Five Reasons Obamacare Legislation Failed; The Worst Legislation Money Can Buy; Putting the Patient in the Driver's Seat

Here's an exceptionally well written, on-target email from Claudette, an occupational therapist from Michigan, in response to my post Physical Therapist in NY Chimes in on Health Care Costs.

Claudette wants to "Put the Patient in the Driver's Seat".

Claudette writes ...

Hello Mish

I do not disagree with the PT who wrote to you about consolidation of hospital systems resulting in increases in cost of care, but there are other pertinent problems to consider.

For example, in the current system, the physician and hospital make more money if they perform more services...so there is an incentive to order more tests, do more therapy and generally "do more to make more".

Under the ACA, there should be one bundled payment per diagnosis/incident.

What I suggest is not new, or radical. Medicare instituted DRGs or Diagnosis Related Groups with inpatient day and dollar limits per diagnosis 38 years ago (I was just beginning to work as an OT then).

DRGs drastically cut the cost of inpatient care and spawned the development of new service models including inpatient rehabilitation centers, Homecare and rehab in nursing homes, none of which fell under the constraints of the inpatient DRG.

Was this good? Yes, getting out of the hospital earlier is less expensive and healthier. There is no better place to get really sick than in a hospital.

Healthcare will not be truly competitive or cost effective until the patient is the one in the drivers seat. The patient should be informed, empowered to make care decisions and should pay the bill.

The bill should be discussed and agreed upon before service, whenever possible. Service prices should be posted so that consumers can comparison shop.

Right now patients are the point of service but are not part of the decision process. ACA did not change that and, in my mind, that is its greatest shortcoming.

Claudette

Obamacare, the Worst that Money Can Buy

As I reflect on all the emails that I received, it is readily apparent that numerous healthcare professionals understand precisely what is wrong with the current system.

So, how come none of the numerous existing problems were fixed?

Five Reasons Obamacare Legislation Failed

1. Lobbyists wrote the ACA legislation. When Nancy Pelosi stated "We have to pass the health care bill so that you can find out what is in it", she was referring to you , me, and Congress. An extremely tiny number of people knew what was in the bill: lobbyists for hospitals, lobbyists for insurance companies, lobbyists for HMOs, and lobbyists for major pharmaceutical companies. 
2. President Obama was more concerned about his legacy than anything else. He wanted Obamacare at any and all costs and was willing to sign any piece of legislation, no matter how poor.
3. Politicians in general do not have the public's vested interest in mind. They have their own reelection efforts in mind. That statement holds true regardless of which political party you support. 
4. Lobbyists and industry PACs donate massive amounts of money to politicians from both parties. That is why we do not allow drug imports from Canada. That is why there is an explicit law that prevents government from bargaining with drug companies on prescription drugs. That is why the US pays the highest drug costs and highest healthcare costs of any nation on the planet. 
5. Republicans for the most part were more concerned over stopping Obamacare than improving the healthcare of citizens of the United States. The irony here is Obamacre is essentially the same as Romneycare.

So here we are, stuck with the worst legislation imaginable.

As Claudette suggests, we need to put the patient in the driver's seat. Unfortunately that is in the vested interest of only the patient.

Who speaks on behalf of the patient? The sad answer is all too apparent: no one that the president or Congress listens to. They are all beholden to lobbyists, their legacy, and their reelection campaigns.

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

Introducing Mobile App Indexing on Search: a better experience for mobile search users

Here's some great news from Google’s search team: In-app content is now becoming visible in Google search. Starting today, users on Android devices can jump straight from Google search results to pages inside an app.

For Google Analytics for mobile apps users, this opens up a new world of insights into areas like revenues, engagement and overall app usage.

We've reposted the original blog post below. And if you haven't already, try Google Analytics for mobile apps for powerful insights into how users engage with your app.

There are many reasons to build or not to build a mobile app as part of your broader mobile strategy. For instance, while apps offer a rich user experience, users can’t access them through Google Search like they do websites. Today, we’re announcing a new Google Search capability, app indexing, that will start to make apps more accessible through Google on Android.

Let’s say that a user is searching for a movie. With app indexing, Google will begin to include deep links to apps in Android search results. When the user taps on the “Open in app” deep links, the app opens up directly to the movie in question.

In this example, in order for the app deep links to appear in search results,

• The Flixster app supports deep linking
• The Rotten Tomatoes website has specified that the Flixster app page is an alternate for the web page
• Google has indexed the Flixster app to determine relevance
• The user has installed the Flixster app

The end result is that users will have a seamless search experience when accessing your app content through Google.

Google is currently testing app indexing with an initial group of developers including AllTheCooks, AllTrails, Beautylish, Etsy,Expedia, Flixster, Healthtap, IMDb, moviefone, newegg, OpenTable, Trulia, and Wikipedia. Deep links for these applications will start to appear in Google search results on Android, in the US, in a few weeks.

How to get started

If you are interested in enabling indexing for your Android app, you can learn more about our developer guidelines at developers.google.com/app-indexing and sign up. We are expanding our app indexing efforts and will gradually include more developers over time.

Posted by Chaesang Jung, Software Engineer

Hollande's Tax Everything Plan Blows Sky High With Riots by Farmers; Hollande Backs Down on Ecotax, on a Tax on Savings, On Corporate Earnings; Something For Nothing

President Francois Hollande wants to balance the French deficit by taxing the rich, taxing the poor, taxing trucks, raising the VAT, and increasing the tax on corporations.

That policy blew sky high this week in a storm of riots by Brittany farmers.

