Posts tagged ‘security’

Thinking of the Gracchi Brothers Today

It is with mixed emotions that I greet this day.  Frequent readers will know that I long for a system of much more open immigration.  I don't think that the US Government should be limiting who can and cannot seek work or live within the US borders (setting rules for citizenship and receipt of benefits are different matters).  So I would like to see many long-time immigrants legalized today (and in fact I likely have friends and acquaintances who will benefit, though it's always been a bit awkward to ask them about immigration status).

However, I would MUCH rather see a rational process implemented than these once a decade amnesties we seem to go in for instead.

I also worry that Obama is taking these actions for all the wrong reasons, seeking to add 5 million Democratic voters rather than trying to help 5 million people who are seeking prosperity.  The reason I suspect this is that he is also seeking higher minimum wages that will likely make it harder for these folks to find work, likely something he has promised to his union allies so they won't freak out.  I have always said that Republicans want immigrants to work but not vote and Democrats want immigrants to vote but not work.

But I am much more worried about the un-Constitutional process that is going to be followed.  Of course, this is not the only Executive power grab over the last two presidencies, but it is a big one and one of the first where the President has admitted he doesn't have the power but is going to do it anyway.

Around 133BC, Tiberius Gracchus was ticked off that the Roman Republic would not consider necessary land reform.  I am going to oversimplify here, but in their conquests the Romans had grabbed a lot of new territory and by law that land was supposed to be parceled in small sections to lots of individual land holders.  Instead, powerful men (many of whom were in the Senate) grabbed the lion's share of this land for themselves in huge estates.   Gracchus rightly saw this as unfair and a violation of law, but it was also a threat to the security of the nation, as independent landowners who bought their own weapons were the backbone of the Roman army.  The shift of agriculture to huge estates staffed with slaves was not only forcing a shift in the makeup of the army (one which would by the way contribute to the rise of despotic generals like Sulla and Caeser), but also was creating social problems by throwing mobs of unlanded poor on the cities, particularly Rome.

Anyway, the short version is that Tiberius Gracchus had good reason to think these reforms were important.  But traditionally they would have to be considered by the Senate first, and he was too impatient to wait that process out, and besides (probably rightly) feared the Senate would find a way to kill them.   He was so passionate about them that he violated the (unwritten) Roman Constitution by ignoring the Senate and setting new precedents for using his position as Tribune to pass the new laws.  It was absolutely the prototype for a well-intentioned bypassing of the Constitution.  I won't go into detail, but Tiberius was killed at the behest of some Senators, but his brother picked up his mantle 10 years later and did some similar things.  Which is why we talk of the Gracchi brothers.

In the near term, the results were some partial successes with land reform.  However, in the long-term, their actions really got the ball rolling on what is called the Roman Revolution.  A hundred years later, the Republic would be gone, replaced with a dictatorship.  Step by step, the precedents often set initially with only the best intentions, were snatched up and used by demagogues to cement their own power.  In later years, what gave emperors their authority was a package of powers granted to them.  One of the most important was "tribunition" power.  In essence, the tribunition power included many of the powers first exercised aggresively by the Gracchi brothers.  More than just starting the ball rolling on the Revolution, they pioneered the use of powers that were to be the core of future emperors' authority.

Sorry for the Downtime

Had some sort of attack running all weekend against one of my more minor web sites.  Hostgator found the attack and changed our security rules, and for now we should be fine.  Sort of violating the security through obscurity rule of thumb since this was a very obscure site they were attacking.

Site Issues

Well, we had just a mess of problems here.  We have had off and on DOS attacks for a week or so, and then last night I managed to embed some oddball code in a quotation in one of yesterdays posts that caused other heartache.

After a lot of debugging, I am hoping all is well again.  I have changed the caching and security options at Incapsula, which I use as a gateway for traffic.  For many of you, you will see substantial performance improvements but at the cost of some caching which may delay your comments showing up by 10 minutes or so.

The Real Money in the Climate Debate

I have yet to meet a skeptic who reports getting any money from mysterious climate skeptics.  A few years ago Greenpeace had a press release that was picked up everywhere about how Exxon was spending big money on climate denialism, with numbers that turned out to be in the tens of thousands of dollars a year.

The big money has always been in climate alarmism.  Climate skeptics are outspent a thousand to one.  Here is just one example

It sounds like the makings of a political-action thriller. The National Geospatial Intelligence Agency (NGA) has awarded Arizona State University a five-year, $20 million agreement to research the effects of climate change and its propensity to cause civil and political unrest.

The agreement is known as the Foresight Initiative. The goal is to understand how climate-caused disruptions and the depletion of natural resources including water, land and energy will impact political instability.

The plan is to create visually appealing computer models and simulations using large quantities of real-time data to guide policymakers in their decisions.

To understand the impacts of climate change, ASU is using the latest advances in cloud computing and storage technologies, natural user interfaces and machine learning to create real-time computer models and simulations, said Nadya Bliss, principal investigator for the Foresight Initiative and assistant vice president with ASU's Office of Knowledge and Development.

I can tell you the answer to this study already.  How do I know?  If they say the security risks are minimal, there will be zero follow-up funding.  If they say the security risks are huge, it will almost demand more and larger follow-up studies.  What is your guess of the results, especially since the results will all be based on opaque computer models whose results will be extremely sensitive to small changes in certain inputs?

Postscript:  I can just imagine a practical joke where the researchers give university officials a preview of results.  They say that the dangers are minimal.  It would be hilarious to see the disappointment in the eyes of all the University administrators.  Never in history would such a positive result be received with so much depression.  And then the researchers would say "Just kidding, of course it will be a catastrophe, it will be much worse than predicted, the badness will be accelerating, etc."

