Saturday, May 30. 2009
The most powerful tool in the image analysis toolkit is the human skill of observation. Use your eyes and your head. If you just use your eyes, then images can fool you. And if you just rely on logic, then you may miss facts acquired by your eyes. Digital analysis tools just help us reconcile differences between our eyes and our head.
Look Smarter, Not Harder
North Korea is always under close scrutiny. Unfortunately, our society has become so jaded by the widespread use of Photoshop in ads, on the Internet, and from the mass media, that we just assume that North Korea must be doctoring images.
For the record: I have never detected any instance of North Korea digitally modifying images. I've seen other people take pictures from North Korea and doctor them, but never anything from an officially released photo.
Instead, North Korea does a different type of manipulation: they release undated, old photos as if they were recent. Moreover, most of their photos are staged (stand there, say cheese) and not impromptu. These staged photos all look very similar. The problem is compounded by Kim Jong Il, who has a limited wardrobe -- he frequently appears to be wearing the same clothing in photos taken years apart.
Not Crazy
North Korea and Kim Jong Il may be called many things, but "crazy" is not one of them. Xenophobic, yes. Paranoid, yes. Communist? Duh. Oppressive, certainly. But crazy? Not really... In fact, many of the anti-information techniques that Kim Jong Il has employed are pretty brilliant.
(Kim Jong Il's brilliance is kind of like Joker to Batman. Joker may have many anti-social tendencies, but Joker still is brilliant. Similarly, there is Hitler, who, despite his genocidal actions and quest to conquer the world, was still a brilliant orator. Evil? Yes. But he knew how to talk.)
With North Korea and Kim Jong Il, they have taken a number of brilliant steps to keep the rest of the world in the dark. For example, Kim Jong Il always wears the same clothing. Is it because he has no fashion taste? Of course not! By always looking the same, they can release photos taken over a decade without giving away when it was actually taken.
The same goes for poses. Was Kim Jong Il posing with the troops in Pyongyang, Sinuiji, Wonsan, or some other city? Who knows... they all look too similar.
Moreover, there are never any crowds around him. So if their media says that KJI was in Chongjin, who is to say that he wasn't?
Low Intelligence
The reason I bring up this rant is because of a recent entry on Digg: North Korea Sucks at Photoshop. Basically, the picture is yet another undated and generic photo of Kim Jong Il posing with troops.
According to a 7-November-2008 report by Time Magazine:
Doctored?
This image, released on November 5 [2008], claims to show Kim with a North Korean military unit. The BBC and the UK's Times newspaper have raised questions about the legitimacy of this image. Experts point to a line at knee-height that runs behind the soldiers in the front row of the reviewing stand where Kim poses. The line stops at the two soldiers standing to his left and right, suggesting that he was digitally inserted into the photograph.
Sometimes I really worry when I hear stupid statements made by the media. I mean, their words influence our thoughts. In that case, the media is stupid. Hey BBC and UK's Times: It's not shopped!
If you look at the white steps behind the people in the front row, you will see a ledge a few inches from the top. This ledge runs the full length of the first step. However, it is not visible behind Kim Jong Il. There is a good explanation for this, and it does not include Photoshop.
You need to understand how the bleachers work. These portable bleachers are not very long. They can't be -- if you're moving them then they must fit on a truck. A photo (I think it was taken in 2005) shows the size of two bleachers. You can see where the bleachers meet right behind Kim Jong Il's legs.
If you look at the Time image, you can see that there are four bleachers next to each other. When bleachers are set next to each other, there is bound to be a problem: alignment. One will be slightly higher than the other. To fix that, they must be bolted together (showing ugly bolts). In fact, a photo dated 17-August-2007 actually shows adjacent bleachers and the ugly bolts.
This picture shows two sets of bolts. The obvious one is behind Kim Jong Il (photo right). The other is on the left edge of the picture.
There are also ugly bolts in the Time photo:
My red circles show the edges of the adjacent bleachers and the visible bolts.
There is one other problem with this photo: the middle is sagging. You can actually see that everyone is lower in the middle. This bowing could be due to poor construction, due to the poor bleacher alignment, or due to a bend in the camera lens. Since the local minima to the bend is where two bleachers should meet, I'll blame alignment and not camera.
