Slashdot Mirror
Blu-ray Update Sent To User Via Credit Card Records
wmoyes writes "Back in September I ran into a Best Buy store to buy a Samsung BD-P2550 Blu-ray player. I didn't give the clerk my name, telephone number, or address, just my debit card. The player has sat happily in my living room without ever being networked or registered. Today I was shocked to find a package waiting for me at home from Best Buy — inside was a firmware update CD for the player. I used to think Windows Update was scary, but Samsung's update service tracked me to my house using the mag stripe from my bank card. Has this happened to any other Blu-ray owners?" Or is there a simpler explanation?
First, the facts: The Chase policy, which is similar to those of many other credit card companies, states: "You may tell us not to share information about you with non-financial companies outside of our family of companies. Even if you do tell us not to share, we may do so as required or permitted by law..."
According to the Wikipedia article, the credit card number, expiration date, and PIN verification info. I've seen tweekers do it with stolen cards. Magstripe readers are available for 50 bucks online.
The midget in the back seat of the Lincoln crawls in your basement window at night, and takes inventory of your firmware revisions on all your hardware.
He then runs to the forest to find out what updates you might need.
Don't talk to him, it sounds like he's talking backwards.
I'm really curious as to whether or not this would be legal..
You're nothing; like me.
BTW, you need to replace that printer cartridge in the computer room on the first floor, and we have photographs of your youngest daughter going to school. Have a nice day, we'll be in touch.
This is why I use federal reserve notes for everything I can. I bought my Wii with federal reserve notes. I bought my PS3 with federal reserve notes.
--
End The Fed
Did you purchase the Best Buy Extended Warranty? if so perhaps they tracked you through that...
That is great news
if someone ever use your credit card number,
YOU receive the driver upgrade.
then you know something wrong happened
The world belongs to those who get up early. - I'm far from being the king of Earth then
You have been owned.
Have you EVER used that debit card at the same store and provided your address or phone number? If you've ever done that then they have that information readily available.
The blueray player used the nearest WiFi access point (it can hack into secured ones). It sent its GPS position, which was cross referenced to your address at the server. It has also been sending information about all the discs you have put in it, whether you played them or not. You haven't put any pirate stuff in there, have you?
In addition, on the HDMI back channel it has been gathering information about what you watch on TV, and reporting that as well. The company sells this information to Nielson.
And you wondered why that player was so expensive.
This is not unusual. I have benefited from several class action suits where they have somehow tracked me down years after the fact, which is particularly impressive because as a student/young professional/grad student, I moved almost every year.
What probably happens is they give the debit card number (which is unique and remains unique long after you cancel/close the account) to a credit reporting agency (e.g. Equifax), and the credit agency has a record of your most recent address, which they got when you changed your address at your bank or any of your other credit cards.
The 'update' DVD came from Best Buy, not the manufacturer- of course Best Buy has access to your home address, via your credit card. Samsung probably just shipped a bunch of discs to Best Buy, asking them to mail them out to owners of the player. No big conspiracy or identity theft going on, so relax.
And there's nothing scary with Windows update. Just look and see how almost any other OS out there, Linuzz distros inclusive, are now using the same kind of service.
It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
It's time to throw out that milk in your fridge.
Quidquid Latine dictum sit, altum videtur (anything said in Latin sounds important)
When you cashed out, you gave Best Buy your phone number, too. Every Best Buy cashier asks for it when they start your transaction. With a phone number, and/or a credit card number, anyone could find you.
Armaments, 2-9-21 And Saint Attila raised the hand grenade up on high, saying, 'O Lord, bless this Thy hand grenade' N
If you have signed up with best buy's reward zone program and have used that credit card at least once with your reward zone card, they will know it is you...even if you didn't flash your reward zone card during the purchase of your blu ray player. Likewise, if you sent a rebate to best buy (although not necessarily to a 3rd party) using that credit card, its likely they will know it is you. Similar things happened with people who bought HD DVD players at best buy...when HD DVD was killed off, best buy decided to send folks $50 gift cards as a 'sorry things didn't work out with HD DVD' gesture...they mostly fed off info they already had from reward zone, rebates, or extended warranties to send the cards out.