Please consider French Gov't Backs down on Truck Tax After Riots

French Prime Minister Jean-Marc Ayrault on Tuesday indefinitely suspended the introduction of a green tax on trucks following riots at the weekend in the Brittany region.

 The move comes three days after a protest by hundreds of food producers, artisans and distributors in the western Brittany region ended in the worst riots in the area in years.

One person was seriously injured in clashes between police and a group of around 1,000 demonstrators, who blocked a national road with convoys of vehicles and tonnes of produce on Saturday in protest over the tax.

Bretons say the levy will squeeze the already wafer-thin margins of the region’s struggling chicken, pork and other food producers.

The protests were seen as the expression of growing frustration nation-wide with the escalating tax burden on businesses and households.

Taxes have risen 70 billion euros (96 billion dollars) in the past three years, as France battles to shrink its budget deficit.

The truck tax, which is to apply to all vehicles of over 3.5 tonnes that use French roads, aims to raise 1 billion euros a year towards the development of rail and river transportation.

French Way of Getting Your Message Across

Mr. Ayrault denied that the government had caved in to the protesters.

“To be courageous is not to be obstinate; it’s to listen and understand,” he said after a meeting with Breton lawmakers and several Cabinet Ministers.

In France, riots, strikes, and mass protests work.

This is the second time this week, and third time in a month that France rolled back a tax.

Hollande Backs Down on Ecotax, on a Tax on Savings, On  Corporate Earnings

Bloomerg reports Tax Revolts Hit Hollande as Farmers, Soccer Clubs Protest.

French President Francois Hollande’s taxes, among the world’s highest, have made strange bedfellows out of the country’s soccer clubs and farmers in Brittany.

Revolts against a series of levies have erupted with protests by farmers in Brittany against a trucking tax on Oct. 27 leaving several people injured, and soccer clubs refusing to play a round of league matches in November to oppose a tax on salaries of more than 1 million euros ($1.38 million). Hollande has said he won’t budge on the millionaire tax, while Prime Minister Jean-Marc Ayrault said today he’s suspending the levy on truckers transporting agricultural products for now.

The Socialist president, who turned to increased taxes to narrow the country’s budget gap, has backed down on other levies in the face of objections. On Oct. 27, he gave up on a plan to lift taxation on savings, just weeks after backing off a new levy on corporate earnings.

“The cumulative effect of these retreats is that they confirm in many voters’ eyes that the government is struggling to govern,” said Bruno Jeanbart, a director of Paris-based pollster OpinionWay. “Even Hollande’s own supporters question if he’s up to the job. The problem for the president is that every time there’s good news, it’s marred by political errors.”

Hollande’s ratings in polls have sunk, making him the country’s most unpopular president. A BVA poll published last night showed Hollande’s approval rating dropping six points in the past month to 26 percent, the lowest level for any president under France’s current constitution.

The revolts reflect discontent with taxes that have risen by 70 billion euros in three years. France’s tax burden was 46.3 percent of gross domestic product last year, up two percentage points from 2011 when it was already the third-highest in the world behind Belgium and Denmark, according to the Organization for Economic Cooperation and Development.

“There’s no more room to raise taxes,” said Laurent Dubois, a professor at the Institute of Political Studies in Paris. “The French feel taxes are going up and purchasing power is going down. They voted for Hollande thinking they’d afford austerity; that the rich would pay. They realize now that that’s not possible. There aren’t enough rich people.”

Not Enough Rich People to Tax

Socialists are all in favor of raising taxes (on somebody else). When Hollande ran out of rich people to tax, he simply taxed everybody.

Those generally supportive of tax hikes then revolted in a riot of "not me" protests.

Support for Tax on Soccer Players is 83%

Apparently there are not enough soccer players to matter. By a massive margin, the "Not Me" protesters support Hollande's 75% tax rate on millionaire soccer players.

On soccer clubs, Hollande has said he intends to hold his ground on a pledge to tax salaried earnings of more than 1 million euros at a rate of 75 percent for two years. French soccer clubs said last week they won’t play a round of league matches during the last weekend in November to protest the tax.

For some unprofitable clubs, the extra burden is a threat to survival, according to the Ligue de Football Professionnel.

“The consequences of this measure will be dramatic,” said Frederic Thiriez, head of the LFP, said in a statement. “France must be the only country that taxes money-losing companies.”

The clubs, which are canceling matches between Nov. 29 and Dec. 2, are asking the government to abandon the tax.

The million-euro salary levy is one that is popular. About 83 percent of French say the soccer strike is unjustified, according to a poll by Opinion Way for LCI television.

For now, Hollande says he is not backing down on taxing soccer players. I guess there are not enough of soccer players to matter (at least until games are cancelled, tax revenue plunges, and people who want to see the games riot).

French Want Something For Nothing

Hollande has promised to cap the deficit mostly by shrinking spending next year. That won’t make the French happy either, said Emmanuel Riviere, a pollster at TNS Sofres in Paris.

“The French want the deficit addressed and spending reduced but they don’t want to give up their services and social protection,” he said. “Faced with this contradiction, Hollande has been ambiguous. The result is that the French are now suspicious that the government isn’t telling them the truth.”

Making a Choice

“If we don’t have the tax we can no longer restart public works projects, renovate roads including the high-speed train links that all lawmakers are asking us for,” he said. “We will have to make a choice. We will have to find an agreement.” said Industry Minister Arnaud Montebourg.

Well, perhaps Montebourg should ask if people want tax hikes to support those things. Then again, the answer would likely be "Yes, But ... Not On Me!"

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

Physical Therapist in NY Chimes in on Health Care Costs

Reader "Chris", a physical therapist in private practice in New York, pinged me about Obamacare and rising health care costs in general.

