Local Knowledge, by Liza Gyllenhaal

My old friend Liza will be reading from and signing copies of this, her first novel, at the Jenkintown Barnes & Noble on Saturday, 31 January at 1:00 PM.

Official Election Results

Montgomery County, PA just posted official election results from November 4. Who am I to chide them for taking so long? I haven't updated my sidebar to the left in something like four years!

Bryn Athyn, where I live, has been a Republican stronghold since it was founded. I don't know when that was, but it was incorporated in 1916. In 2008, for the first time ever, I believe, a Democratic candidate received the highest number of votes:

Registration & turnout
  Registration         969
  Cartridge turnout    703
  Absentee turnout      54
  Total turnout        757

Presidential electors
  Barack Obama (Dem)   373  (50.20%)  (49.27%)
  John McCain  (Rep)   353  (47.51%)  (46.63%)
  Bob Barr     (Lib)    14   (1.88%)   (1.85%)
  Ralph Nader  (Ind)     3   (0.40%)   (0.40%)
  Total                743

  Undervote             14             (1.85%)

Total turnout was 78.12%. I interpret the undervote as "None of the above." The first column of percentages is based on total votes for the office; those in the second column are based on total turnout.

For all other offices, Bryn Athyn went Republican, with candidates getting from 53.52% (Marina Kats, for Representative in Congress) to 64.06% (Thomas Murt, incumbent Representative in the General Assembly, who even I voted for).

We'll see if I've been sufficiently shamed by Montgomery County to update my sidebar soon.

PayPal's security lapse

I received the following e-mail message yesterday.

Subject: Notice of Policy Updates
From: PayPal 
Reply-To: paypal@paypal.com
Date: Mon, 12 Jan 2009 14:23:08 PST
To: hughhyatt at bluehen.udel.edu

==================================================================

PayPal

==================================================================

Notice of Policy Updates

Dear Hugh Hyatt,

You are receiving this notification because you have elected to receive email notice of all PayPal Policy Change Notices.

PayPal recently posted a new Policy Update. You can view this Policy Update by logging in to your PayPal account. To log in to your account, go to http://Email1.paypal.com/u.d?9YGtvimT2lyrGX8k1Mh=0 and enter your member log in information. Once you are logged in, look in the What's New column on the left side of the page for the latest Policy Updates.

If you need help logging in, go to our Help Center by clicking the Help link located in the upper right-hand corner of any PayPal page.

Sincerely,

PayPal

Genuine? Or phishing attempt? I looked briefly at it and once I saw the link to a supposed login address, I did what I always do with such e-mails�forward them to an appropriate address at the website of the organization they purport to be from (in this case, spoof@paypal.com) and to the Anti-Phishing Working Group at reportphishing@antiphishing.org.

Normally I get a reply from the organization confirming that it was indeed a phishing attempt. But this time I got one back that said, in part,

Thanks for taking an active role by reporting suspicious-looking emails. Although we've determined that the email you forwarded to us is not a phishing attempt, our security team is grateful for your concern....

PayPal will never ask you for your password over the phone or in an email and will always address you by your first and last name.

Take our Fight Phishing Challenge at https://www.paypal.com/fightphishing to learn 5 things you should know about phishing....

To which I responded,

I can't tell you how appalled I am by what PayPal has done.

I am shocked that PayPal would send an e-mail inviting me to login using a URL embedded in the message.  To me the first rule of avoiding phishing schemes is never to use such embedded URLs to login to websites.  An invitation to log in is nothing less than a request for a password, which is something I thought PayPal would never do!

I suggest making sure your employees who produced the e-mail I originally forwarded take your Fight Phishing Challenge as well.  Question #5:

"Clicking on a link in an email is the most reliable way to get to your PayPal account.  True or false?

"False.  Many phishing emails have links that look valid, but send you to fraudulent sites instead. Here�s what you should do: Open a new browser window, type https://www.paypal.com and log in to your PayPal account directly."

Who's up to no good in the financial markets?

Cecil Adams's The Straight Dope is almost always an interesting and fun read. He also tackles topics that you might have a hard time finding out about elsewhere, like today's article titled How would I go about laundering money? I was drawn up short by two statements in the last paragraph:

In short, money laundering has become a species of high finance. Some claim it's the third largest business in the world, behind legitimate currency transactions and the auto industry. It conceals some nasty enterprises � criminal-finance experts estimate that more than two thirds of U.S. money-laundering prosecutions involve illegal drug dealing, and terrorists shuffle their share of cash as well. Then again, knowing what we do about many legal global transactions of late, you'd have to say it's not just the criminals in the financial marketplace who are up to no good.