The ugly bolts should appear periodically. But the ones in the middle of the Time picture are missing. There should also be a set of ugly bolts somewhere behind Kim Jong Il.
So what are we seeing in the Time photo? We are seeing adjacent bleachers with Kim Jong Il standing right in front of the middle where the ugly bolts should be. Rather than showing the ugly bolts, they covered it with a tarp of some kind.
Sorry folks, not photoshopped.
Do You Trust Your Eyes?
Now for the bonus points: Are these all photos of the same bleachers?
- The winter photo shows a long, horizontal scratch along the middle of the bottom step. If the bleachers were swapped left/right, then the scratches should be adjacent.
- The applause photo has bleachers with very similar scratches (look at the people next to Kim Jong Il's hands).
- And in the Time photo? Look at the far left...
Why don't the bleachers appear in any satellite photo of North Korea? They keep moving them... Brilliant.
Friday, May 29. 2009
North Korea has been busy this last week. First, then conducted a nuclear test on 25-May-2009. This underground test registered as a 4.7 earthquake with a depth of 0km (surface). The test was conducted within 60 miles of two major North Korean cities. For a comparison, the nuclear tests conducted by the US in Nevada in 1951 were 100 miles from the nearest city (Las Vegas).
Since their test nuclear explosion, North Korea has begun launching test missiles. So far, six have been launched. They have also threatened to attack US and South Korean warships that get too close.
This particular nuclear test was likely a reaction to more sanctions from the U.N. Security Council. Last month North Korea explicitly threatening to perform more nuclear tests if they did not receive an apology.
Following the test (they said they would and they did), they have since threatened to retaliate if anymore sanctions are made against them.
The big question is, what is going on with North Korea?
Childish
This seems like child-logic to me. If you do something bad, then you'll be punished. So you threaten to do more bad things until the punishment ends.
This type of cyclical logic (do bad, get punished, do more bad to get even, get punished again, etc.) can only end one way: with a blinding flash of light.
What we really need to do is understand the underlying cause and address it...
Blame Mexico!
If you believe the North Korean News Agency, KCNA, Kim Jong Il went to Mexico to celebrate the Worker's Party... and nobody noticed!
This event reportedly happened on May 20th. One would think that if a world leader visited another country then there would be at least one picture or one news report. So far, none have turned up.
The news report also cites "Juan Campos Vega" of the Mexican Institute for the Study of the Juche Idea as a speaker. I find it odd in this day and age, I can find no mention of this institute and no mention of this person except in reports from North Korea. (Fake visit with fake speakers?)
Following this "trip to Mexico", North Korea began nuclear testing and missile launching. Must be the water...
Theories
North Korea is a very secretive country. Without any official statement, the mass media and governments are left speculation about what is really going on. Some theories so far:
Gimme Help. Historically, the UN has relaxed sanctions in response to threats from North Korea. This could be another attempt at lessening sanctions.
Power Struggle. There may be a power struggle in North Korea between potential successors. The nuclear test may have actually been an effort to win over the military.
Along with the power struggle theory is a news report from North Korea that lists martyrs recently buried at the national cemetery. The dead people include Kim Hwan ( former chemical industry minister and vice premier since 1993) and Rim Ho Gun (department director of the Central Committee of the Workers' Party of Korea) and vice department directors (Pak Sung Su and Kang Kil Bong). Each of these people were either in the line of succession, or influential in the selection of a successor.
My Theory
I have another theory... Perhaps Kim Jong Il is already dead.
We know that KJI had a stroke last year. And pictures of him that can be timed as post-stroke show him looking gaunt and in poor health.
If he is already dead, then there are good reasons to want a war to start. For example, having a god-like emperor die of old age is not anywhere as honorable as being killed in battle. So if any foreign nation does so much as toss a pebble, North Korea can say KJI sacrificed his body to save his country. (Quick! Defrost the corpse and move it to where the missile hit!) This is kind of like Suicide By Cop except that he's already dead.
