Author: Shawn K. Quinn

The exposure of a weasel, part 2

This entry is part 2 of 3 in the series The exposure of a weasel

Recap: In our last episode, I had just revealed how Jason Hoeffer used an offsite Javascript link to fool naive potential customers into thinking he was from the same city they were living in.

I continued posing as a potential customer, and clicked the “click here” link that purports to be available for only the $2.95 shipping. Having my previous skepticism thoroughly validated, I carefully looked at the terms and conditions. I was not surprised at what I found:

Upon submitting a request for Membership, a Member ID and Password are assigned to you and can be used to gain access to googletreasurechest.com. The initial shipping and handling charge of one dollars and ninety seven cents, includes the google treasure chest kit as well as seven days worth of access to the online directories and training. After seven days, if you choose not to cancel, you will be billed your first monthly membership fee of seventy two dollars and twenty one cents for the membership fee for the googletreasurechest.com membership.

Okay, the initial shipping and handling charge as listed here is a dollar lower. Someone forgot to update the T&C document with the new one. So a week later you get hit for $72.21, spelled out in words to make it much less obvious.

Membership fees will be charged to the credit card used by you to complete the transaction. You have also unlocked a fourteen-day trial and twenty one-day trial to the Fraud SafeLockID and GrantSpring for just $38.84 and $24.87 a month thereafter (shows as “SafeLockID” and “GrantSpring”) should you choose not to cancel.

These bring the total up to $135.92 if you don’t cancel in time.

Prior charges for all programs are non-refundable but bonus subscriptions can be cancelled and future charges stopped at any time by calling toll-free 866.951.1406 Monday – Friday 9am – 5pm. All offers come with a monthly newsletter.

Translation: Not only are we going to bilk you for almost $140, we’re going to spam you.

Skipping down further:

We handle all charge backs and reversals as potential cases of fraudulent use of our services and/or theft of services.

The nerve! The hypocrisy! The absolute, unmitigated audacity! After luring people in with what is arguably fraud itself, Jason Hoeffer turns around and says “if you ask for a chargeback, you’re a fraudster.”

After this, I decided the privacy policy was only worth a quick skim. I uncovered this little gem:

THE COMPANY MAY SELL OR TRANSFER INDIVIDUAL INFORMATION TO AFFILIATES OR THIRD-PARTIES FOR ANY PURPOSE IN COMPANY’S SOLE DISCRETION.

That speaks for itself.

More to come…

The exposure of a weasel, part 1

This entry is part 1 of 3 in the series The exposure of a weasel

On a recent visit to Facebook, I stumbled across an ad which links to a Web site jasongetsrich.com showing a $5000 check from Google, and the opening line “Get paid $5 to $30 for every website link that you post on Google.”

The most obvious item I found, however, was that the paragraph after the check said “Thank you for visiting my site. This is Jason Hoeffer from .” Exactly as so, without the city name. It made me wonder what was going on.

I browse on Firefox (and another similar browser, Iceweasel) with NoScript. Allowing Javascript temporarily to all the sites using Javascript from this page filled in that blank space with “Houston.” Well, I’m in Houston. I wonder if that’s coincidence? Could Jason Hoeffer really be from my hometown?

Looking in the HTML source code revealed that the city name was inserted with a bit of off-site Javascript. My skepticism that this Jason Hoeffer guy is really from Houston just grew tremendously. Someone legitimate should not need to use Javascript to insert the city where he or she is from.

Retreiving the script (by itself) via Tor a few times confirmed what I thought. I got Vienna, Paris, and Columbus on three separate attempts. Someone from outside Houston has confirmed that indeed, for her Jason is from a city near where she lives.

The ad may well be off Facebook by now, as I reported this to them.

Morals: don’t take everything at face value, and browse with Javascript off by default. Sometimes, it’s best to assume someone is a pathological liar until you have hard evidence otherwise.

But there’s even more. (To be continued in part 2…)

Obama’s high speed rail missing a couple of pieces

A recent Inhabitat article brought to my attention by Karen Walrond shows Obama’s well-intentioned high-speed rail plan. I like the idea of high-speed rail in the US; it is long overdue, as the President admits.

