For those of you modding me as redundant, please note that I posted my copy of page 3 exactly 1 minute before the copy that is currently rated +5 was posted.
All of these signs were promoting the products of one corporation, but they were being constructed and posted by regular people in my community, trying to make a buck.
I knew deep inside that the people I was really after were the people that run the Herbalife Corporation itself. They had, through their actions or inaction, created a chain of events that created a rag-tag marketing steamroller. This "Work from Home" steamroller continuously plasters my town with cheap promotional signs.
My solution in the past had been to tear down the signs, but I began to realize that wasn't a solution at all. I needed to do something else. I didn't know how to proceed.
My mind was a like a blender for two days, whirring with guerrilla tactics and diplomatic approaches. Could I stop an entire corporation? Would they slap a big lawsuit on me? Did they make big donations to local politicians? Does anyone else care about this enough to join me? What if I just made new signs that said "herbalife" with an arrow pointing to the other signs, could I get other people involved?
There are laws against these signs in West Sacramento (link) and in the City of Sacramento (link), but the Herbalife Corporation can't exactly be held responsible for what their "independent distributors" do, can they? They seem to be shielded by a layer of independence and artful camouflage. I could feel myself losing steam. I didn't know how to focus my energy, and it was all getting wasted tracking down Herbalife websites. The incredible maze of the whole operation astounded me. The Herbalife name was so hidden, it was ridiculous!
At some point, I remembered that old commercial from 1971 with the crying Indian. I looked him up on Google and found, not only his photo, but a quick-time copy of the commercial! (link) This was just the kind of motivation I needed.
Here is the text of the Crying Indian commercial from Keep America Beautiful.
This was exactly what I needed to hear. People had been fighting big-business pollution for years, and that was what I was going to do. The first step is to link Herbalife with these signs in the minds of as many people as possible. My best connection to people is my website, so if you could please send this web address to a friend, I would appreciate it.... particularly if that friend runs CNN.com.
Of course, most big-time community leaders that might be able to steer Herbalife into a change don't spend much time surfing the web, so I am also working on a letter-writing campaign to raise awareness.
I organized the 65 or so sign photos I had taken so far and arranged them onto a single sheet. I added some text, "on telephone poles, mailboxes and newsstands, they litter the landscape. Can you believe they are all from one company?". I asked my sister to help me compose a letter to mayor Fargo and the next day I sent off my first envelope of anti-marketing material. I would also like to discourage new potential Herbalife customers from getting involved with this company.
From what I have learned so far, it is very, very difficult to profit as an Herbalife distributor.
Re:I think both of you are wrong
on
Lineo near Death
·
· Score: 2
go to Mexico.
That is what I have been saying! Have you been reading my posts?
Other countries that seem to have better Coke, at least according to my taste buds: Brazil, Taiwan, France.
I would guess that in most places cane sugar is less expensive than in the US. The price in the US is artificially high due to import restrictions meant to protect the corn market and the inefficient cane growers in Florida (who happen to be big polluters). I would guess that Hawaii benefits as well.
The US is trying hard to import more and more HFS (high fructose syrup) into Mexico. Mexico is responding by putting a 20% tax on all soft drinks that have HFS instead of cane sugar. This has been reported in the USA as a tax on ALL softdrinks, which is simply misinformation meant to serve US interested. I also think that the Coke in the USA doesn't want people to realize that a switch was pulled on them. Most of the Coke in Mexico is HFS-free still.
Re:I think both of you are wrong
on
Lineo near Death
·
· Score: 2
So I admit that the articles indicating a gradual change are correct. Still, have you taste tested corn syrup coke v. cane sugar coke? Can you detect a difference?
I am waiting for sugar beet coke. mmmmmmm..... beety!
Re:I think both of you are wrong
on
Lineo near Death
·
· Score: 1
It is shipped from the factory. You can order it on the internet at www.dublindrpepper.com. I bothered to link to it in the parent post. Also, you can get it in glass bottles, which is even better than the can. Finally, I purchase it at the local fancy-pants market, where it goes for $1.50 for a 12 oz bottle. That is, I used to purchase it.
You seem to be right! I have been brainwashed! However, the switch appears to have happened gradually (a few % a year) and it seems that it was only completed just as New Coke came out.
Many people fail to understand exactly what it was that Coke pulled off with "New Coke". It seems to me that everyone thinks that the reason was to build marketshare (after the re-introduction of "Coke Classic" it plus "New Coke" had greater market share than Coke had before) or to simply draw attention to the brand.
