The Market Ticker
Commentary on The Capital Markets
Logging in or registering will improve your experience here
Main Navigation
MUST-READ Selection(s):
Don't Do It Lennar -- Talk To Me Instead

Display list of topics

Sarah's Resources You Should See
Sarah's Blog Buy Sarah's Pictures
Full-Text Search & Archives
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2018-06-21 13:53 by Karl Denninger
in POTD , 64 references
 

 

Email kairia.rocks@gmail.com today to hang this on your wall tomorrow -- a unique piece of artwork for you to enjoy!

View this entry with comments (opens new window)
 



The Supreme Court has now voided their own precedent in Quill.

Finally, Amazon managed to prod the Supreme Court into overturning something I didn't think would go away.  But the impact of this on entrepreneurs is going to be, absent some sort of simplification legislation, horrible.

The fundamental problem is the outrageously-abusive acts of Amazon specifically.

History is in order here to understand both what prompted this decision and the events that have led to it.

Amazon began as an online bookseller. It had one nexus of operations and shipped books (shortly followed by other physical media such as CDs) from one central warehouse, using (mostly) the mail.  As the firm expanded it desired to open distribution centers to decrease its own operating costs (primarily shipping-related, as shipping is often distance-sensitive on price.)

This would have naturally exposed Amazon to collecting sales taxes per the Quill precedent.

So what Amazon did -- and which they maintain today -- was to set up captive firms to operate their distribution centers -- and then claimed they didn't have nexus.

The states got smart to this scheme quickly and started to sue -- and as they did, Amazon quietly folded.  But what Amazon never did was either pay back to the date of opening the center, nor were they ever prosecuted for criminal tax evasion.

Why not fight these states?  Because they knew they'd lose.  Their original gambit was neither original or a "stroke of genius" by Bezos; I had considered the exact same sort of structure in 1996 with MCSNet and was informed by our corporate counsel that the odds of success were tiny and the risk of a criminal indictment very real.  Needless to say, not being someone who could play a "Social Justice" get-out-of-jail-free card, I instead registered in Wisconsin (where we wanted to expand) and collected, filed and paid the sales taxes -- but Beelzebezos did not; he instead played (successfully) the "I'm God and you're a peon" game right up until it became evident he would lose at trial and then started collecting on Amazon-owned inventory but with no admission that he knew damn well it was a bull**** scheme in the first place, nor with any penalty applied to him or the firm.

You would think it would have stopped there, but no!  Amazon still maintained the same "no tax collected or remitted" policy with so-called "third party" sellers, which are now roughly half of all its transaction volume!

This despite the fact that Amazon is not a mere advertising conduit -- the firm handles the money and all post-transaction dispute resolution, which means they're actually responsible for somewhat more than half of the entire transaction stream itself.  Remember, a transaction has two components -- the good or service bought and the payment made.  Nexus is not defined as "physical product"; it is the real connection to the jurisdiction.  If you handle half the transaction as a firm with a presence you clearly have that connection.  But once again since Amazon has a never-get-prosecuted card they use with impunity, even when they sell magic potting soil for $200 that (quite-obviously) is a laundering transaction for something else (whether that "something else" is an illicit product or simply the illicit movement of money across national borders) and do not find themselves on the wrong end of a criminal indictment why would they worry about such a thing as sales taxes?

So, they didn't.

Now the Supremes have waded in and moved from a bright-line test which was more than good enough to hammer Beelzebezos with in the first place to a not-so-bright line on the other side.

Specifically, the South Dakota law in question does have a "reasonable connection" test embedded in it -- either $100,000 in sales or 200 or more transactions.  It is this "reasonable connection" test that likely made the ruling possible.  While the first of those is likely quite-reasonable the second may not be; 200 transactions in a year is not many at all for a low-priced item, and many e-commerce transactions are indeed for small amounts of money.

What this does do, however, is open a nice wedge for states like Illinois to take Beelzebezos out behind the woodshed and have a turn or three at him from the backside.  For those states with intractable revenue problems I fully expect that to begin in earnest immediately, and with good reason -- it's low-hanging fruit and now, with a brand new, freshly-minted Supreme Court decision at their backs they'll be after 'em Fast-n-Furious.

