Best Buy (NYSE: BBY) reported this morning; here's the short version:

THE CONTEXT: Its adjusted earnings beat Wall Street expectations, but revenue fell short as the company faced tough pricing competition during the quarter. The company has been working on a turnaround plan as it faces increased competition from online retailers and discount stores.

Uh, revenues fell short?

Remember, the issue is that the firm extended its "price match" guarantee against online retailers (read: Amazon) in the quarter.

Revenue was off 10%, which shouldn't be happening if the company's price-match was actually doing what they expect, which is to entice people to buy locally rather than over the Internet.  (Note: Same-store revenues were down a much-smaller 1.1% -- but still down.) 

This strongly implies that either they're not really price-matching in a form and fashion that consumers are willing to deal with or their stores suck, the retail experience sucks, and thus the customers are buying online even though it's not cheaper.

There are plenty of firms that will "price-match" if you catch them with a higher price than someone else.  That sort of policy runs the risk of leaving a bad taste in the consumer's mouth if it happens all the time.  What this says to the customer is that you believe they're a sucker in that you'll post a much higher price but take less if and only if challenged.

Some people think that's just fine, but others will think back about all the previous times they were in your store and presume you robbed them during those previous visits.  If that's the take-away they get from your policy there is a very real risk they simply turn around and walk out.

The message being sent is similar to instructing your cashiers to short everyone who pays with cash by $5 in their change, but to immediately fork the $5 over if challenged.  The first time I catch you and you immediately give me the remaining $5 I am going to think about the previous times I was in your store and wonder exactly how many of those times you stole $5 from me and got away with it.  Think about it.....

It is my premise that treating customers like sheep to be shorn while deferring the shears if someone squawks is exactly the wrong thing to do and risks a severe and fatal customer backlash.  You may get away with it with some percentage of the customers, maybe even most of them, but anyone who is offended by that sort of tactic is unlikely to come back and shop in your store again.

In any event, with revenues down 10%, what the company is doing is objectively not working.

If you recall on 5/3 I posted an article entitled "Tired of "Snoopfest"?" in which I talked about VPN use for mobile devices.  Almost three weeks later Fox News posted a "guide for journalists" to "avoid government snoops" which is full of advice -- some good, some not-so-good.

I want to go through the suggestions, because many of them when taken without due consideration of all the factors involved can actually increase your risk of loss or compromise of data -- mostly on the "loss" side.

Data you lose may be free from snooping, but it's also free from use by you too, and that's probably not what you were intending.....

So let's go through it:

Truecrypt.  This is a disk-encryption system that runs on Windows among other things.  It's free and the source code is public, which means people can vet it and know that there is (or isn't) a back door in the code.  But there are some issues you need to be aware of.

First, without taking reasonably-extraordinary care, if "someone" discovers a Truecrypted disk they will know it is encrypted.  In the US this will provoke a 5th Amendment fight over the encryption key.  In other, less-civilized circumstances it may involve pulled fingernails.  There are ways around this using "hidden" containers but those are pretty complicated to set up and use without giving away the fact that encryption is in use.  Thus, if you're in a particularly-hostile locale where the mere presence of encrypted data is likely to get you in trouble, you need to be extremely careful.

Second, the use of full disk encryption materially complicates backups.  You are far more likely to lose your data to a failure in your computer's hard disk than you are to have it seized (legally or otherwise) by a government spook.  It is fairly complicated to make backups of an encrypted disk that (1) are guaranteed to be recoverable if there is a failure (and that's important!) and (2) are also secure (otherwise the government or other bad guy simply seizes the unencrypted backup!    This is not a trivial problem and requires very careful thought lest you either destroy your data or your security -- by accident.

Finally, for older computers there is another problem in that TrueCrypt (like all encryption) consumes computer cycles, and older processors do not know how to perform these instructions.  As a result the performance impact of using TrueCrypt can be considerable, especially on older machines.  New Intel-based machines with the "AESNI" instructions resolve most of this concern.

I like TrueCrypt and use it personally, but I am aware of these considerations and what is required to work around them.  I also accept that when (not if) I have to restore a backup that it may be rather inconvenient and involve multiple steps before everything is back to normal. 

Of course if your backup scheme is as it is with many computer users (commonly known as "pray nothing breaks") then you don't care about these considerations.  For those of us who simply cannot afford to lose data it's a different matter entirely.

There are similar setups available for other operating systems; "geli" is a commonly-used one for FreeBSD and works the same way, encrypting the entire disk.  These means of protecting your data are probably secure, if properly managed, against government seizure but they are nearly bomb-proof against ordinary criminals.  If you use a laptop and have sensitive data on it (such as banking data) you are far more likely to have your computer stolen than seized by the government, and this makes data integrity a serious concern.  Note that our own government has had a number of laptops stolen (e.g. from airports) and doesn't pay much attention to security in these instances, if press reports are to be believed.  

You can (and should) do better.  For most "ordinary users", journalists or otherwise, you will probably need professional assistance in making sure that you're not destroying your security or worse, access to your backups, by using this or related tools. 

