One of the "benefits" of being in the home office (or unemployed): You'll receive all the spam calls (Hello, I'm from Microsoft tech support; we found a problem with your computer.
) In addition to all the fake SMS about problems with your DHL package
. But today I got a really nasty "scare" call, and it was surprisingly well made. Let's analyze the psychology behind it:
The call came in at 12:04; I was doing the dishes prior to cooking lunch while watching a video. I suspected a spam call, but hurried to the telephone so that my daughter (who had already returned from the first part of school) didn't have to run down for it. The call started with a frantic young female voice: Papa, I had an accident! I'm with the police right now, and they need to talk to you!
Then there was a hand-over to a young man who spoke good German with a hint of Turkish or Arabic accent, and introduced himself as a police officer from the local police station. They had picked up my daughter after she was involved in an accident, and first needed to confirm my identity. They asked about my relation to her, my birthdate, asked me to confirm my address (where they had my prior residency on record (outdated since nine years, but nothing too surprising with Germany's bureocracy)) and my daughter's birthdate. They then asked (in a tone that quickly turned into an examination) where my daughter was this morning (at school), and how (on foot), then proceeded to tell my that she had ran a red light as a pedestrian, causing a truck driver to swerve and kill a 35-year old woman who had two small children with her. My daughter was now being held and might be put in front of a judge. She had pledged confidentiality and I now was also asked to not tell anyone else about this.
All of this sounded a bit too much like a US law-and-order series than German law enforcement, but without (fortunately) any contact with policy, this was just a bit of uneasiness. It could very well be plausible, especially the confirmation of one's identity due to privacy laws. The handover and questioning was impeccably timed; it kept you occupied and in a passive, responding role, leaving no time to think clearly. The stress of interacting with a police officer in something serious about a family member immediately rises your stress level. Even though I had hurried to the phone to not bother my daughter, I didn't immediately realize that it couldn't been her that has spoken at the beginning of the call - she was at home! That section (I can't tell whether it was pre-recorded or an actual woman talking live) was just long enough to cause an emotional reaction, but not long enough to discover that it's not your daughter's voice.
The policeman offered to help so that my daughter isn't held up any longer, and asked if I could support him. He mentioned potential jail time under youth law due to causing the accident that caused a death.
Still in an excited state, this sounded fishy to me. The accident had just happened, and they're already concerned about the punishment? At this point in time, one's mind is racing. What a bad time; just when my wife is gone on a business trip! Why did she have to hurry; she normally adhere's to traffic rules?! Is this an experiment of her classmates to show how easily people give up their personal information to strangers on the phone?
The caller pressed on, telling me that he could arrange that she'd be released on bail. In disbelief, I countered that she didn't rob a bank or something like that, and that I don't think this is how things would proceed after an accident. To which the caller indignantly replied that he just wanted to help, do I still want to cooperate?
Now this kind of power play convinced me that this can't be real, but 6 to 7 minutes into the call, I'm still a bit shaken, and the heart's beating fast.
Gaining composure, I pick up pencil and paper, and offer to just drop by the police station (which is just a few minutes away), to handle this in person: Who should I report to there, and what was your name again? The caller must have felt this slipping away from him, and retorted with increased aggressiveness: No, listen, in order to free her, you have to bail her out! Are you able to do that?
I asked: What would that involve? I can't say for sure, but typically it's around €50.000! Can you raise that kind of money?
To which I replied: Whew, that's gonna be difficult! You know, I'm currently unemployed…
Click! The caller hung up. The call lasted 8:04; the caller ID was suppressed.
As a technical person, I'm pretty confident at handling fake notifications or support calls (though one shouldn't be too self-assured; everyone is fallible). Most that I encountered were poorly executed, too. (I wonder how these Pakistani call center guys who only speak highly accented English find any presumably older gullible target — the German boomer generation (i.e. my parents) typically doesn't speak English that well, unless they're highly educated.) But this hits different. An accident of a close family member, involving authorities, synchronous communication in an urgent situation that stresses you out and leaves no time to think. Bad luck when there's no one else around who you could grab and put the call on speaker with. Our lizard brains take too much time and are easily manipulated when suddenly put under a stressful and emotional situation.
why, appeal to common sense, and be wary if that is met with increasingly strange explanations.