To which I say, Godspeed.  Yes, this will modify my view on such things on a forward basis.  Even Florida's sales tax laws have had a 100% inhibiting factor on my desire and willingness to offer any sort of physical product whatsoever.  You've never been able to buy a $10 "branded" Market Ticker coffee mug, for example, despite my operating this blog for more than 10 years because the very first such mug I sold in this state would expose me to permanent monthly sales tax reporting and Florida, like many other states, imposes a byzantine state and local tax agglomeration mess that makes such accurate reporting and remittance a five-alarm pain in the ass for anyone doing any sort of shipping of anything.  For a retailer with a store in one location it's tolerable as everything is at one rate and not all that bad; you can do the reporting and payment with reasonable accounting in 15 minutes a month.  Start sending things around inside the state and you get the mess immediately and that 15 minutes turns into hours.  For a few incidental sales of something like a coffee mug it simply isn't worth it as the compliance costs would exceed the revenue I could earn from same, making such an instant money loser.

When I ran MCSNet we used to give away such as premium items to customers (and at trade shows), along with selling them if you wanted to buy one, because we already did enough business, and had enough other state tax compliance costs, that the additional (and simple) reporting and payment requirements were a deminimus addition to our administrative overhead. Thus there were several iterations of MCSNet coffee mugs over my years of running the place.

Will this decision put a thumb on the scale for small-business?  Yep.  But it may also make possible the removal of Goliath's (Beelzebezos') boot from the scale that has screwed innumerable US-based sellers in favor of Chineesium garbage shippers, never mind the $200 bag-of-potting-soil sellers that are almost-certainly actually being paid for something else that is likely illegal at best and poisonous (e.g. fentanyl) at worst.

As the Supreme dissenters point out Congress could fix this, and fix it properly.  But Congress has declined for two decades as the screamfest from Beelzebezos, along with our present Administration's fixation on the price of stocks even if said "price" is achieved by buttraping small businesses across America, has led them to abdicate.

In short while I don't like the decision given the alternatives, that Goliath might get his foot chopped off as he has so richly deserved to have happen for the last two decades, leads me to crack a wry smile.

View this entry with comments (opens new window)
 

This sort of crap ought to lead directly to bankruptcy.  Instead, if you're cute and have breasts, you get applauded for being insufferably stupid and taking years off people's lives.

NEW YORK (AP) — Natalie Portman and Jonathan Safran Foer hope they can change the world — one dinner plate at a time.

The actress and the author have teamed up to produce the documentary “Eating Animals,” an indictment of the factory farm system that argues we are feeding ourselves all wrong.

....

While humanity faces huge complicated issues — global warming, education, immigration — Foer and Portman argue the future of factory farms can be decided by individual consumers. Their solution is to get people skip meat every once in a while — multiplied by millions.

Foer, whose other books include “Everything Is Illuminated” and “Extremely Loud & Incredibly Close,” and who is a vegetarian (Portman is vegan), knows converting people to a meatless diet is unlikely to happen overnight.

Let's cut the crap eh?

Veganism is unhealthy for the vast majority of people who practice it.  While it is possible to obtain a complete protein complex via vegan eating it is extraordinarily difficult to do so -- and expensive.  Most people will not accomplish it; they will be nutritionally deficient, critically so, eating this way.

What's worse is that eating carbohydrates makes you hungry.  And while it is certainly possible to sate that by eating lots of broccoli again, few people will actually do so simply because obtaining enough calories for one's body mass by eating that sort of food would require eating constantly and an amount of said food that is just flat-out outrageous.

1/2 cup of broccoli, for example, has just 15 calories.  If you wish to eat 1,500 calories a day (a decent amount for an adult, sedentary woman) you would need to eat 50 cups of broccoli.

Go get a 2-cup measuring cup out of your kitchen cupboard.  Now line 25 of them up on the counter (well, ok, imagine doing it because you don't have that many.)  That's how many you'd have to eat.

Not only won' you do that (time and bulk prohibit it) money prohibits it too, unless you're filthy rich.  The other similar good, green vegetables all have the same basic issue -- they're caloric sparse but nutritionally dense in terms of things like Vitamin C.  Indeed that 1/2 cup of broccoli has ~20% of your vitamin C requirement -- it's a better source than oranges (and much better than sugar-added orange juice)

So what will you eat if you go "vegan", by and large?  Fast, dense carbohydrates.  This can be reasonably healthy if you eat like a peasant (extreme portion control), but you won't -- because you're not a peasant.  The Chinese, for example, did just fine on rice in terms of diabetes and metabolic disorders -- when they were peasants in the main and their food intake was modulated by wealth.  In other words they couldn't afford to eat more rice than they did.

