December 27, 2006

This Needs a Rerun: Internet Explorer 7 Handicaps 20 Million Unincorporated Small Businesses in E-Commerce

Note: This was originally posted on Sunday morning, and as might be expected, got little attention. It deserves more.

_______________________________

This subscription-only Wall Street Journal article from Tuesday (HT Precursor Blog via Don Luskin) has a shocker for every unincorporated business in the USA:

IE7 has a security feature that will turn Web-address bars green and display owners’ identities when consumers visit secure sites from businesses verified as legitimate. The color change will be a boon for consumers, who have been barraged in recent years with “phishing” scams designed to lure them to fake versions of popular Web sites, like eBay or their bank, to filch their account numbers. The hope is that the program will help reduce fraud, lift trust and boost e-commerce.

….. sole proprietorships, general partnerships and individuals won’t be eligible for the new, stricter security certificates that Microsoft requires to display the color. There are about 20.6 million sole proprietorships and general partnerships in the U.S., according to 2003 and 2004 tax data from the Internal Revenue Service, though it isn’t clear how many are engaged in e-commerce.

….. Avivah Litan, an analyst at Gartner Inc. and an expert on online payments and fraud (says that) “All the business is going to go to the greens, it’s kind of obvious.”

….. Small businesses are largely unaware of the issue today, but that seems destined to change after Vista reaches the market. “This is a ticking time bomb that is going to explode,” says Champ Mitchell, chief executive of Network Solutions LLC, a Herndon, Va., Web-hosting company and certificate authority.

….. “The Internet has been great for American small business,” by giving them wide exposure at a low cost, he says. “Microsoft all by itself is getting ready to tilt that field again at an 80-degree angle toward large business.”

In a nutshell, here is what the color scheme for IE7′s address bar is supposed to mean:

  • Green — Verified as a “legitimate” (i.e., incorporated) business.
  • Yellow — “Suspicious,” but ONLY because it is not on Microsoft’s so-called “safe list.”
  • Red — Part of a phishing scam, based on information obtained from others and confirmed by “human analysts.”
  • White — Supposedly, when Microsoft has no information about a site, the address bar will be standard white.

Based on these descriptions, obtained from the WSJ article, I have no idea what will determine the difference between “yellow” and “white.” I don’t see any meaningful distinction in the definitions. I can’t even tell whether “yellow” or “white” will be the “non-green” default.

This move’s tone-deafness reminds me of the horrific “smart tags” feature that MS attempted to put into IE6 back in 2001. In that case, MS just assumed it had the right to alter/hijack a site owner’s web pages by inserting keyword-driven hyperlinks into site content linking users to MS-favored partners, advertisers, and affiliates. MS withdrew “smart tags” from IE6 after a firestorm of outrage from site owners (while keeping them in versions of Office, which was an annoying but at least defensible decision).

In this case, MS will in effect be telling users that anyone whose address bar is white or yellow is suspicious, or worse.

I don’t even understand the concern over the legitimacy of secure sites. I can tell you from getting CYMnow.com going as an unincorporated business that getting a Secure Socket Layer (SSL) certificate, and getting approved to process debit-card, credit-card, and Paypal transactions are not easy tasks — despite the fact that I have a Dun & Bradstreet number, an employer ID separate from my Social Security Number, and a physical non-residential business address. In fact, before I could get my SSL cert, I had to get an Ohio Sales Tax certificate, even though there was no way I was ever going to be collecting any Ohio Sales Tax! I also was visited by someone representing the card-processing firm to make sure that my business really is where I say it is.

And for that, people who visit my site using IE7 (i.e., eventually about 80% of the browser market) get to, by default, be unsure about and suspicious of me? What an outrage.

And who really believes that IE7′s color-code scheme will even put a dent in phishing? This link indicates that the average lifespan of a phishing site is one hour (down from one week just a couple of years ago). In fact, the new IE7 regime will actually help phishers avoid apprehension — the moment they know that their site has “gone red” in IE7, they’ll know to shut down and disappear!

Anyway, the vast majority of phishing scams I have seen direct users to unsecure pages (i.e., their web addresses start with “http://”; secure page addresses always start with “https://,” show a lock symbol somewhere in the browser, and often have a site certificate seal). I wonder if IE7 will even go yellow, let alone red, on unsecure pages without site seals until they’re somehow flagged by “human analysts.”