Chris writes ....

Hello Mish

I wanted to comment on your recent posts regarding Obamacare. Most of the criticism from you, and others, has focused on the issues and difficulties surrounding the website, dropped coverage, legal disputes, and rising costs you called "Obamashock!"

As a healthcare provider, I would like to point out a seldom heard critique regarding competition and hospital consolidation.

A cornerstone of ACA (Obamacare) is promotion of Accountable Care Organizations (ACOs) intended to be fully integrated systems, capable of taking patients through a complete continuum of care.

Allegedly, ACOs would reduce price.

However, a recent study on the Impact of Hospital Consolidation by the Robert Wood Johnson Foundation found the opposite was true.

Providers and the specialty groups remain in isolated silos. The hospitals merge simply to increase their market share and ability to leverage higher fees from insurers, which they have done.

Four Points From the Study

1. "The Patient Protection and Affordable Care Act (ACA) promotes Accountable Care Organizations (ACOs) and the bundling of payments across providers for an episode of care (bundled payments), both of which encourage consolidation between hospitals and physician practices."
 
2. "Hospital consolidation generally results in higher prices. This is true across geographic markets and different data sources. When hospitals merge in already concentrated markets, the price increase can be dramatic, often exceeding 20 percent."
 
3. "Hospital competition improves quality of care. This is true under both administered price systems, such as Medicare and the English National Health Service, and market determined pricing such as the private health insurance market. The evidence is more mixed from studies of market determined systems, however."
 
4. "Physician-hospital consolidation has not led to either improved quality or reduced costs. Studies find that consolidation was primarily for the purpose of enhanced bargaining power with payers, and hence did not lead to true integration. Consolidation without integration does not lead to enhanced performance."

Contrary to the success of these hospital systems in raising their rates, private practice physical therapy, the sector that I work in, has seen inflation adjusted reimbursement down 40% between 1992 and 2012.

Medicare has cut physical therapy reimbursement an additional 16% more since 2012. 

Private payers (insurers) also continue to cut our reimbursement each year. The difference between private practice and these large hospital systems remains the relative leverage they each have in negotiating for higher reimbursement rates.

Private practice has no leverage and major systems have an unreasonable amount of leverage. This is why physicians across the US have migrated in record numbers towards hospital systems.

Competition of private practitioners and smaller hospital systems has historically kept prices lower. That competition is now being done away with by Obamacare in the name of cost savings, but it is having the opposite effect.

Obamacare is a disaster on so many levels its frightening.

Regards,
Chris

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

Scathing Attack on Rajoy in Spanish Press; Spain on Brink of Deflation, CPI Goes Negative

Spain's CPI has declined for four consecutive months and eight out of the last twelve. A decline of .4 percentage points in October pushed the CPI negative for the first time since 2009.

Via translation from El Economista

The Consumer Price Index (CPI) fell four tenths of a percent in October to -0.1% due to falling prices of food and non-alcoholic beverages and the lower rise in university education, according to the leading indicator of the evolution of prices in Spain released Wednesday by the National Statistics Institute (INE).

Deflation requires a fall in prices over an extended period of time, but with the decline in October, the annual chained CPI shows four consecutive months of declines.

"It's not the first time that consumer prices fall in annual figure in Spain during the crisis. But it is striking that they do when the optimism about the recovery takes hold among economic agents and authorities," said Jose Luis Martinez, a strategist Citi in Spain.

Scathing Attack on Rajoy

Rarely does one see a scathing attack of government officials in mainstream media, but this attack by El Confidencial (mainstream to Spain) qualifies.

Via translation please consider Recession Continues and Spain on Brink of Deflation

Liars, irresponsible and heartless have brought misery to the poor and middle class crushed with confiscatory taxes. These are the qualifications of prime minister Rajoy and his henchmen who hypocritically celebrate deception to a people. They have not taken Spain out of the recession, but they have brought us to the brink of deflation that will bring more poverty, pain and tears.

The reported GDP and employment figures for the third quarter of 2013 are clearly incompatible. A job loss of 70,000 people in seasonally adjusted terms is not compatible with a rise of GDP (albeit marginal) given the fall of 98% of its components. It's an impossible metaphysical.

As Jean Claude Trichet, former ECB president said "Spanish statistics are hard to believe." Since then Spain's official GDP figure exceeds actual around 30%.

Nonetheless, Rajoy has started marketing the same lies as Zapatero regarding green shoots of 2009, that have not yet arrived.

Even though taxes have risen to a confiscatory level, they have cut wages, pensions, unemployment and imposed all kinds of misery on more than 3 million people.

Job losses continue at an unaffordable rate: 500,000 people through September and more than a million since Rajoy became prime minister. Social Security contributors are down 1.1 million workers. And if we go into the fine print, the issue is even worse: The number of permanent contracts in the third quarter fell by 146,300 while that of temporary workers increased by 169,500.

How can the stock market go up when the results of the Ibex are the worst in the Western world? The reason is simple: the entry of speculative money, by the enormous amount of liquidity but not moving the debt market.

Yet, Rajoy and his minions tell us that "the recession is over, we grow at 0.1%.

We're not coming out of recession. It's impossible. No country can get out of a recession with annual wastage of 10% of GDP by corrupt state officials and a financial system that has already cost us over 40 billion euros with guarantees of another 280 billion of which a good portion is not viable.

It's impossible with interest rates of 12 to 16% solvent customers.

Many analysts applaud the Government's actions more taxes, lower wages and drastic cuts to the weakest. These pseudo-experts overlook that confiscatory tax policy, the government deficit, and the lack of credit.

