The Market Ticker
Commentary on The Capital Markets

View this entry with comments (registration required to post)

I really dislike lazy journalists -- like this one.

By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”. Users can however deactivate this transfer to the Microsoft servers by changing their settings.

More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.

Let's demolish this one at a time, because I just got done upgrading two machines here.

First, you do not need to sign into a Microsoft Account to use Windows 10.  In fact I was not even asked when I did my upgrades, but then again I had not previously used Windows "Live" services (nor will I be in the future!)

If you want cross-device sharing of things like your favorites list then how can this be done without that data going to Microsoft's servers?  It can't -- but yes, if you do allow that free service to be provided to you then Microsoft will by default share that data for advertising purposes.

Once again, if you take the Express button during the setup you're going to turn on a lot of data uploading to Microsoft and you have to assume they will use it for advertising purposes.  This is the new model of Windows -- you're not buying the software, but nothing is "free"; Microsoft assumes most people will take "Express" and with it allow them to advertise.

But you don't have to.  When the  "Express" button comes up to the lower left of the screen is a clickable link that takes you through two full screens of clickable "switches" for data that can be sent (or not) off your machine.  Yes, IMHO most of those should be off, and yes, they all default on.  So don't do that.

If you already screwed up left click the Start button and select "Settings" then "Privacy."  Turn off the things you don't want on.  That doesn't erase what is already sent, but it does stop future transmissions.

Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.

Again, false.  Bitlocker asks where the recovery key is to be stored.  Your can upload it to OneDrive, but while it's damn convenient it's also not very secure!  The other two options are to save it locally (E.g. to a thumb drive) or to print it (to a physical piece of paper.)

The recovery key is your only way back into that drive if the primary key is lost.

Incidentally, for those of you with a TPM in your computer (laptops, primarily) using a TPM only to secure Bitlocker isn't very secure.  While in theory TPM modules are secure they can be tricked into divulging the key.  The primary value in a TPM is that if someone simply removes your hard disk they're hosed as the TPM won't unlock the key if it detects that -- but if the machine is willing to "believe" you are the person with it (e.g. via your fingerprint, BIOS password or even simply turning it on!) the TPM will be happy to release the key and unlock the disk, at which point your data is available.

Far better is to use both TPM and a password; to enable this use "gpedit" (as an Adminstrator.)  You only need to do this if you have a TPM in your computer, and you must do it before enabling Bitlocker, as by default if there is no TPM you will be asked for a password when you set up encryption.  The options are here:

Then select "Operating System Drives" and set the appropriate options as shown below

Now when you set up Bitlocker you will be given the option of using a password along with your TPM.  That combination is extremely secure; you need both the undoctored TPM and the password.

Oh, and don't upload that recovery key to OneDrive.  No, no, no and no.

As for Cortana, all host-based speech recognition engines have this issue.  Siri anyone?  Google's (or for that matter BlackBerry's) "Assistant"?  Same deal; your voice is uploaded to their servers and analyzed and you give them permission to do that as an inherent part of the computing power they give you without charging you for it directly.  If you're uncomfortable with this then do what I do -- don't use those infernal things.  Cortana is trivially easy to turn off, incidentally.

Yes, Microsoft gives you the ability to shoot yourself in the head, along with giving them access to all sorts of data they can and will use to advertise to you.  But they don't appear to require it, and if you pay attention to what you're doing there does not appear to be more going on in Windows 10 in this regard than there was with other, previous Microsoft OS releases.

PS: I'm no particular fan of Microsoft, but if you're going to take a shot at them do it over something they have actually done or are doing!

View this entry with comments (registration required to post)

You have to chuckle at the roughly 10-point ramp in the S&P, commensurate with a roughly 1% dump in the dollar and more than 3% move south in 10 year Treasury yields that corresponded with this release today.