At a minimum, IE7′s address bar color coding should not be allowed to go live until unincorporated businesses can be screened, or until they have the opportunity to get “upgraded” certificates. If that is not acceptable to the folks in Redmond and the alleged security geniuses who cooked up this garbage, they should be forced to abandon the color coding entirely, which I think is the far better option.

I found a URL for contacting Microsoft, though I don’t know if it’s the best available for commenting on this particular matter (e-mail me if you have a better suggestion). Talk about irony — When I went there, I was greeted by this snorter before I got to the form (in two different Mac browsers):

MScertGreeting122406

So will IE7′s address bar be white, yellow, or red for this web page?

___________________________________

ALSO: Scott Cleland at the Precursor Blog has justifiably harsh words for Microsoft relating to the so-called “net neutrality” debate. This mini-excerpt only scratches the surface:

Microsoft’s new anti-phishing feature of its Internet Explorer 7 web browser blatantly discriminates against the 20.6 million sole proprietorships in the U.S. in favor of their net neutrality allies: Google, Amazon, eBay and Yahoo and IAC (Interactive Corp — Ed.).

….. Isn’t it ironic that online companies like Microsoft allege that broadband carriers have the potential to discriminate so they deserve preemptive regulation, but when companies like Microsoft, who have vastly more market power and market share than any broadband carrier, actually discriminate against tens of millions of innocent Americans, that is OK? What kind of “principle” is that?

___________________________________

UPDATE (from Dec. 24): Calling all small business advocates like NFIB, NASE, the Chambers of Commerce, and others — Where are you on this?

UPDATE 2 (from Dec. 24): Here’s an interesting point from a Slashdot commenter

I think any comment about IE7′s anti-phishing system should note that it sends every website you visit to Microsoft. If you care even an iota about the privacy of your web browsing, you should choose “no” when IE7 asks you to enable its invasive anti-phishing system.

Correct me if I’m wrong, but I don’t think you’ll be asked. The default will be to have the anti-phishing system on, and you have to be the one to turn it off — which of course the vast majority of users won’t do.

UPDATE 3 (Dec. 27): When I referred to the possibility of a Microsoft recession a couple of months ago, I was concerned that SLOW adoption of Vista might hold back productivity. With IE7 installations mostly tied to the adoption of Vista, it’s now a legitimate concern that Microsoft’s handicapping of the e-commerce operations and initiatives of small businesses, which have been shown time and again to be the engine of new job growth in the economy, could lead to a recession if Vista IS adopted quickly and the cert providers drag their feet on approving unincorporated businesses.

UPDATE 4: More info — USA Today, AP Hi Tech.

UPDATE 5: Here’s an interesting nugget from a different AP piece

Comodo was among the companies that helped reject the draft guidelines in November, preferring to wait until the group could figure out how to validate smaller merchants.

But Microsoft announced it was moving forward anyhow, saying green bars would start to appear in late January. Comodo and other vendors responded by starting to sell the EV certificates to the larger companies – for hundreds of dollars more than regular certificates to cover the validation costs.

Apparently MS is not getting a lot of flak for going ahead anyway. They should. Their decision is the action of a near-monopoly holder that doesn’t care what users think, and is one of a plethora of reasons to choose a different browser.

OKC Bombing: A Very Quiet Christmas Present for the Truth

Filed under: MSM Biz/Other Ignorance,Taxes & Government — Tom @ 1:34 pm

Lots of people reviled for years as nuts are vindicated. It’s “odd” indeed that AP chose to run this story about the inquiry into 1995′s Oklahoma City bombing on Christmas Day:

FBI rebuked over bomb inquiry
Oklahoma City leads ignored, House report says
Posted December 25 2006

WASHINGTON · The FBI failed to fully investigate information suggesting other suspects may have helped Timothy McVeigh and Terry Nichols with the 1995 Oklahoma City bombing, allowing questions to linger more than a decade after the deadly attack, a congressional inquiry concludes.

The House International Relations investigative subcommittee will release the findings of its two-year review as early as Wednesday, declaring there is no conclusive evidence of a foreign connection to the attack but far too many unanswered questions remain.

….. The report also sharply criticizes the FBI for failing to be curious enough to pursue credible information that foreign or U.S. citizens may have had contact with Nichols or McVeigh and could have assisted their plot.

….. Rohrabacher’s subcommittee saved its sharpest words for the Justice Department, saying officials there exhibited a mindset of thwarting congressional oversight and did not assist the investigation fully.

