Shared posts

07 Oct 15:18

Fat shaming. It’s a thing.

by Jacqueline Clark PhD

According to Nicole Arbout’s youtube video “Dear Fat People,” fat people deserve to be ridiculed and treated poorly. The comedian mocks obese people and accuses them of being lazy, smelly, self-destructive, and a burden to the health care system and those around them.  Fat people, she also suggests, cause heartache and embarrassment to their loved ones and are public nuisances to strangers by taking up too much space on airplanes and getting the closest spaces in shopping mall parking lots. Arbour even compares fat bodies to the Michelin Man and implores those who are overweight to put down the coke and fries, start exercising, and get healthy.

In case Arbour’s point was lost amid her six-minute diatribe, “Fat shaming is not a thing. Fat people made that up.”

But research proves otherwise.

Over a decade ago work supported by Yale University’s Rudd Center for Food Policy and Obesity showed that fifteen percent of respondents would be willing to give up 10 years of their lives to avoid being fat. Nearly one-half of respondents would give up one year of their lives to do the same. About eight percent of these same survey respondents also indicated they would rather have a learning-disabled child than an obese child (source). Such findings illuminate clearly the stigma associated with being obese as well as the fear that people have of being targets of the prejudice and discrimination stemming from it.

These fears are well founded. Obese people continue to face prejudice and discrimination in a wide variety of ways, according to recent research from the Rudd Report. In the educational system, overweight and obese children report being teased and bullied by peers and teachers alike.

Obesity also has consequences in the workplace. Those who are obese can expect to earn lower wages and be promoted less often than their thinner coworkers, despite positive work evaluations.


Overweight and obese people should not expect to find respite from the health care system either. Survey data consistently show that a significant number of doctors and nurses think obese patients are lazy, awkward, and noncompliant. Many of these same medical professionals also report being repulsed by such patients, attitudes which certainly affect the type and quality of care that obese patients receive.

To be sure, obesity contributes to health conditions like heart disease, some forms of cancer, diabetes, among others. It can also lead to early death, conclusions that Arbour’s video also makes. But obese people do not deserve to be ridiculed or discriminated against.

While Arbour now claims that “Dear Fat People” and the humor in it is satire, she perpetuates longstanding beliefs about overweight and obese people, legitimates the unfair treatment that they face on a daily basis, and proves that, yes, fat shaming is a thing.

Jacqueline Clark, PhD is an associate professor of sociology and chair of the department at Ripon College. Her research focuses on inequalities, the sociology of health and illness, and the sociology of jobs, work, and organizations.

(View original at

06 Oct 18:57

What’s in a Boarding Pass Barcode? A Lot

by BrianKrebs

The next time you’re thinking of throwing away a used boarding pass with a barcode on it, consider tossing the boarding pass into a document shredder instead. Two-dimensional barcodes and QR codes can hold a great deal of information, and the codes printed on airline boarding passes may allow someone to discover more about you, your future travel plans, and your frequent flyer account.

Earlier this year, I heard from a longtime KrebsOnSecurity reader named Cory who said he began to get curious about the data stored inside a boarding pass barcode after a friend put a picture of his boarding pass up on Facebook. Cory took a screen shot of the boarding pass, enlarged it, and quickly found a site online that could read the data.

An older Delta boarding pass with a board code. Source: IATA.

An older Delta boarding pass with a bar code that does not include a frequent flyer number. Source: IATA.

“I found a website that could decode the data and instantly had lots of info about his trip,” Cory said, showing this author step-by-step exactly how he was able to find this information. ‘

“Besides his name, frequent flyer number and other [personally identifiable information], I was able to get his record locator (a.k.a. “record key” for the Lufthansa flight he was taking that day,” Cory said. “I then proceeded to Lufthansa’s website and using his last name (which was encoded in the barcode) and the record locator was able to get access to his entire account. Not only could I see this one flight, but I could see ANY future flights that were booked to his frequent flyer number from the Star Alliance.”

The access granted by Lufthansa’s site also included his friend’s phone number, and the name of the person who booked the flight. More worrisome, Cory now had the ability to view all future flights tied to that frequent flyer account, change seats for the ticketed passengers, and even cancel any future flights.

The information contained in the boarding pass could make it easier for an attacker to reset the PIN number used to secure his friend’s Star Alliance frequent flyer account. For example, that information gets you past the early process of resetting a Star Alliance account PIN at United Airline’s “forgot PIN” Web site.

After that, the site asks for the answer to a pre-selected secret question. The question in the case of Corey’s friend was “What is your Mother’s maiden name?” That information can often be gleaned by merely perusing someone’s social networking pages (e.g., does your aunt or uncle on your mom’s side have your mother’s maiden name as their last name? If so, are they friends with you on Facebook?)


The readout from the barcode on Cory’s friend’s boarding pass (redacted).

United Airlines seems to treat its customers’ frequent flyer numbers as secret access codes. For example, if you’re looking for your United Mileage Plus number, and you don’t have the original document or member card they mailed to you, good luck finding this information in your email correspondence with the company. When United does include this code in correspondence, all but the last three characters are replaced with asterisks. The same is true with United’s boarding passes. However, the full Mileage Plus number is available if you take the time to decode the barcode on a boarding pass.

Interested in learning what’s in your boarding pass barcode? Take a picture of the barcode with your phone, and upload it to this site. This blog on the same topic from several years back includes some helpful hints on how to decode the various information fields that get dumped by the barcode reader.

Finally, the standards for the boarding pass barcodes are widely available and have been for years. Check out this document (PDF) from the International Air Transport Association (IATA) for more on how the barcode standards work and have been implemented in various forms.

05 Oct 17:17

La Dolce Vita: Italian Pear & Chocolate Breakfast Cake

Fergus Noodle

I don't really like the slitty pears but I do like the idea of breakfast cake

This cake is something special. Sent in by a Dear Reader Robbie she first tried this cake at the hotel Ai Lumi in Trapani, Sicily who furnished her with the recipe. This cake is perfect served for breakfast, morning tea afternoon tea or dessert-in fact Robbie had it for breakfast at the hotel!
06 Oct 15:33

Why is it so hard to give Taylor Swift credit for 1989?

by Lisa Wade, PhD

Musician Ryan Adams recently released an album cover. A cover, that is, of an entire album written and performed by Taylor Swift. Both albums are titled 1989.