Currency transactions constitute a business? Hmm, I wouldn't have thought so. Currency trading might be a business, but I doubt this is what Cecil is referring to as the largest or second largest business in the world.

But what really caught my eye was the implication that many of the world's current financial woes are caused by non-criminals who are up to no good. I'll grant that some of them may not be criminals. But many certainly are. Bernard Madoff comes immediately to mind. Many others are not only in the sense that they haven't been charged, prosecuted and convicted. Many of these won't be (charged or prosecuted, I mean). Senior corporate managers who cooked the books, thereby obtaining large incentive payments for themselves and simultaneously hoodwinking investors, come immediately to mind. So do those at much lower levels who encouraged people to lie about their income on mortgage applications, as well as those who lied to obtain these mortgages. I find the idea that such behaviors are not criminal to be abhorrent!

The problem with Gitmo

How can we have allowed this to happen?

When Muhammad Saad Iqbal arrived home here in August after more than six years in American custody, including five at the military prison at Guant�namo Bay, Cuba, he had difficulty walking, his left ear was severely infected, and he was dependent on a cocktail of antibiotics and antidepressants.

In November, a Pakistani surgeon operated on his ear, physical therapists were working on lower back problems and a psychiatrist was trying to wean him off the drugs he carried around in a white, plastic shopping bag.

The maladies, said Mr. Iqbal, 31, a professional reader of the Koran, are the result of a gantlet of torture, imprisonment and interrogation for which his Washington lawyer plans to sue the United States government....

But the full stories of individual detainees like Mr. Iqbal are only now emerging after years in which they were shuttled around the globe under the Bush administration�s system of extraordinary rendition, which used foreign countries to interrogate and detain terrorism suspects in sites beyond the reach of American courts.

Mr. Iqbal was never convicted of any crime, or even charged with one. He was quietly released from Guant�namo with a routine explanation that he was no longer considered an enemy combatant, part of an effort by the Bush administration to reduce the prison�s population.

�I feel ashamed what the Americans did to me in this period,� Mr. Iqbal said...

I too am ashamed, Mr Iqbal [from an article titled "An Ex-Detainee of the U.S. Describes a 6-Year Ordeal" in the 6 January edition of The New York Times].

The problem with SMS (Short Message Service)

For those who don't know, SMS is the service that underlies most text messaging on mobile phones. There are others SMS messages can be sent from the Web. I've been using it more and more, particularly internationally. Around the holidays, presumably due largely to network congestion, I discovered what seem to me to be some appalling features of SMS. These go way beyond the well-known limitation that messages cannot exceed 160 characters.

1. My service provider�CREDO, which uses Sprint's PCS network�does not support international texting. This may not be the usual practice, but I was unable to tell in my cursory examination of alternative providers. Worse than that, they are perfectly willing to charge me for messages that never get delivered, for messages that take inordinately long to arrive and for messages I receive that are garbage and the sender does not send. I know this because I called to complain and was basically told, "Tough luck!" The good news is that if I buy a relatively low-priced bundle�$2.99 a month for 50 messages a month (a 20-message breakeven point) or $4.99/mo for 300/mo (a 50-message breakeven point)�additional messages only cost 10� each. And I can purchase these options on a month-by-month basis, retroactive to the beginning of the billing period, so long as I add or subtract them by the day before my billing date¹.
   
2. There's no way to tell when a message was sent, only when it was received.
3. Some messages take over 24 hours to reach their destination! Sometimes I think I'd be better off sending a letter, which at least allows me to let my recipient know when I sent it.
   
4. Some messages never make it to their destination and the sender is not notified.
5. From one correspondent, who denies sending anything like these, I periodically receive a message consisting of two characters: e@. No one seems to be able to explain why this is happening.
6. There is apparently no way to block SPAM messages (short of blocking all messaging) on my mobile phone and I have to pay for these as well.
   

All in all, as a technical professional, this seems like a really poorly designed system.

---

¹There's a similar monthly option to start the weekday no-charge calling period at 7pm rather than 9pm. It costs $5/month.