….. The subcommittee concludes the Justice Department should not have rushed to execute McVeigh in 2001 after he dropped his court appeals, and officials should have made more efforts to interview and question him about evidence suggesting he might have gotten help from other people who remain unpunished.

There is widespread belief that the acknowledged rush to execute McVeigh was designed to ensure that he would NOT provide evidence of “help from other people.”

Reporter Jayna Davis had all of this (and still does) about where the “help from other people” came from. It’s about “Middle East Complicity in the Heartland Massacre.” Though AP writer John Solomon studiously avoids identifying any of the outside parties, Davis’s work leaves little reasonable doubt that there are Middle East connections. The big question is whether those connections run through Iraq, and if they do, what that would say about the previous administration’s response to the bombing and, in light of the inquiry’s strong rebukes to the FBI and DOJ, its willingness or reluctance to pursue and/or reveal the truth.

The “vindication” is in the fact that the inquiry even acknowledges the possibility of foreign involvement, as no other government body up to this time has done so. That’s the best one can ever hope for from a group that has an 11-year investment in the “two lone outcasts” version of events.

Without Davis’s work, and her persistence, it is very likely that the congressional inquiry and report would not have happened. For that, the part of the country with its eyes open, the small number whose eyes will be newly opened, the victims, their families, and ultimately the historical record, owe her a debt that cannot possibly be repaid.

____________________________

UPDATE, Dec. 28: Here’s an excerpt from Jack Cashill’s read-the-whole-thing column today. This debunks the claim that Timothy McVeigh was alone when he drove the Ryder Truck up to the Murrah Building –

In her book, Jayna Davis, tells a different story altogether. She interviewed and names a series of people who saw the Ryder truck and identified McVeigh in the minutes before the blast. These witnesses invariably placed a short, foreign-looking, dark-skinned man in the passenger seat.

In fact, the FBI had been looking for a man who fit this description since they first traced the truck back to Eldon Elliot’s body shop in Junction City, Kan. “FBI spokesman Weldon L. Kennedy said investigators were still trying to identify John Doe No. 2,” wrote the Washington Post April 28, “a man who accompanied McVeigh when he rented the Ryder truck in Junction City, Kan.”

Twenty minutes before the blast in downtown Oklahoma City, employees at a tire store spotted two men of the same description in the Ryder truck, and even gave the men directions to the Murrah building intersection.

McVeigh’s defense attorney Steven Jones put one eyewitness on the stand in the McVeigh trial, the terribly injured Daina Bradley.

“It was a Ryder truck,” Bradley had cried out to rescuers who were in process of amputating her leg to extricate her from the rubble, “It pulled up, a foreign looking man got out, and then before long, everything went black.” The prosecution undermined Bradley’s testimony by pointing to Bradley’s real history of emotional problems, but Bradley made this claim to her rescuers 24 hours before the FBI knew that a Ryder truck was involved.

Bubble, Schmubble Mini-Update: ‘Back from the Dead?’

Filed under: Economy,MSM Biz/Other Bias,MSM Biz/Other Ignorance — Tom @ 11:41 am

Ya gotta love the twisted headline from this CNNMoney.com report by Chris Isidore (bolds are mine):

New homes sales: Back from the dead?
New home sales rise more than expected and prices post gains despite continued rise in completed new homes on the market.
December 27 2006: 11:11 AM EST

NEW YORK (CNNMoney.com) — New home sales and prices both showed surprising strength in November, according to a government report Wednesday.

New homes sold at an annual pace of 1.05 million, up from the revised annual rate of 1.01 million in October. Economists surveyed by Briefing.com had forecast that home sales would rebound to a 1.02 million pace.

….. The median average home price came in at $251,700 in November, up from the $248,500 level in October. The median price, is the point at which half the homes sell for more and half sell for less, had shown declines earlier in the fall due to a glut of homes available for sale on the market.

….. The median price is now back to the second-highest level on record, trailing only the $257,000 level reached in April of this year.

And while the pace of home sales is down 15.3 percent from the white-hot sales rate of a year ago, it’s up nearly 7 percent from the trough hit in July of this year, when revised figures put the sales annual sales pace at just under a million.

Okay, it’s only one month, and I’m not going to claim that a housing recovery is in full swing by any stretch.

