Slashdot Mirror

With the holidays coming up, Bennett Haselton has updated his geek-oriented gift guide for 2014. He says: Some of my favorite gifts to give are still the ones that were listed in several different previously written posts, while a few new cool gift ideas emerged in 2014. Here are all my current best recommendations, listed in one place. Read on for the list, or to share any suggestions of your own.

Most annual gift guides would only list new items. It would be considered a mortal sin of click-baiting to tell the reader, "Well, the coolest stuff we could tell you about, was stuff that we mentioned this time last year, so first and foremost we're just going to direct you to that."

Well, my job in writing a gift guide is not to dazzle people with "all new hottest gift item" recommendations, my job is to recommend the things that I think you would most enjoy giving and the recipient would most enjoy receiving, and the fact of the matter is that most of the gifts I would most highly recommend, were listed in different previously written articles. I'll provide that list in a second (with links back to the older articles describing them in more detail), but first some criteria for how I make the recommendations.

First, I'm assuming you want to go inexpensive. If you have unlimited cash, you don't need my help finding cool presents -- although for the record, the online store of New York's Museum of Modern Art has the best collection of things that incorporate "visual puns" that I really like, but which are usually overpriced for what the item does. (Check out this image of a set of nesting tables, for example -- which isn't even that much of a "neat idea", by their standards -- and try to guess how much they cost, before looking at the answer on the product page.) If you don't mind spending the money, they also sell a dandelion encased in acrylic ($375), a lamp in the shape of an open book ($190), a necklace of small rectangular mirrors creating an interesting 3D effect ($190), a porcelain vase that kind of looks like a crinkled paper bag ($120), a pair of candleholders that interlock without touching ($170), a serving tray that looks like the splash from a drop of water ($130), a clock that evokes an M.C. Escher "infinite staircase" optical illusion ($80), and a vase that exists in the shape of an outline ($65, which at this point sounds cheap). At the end of this gift guide I list some MoMA items that are somewhat more reasonably priced.

Second, I'm assuming you don't need help finding branded merchandise. I'm sure literally every combination of [Star Wars / LOTR / Game of Thrones / Star Trek / Hunger Games] and [coffee mug / beach towel / earrings / Christmas tree ornaments / shot glass / cufflinks] is available somewhere. It's not that these are bad gifts for the hardcore fan, it's that all you need to find them is to Google "Game of Thrones Christmas tree ornaments" and you'll find something. And occasionally you'll will find something in this "branded" category that jumps out as a pretty cool idea, like the TARDIS Tea Infuser or the Game of Thrones Dragonclaw Goblet or the light-up lightsaber chopsticks.

Third, I look mostly for novelty or decorative items that confound your senses or demonstrate some interesting scientific principle (or both), but that can still fit in to a semi-elegant environment without garishly calling attention to themselves. These color changing beads are kind of neat, but it would look weird having them lying around on top of a living room dresser along with a UV flashlight to demonstrate what they do. On the other hand, a Galileo thermometer can blend in pretty well the decorations on a mantlepiece.

The following are my current most-recommended gift ideas:

Custom Photomosaic

In this December 2013 post I described how to create a photomosaic (a patchwork of smaller pictures that, when viewed from a distance, take on the appearance of a larger picture) using two free (donation-supported) programs, one to download and save pictures en masse from a friend's Facebook profile, and the other to create the photomosaic using those photos. I still think they make amazing gifts, and the only cost is the cost of printing and framing it. You can even give the digital-only version as a gift that costs nothing at all, making a photomosaic from a friend's photos and sending it to them on the other side of the world, where they can print it themselves or use it as a desktop background. Everyone that I've given one of these to, has loved it.

Strandbeest kit

With this $35 kit, which I recommended as a Christmas gift last year, you can assemble a tabletop version of the legendary full-size Strandbeests, the eerily lifelike creatures created by Dutch artist Theo Jansen which walk across the beaches of Holland powered only by the wind. Assembly of the creature takes about 90 minutes, less if you make a family activity out of it and share the labor.

In the last year, a second model has been released, dubbed the "Rhinoceros Mini-Beest (technically, it was available a year ago, but the assembly instructions were only printed in Japanese; now it's available with English directions). I haven't assembled one of these myself yet, but it looks fine in the video.