Critical praise for Adams’ version was immediate, turning quickly to a comparison of the two. At There’s Research on That!, Jacqui Frost explained that there was…

…a media frenzy about which album is “better” and who deserves credit for the “depth and complexity” that many say Adams brought to Swift’s poppier original. Some reviews argue Adams “vindicated” Taylor Swift as an artist; others argue that emotional depth was already present in Swift’s songwriting…

Swift’s 1989 was the best selling album of 2014 — by popular vote, it was obviously an excellent album — but many people seemed not to notice. Instead, they wanted to talk about who should get credit for the quality of Adams’ album, as if whether there was anything good there to begin with was an open question.

Frost draws on sociological research to suggest that gender might help explain why we have such a hard time giving credit to Swift.

First, she notes that musical genres are gendered and we tend to take feminized genres less seriously than masculinized ones. “Many publications that reviewed Adams’ version [of 1989],” for example, “did not review Swift’s original.” This may be because serious music critics don’t review pop.

Second, research shows that male creatives in the music industry are generally more likely to get credit than females ones. Frost writes:

[M]ale musicians, regardless of genre, are more likely to receive critical recognition and be “consecrated” into the popular music canon. Women are less likely to be seen as “legitimate” artists and are more often judged on their emotional authenticity and connections with “more” legitimate, male artists.

In fact, Frost notes, “the albums will be competing for a Grammy this year, and many think Adams will take it over Swift

Whatever you think of the two albums, the instinct to dismiss Swift’s album as “just pop” and Adams’ version as “artistic” is likely tied to the powerful ways in which the music industry, and our own experience of music, has a thumb on the scale in favor of men and masculine genres.

This post borrows heavily from Jacqui Frost at TROT! and you can find links to the original research there.

Lisa Wade is a professor at Occidental College and the co-author of Gender: Ideas, Interactions, Institutions. Find her on TwitterFacebook, and Instagram.

(View original at

05 Oct 06:56

Spice Alley on Kensington Street @ Central Park, Chippendale [9]

by Susan Thye
Fergus Noodle

Eat the things

I’m not sure what’s going on with Sydney’s weather this Spring, wet and windy one week and then hot and humid the next! But I much prefer when the sun’s out because Sydney has some great spots for eating outside and the newest place to eat outdoors is at Spice Alley on Kensington St, just next door to Central Park and with an entrance directly opposite Automata.

Spice Alley has that hawker centre vibe but with the bonus of being much cleaner lol. There’s four permanent Spice Alley stalls, rock up to a counter and order your food and then wait for your order ticket number to be called before grabbing a seat in the courtyard. Oh and keep in mind you can only pay using Paywave or you take your cash to the little window to the far left of the stalls and get a Spice Alley credit card.

I’d brought the family and we start off at Alex Lee Kitchen. I’m impressed with the super flaky Roti Canai ($6), it’s light and fluffy and comes with two puddles of chicken curry and dahl sauce plus a fiery red sambal sauce that has me sneakily swiping more than my share. The roti is definitely on par with Mamak and best of all there’s no queues (yet)…

Katong Laksa ($10) is bang on in flavour, rich from the coconut and just the right amount of spice to set the tastebuds a-tingle. Noods opted for the rice vermicelli noodles but you can choose egg noodles or flat rice noodles to fraternise with slices of juicy chicken, ribbons of fish cake, beapsprouts and squishy cubes of tofu.

Next stop is Old Jim Kee with a plate of deep fried goodness. The Curry Puff ($3/each) is a nice fat specimen, stuffed with curried chicken and cubes of potato and wrapped in the flakiest pastry that has a gazillion layers. The Salt and Pepper Chicken Wings ($1/each) blew our minds, especially at only one smackerooney each! There was this savoury, umami flavour and the batter was super light and not at all oily and super tender and juicy meat oh man so good! And we also got a Pork Bun (Char Siew Bao) ($4) for good measure which the parentals loved, the bun was absolutely packed with juicy bbq pork and the pastry was ridiculously flaky.

The Penang Char Kway Teoh ($10) has a good amount of smoky wok hei flavour and is studded with slices of lap cheong sausage and my favourite crispy pork fat.

Over at Hong Kong Diner I ordered the Braised Beef Brisket with dry noodles which ($10) was so massive, I barely made a dent in it and had to get the rest packed for takeaway! The beef is meltingly soft with gloriously fatty striations and the mound of leafy green veg was much needed to cut through the fat. Oh and it came with a complimentary peppery soup too.

Dessert time! We headed back to Old Jim Kee for Ice Kacang ($6) which is served in a bowl the same size used for noodles so it’s a pretty generous serve! There’s the usual grass jelly, creamed corn, Atap Chee (palm seeds) and jelly worms on top of a mountain of shaved ice but there’s also crushed peanuts and sultanas which I wasn’t a fan of. But it’s cold and refreshing and the only thing that stops us from melting in the heat.

I of course couldn’t resist trying Alex Lee Kitchen’s Durian Roti ($9) and it was pretty awesome. Someone correct me if I’m wrong but I don’t think anywhere else in Sydney does durian roti? The durian was wrapped inside the buttery and flaky roti and comes with a scoop of vanilla ice cream and seriously if you’re a durian lover, GET THIS!

Aaaand visited Bang Luck for Mango Sticky Rice ($7). It’s a bit steep compared to the rest of the stalls prices on food but eh I really wanted this and it’s tasty. On a previous visit I tried the Crispy Pork Belly ($10) and watch out the spice levels are pretty cray for someone who can’t handle the heat! The pork is awesome though, crispy and deliciously fatty with stir fried veg on a bed of rice.

There’ll be a rotation of popup stalls on the far end of Spice Alley, currently it’s Pok Lol with their salads, tacos and Banh Mi pork rolls. Masterchef 2015 alum Reynold Poernomo will be opening up a dessert bar in the Alley later this year too and Bar Chinois is hoping their liquor license will kick in shortly.