Best Buy is a pro at MDM, and have been for a few years now. They have a record of everyone's purchases and actions at Best Buy who hasn't paid for a purchase in cash. Even those cash purchases are tracked if the person uses a rewards zone card. They know which credit cards you have used at each location, they know if you are a sucker for warranties, and they know if you have a tendency to bring stuff back after a few weeks. They digest every piece of identifiable information that you have so they can target you, the consumer, in a more profitable manner.
Once people get used to this, what keeps naughty people from sending out legitimate looking upgrade disks that scramble your player or install software that lets them use your network connected player as a spam server? Urgh, basically virus laden spam for snail mail.
I Am My Own Worst Enemy
You purchase an item on Credit you're entering into an agreement to pay for something they are going to want to know your billing address so that they can verify payment. If you're that concerned about your privacy you need to not enter into such agreements and pay for everything with cash (which protects both sides). As a side note isn't this potentially a good thing that they sent you an update? You can decide not to use it if you fear its updating drm as opposed to improving the product.
I wonder if this is a violation of the very strict Payment Card Industry policies.
Is ALWAYS PAY CASH!
Come on, most of these people on /. don't even know what a condom is much less actually use one. :-)
AMEX, Mastercard and Visa are more than happy to give the merchants your data - fees vary, if any. And there's nothing preventing Best Buy from sending Samsung a list of everyone who bought the product for any reason. Don't like it? Pay with cash.
A similar thing happened to me. I bought a blu-ray player, then one day I came home and found my house ransacked and my blu-ray player was gone. I'm still waiting for Samsung to send my blu-ray player back with the updates. I don't have any problems with these companies being vigilant about their update services. I just really wish they wouldn't spraypaint swastikas on my furniture.
I have nothing compelling to say
Check you card for any bill BB wants $30 to do this.
http://consumerist.com/5122504/watch-out-for-firmware-shenanigans-at-best-buy
I purchased the p1500 about 3 months ago (piece of crap) and returned it 24 hours later (it was incapable of playing the iron man bluray). I upgraded to the ps3 and haven't had a problem since. LIke the original poster I didn't give them a name or anything other than paying with my debit card (which apparently is tantamount to giving them your name address date of birth, ss#, eye color, height, weight and sexual orientation), about a month after i returned it, i received a letter in the mail from samsung asking me to complete an online questionnaire about my experience with the p1500. Not the same as the OP, but samsung still knew where i lived even though i gave my debit info to best buy. So who's to blame here, samsung or best buy?
Steve Wozniak (the other founder of Apple) used to keep a special book of US$2.00 bills that he had made from bills that hadn't been cut. He then had them perforated so that he could tear them out like checks for payment.
You can read the full story in his words here: http://woz.org/letters/general/78.html
For a birthday present last year, my parents renewed my Sirius subscription. This year, after the merger, they sent a notice in the credit card statement for my parents that they were consolidating payments for all the radios I have into one payment. I am not sure of the exact wording, but that is close enough. So it is not just Best Buy the credit card companies are helping out.
I would have preferred an email, as Sirius has my email address, and they also have my physical address so they could send me the attenuators for the FM transmitter in their radios. I see no reason for them to have put this in a credit card statement.
Why, without your clothes, you're naked, Miss Dudley!
A few years ago there was an interesting device being sold that acted as an email dumb terminal. The device was sold sans any real license but the expectation by the vendor was that you would sign up for their service since otherwise the hardware was "useless". Except that folks figured out how to hack it and turn it into a remote terminal for various OS. I was interested....
I trotted down to my local Circuit City only to find that many others were also interested and that they were sold out. No worries, they let me go ahead and buy one and would let me know when stock arrived so that I could pick it up.
Meanwhile the company figured out what was going on and began trying to stop efforts to repurpose their hardware - unsuccessfully. I got a letter in the mail from the company a few weeks after I had made my purchase at CircuitCity. The letter was informing me that they had decided to change the license terms on their hardware - after my purchase, that signing up for their service was "mandatory", and that if I did not do so within X number of days or receiving my device they would CHARGE MY CREDIT CARD.
Now, I had never contacted this company, I had no intentions of ever dealing with them or of buying their service, and I had not shared my contact information with them. CircuitCity however HAD shared my name and home address with them and if the letter was to be believed was also willing to share my credit card account information to facilitate a charge! I trotted back down to the CircuitCity, canceled my order, and demanded an explanation - naturally they had NO clue.