There is also now a pre-assembled, motorized, remote-control version of the Strandbeest, although honestly, where's the fun in that? Part of the effect of the Strandbeest assembly kit is the feeling that you've breathed life into an inanimate object by putting it together from static parts. A remote-control toy that moves forwards and backwards on the ground is a little underwhelming when you can get an RC helicopter for the same price.

Levitron Revolution and Levitron Cherrywood

The Levitron Revolution ($70) consists of a circular magnetic disc that levitates about half an inch above an electrically powered square base, and can support up to a pound of weight on top of it while maintaining levitation. The Levitron Cherrywood ($35) consists of a top that has to be spun by hand, which levitates almost a full two inches above the cherrywood base containing an embedded magnet. As described in the first gift guide, the Levitron Cherrywood is more visually impressive because of the extra height of levitation, but the top almost always falls if you touch the top or move the base while the top is spinning. The Levitron Revolution only levitates the disc by half an inch, but you can embellish the appearance by placing other objects on top of it, like the pyrite crystal levitating in this video. (Also, the Levitron Revolution will continue levitating as long as power is supplied to it, making it a good decorative item; the Levitron Cherrywood has to be spun by hand and levitates for only about two minutes before air friction slows it down, so it works better as a toy or party activity.) Both of them take some practice to operate (the Levitron Cherrywood takes considerably more), but they're worth it.

Spare batteries for your friend's phone

I mentioned this in January 2013 as a life hack for smartphones and got pilloried for promoting what people called an "obvious" idea. But two years later, almost nobody that I know is carrying around fully charged extra batteries for their phones. It's easy, it works, and the spare batteries in my jacket pockets have gotten me out of a jam multiple times. If you know what type of phone your gift recipient uses, get them some extra batteries. (T-Mobile sent me extra batteries for my LG Optimus for free.)

The iPhone is the only phone I'm aware of that does not support this, because the battery is not meant to be removed or replaced by the user.

And yes, I know about the portable external battery products that can be used to charge a phone. These aren't as big or expensive as they used to be, but you still have to leave them plugged in to your phone while they're charging it, which is awkward if you're using your phone or carrying it in your pocket (compared to the 10 seconds it takes to swap out the battery).

Heat Wave car heater

This $40 device from Canadian company "Heat & Clean" sits on your dashboard and turns itself on at a pre-determined time, blowing hot air into the interior of the car for 20 minutes, all without starting the car. If all goes well, this means your car will be warm (or at least not as cold as it would have been) when you first get into it in the morning, and you don't have to wait several minutes for the air ventilation system to heat up. The Heat Wave is powered by the car's 12V charger, although Heat & Clean states that "has built-in circuitry to ensure that the health of the vehicle's battery is never compromised."

I can't vouch for the device's respect for your battery (the device unfortunately isn't sold on Amazon, which is usually where I go to find out if something does what it's supposed to), but I ordered one and verified that it works, then gave it to my aunt for her birthday. (If it kills her car, I will promptly make it up to her by taking it out of the gift guide.) Even though I tested the functionality, I didn't get the chance to see if the device actually helps much, because it's not cold enough yet here in Seattle to really feel the bite of the cold when you get into your car in the morning. (The other reason I personally won't get much benefit from this, is that I work from home and leave the house at a different time every day, so I never know in advance what time I'll be getting into my car the next morning.)

Most cars can be modified so they can be started remotely, so that they're warmed up by the time you go outside and get into them, but that modification usually costs a few hundred dollars. You might as well try the Heat Wave first to see if it does the job almost as well.

(To me, the obvious question is: Why not make a version of the Heat Wave that can be turned remotely, as well? For people like me who usually don't know the night before what time they'll be getting into their car the next day, but who often do know at least 20 minutes in advance, so they can turn it on remotely and start heating the car. The company does make a very different-looking product called the Heat Stick which can be activated remotely -- but at $300, that's more than it costs to add remote start to the actual car.)

It's Nuts 3D puzzle

Distributed by Grand Illusions in the UK, the It's Nuts 3D puzzle consists of a bolt and a pair of nuts threaded onto the bolt. As you can see in the video, when you rotate one nut, it moves in the direction that you'd expect, following the threading on the bolt -- but when you rotate the other nut the same way, it moves in the opposite direction. There are no hidden moving parts to make the illusion work, and you can unscrew both nuts right off of the bolt and examine them.

