Saturday, July 26, 2014

The summer blahs

I'm morally opposed to the common advice that you shouldn't shop for groceries on an empty stomach. When I'm at the grocery store, if I'm hungry I'll buy all the things I will want when I'm back at home and crave something. It's a win-win system.

But lately, I've been in a bit of a dip. There have been many things pressing for my attention, both at home and at work, including a number of distractions that seem to be the easiest to attend to. Given all the things that are vying for my time, eating is one of the ones that has fallen far down the list.

I've written before about forgetting to eat, but that's primarily about when I'm engrossed in a task and lose track of time. This is a bit different. Eating has fallen from a reward to a chore (in which I rarely find myself engrossed). In other words, it's gone from "ooh, I can't wait until the next time I eat at..." to "what, I have to eat again? But I just did that yesterday!"

I know that if I don't floss often enough, I'll get cavities, but that doesn't mean I'm keen on flossing. It takes a conscious effort to remember to do it. That's how I feel about eating right now. "Sigh, I guess I'll go out for lunch before I pass out or get a headache." Or, "I'm meeting someone for dinner in three hours, I should grab some lunch soon."

And then, once I've decided to go eat something, I can't decide what (well, not yogourt). I work in downtown Ottawa and there are plenty of great places to grab lunch, but nothing really sticks out in my mind as "hey, I like going there! How about I just go there!" particularly not among healthier options. It doesn't help that I'm a picky eater who doesn't like most things that make food "interesting" (spices, curry, tomatoes, mushrooms and more...), and that food I do like doesn't like me (the many many things derived from dairy, because they put cheese in everything).

My nocturnal lifestyle doesn't help. My workday is time-shifted so I can avoid morning and afternoon rush hours, as well as the lunch rush. Before the Mayflower closed I enjoyed eating lunch there, where I could take an entire booth to myself in the early afternoon instead of cramming into a tiny seat at noon with everyone else. (Side note: I miss the Mayflower! A photo I took from there was the main image on the Wikipedia entry for OC Transpo for over three years) Similarly for fast-food places: when you only have a limited time for lunch, why take it at a time where you'll have to spend much of it waiting in line?

The downside to this is that lots of lunch options dry up after a certain time in the afternoon, and similar problems exist for late night dining. Maybe if I had a lunch buddy I'd be more adventurous.

I avoid cooking mainly because when I do cook it's hard for me to start early enough to be done eating at a reasonable hour. The time I spend cooking can be spent catching up on other errands that I can't outsource to any of zillions of local establishments.

Also, I'm very fickle about what I eat. I am fortunate that I can afford to eat out for most meals, and that's important because I never know in advance what I want to eat. If I were to put a frozen item in the fridge in the morning to defrost it for dinner that night, I wouldn't see it again until days or weeks later, when its colonists make first contact with me declaring their shelf of the fridge to be an independent republic.

This indecision has been worsened with my recent lack of interest in food, since I don't even have last-minute cravings to pounce on. I remember incredulously seeing "lack of interest in food" in a list of symptoms for something at some point, and now I know what it means (hm, come to think of it I wonder if it's a side effect of my pills...). In his 2006 Ted Talk, Sir Ken Robinson talked derisively about how intellectuals consider their bodies as mere vessels to carry around their heads, and I have to admit that's a paradigm that fits me. My body will only cooperate with me if I give it food, and my brain wants to spend as little time and energy as possible doing so unless it's fun so let's just get it out of the way and read a newspaper or watch the latest Daily Show episode so I don't have to pay attention to the fact that I'm eating.

Which takes me back to grocery shopping.

I was at the supermarket the other day, and I did have few items on my shopping list so I wouldn't forget them. But when it came to picking out food to eat for the coming week (mostly prepared meals, since I try to buy produce from smaller shops instead of the big stores), I wasn't interested in any of it. I had a vague sense that I had bought certain items before and enjoyed them, but couldn't at all gauge whether I'd be likely to want to eat any particular one in the coming week.

You think shopping for groceries on an empty stomach is bad? Try doing it when you're not interested in food at all!

