Rant: Entering Credit Card Numbers

The other day, my bank texted me to say there was a suspicious charge on my credit card and did I make it. When I responded that I didn’t, they invalidated the card and sent me another. I hate when that happens. Not because getting the new card is at all a problem. It isn’t. The problem comes when I start getting emails from all my services saying that when they tried to charge me for the monthly fee, the credit card was declined.

First up was ExpressVPN, a company that I’ve been very happy with and about whom I’ve had only good things to say. The problem came where it always does: entering the new credit card number. ExpressVPN has no instructions or restrictions for this. Just enter the number. Like most people, I find it a lot easier to enter the number as four groups of four digits—just the way it is on the card. The entry field allowed this so I thought I was good. Of course I wasn’t. I got an error message that blanks and other punctuation weren’t allowed. Not too bad: I reentered the number without spaces and all was good. I wanted to yell at them about it but, of course, there was no way of doing that other than a live chat so I gave up and got on with my day.

The next morning, I got another notice, this time from Earthlink. It’s an old account that I maintain only to support the Web pages for my books. Again, there were no instructions or restrictions for the new credit card number. The site allowed me to enter the number in a human friendly way but when I tried to save the update I got an error message saying that I needed to choose the card type. There was no way to do that. The card type is chosen automatically based on the number so I canceled the update and started over. Of course the same thing happened. After messing around for several minutes, I tried entering the number without spaces. Success! So Earthlink not only doesn’t tell you the required format, they give you an erroneous error message when you get it wrong.

Look, none of this is hard. Javascript makes it easy to strip blanks with

string.split(" ").join("")

or using the more general replace that can handle other unwanted characters. I don’t write in Javascript and even I know this. Why are these sites torturing their users by not handling this? If the underqualified developers they having building their Web pages find this too difficult, could they at least specify what they’re expecting? There really is no excuse for this and it’s not a new problem. I and others have been complaining about it for years but nothing ever changes.

Posted in General | Tagged | Leave a comment

If You Collect It, They Will Come

Here’s another case, this time from the Netherlands, demonstrating the Iron Law of Data Collection. Modern cars all collect information on the car’s operation. Accident investigators love this type of information because it tells them the vehicle’s speed, braking, and other useful readings. Tesla does this too, of course, but their system is more like an airliner’s flight recorder. It captures a huge amount of data including the operation of and driver interaction with its Autopilot system.

Tesla, like other public companies complies with subpoenas for vehicle driving information but provides only the information asked for. Recently the Dutch National forensic lab has figured out how to decode Tesla’s encrypted vehicle logs, giving them access to a complete picture of a vehicle’s operation.

On the one hand, this doesn’t seem that unreasonable. Who can be against investigating accidents, after all? On the other hand, it’s also easy to see how this information could be abused. The Iron Law tells us that it certainly will be. Tesla, for its part, has a legitimate reason for collecting the data: they use it to find problems with and improve their cars.

Judging from his public record, I wouldn’t be surprised to see Elon Musk respond to this by strengthening the encryption. Tesla routinely does over-the-air updates of the car’s software so this would be pretty easy for them. Regardless, it’s yet another demonstration of the fact that if you collect information, sooner or later someone is going to demand access to it

Posted in General | Tagged | Leave a comment

Red Meat Friday: Shakespeare Was Right

Article 16 of the GDPR says, among other things, that

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.

A normal person would take that to mean you have the right to have substantive errors in your records corrected. Things like age, arrest record, employment record and so on. Errors that can cause actual harm if not corrected. A Brussels court has ruled that it also means that European Union citizens also have the right to have their name represented correctly.

This is why everyone hates lawyers. The issue is that many names have diacritical marks—Erdős or Ceaușescu for example—and older computer systems are unable to represent them. This is a particular issue in the banking industry that, sadly, is often still running their businesses on last-century IBM mainframes that use the EBCDIC character encoding system.

It’s hard to imagine today but bytes weren’t always 8 bits, and ASCII, let alone UTF-8, wasn’t always the way characters were encoded. EBCDIC was IBM’s system and as the 800 pound gorilla they saw to it that EBCDIC’s use was widespread. The problem is that its standard code page had no diacritical marks so someone named, say, José Ramírez is going to have his name encoded as “Jose Ramirez”.

Someone with way too much time on his hands decided that was intolerable and sued under Article 16. Now the Court of Appeals of Brussels has agreed and demanded that the bank fix things. It’s hard to imagine a quick fix for this and it’s even harder to see how the fix is not going to cost hundreds of thousands of dollars. Of course lawyers don’t know or care about any of this. They just want it fixed. Now. That’s why we all hate them.