I suggest a more sinister motive! The three months or so during which there was only "New Coke" allowed Coke to substitute the cane sugar previously used to sweeten Coke with corn syrup. By having a three month "pause" in the consumption of real Coke no direct head to head taste tests of pre-New Coke Coke v. Coke Classic were made. People have an almost religious devotion to Coke. The "New Coke" scandal proved this. However, the scandal was a clever distraction from what was really happening. If you buy a Coke from Mexico and compare it to a USA one you can conduct the test that they never wanted done yourself.
You will find that the Coke from Mexico has a sweet, slightly fruity flavor, compared to the starchy taste of USA Coke Classic. Everyone I have every had do a blind taste test has prefered the Mexican Coke.
So why switch? $$$$$$$$$$$ of course! Corn syrup is cheaper in the USA than cane sugar.
Most other soft drinks in the USA switched as well. You can still order REAL Dr. Pepper from Dublin Dr. Pepper and taste a real soft drink. I have sadly stopped drinking most soft drinks since I noticed that each day at 2 pm I had to have a Dr. Pepper to continue programming. I couldn't think at all. So after a headache-inducing Double Big Gulp in January I stopped cold turkey. The first week was pretty rough, but now I can actually think without resorting to chemical stimulus.
What is the point of this rambling? It is that while people react in a certain way because of "New Coke" they are having EXACTLY THE REACTION THAT THE COCA-COLA CORP WANTS! What they don't want is for you to discover that Coca-Cola Classic is not what you were drinking before "New Coke". Deviously brilliant. And we thought they were soooo stupid at the time.
Of course if you were in IBM Research, as the authors are, you might have been familiar with The
Clever Project prior to Google. It is explained very nicely here.
I am not saying that the authors might not have been inspired by Google, but I am saying that Google isn't the only possible source of their inspiration.
Why would a real CS deparment have a Novell class? This is university level CS right, not some Network Admin cert?
I can just imagine, "That operating systems class is cake, but my NetWare class is killing me."
From my experience, REAL CS programs will accept anything that compiles with gcc once you get beyound the CS 100 intro classes. That is, if the assignments are meant to be written in C or C++. I doubt that doing my ML assignments in C would have gone over very well with Prof. Ullman.
I guess that none of you noticed that I AM JOHN HARRISON, making a joke in the parent post about the story being about JOHN HARRISON. Or maybe you did see it and didn't think it was funny. Either way you are idiots. I bet you are so proud of yourselves, keeping/. joke free.
WHY does there have to be a smartcard for a sattelite reciever in the first place?
I agree, a smart card seems like it is only there because it is easy to replace. This would enable the companies to mail out new cards periodically and have cutomers install them with very little hassle. If you want the entire device to last longer than say, five years you would need to either have something more secure than a smart card or be able to replace the card at will. But there are disadavantages to using a smart card in this system. I believe that the iButton is probably not much better and nearly as hackable. You probably disagree, but you didn't address that point. If there is large corporation that would like to hack the iButton simple to destroy a competitor's product as was the case here then I can't imagine it holding. Again, you are free to correct me, and I admit that you know a lot more about iButtons than I do.
/. user swillden and I have been discussing whether there is any good solution to this problem. I won't post all our thoughts here. One component of a more secure system would be a crypto unit that actively monitors its own state. It would be interesting to know how much this would cost. The IBM 4758 costs about $2,000, so it is not an option, but you wouldn't need all that functionality. Also, economies of scale would kick in so you could make a simplified device for not that much money.
The real question is how much money are the satellite TV companies REALLY losing (as opposed to perceived loss) and how much would a more secure system be worth to them?
You could play roulette all day and never miss with that kind of luck!
Re:iButonsare more secure than a smartcard.
on
Cracking the Smartcards
·
· Score: 3, Interesting
Dear Lumpy,
I agree with you that the form factor of an iButton gives it the potential to be more secure than a smart card, even if both use basically the same technology for the chip itself. In fact I would even say that the this is an ideal application for the form factor of the iButton.
I will warn you though, that having iButtons placed in satellite TV decoders might be the worst thing that could ever happen to a good product.
As has been pointed out many times here, the problem with these encrypted TV schemes is that they seem to depend on all the cards having the same key. Please correct me if I am wrong. In a well designed smart card system all the cards have card unique keys, which means that if you go through the time and expense of cracking one card then you have one card cracked. This makes it so nobody even wants to crack a card because there is a limited amount of harm that you can do with one cracked card.