As soon as that started to dissipate their consumption of those carbs turned into a monster and China now has an enormous, and rapidly-expanding, diabetes, obesity and metabolic disorder problem.  China now has one of the worst rates of diabetes incidence in the world (instead of a near-zero one!) and they didn't get there by eating bacon and eggs.

What Natalie doesn't want to talk about, nor do any of these other "actors", is that the root of the issue when it comes to eating animals and the rise of "factory farming" lies in the idea that we can sustain exponential population growth on this rock into the indefinite future.

This is a flat-out, mathematically-provable lie.

It's not a mistake, it's a lie.

Incidentally all those factory corn farms come from the same reality -- people keep wanting to argue that we can have an indefinite exponential expansion of the human population on this fixed-size and resource rock called "Earth."

These are the very same leftist, elitist snobs who claim we should "open our borders" to any and all who come, irrespective of whether they have a skillset to contribute or whether they're simply coming to get the "free cheese" from taxpayers -- never mind the human trafficking aspect of it.

That's BeeEss as well.

If you wish to go watch the propaganda machine be my guest -- make sure you top it off with a nice vegan popcorn, topped with fake butter (vegetable oil, which is a machine-made heart-attack producing poison) and a big sugary soda (also vegan; no animal products in there.)

When you go blind and your feet are cut off from diabetic complications make sure you thank Natalie for pointing you in the right direction.  I'm sure she'll be happy to pay your medical bills.

View this entry with comments (opens new window)
 

2018-06-21 07:00 by Karl Denninger
in Technology , 110 references
[Comments enabled]  

This sort of thing never ceases to amaze me....

For the second time this month, federal prosecutors say they’ve obtained a trove of encrypted messages from one of President Trump’s former top associates. 

The relative ease with which investigators appear to have accessed the messages of Trump's longtime personal lawyer Michael Cohen highlights an often overlooked reality: encrypted apps like Signal and WhatsApp are only as secure as users choose to make them. 

Uh huh.

Let's cut the crap: They're only as insecure as the app writers choose to make possible.

Why would an app-writer choose to make it possible insecure storage of encrypted communications?

For the same reason you are dumb enough to stick a microphone in your bedroom that allegedly "does things" for you: Convenience.

It it possible to design an app that never stores an encryption key or the content of messages persistently?  Yes.  Further, Android can be told not to back up data for a given application in the manifest, which the user cannot override.

So why would you, as the writer of an allegedly "secure" application to communicate with someone, put intentional privacy-destroying "features" into your application?  Simple: "convenience".  Specifically, if the app never stores the messages or keys on a persistent basis then they're not there "later on" and further, if you are in an area without immediate and available data service you can't get to anything at all since it's not present on the device.

If you never store the messages on the device beyond the point at which the user exits the app's "in-use" state (that is, the app intentionally destroys any in-memory or on-storage copies when it is closed, exited or hidden) then they can't be retrieved as they're not there.  If they're only transported encrypted with a key generated through secure negotiation then the lifetime of said message in terms of being able to intercept it, absent a failure of the encryption itself, is limited to that of the app's instance.

But this is "inconvenient", you see.  Well, ok, "less convenient." 

Yet people are led to believe that these sorts of communications are "secure" when in fact they're not, intentionally, due to how the app is designed and works.  Rather than explain in great detail that the basis of such a claim is only to prevent interception while in transit and that no security of data on the device is either implied or, realistically provided these folks instead "market" said applications as "safer" than something like a text message.

That may be true but only in the marginal sense, and it does exactly nothing for you if your device is physically compromised or one of the people involved voluntarily turns their device over to someone.

View this entry with comments (opens new window)
 

2018-06-20 14:36 by Karl Denninger
in Small Business , 84 references
[Comments enabled]  

I got 99 problems but secure control of my house isn't one of them.

In no particular order:

  • Problem: Cameras are great. The let you see inside your home when you're not there, along with the periphery.  The problem is that they're inherently insecure, the most-common protocol to view them has no security on the video whatsoever, all of them "phone home", they have low-powered CPUs in them for cost reasons, and they are made and designed in China with who-knows-what sort of back doors in their software.  Solution: HomeDaemon-MCP secures your cameras, making it possible to completely detach them from outside access.  You can obtain the "latest" (last movement) still or real-time video from them over a completely secure connection on your phone at any moment you desire -- from anywhere in the world, and if desired grab an "on demand" video clip to your mobile device.  In addition unlike the simple "if I see movement or detect sound" upload to an insecure cloud some faceless company owns and may use for marketing or other purposes (or almost-as-bad, on-site SD card storage that is trivially stolen by a burglar) HomeDaemon-MCP can, on any set of conditions you define (no matter how complex) upload a fully-secure video clip of a length you determine to a site you, and only you, control using industry-standard and accepted secure communications for use by yourself or the authorities in prosecuting criminal acts.

