Category Archives: Security

Starbucks Sued in Coupon Frape

The status of Internet coupons and their validity (integrity) just keeps getting more interesting by the minute. Since my last comment, the latest news reveals someone decided to file a lawsuit against Starbucks after being turned down at the counter for a free drink:

On Aug. 23, Starbucks e-mailed the coupon for the free grande drink to selected employees with instructions for them to forward the coupon to friends and family. The offer was valid through Sept. 30.

But, Sullivan said, Starbucks got jittery and refused to honor the coupon after the company saw how widely it had been distributed. “I believe they were surprised by how successful the promotion was,” the lawyer said.

“The excuse proffered by Starbucks, that they did not believe that an offer released over the Internet would be so widely distributed, is ridiculous,” Sullivan said. “Clearly, Starbucks chose to initiate a viral marketing campaign to counteract their slumping sales.”

Coupon fraud is a real problem:

Just a few years ago coupons for grocery products could easily be found online, but because of all the fakes that began cropping up, many grocery stores began refusing Internet coupons.

This type of theft may be viewed by some as harmless, but there is little difference in using a bogus coupon and reaching into a grocery store’s register and stealing the money.

A Virgina TV news story (strangely lacking a date) suggests that retailers are upset about the ease of counterfeiting coupons and a law is about to be (or has already been) passed:

The House of Delegates has now passed a bill that could make it a crime to use fake coupons. One local grocery store manager says technology may be to blame for all of this. “The fact that the Internet is so available and there are so many legitamate coupons out there that the consumer can print off the internet, it is just as easy to print the counterfit coupons,” says Jay Hite, Co-Manager of the Staunton Kroger. The bill, which criminalizes the use of fake coupons, now goes to the Senate.

More information is available from the Virginia Petroleum, Convenience and Grocery Association (PDF), which suggests the House passed the bill in 2004:

House Bill 170, sponsored by Delegate and VPCGA member Tommy Wright will make it illegal to knowingly present a counterfeit manufacturers coupon. This legislation was filed as the result of numerous complaints we received over the past few months from members regarding the increasing number of counterfeit coupons they were receiving. House bill 170 will make it a class 4 felony to knowingly present a false manufacturers coupon.

The difference is that the grocers are redeeming the coupons themselves and so they can end up holding worthless/false paper when they are informed that the coupons are counterfeit. But in the case of Starbucks, they created the tender themselves and they are the only ones who can honor it. So what happens when a retailer makes a coupon exceptionally easy to duplicate, actually encourages employees to send it via email to “family and friends”, but then cancells it ahead of time with an “oops, sorry” as an official explanation? This will be a good one to watch.

StarTrek episode banned for mention of terrorism?

Someone asked me if I had seen the episode of Star Trek where Data (an android) says that terrorism can be successful. I had never heard of this, let alone seen the actual episode. A quick search only uncovered a basic reference to “The High Ground“:

The three different factions were clumsily but accurately shown: the misunderstood but bloodthirsty rebels, the well-intentioned but brutal government, the idealist but hypocritical Federation-slash-symbolic-America. However, it all fell apart in a worthless, soporific ending: the Starfleet officers scratched their heads, said “Gee, why don’t you just stop killing each other?” and flew off to the Never-Neverland System at Warp Nine.

I understand this episode was originally banned by the BBC since Data mentioned that terrorism did work sometimes, and listed the Irish Republican Army’s victory of 2012 among his examples.

Here are my questions, then: How does this old (1990) episode stand up to modern, post-September-Eleventh sensibilities?

Couldn’t the network just edit out the one line, or is the whole episode too controversial? Note the date. Any more data (pun not intended) out there?

BioDiesel trumps Ethanol

A new study reaches the same conclusion that I have been harping about for some time:

The first comprehensive analysis of the full life cycles of soybean biodiesel and corn grain ethanol shows that biodiesel has much less of an impact on the environment and a much higher net energy benefit than corn ethanol, but that neither can do much to meet U.S. energy demand.

Ok, the first part was what I was referring to, not the latter part.

With regard to demand, it should be noted that biodiesel can be made from numerous sources including fish oils, nut oils, vegetable oils, as well as waste oil and grease from restaurants, oils from meat and tannery plants, etc. and not just from soybeans. In other words, biodiesel can be a form of recycling products that otherwise would be put into landfill or worse.

Also, demand is often confused by a false dichotomy. We do not have to switch completely to Ethanol or Biodiesel tomorrow. In fact, mixing biodiesel using “splash blend” (e.g. just pouring a few gallons into your tank of petro-diesel) reduces the immediate need for high amounts while still allowing a significant benefit in terms of lubricity (eliminating the need for other more harmful additives like sulfur) as well as safer emissions. You will notice an immediate difference when you put only a few gallons of biodiesel into your tank as the engine gets quieter and the exhaust becomes sweeter smelling and smoke-less.

