would have been equally pleased with.

However, getting a stainless steel or ceramic rice cooker or bread maker seems to be impossible. I contacted Brevile, who made my current model rice cooker, and they replied back that they had no stainless steel equivalent. Nothing in the works? Hmmm. I checked around and there are plenty stainless steel rice cookers but the bowl is always non-stick coated, just the shell is stainless steel. Bastards! I didn't even bother with bread makers.

I predict that PTFE toxicity will be a big thing. In the meantime, throw out your non-stick (PTFE) coated pans, and don't eat microwave oven popcorn. Or possibly not.

read more | digg story

Is microwave popcorn the new asbestos?
Why you should not cook with telfon

RIAA President: Sony Has Acted Very Responsibly

The impartial and well informed president of the Record Industry Association of America (read USA) says:

"The problem with the SonyBMG situation is that the technology they used contained a security vulnerability of which they were unaware. They have apologized for their mistake, ceased manufacture of CDs with that technology, and pulled CDs with that technology from store shelves. Seems very responsible to me. How many times that software applications created the same problem? Lots. I wonder whether they've taken as aggressive steps as SonyBMG has when those vulnerabilities were discovered, or did they just post a patch on the Internet?"

The full interview is available at CP NewsLink.

SonyBMG are being forced to act (at least partially) responsibly. In response to the exposure, SonyBMG lied about the effect of the installed software. The EULA incorrectly described what the software would do. SonyBMG dragged its feet in coming up with a response and made the removal solution cumbersome to implement, relying on the well known inertia "I give up" response of Joe Public. SonyBMG tried to dismiss the security issues as trivial, and that nobody really cared. There are a plethora of legal suits against Sony right now, which I postulate is the real reason for Sony heading in the right direction. Check RealTech's take on the matter.

The full interview has the RIAA president using a lot of fragile analogies, misinterpreting points of law and producing unsubstantiated factoids. A propaganda genius that I have not seen the like since Telstra sent me a full email explaining why they are increasing the line rental so much. Don't read this article unless you are familiar with what he is talking about, you may be influenced to believe. If you do end up on Cary's side then avoid Scientologists at all costs!

"Sony Has Acted Very Responsibly" ... to it's share holders. And in the end, that is what is important, right? The shareholders' dollars over the rights and freedoms of the client. Public relations from Sony sucks. Always has. Apparently they have to change PR firms very regularly.

I am sure people are getting tired of this, I know I am. Kicking Sony was more fun when I would do it and people would wonder what I was talking about - you know, the really poor quality items they sell and the exceedingly poor after sales service. I didn't mean to post yet another entry for SonyBMG DRM evilness as I am more in the habit of updating older entries. However DIGG has this new "blog this" feature that I had to try out and I wanted to test it on something that I could say more on. I recycled the graphic. See, no new pixels were harmed in the making of this blog entry.

read more | digg story

Eggnite

I was wandering about the local shopping centre last Thursday, doing nothing in particular. Noticed a whole pile of cylindrical cannisters with pictures of a glowy round thing plastered on the front. Said cannister proclaimed to the world that it contained an Eggnite. "What is this thing you earth people call 'Eggnite'?" I hear you say. Eggnite is an egg shaped blob of translucent plastic that glows and changes colours. The egg has an internal NiMH battery (which the documentation claims to be Ni-HM ... but I'm going with NiMH) and comes with a charger plate upon which the device can sit. The charger plate has a standard tiny power supply (7.5V 300mA) that barely gets warm.

The damn ball glows and changes colour! Rich reds, deep blues, intense greens. Oh the joy! What a gloriouis piece of home art, symbolising the unification of all colours of the world joining together, glowing with hope, encased in plastic crap that is probably toxic as teflon and will soon kill us all but in the meantime we glow! A tribute to LED technology, rechargable batteries and their heavy metals, and, of course, the petrochemical industry without which we would live a whole lot longer.

Eggnite is made in China of course. But then, isn't everything? The company who exploits the poor Chinese workers in the hopes of greater profit from selling these wonderous eggs is called Smash and is 100% Australian owned, based in Melbourne. They make some other plastic crap but the Eggnite is truly stupendous and worth your visitation to the local enourmousW.

There is some similarity between Eggnite and the more internationally available Oggz, probably enough to get some lawyer excited.

Now I need a LaserPod, lava lamp, plasma disc, and basically the whole inventory of Think Geek.

Moon

Fun with digital cameras! Nice full(ish) moon rising last night, so I haul out my 10 inch dobsonian mount telescope, place my Canon IXY700 into a barlow and focus. I can only get the focus right if the camera is in the barlow and I have full zoom (including digital - yuk). I snap a dozen shots or so of mediocre quality images of small parts of the moon. I decide to pack up, but would have a look using the old eyeballs, so I remove the barlow and whack a moon filter on a 20mm Plossl. Sweet crystal clear vision, gotta love the moon. I then decide to place the camera straight up against the lense. Not ideal as humans aren't the steadiest of camera bases but I get quite good results of the entire moon in one frame. Nice! Not as good as a special purpose telescope CCD, and certainly not as good as looking through the scope yourself, but still pretty sweet. 

Also check out:
Buying a camera
Photo printing
Camera Comparison
DPReview

Picasa

The garbage bins are just a demo pic. I could have chosen something a little more appropriate, but this was the last image I took on my camera.

Picasa is anything but garbage. Picasa is amazing! Google bought the Picasa software and is giving it away for free. Picasa indexes all the photographs on your computer, no matter where they are. Excellent for technologically challenged parents / grand-parents with their digital camera that uploads to the computer but seems to hide the images from them.