Compensation costs for civilian workers was little changed at 0.2 percent, seasonally adjusted, for the 3-month period ending June 2015, the U.S. Bureau of Labor Statistics reported today. Wages and salaries (which make up about 70 percent of compensation costs) was also little changed at 0.2 percent, and benefits (which make up the remaining 30 percent of compensation) was little changed at 0.1 percent. (See chart 1 and tables 1, 2, and 3.)

That's the weakest increase in a long time, beating even the low points reached in 2008 and early 2009!

The reason for the rampjob was that the market seems to think this means The Fed won't raise rates in September.

However, I believe they're wrong for several reasons, the most-important of which being that The Fed's actions have almost-nothing to do with trying to "prevent or control inflation."  Instead they have to do with the fact that they have and are blowing a monstrous credit bubble that is filtering through to both higher-end housing (but leaving middle-class and lower-income housing untouched!and corporate buybacks and M&A activity.

It is not going into productive investment.

Further, The Fed has effectively no tools available if and when the inevitable business downturn comes.

The most-destructive component of what has occurred is in fact in the corporate action / buyback arena along with the outrageous amount of federal borrowing that has taken place.  The States, for their part, appear to be cognizant of what's going on -- or they're (properly) frightened out of their wits by the impending detonation of all of their pension and health care obligations for retirees as a direct consequence of these low rates.

In short Bernanke's thesis has been disproved; you can't lift the economy with these monetary actions.  At best you can blow a bigger bubble, which may give the illusion of prosperity for some but the broader public doesn't get any of the participation from it, and they get all of the downside.

Look out below.

View this entry with comments (registration required to post)

First Chrysler, now GM.

In February, “60 Minutes” reported on a multiyear project conducted by the University of Washington -- and demonstrated for the program with assistance from the Defense Advanced Research Projects Agency (DARPA) -- in which researchers were able to hack into the OnStar telematics system of a 2009 Chevrolet Impala. With CBS correspondent Lesley Stahl behind the wheel, they turned on the windshield washers, honked the horn and disabled the brakes.

Control over safety-critical system is very bad if you can corrupt it.

Consider how easy it would be to murder a family; start their car in the closed garage at 3:00 AM.

If they don't hear the engine start...... 

Never mind the theft potential; modern cars without physical ignitions don't lock the steering column, so if you can start it, you can drive it.  Isn't that special?

I wonder what the insurance premiums will be on these vehicles after this sort of problem gets out in the wild?

Manufacturers in general, whether it be cars, home "gateways" and other "Internet of things" devices tend to not give a crap about security or even good design principles -- as we keep having demonstrated for us.

View this entry with comments (registration required to post)

Apparently Bullion Direct, a relatively-popular place to buy and sell gold and silver, has gone under.

That's ok, people go bankrupt all the time.

But it appears this time there was a bit of a problem with people's transactions in-process, and perhaps with alleged metal being stored.

Folks, you need to get something through your heads, which I've tried to explain before: Nobody works for free.  If you think you can run a company off a 1% commission or some such, well, you can't.  What this means is that it's pretty common for various other forms of money-making to take place in a business where it appears that a tiny premium (if any) is being charged, and the easiest way to do it is for the dealer to be an actual speculator and either buy ahead or sell behind.

In other words they play on price movement, which is great right up until what they believe is going to happen doesn't, at which point they lose money -- and maybe lose a lot of it.

That, in turn has a nasty way of exposing whatever happened -- like, for instance, that the metal allegedly there isn't.

Note that a brokerage has no inventory and thus this problem doesn't arise.  They simply match buyers and sellers, and that you can do for a paltry commission.

If something looks too good to be true it nearly always is.

PS: Gold and silver are commodities; one of the reasons folks keep getting snared like this is they think it's "money."  Nope.

View this entry with comments (registration required to post)

Main Navigation
MUST-READ Selection:
Why I Find It Hard To Give A F**k

Full-Text Search & Archives
Archive Access
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be reproduced or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media or for commercial use.

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.