RSS Atom Add a new post titled:

Consider not using UPS or ThinkGeek for reddit's Secret Santa

That's it. I've posted this here since the mods at r/secretsanta removed my post. The message below is what I wrote, verbatim.

This is an update on my previous post. TL;DR: UPS only delivers in office hours and didn't want to deliver to a different address (my office) even if it's a standard service.

Anyway, after complaining to UPS I managed to get it delivered to my office because, well, it's a standard no cost service they say they offer.

My surprise is when the delivery guy says I have to pay 42€ ($54) in taxes and fees. This was unexpected, because the exchange was the one of the ties. He showed the receipt to me, and it seemed correct: the declared value of the shipment was 133€ ($170), so I had to pay 26 EUR in taxes (~20% VAT) and the rest being the UPS "package ransom fee" which amounts to 50% of the taxes (plus taxes on top of that, funnily).

This is the UPS invoice.

That UPS fee is ubiquitous in the world, they always go to customs even if the declared value doesn't require them to, just to charge more for the same shipment with what hey call it brokerage fee. If you (or the store) ship through customs with UPS you're making your giftee pay.

Some links denouncing this, and it's really easy to find more:

I thought for a while and said ok, if my gifter paid $170 it would be a shame to get it returned and it was worth it to pay a fraction of the price.

With a $170 value in a tie exchange I expected a full set of ties, a tie made of gold or something like that. Well, I was wrong: it was a single, geeky but normal tie.

Item and ThinkGeek receipt.

Redditgifts gallery link.

It's not classy, but given the circumstances I checked the price in the website. $30. Fun fact in case I drowned you in currencies and numbers: I paid $54 in taxes/fees to receive a $30 tie because ThinkGeek or UPS declared it as being $170.

I tried to sort this out with ThinkGeek's customer service for several weeks without success. I provided both the UPS and ThinkGeek's receipt, explained the Redditgifts website that they sponsor, but a different person replies each time asking for an invoice. After exchanging a few emails showing no progress I sent an angry one: I finally got an apology and an offer for a $30 refund, that I obviously can't get since I didn't pay them, making obvious they don't read the mails they receive.

At such point I'm fed up, see it's pointless to complain and writing this post.

They never recognized declaring the tie as $170 nor accused UPS of doing so, so I don't know who scammed me (probably UPS because of their track record).

So I hope this serves you as a warning. The overdeclaration issue might be a single event, but if your package crosses customs with UPS your giftee will be asked to pay, which is not cool.

TL;DR: My match paid $40 and I paid $54 for shipping a $30 tie. If it doesn't make sense read above.

Posted Sun Nov 25 00:00:00 2012 Tags:

The Spanish Problem

A lot has been said about the Spanish problem, but most of it is misinformed, inaccurate or plain wrong. I have to correct people so many times I thought I would win some time by writing this entry. This entry can be misinformed, inaccurate and wrong as well, but I think it will provide a wider picture for anyone interested.

That said I am not an economist and my economy knowledge comes from a couple of courses in the University and general interest, so feel free to correct me. Still, my knowledge in Spanish affairs and inner workings is keen and deeper than most Spaniards' is or even want it to be. Also, I'm pretty neutral in politics, so I won't be complaining about this or that party or ideology; too much about that in the Internet already.

The Actual Spanish Problem

The actual Spanish problem is, in fact, two. On one side we have what I will call the Private Problem, regarding production, investments and employment. The other one is the Public Problem, all about taxes, evasion, infrastructures and good old corruption.

The Private Problem (or PriPro)

The PriPro main effect is severe unemployment, and it can be explained in a rather large but single sentence. There's a lot of unemployment because consumption is severely reduced because people have a lot of debt to pay off because they invested in overpriced goods (real estate) that at this point produce little to no revenue because Spain is one of the countries with the highest amount of these goods (around 1.55 homes per family, according to Wikipedia). Punctuation omitted for humorous purposes.

On top of that, a big chunk of the Spanish economy is the services sector (66% of the GDP and 70% of the labor), that while not as large as the one from other countries like France or the US, suffers the handicap of being strongly local, and hence severely affected by declines in consumption. Unemployment is lower in sectors that actually export or offer services abroad, but the cushioning effects are limited.

The Public Problem (or PuPro)

Most people right now would say it's the debt. It wasn't, and while now it is, it is still not THE problem. Public debt was in fact, until the recent rescue, lower in GDP terms than that of France, Germany and the UK, and it's still lower than the US'. So why are the interest rates of public bonds going bananas? I'll talk about that later.