But when were new home sales “dead”? If I’d have known, I would have sent flowers to the National Association of Homebuilders. I hope they’ll excuse the oversight.

Cross-posted at NewsBusters.org.

Quote of the Day: On Radically Raising the Social Security Earnings Limit

Filed under: Economy,Soc. Sec. & Retirement,Taxes & Government — Tom @ 9:17 am

From today’s OpinionJournal.com’s feature editorial (may require free e-mail registration), on reasons why NOT to raise the Social Security taxable earnings limit:

One answer is that Social Security was always meant to be run like a pension program where the taxes paid by workers are linked to the benefits they get back during retirement. Eliminating or substantially raising the cap would convert Social Security into an overt income redistribution program. If that is the direction Congress wants to go, we should all then end the pretense that Social Security is some kind of “universal” insurance program and call it welfare for poor seniors.

It is a fact, as noted here last week, that Social Security already is an income redistribution program. Call it “covert,” if you must, but the fact is that it gives people with relatively low lifetime earnings a significantly higher level of benefit compared to what they contributed to the system than middle and upper-middle income earners. Despite the redistribution noted, it is nevertheless a fact that a person’s calculated benefit incrementally increases for every dollar of payroll taxes they put in — just by a smaller amount at higher income levels. The idea that benefits would go up the more a person put in was considered one of the core and not-changeable principles of the program when President Franklin Delano Roosevelt sold the program to the American people in the 1930s.

If this core principle of FDR stays in place and the taxable limit is raised to $150,000, an idea that, incredibly, appears to be on the table now, we’ll see people retiring at their Full Retirement Age with annual Social Security benefits as high as about $32,000 for single people and $48,000 for a married worker and his/her stay-at-home spouse (who gets a half-benefit if he or she is the same age as the working spouse).

My guess is that tax-hungry legislators who want the cap raised don’t want to see benefit levels go that high, and that they will want to move to abandon yet another of the promises that FDR made when Social Security began (along with the one that Social Security benefits would never get taxed, that the earnings cap would never go above $1,400, and many others). I would expect that they will therefore move to limit the income included in the benefit calculations to something lower than the taxable limit; any taxes paid on earnings above the amount included in the benefit calculations will go into the proverbial black hole.

If that indeed occurs, the linkage the editorial refers to will indeed be broken. It will then be very clear to all with eyes that “welfare for poor seniors,” which really has been the correct term all along for describing Social Security (because current workers’ money is what is used to pay current benefits to retirees, i.e., there is no “Trust Fund”), will be the only correct term that accurately describes the program.

_____________________________

UPDATE: Of course, tax-hungry Washington totally doesn’t comprehend the idea that a tax increase this extreme (about $6,000 combined for employer and employee earning $150,000 or more) will reduce the economic growth that could have been achieved, and make solving the long-term funding problem of Social Security that much more difficult, until we’re in a mess similar to that found in Germany.

Old Media Will Continue to Decline As Long As Incidents Like These Continue

This this story clearly has political overtones, it is clearly at least as much a story about a poor series of customer-hostile business decisions.

Specifically, a story interviewee didn’t say something. In the Washington Post, he is said to have said that very thing — it’s perfectly obvious he didn’t, and moreover, never would. The Post’s response to a letter from the person correcting their story is that they won’t publish it because (!) “The author of the piece disagrees with your letter.”

The Post “relents” and publishes the letter in a separate section of the paper nearly a week later, where most readers won’t have the context of the original story.

Cliff May’s Townhall column ensures that thousands more know of the Washington Post’s fundamental dishonesty than did previously.

That is definitely bad for business. And so the decline will continue.

Wal-Mart ‘Comrades’ in China

Filed under: Business Moves,Economy,Taxes & Government — Tom @ 6:18 am

Wal-Mart appears to have gotten its act together in the US after spending most of the summer and fall losing its way.

Not so in China, where it is welcoming the Chinese Communist Party and supposed “trade unions” inside its stores (WSJ link requires subscription):

For a peek into China’s labor market, look no further than Wal-Mart. In North America, the world’s biggest retailer prefers to close down stores rather than tolerate unionized staff. But in China, most of Wal-Mart’s 68 stores not only have labor unions, but six locations now boast Communist Party branches as well. What’s next? Comrade Sam’s Clubs?

