Hashemian Blog
Web, Finance, Technology, Running

Can Jet Beat Amazon?

by @ 4:18 pm
Filed under: business,web — Tags: ,

jet amazonThe idea behind Jet, a new online marketplace site, is simple. Borrowing from Costco's concept, Jet charges its clients an annual fee and in return ships products to customers with no mark-ups and in many cases with substantial savings over other shops, including Amazon.

Being a Costco fan, I like Jet's model. Add to that a good dash of dislike for Amazon and I may actually try Jet at some point. Seems like Jet is having some success getting its name out.

Jet's founder, Marc Lore, was the man behind diapers.com, a once successful ecommerce company who got crushed under the weight of Amazon and finally what was left of it was assimilated by Amazon. Now Lore is back to take on Amazon again, only this time he's going after the entire retail side of the company. Amazon's CEO, Bezos, can't be too happy about this, but is he worried?

I doubt Bezos is losing much sleep and here's why. Amazon may be known for perfecting the online marketplace and for being uber-competitive but Amazon has become adept at thriving while swimming in failure. Which company can lose money for over 20 years and be handsomely rewarded for it? For the last quarter it reported a measly $90 million in profit and saw its market cap rocket up by $50 billion when stocks opened last Friday.

The point is that competing with Amazon is like competing with a bottom-less pit for the bottom. Amazon crushes its competition by spending nearly infinite amount of money knowing that the stake holders expect nothing but losses every year. When you are rewarded for losing money, it's not difficult to spend all the money in the world, and that's what Amazon does to stifle competition.

Of course Jet realizes this fact and it has dug in, preparing itself and its investors for years of losses as its competition with Amazon heats up. Will it find the same love and admiration from its backers and future shareholders? Doubtful, but I actually hope so. Not just because I dislike Amazon, but also because some day I'd like to start my own thriving business that is successful at losing money forever.

The Dawn of AWS Zombies

by @ 9:34 am
Filed under: hacking,internet — Tags: ,

awsOne of the less enviable tasks in a techie's life is identifying bogus robot traffic on their networks. Robots suck up bandwidth without giving anything in return and in most cases try to brute-force their way into systems and steal information and then assimilate their target hosts into new recruits in their army of zombie robots.

Identifying and neutralizing robots is hard enough, specially those hunting in packs causing DDoS headaches most of the time, but in past there used to be time, resources and funding barriers which moderated these attacks. With cloud services those barriers seem to have all but vanished and based on what I can see, AWS (Amazon Web Services) is one of the ugliest actors on the market. So how are AWS zombies created?

  • Hacker uses a stolen credit card to set up an account on AWS or hacks an existing AWS account.
  • Hacker spins up multiple virtual machines under this account. Or hacker breaks into a legitimate AWS virtual machine.
  • Hacker installs robot apps on one or more virtual machines and launches attacks.
  • Successful attacks bring more power to the hacker.
  • At some point AWS or the legitimate account holders notice high usages in processing, storage, and bandwidth and shut down the operation but by then the damage is done.

Could AWS be complicit in this type of activity? Perhaps not actively, but there is a passive element here as well. I'm sure they won't admit to it, but if a legit account is broken into and its cloud services are stolen, would AWS even care? They just blame the user for being careless and charge him for the usage. AWS may exercise more care in terms of blocking accounts with stolen credit cards because they may not be able to squeeze money out of those cases.

But even then, Amazon is so big with such vast resources that these cases may not even register as a blip on their radar. So the cycle of spawning AWS zombies will never cease and Amazon continues wasting our time, resources and bandwidth with impunity.

It may be an overkill to completely block AWS, but if partial blocking becomes necessary, a list of their public IP address ranges is published here and in json format here.

Remote Desktop Keyboard Malfunction Solution

by @ 2:58 pm
Filed under: microsoft — Tags:

I connect to the office often via Remote Desktop (RDP) from my Windows 7 machine at home. Most of the time this works fine but sometimes the keyboard goes insane when on the remote machine. A few keys work, some don't work at all, others cause strange behavior like closing windows or randomly opening new ones.

windows keyIn past only a reboot seemed to fix the problem, but today I learned that hitting the 'Windows' key while on the remote host resets the keyboard and all goes to normal.