The PuPro is corruption. Spain's public institutions are totally, hopelessly corrupted. I am really amazed that Spain shows similar corruption levels to France in statistics. In my opinion they're not even close, and even if they are, French corruption is parasitic while the Spanish one is outright cancerous.

There is a funny test on how corrupted Spain is. Ask Spaniards if they have a politician relative. Odds are they probably have none. But if they do, then they probably have not only one but several of them, or even they are politicians themselves. Be warned, in the second case you're gonna hurt feelings.

So yes, nepotism is widespread. City councils and both national and regional parlaments and institutions typically sport kins and good friends. If you track some current politicians you would find some families have ruled in some regions since 150 years ago. And yeah, people still vote these guys.

This is not only a problem about elected officials. Since they have the power to open positions for advisors and personnel for administrative affairs, those positions are unsurprisingly taken by family and friends. Except for large and underpaid public workforce (education, health, police), cheating in competitive examinations is really common, usually making announcements silently and with very specific requirements only the person they want can meet.

There's more. A common way to get rich and nobody seems to care about is to spend public money (or not so public, I'll talk about that later) in stupid things made by relatives or business friends. At local level you get overpriced fountains, sculptures, obsolete infrastructures (streetcars) and arguably unnecessary services. At regional level it gets more dramatic and you get unneeded airports: the one in Ciudad Real did cost 1.1 billion euros and averaged 90-110 passengers a day while it operated. Now it's closed, so the final cost is around 10000 euros per passenger. Similar bankrupt airports can be found in Burgos, or Castellón, the latter didn't even get to operate.

But there's more, of course, and here it comes the famous housing bubble (yes, we're still talking about the PuPro despite housing being mostly private). They have power to qualify land as apt for construction at local level. That is city councils absolutely control the supply of land for construction even if they don't own it. That's nuts. We'll come back to this later.

And there's even more. There are (and most are not anymore, at this point after the Bankia merge) financial institutions called savings banks (Cajas de Ahorros). They are private (and we're still in PuPro, yes), work mostly like banks but they have some fiscal benefits compared to them in exchange for two things:

  • Use a certain part of the benefits for socially valuable purposes. Philantropy, grants for studies, research, whatever; that's cool.

  • The board must have members from the government. And this means politicians have a lot of leverage in the operation of the institution, if not total control of it. This is the PuPro part.

The link

Some people at this point can understand perfectly what happend, what is the situation and even how to fix it.

How did people get so much debt? They HAD to buy a house. Since politicians controlled supply of land, prices kept rising, so waiting for buying your own house seemed like a bad idea, both if you wanted to live there or just invest.

The price didn't rise only because of limited supply, but in addition, construction companies typically had to bribe the officials for land to get urban qualification, and that money was charged against the final buyer, of course.

The problem for corrupt politicians to make buck was that prices were so high people couldn't afford houses anymore. Regular banks were not really into the idea of making 40 year mortgages the norm, nor lending to people with questionable abilities to pay the debt.

But 40 year mortgages became the norm, and in some cases up to 80 year mortgages were signed. How? Savings banks. That's it: politicians controlled the supply (and price) of the land, and offered the financial means for overpriced real estate to be bought. They made buck, construction companies made buck, while savings banks were at risk with these operations, but you already know, it wasn't the directors' (read, politicians') money at stake, so they did.

This wasn't limited to housing. For example, the airport of Ciudad Real got investment of 400 million from Caja Castilla-La Mancha (savings bank), and lent money for other of the investors, totallying a 1.1 billion investment for a now closed airport. Unsurprisingly, the two main parties borrow a lot of money from savings banks that magically gets cancelled, as an alternate way of funding, specially since there's a limit, IIRC, of 100000 euro for party funding per funder per year.

I need to say, this abuse over the savings banks was hard, but not enough to leave owners without profits (partially thanks to the fiscal benefits), they didn't complain much.

After all this the spiral arrived. People were kind of comfortably paying their mortgages first, but EURIBOR kept rising and guess what, most mortgages are variable-rate. Consumption started to lower, as growing parts of salaries were driven right into the month mortgage payment. Lowered consumption started to translate into growing unemployment, in turn consumption kept decreasing and people started having problems to pay their mortgages, liquidity problem ensues, and BAM, Spanish crisis.

Unemployment and reduced consumption had effects in the PuPro. Tax collection is reduced:

  • The unemployed can't pay income tax nor social security expenses.

  • Reduced consumption means less taxes collected via VAT and assorted taxes.