The crisis is not only unseemly, it is also vile.

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

Mobile Payments Growth: Just The Tip of The Iceberg?

A new report from Business Insider Intelligence on the state of the mobile payments industry shows that, while the volume of mobile payment transactions still represent just a small percentage of overall payments on the surface, the level of growth is significant and quickly shaping the entire payments industry.

Both consumer and merchant uptake is exploding as smartphone users are quickly adopting mobile wallets, payment apps, etc. to facilitate offline and online purchases and as businesses are turning smartphones and tablets into full-featured POS terminals. The next critical step is to persuade the masses to become users of the payment technology available.

When Amazon and eBay launched their online shopping sites in 1995 and 1996 respectively, the notion that over half the U.S. population would make purchases online would have been scoffed at. Yet in 2013, the number of online shoppers in the U.S. will reach 189.6 million, according to eMarketer. In this case, the majority of the consumers were resistant to change until they made the switch and realized the benefits. The same applies to mobile payments.

The key is to examine the current payments industry growth trends, motivations of current users, the reasons for the gap between awareness and usage, and how financial institutions, retailers, network operators and equipment manufacturers can work together to convert reluctant consumers into loyal users. As mentioned by many of my fintech colleagues recently, it goes beyond a mentality of "If you build it, they will come". There is a need to solve for the concern around mobile security as well as develop incentives for usage.

Defining Mobile Payments

For the purpose of the study being reviewed, 'mobile payments' were defined as when a mobile, internet-connected device (smartphone, tablet, smart watch, Google Glass, etc.) is used to facilitate a transaction that might otherwise have taken place using a physical credit card, debit card, check or cash at a physical (not online) store. 'Mobile transactions' (for the purpose of this study) are a larger category that included mobile payments as well as mobile commerce and e-commerce channeled by an app or mobile website (e.g., Amazon's mobile app).

Mobile payments and transaction innovation is currently be led by start-ups and tech companies, who are prompting legacy payments players and card companies to reevaluate their current strategies and increase their own pace of innovation. 'Coopetition' has become the norm as companies team up with each other as opposed to building a mobile strategy from scratch. These partnerships (and individual initiatives) are pushing innovation forward quickly, making the industry fragmented yet ripe for consolidation.

Mobile Payments: Still Relatively Small on the Surface

Like an iceberg, there is much more to the mobile payments than what the can be seen on the surface today, with a U.S. mobile payments forecast of $30 billion in 2013. According to the research compiled by BI Intelligence, this forecast represents an average annual growth rate of 118 percent since 2008, but still will only account for 2 percent of the $3.3 trillion debit and credit card volume in the U.S. this year. It was also found that other global markets (such as Africa and the Asia Pacific regions) are seeing a much larger percentage of mobile transactions.

In both the U.S. and other global regions, the growth in mobile transaction volume has been driven primarily by the growth in smartphone adoption (especially in areas of underdeveloped banking systems). Not only has the smartphone impacted the consumer side of the payments equation, but also the merchant side, where attachable card readers transform smartphones and tablets into cash registers, making card purchases easier.

The Gap Between Awareness and Usage

In a recent research study conducted by Accenture entitled, Driving Value and Adoption of Mobile Payments: Consumers Want More, it was found that while consumers know that mobile payments are an option, they still prefer not to make them. In the study, 41 percent of North American smartphone users were highly aware that their phones could be used as a payment device, yet only 16 percent had done this.

Similarly, the BI Intelligence research found that, similar to most disruptive technologies, the adoption of mobile payments to date has been driven by both the underserved and the early adopter segments. From the merchant perspective, firms like Starbucks, Apple and Home Depot are helping both awareness and usage.

On the consumer side, new apps and 'mobile wallets' from firms like PayPal, Google and Square are helping mobile payments acceptance. But, while consumers are highly aware of these mobile payment applications, and find the convenience and money-saving incentives appealing, many are holding back from using mobile payments because of security and privacy concerns. Consumers worry about their liability if their phone is lost or stolen and express concern that the risk will escalate as the phone evolves into a mobile wallet.

Security and Privacy Concerns Hinder Growth

According to the Accenture study, 45 percent of respondents who do not currently make mobile payments said they were concerned about security, while 37 percent had worries about privacy. 

These findings were in line with another study done earlier this year by Chadwick Martin Bailey entitled, The Mobile Moment: Barriers and Opportunities for the Mobile Wallet. In this study, 73% of those households that were familiar with the concept of a mobile wallet but were forgoing using the capability mentioned security as the reason for non-use. The specific reasons for security concerns included identity theft (70%), theft of phone and personal information (60%), interception of personal information during transaction (57%), hacking of mobile phone (52%), hacking service provider (34%) and getting charged for an accidental transaction (19%).

Chadwick Martin Bailey Mobile Wallet Research, 2013

Potential Beyond Payments

As we move from mobile payments to mobile wallets, many studies indicate that there is the potential to offer more than just payments. According to a recent study from mobile marketing firm Vibes, nearly 85 percent of smartphone owners would like to receive non-payment services from a mobile wallet, including loyalty card storage, coupons, personalized offers and other marketing materials (similar to the Apple Passbook app). Interestingly, the study finds that only 19 percent of those surveyed believe they had been offered any such content.

Again, the Chadwick Martin Bailey research from earlier this year collaborated with the findings from Vibes, illustrating that several additional features would be viewed positively by households who understood mobile payments but had decided not to use this functionality. In fact, the 'perfect' mobile wallet combination from the perspective of non-users was payment functionality combined with the ability to store loyalty cards and other sensitive documents (insurance cards, drivers license, etc.). 