I'm not sure how this would have proceeded. With that kind of money, the caller went for really high stakes. Asking me to go to the bank and get (at least parts of) the money would raise a lot of red flags. And you don't just wire-transfer money to the policy, neither. And German authorities for certain don't accept crypto currencies or gift cards ;-) (ChatGPT also just suggests these options.)
What troubles me most is the sophistication I've witnessed. I have some empathy with poor folks in some third-world call center that try to make a living by scamming (in their eyes) decadent Westerners; that's what technology paired with globalization has brought us. That guy with the heavy Italian accent that cold-called to sell us his great selection of wines was even slightly amusing. But I have no words for the scum that shock innocent people while impersonating authorities. There are far better ways to earn money with such good language skills and at least basic capabilities to search for personal information on the Internet!
19-Oct-2024
The bicycle path to the Tübingen central station has finally been completed! There's been construction around the lake for a long time, but now there's a new bridge, bicycle-only road, and even a small bicycle-only roundabout. There was virtually no traffic when I first ventured there (and the place is still looking rather barren), but I'm keen to try this out on a warm sunny day (so unfortunately only next spring) when there are many more cyclists around.
Tübingen county really has nice bicycle infrastructure (unsurprisingly, with many students and an ex-green party mayor); quite a contrast to Sindelfingen (a.k.a. Benz town) where signage and dedicated paths are virtually non-existent, and it's really unpleasant to drive. (But then, once you reach the next town of Renningen, there are again very new and nice bicycle paths (towards Weil der Stadt).)
I've been cycling a lot this year (final tally to come), and discovered a whole new set of routes around my home town. The weather this summer has been really great for cycling, and fortunately we were blessed with very sunny and mild weather right up until November. Over the course of the year, I've more than doubled my endurance (which was rather poor after the pandemic and new job that didn't require everyday cycling to the office), and really enjoyed regular tours outside! My touring bike got its second complete overhaul (this time with a modified gear ratio, which further increased the fun and hopefully also the longevity of the gear train).
Near the end of my 73 km cycling tour in Böblingen, spectators blocked the street, and police controlled the traffic. But it apparently wasn't about any celebrities, but the cars themselves! Many were tuned and modded, and sounded like they were broken, producing very loud and unhealthy engine noises. One car that had stopped next to me actually had severe suspension problems; it bobbed up and down like crazy! The (mostly young and male) drivers seemed to have problems with smoothly engaging the clutch. The police could have made a fortune handing out tickets for noise pollution and reckless driving, but somehow they didn't. Or maybe I just didn't understand the purpose of that whole brouhaha ;-)
And (based on the looks and behavior) I guess none of the spectators (despite being mostly young) has ever attended a Fridays For Future rally, neither… What a strange world we live in!
Apparently, they had problems with the behavior of the visitors beforehand:
Deshalb gab es bei vorherigen Motortreffs teilweise lange Rückstaus auf die Autobahn mit Gefährdungen für den nachfolgenden Verkehr. Das war in der Tat nichts und bitten alle Fans um Entschuldigung!
Die Behörden haben uns eine gesittete Abfahrt ohne Gefährdung von Fußgängern und Carspottern auferlegt. Auslöser waren die einzelnen, aber unvernünftigen und heftigen Vorfälle. Eine „gesittete“ Abfahrt ohne Gefährdung von Fußgängern und Carspottern hat oberste Priorität. Safety first!
Although I don't understand the worship of needlessly overpowered and expensive cars, I'm not advocating a ban on them. I'd be in favor of exponential taxation; i.e. make it much most costly to own SUV, muscle- or luxury cars, and use the proceeds to fund affordable, clean transportation. Personal mobility is a basic human right, an arms race on the streets because our public transportation is broken is just stupid (but very lucrative for our industry).