Picasa also allows you to add comments, rotate, straighten, crop, remove redeye, adjust colour, contrast, apply a number of filters. You can email, print, create a collage, burn a CD, view in a slide show ... etc

Most importantly, you can automatically blog images using Picasa to your free account on Blogger. This means you can publish the occassional photo to the web along with your comments about the image for your whole family/world to enjoy.

In the past I have used services such as Photobucket and Yahoo's Flickr to hold the images and I just placed references to link to these images in the blog articles. If you wanted to store a whole bunch of images in a photogallery then Flickr would probably be the way to go still, but you have to pay for the service if you use it to any great extent.

Alternatively, if you have a reasonable ADSL connection then you could get a small computer (old laptop or low power desktop like an e-vectra) and install MySQL, PHP, Apache and Coppermine. You could do this under Windows or Linux. You could get a free domain name from somewhere like dyndns and then just tell everyone your web address ... after you configured everything. Not for the feint of heart, there is a lot of learning involved but this method gives you the potential to have complete control. You would have your very own web server.

It's a Sony DRM disaster

This is like Christmas. There is a very special feeling in the air: the smell of a big company having their butt kicked is a sweet one indeed. The fact that this big company happens to be Sony is just so extra special. Glee! Initially I didn't want to post this because it was too obvious given my Sony sentiment expressed throughout my Blog (indeed the previous item about the iTunes Store). However I just couldn't help myself. Maybe there is some sort of help line.

What is the hoo haa about? Sony doesn't like people sharing music. Sony doesn't like you converting your own music to other formats to be used on other devices that you own. According to them: if you buy a CD it should only be played in Audio CD players. If you want to play the music in your MP3 player then you must pay for the music again and purchase from an approved seller who has placed extreme DRM (digital rights management) on the music files. The DRM prevents you from doing things with the files that Sony don't want you to do, like burn to an Audio CD more than once or ever - whatever they decide.

Plain audio CDs have no copy protection. There are some methods out there but they all fail at one point or another. Sony decided to place some DRM software on your CD that installs and hides itself on your computer and prevents you from copying the CD. Unfortunately the software also allows hackers to use the Sony's DRM to hide their own hacker code on your computer. Also the DRM software is buggy, allegedly causing crashes and drives to vanish (not physically, but windows can no longer see them). The DRM software communicates with Sony from your computer - sending and receiving information ... do you trust Sony not to spy on you? The DRM software consumes computer resources which will slow your computer. Sony's DRM software does things to your computer that are not openly explained in the end user license agreement (EULA).

You will hear the word rootkit bandied about. Basically a rootkit is a hacking tool to give you complete access to a computer. Not that the Sony stuff is a root kit, although it may be, but the Sony DRM software hides itself on your computer in much the same way that a rootkit does - by altering some deep system windows files.

Currently there is no available DRM software removal tool although there may be soon. Apparently you have to jump through many hoops to apply for this software from Sony and they are holding back from releasing anything at this point in time. There is, however, a patch available to make the DRM work better. Yeah, we really want that. Apparently the patch actually makes windows more crashy.

Apparently this trick doesn't work: if you want to rip a Sony CD and have the DRM software installed then all you have to do is rename your ripping software executable file to start with $Sys$ (eg $Sys$Audiograbber.exe - not the short cut but the file in \Program Files). This allows the copying software to use the Sony's DRM stealth technology against itself, and you can copy the music perfectly.

Do people like Sony's DRM software? Hell no! Apparently there are 24,000 Sony CD titles on Amazon that have this protection. That number seems way too high for me. Apparently people have been going to CDs published by Sony that are available on Amazon and bringing the user rating way down. Nice :)

To see if the evil Sony coorporation has installed their DRM software on your computer you can download and run F-Secure's Blacklight or use Sysinternal's Rootkit revealer. Don't remove the software though, or bad things will happen. There is sure to be a fix out soon, but I don't think it will come from Sony. Pest Patrol is making noises that they will have a solution on their spyware removal tool ... very soon.

Check out the Sysinternals blog and I highly recommend listening to Security Now episode #12, or reading their transcripts. Also articles on CNet, Internet NEWS, Computer World, The Register, ZDNet blog, etc etc.

If your favourite tech site isn't running a story or two with this then you can bet your bottom dollar that they are in the pocket of Sony (note that the ZDNet is a BLOG article and NOT from the main site, ZDNet are huge corporate suck-ups and the only news they published on this subject was the almost-apology from Sony that was moderately dismissive of users' concerns and directed users to run the DRM patch). Also note that CNN has been very quiet. Take stock of this. Do you really want your news filtered by corporations so that any serious negative news against companies is discarded? If you think you are living in the land of the free where your rights are protected then think again buddy. Your rights were sold off long ago.

I would also recommend following the process to ask Sony for the removal software, but you have to give your details and I don't know how they are going to use that. Giving Sony your personal details seems dangerous when they appear to be so exceedingly untrustworthy. The process of actually uninstalling the software is unnecessarily difficult. A better move would be to complain to them directly via their feedback form with something like:

"Please do not restrict what I can do with products that I bought using DRM. Please NEVER require me to install software on my computer to use a product that I have purchased. Please make a complete removal tool freely available (without submitting request/details) for your hidden audio CD DRM software."

People affected by the Sony virus might want to check out the boycott blog for participation in the class action law suit. For the rest of us, consider disabling the autorun feature on your CD-ROM drive, and always say NO to any EULA from Sony, particularly those that pop up after you place an audio CD into your computer.