Unfortunately, nobody has retaliated with weapons yet. It is hard to appear threatening when the world treats you like a kitten.
Following his death, a war could also be used to show how great he was. "Look! He managed to keep the country safe while he was alive!" Then, the next leader can calm things down and look equally great. (Well, can anyone ever be an 'equal' to the great Kim Jong Il?)
Something significant is definitely going on with North Korea. Besides their overt actions that appear threatening in the news, also watch for the more subtle stuff, like statements about things that did not happen, the timing of changes in government departments, and important reports that lack interesting details. It is as much about what they don't say, as what they do say.
The blog title is meant to allude to the movie "A Weekend at Bernies" where they carry a corpse to parties, and not Bernie Madoff who scammed the world.
Saturday, May 23. 2009
The media has been all over a newly disclosed 'secure' operating system from China called 'Kylin'. ZD Net, The Inquirerer, and MSN (to name a few) all have articles about this 'unhackable' operating system.
Assuming that such as system exists, it means that existing cyber efforts against Windows, Mac, and Unix systems would be pointless since we're focusing on the wrong systems. There has even been speculation about whether Kylin is actually a hardened version of Linux or BSD.
Your download has 12 minutes remaining...
My thought is: why speculate when I can actually download Kylin and look for myself.
Kylin has their own web site at http://www.kylin.org.cn/. The site includes news, updates, and forums. Although the download links are currently disabled, you can find mirrors easily enough. Search Google for "KYLIN-2.1-1A.iso" and "KYLIN-2.1-1B.iso".
Considering that there are open forums for a live community, this hardly seems like a secret weapon.
Inside the ISOs
I've begun going over the Kylin ISOs (dated 2006) and so far, nothing looks like a cyberthreat. Unless they slid some malware inside one of the RPMs, there is nothing dangerous here.
Oh yes: I said 'rpm', as in 'RedHat Package Manager'. The speculation is a focus on FreeBSD. But this uses the RedHat/Fedora packaging system. (By default, BSD uses 'ports' as the package installer, and not rpm.)
I had previously written about various custom Linux distros. A distribution is a collection of otherwise-disconnected packages. Most distributions are customized for a particular field or purpose. For example, "Edubutu" is Ubuntu for educational environments, RedHat focuses on Linux with corporate support, and NetBSD focuses on stability and security. Other distros are tuned for a particular purpose (everything from game-specific configurations to religious and astronomy).
From what I can tell, Kylin (circa 2006) is nothing more than Redhat/Fedora tuned for the Chinese language and it includes a large number of optional packages already available to the online community. Just as Ubuntu selected the packages considered "Best" for their distribution, it seems that Kylin has also just collected various packages and preconfigured them.
To reiterate: The Kylin packages all include standard open source and public packages which have been brought onto one system for easy installation.
Some things that Kylin includes:
- Font sets, X11, and Gnome configured for Chinese.
- Standard crypto libraries. Some Linux distributions do not include them by default because of munitions and export restrictions. China does not have those issues, so they packaged up crypto-utils-2.0-4.i386.rpm and a few other packages.
- Various communication protocols like PPPoE, PPP, OSPF, and RADVD. Basically, it looks like the distro wants to have the option to connect to anything.
- Various archive files. They include things like rar-2.90-2.i386.rpm (support for Windows RAR archives).
- Various media players. They include RealPlayer10GOLD-10.0.5.765-20050513.i386.rpm and other media players. Basically, they want to play anything.
- VMware. (Always good to have an emulator available.) I don't know if packaging a distro with VMware violates the VMware licensing, but that's between VMware and China. (Same goes for including the RealPlayer package...)
In fact, beyond a few configuration files, a PDF on installation, and a splash-screen logo, I'm not seeing anything that is not obviously from some standard open source or publicly available package.