(And yes, I do give generously to the food bank. Hunger is a terrible thing.)

- RG>

Thursday, March 27, 2014

Internet radio goes to shit

I received a notification from that they were killing their streaming radio service as of the end of April (for which I was paying a whopping $3/month). The notification was actually very useful, with clear links to useful pages such as how to cancel the auto-renewal on my subscription, etc.

They have a beta version of their new player, which I tried... briefly. It appears to embed Youtube videos of copyrighted songs into a player, ads and all. One of these ads was over 2 minutes long, which doesn't work for me because I like to go into another room and let the songs play, with my cursor over the "skip song" button if I don't feel like listening to one. Yes, you can click to skip the ad after five seconds, but then I'd have to fiddle with the cursor and that's not worth a paid service.

Also, the sound quality sucks. I'm not talking a snooty "mp3s have compressed audio and you don't get the same experience" type thing. This sounded like they were running the audio through a telephone line and recording it on a wax cylinder.

So time to find a new online radio service.

I looked around at a few. There are a couple that don't work in Canada.

I'd heard the name Grooveshark thrown around and I'd thought I'd check it out. Naturally, to do this, I typed "" into my browser and got to their homepage.

The homepage appears to be the service itself. No introductory text or even a brief description of what type of service it is. Just a bunch of buttons and click-draggy things and tools for using it. After a few seconds of staring at the incomprehensible interface looking for a link for "About", "What is Grooveshark?", or "Start here" (of which there isn't), my screen was greyed out and replaced with a "you have flash disabled" warning that I couldn't dismiss without closing the page.

Eventually, I made my way to the help page, of which there were no useful options either to describing what the service is. The closest I could find was "how to use the service after setting up your account." Why the hell should I set up an account if I don't even know whether this service even remotely resembles what I want??

I know what you're thinking: JFGI. Go to the Wikipedia entry for Grooveshark.

But do I really want to use a service that can't even describe itself (or at lest can't be bothered to)?

As a courtesy, I thought I'd let them know that their website does a shit-poor job of turning interested visitors into users and customers, through a support form on their help section (I think I filed it under "bug report"):
Looking for replacements for and someone sent me to Grooveshark. Trying to figure out what it is or how it works but there's no "about" or description anywhere, not even on the help page. wth? (Not to mention that I couldn't even look around at it because I couldn't dismiss the "flash player blocked" popup).

Could Grooveshark serve as a replacement for my needs? Maybe, but I'll never know!

Perhaps not the clearest, but I think I got the point across.

To their credit, they responded relatively quickly, but that's about the only credit they'll get. The response itself was so spectacularly obtuse I feel compelled to share it with you:
Hello. Thank you so much for your patience and please accept my sincere apologies for the inconvenience. Will you please complete the steps below in Internet Explorer OR test Grooveshark from a different web browser (preferably Google Chrome

**Please note the steps below will reset IE to default settings. Your bookmarks, extensions, plugins will be removed.**

1. Open Internet Explorer
2. Go to
3. Follow the instructions on the page

Here's the Getting Started Help article for Grooveshark as well.

Please let me know how it goes. I would like to help.
So to sum up:
  • I asked them for a general description of their service (or more specifically, I pointed out that they do not make such a description easy to find)
  • They sent me instructions to wipe my Internet Explorer (which obviously wasn't the browser I was attempting to use because it doesn't even have the ability to block Flash!)

I don't know why I even try sometimes.

Oh, and if I've given Grooveshark a pass, where am I now? I'm looking at Deezer. Haven't looked hard yet (I still have a month of left), but it's got a clear yet unobtrusive "What is Deezer" link on the sticky bar, and the description one finds there is clear and clean.

Friday, January 03, 2014

Have your Google Analytics stats fell since Blogger started the country code TLD redirect?

[Edit: This did not work. Now my analytics are showing even fewer results. Apparently you're supposed to enter the code in Blogger under Settings > Other > Analytics Web Property ID. We'll see if that recaptures both the .com and .ca traffic...]

