119 posts categorized "Europe" Feed

Report: Significant Security Risks With Healthcare And Financial Services Mobile Apps

Arxan Technologies logo Arxan Technologies recently released its fifth annual report about the state of application security. This latest report also highlighted some differences between how information technology (I.T.) professionals and consumers view the security of healthcare and financial services mobile apps. Overall, Arxan found critical vulnerabilities:

"84 percent of the US FDA-approved apps tested did not adequately address at least two of the Open Web Application Security Project (OWASP) Mobile Top 10 Risks. Similarly, 80 percent of the apps tested that were formerly approved by the UK National Health Service (NHS) did not adequately address at least two of the OWASP Mobile Top 10 Risks... 95 percent of the FDA-approved apps, and 100 percent of the apps formerly approved by the NHS, lacked binary protection, which could result in privacy violations, theft of personal health information, and tampering... 100 percent of the mobile finance apps tested, which are commonly used for mobile banking and for electronic payments, were shown to be susceptible to code tampering and reverse-engineering..."

Some background about the U.S. Food and Drug Administration (FDA). The FDA revised its guidelines for mobile medical apps in September, 2015. The top of that document clearly stated, "Contains Nonbinding Regulations." The document also explained which apps the FDA regulates (link added):

"Many mobile apps are not medical devices (meaning such mobile apps do not meet the definition of a device under section 201(h) of the Federal Food, Drug, and Cosmetic Act (FD&C Act)), and FDA does not regulate them. Some mobile apps may meet the definition of a medical device but because they pose a lower risk to the public, FDA intends to exercise enforcement discretion over these devices (meaning it will not enforce requirements under the FD&C Act). The majority of mobile apps on the market at this time fit into these two categories. Consistent with the FDA’s existing oversight approach that considers functionality rather than platform, the FDA intends to apply its regulatory oversight to only those mobile apps that are medical devices and whose functionality could pose a risk to a patient’s safety if the mobile app were to not function as intended. This subset of mobile apps the FDA refers to as mobile medical apps."

The Arxan report found that consumers are concerned about app mobile security:

80 percent of mobile app users would change providers if they knew the apps they were using were not secure. 82 percent would change providers if they knew alternative apps offered by similar service providers were more secure."

Arxan commissioned a a third party which surveyed 1,083 persons in the United States, United Kingdom, Germany, and Japan during November, 2015. 268 survey participants were I.T. professionals and 815 participants were consumers. Also, Arxan hired Mi3 to test mobile apps during October and November, 2015. Those tests included 126 health and financial mobile apps covering both the Apple iOS and Android platforms, 19 mobile health apps approved by the FDA, and 15 mobile health apps approved3 by the UK NHS.

One difference in app security perceptions between the two groups: 82 percent of I.T. professionals believe "everything is being done to protect my apps" while only 57 percent of consumers hold that belief. To maintain privacy and protect sensitive personal information, Arxan advises consumers to:

  1. Buy apps only from reputable app stores,
  2. Don't "jail break" your mobile devices, and
  3. Demand that app developers disclose upfront the security methods and features in their apps.

The infographic below presents more results from the consolidated report. Three reports by Arxan Technologies are available: consolidated, healthcare, and financial services.

Arxan Technologies. 5th Annual State of App Security infographic
Infographic reprinted with permission.


Apple vs. FBI: "Extraordinary" Government Actions May Cause U.S. Companies To Move Offshore

Apple Inc. logo There may be unintended consequences of the Federal Bureau of Investigation (FBI) is successful with forcing Apple, Inc. to build back doors into its iPhones. What might some of those unintended consequences be? TechCrunch reported that Lavabit filed an amicus brief supporting Apple. Never heard of Lavabit? Forgot about Lavabit? You may remember:

"... Lavabit, a technology company that previously judged it necessary to shutter its own service after receiving similarly “extraordinary” government demands for assistance to access user data, in the wake of the 2013 disclosures by NSA whistleblower Edward Snowden... the FBI sought the private encryption key used by Lavabit to protect the Secure Socket Layer (“SSL”) and Transport Layer Security (“TLS”) connections to their servers. With the SSL/TLS private key in hand, the FBI would be able to impersonate Lavabit on the Internet. This would allow them to intercept, decrypt, inspect, and modify (either with intent, or by accident) all of the connections between Lavabit and the outside world..."