If I were the bank, I’d suggest that this particular customer find another bank but the lawyers probably won’t like that solution either. Yes, yes. I know I’m intolerant. I know I’m not a European. I know my name doesn’t have a diacritical—but it’s misspelled so often it might as well have. But, you know, a little common sense would be appropriate here. No one—no one—is going to be confused when they see “Jose Ramirez” instead of “José Ramírez” but the lawyers among us still think it’s a critical issue. This is the very apotheosis of a first world problem.

UPDATE [2021-10-29 Fri 14:38]
Added verbiage to make it clear that José Ramírez is a made up example.

Posted in General | Leave a comment

Keyword Warrants

The Daily Mail has an article that serves as a nice coda to my previous post on how to avoid search warrants and DuckDuckGo not logging searches. In case you thought that concern over keyword searches was overblown, the Daily Mail article discusses the issue and a recent warrant that was accidently unsealed that reveals how these warrants work.

The issue—and it’s a U.S. issue—is that these warrants very likely contravene the Fourth Amendment to the constitution that prohibits general warrants and overbroad searches. If you’re in or sympathetic to law enforcement, it’s easy to see the attractiveness of these warrants. If you care about civil liberties and privacy, they’re an anathema.

One positive side effect of these warrants is that they—at last—show the silliness of the apologists’ cry, “If you having nothing to hide you have nothing to fear”. That was always nonsensical but these warrants show them to be explicitly so. You make an innocent Internet search and suddenly you’re caught up as a person of interest in a possibly serious investigation. To clear things up, maybe you miss some work. Maybe the authorities question your boss. Maybe you lose your job. So yeah, you do have something to fear.

The authorities understand all this too. That’s undoubtedly why they make these warrants secret even though there’s no reason to, especially after the investigation. The takeaway for us innocent bystanders is just what it was in the previous post: don’t use search engines that log your searches. There are plenty of perfectly fine search engines that don’t—DuckDuckGo, Brave, and Startpage to name just the ones I use—and you should get on intimate terms with at least one of them. And lose that abuser search engine that spies on you and goes running to Mom to tattle on what you’re up to.

Posted in General | Tagged | Leave a comment

Zamansky 80: Completions and More

Mike Zamansky is back with another video in his Using Emacs Series. This one is about completions, Marginalia, and Embark. As he said in his last video, he’s refactoring his Emacs configuration and trying to make it simpler so he’s rethinking the packages he uses.

One of the areas he’s revisiting is completions and his use of Ivy. He’s happy with Ivy but decided to see what else was available. It turns out that there are several alternatives now and he opted to try Vertico. It works pretty much like Ivy but is supposedly simpler and easier to integrate with other packages.

I have no desire to abandon Ivy. I really like it and it has served me well. Still, if you’re forward striving, you may want to see what Zamansky has to say about the other options.

For me, the meat of his video was his demonstration of Marginalia and Embark. Marginalia provides additional information—marginalia—to certain commands such as find-file. To be honest, I’m not sure how useful it is but it does seem neat and the other package, Embark, recommends enabling it.

Embark is a bit difficult to describe. Zamansky describes it as inverting the usual <operation> <object> paradigm to <object> <operation>. That’s pretty abstract but what it means is that you select some object—a URL, say—and then choose an operation to perform on it. Zamansky’s video has several examples of how it works and why it’s useful.

After watching the video, I installed Marginalia and Embark and am trying them out. The Marginalia documentation recommends using it with Vertico, Selectrum, or Icomplete-vertical but, so far, it seems to work fine with Ivy. I don’t really have enough experience with Embark to be sure it’s a worthwhile addition to my configuration but Zamansky is very enthusiastic so I’m going to give it a few days to decide.

Posted in General | Tagged | Leave a comment

Remote Work Offers

Via Paul Graham, he have this:

I’ve been writing a lot lately about remote work and how smart management will eventually come to terms with the new reality. The above graph appears to show that it’s already happening. An increase of 50% in job listings offering remote work is significant.

Of course, we’re looking at only one source of listings and that source is Hacker News so we shouldn’t rush into drawing wide ranging conclusions. I think it likely that traditional Wall St. firms, for example, will be slower to embrace remote work as a permanent way of doing business but if they don’t eventually get on board, hungry startups will start eating their lunch.

It’s probably true that Tech jobs in particular are going to have to offer remote work as an option. Heretofore, Apple and Google, for example, have been considered such great gigs that they could insist that everyone come into the office. More and more, that seems like a rearguard action that will soon change.