A couple years ago, Blogger started redirecting all of their users' blogs from to blogname.blogspot.xx, where xx is the country code top-level domain (TLD) for the country that the user blogs from.

I noticed this at the time and was skeptical that this wouldn't have unintended consequences, but I didn't particularly care because at the end of the day I'd rather have a .ca blog address anyway (though I could certainly see issues for people who blog while abroad or blogs published by various international collaborators). Other people did care and they found ways around the redirect.

But tonight while checking my blog stats, I noticed something strange. My stats had been down for the last couple years, and this is normal given how godawfully rarely I post, and how minimally relevant my posts tend to be. I also figured that when Google Analytics fucked up their interface and got rid of the old dashboard that gave me the most useful information all in one place, they also fucked around with whether pageviews or visits or visitors was the key statistic, and how this was counted.

It turns out that my skepticism was indeed accurate: it was only counting hits on, and missing most of the visitors who are coming to!


In Blogger's built-in stats, it says I had 846 pageviews in December 2013:

Meanwhile in Google Analytics, only 146 pageviews were reported for that month, less than 20% of the traffic that Blogger was getting! And it should know, since it was serving up the pages!

The fix is not difficult, but it's also not the most obvious. It also isn't retroactive. In Google Analytics, click on the Admin button at the top right, select the relevant 'property' (i.e. your blog), and select "tracking info". Then turn on "Multiple top-level domains of [blogname]." The multiple subdomain option will also turn on automatically if it isn't already. The code in the text area below will change:

Then go into your Blogger admin page, click on the Template settings, open the HTML view and replace the old Google Analytics code with your new code. One of the articles I skimmed over while looking for solutions suggested you should put it in the <head> tag because the script might not get run if it's at the end of the page body and there are other scripts that mess with visitors' browsers.

I couldn't find any articles that specifically identified the Blogger problem and connected it to this solution, which is why I'm blogging this now, even if it is a couple years late. However, I won't necessarily be able to tell if doing so increases my blog traffic because I should be expecting an increase anyway after this fix. I guess I'll just do it for the good of humanity.

- RG>

Thursday, December 26, 2013

Hiding in the FedEx logo is something you might not have noticed...

No, not the arrow between the E and the x. Everyone knows about that. Can you see what the other thing is?

It's that FedEx is short for "Federal Express", but some marketing idiot figured it would be good to add another "Express" on to the end for good measure. I guess this is for the division of Federal Express that actually is Express and the other trucks all say 'FedEx / Eventually".

- RG>

Friday, November 08, 2013

One big CFL scam

Sorry football fans (and critics), this is about Coompact Fluorescent Lightbulbs, not the Canadian Football League.

I think I've documented previously that I can be obsessive about things. (In ironic contradiction to that claim, I'm not going to bother linking to an illustrative previous blog post.) I also like having some sort of validation (even anecdotal) of claims I make or causes I defend. That is to say, I am a critical thinker.

In this vein, I didn't vigorously defend the little mercury buggers when a certain friend of mine, the kind who, on principle, doesn't use a green bin, told me that he switched back to incandescent bulbs after trying a set of CFLs.

He told me he tried CFL bulbs once but it didn't last nearly as long as it was promised to last, so he switched back to incandescents. For those of you just joining this decade, compact fluorescent lightbulbs are those little curly bulbs that are supposed to provide the same amount of light for about a quarter of the electricity, thus saving you more money than the much higher cost than traditional incandescent light bulbs.

Like a good little environmentalist sycophant, I use the bulbs and generally go along with the groupthink that they're better. (There are various arguments about the mercury contained in the bulbs vs the amount of mercury released in the generation of electricity for the less efficient incandescents, but since I don't have air conditioning I like that they don't put off as much heat)

For the record, my friend also complained that they took longer to get to turn on (and, subsequently, to get to full brightness). I no longer notice this myself (i.e. I've gotten used to it) but I must admit that it does take a second or so for the lights to come on.