  • Increase in tax evasion: workers registered as unemployed so they won't pay taxes; service businesses offering VAT-free, no invoice operations to be competitive.

And this, obviously, makes investors wary about the ability of Spain to be able to pay off public debt.

The fix

Tax collection is a complete mess now, so that's why bonds' rates are bananas. The problem is not the size of the debt, but the current ability to pay it off.

Spain got a rescue plan, theoretically for financial institutions, mainly Bankia and unfused savings banks. The rescue money is public debt Spaniards have to pay, eventually. This makes bonds go even more bananas, and for a lot of people in Spain this is surprising and some kind of conspiracy of the markets.

Anyway, the title of this section is misleading. I don't really know what's the fix, other than attacking the public debt aggresively and fast, and while I have some ideas I don't know if they're enough. Some, more knowledgeable people probably know.

What I know for sure is all the measures until now don't help at all and even worsen the situation.

These are in general the measures taken:

  • Unemployment subsidy cuts: will lower consumption.

  • Public worker salary cuts: same.

  • VAT increase: might increase revenue but will have similar effects as above, and possible increase in tax evasion.

  • Higher payment in health services: lower consumption, again.

  • Privatization of public services: very complex effects, depends on the service. Usually sold cheap and ad hoc (see Endesa, Gas Natural and Eon controversy).

  • Cuts in R&D and education: reduces mid/long term ability to compete.

Everything looks directed at curbing employment, which is the main source of lost revenue in taxes. I won't speak about the tax amnesty because it's really shameful; google about it if you want.

Some things that could be done but haven't been, and probably why:

  • Merge cities. Clusters of small towns and cities should share administration. Why not: many politicians will lose their source of revenue, that in many cases is not the salary. Many councilors in small towns don't have salary, but do manage a relatively large budget and happen to own, directly or not, local businesses.

  • Remove regional councils (diputaciones). They are not elected and most of their actual functions are already in the city halls; city halls can handle the rest too. Why not: these are unelected officials and one of the foulest sources of corruption in Spain. The Castellón airport is one of the outcomes of these administrations. There is too much money to handle and divert and little to no political consequences.

  • Privatize public TV channels. They give no profit and at this point they're not public services anymore. Why not: just like savings banks, these channels are controlled by politicians but they are funded with public money. They happen to be budgetary black holes and tend to do really unlucky investments, for someone's profit, of course. They are turned into propaganda machines by the party in power and it's not even subtle: anchors and directors of news services are usually changed after elections.

  • Encourage exports: loss of local consumption should be replaced with external one. Spanish exports grow steadily and should be reinforced. Why not: no idea. It certainly gives companies independence and reduces clientelism, but that's probably not the reason.

  • Cut subsidies on political parties, labor unions, associations and similar institutions. Why not: it breaks well established clientelar networks. For example, labor unions get public funding for subpar, sometimes even worthless courses for the unemployed, and they play along with the government with milder protests and more support for certain reforms.

  • Eliminate savings banks as they exist now. They might keep fiscal benefits for investment in social purposes, but should not be controlled by politicians, at all.

As you see, no cuts are directed at institutions responsible for the crisis, nor any effort is done in preventing this from happening again. Cuts happen in any other direction, be it beneficial for the economy or not. They just don't touch their nasty businesses.

For this reason, I think the best thing to happen for Spain is a technocrat government, specially if foreign, to be able to cut through this web of corruption. Democratic? No, but I refuse to call democratic what we have now, sheep voting which wolf will lead the herd.

Posted Sun Jul 22 00:00:00 2012 Tags:

Free French practice lessons

It's been over a month living in France, and my french skills are kind of lacking. I attend some classes, but with just two hours a week it can take a while to cut it, and I barely have motivation to study/interact on my own.

But I've developed a method to learn French anyway. A few hours ago I received a commercial phone call, told them I didn't speak French, and they promptly said au revoir. A few minutes ago another call, this time looking for the previous phone number owner. I tried to explain I recently got that number, with little success. An idea snapped in my brain.

Took a paper and made this.

[[!img Error: Image::Magick is not installed]]

That's it. Instead of proactively interact with strangers, reactively try to break the personal record of longest undesired phone call.

Posted Sat Mar 17 00:00:00 2012 Tags:

WhatsApp sucks, yet another reason.

I'm bored to death at the MAD airport, so here's a new blog entry!

You may be familiar with WhatsApp suckiness. You may already know that WhatsApp leaks a lot of personal data, you may also hate the fact that you have to type in a stupid mobile while sitting in front of a comfortable computer (something that most messaging services allow), you may hate WhatsApp for being a retardedly emasculated XMPP client, you may hate everybody using it because "it's free" when it's not, never been and probably never will.