Having acquired one, I can say that the secret is a little bit easier to figure out when you're holding it in your hand and looking at it closely, than when you're watching the video. But it still makes a nice novelty conversation piece.

As a brain-tickler, this feels a bit overpriced at $40 - costing more than the aforementioned Levitron Cherrywood, which actually levitates. I bought It's Nuts mainly to fill out my collection off oddities since I already owned most of the other items in this list. Of course, unlike the Levitron, this takes no skill to operate (only a little bit of smarts to figure out the secret). I wouldn't foist the Levitron on my grandfather, but he would probably enjoy this one.

(Note that if you buy from the Grand Illusions website to ship to the United States, you'll pay the non-VAT rate -- but then you'll have to add about $14 in air mail shipping to the U.S. So you might want to combine this order with some other items from Grand Illusions -- search this article for "Grand Illusions" for the other recommended items, or browse their site and pick your own.)

Inverter Magnet

The Inverter Magnet, from Grand Illusions (also available from Amazon at a slightly higher price), consists of one disc magnet encased in rubber, which holds a second disc magnet in a permanent "force field" a few millimeters away when the two are slid across a table.

At $40, this might be more of a "collection filler-outer", since especially as a magnetic toy it compares unfavorably with the Levitron Cherrywood, which, to repeat, can actually fly. But again, the Inverter Magnet also takes no skill to operate.

Magna Nails

This nail polish (about $7 used on Amazon) forms a stripe pattern when you hold a magnet near your fingernail while the polish is trying. (There are many similar products on the market, searchable under "magnetic nail polish.") The appeal to young science geeks is that the iron filings in the nail polish align themselves along magnetic field lines in the vicinity of the magnet, forming the stripes.

I don't wear glittery nail polish (at least not as "Bennett Haselton"...), but I took one for the team to see if this works. It does. That's my thumb. (Apparently it looks better if you apply a "top coat" after the nail polish dries, but I didn't have any.) If you plan on testing it out before giving it as a gift, remember to pick up some nail polish remover to get it off.

A few things from MoMA that we can actually afford

• An appetizer serving dish complete with toothpick holder that looks like a porcupine ($28). This item probably has the highest price-to-cool-factor ratio of anything on this list, just barely within the limit of what I'd recommend, but it's elegant in addition to being funny, and the recipient would probably use it.
• A faux-wood cube clock ($38). This is interesting mostly for looking like a visual impossibility -- how can the digital numbers appear on the side of a block of wood, even fake wood? Unfortunately I think the photo is doctored, because this youtube video shows an undoctored shot of the cube clock, and you can easily see the un-illuminated LEDs on the side, which don't quite blend in with the wood. But it still makes for an elegant optical illusion.

Miscellaneous "Visual Puns"

• The ambiguous vase ($33) from Grand Illusions -- a real-life version of the Rubin vase optical illusion, where a vase suddenly takes on the appearance of two faces in profile.
• The glass water faucet ($50)
• The sliced grandfather clock ($36)
• Ulexite "television stones" ($10) - a rock that, when placed on a flat surface, will cause the markings on that surface to re-appear on the top face of the rock, due to the naturally occurring fiber optics in ulexite.

Of course, if you're now craving one of these items for yourself, order one and try it out before re-gifting, or set up an Amazon wish list in the last two weeks before Christmas. And remember to be good!

Thanks to TeamXbox for the news that the Times Square Toys R' Us is going to be hosting a Halo 2 Launch Party. The event is set to start at midnight on Tuesday, November 9th. The enormous store will be hosting special guests "and prizes will be awarded for gamers showing off their Halo 2 enthusiasm." To those of you about to dress up as Master Chief, I salute you.

Three days ago, a small group called Interhack was featured in an AP wire story about some curious data transmission they'd found. The company receiving the data, Coremetrics, tracks unique visitors through its clients' corporate websites, and promises those clients "seamless performance," because: "data tags load invisibly as small transparent gifs, and information is encrypted to appear invisible to your customer." The customer is you, the user. The GIFs are web bugs. The information can be personally identifying, which most of its clients' privacy policies fail to mention. But -- importantly -- the company promises that "Any data Coremetrics tracks and reports is owned solely by our customers and we are contractually precluded from reselling or using this data." Is that enough? Emmett and I talked both to Coremetrics and to the hackers who put the spotlight on them.