But about the price, I wanted to contradict my friend, and tell him that the lights are rated for many years, so he must have gotten a dud. And the bulbs have gotten better since he would have tried them. But I wanted to be able to say this with the confident knowledge that my own experiences with the things were consistent with this claim.

This was a problem.

Sure, one remembers generally replaces the lights in one's house, but given how long they last, who can really say with confidence how long any particular one lasts?

This guy, that's who.

For the last couple years, I've been writing in fine-tip Sharpie the date of purchase and installation on my lightbulbs, and hanging on to the packaging (which is necessary anyway because I need a way to stockpile the old bulbs, since I don't get anywhere near any place that takes returns of these things, even though there are plenty of places that sell them)

Lo and behold, tonight I replaced a bulb in my bedroom ceiling fixture, and written on the bulb was "purchased 2012-10-28 Home Hardware Glebe, installed same". It was from a Sylvania 3-pack of 100-watt equivalents, and the other two bulbs were still fresh in the package in my closet. Incidentally, to my friend's point, the packaging has a little "Instant On" sticker.

My bulb's usage did not have any of the contraindications: no "dimmer, electronic timer or photocell, illuminated switch, totally enclosed recessed luminaires, or where directly exposed to the weather". So, being just barely a year old, it died well before it's 9-year warranty. The fine print on that is based on "normal household usage in accordance with package and bulb directions", which is to say an average of 3 hours a day, 7 days a week.

I figure I use my bedroom light for more than 3 hours a day, but I'm pretty confident I don't use it for 27 hours a day, which is what would be needed to reach the bulb's 10,000 hour lifespan.

So okay, the bulb died and the warranty obviously applies. So where do I get my replacement? Turn back to the fine print on the side of the box: "if this bulb does not last for the time period guaranteed...return bulb, proof of purchase, register receipt and your name and address to OSRAM SYLVANIA Inc, 435 E. Washington St., Winchester, KY 40391-2298. OSRAM SYLVANIA will replace the bulb. This replacement is the sole remedy available, and LIABILITY FOR DIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES IS HEREBY EXPRESSLY EXCLUDED [except in states where we're not allowed to exclude it]..." (all-caps original)

So for a set of three bulbs I bought for $14.99 plus tax, I'm going to have to spend how much to ship the bulb to fucking KENTUCKY?!? And that's just the first bulb; if I only use the other two one after the other, I'll have to wait another two years at the current rate to get through them to send all three back together. I mean, if I send in the proof of purchase etc with only the first bulb, I won't be able to get replacements when the other two die prematurely. But what if the other two bulbs last 4 years each? Then by the time I ship them back the warranty period will have been over, despite each bulb lasting less than half its expected lifetime.

But do you know how much it costs to ship things to the U.S.? I'm guessing somewhere between five and ten bucks at the slowest, cheapest rate. And then what? I'll get another bulb that will last a year, and for thirty bucks I'd have three bulbs plus three replacements that lasted for a combined total of 6 years when each one was supposed to last for nine?

I think my skeptical friend may be on to something, since thirty bucks could buy many many years' worth of incandescents (or would have, had Dalton McGuinty not banned them).

So let's summarize:
- bulbs don't last anywhere near warranty
- it costs as much or more to claim warranty as to just buy new bulbs
- BlackBerry's autoreplace changes correctly-spelled words for no reason
- you're not supposed to throw them out due to mercury, but there's you can't take spent ones back to where you bought them (for places downtown, at least)
- I'm still going to be using them

That last one is for two reasons: one, the heat factor. Two, they're still cheaper.

As five bucks a pop, if we assume 3 hours a day 7 days a week, and if we assume 5 cents a Kilowatt-hour, these 23-watt "100-watt equivalent" bulbs save me $4.21 per year over incandescents. Factor in the fact that I likely use it more than 3 hours a day and 5 cents a kWh is the rate before your hydro bill gets more than doubled by fees and taxes, it still saves me money.

