The Market Ticker
Commentary on The Capital Markets
Logging in or registering will improve your experience here
Main Navigation
Full-Text Search & Archives

Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2021-05-15 07:00 by Karl Denninger
in Corruption , 69 references
[Comments enabled]  

How many times have I talked about this over the last what now -- 15 years?

State Street Corp (STT.N) agreed to pay a $115 million criminal penalty and enter a deferred prosecution agreement to resolve charges the bank defrauded customers by secretly overcharging them for back-office expenses, the U.S. Department of Justice said on Thursday.

According to settlement papers, State Street admitted that from 1998 to 2015 its executives defrauded customers out of more than $290 million through hidden markups.

No prison.  Less than half what they stole.  Allegedly they'll "give it back"; so what?  It's been more than 20 years since this started.

How much did they make during those 23 years with all the robbed money?

They admitted to fraud.

They admitted intent.

They admitted doing it.

But nobody went to jail.

Not the first time either.  2016, here.

Or in 2017 -- here.

Or, if you prefer, how about in California back to 2001?

This is all the first time so we let them off, you know, once, right?

Oh wait...

I want this deal.

I want to rob banks.

I'll give back the money if I get caught, plus 50%, but you have to wait 20 years so I can put it in the stock market and make five times as much money and then that way I still get to keep a good part of what I stole.

RISK FREE, since (1) I might not get caught and (2) I don't go to prison.

If ordinary people can't have this deal then why shouldn't we tell the government to go to Hell and do whatever we want, law be damned, and if necessary force them to leave us alone?

After all that's the deal Wall Street -- and Pharma -- gets.

Speaking of pharma, you know Pfizer, the Coof-shot maker?  Yeah, they're innocent too.


PS: Not one person has gone to prison from there either.

View this entry with comments (opens new window)

Oh, look at this little explooooiiner for the weak-minded.

Sen. Mark Warner (D-Va.), who's been a leading voice in Congress on the issue, told Axios that if Americans knew how many ransomware attacks were happening every day, it would "blow their minds."

The Colonial hack, coupled with the Russians' SolarWinds attack — which had a breathtaking scale penetrating some 16,000 companies — has made people realize a cyber enemy could shut down an entire economy, Warner said.

"Warner said."

Note what Warner didn't say, nor has anyone else: This is all -- every bit of it -- due to employers everywhere coddling little snowflakes and cutting corners instead of telling all those little snowflakes to shut up and do their damned jobs.


It's really not that hard folks.

Go into virtually any business and look on a desk.  There's a computer.  Walk up to said computer.  Type in "" and hit return. Does it work?  Now try Google.  Or Yahoo.  Or pretty-much anything else.

How about email?  Running Exchange, a known dangerous piece of code that more than fifteen years ago I was contracted to write a front-end for because the agency in question knew it was dangerously insecure and didn't want to get screwed?  How come they knew and nobody else did?  The truth is that everyone did and does know but nobody cares; it's far more important to have convenience than security.

Pipeline operator?  Heh, you don't have a right-of-way from one end to the other already, do you?  Oh, wait, you do?  Then why didn't you run fiber along said right-of-way and have your own transport infrastructure that is impervious to electrical disturbances, other than at the repeaters of course which require power.  Why wasn't it true that every computer that could in some way interact with said control system, including billing, and the control system itself wasn't on a sanitary network on private infrastructure with exactly zero outside connectivity of any sort -- and no exceptions?  If you needed to work from home why wasn't it done like the DOD does it, where the machine has a nailed VPN that cannot be overridden, the employee has no administrative access, yes, even the CTO and CEO, the USB ports don't work and for the love of God you can't get on Facebook from it because said machine only connects back to a sanitary network with no outside links!

Mobile devices?  Same deal.  Oh, we should do "BYOD" and save money; it would be so terrible to issue corporate devices which can't be used for anything but corporate work and won't talk to anything else either because they too are nailed-VPN.  Uh huh, and get hacked because your employees are snowflakes and demand they can have their cellphones on the corporate wifi which can get out of the building.  Why is that in any way connected to anything internally?  Because it's convenient, that's why.

But -- but -- but I have to have my phone in my pocket wails the snowflake employee, and I will dieeeeeeeee if I have to work in this steel building where there's no signal.  Why it was absolutely terrible in the 1980s and 1990s before such things existed; why, the phone on my desk is not good enough for meeeeeeeeeeeeeeeee!

Then there's the "cloud."  Oh, you put your data and some processing there eh?  How's it connected back to the office(s)?  How secure is said "cloud" and said connections?  Can you, and have you, vetted every employee at said cloud company that has administrative access, including all who have hypervisor access to the underlying machines?  Manage to steal an encryption key or worse, the credentials to issue certificates and such (e.g. into your VPN'd "safe zone") and the rest doesn't matter very much, you know.

Yes, I know cloud is cheaper.  It's also less-secure.  You're not running data and commands to and from such an environment that are rather important for operations and safety, are you?

Let's cut the crap eh?  I know full and damn well how to prevent this sort of thing from happening.  I've done it for a long time.  Indeed part of the problem is that these idiots who cater to snowflakes instead of telling them to shut the hell up and do their job or quit wind up in a never-ending update chase to try to stay ahead of security issues which you will never win and which cause more problems due to programming bugs than if you did it the right way in the first place which is that when at work you work and said networks that do important things have zero connectivity to the parts of the Internet where the bad guys try to break in from -- and that's all of it other than your business' infrastructure.  If you need to tunnel over potentially-unsafe places because it's cheaper to buy connections on a no-guaranteed-bandwidth and transport basis than pull your own infrastructure that's fine assuming you're good with the risk of transport being uncertain but the connection between the two points is nailed-VPN and properly maintained so exactly nothing else enters or leaves same.