Emmett Interviews Interhack

Slashdot: For those uninitiated, what's interhack all about?

Basically, we're a firm of hackers interested in pushing technology forward through research, making computing apply to people by developing custom products and consulting for folks who want to put the technology to use, and helping people understand exactly what the ramifications of these systems are. That's a pretty broad way of saying that we're all about the Internet and making it work.

Slashdot: When did you start researching this story, and how long did it take to put the pieces together?

Sometime in May, someone sent us a tip about Coremetrics and what it's doing. We took a quick look over their web site to see their advertised services and then started to look at how the service is actually implemented on various client sites. We examined several sites, most of which very clearly stated in their privacy policies that they're using Coremetrics for site monitoring and provided links necessary for people who don't like it to opt out of the system. Most of the sites with clear, full disclosure policies weren't even sending Coremetrics personally-identifiable information like names and addresses.

The more interesting part of our find was in the sites that did send personal information to Coremetrics, particularly those that carried the TRUSTe privacy seal. Over the course of about three weeks, we performed an investigation of these sites, gathering as much information as possible from them. We reverse-engineered the system by reading the sites' code, reading through the obfuscation, and comparing logs of our network's activity with the activity that would be perceived by an end user.

What we found was a clear difference in user expectations and what was actually happening, as well as a clear difference between what Coremetrics says it offers and what its eLuminate service makes technically feasible. After writing drafts of our report and press release, we decided to take a wait-and-see approach to the release. Specifically, we wanted to ensure that sites that just started to use the Coremetrics service had adequate time to update their policies and to have an accurate idea of what was happening with the system after having been in production.

After waiting and watching for more than a month, we decided to release our findings. So, on Monday morning, we sent a pre-release copy of our report to Richard Smith and some folks at Zero Knowledge Systems. In addition, we contacted each of the firms named in our report and Coremetrics so that if the failure to disclose or the ability to profile people across web sites was unintentional, there would be time for some investigation and a decision about how to fix the problem. After the end of business Monday, we released our report.

Slashdot: What needs to change? In a perfect world, how do we deal with this?

This is a very interesting question. In my perfect world, detailed levels of profiling would not take place at all. There would be no such thing as persistent cookies. In general, I'm just not comfortable with the level of privacy that the industry as a whole has given up for the sake of a little convenience.

How big of a deal, really, is it to have to enter your password when you login to a web site? Don't forget that the reason why we have passwords in the first place is so that you'll have to do something at the beginning of the session to prove who you are.

Web browsers also need to be more intelligent. That is, they need to be able to identify things like dependencies on third parties so the user can know whether those images should be fetched or ignored. Right now, browsers -- for the most part at least -- just aren't very defensive. The model of parsing everything you're given worked fine in the Old Days for which some of us long so much but the fact of the matter is that you really can't blindly trust anyone on the Internet.

I'm not suggesting becoming a luddite. I'm suggesting that folks take a sort of "trust, but verify" approach a la Ronald Reagan. Right now, there's a lot of trust and almost no way to verify.

Slashdot: This all comes down to trust. How many policies are just there so people will shut up about personal information so they'll start buying stuff online?

I couldn't say. Policies are almost always written by lawyers. That probably speaks to the covering-one's-posterior-position value of privacy policies.

Slashdot: Since we can't trust written policies, what should people be doing before they start conducting business with these websites?

Verify everything. As I said earlier, though, we're severely lacking in tools that are accessible to most people that can help in that regard. I think Zero Knowledge Systems' Freedom network is a huge step in the right direction. Tools like Muffin (muffin.doit.org) also help, but it would be cooler for that kind of functionality to live right in the browser itself. There are opportunities for eager hackers on this front.

It's also important to stress that tools alone won't do it -- there is no silver bullet. People are going to have to have some understanding of what's happening in order to use these tools effectively.

Finally, where you see discrepancies, point them out. Most of the time, they're oversights. Look at how Lucy.com and Fusion.com dealt with this problem: they updated their sites. So although the problem shouldn't have happened in the first place, they did the right thing. Contrast that with Toys "R" Us, which issued a statement saying that what they're doing isn't a violation. And their privacy policy still doesn't say a word about Coremetrics. They still haven't said anything to address the issue of having information collected on children.