Spice Alley
Kensington Street,
Chippendale (look for the red signage in the alleyways between the restored houses)

Trading Hours:
Open daily: 11am-10pm

01 Oct 16:08

Like Uber, but for online harassment: Why we should be very afraid of new app Peeple

by Katherine Cross
Fergus Noodle

Sounds like an awful nightmare

By now it’s a cliche to make fun of Silicon Valley copycat-ism with the “this app is like Uber, but for x” joke, which has produced some amusing permutations. But it turns out what we needed to be afraid of was “it’s like Yelp, but for people.” 

That’s the elevator pitch of the forthcoming Peeple app, which essentially allows crowdsourced star ratings and reviews of… people. It’s being developed by Nicole McCullough and Julia Cordray, who both have a background in business. Cordray, who has successfully spearheaded two marketing companies, wanted to create an app where people could “showcase” themselves and their personalities; “Character is Destiny” thunders their inaugural slogan.

The Washington Post’s Caitlyn Dewey interviewed the co-founders for a withering column on the subject published yesterday afternoon. She discusses the ways in which the app is supposedly secure against abuse:

Peeple’s “integrity features” are fairly rigorous — as Cordray will reassure you, in the most vehement terms, if you raise any concerns about shaming or bullying on the service. To review someone, you must be 21 and have an established Facebook account, and you must make reviews under your real name.

You must also affirm that you “know” the person in one of three categories: personal, professional or romantic. To add someone to the database who has not been reviewed before, you must have that person’s cell phone number.

These supposed safeguards are woefully inadequate, not least because a phone number is often one of the pieces of private information that doxers release to online mobs. It also evinces the profound naivete of believing that lack of anonymity prevents abuse. There are thousands of examples one could use, but one will suffice. Illustrator and vlogger Kat Blaque wrote a comprehensive account of how she was repeatedly and viciously harassed by a man on Facebook who said things like “please girl you know you’d like a real man not these white knight bitches… I’d throw you on the bed and ravage you and you’d fucking love it” with his legal name, photo, and workplace attached to it all.

I emphasize this because this sort of thing happens to marginalized people on the internet every day. People don’t harass because they’re anonymous; they do it because they don’t think they’re doing anything wrong. Blaque reveals how she got her harasser fired by reporting him to his (now former) employer, New York Life Insurance; in the aftermath the man portrayed himself as the victim, refusing to so much as even apologize: “First off aggressive sex isn’t rape stupid… i.e. you would enjoy it you dumb cunt.”

Clearly there’s more at work here than anonymity; this something that Cordray and McCullough fail to consider. Even in the wake of mountains of criticism on Wednesday, they took to Facebook to say that they were listening to criticism but defended themselves by saying that their site would be even more “positive” than Yelp (defined by the total percentage of positive reviews) because “we are not anonymous as users of the Peeple app which should make our positivity even higher.” They also told critics condescendingly that they needed to learn that “people are good.”

I do believe in the fundamental goodness of humanity; it’s something to rely on in our darkest hours. But even if we have inborn empathetic instincts, they require cultivation and direction. Simply throwing people into a digital arena and expecting them to sort themselves out is what got us into this mess, which tech writer Sarah Jeong aptly calls “The Internet of Garbage,” in the first place. A Wild West will be treated as such by the most amoral actors, looking to expectorate without consequence as any trip to YouTube comments will verify.

Peeple venerates online rating culture in much the same way many entrepreneurs and CEOs have historically: a way to harness the wisdom of crowds and provide a reasonably objective, democratic metric for the quality of a good or service. The flaws with that system are apparent: we’ve all encountered one-star reviews on Amazon that either had nothing to do with the product (e.g. a complaint about the shipping) or were for extremely trivial or petty reasons. In theory, at an economy of scale, the bell curve will iron out the impact of such poor reviews, but that just barely works with basic products. When you get to, say, political books, review aggregation in the form of star-rating averages becomes next to useless. To return to Amazon, just look up your favorite feminist books. Odds are that many of the one or two star reviews are from MRAs.

Now, scale this problem up to the even more nebulous and subjective world of rating human beings. Dewey’s article has a good rundown of the way that smaller-scale, data hungry sites of the same nature, like Rate My Professor, express such profound bias that they cannot be said to communicate useful information. She writes:

In fact, as repeat studies of Rate My Professor have shown, ratings typically reflect the biases of the reviewer more than they do the actual skills of the teacher: On RMP, professors whom students consider attractive are way more likely to be given high ratings, and men and women are evaluated on totally different traits.

Then factor in Peeple prioritizing anyone who knows you “personally, professionally, or romantically.” What if you’re reviewed by a bitter and abusive ex? Or a sexually harassing co-worker who wants to ruin your reputation for turning down their advances? Or a controlling parent or spouse? Again and again, as dystopian as this app is the cardinal adjective I return to for describing it is “naive.” The idea that personal ties may not be toxic is breathtakingly naive.

In a society where women are more likely to be raped by someone they know, where domestic violence remains rampant, and where online harassment — particularly against marginalized groups — is metastasizing into ever more organized, collectivist hate campaigns, such an app as Peeple can only be construed as another vector for abuse.

Peeple itself may fizzle under this torrent of criticism, but the idea isn’t going away. We are sleepwalking into a future where we are metamorphosing from citizens into “content,” and Peeple’s premise is the logical endpoint of this.

If you think the problem of harassment is bad now, wait until we all become forcibly commodified before the baying crowd of the entire internet.

02 Oct 16:34

Whole Foods promises to stop selling food produced by people in prison

by Dana Bolger

At last: Whole Foods has promised to stop selling food produced by people in prison.

The change comes in response to years of bad publicity and protest, including, last week, a direct action at a store in Houston. While the company markets itself as hip, progressive, and a champion of sustainability (“We embrace our responsibility to co-create a world where each of us, our communities and our planet can flourish”), Whole Foods has come under fire for charging customers $12 a pound for cheese produced by workers paid less than a dollar a day.

In a smart piece over at Dissent last year, Trish Kahle exposed the hypocrisy behind the Whole Foods brand:

If Whole Foods sells free-range eggs because it’s inhumane to keep hens in cages that rob them of their quality of life, it seems more than a little contradictory to then claim that exploiting the labor of caged humans who have been ripped from our communities—often for nonviolent offenses—and locked up by a barbarous criminal injustice system is ‘serving the community.’