The fact is a gradual transition from 100% petroleum diesel to 90/10 or 80/20 is perfectly acceptable to the engines available today and yet still hugely beneficial to the environment. Production would thus only need to ramp up gradually rather than be a complete switch-over. Besides, we all know that bio-diesel technology for production and refinement is in the very baby stages of advancement. Remember portable computers of the 1980s? That’s what biodiesel production technology is like today. Ten years from now we should see amazing things by comparison, IF the government is clever enough to allow, or even help, the market to develop.

Back to the news, here is an even more important finding:

The study showed that both corn grain ethanol and soybean biodiesel produce more energy than is needed to grow the crops and convert them into biofuels. This finding refutes other studies claiming that these biofuels require more energy to produce than they provide. The amount of energy each returns differs greatly, however. Soybean biodiesel returns 93 percent more energy than is used to produce it, while corn grain ethanol currently provides only 25 percent more energy.

Still, the researchers caution that neither biofuel can come close to meeting the growing demand for alternatives to petroleum. Dedicating all current U.S. corn and soybean production to biofuels would meet only 12 percent of gasoline demand and 6 percent of diesel demand. Meanwhile, global population growth and increasingly affluent societies will increase demand for corn and soybeans for food.

The authors showed that the environmental impacts of the two biofuels also differ. Soybean biodiesel produces 41 percent less greenhouse gas emissions than diesel fuel whereas corn grain ethanol produces 12 percent less greenhouse gas emissions than gasoline. Soybeans have another environmental advantage over corn because they require much less nitrogen fertilizer and pesticides, which get into groundwater, streams, rivers and oceans. These agricultural chemicals pollute drinking water, and nitrogen decreases biodiversity in global ecosystems. Nitrogen fertilizer, mainly from corn, causes the ‘dead zone’ in the Gulf of Mexico.

41%! That’s huge. The environmental and fuel experts may soon conclude that Ethanol, although a good additive to help reduce dependence on foreign oil in the interim years, is definitely not the right solution long term. However, that being said, many people complained that Microsoft produced poor quality products in the 1980s that were insecure and harmed consumers and yet one of its predecessors (UNIX) has only just finally started to be recognized more widely as a superior architecture. Within the next few years, virtually all computerized personal devices, let alone personal computers, will have some form of UNIX or UNIX-like operating sytem on them.

As a funny aside, I recently heard a story about an older gentleman in a beginning UNIX class who said “hey, these commands are all just like DOS” to which the instructor laughed and said “no, other way around. It’s the other way around”. And so, perhaps someday after billions of consumer money has been unwittingly invested into Ethanol in order to try and get its emissions down and energy up someone might say, “hey, this Biodiesel stuff is just like Ethanol”…

CAPTCHA if you can

CAPTCHA is a rather awkward acronym for the even more awkward phrase: “Completely Automated Public Turing test to tell Computers and Humans Apart”. Ah, nevermind the fact that a Turing test is supposed to tell computers and humans apart, so the phrase is not only awkward but redundant.

Turing’s premise was simply that if a computer could act intelligently enough, then we should call it intelligent. His test was meant to determine, only through text messages, if the thing/person you are talking to is human.

Perhaps CAPT did not seem catchy enough, or even APT, since “completely” is often a stretch even for the largest login sites. But I digress…

The point of this post is to highlight a nice example of how scammers and attackers will stoop to real depths to get around the controls meant to keep them out. GetAFreelancer.com is a site where people can post for-hire ads for odd jobs. For example, here is someone who wants people to solve CAPTCHAs for an hourly rate.

captcha if you can

Within a few days there were over 50 bids with an average price of $57. Did the people bidding realize what CAPTCHA are used for? Fortunately the job was closed by the site administrator. Unfortunately, the job was reopened under a different name, which is even more revealing of intent: “automate signup for blogger blogs”.

Here’s a real slice of irony for you, as well. The job description includes the warning: “Bids that are “canned” will be IGNORED.” Oh, don’t you just hate it when a computer responds instead of a person. Perhaps someone should suggest that the person advertising could use a CAPTCHA?

As it turns out the job is from a user “afmatt” (air force matt) who is highly rated by nineteen former temporary workers that helped with work such as “Convert AOL data to be searchable” and “Need a clone of livetexasholdem.com”. Only one job is listed as “Nonpublic”. Shady business, all posted out in the open for us to better understand why our CAPTCHA controls are failing, or at least the going rate for a mule.