Realization of the day: The number of members of a religion isn't a measure of its strength or "goodness". It just means that its properties makes people more susceptible to it. We also wouldn't say that a virus that infects many organisms is "better". The real measure of success is whether it does more good to the entire population.
26-Jul-2024
Right next to the city hall of Altdorf (where one of my favorite cycling paths leads me to), there's a nice old house with a lion mural painted on the wall. I can't help it but the style reminds me of the botched Ecce Homo restauration in Spain. Makes me smile ;-)
I ordered two paperback books from Amazon Warehouse; they sell returned or slightly damaged items at a discount. I often buy used or returned books, and I don't mind a battered cover, creases, or occasional markings. What I take offence at here is the randomness of the seller's description of the books' condition. I have a huge stack of books waiting to be read, so these purchases aren't impulsive or time-critical; I want a good deal. The condition is the main qualifier for judging that. (With Warehouse deals, the description text has always been a very generic categorization and says nothing about the actual faults.)
Look at this book, designated used, very good:
Though all pages are readable, I think that's pretty much the worst condition to sell a contemporary, non-antique paperback. The big kink in the book's spine complicates the turning of pages, and long-term might even threaten the stability of the binding. Tiny bits of paper will flake off the "bite marks" all along while reading.
Compare that with another paperback, purchased shortly thereafter: Designated used, acceptable, it looks close to new! It definitely hasn't been read (the spine doesn't show any signs of opening it), and the only fault is some light wear at the corners of the cover (which would have happened once it's picked up for reading, anyway).
I contemplated sending back the first one, but it would have been a hassle not worth the low price (a few Euros) and effort (handling and transportation costs), and I guess Amazon would then have just sold it back to the next unsuspecting customer (hopefully with a more qualified rating, though). So I kept it, but it further eroded my trust in the otherwise reputable seller. I had experienced similar incidents already, but this time it's been so blatantly wrong that I felt compelled to write about it. When I started buying from Warehouse (many years ago), I really valued them for their good deals, and felt that they frequently overstated the problems, and I was very satisfied. That's why I'm so sad that apparently the consistency of their ratings has taken such a hit.
At the Learntec '24, a Chinese company (apparently partially state-owned and linked to surveillance technology linked to Uyghurs) presented smart displays and boards on an impressive booth. What struck me and my colleagues was their logo, however. For selling in the West, this didn't feature any Chinese ideograms, but the typical designer's play with Roman characters. I do think that the designer had a far-Eastern background, though, and that the practice of composing Kanji characters out of and around smaller radicals had too much of an unfortunate influence here.
All the people I've asked read the company logo as alhua; although the a is embedded inside a blown-up d character, for Western eyes the proportions of those lines are too different, and this is rather recognized as a lowercase l, with a (silent) swoosh attached to it (like the @ that can be seen as an a with a circle around it). Roman characters read strictly left-to-right; we don't have any rules for characters contained inside another one. So even if the circle + l is recognized as a disfigured d, it would be unclear if the order is a-d or d-a.
It might have worked a bit better if the following characters were less regular and more disfigured and ill-shaped. That would have primed the reader that this is a very "stylish" logo, with its characters "hidden" inside, and maybe caused a mental switch from "reading" to "solving a riddle". I see this as an unfortunate L10N fail that highlights the cultural differences; at least, they got some free publicity out of it!
13-Mar-2024 Watching Tagesschau, Germany's main prime time news, and what do I see? A full Google Cloud private key (the -----BEGIN PRIVATE KEY----- really stands out), including project information, in a news report. I'm not sure whether this is a real key, or just a dummy, but it's a very bad idea to show this on national TV. Actually, the developers should have filtered / obfuscated that part from the script or log output to begin with.
At least it's not the usual ping output or mutliple-terminal-windows-with-htop-running that TV crews seem to like so much to illustrate hackingcoding stuff…
In the normal HD stream, the raw text can already be read (with some effort), considering that higher-quality versions may be available and the quality might be improved by sampling all frames, this is a real security risk.
Knowledge about digital security still isn't pervasive enough in a society that still mostly functions through analog faxes and email at best.