AZ Corporation Commission's Completely Inadequate Response to My Critique on their Site Security

A while back I wrote about my concerns about the total absence of any security at all in the Arizona corporate annual reporting system

I started the annual reporting process by just typing in the name of my company and getting started.  There was no password protection, no identity check.  They had no way of knowing I had anything to do with this corporation and yet I was answering questions like "have you been convicted for fraud."  The potential for mischief is enormous.  One would have to get the timing right (an annual report must be due before one can get in) but one could easily open the site on January 1 and start entering false information in the registrations for such corporations as Exxon and Wal-Mart.

See for yourself.  Here is their web site.

I showed how one could open and file the report for a company like Wal-Mart, changing all their officers names, and confessing to all sorts of imagined corporate crimes

Again, note what I am saying.  This is not the result of hacking.  This is not lax security I figured out how to evade.  This is the result of no security whatsoever.  I simply went to the link above, clicked on the Wal-Mart Associates link, and then clicked on the annual report link.  I know from doing my own registration that there is a signature page at the end, but all you do is type in the name of an officer and a title -- data that is right there on the site.  It's like asking you for a password after the site just listed all the valid passwords.

The head of the Arizona Corporation Commission wrote me back. Here is here email in its entirety:

Dear Mr. Meyer:

Thank you for your email regarding the Corporations Division.  The Arizona Corporation Commission is the repository for all business formation documents for corporations and limited liability corporations.  We are in full compliance with state statutes.

Submitting false documents to alter another’s corporate structure or status is a crime and carries a Class 4 or Class 5 penalty.  The Commission or the aggrieved business entity may refer the false filing to the Attorney General’s office for prosecution.  Additionally, the individual business entity may pursue a civil cause of action.  The Commission only accepts on-line charges for a few services such as name reservation or to order a certificate of good standing, and the online payment process is completely secure.

Even though the Commission’s existing security measures comply with the state law and are similar to most other states and other Arizona governmental entities like the County Treasurer’s Office, the Commission is looking at implementing new technology to allow for the online submission of additional services – such as the filing of original Articles of Organization and Articles of Incorporation.  We do intend to provide password protected security features when that new technology is offered to the public.

J. Jerich

Executive Director

Arizona Corporation Commission

I had no doubt that submitting a false annual report for Wal-Mart would be illegal.  Duh.  However, it is just incredibly naive that this is the sole extent of the Commission's security, to prosecute people once the damage is done.  Can you imagine if Amazon had the same security policy - "we are getting rid of passwords because it would be illegal for you to buy something from someone else's account."  I wonder if the commissioners leave their doors unlocked at night, trusting in the threat of future prosecution to deter burglary and mayhem in their homes?

Arizona Corporation Commission Web Site is Criminally Insecure

Today I had to do my annual renewal of my corporate registration in Arizona.  As in most states, this involves a bit of information foreplay followed by the purpose of the exercise -- sending in a check to the corporation commission.

But here is the extraordinarily scary part -- I started the annual reporting process by just typing in the name of my company and getting started.  There was no password protection, no identity check.  They had no way of knowing I had anything to do with this corporation and yet I was answering questions like "have you been convicted for fraud."  The potential for mischief is enormous.  One would have to get the timing right (an annual report must be due before one can get in) but one could easily open the site on January 1 and start entering false information in the registrations for such corporations as Exxon and Wal-Mart.

See for yourself.  Here is their web site.  Below is a screen shot of the site letting me in to edit one of Wal-Mart's corporate registrations in Arizona:

click to enlarge

 

Again, note what I am saying.  This is not the result of hacking.  This is not lax security I figured out how to evade.  This is the result of no security whatsoever.  I simply went to the link above, clicked on the Wal-Mart Associates link, and then clicked on the annual report link.  I know from doing my own registration that there is a signature page at the end, but all you do is type in the name of an officer and a title -- data that is right there on the site.  It's like asking you for a password after the site just listed all the valid passwords.

If I disliked Wal-Mart, I could put all kinds of crazy garbage in here.  I did not go further, because I would have had to answer these questions to proceed and I had no desire to mess with another company's critical data, but if I had gone further I could have changed their mailing address, the names of their officers, etc. -- all I had to do was just pay the $60-ish registration fee for them and they would have a big mess on their hands to sort out.   If I had access to a fake or stolen credit card and a public computer, I could have done it all without any hope of being traced.

By the way, from my experience, this is not unique to Arizona.  This criminally lax behavior seems to be the norm in most states.

I have submitted this all as a complaint to the state, so far with no response.  If anyone in AZ knows how I can get someone's attention with this, let me know.

Windows 8 Even Worse Than I Thought

Up to this point, after some initial bad impressions trying Windows 8 briefly, I have avoided it like the plague.  However, my son needed a new laptop and the only ones that really met our requirements only came in Windows 8 flavors, so we bought one.

What an awful mess.  The system boots up into a tiled mess that looks like some cheesy website covered in moving gifs and viagra ads.  To make matters worse, nothing on this tablet-based interface is organized at all logically.  The interface is like the room of an ADD child that dropped all of his toys and books in random spots.  I am sure these tiles have some sort of navigation paradigm, but it is completely different from any used in past windows versions.  I could not, for example, figure out how to easily exit the store except to alt-tab out (there is no exit or quit option and right-click context menus which are one of the great advantages of windows over mac don't seem to work a lot of the time).  Again, I am sure there is some way to do it, but I have no idea what it is and no desire to learn new navigation commands.  Perhaps Microsoft intends that one use a gamepad instead of a mouse -- I would not be surprised at this point.