While mobile offers were not scored as high as storage of cards in the CMB research, the Accenture research found that 60 percent of consumers who already do mobile payments would do so more often if they received instant coupons. In addition, 36 percent said they would provide personal information in exchange for such rewards and 46 percent would increase payments if they received location-based offers

Chadwick Martin Bailey Mobile Wallet Research, 2013

The Future of NFC

Near Field Communications (NFC) is a technology that allows devices to communicate with each other at close range to facilitate payments and other transactions. Despite years of debate on the pros and cons of the technology (especially in the U.S.), there are more and more who believe NFC will be a non-starter as a payments technology. It's not that the technology is disappearing (NFC chips are being placed in virtually all new Android phones). It's just that acceptance has never gained steam:

• Google Wallet recently dropped the requirement that NFC technology be required for its wallet app to run. Google wallet has recently developed an app for the iPhone and becoming device and technology agnostic.
• Apple (and PayPal) recently released new close range technology (Beacon) that use low frequency bluetooth communication that is available on virtually all smartphones. This technology also requires significantly less hardware upgrades from the merchant and is faster and has more functionality for the consumer.
• Beacon technology could eliminate the checkout entirely, providing real-time offers, product information, facilitate payments and remove any security devices before leaving the store.

The Future of Mobile Payments

Despite a lot of noise among financial technology insiders and the payments industry, mobile payments and mobile wallets are far from becoming mainstream. As expected, mobile payments are more commonplace with younger demographics and higher income categories as well as having greater potential for those who are underbanked. In other words, the potential for mobile payments in the future is high, but is far from guaranteed.

While our industry continues to be focused on the next shiny technology breakthrough in payments, consumers are more concerned about security, privacy, convenience and the improved 'value' of using their phones to make payments. In other words, "Will the customer experience be better than what I have now?"

Financial institutions, merchants, network operators and technology providers must answer the above concerns and provide education on the way to best move forward . . . from the consumer's perspective. This education is made more difficult with the multitude of different payments solutions being introduced and the overall 'noise' in the marketplace. 

Finally, recent research indicates that both current mobile payments users and non-users can be provided incentives to increase their use of mobile payments. This can be in the form of transaction incentives, mobile coupons, geolocational offers, etc. that are incorporated into the mobile payment experience. 

Today's digital consumer expects their mobile devices to improve and simplify their lives. Until the providers of mobile payments can achieve this goal on a broad spectrum, mobile payments will look like more of a tip of the ice cube vs. tip of the iceberg.

Additional Resources

There's Virtually No Ceiling to Mobile's Potential in the Larger Payments and E-Commerce Markets - Business Insider (Oct. 2013)

Gartner Says Worldwide Mobile Payment Transaction Volume to Surpass $171.5 Billion - Gartner (May 2012)

Driving Value and Adoption of Mobile Payments: Consumers Want More - Accenture (2013)

Consumer Intelligence Series: Opening the Mobile Wallet - PriceWaterhouseCoopers (2013)

The Mobile Moment: Barriers and Opportunities for the Mobile Wallet - Chadwick Martin Bailey (April 2013)

How the NSA Hacked Google and Yahoo! - Part Two - Man in the Middle - "Flying Pigs", "Hush Puppy"

In response to NSA Breaks Into Secure Communication Links of Google and Yahoo I received a few comments worth exploring.

Reader "Fury" commented "True encryption using the RSA algorithm is unbreakable today. No way can the NSA break the prime number encryption that is used, I don't care how many supercomputers they have."

A knowledgeable friend commented "The secure parts are impenetrable by computer technology. A break-in is impossible unless Google let them in or the NSA somehow got the encryption key. The latter would require human agents."

The article I linked to above came from an October 30 article in the Washington Post. Here is the chart in question.



Man in the Middle

Mainstream media is nearly always late to these stories, and so was I. The answer to how the NSA hacked Google and Yahoo! comes from Schneier on Security a "blog covering security and security technology".

With thanks to reader "marvinmartian" for the link, please consider Bruce Schneier's September 13 post New NSA Leak Shows MITM Attacks Against Major Internet Services.

The Brazilian television show "Fantastico" exposed an NSA training presentation that discusses how the agency runs man-in-the-middle attacks on the Internet. The point of the story was that the NSA engages in economic espionage against Petrobras, the Brazilian giant oil company, but I'm more interested in the tactical details.

The video on the webpage [NSA Documents Show United States Spied Brazilian Oil Giant] is long, and includes what I assume is a dramatization of an NSA classroom, but a few screen shots are important. The pages from the training presentation describe how the NSA's MITM attack works:

However, in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route -- on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format.

Documents from GCHQ’s "network exploitation" unit show that it operates a program called "FLYING PIG" that was started up in response to an increasing use of SSL encryption by email providers like Yahoo, Google, and Hotmail. The FLYING PIG system appears to allow it to identify information related to use of the anonymity browser Tor (it has the option to query "Tor events") and also allows spies to collect information about specific SSL encryption certificates.

Flying Pig Screenshot



Spying on Petrobras – Brazil’s Largest Company

Let's take a closer look at NSA Documents Show United States Spied On Brazilian Oil Giant

One of the prime targets of American spies in Brazil is far away from the center of power – out at sea, deep beneath the waves. Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA, the National Security Agency of the United States.

These new disclosures contradict statements by the NSA denying espionage for economic purposes.

The information was found by journalist Glen Greenwald, co-author of this story along with TV Globo Reporter Sonia Bridi, amid the thousands of documents given to him by Edward Snowden in June.

