I recently posted about a deal from TDBank whereby you’d get $200 cash back from them when you charged $500 in your first three months. My initial application was declined because I had a credit freeze in place, so I lifted the credit freeze and they were able to re-process my application. My cards arrived on Friday and I called to activate them. While speaking to the customer service rep, he told me that I’d get $100 cash back, not the $200 I was originally offered.
After putting me on hold, he informed me that the offer code wasn’t on my application. Unfortunately, I no longer have the initial mailing. I’ve heard someone (Clark Howard, perhaps?) say to keep those original offer notices, as banks often get amnesia as to what they offered you. Perhaps the code was missing because they had to process my application a second time? Perhaps an employee saw that my initial application was declined, so they took the code off my application to give to a friend, use themselves, or sell on-line? They should be able to look up my address and see that I was, in fact, sent an offer.
I don’t know what the issue is, but the way I look at it, if they won’t live up to the offer that was extended by mail to me, then I don’t want to do business with them at all.
Recently there have been a number of high profile security issues. Heartbleed, ShellShock, and POODLE have all hit in 2014.
I must say that I like the fact that these significant security vulnerabilities are getting these hip nick-names in the media. That means that more and more people who are less technical are going to hear about the issues.
It also means there is going to be bad journalism. Get everyone up in arms about the latest threat, real or imagined.
Today, I ran across this really bad article:
Here’s the sub-title:
We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.
Exaggerate much? This is complete hyperbole.
How can I be sure? Because just about every major site has gone to SSL by default. Don’t believe me? Go to google.com in another tab. You’ll see that you’re redirected to an SSL page, and you’ll have the familiar lock icon visible somewhere in your browser bar. Even social sites like facebook have gone to SSL by default.
What does that prove?
Well, if this hacker really did have a way to get by SSL encryption so easily, without giving the victims any warning at all, then any reporter worth their salt would publish the details, as that would be a HUGE story. On-line shopping wouldn’t be secure. Stock trading, or any other financial transactions would be completely open to prying eyes. And it would matter if it were at a cafe, or from the comfort of your home, you could still be victimized.
But, conveniently, this author included almost no details at all.
How is this hacker able to overcome SSL encryption? I’d guess the answer is via a man-in-the-middle attack, whereby it presents it’s own SSL certificate and proxies the requests to the real website. If that is the case, the end-user’s browser would warn the user that security may be compromised. If the journalist clicked through that warning it was not mentioned in the article. That’s a detail that should not have been glossed over, as it makes things seem far worse than reality.
I can see the possibility that random people would click through an SSL warning without thought, but the fact that there was a warning is not something that should have been skipped. If there was no warning, that would be a story.
I suspect that the journalist who wrote this is not terribly technical. I’ll not assume that he understands exactly what is happening and has chosen to leave out key details to get more page clicks. For that matter, perhaps the original author had those details included, but some editor cut them out to “add more sizzle”.
Publications who wish to have any authority on matters of Internet security should get someone who is technically competent to do their reporting. That doesn’t mean that they need to be a programmer or networking expert, but someone who understands cryptography and is aware of how security works. Chances are good that the typical journalist is no more equipped to report on security than the people who blindly click through those SSL warning messages.
This article makes it sound like the hacker had to do nothing more than sit in the path of the traffic and he could get everything, encrypted or not. If SSL is so easy to bypass, we should all be very worried about the people who work at ISPs, as they could easily do the same thing, but not with the 10–20 people at a cafe, but to tens of thousands of people. ISPs generally have several large circuits that connect to their provider. All it would take is a laptop running wireshark plugged into a mirrored port, and all that data could be captured, to be later decrypted with the magic “decryption software” the author mentions at the end of paragraph 1 under the Session 3 heading.
I just read about the Nexus Player and I’m a bit bummed for two reasons.
1. The Nexus Player has a quad core Intel Atom processor in it. That means talented developers will almost certainly not be able to extract bits from that OS to load on alternative players based on the ARM architecture like the Fire TV. Eventually Amazon may release an update to give us some of the features of the next release of Android, but it will most likely be on Amazon’s own terms. We will probably not be able to simply upgrade our existing boxes and retain root permissions (though there is a possibility). It would have been very nice to be able to simply load an image of the Nexus Player onto the Fire TV, but alas that does not seem possible.