Technically, Kylin seems to use the Mach kernel (same family of kernels used in both BSD and Mac OS X systems). The most interesting aspect is that it includes LuValley -- a virtual machine monitor. From the description:
Luvalley is a Virtual Machine Monitor (VMM) spawned from the KVM project, because its part of source codes are derived from KVM. However, its overall architecture is completely different from KVM, but somewhat like Xen. Luvalley runs outside of Linux, just like Xen's architecture, but it still uses Linux as its scheduler, memory manager, physical device driver provider and virtual IO device emulator. Moreover, Luvalley may run WITHOUT Linux. In theory, any operating system could take the place of Linux to provide the above services. Currently, Luvalley supports Linux and Windows. That is to say, one may run Luvalley to boot a Linux or Windows, and then run multiple virtualized operating systems on such Linux or Windows.
The Kylin distribution seems to provide a lot of optional software. Considering all of the network services that they will be opening, including all of the network service announcement daemons, and all of the file formats and optional plugins (like most plugin modules for Apache), I'd actually say that Kylin is potentially LESS secure that other distributions.
What was that threat again? China has their own super secure operating system? Unless the security is from being unable to read Chinese (security by obscurity), I'm just not seeing it.
From the Mouth
At EuroBSDCon 2006, the person responsible for the Kylin project gave a public presentation. Qingbo Wu described Kylin as an operating system "focusing on high performance, availability and security". Although they say it contains a "system service layer which is based on FreeBSD", it was designed to be compatible with Linux (hence all of the RPM files).
The speaker does mention that it received government funding in 2002. However, that does not mean that it is a government project. I mean, seriously: Windows, Linux, BSD, and SSH all receive funds from government sponsors. Does that mean that we are all using secret hidden weapons?
Moreover, if this were a secret project designed for offensive or defensive capabilities, then why give a presentation on it to the open source community?
Ready, Set, Panic!
The event that kicked off this initial cyber threat came from the " The U.S. - China Economic and Security Review Commission, Opening Statement of Kevin G. Coleman". The particular alert comes from pages 6 and 7 of the report:
2. We need to take any and all actions necessary to ensure our military has access to a continuing supply of new offensive and defensive cyber capabilities that are required and will continue to be required to defend our nation. This is not a one-time investment. Continuous investment will be necessary to respond to the ever changing global supply of computer technology. Chinese authors believe the United States already is carrying out offensive cyber espionage and exploitation against China. China therefore must protect its own assets first in order to preserve the capability to go on the offensive. While this is a highly unpopular statement, WE ARE IN THE EARLY STAGES OF A CYBER ARMS RACE AND NEED TO RESPOND ACCORDINGLY!
This race was intensified when China created Kylin, their own hardened server operating system and began to convert their systems back in 2007. This action also made our offensive cyber capabilities ineffective against them given the cyber weapons were designed to be used against Linux, UNIX and Windows. Refer to our report - RED SOS.
The uppercase text, which really is capitalized like that in the report, is certainly alarmist. But for clarity, alarmist does not mean that it is inaccurate.
However, the very next paragraph mentions Kylin. It describes Kylin as a hardened operating system, made by China, and negates our offensive cyber capabilities which were designed against "Linux, UNIX, and Windows".
Sorry Kevin, but I'm just not seeing that.
- I reviewed a 2006 version of Kylin. It was created by people in China, but I don't see anything that suggests it was created for military or government purposes.
- Creating a hardened system is not a fast process. Unless they did some complete recreation between 2006 and 2007, I seriously doubt that it has been very hardened. Just with the network services that are installed, it really seems far from secure.
- In 2006, Kylin was based on BSD (which is Unix) and Linux (rpm packages). So how does this invalidate any offensive UNIX and Linux capabilities?
Other people are also claiming that Coleman's statement is more hype that fact. Security Guru Bruce "I'm better than Chuck Noris" Schneier questioned the findings and speculates that it is more hype than fact. Even the Chinese media Xinhua denounced the findings as propaganda and stated that "'Kylin' was designed and used for civilian purposes only." While I would usually question Xinhua's own view as biased propaganda, this time their statements align with my own findings.
Thursday, May 21. 2009
Due to popular demand, I've begun porting some of my tools to other operating systems, starting with Mac OS X. I've always done a little bit of Mac development, but this is the first time I've gone whole-hog. I gotta say, it was not hard. It took me an hour to port most of the code, and two days to get the GUI working. (I'm so glad I chose to use ANSI-C and platform-independent functions.)