This statement addressed to “The Washington Post” this week highlights that 'The department does ***not*** engage in economic espionage in any domain, including cyber.'"

 However, a top secret presentation dated May 2012 is used by the NSA to train new agents step-by-step how to access and spy upon private computer networks – the internal networks of companies, governments, financial institutions – networks designed precisely to protect information.

The name of Petrobras – Brazil’s largest company – appears right at the beginning, under the title: “MANY TARGETS USE PRIVATE NETWORKS.”

The documents are classified as “top-secret”, to be seen only by those named by the Americans as “Five Eyes” – the five countries allied in spying: the United States, Australia, Canada, Great Britain and New Zealand.

The name of Petrobras appears on several slides, as the training goes deeper in explaining how data from the target companies is monitored.

Individual folders are created for each target – and contain all the intercepted communications and IP addresses – the identification of each computer on the network – which should be immune to these attacks.

Petrobras has two supercomputers, used mainly for seismic research – which evaluate oil reserves from samples collected at sea. This is how the company mapped the Pre-salt layer, the largest discovery of new oil reserves in the world in recent years.

There is no information on the extent of the spying, nor if it managed to access the data contained in the company’s computers. It’s clear Petrobras was a target, but no documents show exactly what information the NSA searched for. But at any rate, Petrobras has strategic knowledge of deals involving billions of dollars.

The NSA presentation contains documents prepared by the GCHQ – the British Spy agency, from a country that appears as an ally of the United States in spying. The British agency shows how two spy programs operate. “Flying Pig” and “Hush Puppy” also monitor private networks which carry supposedly secure information. These networks are known as TLS/SSL.

The presentation explains how data is intercepted, through an attack known as “Man in the Middle”. In this case, data is rerouted to the NSA central, and then relayed to its destination, without either end noticing.

A few pages ahead, the document lists the results obtained. “Results - what do we find?” “Foreign government networks”, “airlines”, “energy companies” – like Petrobras - and “financial organisations.”

TLS/SSL networks are also the security system used in financial transactions, such as when someone accesses their bank account through an ATM. The connection between a remote terminal and the bank’s central goes through a sort of secure tunnel through the internet. No one is supposed to see what travels through it.

Later, the NSA presentation shows in detail how the data of a chosen target is rerouted through spy filters beginning at the very source, until they reach the NSA’s supercomputers.

In this document the NSA names Latin America as a key target of the "SILVERZEPHYR" program, which collects the contents of voice recordings, faxes, as well as metadata, which is the overall information being transmitted in the network.

"Flying Pigs", "Hush Puppy", "SILVERZEPHYR" 

The NSA was clearly caught lying.

What else besides corporate espionage? Political enemies? (Why not given the target on friends?) State trials? Client attorney privileges?

Once again, I praise Edward Snowden as a national hero for leaking these documents. We would otherwise not know about any of this stuff, and without that leak, it is 100% certain nothing about this would have been done.

Instead, Big Brother would likely have expanded to look at every document, every phone call, every corporation, every blog, and literally everything written or said by everyone on the planet, with taxpayers footing the bill.

My fear is that happens regardless.

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

5 Tips for Successful Holiday PLAs on Google Shopping

In a couple of days, it will be November and the holiday rush will be in full swing. With six fewer days between Thanksgiving and Christmas compared to last year, retailers must make the condensed holiday shopping period count. Here are our top tips for using Product Listing Ads (PLAs) to your advantage this holiday.

Sway undecided shoppers with timely promotions. Gift givers are often in the market for things they don’t normally buy, and according to our recent research, price is the main reason they decide to shop somewhere new. We saw this in action last year, as one in four holiday shoppers purchased from a retailer they had never shopped with before. Including promotional text like free shipping, price discounts, coupons, and purchase incentives in your PLA campaign can help close the deal with shoppers still trying to make up their minds. In fact, one in five say free shipping will be the deciding factor on purchases this year, so make sure your shipping settings in Merchant Center accurately reflect free shipping if you offer it.

Fill in the gaps in your data feed. Great product data powers the most effective PLAs. It helps you win the trust and confidence of active shoppers by letting them know you have exactly what they’re looking for. One of the most worthwhile things you can do is to take a close look at your data feeds and make sure you’re including all the key information that would draw the attention of a potential customer.

Here’s an example of filling in the gaps in your data feed:

Attribute	Before	After
Title	Short Sleeve Solid Dress	NY Collection Short Sleeve Solid Green Dress
Description	Short sleeve solid dress…	The NY Collection short sleeve knee length dress…
Google Product Category	Clothing > Sales	Apparel & Accessories > Clothing > Dresses > Cocktail Dresses
Color	Lime	Green
Brand		NY Collection
Gender		Female
Size		6

Keep your data feeds fresh. The holidays are a time for high inventory turnover and price changes, so don’t disappoint potential customers with stale and inaccurate information. Keep your data feed content up-to-date and upload your feed as frequently as needed (up to 4 times per day) to ensure your products have accurate stock statuses, prices, and promotional information. Remember to account a few hours for data feed processing and approvals. 

Build a campaign structure you can maintain through the holiday hustle. Create product targets and bid more aggressively on products with good performance and high demand during the holiday season, such as seasonal items, best sellers, or products with high margins. You should also ensure there is only one All products target with the lowest bid of all your product targets to capture consumer interest in your low priority products.