I was beyond angry to say the least and fired off a letter to CircuitCity HQ. Their response was that no way did they share my CC information with this 3rd party but they said nothing about having shared my HOME ADDRESS! I let them know that I would never shop in their stores again and have told this story more times than I can count - it's been YEARS and I have held true to my promise not to give them a cent. Seeing them go under warms my heart - the jerks. The sad thing is that I nearly made this purchase with cash, I wish I had!
As a side note, the CircuitCity I went into was one I'd never visited as it was closer to work and not my home. When I gave them my phone number they had my complete address on file! Turns out that my girlfriend's daughter had shopped there about 3 years prior and made a single purchase. They STILL had our address on file tied to that phone number when I made my purchase. So yeah, these companies do cough up data and they also hold onto it a REALLY long time - thank you TJMax!
Build it, Drive it, Improve it! Hybridz.org
I dine out at a local eatery and they give change in 50c and $2 bills as appropriate based on your order. I tend to re-use the bills at other local places, and usually get some combination of NOOP and Cool! I've never had any issues, but also don't tend to hand them to someone who may die due to drooling on themselves.
What are these Federal Reserve Notes you are talking about?
Where do I get them & can I pay for these Federal Reserve Notes
using my Credit Card?
When I worked in retail sales in the early nineties, Computer printers were making good enough images to encourage some idiots to try passing home-made bills as real. One easy way to distinguish the fakes was by rubbing a piece of white paper over the "bill", then checking the paper for ink transfer. Treasury ink never fully dries, and even old funky bills will transfer a little green smudge to the white paper. Brand new bills, like the Twos that we stocked in the slot between the Ones and Fives, would make a major smear if you tried that, even though most of them we had were printed in 1976. I learned how fun it was to baffle the ignorant with the unfamiliar money, and usually get $100 or so in Twos when I get cash from my bank. I think they are especially useful for tipping service providers, it seems to help them remember me favorably on subsequent interactions.
The cost of that cleanup, of course, will be borne by taxpayers, not industry.
And to think that people used to be worried about personal information being gleaned about them through their IP address when they were surfing porn.
Numerous companies either breach the policies or work around them.
Tthere was a big flap last year when the parent company of Winners and Home Sense was found to have been capturing all their customer's credit card numbers, which are supposed to be passed directly the the banks' clearing house without ever being seen by the retailer. See http://www.cbc.ca/money/story/2007/01/18/winnersbreach.html
Yes, they got stolen (;-))
--dave
davecb@spamcop.net
Look, it's very simple. You probably did something at some time that associated your name and address with a purchase. Perhaps not this purchase, but with some purchase in the past.
Have you thought of simply asking Best Buy how they knew who to send the update to?
Proverbs 21:19
So I shouldn't have installed the firmware fix for my 1998 Toshiba DVD player as recommended in 1998 by Toshiba? (to fix a skipping issue)
Gosh those ebil corporations, trying to make their product work.
People say the road to hell is paved with good intentions. Why? Is there any shortage of bad ones?
I've received product recall notices for items I bought with my credit card. Another example: I returned an item to Target recently - they scanned the item, handed me the receipt, and said "XXX dollars is now refunded to your card, have a nice day!" So they know from the bar code who bought that item, and they retained the credit card information associated with it.
Since they have all the card info, maybe those mail in rebates can be deposited automatically when they receive it. Hah!
Shameless plug alert: Game server control panel
It amuses me when people use a credit card and assume their identity will remain a secret from everyone and anyone involved in the transaction. In my mind, it's akin to people complaining about the lack of privacy on Facebook. If you want privacy, don't use it. If keeping your identity secret is _that_ important to you, pay for things with cash.
It's nice that Best Buy decided to provide this as a service to its customers. The concern, though, is that if they use a credit card for anything other than obtaining money, then in all likelihood they've still got that card number lying around somewhere. That means that any hacker with a grudge against Best Buy (!) has the ability to get my perhaps improperly secured card number and have a field day.
As far as I'm concerned, it's a matter of risk vs. reward.
This is an obvious Twin Peaks reference, which is apt, considering how surprising it is to see a manufacturer mine our sales receipts for information.
A retail outlet must obtain consent from you to give your personal information to a third party, and no clear consent was given in this case.
This is a job for that quirky Special Agent Dale Cooper, who possibly moonlights for the EFF.
The dangers of knowledge trigger emotional distress in human beings.
Know a DBA that wrote the software Target uses to keep track of every single purchase made by people using credit / debit cards. This database does not get emptied, they will always know everything you bought, it can even report your buying habits for toothpaste to try to predict how often you visit the store...