Tweaking the environment
Before porting the code, I needed to fix the environment. While basic Mac OS X is pleasant, it isn't designed for power users or developers.
To start things, I don't want a separate keyboard/mouse for the computer. For Linux and Windows, I use Synergy to link the desktops. I have two monitors connected to two different computers and sitting next to each other on the desk. However, one keyboard and mouse supports both computers. If the mouse moves to the left of the Linux monitor, then it appears on the right side of the Windows computer. Syngery bridges the keyboard, mouse, and clipboards between the two systems.
Unfortunately, Synergy does not work well with Macs. So, install a variant: SynergyKM. This seems to work really well. The only limitation: the initial login screen still requires a local keyboard. But after you login, the keyboard, mouse, and clipboard (text only) is shared.
And then there is VNC. MacOSX 10.5 (Leopard) comes with a "Remote Desktop" that supports VNC, but it sucks. It only works in full-color mode, it hangs whenever the screen saver kicks in, and it does not support a shared clipboard. Instead, I installed the Vine VNC Server. Now I have full VNC support -- including multiple bit depths and no hangs. (I use Synergy for when I'm in the office, and VNC for when I'm away.)
Surprise!
The Mac Mini that I use did not come with a keyboard and mouse. (The Mini expects you to provide your own.) I was very pleased to see that it natively supports a three-button mouse and scroll wheel. Not having to rely on "keyboard + mouse" combinations is a huge productivity gain.
I also like that you can run X11 applications from the non-X11 terminal or by double-clicking on them. If the X-server is not started, then it will start when needed. With older Mac operating systems (e.g., 10.3), you had to start the server yourself and all X11 apps had to be run from within the X-server.
Close, but not perfect
While the Mac provides a nice environment for developing software, there are still a few things that I don't like.
For example, on the Mac, you cannot cut-and-paste between X11 applications and the rest of the OS. Even highlighting the word in an xterm and doing a "Copy" (Command-C) will not always paste (Command-V) into a different application (like the non-X11 terminal); it seems to work irregularly and usually fails. Apple really needs to fix this. This is a huge problem when using X-apps like Gimp.
Highlighting a word from an X11 application on the Mac and pressing Command-C also does not copy it to the shared Synergy or VNC clipboards.
Perhaps I am spoiled from Linux, but I like highlighting text and having it immediately available from the clipboard. On Mac-specific applications, you must explicitly use Command-C to copy it. All of this Command-C/Command-V to copy and paste is just wasted effort. (Considering that Steve Jobs hates buttons, I'm surprised that Macs are still so dependent on keyboard combinations.)
While Apple does provide an X-server, it is definitely not any kind of standard. The server ignores ~/.xinitrc, ~/.Xdefaults, and similar X11 startup profiles used for customization. In other words: you've got an X-server, you just can't personalize it. Besides my own needs, this will be a huge problem for people with usability issues (e.g., blind and semi-blind).
Screen Shots and Keyboard Keys
Since I write lots of docs and work with graphics, I frequently take screen shots. Under Windows and Linux, this is easy: press the "Print Screen" button on the keyboard. Alt-PrintScreen captures just the active application.
Unfortunately, Macs (including 10.5) does not seem to recognize the "Print Screen" button. At all. Instead, you must use Command+Shift+3. To capture a specific region, it's Control+Command+Shift+3. That's four keys on one side of the keyboard. (Good thing I didn't lose a finger in wood shop, otherwise I'd be in trouble!) Making matters worse, the Control+Command+Shift+3 combination seems to hang SynergyKM. (It may have to do with the Linux server trying to create 16-bit unicode characters.)
The Mac does allow you to remap keycodes to function. However, the Print Screen button is not an option for mapping. The operating system does not even register that a button was pressed. Other keys that seem to be missing include "Insert", "Pause/Break", "Scroll Lock", "App" (the button that looks like a menu), and any special keyboard buttons beyond the Windows flag. (There is a great tool called Key Codes that displays the keyboard codes for debugging. It does not report these keys, which means -- as far as the OS is concerned -- they don't exist.)