The credit goes to 'dshreve' answer on the Super User forum and of course Google for pointing me there. Wish I could upvote the answer but don't have enough points there for that. Thanks for saving my sanity ūüôā

Craigslist eBay Motors Car Scam

by @ 1:09 pm
Filed under: internet,web — Tags:

ebay-craigslist-car-scamI'd been in the market for a used car when a too good price on Craigslist caught my attention. I'd sold a street bike on Craigslist a few years ago and had a good experience so figured to go into this but with raised antennas.

An email later, the seller reveals a sob story about the car belonging to her dead husband and wanting to move on. The car's in a great shape with all paperwork in order. Sounds plausible, so can I see the car? Seller replies the car is in some eBay garage across the country in lot number so and so.

No worries, she just needs my info and eBay will contact me about payment. The money will remain with eBay until I receive the car and I have 10 days to inspect it. If any issues, I can return it at no cost to me.

So I ask for the eBay page where the car is listed. Seller says she took it down because of the fees. But really, eBay will make all arrangements.

Yeah, sure man. Of course at this point the full blown scam was obvious, but should have been obvious at Craigslist. A quick Google search revealed that this unholy Craigslist-eBay alliance bait and switch is in fact very popular and a few people have been victimized, buyers and sellers.

So why this post? Just adding one more page to Google's search results to raise the warning volume slightly more.

Read this and stay vigilant. There's plenty more info on this. Just Google it.

Amazon's Windfall of ID Theft and Tax Fraud

by @ 12:08 pm
Filed under: financial — Tags: ,

Amazon.comSeems unbelievable but I never knew some states actually issue tax refunds in the form of Amazon gift cards. Read article.

With a long list of companies benefiting from tax refunds including Amazon, debit card issuers, tax software companies and financial institutions that collect transaction fees, one wonders if there is a real concerted effort from all sides to stem ID and tax fraud.

With the states squeezed from the scammers on one side and the greedy corporations on the other, most likely the ID theft and tax fraud problems will continue unabated.

The real losers, as usual, are and continue to be the taxpayers.

Citi Bike Miami

by @ 6:07 pm
Filed under: health — Tags:

There's always a first time for everything and for me it was trying out Citi Bike. During a recent stay in downtown Miami, I wanted a fast way to get to Miami Beach and take a dive into the ocean. My options were to run, take a taxi, take public transport, or rent a bike, and I decided to go with the last one.

After so many years, Citi Bike put me back on a bicycle and it turned out to be a great decision. At $6/hr it was pretty inexpensive, faster and less strenuous than running and quite a bit of fun.

These are not top of the line bikes, they have a more industrial feel to them. I can imagine with the all the abuse they take on a daily basis, they must have some level of ruggedness. But most come with the basket/bucket mounted upfront to take along items, such as a towel, for the trip, very useful.

I rented one to the beach and then rented one back and it was such a great experience that I did it again the next day.

Citi Bike Miami

Peru Hikes - Marcahuasi, Machu Picchu

by @ 4:12 pm
Filed under: running-hiking — Tags: , ,

On a recent trip to Peru with a friend we did 2 hikes, one near Lima and the other near Cusco.

Near Lima, Marcahuasi is one of those open secrets that you hope it'll never become too popular. It's a stone forest filled with rocks that resemble human, animal, and alien faces and shapes. Some believe that it was laid out and constructed by aliens or unknown races, maybe even the Incas. I think it's all the work of nature, but no matter what, it is a mystical place that one can't forget. It certainly deserves more than a one-night stay but that's all we had time for.

Near Cusco is of course the famed Machu Picchu city/fortress but getting to it via a multi-day trek was most of the fun. We chose the Salkantay trek because the Inca trail was at capacity with only 500 allowed per day. In return we were treated to more nature than history/culture and less crowds. Salkantay offers majestic mountains with glaciers, green rolling fields, innumerable waterfalls, and pristine scenery that is hard to beat.

The final trekking day ended in the town of Aguas Calientes with its hot springs and finally Machu Picchu which doesn't need a description of its beauty. The hike to the top of the Machu Picchu mountain and the views from its peak left us breathless.