Unlike older versions of windows, windows update did not run automatically at first bootup.  I knew from past experience there were likely dozens of security patches I needed to install right away.  I hunted for quite a while just to find the windows control panel (so I could run windows update).  It was buried in a sub-menu of a toolbar on the right side of the screen that only pops up if you find a tiny (unmarked) spot in the corner of the screen with your mouse.   It amazes me that anyone thought replacing the start button with an unmarked spot on the screen was a good idea.

Of course, the control panel is called something entirely different now, but I did eventually find windows update and there were, as expected, over 70 security patches that needed to be installed.  But for some reason they would not download immediately, but kept giving me a message that they would be downloaded at some future indeterminate date.  I finally found a way to force them to download.

My next step was to get rid of the stupid application tile interface and get the computer to boot directly to desktop and get the old start button back.  This requires a free upgrade to windows 8.1, but there is no obvious way to do this, even through windows update.  I finally had to search the internet to find the link.  This sent me into the windows 8 app store.  What a total mess that is!  If anything, it is more poorly organized than the Apple app store.  Like the Apple store, it seems aimed at people who want to browse applications virtually at random rather than find something specific.  Incredibly, there is no search function.  Yes, I know, I have to be wrong about that, but I scrolled all over that damn storefront and cannot find a search box.

So I cannot actually find the Windows 8.1 upgrade.  The web site tells me that I should be presented with a prominent option to download it in the store, but I am not.  It is nowhere to be found.  I found an FAQ somewhere that suggested that I would not be offered the 8.1 upgrade if my 8.0 installation is missing certain patches, so I am going back to windows update to see if there is something I am still missing.

I was wrong about windows 8 -- I once wrote it was bad but perhaps not as bad as Vista or ME.  But it is.  This is the worst thing I have ever seen come out of Microsoft.  It is inexplicable that this company with such a strong market share in the business world could saddle its flagship OS with an interface more appropriate to an XBOX.

In the past, I have said that I would not want a desktop with a tablet interface.  But at the end of the day, I would not want a tablet with this interface.  Perhaps with hours of work, I will make this computer usable.  Who would have ever thought I would have longed for the day when I had to spend an hour with a new computer removing bloatware.  Now I have to spend a day trying to emulate the windows 7 experience on windows 8.

People have developed many hypotheses for the lingering recession.  Some say it was too small a stimulus.  Some blame the sequester.  I blame the Windows 8 launch, which I think has a lot to do with suppressing PC sales and thus much of the electronics and retailing sector.

2014 Obamacare Headlines

Here are a few shoes that are left to drop for Obamacare:

  1. Millions complain about their doctor no longer being in-network
  2. Thousands of companies are finding it cheaper to drop coverage and pay Obamacare penalties than continuing to provide health care coverage under new rules
  3. Despite fewer exchange enrollments than expected, total Federal subsidy payments higher than expected
  4. Emergency rooms overflow with new Medicaid patients that no private doctor will take on
  5. Exchange-sold health policies, particularly the unsubsidized ones, were mainly bought by the old and sick
  6. Obama Administration works to bail out health insurers via a number of different avenues
  7. Small to mid-size companies are shocked as Obama Administration finally reveals new record-keeping requirements
  8. After 5 years of 3-4% growth, health care spending skyrockets in 2014
  9. ________ health insurance company dropping coverage in  ____(state)_______
  10. Hackers steal tens of thousands of names and social security numbers from health care exchange computers.

I will score myself as the year progresses to see how many of these we actually see.  I would not be surprised to see every one of these.

Masked Credit Cards

I wrote the other day about shifting to unique passwords for every single web site I visit (there were 300 I had to change!) to limit the damage from a data breach such as that at Adobe.  The irony was that to make this work, I adopted a password vault program to remember all these 300 strings of random characters.  Which means that I am putting a LOT of trust into one site, instead of a moderate amount of trust into multiple sites.

The same sort of approach is being investigated with credit cards, where intermediaries are providing masked credit cards with one-time numbers (hat tip to a reader).  In some ways Paypal has a masked approach where the transaction is settled off the retailer's site entirely, though I am not sure I am entirely comfortable with Paypal's security.

Passwords

I am registered at a LOT of sites - blogs, hosting accounts, stores, message boards, etc.  A few years ago I started using the Lastpass Chrome add-in to track and remember all these passwords.

One problem though: like most people I was using the same few passwords over and over.  I had fixed, mostly, the most egregious mistakes, such as using the same password for low-trust sites like bulletin boards as for critical sites like banks.  But Lastpass showed me was that I still had a lot of password duplication.

The Adobe security breach finally got me off my butt.  My user name and password were among those that Adobe lost (which was particularly irritating because Adobe was one of those software companies that demanded a registration even when one should not have been necessary).  There was nothing at Adobe of mine they could screw up -- the registration was obviously to try to sell me more stuff but I never bought anything.  But there were possibly other sites using the same password they could screw up.

So I began a mission to change my passwords to 12-digit randomly generated strings of letters and numbers.  Having Fastpass helped a ton, as I would never have remembered all the sites with which I had registrations.  There were hundreds.

This was a real slog, a task so boring it was equaled only by the month when I ripped all my CD's to my hard drive and surpassed only by the 3 months when I ripped all my DVD's to hard drives.  The problem was that every web site was essentially a little portal-like adventure puzzle, trying to figure out where the hell the options for password change could be found.  I challenge those of you who have registered at WhiteHouse.gov to sign a survey to find the place to change your password.  At JetBlue, there is no such option in the user accounts -- you have to log off and click "forgot my password" at the logon screen and then click on the option to reset the password, but the reset email never shows up.  At two or three sites I had to email the site web manager to send me a link to the password change page.