Whole Foods’ CEO, a staunch libertarian, is a big proponent of so-called “conscious capitalism.” Conscious capitalism is marketed to the American public under a million different names — corporate responsibility, corporate social responsibility, responsible business, and (my personal favorite) corporate citizenship — but, at the end of the day, it’s all just capitalism with a smile. The company’s comfortable reliance on exploited labor exposes the ruse.

So too does its recent decision to shape up. Whole Foods didn’t decide to stop relying on exploited prison labor because it cares about people in prison. It didn’t stop because it cares about workers’ rights, or even about its customers. It stopped in order to come “in-tune with [its] customers’ wishes.” It stopped, in other words, because it cares about its bottom line.

That’s why this week’s victory feels deeply incomplete. Responsive only to the ethic of profit under the logic of capitalism, Whole Foods will inevitably find some other way to keep profits up and people down. And, what’s more, Whole Foods is just one company of many that relies (and — in a capitalist system — necessarily must rely) upon an underpaid, powerless labor force to keep overhead low and profit margins high. Labor exploitation is just one abuse of many (rampant gender violence, for instance) levied against people in prison. And prison is just one tactic to keep black and brown folks down. The exploitation of (black) labor is foundational to this country.

So let’s not go out and enjoy our goat cheese conscience-free. The fight isn’t over because the exploitation isn’t; the system that produces and maintains economic (and racial, and gender) violence is still going strong. As organizer Michael Allen succinctly put it, “We can only emancipate prisoners by ending capitalism.”

29 Sep 17:16

A Staycation at the InterContinental Double Bay!

Fergus Noodle

Let's do the cocktail high tea!

The leafy affluent suburb of Double Bay is the home to Sydney's latest luxury hotel development. What used to be the Ritz Carlton has been transformed into the InterContinental Double Bay with a completely new look for this stunning hotel. And it's full of surprises from the spacious suites to what has to be Sydney's best value afternoon tea. Value in Double Bay? Yes!
27 Sep 23:02


by mugumogu


Hey Maru, you are like a Teru teru bozu!

22 Sep 17:39

Eating Ethiopian at Aaboll Cafe & Persian at Shiraz, Merrylands

Fergus Noodle

NQN doesn't like Merrylands shocker!

One Friday night we decided to take a drive out to Merrylands thanks to a recommendation from a reader Mrs Flowerpot. She had recommended an Ethiopian restaurant called Aaboll as well as a Persian ice cream shop. What we found was a surprise as well as the chance to eat with our hands!
20 Sep 21:04

On A Roll - Finding Sydney's Best Sausage Roll!

Fergus Noodle

Man this has got all my haunts in it

Our intrepid and hungry squad set out this past weekend to travel across Sydney to try and find the best sausage roll on offer. Buoyed by childhood memories and a craving for this classic Australian snack we pitted old skool against the new breed of sausage rolls. What emerged was surprising to say the least!
19 Sep 17:14

Nutella & Honey Shibuya Brick Toast

Fergus Noodle

love dis shiz

This breakfast or afternoon tea toast is like no other. From Japan, this home made version of the famous Shibuya Brick Toast will have you falling for its buttery, honey soaked crunch. The ice cream and Nutella make it that much more irresistible! Serves 2 or 1 very hungry person!
15 Sep 22:50


by mugumogu

Hey Hana, there has been already something in the box.

Hana:[Wow, I cannot get into it...]

Maru:[This box is already full.]

Hana:[I am satisfied on this box.]




14 Sep 04:03

Tracking a Bluetooth Skimmer Gang in Mexico

by BrianKrebs

-Sept. 9, 12:30 p.m. CT, Yucatan Peninsula, Mexico: Halfway down the southbound four-lane highway from Cancun to the ancient ruins in Tulum, traffic inexplicably slowed to a halt. There was some sort of checkpoint ahead by the Mexican Federal Police. I began to wonder whether it was a good idea to have brought along the ATM skimmer instead of leaving it in the hotel safe. If the cops searched my stuff, how could I explain having ultra-sophisticated Bluetooth ATM skimmer components in my backpack?

The above paragraph is an excerpt that I pulled from the body of Part II in this series of articles and video essays stemming from a recent four-day trip to Mexico. During that trip, I found at least 19 different ATMs that all apparently had been hacked from the inside and retrofitted with tiny, sophisticated devices that store and transmit stolen card data and PINs wirelessly.

In June 2015, I heard from a source at an ATM firm who wanted advice and help in reaching out to the right people about what he described as an ongoing ATM fraud campaign of unprecedented sophistication, organization and breadth. Given my focus on ATM skimming technology and innovations, I was immediately interested.

My source asked to have his name and that of his employer omitted from the story because he fears potential reprisals from the alleged organized criminal perpetrators of this scam. According to my source, several of his employer’s ATM installation and maintenance technicians in the Cancun area reported recently being approached by men with Eastern European accents, asking each tech if he would be interested in making more than 100 times his monthly salary just for providing direct, physical access to the inside of a single ATM that the technician served.

One of my source’s co-workers was later found to have accepted the bribes, which apparently had only grown larger and more aggressive after technicians in charge of specific, very busy ATMs declined an initial offer.

My source said his company fired the rogue employee who’d taken the bait, but that the employee’s actions had still been useful because experts were now able to examine the skimming technology first-hand. The company tested the hardware by installing it into ATMs that were not in service. When they turned the devices on, they discovered each component was beaconing out the same Bluetooth signal: “Free2Move.”

Turns out, Free2Move is the default name for a bluetooth beacon in a component made by a legitimate wireless communications company of the same name. I also located a sales thread in a dubious looking site that specializes in offering this technology in mini form for ATM PIN pads and card readers for $550 per component (although the site claims it won’t sell the products to scammers).

f2mThe Bluetooth circuit boards allegedly supplied by the Eastern Europeans who bribed my source’s technician were made to be discretely wired directly onto the electronic ATM circuit boards which independently serve the machine’s debit card reader and PIN pad.

Each of the bluetooth circuit boards are tiny — wafer thin and about 1 cm wide by 2 cm long. Each also comes with its own data storage device. Stolen card data can be retrieved from the bluetooth components wirelessly: The thief merely needs to be within a few meters of the compromised ATM to pull stolen card data and PINs off the devices, providing he has the secret key needed to access that bluetooth wireless connection.