2. The Nexus Player does NOT have an ethernet port. As a networking aficionado, this makes it very difficult for me to see the possibility of me purchasing one. I already have ethernet cabling ran to each TV. Wireless can have some problems, especially when streaming high bit-rate HD video. Wired networks, however, don’t suffer from these same problems. Other wireless devices like my Nest thermostat don’t have these kinds of issues because they simply don’t move that quantity of data. It does support 802.11ac, however, so perhaps it will be capable of moving data briskly enough to avoid problems. Also, there’s the fact that I do not like to run anything less than Enterprise Wireless security. Do I need this level of security? Probably not, but I’d rather have it… Why? Because I work in networking. If the Nexus supports this, I might be interested…
Of course, if I do, I’ll probably be looking to sell at least one of my rooted FireTVs.
This is probably the best credit card offer I’ve seen for a daily use card. This was another offer to me via mail, but they are offering a very similar offer to anyone (only $100 cash back instead of $200).
$200 Cash back after you spend $500 on the card in the first 3 months
5% cash back on purchases for restaurants, groceries, gas, cable, phone, and utility payments for 6 months
1% cash back everywhere elseNo annual fee
That’s quite an offer. $500 in the first 3 months? I’ll likely do that in the first 30 days. Groceries and Gas alone should cover that.
But then there’s the 5% cash back. Every month, I spend probably 100-150 eating out, more if the cafeteria at my job counts as a restaurant. We spend about $300 on gas, and probably $400 at the grocery store (excluding CostCo food purchases). Then there’s the cable bill, and the cell phone bill.
The electric company charges $4.95 to pay with a credit card, but with 5% cash back, I’ll make $15+ in cash back, so the extra fee is worth it.
A quick calculation shows that just on these 5% cash back categories, we should earn $65 back every month. That’s almost $400 over the 6 months, plus the bonus $200.
This offer is public (except with $100 cash back instead of $200) at this link:
Recently, Chase Bank has been sending out offers to set up a checking account with them and earn $200. You have to get it in the mail from them to qualify, but I got this offer at least twice now and decided that the chance of earning $200 was worth looking closer.
Lets get the “Catch” out of the way, right up front:
This is a checking account that has a $12 monthly service fee, unless one of the following is true:
You have at least a $500 direct deposit going into the account
You have a $1500 or more minimum daily balance
You have an average daily balance of $5000 or more in any combination of linked deposit/investment accounts
You’ve paid $25 or more in qualifying checking-related services or fees
To get the $200 bonus, you have to have a direct deposit made within 60 days from your paycheck, pension, or government benefits. After that’s happened, they will deposit the $200 in your account within 10 business days.
The only other “Catch” is that you need to have the account open for 6 months. If it is closed prior to that, they take the $200 back when you close the account. I’ve already added a reminder to my calendar for next May, so that way I know when it’s safe to close the account if I decide to get rid of it. In that case, I’ll change my direct deposit, wait for the first payday that they don’t deposit the money in the Chase account, then go close the account right after.
Anyhow, should you choose to take Chase’s $200, your #1 priority should be to set up a regular direct deposit for a minimum of $500 per month, unless you happen to have $1500 or more to leave sitting in the account all the time.
Depending on how long it takes your employer to make changes to the direct deposit, you may end up having to pay a $12 fee, but certainly most employers should have no trouble making that change within a couple of weeks or so.
Chase has pretty standard banking fees, they charge you for checks, etc. They do have nice technology though. You can do most everything you need to via their smartphone app, including making deposits. They do have ATMs around my city, so I can get cash out if I need to without having to pay a third party for the use of their ATM. They also offer real ATM cards, if you ask. I did, because I don’t want a debit card, due to the fact that a thief could drain your account, and then it’s up to the bank to fix things. Do note that if you take their ATM card instead of their debit card, you can’t use other network ATMs, according to what they told me, only Chase ATMs.
One thing I do like about the Chase account is that a single web login gets me access to my two Chase credit cards and my Chase checking account. With my Discover checking account, there’s a different login for the checking than the credit card.
You may think that juggling various accounts is too much trouble just for a bonus here or there, but I’m using YNAB to manage my money. With it, I am confident that I can keep track of everything, move money around to where it is needed, and get everything handled. All of my accounts are managed through a single app, so everything about my daily finance is in one place. If you haven’t heard of it, take a look: youneedabudget.com
If you are in the market for a new checking account, Discover Bank is actually offering a decent deal.