Since encrypted TV requires all the cards to have the same keys, cracking one card means that the entire system is cracked. You can pump out as many cards as you like. This means that there is actually incentive to crack the card, since you can do exactly what the culprits here did.
What is the point of all this? You can bet that if an iButton were used instead of a smart card that eventually a single iButton would be cracked. Even if it takes millions of dollars to crack a single one, it would be done. Then the iButton would be in the same boat as smart cards are in here on/. and in other circles, which is that everybody thinks they aren't secure because of the encrypted TV problem. What they don't realize is that the encrypted TV problem in inherently insecure using current protcols. It wouldn't be the fault of the iButton any more than the current situation is the fault of the smart card industry. It is simply that the problem is hard.
Maybe they could make a "Super iButton" that could be larger, have its own internal power source and a nifty mesh like the IBM 4758. They would become more expensive and you'd have to toss them when the battery runs out, but that might work better.
What is really amazing is that due to the karma cap I actually lost karma on that exchange. Not that I shouldn't have lost karma due to bad posts. Since neither has dropped below the level they were posted at (+2) it seems strange that I should lose karma. I don't care, but it does show how abitrary both moderation and the karma cap are.
The remainder what is left over after an integer division operation.
If you had stuck with the word "answer" you would have been fine. But you had to try to look smart and look where that got you! Modded up as funny, while making a simple mistake yourself!
If I were clever, I would leave a clever comment here.
That's in current figures, right? How much will that amount of processing time/power cost in say 20 years?
Your point is a good one. I addressed it in another post attached to this article. To sum it up: The cards have to expire after some amount of time and new cards are issued.
Just to point out, I said when someone gets their hands on the card readers . Granted, the reader is just an interface and the real work is done by the computer behind it. But for smart cards to be practical, there has to be a portable appliance-type device that does all the work. Something you can mount in a police car.
This post explains why "the reader" as you call it is not an easy target. The smart card is communicating with another secure device. Actually, Slashdot user swillden has made a number of good posts in this thread and I suggest you reader them as well.
Your link to the story on the IBM 4758 just proves that you don't have experience with what you are posting about. As for the "RSA is cracked" story, without discussing the merits of that story, most smart card security schemes are based on 3DES right now. If you have found a way to crack that please, submit your winning entry to distributed.net, ok?
If the cards were read-only, I would be less concerned
All computer security is a cat and mouse game, not just smart cards. If you can sell computer security based on read-only devices (which aren't able to securely authenticate themselves) then you should go into business for yourself. You could start by selling signed barcodes as the security of the future. If you are right, you'll make heaps of money. You can post to/. and let us all know about it. I for one won't be buying stock in your company.
I am sorry if I sound annoyed, but your parent comment has been sitting at +3 Insightful all day and it is simply wrong. Since I can no longer moderate I thought that I should at least point it out.
Slashdot Mirror
For those of you modding me as redundant, please note that I posted my copy of page 3 exactly 1 minute before the copy that is currently rated +5 was posted.
All of these signs were promoting the products of one corporation, but they were being constructed and posted by regular people in my community, trying to make a buck.
I knew deep inside that the people I was really after were the people that run the Herbalife Corporation itself. They had, through their actions or inaction, created a chain of events that created a rag-tag marketing steamroller. This "Work from Home" steamroller continuously plasters my town with cheap promotional signs.
My solution in the past had been to tear down the signs, but I began to realize that wasn't a solution at all. I needed to do something else.
I didn't know how to proceed.
My mind was a like a blender for two days, whirring with guerrilla tactics and diplomatic approaches. Could I stop an entire corporation? Would they slap a big lawsuit on me? Did they make big donations to local politicians? Does anyone else care about this enough to join me? What if I just made new signs that said "herbalife" with an arrow pointing to the other signs, could I get other people involved?
There are laws against these signs in West Sacramento (link) and in the City of Sacramento (link), but the Herbalife Corporation can't exactly be held responsible for what their "independent distributors" do, can they? They seem to be shielded by a layer of independence and artful camouflage.
I could feel myself losing steam. I didn't know how to focus my energy, and it was all getting wasted tracking down Herbalife websites. The incredible maze of the whole operation astounded me. The Herbalife name was so hidden, it was ridiculous!
At some point, I remembered that old commercial from 1971 with the crying Indian. I looked him up on Google and found, not only his photo, but a quick-time copy of the commercial! (link) This was just the kind of motivation I needed.
Here is the text of the Crying Indian commercial from Keep America Beautiful.