Companies that don't fix their problems don't take your privacy seriously, no matter how much lip service they pay. So don't go to their sites. Don't buy their stuff. Tell them why you're not buying their stuff. Tell their competitors why you shop where you do, lest the new places you shop get the bright idea to try to hide something.

Jamie Talks to Coremetrics

Here's the service Coremetrics provides to corporate websites:

Many companies demand accurate knowledge of how their sites are being used: what sections are popular, what paths visitors take through the site, where people click over from, and so on. It's like web log analysis but more specialized for large shopping sites.

Since these demands are very much the same, and the code to do the analysis is similar, outsourcing happens. From a CEO's viewpoint, Coremetrics fiddles with the website to do better-quality tracking than the company could do on its own, and then makes the resulting statistics available over SSL.

But from your viewpoint and mine, that "fiddling" results in cookie-carrying web bugs all over the sites we visit -- web bugs which usually send back to the Coremetrics servers a unique visitor tag, like any other cookie, but one that sometimes includes your name, email address or other personally identifying information.

Coremetrics promises that this information remains private. When DoubleClick collects data from <img> cookies across multiple websites, they do so with the stated intention of tracking you personally; this is part of their business plan.

According to Coremetrics, they do things very differently. Data is not cross-correlated between their client websites, they say, because their contracts with their clients prohibit this. In fact, their contract forbids them from doing much of anything with that data except statistical analysis.

I gave the Coremetrics PR person I talked to a chance to explain, using the example of their client Toys 'R' Us:

"Coremetrics is merely an agent that collects this data on behalf of an individual customer, for that individual's sole use only. We do not collect data, as was inferred very incorrectly by Interhack, across multiple unrelated websites, with any intention of selling it to third parties -- or even distribution to third parties. That's because we, as the agent, do not own that data, nor do we have any rights to that data. Toys 'R' Us, and Toys 'R' Us only, is the sole owner of that data. So legally, we cannot do any of the possibilities that Interhack had alluded to in their report."

But here's the interesting thing.

If I'm browsing my favorite website, Coremetrics is clearly a third party. They have a special contractual relationship to keep my data private, which we shouldn't ignore. But nevertheless -- a third party.

So why do some of their clients' privacy policies not mention this?

Toys 'R' Us is a good example. As Interhack made clear, they do send personal data to Coremetrics' servers. But their privacy policy reads, "We do not share any personally identifying data about our guests with anyone outside of Toysrus.com, its parent, affiliates, subsidiaries, operating companies and other related entities."

So is Coremetrics one of their affiliates or a related entity? I wouldn't think so, but I'm not a lawyer. One interesting thing is hidden in that privacy policy's HTML; after the closing </html> tag is the hidden message: "<!--CoreMetrics Information if enabled-->." Hmmmmmm.

Coremetrics lists twenty clients; I tried to contact seventeen of them for comment, with marginal success by press time. Three reported that they had not yet activated Coremetrics or had decided not to use the service at all. One (guru.com) reported not sending any personal information -- presumably, only tracking visitors with a non-identifying unique ID.

Two sites (lucy.com and fusion.com) began mentioning Coremetrics in their privacy policies on August 1, the day after the Interhack report. One site (thewest.com) did not even have a privacy policy until yesterday; they'd been working on it, and my email may have made it a priority because it was on their site three hours later.

According to Coremetrics, they encourages all their clients to disclose the use of their service in their privacy policy, and include a link for users to opt out. But some sites reported as using or planning to use Coremetrics' services have privacy policies that could use some clarification.

Altrec.com informs me that "...in the near future ... we plan to add to our privacy statement our use of Coremetrics and the fact that Coremetrics neither owns, distributes, nor has rights to the data it sorts on Altrec.com's behalf." However, their current privacy policy states very simply: "Altrec.com will never sell or give your e-mail address (or any other information about you) to anyone else without your permission. Period."

(Last-minute update -- just before press time, Altrec.com clarified that they are "sending unique ID (unique to Altrec.com) and city, state and zip. No other personally identifiable information is being sent to Coremetrics.")

Bravanta.com bounced me between different people until I got to leave voicemail that wasn't returned by press time. Their policy says they "do not and will not sell, trade or rent the personal information of our customers or gift recipients to any third parties."

(Update two hours later: Bravanta reports that they also have decided not to use Coremetrics' service, and are not currently using it.)