But if you don't usually travel abroad, you may have not noticed this: WhatsApp identification uses your telephone number. That is, WhatsApp treats a single telephone number as a single user. What's the big deal then? I'm the only one with my telephone number.

Well, the problem is that while the telephone number identifies the user; there could be several telephone numbers identifying a single actual user. In entity-relationship terms, the User-TelNum relationship is treated as one to one, while in fact it's one to many. If you travel a lot, you are gonna end up getting a SIM card from other countries to prevent roaming fees. Here's when the bad design hits hard: you change your SIM, your username (that is, your phone number) stays the same. You have to actually uninstall and reinstall WhatsApp to use the new number. This ends up with you reading late the messages sent to the other number, some people asking who the heck are you and additional glitches depending on the software platform WhatsApp runs on.

GTalk's approach is saner: the personal email, while still one to many (you may have a lot of email addresses) it stays the same whatever country you are, whatever phone company you use. And you can type from a computer, of course.

Posted Mon Feb 6 00:00:00 2012 Tags:

Boycott Monster Cable

Monster Cable is the scum of the Earth because:

  • Of retardedly priced HDMI cables. Digital signal works or doesn't, better cables don't provide better quality video as they advertise. A $3 cable will do exactly the same as the $150 one. Maybe the $150 is more durable, but it only pays off as you run through 50 $3 cables. They even advertised them comparing against composite video cables, which is an older, analog, lesser quality technology.

  • They sue the shit out of anyone using the name Monster, including Disney (for Monster Inc.), kid skiing clubs or the Monster Mini Golf mini-golf franchise.

  • They sue you for copyright infringement if you include (your own!) pictures of their products in your online store. I'm looking at you, Dave Tognotti, master troll of IP operations.

  • As an audiophile, their Monster Beats series is way overpriced, akin to their HDMI cables. For their price you better go with some Grado, Sennheiser, AKG, Audio Technica or any other brand that cares more about sound rather than looks or endorsement by some gangsta rapper.

Posted Sun Dec 25 00:00:00 2011 Tags:

Procedural city

Here you have the latest demo/experiment I did in a boring afternoon. A simple procedural city generator. If you click, a shockwave shakes the city! While the code isn't specially pretty, that shockwave function is prepared to be replaced with anything else, so I might eventually hack up some Fourier and make it a spectrum analyzer.

Posted Thu Nov 24 00:00:00 2011 Tags:

Hacking Fugitive blog engine for Disqus

This blog is just a set of static html files generated by a blog engine called Fugitive. Since it's static, comments aren't supported by it.

"Hey, then what the heck is that comment box in there?". That's a commenting service called Disqus. It provides an unified, cloudy comment system for any website. It has a problem, though, and it's that the comments are associated with an URL. As in, you stick the Javascript code in a web page, then you get a comment system right there.

That's problematic in Fugitive, since the index.html usually contains the latest article, so it will show previous comments unrelated to the current article, and it actually happened here.

To fix this, I made index.html just do a redirection to the latest article instead of using it as the index.

Just find the following line in .git/hooks/post-commit:

cp "$public_dir/`head -1 $articles_sorted`.html" "$public_dir/index.html"

Remove it, or comment it, and replace it for the following.

latest=`head -1 $articles_sorted`
echo -n "<script type=\"text/javascript\"> window.location=\"$latest.html\"</script><noscript><a href=\"$latest.html\">Click here for content!</a></noscript>" > "$public_dir/index.html"

You may want to do this in .git/hooks/post-receive if you push the changes to your website-repository.

This way index.html is never used and Disqus comments will actually belong to the articles.

Posted Tue Nov 22 00:00:00 2011 Tags:

Digitally Imported radio

I just subscribed for a month with Digitally Imported Internet radio. Plenty of electronic music, and subscribers get high quality streams (128kbps AACplus and 256kbps MP3). Lower quality streams are free, so if you are into electronic music check it out!

Also, don't forget to check Ishkur's guide to electronic music.. Not always accurate, but always entertaining! Ishkur, we're still waiting for the 3.0 release!

Currently listening to Disco Splatters - We Are Creeps (Sound Supply Electrotech Remix).

Posted Mon Nov 21 00:00:00 2011 Tags:

Hacking Android games: Defender

Defender is a pretty cool game. While similar to tower defense games, it's played manually, so you have to fire arrows and do magic spells with your finger, which is tiring. In addition, there are a lot of upgrades that get progressively more expensive, and it makes it extremely tiring.