Tor.  Tor is a package comprising what is known as the "Onion Router" that encrypts traffic and routes it through multiple computers all over the globe, and is used for web surfing.  It sounds good, but there are risks associated with it.  

First, because of the multiple encryption steps (one for each "hop" the traffic takes) it materially slows down your browsing.  In addition in order to actually conceal who you are it is absolutely necessary that you not sign into a web site or otherwise transmit a set of credentials.  Next, you are trusting strangers, some of who may not be trustworthy.  In particular if there is a "strategic" compromise of nodes on the Tor network you could find yourself being monitored anyway while believing you're "safe." This is a fairly significant risk if you're worried about governments; if you're worried about common cybercriminals, not so much.  Because the network (by natural process) routes the most traffic through the highest bandwidth nodes and bandwidth costs money (and thus there aren't very many high-bandwidth nodes) the number of actual nodes that have to be compromised before the odds are your traffic is no longer secure is relatively low.

In short Tor might be useful but it is not a panacea.  If you're trying to hide from the owner of a web site who is not savvy to what you're up to it will probably work.  If you're trying to hide from a government and it's a backwoods tin-pot dictator, you might be successful.  If you're trying to hide from the NSA, good luck.

VPN: Using VPN facilities is what I discussed previously.  But the Fox article makes a clear mistake; they advocate using public VPN services.  I disagree.

First, a public VPN service will prevent someone at the local StarBucks from picking off your "free" WiFi traffic.  If that's what you fear, it works fine because the data is encrypted beyond the reach of the "bad guy" who is also at or near the public, unencrypted WiFi spot.

But the public VPN service of course knows who you are (since you have to sign into it) and thus if you're concerned about being silently wiretapped by the government this "solution" is useless!  In fact it may be worse than useless in that these sites "concentrate" people who have security concerns and thus provide an "attractive target" for government monitoring.

The fundamental problem is that any journalist (or anyone else) who expects a third party to take their legal slings and arrows for them is an idiot and deserves what he or she gets.  It is for this reason that I advocate that if you're going to use a VPN you should set it up on your own hardware and run it yourself.  This way if the government wants to tap the communications going over it they have to subpoena you, not some third party.  You can fight a subpoena you know about.

Google Voice: Same problem as the above.  Why would Google not comply with a subpoena?  Of course they would.  And if it's a NSL (National Security Letter) or other "gagged" form of process expecting them to tell you before releasing the data is insane.  Again, it's the same issue; expecting other people to take your legal slings and arrows is stupid.  

The other two, "Burner" and "DeadDrop", are mostly useful for short-term or (better) one-time communications where the concern is interception. I don't know enough about either to analyze them critically, but I will note that the integrity of the entity providing such a service is a really big deal.  Do your homework.

My policy when I ran my Internet company, and my policy now, is that if I get a subpoena that is valid in my jurisdiction I am going to comply with it.  I am not someone else's nanny nor am I their protector.  You, as a user of technology, are the one who has the burden of determining what appropriate privacy protections are for your traffic and bearing the costs of implementing and defending them.

Fox had some good ideas in that article, but like so much in journalism today it's only half the story.  My concern, and the reason I write here on this subject once again, is that used injudiciously you are taking a terrible risk using disk encryption, most-particularly if you damage or destroy the ability to get to your backup data.  

And you do need backups -- you're far, far more likely to have a disk fail in your computer than you are to have a government spook be interested in what's on it -- whether you're a journalist or not.

Well well Liberal America, who loves Apple and their products so much, how do you justify this?

Apple Inc. (AAPL) has set up corporate structures that have allowed it to pay little or no corporate tax -- in any country -- on much of its overseas income, according to the findings of a U.S. Senate examination released Monday evening.

The unusual result is possible because the iPhone maker's key foreign subsidiaries argue they are residents of nowhere, according to the investigator' report, which will be discussed at a hearing Tuesday where Apple CEO Tim Cook will testify.

This is amusing, really.

What's happened here is that Apple has created subsidiaries that have no tax home at all.  

Effectively what is going on is that Apple has created corporate entities that have no "citizenship"; they are thus exempt from tax in any jurisdiction when it comes to those entities.  

This is not technically illegal, but it is exactly the sort of scheming that our legal environment and tax environment has encouraged.  Apple, incidentally, is nowhere near the only firm doing this but it happens to be one of, if not, the largest.

Tax avoidance is not illegal.  Evasion is.  But you, as a natural person, cannot declare yourself (or any part of yourself) a taxable citizen of nowhere.

But this is exactly what big corporations like Apple have done through legal machinations.  It's wrong, not because Apple is doing it but because you can't.

It's that simple folks.

This is what happens when you set up a tax code that is outageously complex and full of special privileges granted to certain organizations that lobby for those privileges that apply only to them.  Corporations get their best return on investment by "lobbying" Congress, which really ought to be called bribery (or even blackmail), because effectively (although not "legally") that's exactly what it is.

You, as an ordinary citizen, get no such special treatment.