This was exactly what I needed to hear. People had been fighting big-business pollution for years, and that was what I was going to do.
The first step is to link Herbalife with these signs in the minds of as many people as possible. My best connection to people is my website, so if you could please send this web address to a friend, I would appreciate it.... particularly if that friend runs CNN.com.
Of course, most big-time community leaders that might be able to steer Herbalife into a change don't spend much time surfing the web, so I am also working on a letter-writing campaign to raise awareness.
I organized the 65 or so sign photos I had taken so far and arranged them onto a single sheet. I added some text, "on telephone poles, mailboxes and newsstands, they litter the landscape. Can you believe they are all from one company?". I asked my sister to help me compose a letter to mayor Fargo and the next day I sent off my first envelope of anti-marketing material.
I would also like to discourage new potential Herbalife customers from getting involved with this company.
From what I have learned so far, it is very, very difficult to profit as an Herbalife distributor.
I think that what is obvious is that you were trolled by Hemos. Good job editors!
That is what I have been saying! Have you been reading my posts?
Other countries that seem to have better Coke, at least according to my taste buds: Brazil, Taiwan, France.
I would guess that in most places cane sugar is less expensive than in the US. The price in the US is artificially high due to import restrictions meant to protect the corn market and the inefficient cane growers in Florida (who happen to be big polluters). I would guess that Hawaii benefits as well.
The US is trying hard to import more and more HFS (high fructose syrup) into Mexico. Mexico is responding by putting a 20% tax on all soft drinks that have HFS instead of cane sugar. This has been reported in the USA as a tax on ALL softdrinks, which is simply misinformation meant to serve US interested. I also think that the Coke in the USA doesn't want people to realize that a switch was pulled on them. Most of the Coke in Mexico is HFS-free still.
I am waiting for sugar beet coke. mmmmmmm..... beety!
Thanks for the pointer
It is shipped from the factory. You can order it on the internet at www.dublindrpepper.com. I bothered to link to it in the parent post. Also, you can get it in glass bottles, which is even better than the can. Finally, I purchase it at the local fancy-pants market, where it goes for $1.50 for a 12 oz bottle. That is, I used to purchase it.
You seem to be right! I have been brainwashed! However, the switch appears to have happened gradually (a few % a year) and it seems that it was only completed just as New Coke came out.
Dublin Dr. Pepper is bottled in Dublin, Texas, and you can order it online from their webpage, which I just linked to, again!
I suggest a more sinister motive! The three months or so during which there was only "New Coke" allowed Coke to substitute the cane sugar previously used to sweeten Coke with corn syrup. By having a three month "pause" in the consumption of real Coke no direct head to head taste tests of pre-New Coke Coke v. Coke Classic were made. People have an almost religious devotion to Coke. The "New Coke" scandal proved this. However, the scandal was a clever distraction from what was really happening. If you buy a Coke from Mexico and compare it to a USA one you can conduct the test that they never wanted done yourself.
You will find that the Coke from Mexico has a sweet, slightly fruity flavor, compared to the starchy taste of USA Coke Classic. Everyone I have every had do a blind taste test has prefered the Mexican Coke.
So why switch? $$$$$$$$$$$ of course! Corn syrup is cheaper in the USA than cane sugar.
Most other soft drinks in the USA switched as well. You can still order REAL Dr. Pepper from Dublin Dr. Pepper and taste a real soft drink. I have sadly stopped drinking most soft drinks since I noticed that each day at 2 pm I had to have a Dr. Pepper to continue programming. I couldn't think at all. So after a headache-inducing Double Big Gulp in January I stopped cold turkey. The first week was pretty rough, but now I can actually think without resorting to chemical stimulus.
What is the point of this rambling? It is that while people react in a certain way because of "New Coke" they are having EXACTLY THE REACTION THAT THE COCA-COLA CORP WANTS! What they don't want is for you to discover that Coca-Cola Classic is not what you were drinking before "New Coke". Deviously brilliant. And we thought they were soooo stupid at the time.
Just to make the conspiracy complete, I am from IBM as well.
Of course if you were in IBM Research, as the authors are, you might have been familiar with The Clever Project prior to Google. It is explained very nicely here.
I am not saying that the authors might not have been inspired by Google, but I am saying that Google isn't the only possible source of their inspiration.
I can just imagine, "That operating systems class is cake, but my NetWare class is killing me."
From my experience, REAL CS programs will accept anything that compiles with gcc once you get beyound the CS 100 intro classes. That is, if the assignments are meant to be written in C or C++. I doubt that doing my ML assignments in C would have gone over very well with Prof. Ullman.