An I.T. motto in the hands of an idiot is a dangerous thing...
There is no privacy. Get over it.
This.
How many people here work in some company that has an indexed collection of names and addresses, even SSN#s? You're trusted with that information, but the information is available to so many hands that there's no way it's private.
This includes your Credit Card number, though I'm thinking, they just pulled up your billing address or obtained it from the bank.
You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.
I once (and only once) bought an expensive Hermes tie at a shop in a Las Vegas casino's mall, paying with a credit card. I never gave them my address, so it had to come from my credit card info. Ever since, I've been getting Hermes catalogs in the mail. They're expensive things too, zillion-color offset printings on expensive paper, stencil cuts, etc. By now, whatever profit they made on that one tie has long vanished in the costs of producing and sending me that catalog.
That wasn't what I said (meant). It was the fact that the morphing DRM used by these products requires one to keep installing updates, and to my mind that is unacceptable. Also, the problem at hand is the fact that the vendor/seller shipped an unsolicited update to the purchaser of the blu-ray device. I prefer to keep control over the devices I own. That includes the ability to decide whether or not I need some firmware update, but I greatly object to the vendor REQUIRING that I install something I have not requested. If I purchase/register a car and the manufacturer issues a recall notice, it is still MY decision whether or not I get the work done. If I don't, I can still (probably) continue to use my car. In the case of blu-ray, I cannot continue to use the device, at least with newer content. I suppose you would accept it that a change in the formulation of the gas you purchased required an update to the engine of your car?
Sometimes, real fast is almost as good as real-time.
Clearly you need help...but as long as you keep cranking out creepy, funny posts like this one, I'm certainly not going to give it to you.
Just once I'd like someone to call me 'Sir' without adding 'You're making a scene.'
It's pretty easy for the merchant, BestBuy whoever, to get your name and address from it.
Thanks for helping me justify to myself why paying the post office $52/yr for the privilege of not having my mail delivered is still a worthwhile expense.....
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
+1 Funny to the submitter who paid with a debit card and then whines about losing his privacy.
When you use a debit card, your using Visa or MasterCard's good name and network to check with your bank to see if your account has the appropriate funds for the transaction.
If your bank account does have enough funds, Visa/MasterCard requests the transaction amount to be placed on hold on your account until such a time as when the funds can be actually transferred from your bank account to the merchant's account with a credit card merchant office (e.g. Nova). This transfer can happen instantly during business hours or can hold as pending until the next available business day if done during off hours or weekends.
You sign/confirm to an agreement that the funds will still be there when the transaction electronically resolves itself. If you don't have the funds, Visa/Mastercard can come rape you. If the merchant sold you damaged goods and will not issue you a refund, you can use Visa/Mastercard's thugs to force their hand. If you didn't make the purchase (identity theft), your bank can use Visa/Mastercard's thugs to track things down, issue you a provincial credit, and other fun things.
Anytime you pay for something electronically, your info will be made known to the merchant and Visa/Mastercard. How do you think Visa has that promo for debit cards allowing you to be the big mystery winner just for using your debit card to make purchases?
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
I had a digg.com account from about 4 years ago registered to one of my email addresses. I have since moved on to another email address. For some reason my account was banned (I didn't follow the leftist groupthink on digg? I seriously did nothing wrong). Then 3 days ago I get an email at my current address telling me someone became a fan of me.
So how did they get my new email, and know it's me? I hated digg anyways (it and reddit are far too polluted now to bother wish), this is even worse. They somehow got my new address, and updated my old account's email to it. Can I sue? I don't want companies doing things like that.
I purchased something from the Apple store (brick-and-mortar, not online), and after the guy swiped my credit card, he asked if I wanted the receipt emailed to me. I said "sure, do you need my email address", and he said "no, we have it". And sure enough they did, because I got the receipt in my email. I assume they have the information from my iTunes account.
It wasn't Best Buy it was the Blu-Ray Player itself.
You see each one has a GPS tracking unit installed in it. When they are plugged into the wall they broadcast the GPS coordinates of the player and the make and model of the Blu Ray player to top secret CIA satellites in space which then bean it down to FBI headquarters in Arlington, VA. The Coordinates are then cross referenced against the United States Postal Service Database, where they can determine your address. After obtaining your address, they can also get your name from the USPS database. They then do a credit check through experian and this information is sent to the MPAA. They then inform the manufacturer if they find a player that is hackable and sue them to send you a firmware update disc.