The latest Wal-Mart Party cell debuted Friday at the chain’s headquarters in Shenzhen. This followed the company’s decision in July to give in after years of pressure from the nationally sanctioned All-China Federation of Trade Unions. Thirty employees at a Wal-Mart store in Fujian province unionized. According to the ACFTU, it now has more than 6,000 members in Wal-Marts across China. The Party has followed the unions’ path through the front doors.

Wal-Mart spokesman Jonathan Dong told China Daily that Wal-Mart supports the Shenzhen cadres. “We have had this attitude since the trade union was established [in July],” he said. “Both will be good for the development of Wal-Mart in China.”

….. Perhaps Wal-Mart wasn’t given much of a choice, and was chosen to send a message to other foreign-invested enterprises. Which is: We’re watching you from outside, and inside.

I suppose it’s possible the Chinese unions will be as cooperative as those in Japan, as opposed to following the bitterly adversarial model that unfortunately still rules in the US.

But still, I don’t think Sam Walton would approve. In fact, he might be heard spinning in his grave.

This Might Give New Meaning to a ‘Farming’ Term

Filed under: Business Moves — Tom @ 6:13 am

Now THAT would be a “megafarm” (or gigafarm, or terafarm; HT ValleyWag):

Google’s planning a $750m investment in what sounds like a huge server farm in South Carolina, if local press reports are accurate. A shell company, seemingly linked to the search engine, just bought 520 acres near Charleston.

Russia’s AllofMP3.com Being Sued for $1.65 Trillion

Filed under: Business Moves,Economy,Taxes & Government — Tom @ 6:08 am

There’s only one problem with that amount, which is $150,000 per song times the 11 million songs the site allegedly has — It’s larger than the Gross Domestic Product of the entire country ($1.576 trillion in 2005, per Wiki). Collection would appear to be difficult.

RIP, Gerry Ford

Filed under: General,Taxes & Government — Tom @ 6:03 am

It’s hard not to remember the first president you voted for.

Gerald Ford’s all-too-brief presidency was one of those “right place, right time” things. We were indeed fortunate to have such a fundamentally decent man in charge at that point in time. It’s difficult, with 30 years of hindsight, not to think the world would be a better place now if he had won that very close 1976 election (a look at the electoral map shows just how much things can change in 30 years).

Links:
- Presidential Library and Museum web site
- His Bio at the Library site
- His Remarks on Taking the Oath of Office as President (Aug. 9, 1974)
- The Nixon Pardon Remarks (Sept. 8, 1974)
- A very nice lookback (HT Michelle Malkin) written by a reporter who covered Washington in the late 1960s and early 1970s.

RIP, Gerry Ford.

Positivity: From Israeli Orphan to US Reading Specialist

Filed under: Positivity — Tom @ 5:58 am

From Phoenix — I sympathize with the story’s headline writer. I don’t know how you begin to describe how impressive this story is:

Survivor helps kids read hope into life
Dec. 25, 2006 12:00 AM

Aida Payne was born without an identity. Found abandoned in Safad, a town near Galilee in Israel, she was raised in orphanages in Nazareth and Tel Aviv until she was 18.

Although she began life with nothing, she was determined to give other children everything, beginning with the ability to read. This is her miracle.

Today she is a reading specialist at Squaw Peak Elementary School on North 34th Street, a school with a large minority and needy population.

“God put me here for a reason,” said Payne, 60, a born-again Christian. “These children have hope. They have more than I did.”

At 18, Payne left the orphanage and earned a degree in pediatric nursing. At the hospital where she worked, she fell in love with a newborn who, like her, was an abandoned girl.

A year later, she found an American family to adopt the child, and the family sponsored Payne’s move to the United States as their nanny. But the young nanny had bigger dreams.

Bilingual in Hebrew and Arabic, she worked to perfect her English, then took a job as a nurse aide to put herself through school in Texas to be a teacher. At graduation she was told that because she was not a U.S. citizen, she would not receive a diploma. So she worked for seven years to become a citizen.

In 1975, she married Sheldon Payne in Waco, Texas. A miscarriage later broke her heart – the orphan desperately wanted children. Then she gave birth to two daughters, Rebecca and Rachel, and the family moved to Phoenix, where Payne found a teaching job.

Five years ago, Pam Eklund, then principal at Squaw Peak, asked Payne to become the school’s reading specialist.

“The miracle is I’m alive, and I have so much energy,” Payne said. “At school they say, ‘Give them to Aida. She can teach rocks to read.’”