Although there are some tips for simplifying screenshots on the Mac, none are as simple as "press one button." Moreover, most of the applications that simplify this task are not freeware.
(As an aside, the Synergy server for Linux intercepts the "Scroll Lock" key. Synergy uses it to lock the keyboard and mouse onto a particular display, preventing accidental scrolling to a different system.)
Finder not finding
Finally, the "Finder" (graphical file and folder viewer) does not show all files in the directory. The root directories like /usr, /etc, and /sbin exist, but don't show up in the graphical directory listing. If you want them to show up, then you have to run a command that makes lots of other crap appear (like ".DS_Store" and other "." hidden files):
defaults write com.apple.finder AppleShowAllFiles TRUE
killall Finder
Changing "TRUE" to "FALSE" restores the default.
I'm shuttering as I write this: I really want something like Gnome's Nautilus. Nautilus shows all regular files and directories, and has a quick-key (Control-H) to see all hidden (dot) files. Give me the same viewing capabilities as Nautilus, but with the Mac's nice graphics.
If anyone knows a way around these any of issues, please let me know!
Monday, May 18. 2009
Nearly every year some core industry suffers a catastrophic loss.
2005: Insurance. Hurricane Katrina was the worst natural disaster that the insurance industry had ever handled. Over $81 Billion dollars in damages. After that, some insurance companies stopped offering coverage to coastal residents. Rates went up along the entire coastal region so many people could no longer afford coverage.
2007: Economy. The current global economic crisis began.
2008: Banks, Stocks, Homes, and Cars. Bond Insurance companies collapsed. If you invest in AA or AAA bonds today, you're taking a risk. Why? Because the bonds are worth more than the insurance companies behind them. This year also had the housing collapse, massive bank failures, and automobile manufacturer bailouts.
2009. More bank failures and the year is not even half over. However, the big thing right now seems to be the American automobile industry.
Commonalities
There are a few things that all of these failures have in common. They lack transparency, they are overly complicated industries, and they are thoroughly dependent on decades of old technology.
People inside insurance companies had an idea of what was going on, but nobody outside saw it. Banks still are not telling us how they spent their bailout funds. And American car manufactures depended more on their good names than on developing higher mileage and safer vehicles.
For example, when was the last time American cars got higher crash test ratings than foreign vehicles? According to the IIHS's report for " Midsize moderately priced cars, only one of their top six safety picks was American made (Ford), and it gets worse gas mileage than some of the others. According to GreenCar.com, the Ford Fusion gets about 23 MPG while the Honda Accord gets 25 MPG and the Volkswagen Jetta gets 34 MPG. If they are equally safe, then buy the better mileage. And if cost is a factor, then the Jetta costs less than the Fusion (MSRP $17,515 versus $19,270).
And notice how the two failing companies (GM and Chrysler) are not even in the top safety picks.
Trends
Each of these failed industries have another similarity: variable pricing. If two people go into the same insurance agency and ask for the same coverage, they will be given different quotes. Same thing with cars; with the exception of Saturn (which GM recently eliminated), dealerships may give you a ballpark number, but there is no fixed price.
Dealerships also try to add confusion by throwing out other numbers under labels like "cash back", "bonus", "incentive", and "promotion". They use advertising gimmicks like "everything must go!", and "limited time only!" This sense of urgency means many people will not spend time looking closely at the numbers.
Pricing also varies with banks and stock markets purchases. If you want to buy shares of a company or invest in a fund, what price do you pay? Sometimes the price is "at the moment you bought it". Other times it is the closing day price, high for the day, low for the day, weekly average, or something equally nonsensical. Perhaps this is why selling stock requires a " settlement". You really don't know what you're getting, but you'll settle with whatever you get.
Unhealthy Market
Knowing these similarities, we can start to identify trends. A market is likely to fail if (1) it lacks transparency -- you don't know what is really going on, (2) it relies on old technology, (3) it is overly complicated, and (4) it won't give you a straight answer on pricing.
So what's the next market to fail? I think it will be the health care system. I'm expecting big hospital chains to declare bankruptcy, medical centers to close, and people to give up on health insurance. This will send shockwaves through another sector: the pharmaceutical industry.