Maximize your exposure to constantly-connected consumers. People will shop at all hours, across devices this holiday. For example, 84% of shoppers with smartphones actively browse the web while in a store, looking for comparable deals online. At minimum, aim to maximize your visibility on product search results by running both text ads and PLAs. Then focus on incremental gains: ensure your PLAs are showing on mobile devices and increase bids when a consumer is in or near your store, or even while they’re browsing nearby competitors’ offerings. Capitalize on recent improvements in mobile PLAs to increase mobile traffic, and point people to your physical stores with local availability for Product Listing Ads. 

For more tips, watch our videos on Preparing Your Data Feeds for the Holidays, PLA Optimization Essentials and Advanced PLA Optimization Tactics.

Posted by Erica Sievert, Product Marketing Manager, Google Shopping

Measuring Twitter with Universal Analytics

In between rolling out new features for Google Analytics, we also like to feature how users and companies are actually using our products. Matt Stannard of 4PS Marketing details how to easily measure Twitter using Universal Analytics. We’ve excerpted parts of his post below, read on to see the results, and don’t forget to click through to see the technical details!

How?

Step 1 - Create a new account

First, we need to create a new account, which is accomplished easily through the new look and feel of Analytics. Remember this is under Admin and then in the Account drop down. I made a new Universal Analytics account for my particular experiment - you then need to note the UA number.

Step 2 - Install PHP / MySQL

I downloaded a WAMP stack called XAMPP as I wanted to use PHP as my Twitter monitoring library. XAMPP includes Apache, PHP and MySQL. You can use any tool of your choose provided you are able to edit the code and add the necessary Measurement Protocol requests. The library I used is was from 140Dev.

Step 3 - Create Twitter Application

In order to use the PHP monitoring library you need to have a Twitter Application. You can create this by signing in at https://dev.twitter.com/. Click My Applications:

Create your application and after you've done this you will need to note the Consumer Key, Consumer Secret, Access Token, Access Token Secret. 

Step 4 - Start Monitoring

So, now we've got our Twitter application we can begin monitoring, in the 140dev package you need to modify a few files, firstly the db_config.php. You can find the code here, on the original blog post.

Results

The reporting interface of Google Analytics is actually very effective at monitoring Twitter as you are able to look in Real Time, use Dashboards, or custom reports.

The Real Time Analytics is fantastic at showing how active the things your are monitoring on Twitter is. If you just look at the Real Time overview as this screenshot shows:

(click image for full-sized version)

You can use Dashboards to report on key areas of interest and apply whatever filtering you need, the dashboard below just shows the key hashtags, users, users mentioned and urls shared: 

(click image for full-sized version)

Custom Reporting also allows us to produce charts such as what times of the day users were active:

(click image for full-sized version)

The full post can be found here.

Posted by Aditi Rajaram, Google Analytics Team

NSA Breaks Into Secure Communication Links of Google and Yahoo; Italian Magazine Claims NSA Monitors Pope

The Washington Post reports NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say

In this slide from a National Security Agency presentation on “Google Cloud Exploitation,” a sketch shows where the “Public Internet” meets the internal “Google Cloud” where user data resides. Two engineers with close ties to Google exploded in profanity when they saw the drawing.



According to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.

The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, GCHQ. From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants.

The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process.

At Yahoo, a spokeswoman said: “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”

Note the Smiley

Please note the Smiley in the lower center part of the image. The adjacent text says "SSL added and removed here!".

For those interested in "SSL" technology, Wikipedia offers this explanation.

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols which are designed to provide communication security over the Internet. They use X.509 certificates and hence asymmetric cryptography to assure the counterparty whom they are talking with, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product message authentication. Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP). An important property in this context is perfect forward secrecy, so the short term session key cannot be derived from the long term asymmetric secret key.

The diagram suggests the NSA is somehow able to add its own "secure" layer or simply remove the security layers of Google and Yahoo!

Italian Magazine Claims NSA Monitors Pope

This story is not yet confirmed but Reuters reports Italian magazine says U.S. spies listened to pope, Vatican says unaware.

An Italian magazine said on Wednesday that a United States spy agency had eavesdropped on Vatican phone calls, possibly including when former Pope Benedict's successor was under discussion, but the Holy See said it had no knowledge of any such activity.

Panorama magazine said that among 46 million phone calls followed by the U.S. National Security Agency (NSA) in Italy from December 10, 2012, to January 8, 2013, were conversations in and out of the Vatican.

In a press release before full publication on Thursday, Panorama said the "NSA had tapped the pope". It cited no source for its information.

Panorama said the recorded Vatican phone calls were catalogued by the NSA in four categories - leadership intentions, threats to the financial system, foreign policy objectives and human rights.

Reflections on Monitoring "God's Work"

The humorous comment of the day goes to Zerohedge who said "We can only assume this means keeping on top of Goldman's activities around the globe: after all, when one intercepts god's phone calls, one is mostly interested what the bank that does god's will is doing."

In case you missed the connection, in November 2009 Goldman Sachs' CEO Lloyd Blankfein claimed "Goldman is doing God's work". For details, please see God's Work and Goldman's Prayer.

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com

Illinois Teachers Pension Fund is 40% Funded, Drops Deeper Into Hole Despite Investment Return of 12.8%; What's the Solution?

In spite of a 12.8% annual return, with an 8% return assumption, the Illinois Teachers Retirement System (TRS) fell another $3.5 billion in the hole. TRS pension underfunding grew to $55.73 billion as of June 30, 2013.

Via email, the Illinois Policy Institute explains the growing liability.

First, TRS only has $0.40 in the bank for every dollar it should have today to make necessary pension payouts in the future. That means the high investment returns in 2013 were earned on less than half of the assets that TRS should have

TRS acknowledged this in a recent press release:

"Despite these strong returns, TRS cannot invest its way out of the funding hole we are in,” Ingram added. “This increase in the System’s unfunded liability, even with good investment results, is another wake-up call to state officials and our members that TRS long-term finances continue to head in the wrong direction."