Therefore we are going to hack the hell out of it, which is in fact more entertaining. Remember this is arguably illegal since they actually sell you stuff to buff your game, so you're pretty much getting for free what they're selling. The process described is here merely for educational purposes and you should buy play money to support the game.

I'm going to assume you have a rooted phone, some way to get a shell prompt in your phone, and that you use some Unix-like OS, though it may work from Windows systems with some differences. Personally I ssh into the phone and mount the data folders with sshfs, so you may want to do that, or just use the standard copy-edit-upload procedure.

[[!img Error: Image::Magick is not installed]]

After playing a game, taking a peek at /data/data/com.droidhen.defender (location may change in different phones and if you use stuff like app2sd+) would show an interesting file: shared_prefs/save0.xml

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<int name="singleRetry" value="0" />
<int name="magicStone" value="5" />
<string name="goldcheckValue">0a86b7c5ff7164173738a38806067dfe</string>
<string name="magicStonecheckValue">4e29b81cc5d7d3b5396952312579e241</string>
<int name="totalRetry" value="0" />
<int name="gold" value="112" />
<int name="stage" value="1" />
<int name="hardMode" value="0" />

That's some interesting XML. We have four relevant tags:

  • magicStone and gold, they are used to upgrade magic and gold respectively.
  • goldcheckValue and magicStonecheckValue, which look a lot like MD5 hashes and check nobody tampered the values above.

A quick check suggested the hash is salted or it isn't MD5 at all. And if you change the value without changing the check value to something correct, well, it just doesn't work. So we will go after the source code. Yeah, the source code!

The first tool is the one we will use to unpack the application's .apk. Its name is dex2jar, it converts Android dex format into a standard Java jar format.

The apk location will change depending where it's installed; in my case it's here: /data/app/com.droidhen.defender-1.apk. Copy that file to you computer to prevent cluttering the phone up with random files and run:

$ dex2jar dex2jar com.droidhen.defender-1.apk

That produces the following:

$ ls -lha com.droidhen.defender-1_dex2jar.jar 
-rw-r--r-- 1 0x00c0ffee users 381K nov 15 12:39 com.droidhen.defender-1_dex2jar.jar

That's not the source code, yet. Maybe you didn't know, but a .jar is just a zip file with lots of .class files inside!

$ unzip com.droidhen.defender-1_dex2jar.jar
[lots of lines]

Still, .class files aren't the source code we're looking for. Now we will use a Java decompiler. There are a lot of them, I personally use jad. Since there are a lot of .class files I will run the following:

$ find -name *.class -exec jad {} \;

Which decompiles every fscking .class file it finds. It will spit some errors; it's fine, we don't want to compile the code back, just have a peep. A lot of .jad files will appear, and now we will look for anything that looks like an MD5 function.

$ grep md5 *.jad
[snip just in case some developer gets angry]

We've been lucky! It was in fact MD5, there you have the offending line! If you know a little bit of Java, or programming for that matter, you now know how the values are salted! The next step is to salt your own values.

$ echo -n 10ThisIsNotTheSalt|md5sum
5fd2b882d59f61217457c49ccdf89bca  -
[this will give you 10 gold and/or magic stones, shame you need thousands and thousands]
[tl;dr: do your homework]

And edit the XML file.

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<int name="singleRetry" value="0" />
<int name="magicStone" value="10" />
<string name="goldcheckValue">5fd2b882d59f61217457c49ccdf89bca</string>
<string name="magicStonecheckValue">5fd2b882d59f61217457c49ccdf89bca</string>
<int name="totalRetry" value="0" />
<int name="gold" value="10" />
<int name="stage" value="1" />
<int name="hardMode" value="0" />

You can change only one of them if you want, though.

And there you are! Remember the XML editing should be done without the game running, otherwise your edits would be overwritten by the game itself.

[[!img Error: Image::Magick is not installed]]

Now upgrade your stuff to the limit and you just turned an entertaining game into the easiest, most boring piece of game in the Market.

PS: dex2jar/unzip/jad is a three step process that could be shortened with other tools I don't know about.

Posted Tue Nov 15 00:00:00 2011 Tags:

Quasicrystal (Processing implementation)

You may have read about this Haskell implementation of quasicrystals as sum of cosine waves.

Well, you have my Processing implementation available, which adds color mapping, works in realtime and has some interactive controls.

I will try to release the source code in a few days.


Posted Mon Nov 14 00:00:00 2011 Tags:

This blog is powered by ikiwiki.