  • Problem: Locks and other access control devices (e.g. garage door openers) have AES-encrypted (highly secure) options for control, but the "pairing" process is fraught with risk.  Existing controllers poorly handle this, having intentionally sacrificed security on the altar of "convenience", making possible theft of the network security key after which any and all "encrypted" traffic could be intercepted or modified from more than 100' away -- more than enough to tamper with your house from next door or in the street.  This, theoretically at least, could allow a thief to command your door or garage to open for him!  Solution: HomeDaemon-MCP refuses to answer "S0" keying (the risky event) at high power intentionally, preventing key interception at long range with 100% certainty even if you are tricked into attempting to re-install a device.  Instead for S0 secure Z-wave nodes you remove the stick from the controller and pair it at the device itself, which reduces the potential range of interception to inches from hundreds of feet. 

  • Problem: Existing systems all rely on the "cloud" in some fashion or form.  But "cloud" computing is inherently insecure due to computer design priorities that put performance before security, never mind being fraught with the risk that if a server goes down hundreds of thousands or even millions of consumers lose monitoring and control access at once!  Then there are the "microphones" that are supposedly only listening for specific commands yet have been shown to record and send conversations to others without being told to to do so.  Answer: HomeDaemon-MCP never uses voice commands because voice commands are inherently insecure as a microphone must be on and listening all the time in order to detect the alleged "trigger" word or phrase.  This means a programming error or intentional misconduct by a vendor can trivially record, steal and use the contents of your most-intimate conversations -- those in your home (or even bedroom!)  We all have our phones with us today; unlocking yours and touching a screen requires two actions confirming your intent to do something, while denying interception and exploitation by either error or malice.

  • Problem: "Skills" loaded to a device from some third party inherently rely on trust you place in someone else to not misuse your data or worse, spy on you intentionally.  The incentives to violate your trust or spy on you are great and the penalties for firms caught misusing your data have never resulted in a single criminal prosecution of anyone, ever, in the history of these devices and companies.  There is no incentive for a firm not to do this sort of thing because any "penalty" is always limited to a fine (and then only rarely), which is simply passed on to you in the form of higher prices.  Solution: HomeDaemon-MCP is configured and controlled entirely by you or your chosen installer on a local basis in your home, with its configuration stored on a local SD card.  It relies on no external "skills" or code, ever.  You can always, as an administrator and the owner of your home, look at and verify what it is looking at and what actions it takes because unlike an opaque "skill" the configuration is all in an English-like language that is easily understood.

  • Problem: "Cloud" solutions to notifications and events are touted as "more friendly" yet sacrifice security and privacy on the altar of someone else's convenience, particularly when it comes to your mobile phone.  Answer: HomeDaemon-MCP's Android app has zero reliance on a "cloud" for anything, including real-time monitoring.  It provides notification of events as they occur within 90 seconds, even when your phone is asleep and in "low power" mode, and within one second when it's awake, frequently beating the delivery of a text message when sleeping and always beating it when the device is awake, and yet the app consumes only about 1% of your phone's battery power overnight to do so.

  • Problem: Storing passwords on a mobile device is fraught with risk for all the obvious reasons, yet most apps do exactly that, again for your convenience.  Answer: HomeDaemon-MCP's Android app never stores a password.  It instead obtains an authentication token of which you control the length of validity.  Further, a second, one-time use token is returned to the device which is valid for only one command after which it expires, preventing "injection" attacks launched from malicious web sites you may accidentally visit from working.  With no password stored by the app it's impossible to steal it since it's never stored, but only presented when necessary to obtain the authentication token.  Should you lose your mobile device logging out from any device (e.g. a web browser) instantly invalidates the access (and one-time-use) tokens, rendering the connection immediately secure from further access.

Got a desire to make a lot of money?  Then pay me a reasonable amount, own this wholesale (including source) and make a fortune. 

Email karl@denninger.net for more info, or look here.

View this entry with comments (opens new window)