Anyway, it's finally done now.  There are a couple of sites I use from my iPad for which I had to create unique memorable passwords because iOS does not have very good support mechanisms for such services as Lastpass, though as Chrome for iOS gets better, I expect that to make the problem easier to manage.  I had forgotten how many of these passwords (Netflix, Hulu, Amazon, etc.) were plugged into things like my Roku.  It was irritating with the crappy remote to enter these random strings of characters as new passwords.

Of course security of the Lastpass account becomes a problem.  I guess I have to trust them.  My password for them is unique and never has been used anywhere else and contains no real English words.  I use 2-step verification at all times to log into it, so hopefully I am moderately well-protected.

The Two Lame Answers Obama Supporters Are Giving Those of Us Who Have Had Our Health Insurance Cancelled

1.  The first Obama Administration response to people (like myself) who have had their health insurance cancelled because of Obamacare and who are facing much higher future premiums is that many of can expect a subsidy.  Do you realize how awful this is?  Basically they are acknowledging that millions of people who paid for their own health care in the past will now be getting taxpayer money.  Essentially, a huge and unnecessary increase in government dependency.

2.  The other equally awful Obama Administration answer is that our new health coverage will be more expensive because it will be "better".  First, there is no evidence of this -- early returns are that people are paying more for less.  Second, though, this is horribly arrogant.  A $200,000 Maserati sedan is likely "better" than my car I am driving, but given its price I would consider myself worse off if forced to buy a Maserati.  In the same sense, forcing me to by expensive insurance options I don't want is not "better", even if I am making choices Obama's advisers would not make for themselves.  I spent a lot of time shopping for health insurance and running numbers on various cases and picking the best plan for me, and am insulted that Obama does not respect my decision.

By the way, I will remind you of what I said way back in 2007 about government health care proposals

Americans are unbelievably charitable people, to the extent that they will put up with a lot of taxation and even losses of freedoms through government coercion to help people out.

However, in nearly every other case of government-coerced charity, the main effect is "just" an increase in taxes.  Lyndon Johnson wants to embark on a futile attempt to try to provide public housing to the poor?  Our taxes go up, a lot of really bad housing is built, but at least my housing did not get any worse.  Ditto food programs -- the poor might get some moldy cheese from a warehouse, but my food did not get worse.  Ditto welfare.  Ditto social security, unemployment insurance,and work programs.

But health care is different.... what is different about many of the health care proposals on the table is that everyone, not just the poor will get this same crappy level of treatment.  It would be like a public housing program where everyone's house is torn down and every single person must move into public housing.  That is universal state-run health care.  Ten percent of America gets pulled up, 90% of America gets pulled down, possibly way down.

Obamacare Not Only Raising My Rates, But Making The Process Much Harder

On September 26 of this year, President Obama said this of the new Obamacare exchanges:

“If you’ve ever tried to buy insurance on your own,” he said, “I promise you this is a lot easier.”

Well, let's see.  Here are some notes on my previous health insurance buying decision

  • I was able to price shop policies online without creating an account, without giving up my social security number.  The websites to do so worked and operated quickly
  • A broker who had decades of experience in health care (rather than being a former Obama campaign worker with a few hours of training) walked me through the options and how they worked.
  • Once we chose a policy, the application process online was quick and easy

Here is one thing that was likely worse

  • I had to provide medical history information, which probably is not required under Obamacare because of community rating (though I am not sure)

And here is one thing that was better for me but I guess must be worse for the Left since they complain about it so much

  • There was a lot more choice.  If the process was "harder" in any way before, it was because there were far more choices.  It was harder in the same way that it is generally harder to shop in the US than, say, in the old Soviet Union.  Obamacare circumscribes policies such that a large package of benefits are mandated, not optional (I have to pay for mental health coverage and probably aromatherapy) and the size of one's deductible is capped.

It is also this latter difference that will make my next policy substantially more expensive.  In standardizing options, the Congress standardized on the most expensive options (broadest possible benefits, smallest possible deductible).

By the way, this is not proven yet but there is probably one other way my Obamacare policy will be worse than my last one:  the doctor network in my policy will very likely be a LOT smaller.  We could almost be sure this would happen precisely because Obama promised it wouldn't  (his promises on health care are pretty good "tells" that the opposite will happen).

Insulting Treatment by the US Forest Service

This was posted by the US Forest Service outside of a privately-funded, privately-operated campground:

White-Mountain-NF-Shut-Down

 

All the maintenance at this site, as well as all cleaning, utilities, security monitoring, staffing, customer service, etc. are provided and paid for by a private concessionaire that does not take one dime of government money.   The "our ability to perform maintenance" is incredibly disingenuous, because over the course of a year likely no US Forest Service maintenance person even steps on the property.   The last half of the message therefore has absolutely nothing to do with the first half.  The campground is closed and not being maintained because the US Forest Service has arbitrarily suspended the concessionaires contract in an apparent attempt to make the shutdown more painful for the public.

Forest Service Closing Only Small Private Campground Operators, Not Closing Large Ski Corporations or State Parks that Operate on Forest Service Land

As readers will know, the US Forest Service has issued and unprecedented and unnecessary order to close over a thousand privately-funded campgrounds that don't take one dime of Federal money (example here).  All the 100+ parks we operate in the US Forest Service have been ordered closed.

But there appears to be more to this story.  There are several groups that operate parks on National Forest lands under agreements nearly identical to ours who appear to have been exempted from the closure order.