So then the only unresolved question is, how do I punish Sylvania for this? I've already spent an hour writing this blog post, so that could be $20 or so of my own time. Why not go all out and play into their game. Here are some ideas:

- send the bulb in a bubble envelope so it will most likely arrive broken when they open the package
- waste at least as much of their time on the phone and responding to emails so their payroll costs match what I paid
- send by UPS with paperwork that triggers UPS to charge the recipient the fixed customs fee of $40
- hire a lawyer to sue them for $15 (hm... or a class-action...)
- send Sylvania a Canadian football

Ah, but this is all a pipe dream. Truth is, just like those weasels gambled, I don't really care to do anything about it, over a five-dollar-a-year investment in lightbulbs.

Except blog about it.

- RG>

Friday, August 23, 2013

On the economics of leftovers: it's probably better not to

At the end of dinner last night in a Chinese restaurant, there was the inevitable discussion about who will take home the leftovers.

As with other elements of bistromathics, this can be awkward, indeterminate, and occasionally testy. If not handled sensitively, everyone--including the person who takes the leftovers--can end up feeling worse off.

So for the question, "who takes home the leftovers," we are presented with a prisoner's-dilemma matrix of outcomes. Except the central assumption of the prisoner's dilemma is that everyone has the same goal: that a smaller prison sentence is better than a longer one. With leftovers, it isn't a given that each person will consider it to be a benefit to bring home more leftovers than fewer. For example, a vegetarian will not be interested if the leftovers contain meat. Or a monster.

At least the nature of Chinese restaurants simplifies the options by separating each dish into its own leftover container, so taking home a vegetarian dish doesn't necessitate taking home all the other dishes, including the meat ones. But it does add complications. With containerized leftovers, the question now must be broken down from "who takes the leftovers" to "who takes which leftovers?". In effect, the question gets multiplied by the number of dishes: "Who takes the chop suey," "who takes the fried rice," "who takes the fried tofu," "who takes the bird's nest?"

The other complicating factor is that some people would prefer not to take any leftovers home. So the question of "who takes home which leftovers" is further broken down into "who wants to take home which leftovers?"

The problem we encountered last night, despite being a small group with only one vegetarian, was that the vegetarian was interested in taking home the vegetarian dish, but nobody was particularly keen on taking home any of the rest. It eventually got narrowed down to whether I or another person was going to take home the non-vegetarian dishes. The other person had a regular lunch on Fridays, so they wouldn't be taking it in for lunch today. My fridge is generally where leftovers go to die.

So for both of us, the desire factor was low. We've already asked for it to be packaged, so somebody's got to take it. The question has at this point devolved again from "who wants to take home the remaining leftovers" (answer: nobody) to "to whom will the remaining leftovers be assigned for the purpose of being taken home?" In other words, who doesn't want them least?

Probability to the rescue!

I tend not to like labels, or categorizing things into black and white. Everything is probabilistic. Will I die tomorrow? I can't say no, but the probability is very, very low.

And one last assumption that had been hovering over the conversation was that whoever took the food home would eat it. So I offered up the fact that there's about a 50% chance of the leftovers being eaten if I took them home. I knew this and this was factoring it into my decision, but it was not known to the remainder of the group.

All of a sudden, this cemented the decision. My competitor for the leftovers didn't particularly want them, but if they brought them home the leftovers would get eaten (convenient, since this happened to also be the person who paid for the meal).

The central goal of leftovers is to not let the already-prepared food go to waste. A 100% chance that they will be eaten versus a 50% chance that they will be eaten makes the decision much easier.

Were it not for that, we might still be at the table wringing our wrists about who would take them home. At least we'd have something to eat.

- RG>

Wednesday, July 24, 2013

My mother's maiden name was Phil

I'm one of those people whose last name is the same as his mother's 'maiden' name. I'm also one of those people who, because of this, decides against using his mother's maiden name as a 'security' question. Especially when something as important as my bank account is involved.

Unfortunately, Scotiabank is one of those companies that thinks that, in today's world of everybody splattering their biographies across the internet, one's mother's maiden name is a secret that can only be transmitted through the vault door at Fort Knox with an umbilical cord.