Get the tinfoil, and hide your daughters.
Tsukasa: All I really want, is to be left alone...
Am I the only one that sees the word "Debit" and not "credit". These are two different cards. A debit card is very different from a credit card.
Stay tuned for new sig...
I did one better. The next time I went there I used pay-at-the-pump and filled my car in $0.50 increments. It didn't cost me anything extra and I'm sure it screwed them over in credit card fees ;) That was a really amusing credit card statement to look at too.......
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
IT IS YOURS to do with as you please. Imagine that, a firmware updating utility (nudge nudge). No worries about licensing, copyright, or patent.
Lucky bastard.`
Oh, I'm sure they know what it is, its an old technology. The question is, how often the /. user base would ever have the occasion to do so...
.ria eht ni cisum syawla s'ereht dna ,gnos ytterp a gnis sdrib eht .kcab dneb smra ym semitemos tub ,reh wonk i ekil leef i
Join the Free Software Foundation
yesterday i got a message that tmobile pushed a performance update onto my @home linksys router. i was thinking about trying to reverse it and discover how i can push my own firmware onto others @home linksys routers..but then i figured i'll just let the cat out of the bag and let someone else do it......
I have a merchant credit card account for V,MC,D, you know the telephone swipe box that sits on the store counter.
It's pretty easy for the merchant, BestBuy whoever, to get your name and address from it.
And this is one of the reasons I always use cash. I do have a debit card, but it'll only get used in an emergency. Even then I'll probably claim I don't know the PIN so that I can sign instead.
Samsung asked BestBuy to pass on the update to whoever purchased the SKU. It's a tremendous courtesy, actually.
Well, yes you could see it as a courtesy, but it won't be. A business never ever does anything unless it thinks it will be benefitting from the action. This includes charitable contributions - the cost there will be seen as buying good will, or some other BS.
There was probably some kind of contractual obligation to send out these disks, but why the keenness to make sure the user's players were up to date? I can't imagine that Bestbuy or Samsung want to add features to the players, as if the players are lacking the user might buy a new one instead. I am guessing that the update is DRM updates... something like the ability for the player to identify copied disks, or maybe blacklisted keys or something.
There is no privacy. Get over it.
Well, there are various laws in various countries that try and give people rights to privacy, but like all rights they have to be continually defended. It doesn't help that penises like you make statements like that.... you might not care about your privacy and are willing to give it away, but when you do that you are often giving away others' privacy too.
Car analogies break down.
"XXX dollars is now refunded to your card, have a nice day!"
Those are done based on Transaction ID's, not your card number.
Maybe it was some kind of phishing thing? Yeah, I know how that sounds, but from what you said even if digg did update their system, you were banned anyway so why would you get a mail? Why would they update their dbase if you were banned?
So the scammers try to phish some digg accounts. The people that do fall for that phishing attempt are then sent a real phising attempt - one for the person's online bank details.
Car analogies break down.
Does anyone still use cash?
Normally I ascribe all life to intelligent design, but in your case I'll make an exception.
Funny story, however unless this was back in the 80's, your card would've been disabled for the suspicious transaction pattern.
Read the original article folks - it was a debit card, not a credit card.
Best Buy has a loyalty program. I forget the name of it, but they often stick flyers for it in my bags when I buy junk there. If you have their loyalty card, there you go.
Get off my launchpad!
A while ago I had gone to San Francisco for a conference. While I was there, I had stopped in to The Container Store and made a small purchase with a debit card.
Fast forward roughly a year and a half (and living in another state), I get a notice of a class action lawsuit against The Container Store for violation of some California consumer data protection statute.
I was pretty shocked that they were able to track me down like that. I didn't even have the account for that card anymore.
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
I was at BB and had bought an item with my debit card and did not give the clerk any info other than my card. A week later I needed to return the item, but had lost the receipt. I went into BB and by using just my phone number, the clerk was able to find the transaction and reprint the receipt for the purchase. I have bought ESP/EPP plans in the past with that card so that's how they got my phone number, but it just shows that they are actively collecting every purchase you make even if you don't give them any personal info other than your CC number.
I've stopped shopping at stores that use my credit card as a way to get me on their mailing list. On vacation, we bought some chocolates at Harry & David. When we got back, there was a catalog from them in our mail with my name (not "Resident") in the address.