  • Large corporations that run ski resorts and certain other large resort properties on National Forest lands have been exempted.  It should be noted that ski resorts operators, unlike campground operators, have full-time lobbyists stationed in Washington and can afford in-house staff lawyers to fight these kinds of orders.  My guess is that knowing they would immediately get sued if they ordered larger private firms to close, the USFS focused only on smaller and more helpless private firms.
  • Many state parks, including at least 3 in Arizona and many in California, are actually on US Forest Service land and operate through special use permits almost identical to those we have with the USFS, yet none of these parks have been asked to close  (Slide Rock and Fool Hollow State Park in Arizona and Burney Falls SP in California are just a few examples of state parks that operate on US Forest Service land).

In other words, the US Forest Service seems to be issuing closure orders inconsistently, targeting only private operators who are too small to fight back.  The USFS has not been especially clear how they are justifying this order (perhaps since it can't be justified) but they have hinted that it is either because a) they can no longer "administer" these contracts, whatever that means since they have no day-to-day administration responsibilities or b) they are removing everyone from Federal lands.  Note, though, that both explanation "a" or "b" would apply equally to ski resorts and state parks operating on Federal land leases which are not being closed.

I will also add that the USFS is continuing to allow individuals to hike and camp in non-developed areas of the forests.  I have no problem with this -- there is no reason for the USFS to halt public access to public land just because their employees are getting a paid vacation.  But this just highlights how crazy and inconsistent their policies are.  People can camp in the National Forest everywhere except in developed campgrounds where private companies who take no Federal money normally have employees on site to clean up trash and provide security and prevent fires.  Many campers take good care of the land but some do not, and driving these campers out of privately-operated developed sites into dispersed areas where their impact cannot be mitigated is just another way these actions increase rather than decrease costs.

 

Vagrant Economy, Dodging Garnishments

I have zero desire to comment on Tawana Brawley, but this article raised an issue at the end that has always been interesting to me.  After literally decades of court action, Brawley finally had a garnishment order enforced on her paycheck to start making good on a defamation suit by the man she victimized with her false rape allegations  (Which in fact demonstrates another point I have made before -- you can win a judgement in court but that can often be less than half the battle.  It can be harder to get the judgement actually paid).

Anyway, apparently as soon as the garnishment order was applied by her employer, she quit the job without a forwarding address (the headline says "loses her job" as if she was fired but the text seems to say she quit, presumably to dodge the garnishment).  This happens in my business all the time.  On our 400+ employees, we probably get 5-10 new garnishment orders a year, often tax liens or child support payments.  These take a while to catch up with people, so while the orders may be years old, the employees might work for me 3-6 months before the order shows up in our office to enforce.  (For those who don't know, each state typically requires some sort of new employee notification by our business to the state, so they can run the employee's name and social security number against various data bases to generate these orders).

Once the first garnishment hits their paycheck, at least 80% quit immediately, moving on like Brawley to get another 6 months of work somewhere else before the garnishment presumably catches up to  them again.  I have no idea how large this group of job vagrants is that are constantly moving to dodge garnishments, but from our sample it is pretty large.

Obamacare Mandates Delayed -- And That Other Shoe

Well, it certainly comes as happy news to this correspondent that the Administration announced this week it will delay health insurance mandates on businesses.  Our company has spent a ton of time since last November trying to minimize the expected cost of the mandates -- the initial cost estimates of which for our business came in at three times our annual net income.  Our preparation has been hampered by the fact that the IRS still has not finalized rules for how these mandates will be applied to a seasonal work force.  Like many retail service businesses, we have studied a number of models for converting most of our work force to part time, thus making the mandates irrelevant for us.

I know this last statement has earned me a fair share of crap in the comments section as a heartless capitalist swine, but the vitriol is just absurd.   Many of the folks criticizing me can't or don't want to imagine themselves running a business, so let's say you have an annual salary of $40,000.  Now, on top of all your other expenses, the government just mandated that you have to pay an extra $120,000 a year for something.  That is the situation my business is in.  Are you just going to sit there and allow your savings to become a smoking hole in the ground, or are you going to do something to avoid it?  Unlike the government, I cannot run a permanent deficit and I cannot create new revenues by fiat.  Congress allowed business owners a legal way to avoid the health insurance mandate, and I am going to grab that option rather than be bankrupted.  So are every other service business I know of, which is why I have predicted that full-time jobs are on the verge of disappearing in the retail service sector.

Anyway, it appears that the IRS and the Administration could not get their act together fast enough to make this happen.  Not a surprise, I suppose.  You and I have both been in committee meetings, and have seen groups devolve into arguments aver useless minutia.  This is not a monopoly of the government, it happens in the private sector as well.  But in the private sector, in good companies, a leader steps in and says "I have heard enough, it is going to be done X way, now go do it."  In government, the incentives work against leaders cutting through the Gordian knot in this way, so the muddle can carry on forever.

There are at least two more shoes that are going to drop, one bad, one good:

  1. On the bad side, while companies like mine complain about the cost of the PPACA, they are going to freak when they see the paperwork.  My sense is that we are going to be required to know in great detail what kind of health insurance policy every one of our employees have, even if it was not obtained through our company, and will have to report that regularly to the government.  In addition, there are gong to be new reporting requirements to new agencies for wages and hours.  It is going to be a big mess, and my uneducated guess is that someone in the last week or so looked at that mess and decided to hold off announcing it.