"Without changes to the pension code to ensure sustained and adequate funding, TRS faces the very real possibility that in a few decades the System will not have enough money to pay benefits to retirees. We cannot guarantee that TRS will have enough money to pay the pensions promised to every member in the System."

Second, the inherent flaws of the state’s defined benefit pension system have driven up the shortfall significantly. According to the Commission on Government Forecasting and Accountability, the state’s pension shortfall grew by $41 billion from 1996 to 2012.

Of that amount, nearly $23 billion came from some form of missed “assumption” that continually plagues defined benefit pension plans:

• The investment returns for the state’s five pension funds were lower than their assumed 8% expectation. Cost to taxpayers: $9.5 billion.
• Unplanned benefit increases for employees. Cost to taxpayers: $1.1 billion.
• Changes in actuarial assumptions. Cost to taxpayers: $4.9 billion.
• “Other” actuarial factors. Cost to taxpayers: $7.2 billion.

TRS fails to acknowledge the failures of the defined benefits plan and instead chooses to blame taxpayers for not contributing enough to the system.

Who is to Blame for Shortfalls?

Please consider the Illinois Policy Center report State pension contributions: Taxpayers bear the brunt of increasing pension costs

A common refrain sounded by public sector unions is that government workers have consistently “paid their share” into Illinois’ pension systems and the state has not. However, the facts tell a different story.

While government worker contributions to Illinois’ five pension systems have increased by 75 percent since 1998, taxpayer contributions have increased by 427 percent over the same period. In 2012 alone, Illinois taxpayers contributed $3.5 billion more to the pension systems than state workers did.



Government workers’ share, as a percentage of total contributions, has continued to decline when compared to taxpayers’ contributions. In 1998, government workers paid for 47 percent of the state’s total pension contribution; today, they only pay 21 percent. By 2045, government workers will be expected to pay only 17 percent of total pension contributions.

Illinois' Five Pension Systems

Illinois has five state pension systems, and all of them are seriously underfunded:

1. The Teachers’ Retirement System, or TRS, manages pensions for teachers across Illinois (excluding Chicago).With more than 130,000 active members and nearly 95,000 retirees, TRS is the largest pension system in the state. Unfortunately, TRS also has the highest unfunded liability of the state’s pension systems. In 2012, TRS was only 40.6 percent funded and officially had more than $53.51 billion in unfunded liabilities. TRS members contribute 9.4 percent of their salary to the pension system.
2. The State Employees’ Retirement System, or SERS, manages pensions for state-level employees across Illinois. It has 62,000 active members and 50,000 retirees. In 2012, SERS was only 33.1 percent funded and had officially $22.13 billion in unfunded liabilities. Under its regular pension formula, SERS members covered by Social Security contribute 4 percent of their salary, and those not covered by Social Security contribute 8 percent of their salary to the pension system.
3. The State Universities Retirement System, or SURS, manages pensions for employees working at state universities. It has 71,000 active members and more than 45,500 retirees. In 2012, SURS was only 41.3 percent funded and had officially $19.46 billion in unfunded liabilities. SURS members contribute 8 percent of their salary to the pension system.
4. The Judges’ Retirement System, or JRS, manages pensions for judges throughout the state. It is one of the two smaller pension systems, with only 968 active members and 725 retirees. Despite its small size, in 2012 JRS was only 28.6 percent funded and officially had $1.44 billion in unfunded liabilities. JRS members contribute 11 percent of their salary to the pension system.
5. The General Assembly Retirement System, or GARS, manages pensions for members of the Illinois General Assembly. Despite having only 176 active members and 294 retirees, GARS has the dubious honor of being the worst-funded pension system in the state. In 2012, GARS was only 17.4 percent funded and officially had $251 million in unfunded liabilities. GARS members contribute 11.5 percent of their salary to the pension system.

All Five Systems Bankrupt

TRS, SERS,SURS, JRS, and GARS are all insolvent. None of them can possibly meet their pension obligations. With 10-year treasuries yielding a scant 2.5%, plan assumptions of 8% are preposterously high on a sustained basis.

Yet, TRS went another $3.5 billion in the hole in spite of a 12.8% annual return.

What the hell is TRS going to do in the face of a stock market plunge, a bond market plunge, or both?

GARS, the General Assembly Retirement System is only 17.4% funded. Is it any wonder that state legislators are pressing for more tax hikes?

Beware Tax Hikes!

On October 18, I reported Illinoisans Beware: "Progressives" Seek Massive Tax Hike Again; Fight the Hike!

Pension shortfalls are the reason for the proposed hikes.

A few people commented the "progressive" tax was not as much as they pay. Here is Rep Naomi Jakobsson’s proposed scheme.



Property Taxes

What I failed to point out previously is that I pay $14,000 annually in property taxes on a home I can sell for $400K or so.

Sales Taxes

My sales tax rate is  7.75%. But hey, that could be worse. Cicero tops the state with a 9.5% tax. In Chicago, the sales tax is 9.25%.

In spite of all these massive taxes, the entire state is bankrupt!

The Solution

Raising taxes for the benefit of legislators and seriously undeserving public unions is certainly not the answer. The solution is twofold:

1. Immediately kill all Illinois public defined-benefit pension plans
2. Drastically lower existing pension plan expectations, via default if necessary

Nothing else can possibly work, and the numbers prove it.

Mike "Mish" Shedlock
http://globaleconomicanalysis.blogspot.com