Through the end of October, they are offering new checking account users a $50 bonus.
What’s the catch, you ask? I looked, and can’t find a real gotcha anywhere.
There’s no monthly fee.
They send you free checks.
Free on-line bill pay.
They PAY YOU for each transaction.
Like many other banks, they don’t pay interest on your checking balance, but the fact that every purchase you make with your debit card earns $0.10, as does each on-line bill pay, and each check you write…
Well, let’s see how that stacks up against my local credit union:
Last month, I earned only .30 on my credit union checking account. During that month, I paid 12 bills via my credit unions on-line bill pay and wrote 14 checks. If I were with Discover bank last month, with all those transactions, I would have earned $2.60.
Now, that’s not very much money, but it’s almost 9 times more than the interest I earned. It would be much more if I used the debit cards to, say, buy lunch each day at work. That alone would be about 20 more transactions per month.
Even if the number of checks I wrote was a bit on the high side last month, I could easily see me earning $2 a month more this way than from Interest, which would add up to about $24 a year in additional income. I generally only buy new checks once every year or two, but the fact that they are free saves another $15-20.
Oh, and the $50 bonus is really nice too! In fact, if I had looked into this before the attention getting “$50 bonus” promotion, I may have seriously thought about switching before now.
As for depositing money to your account, you can transfer from external accounts, do direct deposit, or use a mobile app to deposit checks from where ever you have an internet connection. If you get a lot of cash (waitress or some other tip-based job), you’ll still need a local bank account to take those deposits.
Finally, the closest thing to a catch I could find… The money you earn each month from your transactions doesn’t drop right into your checking account like interest would (that would be ideal). Your “Checking Cashback Bonus” can be deposited in $20 increments as cash in your account, or transferred to a Discover card Cashback Bonus, if you also have a Discover card. Since you can only do things with your bonus in $20 increments, why anyone would do anything other turn it into cash is beyond me.
Personally, I think my bonus will turn into cash in 6-8 months, perhaps less. That will be much faster than the 67 months it would take (at $0.30 per month) to hit $20 in interest earnings. If you are interested, you can go to discover.com and sign up.
This is at least the second year I’ve noticed this happening when upgrading phones.
Any time you upgrade phones, you may be “upgrading” your Data plan without realizing it. Basically, the name changes, but the per-month cost is the same. Specifically, I’ve seen these data plan names:
DataPro 2GB for iPhone
DataPro 2GB for iPhone on 4G with Visual Voicemail
DataPro 2GB for iPhone on 4G LTE with Visual Voicemail
If the monthly cost is the same, then how are they double charging, you might ask? It has to do with pro-rating the charges. To pro-rate your cost, they divide your monthly fee by the number of days in the billing cycle to get a per-day rate, then multiply that rate by the number of days left in the billing cycle. So, if you have 5 days left in your billing cycle, and your effective daily cost is 1.00 per day, the pro-rated amount would be $5.00. This is perfectly fine.
The trick is that they add your “new” plan on the day you get it, and remove your “old” plan the next day. In my previous example, you have 5 days left in your billing cycle, so you’re new plan would have a pro-rated cost of $5.00. The next day, they remove your old plan, and give you a pro-rated refund of $4.00.
If you think about that more than 2 seconds, you should realize that even though nothing really changed (except the NAME of the plan), you are being billed an extra dollar.
In my case, I just upgraded my iPhone, and on my bill, I had this:
Plan Added 09/19:
DataPro 2GB for iPhone on 4G LTE with Visual Voice Mail……………………….$6.67
Plan Removed 09/20:
DataPro 2GB for iPhone on 4G with Visual Voice Mail…………………………….-$5.83
The way AT&T has billed it, I would begin paying for the new data plan on 9/19. They don’t cancel my old data plan until the following day. Basically, I’m paying for both data plans for 9/19.
So, I decided to call to complain. Now, I didn’t get upset on the phone or anything like that. I calmly explained the situation to the AT&T representative on the phone. I didn’t get angry, or loud, or say they were trying to rip me off, or anything of that nature, because, after all, it’s not like he was the reason for this overcharge. I was happily surprised when the AT&T rep credited me an amount far greater than I had been overcharged. If this happens to you, call in, and perhaps you’ll find a friendly AT&T person who wants to do more than correct the problem.