Even if you knew the initial PIN code to connect to the Bluetooth wireless component on the ATM —the stolen data that is sent by the bluetooth components is encrypted. Decrypting that data requires a private key that ostensibly only the owners of this crimeware possess.

These are not your ordinary skimming devices. Most skimmers are detectable because they are designed to be affixed to the outside of the ATMs. But with direct, internal access to carefully targeted cash machines, the devices could sit for months or even years inside of compromised ATMs before being detected (depending in part on how quickly and smartly the thieves used or sold the stolen card numbers and PINs).

Not long after figuring out the scheme used by this skimmer, my source instructed his contacts in Cancun and the surrounding area to survey various ATMs in the region to see if any of these machines were emitting a Bluetooth signal called “Free2Move.” Sure enough, the area was blanketed with cash machines spitting out Free2Move signals.

Going to the cops would be useless at best, and potentially dangerous; Mexico’s police force is notoriously corrupt, and for all my source knew the skimmer scammers were paying for their own protection from the police.

Rather, he said he wanted to figure out a way to spot compromised ATMs where those systems were deployed across Mexico (but mainly in the areas popular with tourists from Europe and The United States).

When my source said he knew where I could obtain one of these skimmers in Mexico firsthand, I volunteered to scour the tourist areas in and around Cancun to look for ATMs spitting out the Free2Move bluetooth signal.

I’d worked especially hard the previous two months: So much so that July and August were record traffic months for KrebsOnSecurity, with several big breach stories bringing more than a million new readers to the site. It was time to schedule a quasi-vacation, and this was the perfect excuse. I had a huge pile of frequent flier miles burning a hole in my pocket, and I wasted no time in using those miles to book a hotel and flight to Cancun.


There are countless luxury hotels and resorts in Cancun, but it turned out that the very hotel I picked — the Marriott CasaMagna Hotel — had an ATM in its lobby that was beaconing the Free2Move signal! I had only just arrived and had potentially discovered my first compromised ATM.

View from the Marriott CasaMaga Hotel in Cancun.

View from the Marriott CasaMaga Hotel in Cancun.

However, I noticed with disappointment that for some reason all of my Apple devices — an iPhone 5, a late-model iPad, and my Macbook Pro — had trouble reliably detecting and holding the Free2Move signals from one of the two ATMs situated in the hotel lobby.

I decided that I needed a more reliable (and disposable) phone, so I hopped in the rental car for a quick jaunt down the road to the local TelCel store (TelCel is Mexico’s dominant mobile provider and a company owned by the world’s second-richest manCarlos Slim). After perusing their phones, I selected a Huawei Android phone because — at around USD $117  — it was among the cheapest smartphones available in the store. Also, the phone came with plenty of call minutes and a semi-decent data allowance, so I could now avoid monstrous voice and data roaming charges for using my iPhone in Mexico.


Tourist attractions next to Plaza Caracol.

Nearby the TelCel store was Plaza Caracol — a mall adjacent to a huge tourist nightlife area that is boisterous and full of Americans and Brits on holiday. The car parked in the mall’s garage, I pulled out my new Huawei phone and turned on its bluetooth scanning application. The first ATM I found — a machine managed by ATM giant Cardtronics — quickly showed it was beaconing two Free2Move signals.

Returning to the Marriott hotel, I found that the two Free2Move bluetooth signals showed up consistently and reliably on my new phone’s screen after about 5 seconds of searching for nearby bluetooth connections. The compromised ATM in the hotel also was a Cardtronics system.

At this point, I went to the front desk, introduced myself and asked to speak to the person in charge of security at the CasaMagna. Before long, I was speaking with no fewer than six employees from the hotel, all of us seated around a small coffee table overlooking the crystal-blue ocean and the pool. I explained the situation and everyone seemed to be very concerned, serious, asking smart questions and nodding their heads.

A man who introduced himself as the hotel’s loss prevention manager disclosed that Marriott had recently received complaints from a number of guests at the hotel who saw fraud on their debit cards shortly after using their ATM cards at the hotel’s machine. The loss prevention guy said the company responsible for the ATM — Cardtronics — had already sent someone out to review the integrity of the machine, but that this technician could not find anything wrong.

[SIDE NOTE: That technician may have only inspected the exterior of the machine before giving it a clean bill of health. Another explanation is that the technician that was sent to find skimming devices didn’t report their presence because he was the one who installed them in the first place!]

That same day, I phoned Giovanni Locandro, senior vice president of North American business development at Cardtronics. He told me the company conducts periodic “sweeps” in Mexico to look for skimming devices on its machines and that it was in the process of doing one at the moment down there, although he didn’t acknowledge whether he was familiar with the exact scheme I was describing.

“We are doing another sweep as we speak down there,” Locandro said. “We do random sweeps, especially in tourist areas to check for those devices. But we haven’t heard of any cards being cloned. Any devices we receive we take those to our internal security folks, and then we contact the authorities.”

We couldn't dissuade these young ladies from using the compromised machine.

I couldn’t dissuade these young ladies and many others from using the compromised machine on my second evening at the hotel.

I showed the hotel folks the bluetooth beacons emanating from the ATMs in the lobby, and showed them how to conduct the same scans on their phones. Everyone roundly agreed that the technician had to be called again. But there were two ATMs in the lobby — one dispensing Mexican Pesos and another dispensing only dollars. How to know which ATM is compromised, they asked? Unplug them one by one, I replied, and you’ll see very quickly which cash machine is hacked because the bluetooth beacon would shut off.

Despite more head nods and a round of verbal agreement from the hotel staff that this was a good idea, to my surprise nobody at the hotel bothered to touch the machine for two more days. I watched countless people withdraw money from the hacked ATM; some of those I warned while in the lobby were appreciative and seemed to grasp that perhaps it was best to wait for another ATM; others were less receptive and continued with their transactions.

The next morning — after verifying that the hotel’s ATM was still compromised and trying in vain to hail the security folks again at the hotel — I headed out in the rental car. I was eager to visit some of the other more popular tourist destinations about an hour to the south of Cancun, including Playa del Carmen, Tulum and Cozumel. I wanted to see how many of those towns were hacked by this same skimming crew.

I was about to learn that the true scope of this scam was far larger than I’d imagined.