Some time ago, I changed what I had listed at my bank for "mother's maiden name" to something else. Damned if I know what I put. So every time I call up the bank, I have to explain this so they can skip over to another set of somewhat obtrusive questions (including "employer", of which I have multiple). Invariably, they don't care because as far as they're concerned, they have to ask me a question and I have to answer it, and they needn't concern themselves with the degree of difficulty of this question or the degree of security afforded by this.

But today, I was trying to buy something online when I was presented with a "Verified by Visa" confirmation screen—ostensibly for my bank—which required me to enter my "mother's maiden name". I tried a couple things but it didn't work. There was no 'back' button so I could pay instead with PayPal, so I had to close the window. When I called up the company to see if the purchase went through, they informed me that the response from VbV wasn't even necessary unless I had set it up with my bank.

Naturally, I went to my bank website to see if I could find out whether I'd set up Verified by Visa. I didn't realize that I was on my 'new' Windows 8 laptop (which I've since relegated to secondary status under the old, reliable Windows XP beast which it had been intended to replace), and I mustn't have logged into my bank account from that computer before, because it asked me for another security question.

Damned if I knew that one, either. Let's look at the list of security questions available (from which one must pick three, and subsequently all three of which must be answered correctly if one is logging in for the first time on a new computer, or on a public computer). Remember, a good security question is one that is easy for you to understand and difficult for an identity thief to figure out. Most of these fail:

Where did you go on your honeymoon?
What was the name of your elementary school?
What was the name of the street on which you grew up?
Obviously, some of those might be obscure questions for some people, but the ones that aren't mindnumbingly obvious are, by definition, difficult for the user to remember also (the obvious ones would be like the BFF one talks to and about all the time on social media or the high school graduation year in one's Facebook timeline or LinkedIn profile). For example, I have two grandmothers (as I'm sure most do), both of whom are still alive. If I used that question, when I go to answer it, would I remember which grandmother I chose? And would I have chosen the town she grew up in, the town she lived in when I was a child, or the town she lives in now? Will I spell it right?

My paternal grandfather's first name isn't so easy either. He went by an English name, a French name, and a a nickname, and the French one had an accent. When I try to remember what I put in there, do I remember the name I called him, or since banking is formal business, did I use his formal first name?

My cousins span two generations. Did I pick the oldest of all my cousins or of my more familiar younger group of cousins? Did I put only their first name or full name?

And as for elementary school and growing-up street, I went to at least three different elementary schools; I'm sure many people grew up living on many different streets. Or maybe someone's parents still live on that street where there's only one school nearby. Either way, it's either hard for me to remember or easy for a hacker to figure out.

The rest of the questions are even more wishy-washy:
What is the name of your first employer?What was the first name of your first manager?

What is the last name of your favorite teacher in elementary school?
What is the name of your first pet?
What is your favorite hobby?

What was the name of your first girlfriend/boyfriend?
I once applied for a summer job with the Ottawa Police when I was in university. I was told to list every.single.employer on the job application, and not wanting to lie to the Police, I did. My first one was a paper route. Actually, it was a flyer route. My first 'manager' was a lady who met me once at her suburban house to tell me how to do the job and whom I never saw or heard from again. The HR person at the police service told me that I was a stellar candidate but my references didn't check out because this lady whose name I had to dig through innumerable boxes of files to find didn't remember working with me. (That taught me the dual lesson of the importance of lying to the police and lying on job applications. Come to think of it, I don't think I've ever gotten a job I applied for, except for a really rotten one...)

So when it's months after I set these security questions and I'm trying to remember the answer, did I put my first.job.ever or my first 'real' job? These are the types of questions I don't have to contemplate when updating my LinkedIn profile because I don't goddamn have one.

'Favourite movie' is one of the questions I remember Blogger asking me nine years ago when I set up my account, in order to put in my public profile (go figure, it's still there). I remember this because it got me thinking, "what a stupid fucking question is that?"