It's been a few years since I had a physical. While I take my car for regular checkups, I skimp on my own. My insurance is good about covering medicines, but it usually rejects all in-person doctor visits. One would think that the checkup for getting a prescription would be covered along with the drugs, but one would be wrong. Drugs are covered, but my doctor's appointment usually is not. Unless I get taken in by ambulance, I fully expect the visit to be rejected.
Anyway, I recently checked my insurance to see what local hospitals are "in my network". My insurance company's web page directed me to a different company (mentioned in a small logo on my insurance card) who in turn directed me to a third company that listed some local hospitals. I think I know which ones are in my network, but I'm not sure. (Lacks transparency and overly complicated.)
I called a few hospitals to get a quote: how much does a regular annual physical exam cost? None of the hospitals would give me a number. None would even give me an estimate. Every one of them said "it varies". Varies on what? The reply: on whatever code the doctor writes down. I asked if they could give me a ballpark figure -- are we talking $10, $100, $1000? Assume that I have no insurance -- how much can I expect to spend? "It varies." They couldn't rule out $1000 or more for the basic exam.
One hospital actually told me that pricing varies on the topics that I talk to the doctor about. Good! "Do you have a price list for topics?" "No." So... if I say that I have allergies, am I charged more or less than mentioning that I'm coughing up blood? How much does it cost to answer "How are you doing today?"
Can you imagine going into the grocery store and asking "How much is the orange juice?" "It varies." "Varies on what?" "Varies on the code that the checkout clerk types in and the topics you talk about."
As far as I know, the last computer seller that made price determination overly complicated was CompUSA. And they declared bankruptcy, sold the brand to another company, and closed nearly all of their stores.
I'm actually more scared about this unknown pricing than anything the doctor might find. (A tumor the size of a basketball? Oh God! How much is this going to cost?)
Estimating Estimates
When asking for a cost estimate, I understand that some things should be priced "above" a baseline. If my car's 60,000 mile checkup reveals a bad timing belt, I understand that replacing it will be above the basic examination costs. With hospitals, if I need additional tests then it should cost more. However, hospitals should at least be able to give me a baseline price or general ballpark figure.
There are also hidden fees. I have friends who have had various operations -- in patient, out patient, extended stay, etc. The ones who actually looked at their bills each said that there were doctors listed who never came by, or who popped their heads in, saw that the patient was still alive, and left -- 10 seconds max. This could be wide-spread fraud, or it could be legitimate. But most hospitals do not keep detailed enough records to explain why another specialist was needed.
Semi-Transparent Field
In contrast to hospitals, other medical fields are much more direct and transparent. My optometrist and dentist readily provide pricing information when asked. I know how much a basic eye exam costs, I know how much glasses cost, and I even know the price to fill a cavity. I know these prices before I head to the appointment. But a basic blood pressure test at a hospital? No idea -- anywhere from $10 to $1000 or more, depending on what code the doctor writes down and the topics we talk about.
In all fairness, small walk-in clinics also give straight pricing. But these clinics have other problems: I never see the same doctor twice, they're not covered by my insurance, and many doctors are in training. This leads to clinic nicknames like "Doc in a Box" and "Quack Shack". It's fast-food health care.
Low Tech?
So hospitals lack transparency and cannot give even a vague estimate for something simple. And the entire process, from the hospital to insurance, is overly complicated, vague on details, and intentionally confusing. How about old technology?
While making my appointment, the person asked me some questions -- none related to my medical history. During this time, I kept getting placed on hold while the agent checked with her supervisor. It seems that the software was text based and overly complicated. She kept asking her manager about different codes and fields that needed to be filled in.
Text based and code numbers? That's like my insurance company -- but half of their software now has a GUI. (I'd also put my bank in there, but they got rid of their text-based system two years ago.) My optometrist and dentist both use paperless systems with pull-down menus (no code memorization) and intelligent forms. But the local hospitals? They seem to still use text-based entry forms circa Windows95. Sounds like old technology to me... It's enough to make a guy sick.
Every year a core industry fails. I fully expect 2010 to be the year of the hospital.
|
