About Me

My photo

Armchair theorist, poet, and occasional IT manager, Sascha B. is equipped with a Master's Degree in Middle Eastern Studies from the University of Texas, and is not afraid to use it. His work has been published by the University Press of America, Edwin Mellen Press, University of Texas Press, and a variety of small journals nationwide. He is also the proprietor and baker for 3141 Pie, of which you should eat many.

The Deal

I stopped blogging in 2013, when life overtook me. My father became ill and died shortly thereafter, and my mother was left with increasing dementia. I became the primary caregiver, and now orchestrate my mother's care and our family estate.

Now, I am coming up for air again.

Looking for the next book to read. All suggestions welcome.

My reading list is over here.







Saturday, June 18, 2011

In Passing

I am currently reading Francis Fukuyama's The Origins of Political Order, and while I continue to disagree with much of his philosophy, and grind my teeth when he contradicts himself with sweeping grandiose (and unfootnoted) ideological statements just pages after presenting strong evidence for its opposite....despite this, he is still brilliant, and every single person with libertarian leanings, or an overly fond love of Hayek, should take a moment and read chapter 17: The Origins of the Rule of Law.

And if, perchance, you have a more liberal take on political economy than libertarian, this book will challenge your preconceptions, and force you to think about the things you think you already know. Which is, of course, the definition of a good read.

#FreeMarketFail

We've given corporations the same rights as individuals, but we've allotted them none of the governance we demand for individuals. This creates the perverse incentives we see being abused int he so called free market today, even in mainstream areas where perverse incentives are not necessarily built into the nature of the market, as they are in health care.

If we find a rapist, we punish him. If we see someone working a a pimp or a trafficker, we throw them into jail.

In a lovely write up in the NY Times, we now have a view into a recent report on executive pay levels. It looks not at the absolute figures of absurd compensation, but at that compensation as a measure of a company's overall output. And frankly, if I were a shareholder reading this report, my first thought would be that these executives are raping the company, and acting as pimps who demand their "perks" and cut of profits, working their prostitutes into the grave.
The report, for instance, compared earnings per share with cash pay — just salary and bonus, if there is one. It identified 24 companies where cash compensation last year amounted to 2 percent or more of the company’s net income from continuing operations.

Topping this list is Allergan Inc., the health care concern whose top executives received, after taxes, an estimated $2.6 million in salaries last year. That amounted to 50 percent of what the company earned from continuing operations, the report said.
That's just one example of many.

I don't see a mad rush to change things coming from this report, however much I would wish it. I just think that the longer we allow dysfunction to rule our world, and rule the organizations to which we cede so much of our liberty and polity, we are going to see nothing but a faster and faster rush toward towering inequity, rampant greed, and a predilection to socially destructive forces becoming entrenched in our system of governance.

Tuesday, June 14, 2011

Uh-Mazing

Wow. I hadn't much followed the Citi security breach, but the NYT has an article detailing it, and Oh. My God. They were hacked with an exploit that I was protecting against back in 1999, a security hole so deep and wide and obvious that it is truly terrifying to think that in 2011 a major banking institution could be caught with its pants down on this.
In the Citi breach, the data thieves were able to penetrate the bank’s defenses by first logging on to the site reserved for its credit card customers.

Once inside, they leapfrogged between the accounts of different Citi customers by inserting various account numbers into a string of text located in the browser’s address bar. The hackers’ code systems automatically repeated this exercise tens of thousands of times — allowing them to capture the confidential private data.

The method is seemingly simple, but the fact that the thieves knew to focus on this particular vulnerability marks the Citigroup attack as especially ingenious, security experts said.

One security expert familiar with the investigation wondered how the hackers could have known to breach security by focusing on the vulnerability in the browser. “It would have been hard to prepare for this type of vulnerability,” he said.
First, these "security experts" should be sacked , tarred and feathered, and laughed out of the industry if the quotes are accurate and in context. This exploit was the antithesis of "ingenious" or "hard to prepare for"; a basic rule for any web developer --- let alone a banking ecommerce security expert --- is that you never expose unencrypted security information in the query string (those letters & numbers tacked on the website URL), and if you do, you do not use them as the primary security key. Use cookies and other unexposed keys to secure a unique session for a user.

There is no way for an institution to protect completely against dedicated hackers: any wall that can be built can also be cracked. But Citi here is guilty of the worst sort of sloppiness and disregard for its customers. It is at a level where one suspects either willfulness or utter stupidity, or both.