Please tell me I'm not alone, and that most people don't have a single favourite movie, book, hobby, etc. that hasn't changed in decades. If you have one dominant hobby, like knitting, it'd be easy for you to remember, but chances are you talk about it a lot and maybe you have a blog about knitting, so it would be dead easy for an identity thief to figure out also, so you wouldn't really want to use it as a security question. Or maybe, a year from now, you forgot that you set up your security question when you were in your quilting phase and can't figure out why "knitting" doesn't work when you try to type it in.

Oh, by the way, Scotiabank the Canadian banking company: in Canada, it's spelled "favourite".

In fact, the only one question of that batch I can think of that is fairly definitive and that's "What did you want to be when you grew up?" It's definitive because I became that. But damned if I can remember a year from now if I typed "curmudgeonly old man" or "grumpy curmudgeon" or simply "get off my lawn".

In fact, I think I asked them to put something akin to "get off my lawn" as the answer to "mother's maiden name" and thought it was pretty clever except that I've forgotten which kin I aput it to.


Another flaw of these security questions is how they're presented. If you primarily use one computer to access your online banking, and that computer is your personal one, and you don't have your browser configured to kill all cookies on exit, then you can set it to remember you so you don't have to answer the security questions each time. The problem is, when it does come time to answer these questions (say, because you had to reinstall your browser, or you got a new computer, or you're checking in from a wireless café), you don't remember which of the decisions you made in how you answered these questions because you haven't had to answer them in so long because it was disabled on the primary computer from which you access it.

This is a feature, not a bug, according to the call centre agent who reset my login tonight. She suggested that setting it to not ask me the questions again on this one computer would mean that I wouldn't encounter the questions again, and the implication was that I wouldn't have to worry about remembering the answers to the 'secret questions' at a. I guess the script Scotiabank gave her was written by someone who doesn't understand the philosophy of cloud computing (or Internet banking, for that matter) where you can access stuff from different computers.


I don't think the bank really cares about security, it just wants to have a cloak of plausible deniability in the event of fraud. I mean, who's to blame if my account gets compromised? If I went to my home branch (which evidently isn't the one I thought it was, though the phone rep wouldn't tell me which one it was) and asked them to change my "mother's maiden name" to my mother's actual maiden name—even though it's not the least bit of a security question for me—would they blame me for using security questions that are too easy if my account got compromised? Or maybe I would be protected so long as I've checked all the boxes. Not that I care. Even if the bank is responsible and reimbursed me for wrongful expenses, I would be the one who'd have to suffer the fallout from having his identity stolen, credit likely damaged, and the paranoia (or worse, the reality) that the thief might have used it to infiltrate other areas of my life.


I did have a security scare once. Long story short, it got me worried that my Google/Gmail account had been compromised. I discovered that Google has a feature whereby you can get it to send a six-digit number to your cellphone via text message whenever you log in, and you must enter this number into the login page before it lets you in. It can also send you the number via a phone call. As backups, it has alternate phone numbers and you can get a set of single-use codes in the event you don't have access to your cell phone. You can tell it not to do this on 'trusted' computers (you'll still need your password to log in).

Not only is this a very secure method of protecting your log in, but it also is a built-in way of telling if someone else is trying to log in to your account (it will certainly tell you they've got your password!). Not only is it secure, but it also doesn't require me to answer a bunch of silly questions.

Twitter recently enabled a similar feature, though it doesn't have the voice call or backup codes options, and naturally the first time I tried logging in to Twitter from another computer I was behind an impenetrable wall of steel and concrete, thereby missing the text message.

Why can't the bank do this?

Whenever I'm conducting a transaction at an unfamiliar retail store with my credit or debit card, I'm always worried about the security of my card. Is this a real card reader charging me 9.95 for the large pho or is it a dummy reader that's set up to record my card number and PIN? Sometimes I deliberately enter the wrong PIN the first time to make sure it rejects the bad code.

I am horrified by the 'paypass' credit cards where you just have to tap it and it takes up to $30 out of your account without having to so much as press a button, much less enter a code.

It would be much more reassuring if, each time my credit card was authenticated, I got a text message with the amount and store name.

In the meantime, I'll have to put up with the bank's ridiculous security theatre. I think I'll tell them my mother's name was Phil.

- RG>