If you haven’t already done so, please check out Part II and Part III of this investigative series:

Tracking Bluetooth Skimmers in Mexico, Part II

Who’s Behind Bluetooth Skimming in Mexico?

06 Sep 04:40

New Star Kebabs, Auburn

by Helen (Grab Your Fork)
Fergus Noodle

I feel like it is weird to food blog about a kebab store

We’ve all been there. A late-night kebab loaded with meat and dripping with chilli sauce after a beer or three is a rite of passage. And even though New Star Kebabs is open late enough to help you kick that impending hangover to the kerb before it’s even begun (until midnight every evening), you’ll probably enjoy their kebabs even more when you’re sober. Seriously. Chicken kebab $9 It starts
02 Sep 17:15

So I Did A Yoga Retreat: Billabong Retreat, Maraylya

Fergus Noodle

She didn't really seem to like it

Billabong Retreat, a yoga and meditation retreat just an hour's drive away from Sydney was the recent setting for Mr NQN's birthday. While he would be in hippy heaven, how would a driven type A personality like me fare? And would this retreat cure me of my week long headache? Read on Dear Reader!
27 Aug 18:38

New favorite Instagram: Feminist_Tinder

by Maya Dusenbery
55db2592170000430156851bI’m definitely swiping right on Feminist_Tinder, a new Instagram account where one woman is documenting what it’s like navigating Tinder as a feminist. Laura Nowak just added the line “hello i am a feminist” to her profile, and the guys do the rest. 

Of course, including something about feminism in your online dating profile is also just a solid litmus test to weed out people you wouldn’t want to date/hookup with anyway. I mention that I’m a feminist blogger on my Tinder profile, and it hasn’t provoked many sexist responses, but then agin, I’m a terrible Tinderer, sporadic and selective. (Before you despair too much, Nowak’s received some positive responses too.)

What’s best about Feminist_Tinder is Nowak’s responses to the guys who message her. She offers sharp, often hilarious comebacks to their misconceptions and misguided ideas — about not just feminism but also sex, dating, and the sexist double standards that it never ceases to amaze me are still so rampant out there.



Check out more here.

30 Aug 06:18

Chester White Cured Diner, Potts Point [14]

by Susan Thye

So Noods went to the Hunter Valley for the weekend away with the boys, leaving me unsupervised which meant I may have bought 3 pairs of shoes, 2 books about robots, 6 boxes of Kit Kats, 3 handbags, a 17g Madame Truffles truffle, truffle ice cream and truffle salt. Yeah I dunno how that happened but the highlight of my weekend was having lunch with Viv, Sarah and Eric at Chester White Cured Diner with a sneaky beverage or two.

The place is pretty tiny, the bar runs the length of the room and behind the counter hangs an entire row of cured meats. So first things first, we order the Meat Platter (2 meats with sides $20, added 2 more meats for $6 each). We choose the Culatello ITA (King of cured meats! the menu exclaims), Truffle Salami, Sopressa Salami and Fennel Garlic Salami and the board is crammed with pickled carrots, cauliflower and radishes, bread, slabs of asiago and fontina cheeses and of course some olives.

We love the culatello which is similar to proscuitto but has a much more intense flavour and the heady aroma of the Truffle Salami has me weak at the knees. The fennel and garlic salami would’ve been awesome if it was a bit more garlic-y but it’s still tasty as is the sopressa washed down with a Negroni ($16) that is perfect for this almost spring weather.

We were actually thinking of heading to Buffalo Dining Club, Chester White’s sister restaurant in Darlinghurst- for their Spaghetti in a wheel of cheese, but then we heard about Chester White’s Truffled Spaghetti Cacio E Pepe ($22).

DAT TRUFFLE SCENT! Spaghetti, olive oil and pepper is mixed in the wheel so flakes of deeelicious truffle parmesan is scraped off ermahgerd if you love truffle you will love this! The pasta has a satisfying chew and as we scrape the plate clean I quietly contemplate ordering a second round.

And we couldn’t resist ordering the Not Chester Carbonara ($20) made with casarecce pasta, organic porcini mushrooms and speck.

Oooh yeah, mix it goood

Speck! My god how good is speck?! That fat, that flavour, THOSE GLORIOUSLY CRISPY NUBBINS! Each twisty pasta shell was coated in rich egg yolk so that the earthy mushrooms and bits of speck clung on for dear life before being delivered to my soul.

Oh and there’s the house made chilli sauce if you like a bit of spice.

I heart their plates hahaha

Not wanting to share, we ordered a round of the Cheeky Tiramisu ($5 each) which arrive in the cutest little mugs. It is the perfect ratio of cream and coffee soaked savoiardi biscuits and it turns out to be the perfect size for us after all the pasta.

Jars of house made pickles all lined up.

I love that Chester White has that Potts Point hipster vibe and the brilliant service, incredible pastas and tasty meats has secured a special place in my pasta loving heart.

Chester White Cured Diner
3 Orwell St,
Potts Point

Trading hours:
Wed – Thurs: 5pm – 11pm
Fri – Sat: 12pm – 11pm

Click to add a blog post for Chester White Cured Diner on Zomato

26 Aug 10:19

Kin Senn Thai Street Food, Haymarket, Sydney

by Helen (Grab Your Fork)
Thai cakes. We're talking flavours of Thai tea, young coconut, egg yolk and pandan slathered with cream. If you ever walked along Campbell Street in Sydney's Thai Town, you would have seen Ma Toom's cream-laden cakes out the front of a particular grocery store, beckoning you closer with its tortes and rainbow crepe cakes. They've moved around the corner to Pitt Street now, in the heart of Thai
23 Aug 17:14

A Chinese Afternoon Tea or a LoTea at Lotus, Sydney

Fergus Noodle

i live on den sesame balls atm but red bean ones

Afternoon tea is a favourite past time and the best way to catch up with dear girlfriends but what if afternoon tea was given a twist? How about a Chinese high tea or in this case a Lotea. Lotus in the Galeries Victoria in Sydney offers diners a unique Chinese themed afternoon tea with Chinese morsels and a delightful selection of organic teas and tea infused chocolates.
26 Aug 00:39

juliedillon: Here are all 10 illustrations for my Imagined...