If you have some business reason for employees to be able to do research or otherwise on the Internet from your facility then you put a second computer on the desk of each person so-authorized who has a verifiable business reason to do so and it is from there that all such happens, with logs and full accountability.  Anyone who tries to play games with crossing between the two "worlds" is instantly fired.  Any laptop or other machine that has to leave the building has a TPM in it and the disk is encrypted; if someone tries to tamper with it so sorry, so sad, the TPM refuses to unlock the disk and the person who played the game has to bring it back to IT where everything flashable is re-flashed, the machine is reloaded and the employee is fired.

And you never, ever connect any of the important stuff to anything that isn't equally-secure or better.  Which means not on the "cloud" 99.9% of the time.

Yes, folks, I know how to do this stuff.  It is my wheelhouse.  Nobody wants to do it and Warner, along with the rest of the screaming goats in Congress and elsewhere know damn well how to do it because the DOD in fact does it.  

In short Axios is simply mealy-mouthed garbage; they are no more a "news" organization than are any of the others, nor is Congress.

Want to know why?

They're both full of snowflakes too.

View this entry with comments (opens new window)

2021-05-13 07:00 by Karl Denninger
in Editorial , 401 references
[Comments enabled]  

Just wondering, you know.

Colonial's pipeline is allegedly being restarted.  That's nice.  Who's asking why that company is still in business and why we have one firm, with no regulation or oversight, that is responsible for basically the entire fuel supply in the Northeast part of the nation!

Excuse me?

Oh, it's just gas.  Really?

You do realize that without fuel nothing moves.  Not airplanes, not trucks, and not cars.  Would you like some groceries?  That's nice; how do you think they get to the store?  Walmart, for some clothes, or whatever?  Same.  Air freight of all sorts?  How do you do that when there's no fuel to fill the plane or truck back up after it brings your stuff -- or people?

Oh, that's an inconvenience.  Is that so?

Why is your water from the tap safe to drink?  You do realize that the chlorine dioxide (most-often used) or just chlorine itself (somewhat less-often) must be delivered by truck to your local water department, right?  What do you think happens if it runs out?

Same on the other side; flocculants and similar are used on the sewer side.  No capacity to process sewage?  That's a bummer.

Electricity?  I like my wall switch.  When I push it the lights come on.  You like that too, I suspect.  What if there are no trucks to bring the chemicals used to balance the water in the boilers -- oh, you didn't know they needed that -- or the parts to repair something that has broken?

Biden and others assure us we'll have "green energy."  How's that working out about right now?  Exactly how do you intend to replace the diesel truck or aircraft -- and with what do you think you will power them?

Where do those solar panels come from you dream of?  Slave labor in China; literal slave labor.  We haven't known about that for years, have we?  Oh wait - we have; many, many companies that are all listed on our stock exchange and, I remind you, have had very nice price increases.  Gee, the cheapest labor is priced at zero, is it not?

Why else make them in China?  Well maybe because producing them is (1) energy intensive and (2) involves all sorts of nasty process chemicals which, in the US, you must properly neutralize, recycle or dispose of.  In China?  Blow it out the smokestack or dump it in the river.

Then we have the I-40 bridge at Memphis.  An obvious steel structural fracture.  Notice all the corrosion in the pictures near there?  Was it investigated..... and when?  This doesn't look like a break that happened a couple of days ago.  What has the overload (transfer of load) to other structural members done to the rest of the bridge?  What was its original design life and load rating?  Have either been exceeded without proper engineering support?  How do you think they intend to fix this, given that all the other structural members that took the load have now likely been overstressed?  How will they be able to determine if they have, and if they have (they probably have), now what?  Are there any actual engineers in the nation left or were they all diversity-promoted in college and hired on the same basis?  Fortunately there is another bridge in the general area not far away.  Unfortunately using only one of the two means traffic is going to be, well.... nasty.

They're freaked out enough about this bridge and that break to stop all river traffic too, you know.  That means it's not just the vehicles on the bridge that pose a problem -- they're concerned it may not support its own weight and could collapse without warning into the river.

The river in question isn't very important, is it?  It doesn't carry a hell of a lot of barge traffic with a bunch of "stuff" that we all would like to have available to us, does it?  There's a nice convenient way around what is now an effective blockade of said traffic, right?  Oh wait -- there isn't?

How long will that take to resolve?  Does anyone have even a poor guess?  I don't.

Just-in-time inventory management eh?  All coming from China, Taiwan, wherever.

How's that all working out about now, and are you learning anything about how quickly things can go to Hell when even one little private company has a problem?  How well do you think you'd deal with this if the Colonial pipeline was shut down for two or three weeks given how "nice" it all was when it was just a few days, wasn't it?

How many more of these critical infrastructure issues have been ignored in the name of stock prices and scams?

Now there's something to think about.

View this entry with comments (opens new window)

2021-05-12 16:51 by Karl Denninger
in Small Business , 150 references
[Comments enabled]  

Sarah has the leftovers from her van flooring project.

This is the real deal -- not the click-together vinyl stuff, although it is laminate (so not the stuff that $20+/square foot!)  Tongue-n-groove, glued together when installed.  20 full-length boards, 95" x 7.5, so 100 sq/ft, plus a half dozen smaller cut-offs suitable for edges, etc.  Enough to do a modest (10x10) room, entryway, etc.

Any offer considered -- email her directly at if you're interested.  It's in Ft. Walton Beach FL on a "come and get it" basis.  


View this entry with comments (opens new window)

2021-05-12 12:00 by Karl Denninger
in POTD , 100 references


View this entry with comments (opens new window)