Feel free to mod as you see fit.
I agree, a smart card seems like it is only there because it is easy to replace. This would enable the companies to mail out new cards periodically and have cutomers install them with very little hassle. If you want the entire device to last longer than say, five years you would need to either have something more secure than a smart card or be able to replace the card at will. But there are disadavantages to using a smart card in this system. I believe that the iButton is probably not much better and nearly as hackable. You probably disagree, but you didn't address that point. If there is large corporation that would like to hack the iButton simple to destroy a competitor's product as was the case here then I can't imagine it holding. Again, you are free to correct me, and I admit that you know a lot more about iButtons than I do.
The real question is how much money are the satellite TV companies REALLY losing (as opposed to perceived loss) and how much would a more secure system be worth to them?
Just wondering. I want to know if I have lived in a hall that has been visited by such an auspicious guest.
You could play roulette all day and never miss with that kind of luck!
Dear Lumpy,
/. and in other circles, which is that everybody thinks they aren't secure because of the encrypted TV problem. What they don't realize is that the encrypted TV problem in inherently insecure using current protcols. It wouldn't be the fault of the iButton any more than the current situation is the fault of the smart card industry. It is simply that the problem is hard.
I agree with you that the form factor of an iButton gives it the potential to be more secure than a smart card, even if both use basically the same technology for the chip itself. In fact I would even say that the this is an ideal application for the form factor of the iButton.
I will warn you though, that having iButtons placed in satellite TV decoders might be the worst thing that could ever happen to a good product.
As has been pointed out many times here, the problem with these encrypted TV schemes is that they seem to depend on all the cards having the same key. Please correct me if I am wrong. In a well designed smart card system all the cards have card unique keys, which means that if you go through the time and expense of cracking one card then you have one card cracked. This makes it so nobody even wants to crack a card because there is a limited amount of harm that you can do with one cracked card.
Since encrypted TV requires all the cards to have the same keys, cracking one card means that the entire system is cracked. You can pump out as many cards as you like. This means that there is actually incentive to crack the card, since you can do exactly what the culprits here did.
What is the point of all this? You can bet that if an iButton were used instead of a smart card that eventually a single iButton would be cracked. Even if it takes millions of dollars to crack a single one, it would be done. Then the iButton would be in the same boat as smart cards are in here on
Maybe they could make a "Super iButton" that could be larger, have its own internal power source and a nifty mesh like the IBM 4758. They would become more expensive and you'd have to toss them when the battery runs out, but that might work better.
Let me know what you think.
What is really amazing is that due to the karma cap I actually lost karma on that exchange. Not that I shouldn't have lost karma due to bad posts. Since neither has dropped below the level they were posted at (+2) it seems strange that I should lose karma. I don't care, but it does show how abitrary both moderation and the karma cap are.
I have already paid for my sin, don't make it worse by modding my up.
I hereby retract my mean comment.
If you had stuck with the word "answer" you would have been fine. But you had to try to look smart and look where that got you! Modded up as funny, while making a simple mistake yourself!
If I were clever, I would leave a clever comment here.
Your point is a good one. I addressed it in another post attached to this article. To sum it up: The cards have to expire after some amount of time and new cards are issued.
Just to point out, I said when someone gets their hands on the card readers . Granted, the reader is just an interface and the real work is done by the computer behind it. But for smart cards to be practical, there has to be a portable appliance-type device that does all the work. Something you can mount in a police car.
This post explains why "the reader" as you call it is not an easy target. The smart card is communicating with another secure device. Actually, Slashdot user swillden has made a number of good posts in this thread and I suggest you reader them as well.
Your link to the story on the IBM 4758 just proves that you don't have experience with what you are posting about. As for the "RSA is cracked" story, without discussing the merits of that story, most smart card security schemes are based on 3DES right now. If you have found a way to crack that please, submit your winning entry to distributed.net, ok?
If the cards were read-only, I would be less concerned
All computer security is a cat and mouse game, not just smart cards. If you can sell computer security based on read-only devices (which aren't able to securely authenticate themselves) then you should go into business for yourself. You could start by selling signed barcodes as the security of the future. If you are right, you'll make heaps of money. You can post to /. and let us all know about it. I for one won't be buying stock in your company.
I am sorry if I sound annoyed, but your parent comment has been sitting at +3 Insightful all day and it is simply wrong. Since I can no longer moderate I thought that I should at least point it out.