Here are all 10 illustrations for my Imagined Realms project. As of this posting, there are 14 days left on the Imagined Realms Kickstarter! You can own prints of all these illustrations starting at $20 for the set. :) 

Artist you should follow if you aren’t already: Julie Dillon’s work is chock full of WOC depicted as powerful and wise in gorgeous fantasy/sci fi settings. One of my top favorite artists

23 Aug 00:28


by mugumogu
Fergus Noodle

Ahh Maru u wuss


Story of Maru&Hana.
I made this with reediting of blog articles and videos.

BGMはフリー音楽素材 H/MIX GALLERY様よりお借りしました。

19 Aug 09:05

Textbook Boulangerie-Patisserie, Alexandria

by Helen (Grab Your Fork)
Fergus Noodle

expensos but i'd still go

Decisions. It's never easy on your first visit to Textbook Boulangerie Patisserie, the newest haven for sweet tooths that opened in Alexandria less than a month ago. There's been a stampede of fans since the doors first opened, and no wonder. The army of glossy airbrushed desserts in the display cabinet - garnished with silver leaf, antennae of tempered chocolate and shields of macaron shells -
16 Aug 22:53


by mugumogu

Maru:[This hammock is full.]



01 Aug 05:56


by mugumogu
Fergus Noodle

Cat tea

It is teatime with Matatabi tea (Tea for cats).

14 Aug 14:49

In Which Ladel Ourselves Wet Fan Service

by Durga

God & Jon Hamm


Wet Hot American Summer: First Day of Camp
creators Michael Showalter & David Wain

It was right before Christmas in the year of our lord 1993 that The State debuted on MTV. Sketch comedy was previously the province of the old; Steve Martin was already in his late 60s by this time, and dating women a mere forty years younger. People still thought Eddie Murphy was hilarious. Non-Seinfeld based comedy as we know it was largely based around puns and the crankiness of Tim Allen's fictional wife Jill (Patricia Richardson). No one was sure what exactly was funny, or why. For some reason, people even found Chevy Chase amusing, or pretended to.

There was nothing to laugh at before The State came on the scene, and Wet Hot American Summer was basically a reunion show for the sketch comedy series that influenced so many young people of every profession. Did it matter that Ken Marino was now in his early forties and that apparently no one liked Kevin Allison enough to invite him back for this project? No. All that mattered is that we could laugh again.

The State's breadth was stunning, and its innovation fantastic — even its worst sketches were so mind-numbingly bizarre that they became even more humorous in retrospect thinking of the idea that MTV allowed them to air on cable television. Most older comedy shows just sit like lumps; quickly becoming dated because of a topical humor that is only understood in context. The State was nothing like that — those of its concepts which did not resonate at the time are now retrospectively funny twenty years later.

The one thing The State constantly avoided being was fan-service. Instead the half-hour show delivered what you did not expect, usually without incorporating profanity or lame cameos from more famous performers as surprises. The fact that it did not have to appeal to any extant audience is what allowed it to exist on its own terms. Well, all of that is flushed down the toilet with Wet Hot American Summer: First Day of Camp.

The original cast of the film looks surprisingly spry in this short Netflix series, with even David Hyde Pierce seeming like he has been in cryogenic sleep since Frasier. Only Showalter himself looks meaningfully different from his original character. I was watching First Day of Camp with a friend of mine whose idea of comedy is Sam Waterson playing gay, and she asked me to explain what the joke was here. "So they were old too old to play campers? And now they're still too old?" I nodded and focused my eyes on the tiny tee-shirt worn by Gerald "Coop" Cooperberg (Michael Showalter).

One of the most embarrassing things Roger Ebert ever wrote was his review of the original movie. None of the jokes resonated for him at all, probably because he was a generation older than any of the writers or performers in the film. He should have at least appreciated the lush, colorful aesthetic that David Wain has made his signature style. No one does a better closeup in this industry, and the broad array of talent is so wonderfully directed that even Chris Pine comes off as a magnificent performer.

First Day of Camp is a prequel to the original film. Coop has arrived to meet up with his girlfriend Donna (Lake Bell), who seems more interested in visiting Israeli counselor Yaron (David Wain). A camp production of the musical ElectroCity pairs theater counselor Susie (Amy Poehler) and dessicating Broadway character actor Claude (John Slattery). A subplot involving the government dumping chemical waste near the camp allows camp directors Greg (Jason Schwartzman) and Beth (Janeane Garofalo) a romantic interlude and explains how Jonas (Christopher Meloni) became Gene, the disturbed camp cook of the original film. Lastly, reporter Lindsay (Elizabeth Banks) goes undercover as a counselor to get a story about reclusive musician Eric (Chris Pine).

What exactly is First Day of Camp missing? It is almost completely composed of fan service, but that is not really the problem. Opening up the universe to amusing scenes filmed in New York in the office of magazine editor Alan (Jordan Peele) adds something different to the experience, even if characters like John Slattery's lecherous veteran actor, Jon Hamm's government assassin The Falcon and Michaela Watkins' lecherous choreographer fall a bit flat.

Wet Hot American Summer: First Day of Camp is such great fun it seems silly to ask for anything more. But extended scenes set at David Hyde Pierce's university or the courtroom of attorney Jim Stansel (Michael Cera) remind us of how exciting it would be to see a new comedy set in this wild universe instead of the familiar summer camp drama.

Demanding our most serious comedic talents revisit the scenes of their finest successes led to Beverly Hills Cop 3. Sure, without the comfort of the characters that proved so successful in the original film, Wet Hot American Summer: First Day of Camp would be an inconsistent mix of brilliant satire and completely bizarre flops (still not sure what Showalter was going for with his performance as Ronald Reagan), but that was pretty much The State. At least it wasn't content to trod out the same characters again and again, looking to resurrect whatever bit of genius captured the imagination the first time. Instead they moved onto the next thing.

Eleanor Morrow is the senior contributor to This Recording. She is a writer living in New York.

"You're Mine (The Chase)" - Meiko (mp3)

"Oh My Soul" - Meiko (mp3)

11 Aug 23:00


by mugumogu

Maru:[I'm sharpening my nail intensely.]

At that time,

Hana:[Excuse me!]

Hana passed in front of him intentionally.

まる:「こらー! このでっかいお尻めっ!!」
Maru:[Hey, your big buttocks are obstructive very much.]

Hana:[Don't complain about a trivial thing!]