Posted in General | Tagged | Leave a comment

Another COVID-19 Shoe Drops

Another shoe has dropped in the on-going drama of the origins of COVID-19. For the last 18 months, Anthony Fauci has loudly and emphatically denied that the NIH ever funded gain-of-function research at the Wuhan Institute of Virology. He went so far as to describe those saying it did as liars. He even called out Senator Rand Paul for lying about the matter.

Except, oops, it all turned out to be true. In response to insistent, repeated demands from Congress, the NIH sent a letter admitting that the NIH had, in fact, given a grant to EcoHealth Alliance to fund research at Wuhan for gain-of-function research. The NIH was quick to point out that Fauci had been completely honest with Congress because, gee, he didn’t know what the researchers were doing. Sadly for Fauci, the principals are saying that, actually, they sent a full report about what was going on two years ago. The NIH also says that this research is unrelated to COVID-19 and that they know this because the genomes of the viruses involved were completely different. Independent experts agree.

So the origin of COVID-19 is still unknown but what is no longer in doubt is that almost everyone involved has been lying and is involved in a wide ranging cover-up. According to Vanity Fair, Gilles Demaneuf, a data scientist with the independent group DRASTIC that is investigating the origins of COVID-19, put it this way, “I cannot be sure that [COVID-19 originated from] a research-related accident or infection from a sampling trip. But I am 100% sure there was a massive cover-up.”

I’ve said before and it’s still true that I don’t have enough domain knowledge to make an informed judgment on the scientific evidence for the lab accident versus the zoonotic explanation for COVID-19. I do, however, have a modicum of common sense so I can recognize special pleading masquerading as science.

If the case for zoonotic origins is as strong as the partisans are insisting, why are they resisting investigating the matter? Why are they are loudly exclaiming that any alternative explanation is a conspiracy theory? Or—the sure sign that they have something to hide—why are they claiming that investigating the cause of COVID-19 is racist? Anyone with a modicum of scientific training, skepticism, or common sense knows instinctively that someone is trying to pull a fast one.

Posted in General | Tagged | Leave a comment

The Scimax Channel

As I noted previously, John Kitchin has been busy making and posting videos about Scimax, his Emacs starter kit targeted at scientists and engineers involved in programming and publishing. There are so many videos that I can’t hope to comment on each one. Nonetheless, they’re all worth watching so I’m publishing a link to the Scimax channel so that you can subscribe or add it to your RSS feed.

Currently, Kitchin is concentrating on videos about Org-ref 3, the latest version of his excellent bibliographic and cross-reference tool for Org-mode. There’s still one or two videos to come in the series but after he’s done I’ll probably write a post on the whole series.

Until then, take a look at the channel’s video listings and pick any that look interesting to you. It will, believe me, be hard to go wrong,

Posted in General | Tagged , | Leave a comment

Florida Digital License Coming in November

It’s been a while since I’ve written about my quest to ditch my keys and wallet and be able to leave the house with nothing but my iPhone. All the blocking is due to automobiles. I still don’t have a car that lets me unlock it and start it with my phone and I still don’t have a digital driver’s license.

Happily, that last problem is about the change. Sort of. Florida’s version of the DMV (FLHSMV) is saying that they expect to make digital licenses available to the public in mid-November. That’s great news and moves me closer to my goal of a walletless future. I say “sort of” because, at least for now, you still have to carry your physical license. That’s because Florida law requires it but I expect that sooner or later the Florida legislature will bestir itself and agree that the digital version will suffice. After all, if it’s good enough for the TSA, it ought to be good enough for a traffic stop.

As I was writing this post, another issue came up. If look at the report from the Florida TV station at the above link, you’ll notice that they let their readers record their reaction to the story. An astounding 57% said that the idea of a digital license made them mad. What!?! Are these people crazy? Sure, some people won’t want a digital license for any of a number of reasons and that’s fine but the digital license is completely optional: if you don’t want one, you simply don’t download the app. Why on earth would these people be mad that those who want a digital license can get one?

Just add it to the ever-growing list of things I don’t understand. In the mean time, the future is coming to Florida driver’s licenses.

Posted in General | Tagged , | Leave a comment

Red Meat Friday: Emacs Appearance

WebDev Tory makes a point that many long time Emacs users can relate to:

Many of us curmudgeonly misanthropes have little patience for the continual bleating about Emacs’ lack of bling. We subscribe to Vivek Haldar’s philosophy of why should you ever care how your editor looks, unless you’re trying to win a screenshot competition? We don’t care about menus, we don’t care about mice, we don’t care about buttons, we don’t care about bling; we care about power.

Power. That’s what Emacs gives us and really it’s all that matters. If you want bling—to channel DMR—you know where to find it. Head on over to VS Studio or whatever the latest hotness is. But if you want power, Emacs is the place to be.

Posted in General | Tagged , | Leave a comment