canspice.org

I love companies that are nearly completely clueless about doing business online. You’d think that since it’s been done for so long they wouldn’t get things wrong, but they do. Oh they do.

Take the Hawaii Tribune-Herald as an example. If you go to their website you may notice that you can subscribe online. Kudos to them for offering it, it saved me from having to talk to a person when I subscribe. They email you a receipt to confirm that the subscription was filed, and that’s all good.

What isn’t good is that your credit card number is right there in the email for anybody to see. Everything, all sixteen digits, the expiry date, the name on the card. Given that email is sent without any sort of encryption, it means that anybody who has access to the email can get the number. And given that email can be sent from any number of computers before reaching you, you have to trust that every server that it’s passed through is secure and there isn’t anybody watching.

One of the standard edicts of Internet commerce is “never send personal information over email.” It’s a shame that the Trib couldn’t get this one blazingly easy thing right. It’s not that hard to X out all but the last four digits, just like nearly every other company on the face of the planet does.

So I emailed the webmaster for the Trib, and he replied with:

When you subscribed you were using our secure server and the data is totally encrypted on our end to us. Nothing is stored in a database, we complete whatever transaction you selected and then your information is deleted.

Our parent company that assists us with secure online transactions and content management is subject to security audits although I am not sure the last time one was completed.

On the form you filled out, one of the options that you had was to be contacted for payment options. We have this for people who are not comfortable with conducting commerce electronically. I can assure you that your information was/is not in jeopardy of being “stolen” through our system.

Of course he missed the point entirely. I suggested X’ing out the credit card number, to which he replied, “Oh, that sounds like a good idea.” Gah.

Then there’s JCPenney. Alice and I needed new curtains, so we ordered some online from them. Everything went well, and of course the ordering process had a box saying something like “can we use your email address to bombard you with useless sale deals and other rot that just ends up getting deleted anyhow?”, to which I answered no. Then amazingly I received an email from them saying I wouldn’t receive email from them. I quote, “This is being sent to confirm that b.cavanagh@jach.hawaii.edu will not receive Email from jcpenney.com.” In an email sent to b.cavanagh@jach.hawaii.edu from shopper@jcpenney.com. Brilliant!

And of course I’ve since received three emails from them about online-only sales.

It’s simple, really. Open up a Terminal, type “sudo mv /usr /usr2″, and enter your password. Congratulations, you’ve now got a lump of unuseable hardware with an Apple logo on it.

How, you may ask, do I know this? Because Friday afternoon while waiting for various data reduction benchmarks to complete at UKIRT I did exactly that. It seemed like a good idea at the time. Honestly.

Okay, I was at the summit and apparently not enough oxygen was getting to my brain. Everybody’s got to do something stupid like this every once in a while.

And how do you fix it? Re-install OS X, of course. Archive and Install works wonders, because I only had to run Software Update and re-install the X11 SDK to get things back to normal.

According to This is London (and here we go, all my UK readers are going to say that that website is shite and never prints anything true… Maybe I should get Douglas to vet any posts I make that even tangentially mention the UK), Star Wars Episode 3 is going to open the 2005 Cannes Film Festival this coming May.

Here I thought that Cannes was supposed to be a higher-quality film festival, showing independent films, artistic films, non-Hollywood films, whereas any of the Star Wars movies hold none of those qualifications. Except maybe Empire Strikes Back. I mean, who didn’t cry a little inside when Han was frozen in carbonite? That’s art, man.

Looking at the Cannes archives I see that the actual award winners don’t really come from Hollywood, it’s that a number of big Hollywood films get screened at Cannes (SW: Episode 2 was screened in 2002, for example) but aren’t eligible for awards. Then again it’s usually the big films and the big names that get the big press, so those are the ones that stick in your memory instead of which film won Palme d’Or in 2002 (alright, it was the relatively famous The Pianist, directed by Roman Polanski, which was a hell of a better movie than Ep2).

I’m probably off-base with my little rant, but still. Come on, Star Wars opening Cannes? Christ.

Over on wondergeeks.net they list the six most recent comments made on aggregated websites. It’s how I keep up-to-date with websites I’ve commented on, instead of subscribing to comment feeds. It’s easy to do because there are really only a handful of blogs I comment on, and they’re all on wondergeeks (except very occasionally for Paul and Alasdair). New comments are easy to see at a glance, so I don’t have to engage my brain in order to figure out what’s going on.

Now various people on wondergeeks (Geof and John, in particular) have written a few posts about their spam-fighting efforts. I didn’t pay much attention because I hadn’t received any comment spam up until a few weeks ago when Alice saw six or seven of my entries had been spammed. That night I went and installed Spam Karma to take care of things, as Geof seemed to have had success with it. Within a week I got five or six comment spam attempts blocked, and all was good.

Then I ignored it, as I seemed to be spam-free. I had configured Spam Karma to mail me a digest whenever ten spam comments came along, but I never received any emails. Over the next couple of weeks I got a few emails saying legitimate comments were posted, but nothing about spam-fighting efforts. I saw that Heather and Andy were getting attacked nearly every day, and John had a few trickle through his defenses, but I wasn’t getting anything.

I was feeling left out. Maybe I’m not important enough to spam.

Then I decided to check the actual Spam Karma logs and bingo, there they were! Spam! Lots of spam! As of right now Spam Karma has deleted 183 spam comments. I guess I am important enough after all, and I guess Spam Karma can’t email me for whatever reason.

Minor bug aside, Spam Karma kicks ass.

On the 15th day of every month, Alice and I donate some money to a charity. It could be local, it could be national, it could be international. This month we’re donating to the Rainbow Friends Animal Sanctuary.

Rainbow Friends is located on the slopes of Mauna Loa in Kurtistown, Hawaii. Opening sometime around October 2001, they take cats and dogs (and other animals, like mongooses and guinea pigs!) and care for them until they can be adopted. They’re one of the few no-kill shelters on the Big Island, and they’re the ones that took the stray kitten Alice and I found over at the Waikoloa Village a year or so ago.

We are donating to Rainbow Friends because, like most animal shelters, they do a good job of taking in stray animals and caring for them. They’re no-kill and they spay and neuter every animal that comes through, helping to reduce the stray animal population. Their expenses are quite high and they rely on volunteers and donations to help keep operating. They’re a registered 501(c)3 tax-exempt organisation and as such any donations are tax-deductible. To donate, visit this page.

Just a side note, you’ll probably get the feeling from visiting their website that they’re kind of nuts, what with the “oh the Big Island is full of energy and here’s a funny contraption someone made to tap into the thinness between dimensions” and all that, but they do good work with animals, so don’t let the kookiness sway you if you’re in the mood to make a donation. =)