However, there is a glaring omission on the map, as highlighted by Karen in her original tweet. There are no links planned from Houston to any other Texas cities. The omissions do not stop there: the “South Central” network does not connect to any other networks. Houston to Austin? Gas up the car, because it’s not happening on the train. Dallas to St. Louis? Forget it. Likewise, getting to, say, Chicago won’t be easy from the Big Easy (New Orleans).

I can understand leaving most of the western states out of the plan simply because there are more cows than people across large portions of states like Wyoming and Montana, and likewise for Iowa and Nebraska where there are almost certainly too many well-utilized corn fields to consider building any serious high-speed rail.

But really, Houstonians want to go places besides New Orleans and further down the Gulf Coast. Riding a high-speed train beats the heck out of uttering profanity at traffic while driving down I-10 to San Antonio.

HPD officer harasses photographer

I just happened to see this photo and its horrifying narrative in the description when browsing my Flickr feed. Three additional photos follow this one, but all have the same description.

Of particular note are these two quotes from the photographer’s narrative:

…if I was in any way impeding his work, I would be glad to comply with his orders, but otherwise I would continue about my business. He insisted that I was disrupting his work by taking photos as he “doesn’t want his picture taken.”

Upon noting my refusal, Officer Hudson reached for my camera, as if to take it out of my hands. I pulled back and again reiterated my point that I was in my rights to take the photos. He stated that I could either delete my photos or he would arrest me for obstruction of justice.

One of the pictures shows an HPD cruiser with unit number 37622 and Texas exempt plates 104-0046. Unfortunately this is the only identifiable vehicle from the pictures. This along with the date and approximate time (March 3 at around 6pm), and location (Hidalgo near Post Oak Boulevard) should be enough to identify exactly who Officer Hudson is, including badge number.

This is a clear-cut case of abuse of police power, as well as a violation of the standards by which decent people live.

Skittles adds Twitter turquoise to its rainbow

So I was up late checking out Twitter, reading some of the URLs posted, as well as the occasional refresh on Flickr to see the latest happenings in a couple of groups I’ve gotten really active in, and other miscellaneous things. And then this caught my eye:

mashable: Skittles has changed its entire homepage to a Twitter search – brave! http://skittles.com/ #skittles

Well, not entirely true. As served, there’s a Flash movie overlay that first asks for your birthdate (I never found out exactly what changes for over/under 18 or 13, and I am assuming nothing changes for over/under 21 since the last Skittles I had weren’t vodka or rum flavored). Get past this, though, and indeed you see the Twitter search as a backdrop.

I think from then on the next few tweets of mine tell the story best:

skquinn: @mashable and it didn’t take long for someone to say “%$&# you Skittles, %$&# you in the eye”

skquinn: wow. news of Skittles changing the site to mainly show a Twitter search spread, and the profanity/vulgarity starts *flying*!

skquinn: We have a “%$&# you in the eye”, a “suck my %$&#”, a “spam the %$&# out of that”, and it gets even better #skittles

skquinn: someone did a “#$%* #$%* #$%* #$%* #$%*#$%*er mother#$%*#$er and #$%” — yes, Carlin’s seven dirty words! #skittles

There were certainly others I missed or didn’t really think were quite as notable. I think things have calmed down enough now, of course we will no doubt see the occasional bozo that says “look I can tweet a swear word and it shows up on skittles.com” but overall this is the gutsiest marketing move I have seen in a while (except for the unnecessary dependency on Flash), so much so that I’m probably going to buy a couple of bags of Skittles next chance I get.

Incidentally, the rest of the Flash movie-based navigation on the new skittles.com takes you to a Facebook page, a YouTube account (or a YouTube search, can’t remember right offhand), and the Skittles account on Flickr. There is also a link to the Wikipedia article on Skittles which shows up if you have Javascript disabled; I am guessing this may be what’s switched in by the birthdate check.