This isn't limited to big multinational corporations and the Federal Government either.  We have set up "enterprise zones" locally that are exempt or otherwise are privileged in tax status for certain "special" companies; this happens all the time when state and local governments lure manufacturers and other businesses to an area, always backed by the claim that they will "create jobs" and "help the economy."  What they actually do is shift the increased cost of government services that come with increased business and personal presence onto you while they pocket the difference.

This crap must stop.

The story is not what the headline implies.

When CNet editor and reviewer Brian Bennett lost his "lovely HTC One test unit" while traveling, he was forced to use the other test phone he brought with him, a BlackBerry Z10.

He expected to be miserable missing out on Google Drive, Google Talk, Google Now and other Android apps.

But he was shocked at how much he liked the phone, once he was set up with Google Apps for Business. ("It requires you to configure your Gmail as an exchange account.")

He particularly liked BlackBerry Hub ("made missing important communiques very difficult") and the long battery life.

Wait a second.

He was forced to use the other test phone he brought with him?

May I ask a question: When did he intend to actually test what he was provided for the purpose of testing?

See, this is the problem you have relying on so-called "trusted" sources -- they're often intentionally dishonest.

How do you review something without immersing yourself in it for a short while and seeing what you think of it?  You can't.

This is why when the Z-10 came out I bought one, at retail (so as not to be "bribed" by anybody) and then stuck my SGS-II, running ICS, in the drawer, turned off.

My intention was to use it for at least one week without referring to my Android phone and see what I actually thought of the new device.  I was willing to take a $500 flyer and eat whatever the loss was if I thought, in the end, the device sucked.

It's been about two months and the Samsung hasn't been powered up since.  

It's the Samsung that sucks, when one looks at the two in honest comparison.

Why?

Battery life, ease of communication (why I have a mobile computing device in the first place), security (including easy VPN and encryption of the device) and unlike Brian I find the gesture system to be ridiculously intuitive and easy.  I did some painting the other day with the phone in my pocket streaming music to my bluetooth earpiece for four or five hours straight and I swear the battery in the earpiece would have gone flat before the phone did.  I never did that sort of thing with my Android phones because I was unwilling to flatten the battery and then wait an hour or two for it to recharge.  With the Z-10 not only is the battery not flat but if I do manage to run it down it charges at an amazing rate; restoring from 30 to 95% in 15-20 minutes is typical (provided you have a 2A charger!)

In short the phone just plain works for what I need to do when I need to do it.

Of course part of this experience, for me, is that I "sideloaded" a handful of Android apps that I really do need, including two trading apps.  Both converted and loaded effortlessly.  That required a bit of effort originally when the phone was first released, but now there are tools that make it a literal drag-and-drop affair, rendering the argument that it's "hard" moot.

I'm not a Netflix subscriber or Instagram user, so I don't care that Netflix and Instragram are not native.  But both can be sideloaded and both work, if you care about them.  Skype is now available native although again, I don't really care as I don't use it -- but for those who do, it matters to them.

But that's not really the point.

The point is that the device never got a fair hearing with CNET until their "reviewer" lost his other device.

Remember that this guy is an alleged "reviewer" and, one assumes, he was provided the device with the expectation that he would give it a fair shake and review it on that basis.

It appears he would not have done so had he not lost his HTC phone.

Bias?  Sure.  But we all have biases.

The important point is not that we have bias or don't, but that when it comes to the media and these sorts of issues it is rare that you ever see them disclosed; what usually happens is that they're concealed from you through either omission or commission.

Here's another anecdotal point for you -- the last couple of days I've spent quite a bit of time in the company of a friend who has an iPhone.  Twice she's had her phone die -- out of power -- while we were in the same place, doing the same things, while the Zed had plenty of juice left.

The photos it takes and the general flow of the interface have gotten good reviews (again, from a dedicated iPhone user) as well.

How many people will not and do not look because they were "told" by people who "claim" to have "reviewed" new devices that they're just not competitive -- but in fact the so-called "reviewer" never took the device out of their pocket and powered it up?

Now you have something else to think about.

Disclosure: The author is long BBRY.

Blah.

Pretty amazing, really.  Yahoo paid what for Tumblr?

Cramer says "Social media is not understood by people older than 23."

Oh really?  Let me give you a few hints.

• Young people are ridiculously fickle.  They loved MySpace, remember?  Right up until they didn't.  Then the money that was spent to acquire the firm went right down the toilet.
  
  
• Facebook was so great they needed their own phone.  Then they only sold some 15,000 of them, if reports are to be believed.  Why?  Because it turns out nobody really "Likes" it that much, and pictures of your cat, while cute, are not what the world is about.
   
• The small screen has no room for advertising in a profitable format.  Sorry guys.  I know, many people argue otherwise. You're wrong.  Period.  And time will prove this.  You cannot get enough of the user's real estate to sell a message on a cellphone.  That's the beginning and end of it.

What I continue to see is the model of the 1990s -- get a lot of users really fast and then sell yourself to someone before they figure out that you're not making any money and mathematically can't.

Facebook was bad enough -- this is worse.

Oh, and as for Bernanke and related folks?  

They're denying a bubble again, just like the last two times.