    But readers can expect a Coyote freak out whenever it is announced, because it is going to be bad.  Wal-mart will be fine, it has the money to build systems to do that stuff, but companies like mine with 500 employees but only 2 staff people are going to get slammed.  There is a reason government agencies, even government schools, have more staff than line personnel -- they live and breath and think in terms of complex reporting and paperwork.  They love it because for many it is their job security.  Swimming every day in that water, it is no surprise they impose it without thought on the private sector.  This makes it hard for companies like ours that try to have 99% of our employees actually serving customers rather than pushing paper.

  2. The individual mandate is toast for next year.  No way it happens.  If the Administration cannot get the corporate piece done on time, there is no way in hell it is going to get the exchanges up and running.  And even if they do, some prominent states with political influence with this President, like Illinois and California, likely will not get their exchanges done in time and will beg for a delay.

Spying on the Press

Well, the silver lining of this story is that the press, who until now have generally yawned at libertarian concerns about warrantless searches and national security letters, particularly since that power has been held by a Democrat rather than a Republican, will now likely go nuts.

You have probably seen it by now, but here is the basic story

The Justice Department secretly obtained two months of telephone records of reporters and editors for The Associated Press in what the news cooperative's top executive called a "massive and unprecedented intrusion" into how news organizations gather the news.

The records obtained by the Justice Department listed incoming and outgoing calls, and the duration of each call, for the work and personal phone numbers of individual reporters, general AP office numbers in New York, Washington and Hartford, Conn., and the main number for AP reporters in the House of Representatives press gallery, according to attorneys for the AP.

In all, the government seized those records for more than 20 separate telephone lines assigned to AP and its journalists in April and May of 2012. The exact number of journalists who used the phone lines during that period is unknown but more than 100 journalists work in the offices whose phone records were targeted on a wide array of stories about government and other matters.

The AP believes this is an investigation into sources of a story on May 7, 2012 about a foiled terror attack.  This bit was interesting to me for two reasons:

The May 7, 2012, AP story that disclosed details of the CIA operation in Yemen to stop an airliner bomb plot occurred around the one-year anniversary of the May 2, 2011, killing of Osama bin Laden.

The plot was significant because the White House had told the public it had "no credible information that terrorist organizations, including al-Qaida, are plotting attacks in the U.S. to coincide with the (May 2) anniversary of bin Laden's death."

The AP delayed reporting the story at the request of government officials who said it would jeopardize national security. Once government officials said those concerns were allayed, the AP disclosed the plot because officials said it no longer endangered national security. The Obama administration, however, continued to request that the story be held until the administration could make an official announcement.

First, it seems to fit in with the White House cover-up over Benghazi, in the sense that it is another example of the Administration trying to downplay, in fact hide, acts of organized terrorism.  I have criticized the Administration for throwing free speech under the bus in its Benghazi response, but I must say their reasons for doing so were never that clear to me.  This story seems to create a pattern of almost irrational White House sensitivity to any admission of terrorist threats to the US.

Second, note from the last sentence that the White House is bending over backwards to investigate the AP basically for stealing its thunder before a press conference.  Wow.  Well if that were suddenly illegal, just about everyone in DC would be in jail.

Update:  Some thoughts from Glenn Greenwald

how media reactions to civil liberties assaults are shaped almost entirely by who the victims are. For years, the Obama administration has been engaged in pervasive spying on American Muslim communities and dissident groups. It demanded a reform-free renewal of the Patriot Act and the Fisa Amendments Act of 2008, both of which codify immense powers of warrantless eavesdropping, including ones that can be used against journalists. It has prosecuted double the number of whistleblowers under espionage statutes as all previous administrations combined, threatened to criminalize WikiLeaks, and abused Bradley Manning to the point that a formal UN investigation denounced his treatment as "cruel and inhuman".

But, with a few noble exceptions, most major media outlets said little about any of this, except in those cases when they supported it. It took a direct and blatant attack on them for them to really get worked up, denounce these assaults, and acknowledge this administration's true character. That is redolent of how the general public reacted with rage over privacy invasions only when new TSA airport searches targeted not just Muslims but themselves: what they perceive as "regular Americans". Or how former Democratic Rep. Jane Harman -- once the most vocal defender of Bush's vast warrantless eavesdropping programs -- suddenly began sounding like a shrill and outraged privacy advocate once it was revealed that her own conversations with Aipac representatives were recorded by the government.

Rich People Acting Like Babies

I don't pay much attention to TV and entertainment news, but I found myself kind of fascinated by this train wreck.  

I was amazed at the stakes, how many hundreds of millions of dollars were on the line, based on small changes in the perceived likability of certain talking heads.

But I was even more amazed by how juvenile, thin-skinned, and emotionally-immature people making 10 million + salaries could be.  One woman, who had a reputation as a serious journalist (at least until she took a job on a morning show) breaks down into tears and goes into a year-long depression because she lost her job -- and was effectively given a $12 million severance, a figure well north of my lifetime cumulative income.  Jeez, who in this day and age has not lost a job, likely with no more to show for it than a box of their personal items and a security escort to the door?  Reading this thing I just wanted to keep shouting "grow the f*ck up!"

Why Do We Need Electronic Medical Records? So Your Personal Data is More Readily Available to the Government

Given recent legislative and judicial decisions, there are vanishingly few electronic records that the government cannot rape at will.  Increasingly, government agencies can access electronic data without even bothering with silly stuff like warrants or judicial review.  Latest case in point:  Electronic medical records

The Drug Enforcement Administration is trying to access private prescription records of patients in Oregon without a warrant, despite a state law forbidding it from doing so. The ACLU and its Oregon affiliate are challenging this practice in a new case that raises the question of whether the Fourth Amendment allows federal law enforcement agents to obtain confidential prescription records without a judge’s prior approval. It should not.