Here I'd like to take the opportunity to thank our local guides by sharing their web sites. We actually picked them at random and they both turned out to be outstanding. I assume most licensed guides in Peru are of high caliber, reasonably priced, and they can facilitate things greatly, so having them is definitely advised.

Marcahuasi - www.huancayaperu.com

Machu Picchu - www.salkantaycuscotrek.com

* This is unsolicited and I receive nothing in return for mentioning them.

Do Not Iron Your Shower Liner

by @ 12:48 pm
Filed under: social — Tags:

... and don't bleach or dryclean it either. While changing my IKEA vinyl shower liner today, for some reason I noticed the back side of the package.

ikea shower liner

It's weird already that IKEA needs to warn the consumer against machine washing/drying, bleaching, ironing, and drycleaning the $5 liner, but it's telling that only the US consumers are given these warnings.

Apparently for other countries a simple 100% PEVA does the job, they just know what not to do. Admittedly I had no idea what PEVA was, but thank goodness for the warnings. I was about to spend hours washing, drying, bleaching, and ironing my old shower liner ūüôā

Live Long And Prosper Spock

by @ 7:59 pm
Filed under: star trek — Tags:

In my native country of Iran during the pre-Islamic-revolution times, the television, rife with American films, was a window into the western culture, specially the American culture, for most people.

But Star Trek was something else. It wasn't so much a glimpse of the western culture than it was the promise of what humanity could be if we let go of our bigotry and superstitions, and instead embrace humanity, science and rationality.

As a young boy I had a few sleepless nights after watching some of the more action-packed episodes. One memorable episode was The Doomsday Machine, which had me terrified of the specter of Earth being gobbled up by a fiery funnel. But many episodes also had the power to make us look at our society and at ourselves and see things from a different angle, mainly a logical one.

doomsday-machine

In of my most favorite episodes, Mirror, Mirror, the audience is taken on a journey to a parallel universe where greed for power, tyranny, and savagery is the order of the day. To the crew of the parallel Enterprise it's all par for the course, but to the few normal-world Enterprise crew members who are transported there by accident and to us, the viewers, it's a dark and hopeless world. That is not so different from many parts of our world today. We can only root for the parallel-Enterprise Spock who, at the end of the episode, realizes how illogical his world actually is. Of course seeing Spock with a beard in this episode is a pretty good bonus in itself.

spock-mirror-mirror

Leonard Nimoy has sadly passed away, but his character, Spock, will undoubtedly live long and prosper. LLAP

The SSL Safety Myth

by @ 6:21 pm
Filed under: hacking — Tags: ,

The past week the security universe has been pounded by a whirlwind of bad press and bad actors. It all started with the news of Lenovo pre-installing adware (better yet, crapware) on new machines that would allow ads from a company with the ironic and unfortunate name, Superfish, to display context ads even when users are viewing secure web pages. The details are technical, but suffice it to say that they employ SSL certificate trickery to fool browsers and silence any possible warnings to users.

Suddenly the previously esoteric or arcane man-in-the-middle (MITM) terminology has been thrust into the mainstream and now MITM is just as well known as Ebola, even if most people have no idea how it works.

MITM - Courtesy owasp.org

MITM - Courtesy owasp.org

The bigger question however is, does ubiquitous SSL (nowadays, TLS) really make computing safer? There has been a concerted push as of late to encrypt the entire web. Google for example has suggested that it favors secure sites over regular ones.

But as evident, SSL is no panacea for security or data privacy. It does make the job of corporate security teams harder, sucks more power from infrastructures, complicates interoperability, but worst of all, gives a false sense of security to users and admins. For example, people may simply assume that with SSL they can't get infected or their private data can't be hacked.

I am obviously not against cyber security, but there are proper times and places for that. Just because something is good when appropriately applied, it doesn't mean it's good for everything all the time. Unfortunately, society always seems to over-simplify things and take everything to absurd levels using the logic, if a little is good, a lot is better.

« Newer PostsOlder Posts »

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1K9TzBvQ2oaEb4tX9t2vKDtZouMcpfV6QF
© 2001-2017 Robert Hashemian   Powered by Hashemian.com