I'm not saying you're wrong but you do realize it is far more likely that they got your name and address from a local mailing list vendor than from your credit card? Especially around the holidays. There are countless services available that can target promotional mailings for a fee. There are all sorts of public sources for this information including housing records. (seriously - buy a house and you will get spammed with more refinancing offers than you can imagine)
I get Harry & David catalogs too (no I don't want them), with my name on them and I've never purchased anything from H&D. They also will send you catalogs if someone else buys you a gift from H&D.
That's not to say they don't use credit card into. I never give a zip code, phone number or any other info when checking out because it can be cross referenced. I nearly called the cops on the guys at Jiffy Lube once because they drained the oil in my car and then insisted they needed my address to put oil back in. They do have a legal right to ask and can refuse service if I don't provide the information but then I have a legal right to shop elsewhere as well.
I used to work for a moderately sized ski resort in Vermont, when I was in high school back in the 80's. This was back when credit card impressions were made on multi-part carbon paper receipts. Customer got one copy, merchant got another.
At the end of the day on a busy weekend, there would be thousands of credit card swipes, and the receipts locked in a vault in the offices. Part of my job was doing data entry at night during downtime. I'd check out a box of credit card receipts and enter the last name (from the signature) and the phone number (written by the customer on the slip) into a terminal. That was sent to a company in Ohio in batches of 50-60 thousand names. They matched name with phone number and sent back full addresses for our marketing department.
In 1989.
So, it's not at all surprising that they were able to piece this info together, and like others have pointed out, it's very possible they're matching your info to past purchases, returns or warranty information.
It's not that hard to do - credit card companies make big money selling lists of customers. they probably got it from your card issuer.
your card would've been disabled for the suspicious transaction pattern.
*shrug*, worked just fine. And did pay-at-the-pump even exist in the 80s?
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
Most, if not all retailers maintain a database of products purchased with a credit card and even zip code. The CD was sent using the same information they already use often enough to inform purchasers about recalls and defective product. You are making this way more then it is.
Your credit card itself has several "Tracks" of data on the magnetic stripe. Your name is part of that data. It's more then likely the flow od data went:
1) PRODUCT HAS UPDATE\DEFECT THAT NEEDS TO BE COMMUNICATED
2) QUERY PRODUCT IN DATABASE JOIN WITH LIST OF CREDIT CARDS USED TO PURCHASE SAID ITEMS
3) GET FROM CREDIT CARD INFO USER NAME JOIN WITH CUSTOMER INFO WHERE NAMES MATCH
4) PRINT LABELS FOR THOSE ADDRESSES BUNDLE WITH CD
5) SHIP UPDATE DISC TO CARD HOLDER'S LAST REPORTED ADDRESS
6) TELL MANUFACTURE YOU DID DUE DILLIGENCE TO CONTACT CUSTOMERS THAT PURCHASED SAID PRODUCT
Seriously this stuff happens all the time, nothing evil, nothing with the credit card company leaking unauthorized info. You authorize the merchant to read your data tracks on the card every time you hand it to them. You address, zip code, and phone number are not protected data last I checked.
Relax folks, nothing new here since 1950s, big brother isn't involved on this, just a standard cross-reference query in a database matching product to credit card used to purchase said product.
-=[ Who Is John Galt? ]=-
And how much time did you spend filling up your car? Your time is valuable, too.
Tubal-Cain smokes the white owl.
See subject.
There is no privacy. Get over it. No matter how much the Planned Parenthood robots babble about the "Right to Privacy" whenever abortion is discussed. I know where my customers live.
Big talk from somebody posting as AC.
The thing is, if it's going to be that way, we need a way to find out where you live.
I was one of the 15-20 people who bought the XBOX360 HD-DVD add-on a couple years back. Last spring I received an envelope from Best Buy that contained a $50 Best Buy gift card and a letter. The letter noted HD-DVD's demise and that Best Buy's records showed that I purchased an HD-DVD player from them. I'm a member of Best Buy's customer loyalty program ("Best Buy Rewards") and figured that was how they found me. I can't say that I much cared how they found me, as I was happy to have the Best Buy cash that I didn't ask for.
