Diligent consumers don’t do that. They pay their bill off faster than fees can be incurred. It’s the other consumers, the undisciplined and the poor, who get sucked dry by fees. These are not the demographic of international travelers. One demographic is subsidizing another.
The interesting thing is that if you’re in the diligent demographic, you can make the shitty bank lose money. Profit from those they exploit is the same whether you create a loss for the bank or not.
I’ll have a brief look but I doubt ffmpeg would know about DVD CSS encryption.
Knee-jerk fix: we make a FOIA request for the data that was removed.
But the shame of it is that FOIA reqs are not gratis, which means we have to pay again for the data. Elon’s DOGE office would just see it as a success that they are getting extra compensation for the data.
If anyone is writing or maintaining a playbook/handbook for how to run an authoritarian regime, removing open data would be a play to add.
It’s possible that it’s an accident, but unlikely IMO. The accidental case is overload and timing fragility. Tor introduces a delay, so if a server already has a poor response time and the user’s browser has a short timeout tolerance, then it’s a recipe for a timeout. Firefox does better than Chromium on this (default configs). But I tried both browsers. At the state level I think they made a concious decision to drop packets.
It’s also possible that they are not blocking all of Tor but just the exit node I happened to use. I did not exhaustively try other nodes but I was blocked two different days (thus likely two different nodes). In any case, this forum should help sort it out. Anyone can chime in with other demographics who are blocked, or tor users that are not blocked.
(edit) ah, forgot to mention: www.flsenate.gov also drops Tor packets.
infosec 101:
If users who should have access (e.g. US taxpayers) are blocked, there is an availability loss. Blocking Tor reduces availability. Which by definition undermines security.
Some would argue blocking Tor promotes availability because a pre-emptive strike against arbitrary possible attackers revents DoS, which I suppose is what you are thinking. But this is a sloppy practice by under-resourced or under-skilled workers. It demonstrates an IT team who lacks the talent needed to provide resources to all legit users.
A mom and pop shop, sure, we expect them to have limited skills. But the US federal gov? It’s a bit embarrassing. The Tor network of exit nodes is tiny. The IRS should be able to handle a full-on DDoS attempt from Tor because such an effort should bring down the Tor network itself before a federal gov website. If it’s fear of spam, there are other tools for that. IRS publications could of course be on a separate host than that which collects feedback.
This is not a news forum. It’s a boycott organisation and support forum. Do your boycotts tend to last less than 1 year? That’s not really impactful. (which is not to say impact is the only reason to boycott… I boycott just to ensure that I am not part of the problem, impact or not)
I have been boycotting Mars at least since 2018 when I found out they spent $½ million lobbying against GMO labeling in the US. Even if they were to turn that around and pay more money to lobby for GMO transparency, I would still boycott their vending machines. Not just because they got caught in a data abuse scandal, but because they lied about it, which means they cannot be trusted with technology.
Don’t Canadian insurance companies want to know where their customers are? Or are the Canadian privacy safeguards good on this?
In the US, Europe (despite the GDPR), and other places, banks and insurance companies snoop on their customers to track their whereabouts as a normal common way of doing business. They insert surreptitious tracker pixels in email to not only track the fact that you read their msg but also when you read the msg and your IP (which gives whereabouts). If they suspect you are not where they expect you to be, they take action. They modify your policy. It’s perfectly legal in the US to use sneaky underhanded tracking techniques rather than the transparent mechanism described in RFC 2298. If your suppliers are using RFC 2298 and not involuntary tracking mechanisms, lucky you.
You’re kind of freaking out about nothing.
I highly recommend Youtube video l6eaiBIQH8k, if you can track it down. You seem to have no general idea about PDF security problems.
And I’m not sure why an application would output a pdf this way. But there’s nothing harmful going on.
If you can’t explain it, then you don’t understand it. Thus you don’t have answers.
It’s a bad practice to just open a PDF you did not produce without safeguards. Shame on me for doing it.. I got sloppy but it won’t happen again.
That would indeed be the practical answer assuming he has a credit card with those protections. Credit cards not issued in the US or UK often lack chargeback protections in non-fraud situations.
Note as well that even in the US the chargeback merely moves the money back to the consumer and does not affect legal obligations. If AXS were motivated, they could sue the customer in that case and likely point to a contract that indemnifies them from software defects and incompatibilities.
I think most banks have a threshold where they eat the loss. I did a chargeback once for around ~$20 or 30. Then I found out that the bank’s cost of investigating the chargeback exceeds something like $50, so the bank just takes the hit instead of the merchant. I found that a bit disturbing because a malicious or reckless merchant has no risk on small transactions. But in the case at hand for $200, the bank would likely clawback the money from AXS.
Yeah, I could get some counciling for that problem. Then the invoice from the counselor would be evidence for court. I should probably also buy a CD by Mika, with that song “Relax, Take it Easy” as a destressor. Then bring that receipt to court as well.
If you think it’s over the money, you’ve missed the plot.
There is an ethical problem with how they operate. If you let them get away with their shenanigans, you support them. I will not. Fuck banks. And fuck their shenanigans. When they pulled this shit, it became my ethical duty to cost them. Their postage cost exceeds the value of the check, and their phone operator costs are high. So I’m happy to ensure their profit-driven exploitation backfires fully.
Mobile deposits: most banks have scrapped remote deposits via web. Most banks are happy to exclude those not on their exclusive smartphone ecosystem and try to push you into Google’s walled garden to obtain their forced-obsolescence app (so Google can know where you bank after getting a mobile phone subscription in order to activate a Google acct). Anything to cattle-herd boot lickers onto the bank’s closed-source spyware app is part of their game. The ethical problems with this could fill a book.
I tried hacking together an Android emulator to take a JPG of a check and emulate the camera within the android v/m using the linux gstreamer tool. I tried that back when I was willing to briefly experiment with a closed-source bank app I exfiltrated using Raccoon. Shit didn’t work with the banking app.. it was too defensive. I was lucky the app even ran on the emulator. Many banking apps detect the emulator and refuse to run.
Can’t reach an ATM for deposits from overseas. But also, when I am in the country, it’s a long drive from the house to an ATM.
So deposits by mail are the most sensible in my situation.
The idiot who charged the interest was just the first fuckup. And it’s not a significant fuckup. The notable fuckup here is the deliberate corporate-wide policy in how they deal with small credits that leads to a paper check in the mail. It’s the shitty policy that disables them from fixing their fuckups. A fuckup is fine if they can fix sensibly. But this is not the case here.
IIUC, it’s what the Scots call a running goat fuck.. which is fuck up after fuck up on top of fuck ups.