Mall.com didn't get back to me either, and their policy reads "We will NEVER release your name and personal information to a third party..."

Getplugged.com has a rather confusing privacy statement that begins, "Any personally identifiable information GetPlugged.com collects will be used solely for the purposes stated within this Privacy Statement" and wanders around from there. I'm not sure what to make of it, frankly.

All these polices may indeed be correct, if the sites are stingy with personal data. Like guru.com (and altrec.com), they may be using the Coremetrics service only with non-personal IDs. But, as with Toys 'R' Us, that may also not be the case.

(fusion.com, getplugged.com, and altrec.com also happen to be TRUSTe licensees, but TRUSTe wasn't able to comment by press time. In the AP wire story on Monday, they had harsh words but were speaking hypothetically; no comment since then.)

It's hard enough to read privacy policies already. Most of them are designed to protect companies legally, and mostly manage to confuse users. The distinction between Coremetrics as a third party; or affiliate; or agent, is a little too fine for the average consumer, and needs to be spelled out in each policy, as Coremetrics itself recommends.

But is all this a tempest in a teapot? If a signed contract forbids a company from misusing data, is that all we need to know?

I don't think so. In the first place, at the very least, companies like Toys 'R' Us need to disclose such things in their privacy policies. That's just common sense.

In fact, according to Coremetrics privacy advisor Dave Farber, they plan contractually to require such disclosure with future clients. (The company could not confirm or deny this at this time.)

More importantly, we as consumers are being asked to trust a third party whose reputation we know nothing about. In fact, 99% of us will never even have heard of them and might not understand what they do. We're told that a contract protects us, but we're still being asked to trust something we can't see. And when evidence of policy violations is turned up by a group of hackers, that erodes our trust.

After speaking at length with Coremetrics' PR, I get a general feeling of trust from them. (Of course that's a large part of their PR staff's job, earning reporters' trust.) More importantly, Dave Farber is well-respected, and his confidence carries weight -- with me at least.

Still, as Interhack says, our motto should be "trust but verify." That's why I proposed, to Coremetrics, that they publicly post, on their website, the paragraphs from their clients' contracts which assure that our private data remains private. If the actual legal words that protect our data are up there for us to see, we don't have to trust anyone.

When I mentioned this to Coremetrics' PR person, he promised to consider it; Dave Farber thought it was "a very good idea." It's unusual for corporations to make contracts public, even in part, but in this case it would do a great deal to put everyone's fears to rest.

The Associated Press said in this story that Toys R Us has been telling customers that they are unable to keep their promise that all orders placed by December 10th would be received by customers in time for Christmas. A report on ABCNews.com claims that this is a "universal" problem, not just with Toys R Us, but I didn't have any problem with the online merchants I used this year, none of which were Toys R Us. What about you? Did all the gifts you ordered online this year get there in time for Christmas?

Colin@sinisterfluid.com writes "The most-hyped line of movie-themed merchandise in history -- for the still unreleased ``Star Wars: Episode I -- The Phantom Menace'' -- finally went on sale just after midnight Sunday on a studio-imposed schedule,and fans and retailers weren't wasting a minute. Toys R Us stores around the country decided to open their doors at 12:01 a.m. Monday for an all-night selling marathon of toys based on the movie. Wal-Mart and K-mart called in extra staff for their 24-hour stores to handle the post-midnight crowds. Many stores planned to limit the number of items a customer could buy to prevent immediate sell-outs. Fans had been waiting for months to get a glimpse of the vast array of goods -- from action figures to wigs to body lotion to snack food -- tied to the movie, which opens May 19. But LucasFilm Ltd. had signed strict licensing deals that prevented manufacturers from releasing virtually any information about their products ahead of time. As a result, people had been speculating for months, especially on the Internet, about what the toys and other merchandise would be. To see the famed toys for yourself, surf to Toys 'R' Us or E-Toys "

NutBat writes "News.com has an article about Toys "R" Us threatening legal action against a guy named Gus Lopez who runs a site with the domain toysrgus.com for his Star Wars toy collection. It seems that he will be backing down." It appears that Gus' website did not sell anything despite the .com suffix, although I have not been able to confirm this. The letter sent to Gus is on his website, and is worth reading. Ajax.org and veronica.org were resolved due to public pressure. Perhaps this one will be too? Toys R US has a customer service page