Not true. There is a separate debit/ATM network. When they ask you "debit or credit", they're asking which network you want them to run the card on. If it's "sponsored" by Visa or Mastercard, you can run it as credit, you'll sign the receipt (or touchscreen gizmo) and it'll take a few days to take the money out. (They'll authorize it immediately, which puts a hold on the amount, though.) If you run it as debit, you'll enter your PIN, and the amount will be immediately removed from your account. This works with all debit cards, not just Visa/Mastercard ones.
(source)
ttuttle is a rankmaniac
Or, you know, bugfixes. And, contrary to popular belief, many vendors do in fact release updates to add additional features. Yes, it's for selfish reasons -- making your customers happy means they're likely to recommend you and buy your products again in the future.
People who don't realize that companies often do customer service to make their customers happy often seem to assume, as you appear to have done, that corporations' inherent selfishness automatically means they'll never do anything good.
This is true, but also exactly how it should work. Businesses do a lot of very good things because the management believes that it's the best way to keep their company in business and profitable. Taking good care of the customer -- even at fairly high cost -- is a good long-term strategy for growth.
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
When I worked in retail sales in the early nineties, Computer printers were making good enough images to encourage some idiots to try passing home-made bills as real.
Seems to be the majority of counterfeiting nowadays:
http://www.schneier.com/blog/archives/2009/01/trends_in_count.html
So, if you can update the firmware using a CD rather than sending back to the vendor, does that mean you can load whatever firmware you like using the same method, providing you can crack the keys signing the update?
What happens if you try to purchase a new Blu-Ray player at Best Buy with cash?
It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
Why is it worthwhile? They or who they sell customer lists to (if they do) can still send you junk to your P.O. box.
Are you expecting people from Best Buy to come to your house and rough you up?
One thing I noticed while traveling to the US is the different meaning of a debit card. Up here in Canada, a debit card is a bank card used for Interac transactions. This does not exist widely in the United States. We also have credit cards, which are issued by Visa/Mastercard/etc. Down in the states, a debit card is a credit card.
"So they know from the bar code who bought that item,"
no they don't. Ever item of that type has the same damn barcode. Learn how barcodes are used.
You missed something.
Did they scan the receipt of the item? the could [print a different barcode per receipt, or have a barcode number the is assigned to you in there db they print on the receipt.
Your one of those people that thinks the price of an item is embedded in the printed barcode, aren't you?
The Kruger Dunning explains most post on
Holy crap! You know which ones of your customers have had abortions!?
/privacy is a sliding scale
I don't understand. I have a PO box, too, but the post office delivers my mail to mine. Is it different for you?
Make their pictures look washed out and junky.
Boycotting Sony is just the start. Then the economic sabotage starts.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Your time is valuable, too.
I think of it as an entertainment expense ;)
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
but why the keenness to make sure the user's players were up to date? ... I am guessing that the update is DRM updates
While I agree with you that it is most likely what you said, you did not mention the possibility that it is just plain old bug fixes for serious problems in the firmware that would cause the user to be unhappy with their purchase. Hey, it's possible.
~ I am logged on, therefore I am.
Who has friends at VISA? I suspect that Best Buy is in dire need of a PCI Compliance audit.
See that "Preview" button?
There was probably some kind of contractual obligation to send out these disks, but why the keenness to make sure the user's players were up to date? I can't imagine that Bestbuy or Samsung want to add features to the players, as if the players are lacking the user might buy a new one instead. I am guessing that the update is DRM updates... something like the ability for the player to identify copied disks, or maybe blacklisted keys or something.
My guess is that players without the latest firmware will be unable to play the latest discs. At which point the customers will start returning those players to Best Buy. Cheaper for them to mail out a disc than to have a customer tie up some employees time with diagnosing the problem and updating the firmware (even at the wages BB pay).
[tinfoil-hat]
I suspect things don't operate that efficiently unless someone has a stronger than usual motivation to get the update out. A serious hole in the DRM code seems like it might do it...
[/tinfoil-hat]
So long as the gas station had other transactions between his, it probably would go through. As someone who's run a register and credit card machine on a regular basis, I'm familiar with this situation. Usually only back to back, identical transactions are blocked; alternating cards or varying the transaction amount, even by $.01, will prevent this.
That he was able to do this is good news, given the rise of parking meters that accept credit, in my city. Otherwise, the repeated, evenly spaced $1.50 charges made at the same meter would cause massive issues.
Legalize recreational marijuana. Seriously.