In 2009, the Oregon legislature created the Oregon Prescription Drug Monitoring Program (PDMP), which tracks prescriptions for certain drugs dispensed by Oregon pharmacies, including all of the medications listed above. The program was intended to help physicians prevent drug overdoses by their patients and more easily recognize signs of drug abuse. Because the medical information revealed by these prescription records is highly sensitive, the legislature created robust privacy and security protections for the PDMP, including a requirement that law enforcement must obtain a warrant before requesting records for use in an investigation. But despite those protections, the DEA has been requesting prescription records from the PDMP using administrative subpoenas which, unlike warrants, do not involve demonstrating probable cause to a neutral judge.

While the government needs a search warrant to access paper medical records, it apparently feels it can look at electronic records without a warrant,.  Which explains one reason why the Administration is so excited about the new medical records requirements in Obamacare.   You didn't think HIPAA applied to the government, did you?  And if you wondered why Obamacare requires doctors to ask medically-unrelated questions (e.g. on gun ownership), now you know.

I Guess This Needs to be Said

I had thought that post-9/11 and with the very visible object lesson of TSA security theater that this would have already been understood, but I will repeat it:  There are no security steps that we are willing to tolerate as a free society that would make it impossible, or even substantially more difficult, for a motivated deranged person to shoot up an elementary school.

Promises by politicians up to and including the President to take "steps" to improve safety are illusory.  What we will get, if anything, will be incremental steps that will hassle law-abiding citizens (think: taking your shoes off at the airport and not using your iPad during takeoffs) without doing anything to deter actual criminals.  In particular, any honest and knowledgeable security person will tell you that there is no realistic way, short perhaps of turning ourselves into North Korea, of stopping a killer who is determined to die as part of his crime.

You Ungrateful Slobs Should Be Thankful That The Federal Government Is Running Up Huge Debt

I know what you are thinking -- in this post title Coyote has engaged in some exaggeration to get our attention.  But I haven't!  Felix Salmon actually says this, in reaction to a group of CEO's who wrote an open letter to the feds seeking less deficit spending.

MW-AR995_debt_f_20120607165649_ME.jpgThere are lots of serious threats out there to the economic well-being and security of the United States, and the national debt is simply not one of them.  Nor is it growing. The chart on the right, from Rex Nutting, shows what’s actually going on: total US debt to GDP was rising alarmingly until the crisis, but it has been falling impressively since then. In fact, this is the first time in over half a century that US debt to GDP has been going down rather than up.

So when the CEOs talk about “our growing debt”, what they mean is just the debt owed by the Federal government. And when the Federal government borrows money, that doesn’t even come close to making up for the fact that the CEOs themselves are not borrowing money.

Money is cheaper now than it has been in living memory: the markets are telling corporate America that they are more than willing to fund investments at unbelievably low rates. And yet the CEOs are saying no. That’s a serious threat to the economic well-being of the United States: it’s companies are refusing to invest for the future, even when the markets are begging them to.

Instead, the CEOs come out and start criticizing the Federal government for stepping in and filling the gap. If it wasn’t for the Federal deficit, the debt-to-GDP chart would be declining even more precipitously, and the economy would be a disaster. Deleveraging is a painful process, and the Federal government is — rightly — easing that pain right now. And this is the gratitude it gets in return!

I seldom do this, but let's take this apart paragraph by paragraph:

There are lots of serious threats out there to the economic well-being and security of the United States, and the national debt is simply not one of them.  Nor is it growing. The chart on the right, from Rex Nutting, shows what’s actually going on: total US debt to GDP was rising alarmingly until the crisis, but it has been falling impressively since then. In fact, this is the first time in over half a century that US debt to GDP has been going down rather than up. 

So when the CEOs talk about “our growing debt”, what they mean is just the debt owed by the Federal government.

Duh.  Of course they are talking about the government deficit and not total deficit.   But he is setting up the game he is going to play throughout the piece, switching back and forth between government debt and total debt like a magician moving a pea between two thimbles.  We can already see the game.  "Look folks debt is not a threat, it is going down", but it is going down only at this total public and private debt number.  The letter from the CEO's made the specific argument that rising government debt creates current and future issues (see: Europe).  Just because all debt may be going down does not mean that the rise of one subset of debt is not an issue.

Here are two analogies.  First, consider a neighborhood where most all the residents are paying down their credit card debt except for Fred, who is maxing out his credit cards and has just taken out a third mortgage.  The total debt for your whole neighborhood is going down, but that does not mean that Fred is not in serious trouble.

Or on a larger scale, take consumer debt.  Most categories of consumer debt are falling in the US.  But student debt is rising alarmingly.  Just because total consumer debt may be falling doesn't change the fact that rising student debt is a serious threat to the well-being of a subset of Americans.

And when the Federal government borrows money, that doesn’t even come close to making up for the fact that the CEOs themselves are not borrowing money

What??  Whoever said that the role of the Federal government is to offset changes in corporate borrowing?  In his first paragraph, he already called the rise in total debt "alarming", and I get the sense that both CEO's and consumers agree and so they have been trying to reduce their debts.  So why should the Feds be standing athwart the private unwinding of an "alarming" problem?    And how does he know CEO's and their corporations are part of this deleveraging?  I see no evidence presented.  Corporate debt is but a small part of total US debt.  Corporations may be a part of this, or not.

In fact, they are not.  Corporate borrowing in the securities market has increased almost every quarter since 2008, such that total corporate bond debt is about 10-15% higher than in 2008 (see third chart here).  And here is total debt to GDP broken down by component  (this is for non-financial sectors) source.