02 Aug 10:22

Eggslut, Los Angeles [8]

by Susan Thye
Fergus Noodle

u guys can go to eggslut

Eggslut, Los Angeles - Bacon, Egg and Cheese Sandwich ($6)
So originally I was going to do a burgers of USA post but well, Eggslut in Los Angeles totally deserves a post of its own because yo look at dat Bacon, Egg and Cheese Sandwich ($6)!!! It’s been 3 weeks since I consumed it and it still calls to me in my dreams!

Eggslut, Los Angeles - Bacon, Egg and Cheese Sandwich ($6)
Seriously, how can a burger be so beautiful, just oh so attractive? The toasty warm brioche bun holds the crispylicious curls of hardwood smoked bacon, the melty cheddar cheese draped over the medium egg that will spill forth a river of yolk-y goodness and a slightly spicy chipotle ketchup brings everything all together in delicious harmony.

Eggslut, Los Angeles - Bacon, Egg and Cheese Sandwich ($6)
Innards shot because when something is that delicious you just want to share every single angle possible with the world. Seriously though? Best damn breakfast burger I’ve ever had.

Eggslut, Los Angeles - Slut ($9)
I may have blushed when ordering the Slut ($9) but you’ll have absolutely no regrets once you take one bite of the coddled egg which is layered on top of an impossibly smooth potato purée and served with slices of crisp baguette.

Eggslut, Los Angeles - Slut ($9)
Oh. My. Freaking. God. I may have just weeped with joy at this incredible flavour combination and seriously considered ordering a second round after my tastebuds went into a frenzy after that first bite.

Eggslut, Los Angeles - Gaucho Sandwich ($11)
I thought about getting the Fairfax Sandwich ($7) which is stuffed with scrambled eggs, chives, cheddar cheese, caramelized onions and sriracha mayo but thought I should try a non egg sandwich and ordered the Gaucho Sandwich ($11) instead. While the combination of the juicy seared wagyu tri-tip steak, chimichurri, red onions, arugula (rocket) and an over medium egg tasted perfectly fine, my stomach mourned that it could not fit in another bae roll.

Eggslut, Los Angeles - Grand Central Market
Eggslut started off as a food truck before setting down roots in the Grand Central Market and apparently queues for Eggslut can be pretty insane but since we were still on Sydney time (and never really adjusted during the whole trip lol) we arrived around 3pm with only a 5min wait and easily grabbed a stool at the bar. The area is a bit dodgy but if you visit LA, Eggslut is definitely a must do!

Stall D-1, Grand Central Market
317 S. Broadway
Los Angeles, California

Trading Hours:
7 days: 8am – 4pm

Click to add a blog post for Eggslut on Zomato

28 Jul 13:55

Victoria, 33

“I like to design my owen clothes and I often modify clothes to make them fit my body better. Strong personality and femininity inspire my style.”

13 June 2015, Sideways Festival

29 Jul 21:30

Thursday Tipples 10 / Boozy Hot Chocolate 3 Ways

by Lisa Manche
boozy hot chocolate | spicyicecream

Along with polka dot scarves and a steady rotation of slow-cooked dinners, hot chocolate is an absolute necessity at this time of year. Everyone knows how to make a basic hot chocolate, but I've taken it a couple of steps further. For this month's Thursday Tipples I bring you not one, but three tasty and boozed up ways to serve it. The winter blues are totally a real thing - and these drinks will help to brighten your cold nights and warm you up from the inside out.

boozy hot chocolate | spicyicecream

There is something so comforting about wrapping your cold hands around a warm mug. Out of the three versions, I honestly couldn't pick a favourite - I really loved all of them for different reasons. Of course the chocolate that you use is really important here because it's the dominant flavour, so pick one that you love. I also have to thank my sister Beth who helped me make, style and photograph all three recipes in one afternoon - and drink them afterwards ;) Hope you enjoy them as much as we did!

boozy hot chocolate | spicyicecream

1. Nutella and Frangelico Hot Chocolate

This is great for a hot chocolate emergency - if you have no chocolate in the house but can scrape around 2 tablespoons of Nutella from the jar, you're in luck. The almond milk and Frangelico help to make it a little special.

  • 1 cup almond milk
  • 1/4 cup cream (optional)
  • 2 large tablespoons Nutella
  • 30ml Frangelico
  • Whipped cream, to serve

Place the almond milk and cream into a small saucepan over medium heat. Whisk in the Nutella until smooth and combined. Remove from the heat and add the Frangelico. Serve with whipped cream.

boozy hot chocolate | spicyicecream

2. Birthday Cake Hot Chocolate

This one is just plain fun. How can you not love anything with sprinkles on top! It's pretty sweet, as you would expect, but it's delicious. Kids would love this too - just leave out the booze!

  • 1/4 cup milk chocolate, melted
  • 1 cup milk
  • 1/4 cup cream (optional)
  • 1/3 cup white chocolate, chopped
  • 3 teaspoons dry vanilla cake mix
  • 1/2 teaspoon vanilla extract
  • 30ml Cake flavoured vodka
  • Whipped cream and sprinkles, to serve

Place the milk and cream into a small saucepan over medium heat. Whisk in the white chocolate, cake and vanilla extract until chocolate has melted. Remove from the heat and add the Cake vodka. Spoon a layer of melted milk chocolate into the serving glass. Pour the hot chocolate over the back of a spoon into the glass. Serve topped with whipped cream and sprinkles.

boozy hot chocolate | spicyicecream

3. Red Velvet Hot Chocolate

This is a pretty and tasty version of hot chocolate spiked with a white chocolate liqueur. I love the red colour and the addition of cream cheese icing and crumbled cake on top really bring it all together. 

  • 1 cup milk
  • 1/4 cup cream
  • 1/3 cup milk or dark chocolate
  • A few drops red food colouring
  • 1/2 teaspoon vanilla extract
  • 30ml white creme de cacao
  • Cream cheese icing and red velvet cake, to serve

Place the milk and cream into a small saucepan over medium heat. Whisk in the chocolate until melted. Add the red colouring (one drop at a time until you have the colour you're happy with) and vanilla extract. Remove from the heat and add the white creme de cacao. Pour into a mug and serve topped with cream cheese icing and crumbled red velvet cake.