Most credit card companies charge a percentage on the transaction value, in the range of about 1% to 4%. You probably didn't cost them any extra and just pissed off any motorists waiting in the queue to use your pump.
Just goes to show you that you should have used a stolen credit card,
Proudly Butchering code for 20 years
today that during heart surgery they implanted a shunt with a RFID tag, explains the black helicopters.
Si vis pacem, para bellum! For evil to succeed good men need only do nothing!
I am guessing that the update is DRM updates... something like the ability for the player to identify copied disks, or maybe blacklisted keys or something.
Precisely; the manufacturer does not generate revenue by paying $$$ to push out unsolicited features on a product that is already bought and paid for. The 'update' probably has more to do with Certificate Revocation Lists, a requirement of every HDCP-capable technology including Blu-Ray players. Quoth Wikipedia, "If a particular set of keys is compromised, the keys' corresponding KSV is put into a revocation list, which is written on newly-produced discs, examples of such discs include DVD and Blu-ray."
Caveat Emptor is not a business model.
We've known that a shopper has no privacy for a while now, retail chains, credit card companies etc are watching your every move through any distinguishing information they can possibly find, discount cards, rewards cards, credit cards and even debit cards, this surprises nobody that is not living under a rock. The difference is that here, the companies in question sent this guy a firmware update disc. The upshot of this is not only does he get to upgrade his firmware on his Blueray without any additional effort, but things like this serve to remind shoppers that they are not anonymous unless they are extremely careful, which is a damn good lesson.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
Yea but good will extends to having products which work.
:)
The Korean corporation produces a nanny state like system, but things tend to work. I'm not surprised this came from Samsung, I've had very good experiences with their products and intend to buy more.
An interesting Example of Samsung thinking is this video which was circulating a few months ago. Apparently it's a volunteer (read mandatory) part of being an employee at this place.
The scary thing is that they managed to produce coordinated engineers
If the story as told is true, this blows my mind. Not to wave the 'in MY country' flag too much, but in Canada this is horrendously illegal.
Federal privacy legislation states that a company that collects information
1) must only require information necessary for the business at hand;
2) may not deny service just because you refuse to provide specific information that is not required;
3) must disclose the reasons they need to collect your information; and
4) must never, without your consent, share or disclose your information other than for the purposes for which it was collected.
So if the bank gave his address info to Best Buy or if Best Buy had it already and gave it to Samsung, then this is a pretty clear-cut breach of privacy.
I must be missing something here, because I don't understand the OP's concern. When you handed the clerk your debit card, a record was created of the transaction. That's part of how a store like BB protects itself from fraud. You may have chosen not to give the store any extra information for their personal records, but there's no reason to think BB wouldn't automatically log your information off the debit card. At some point, Samsung asked Best Buy to send out an update. Here's what I'm really not getting. It's been a generally known fact for decades that using a credit card is a sure-fire way to give federal law enforcement a paper trail to follow. If you want to disappear (or at least maximize your chances of disappearing), you pay cash. I'm assuming the OP is aware of this...are you upset because a corporation essentially did what federal/state/local authorities could also conceivably do?
Only one issue... Credit cards usually need a real address when you enroll.
Have a nice day!
So what is the going rate for a zombie?
"I assumed blithely that there were no elves out there in the darkness"
Just because Best Buy doesn't have your info from you today, doesn't mean they never acquired it before. Saving your credit card data to do marketing research and for these types of things "For your convenience" is simple if you've entered your info into a database at some point or another... Further, it doesn't need to be Best Buy themselves who collected it, just someone from a larger parent company. 5-10 years ago before you were security conscious is probably when they got the info from you, and now you can't get it off their records.
As someone who wrote some of the early pattern identification software for detecting fraudulent charges, I think I'm substantially more familiar than someone who swipes cards.
What you do on your end doesn't matter. Back to back, ten transactions in between, it all doesn't matter. Its the pattern of activity on that single account that does.
A hundred authorizations from even a hundred DIFFERENT terminals in that short of a timespan would disable that account.
I was replying more to the spam part than the naughty people part. Given the many makes and models, going for a brute force attack would probably be best using demos for fake programs like Antivirus 2008 or, well, AOL-esque free trial discs. CDs, envelopes, printing, and postage would add up quickly.
For directing attention at one person, you'd need a good surveilance setup to find what stuff they have or a fake burglery or access to credit card records or garbage hopping for recipes.... It all just seems a bit much.