Government debt is basically offsetting the consumer deleveraging.  Since consumers have to eventually pay this government debt off, as they are taxpayers too, then the government is basically flipping consumers the bird, forcing them to take on debt they are trying to get rid of.  Hard working consumers think they are making progress paying off debt, but the joke is on them - the feds have taken the debt on for them, and the bill will be coming in future taxes for them and their kids.

He might argue, "this is Keynesianism."  But is it?  If corporations are actually deleveraging, we still don't know how.  Is it through diverting capital investment to debt repayment (as I think Salmon is assuming) or are they raising capital from other sources and rejiggering the right side of their balance sheets?  And even if this deleveraging is coming at the expense of corporate investment, I thought Keynesians virtually ignored investment or "I" in their calculations  (you remember, don't you, from macro: C+I+G+X-M?).  In fact, if I remember right, "I" is treated as an exogenous variable in the famous multiplier "proof".

Money is cheaper now than it has been in living memory: the markets are telling corporate America that they are more than willing to fund investments at unbelievably low rates. And yet the CEOs are saying no. That’s a serious threat to the economic well-being of the United States: it’s companies are refusing to invest for the future, even when the markets are begging them to.

This is the real howler -- that "markets" are sending a low-interest signal.  Markets are doing nothing of the sort.  The Federal Government, via the Fed, is sending this signal with near-zero overnight borrowing rates and $30-$40 billion a month in money printing that is used to buy up government debt from the market.  If any signal is being sent at all, it is that the Federal Government is main economic priority is continuing to prop up the balance sheet and profitability of major US banks.

Investment is also not solely driven by the price of funds.  There must be opportunities where businesses see returns that justify the spending.  Unlike the Federal government, which is A-OK blowing billions on companies like Solyndra, businesses don't invest for the sake of spending, they invest for returns.  A soft economy combined with enormous government driven uncertainties (e.g. what will be our costs to comply with Obamacare) are more likely to affect investment levels than changes in interest rates.

 Instead, the CEOs come out and start criticizing the Federal government for stepping in and filling the gap. If it wasn’t for the Federal deficit, the debt-to-GDP chart would be declining even more precipitously, and the economy would be a disaster. Deleveraging is a painful process, and the Federal government is — rightly — easing that pain right now. And this is the gratitude it gets in return!

This is where economic thinking has ended up in 2012:  To Salmon, it does not matter where the Federal government spends this money, so long as it is spent.  He never even tries to justify that the government is running up debt in a good cause, because what it spends money on does not matter to him.  For him, the worst possible thing for the economy is for people to spend their money paying down debt.  Spend it on more drone strikes or more Solyndras or more squirrel research -- it does not matter to Salmon as long as the money is used for anything other than to pay down debt.

Here is the bottom line:  Businesses and individuals are trying to reduce their debt.  And many hard-working people think they are being successful at this.  But the joke is on them.  The government is running up trillions in debt in their name, thwarting American's desire to de-leverage.  Mr. Salmon wants us to thank the government for this.  Hah.

All-in-all, this is an awful argument to try to justify Congressional and Presidential fecklessness vis a vis  the budget.

You Are In the Best of Hands

Rampant theft at the TSA

A former Transportation Security Administration agent who spent three years in jail for stealing from passenger luggage told ABC News that the practice “was very commonplace.” Pythias Brown, who worked at Newark International Airport, said he stole more than $800,000 worth of goods from luggage and security checkpoints. He was finally caught when he tried to sell a stolen CNN camera on eBay but forgot to take off all the stickers that tied the camera to the news network.

"It became so easy, I got complacent," Brown said. Almost 400 TSA officers have been fired for stealing from passengers over the past decade.

My assumption is that if they caught 400 with enough evidence to survive civil service grievance procedures, at least 4000 must be stealing. It's like Goodfella's II.

Dictator of Their Immediate Area

I have argued before that police often behave as if they are legally dictator of their immediate area, and frequently assume they can issue orders, however asinine, to anyone in their visual range.  Of course this is legally not true (though I suppose it is legally true if you take into account that courts and the minimal accountability processes that exist for cops never punish them for such behavior).

Here is a great example.  The 2-minute TSA freeze drill, with the TSA yelling at people -- already through security -- within their visual range for moving.  I think they are ripping off Heinlein - was this in Starship Troopers?

Comments: Disqus Coming

Well, this has been a while in coming, but for a variety of reasons I am switching to Disqus comments on this site.  Essentially this means commenters will have to register, though I feel like the registration is pretty un-intrusive as Internet things go.  Active commenters in the blogosphere likely already have a Disqus account.   And there are some definite benefits in terms of comment ranking and such that I hope will offset any hassle.  I have been testing Disqus on Climate Skeptic, along with the security updates I have been slowly porting over here, and I am pretty happy with the result.

What this means is that for several days, comments will disappear here as Disqus imports them.   Though they they promise a day turnaround, on Climate Skeptic it took them nearly a week.  With all the comments on this site, it may take a while.  New comments will still work, but the old ones will go away, and then magically return a few days later.  Hopefully.

By the way, this is a mild illustration of what started the security lockdowns at the climate blog.  These are actually minor spikes compared to some in the past, and so far I have seen no similar patterns at any of the other blogs I run.  A number of folks active in the climate debate have been hacked of late.

Working on Security

I am working on site security, so if you get locked out for some reason, let me know by hitting the email here, or if you can't get in here, over at climate-skeptic.com.  I thought I had this process pretty well practiced as I did everything I wanted first at two other blogs, but this morning I managed to lock myself out of the site.  Oops.  So screw-ups are definitely possible.