Federal Bureau of Investigation logo In its brief, Lavabit argues that by being forced to build back doors into its devices. not only would Apple's brand be tarnished, but that the ability of iPhone users to receive reliable and secure operating-system security updates would be degraded. Some updates might include malware. If users' trust decreases and they choose to stop receiving security updates, then their devices become more vulnerable than otherwise. That's not good. And, if people blame government for starting this security mess, then that's not good either since it would erode trust in government.

Would companies relocate out of the United States due to privacy and surveillance concerns? Consider:

"... Silent Circle, moved its global headquarters from the Caribbean to Switzerland back in May 2014 — citing the latter’s “strong privacy laws” as one of the reasons to headquarter its business in Europe. Various other pro-encryption startups, including ProtonMail and Tutanota, have also chosen to locate their businesses in countries in Europe that have a reputation for protecting privacy."

Plus, there are money concerns. Since 1982, at least 51 companies completed tax inversions: moved their headquarters (and sometimes some employees) out of the United States to another country to enjoy lower taxes. So, Burger King is now a Canadian company. Pfizer is now an Irish company. And, lower tax payments by companies make government deficits (federal, state, local) worse. The bottom line: profitability matters. When companies suffer lower profitability -- as tarnished brands often do -- their executives take actions to improve profits. It's what they do.

Want to learn more about Lavabit? At about the two-thirds mark in the film "CitizenFour," Lavabit founder Ladar Levison shares some of his experiences.


Safer Internet Day: Do Your Part

Safer Internet Day 2016 logo Today is Safer Internet Day (SID) #SID2016. This event occurs every year in February to promote safer and more responsible use of online technology and mobile phones, especially among children. This year's theme is:

"Play your part for a better Internet"

There are events in 100 countries worldwide. The European Commission’s Safer Internet Programme started the event, which has continued under the Connecting Europe Facility (CEF). This is the 13th annual event. According to its press release:

"Last year’s celebrations saw more than 19,000 schools and 28 million people involved in SID actions across Europe, while over 60 million people were reached worldwide..."

Hans Martens, Digital Citizenship Programme Manager at European Schoolnet and Coordinator of the Insafe Network said:

“The theme of ‘Play your part for a better internet’ truly reflects how stakeholders from across the world can and should work together to build a trusted digital environment for all. This approach is at the core of the Better Internet for Kids agenda, and we look forward to seeing many exciting onitiatives and collaborations, both on the day of SID itself and beyond."

Sophos, a security firm, described six safety tips for families. That includes learning to spot phishing scams to avoid password-stealing computer viruses and ransomware. Children need to learn how to create strong passwords, and never use these weak passwords. Read about several SID events in California, including teens brainstorming ways to fight online bullying and teens helping adults.

To learn more, watch the video below and then visit SaferInternetDay.org for events in your country.

Or, watch the video on Youtube.


EU Antitrust Chief: Vast Digital Data Collection By A Few Threatens Competition

On Sunday, the New York Times reported comments by the European Union's antitrust chief:

"Margrethe Vestager, the European Union’s antitrust chief, warned on Sunday that the collection of a vast amount of users’ data by a small number of tech companies like Google and Facebook could be in violation of the region’s tough competition rules."

The European Union (EU) and the United States are negotiating a new data-sharing arrangement by the January 31, 2016 deadline after the European Court of Justice ruled in October 2015 that Europeans’ sensitive personal information was not adequately protected when transmitted to the United States under the safe harbor agreement. The court ruled the agreement invalid because of access by U.S. government (spy) agencies.

The EU developed its Privacy Directive during the late 1990s to, a) standardize privacy laws across its member countries, b) protect their residents' sensitive personal and financial information as the Internet industry blossomed, and c) define the protections as information is transmitted across country borders. The protections cover online activities such as posting to social networking sites, buying products online, and performing searches at search engine websites. To learn more, read the "US/EU Safe Harbor Agreement: What It Is and What It Says About the Future of Cross Border Data Protection" (Adobe PDF) document by the U.S. Federal Trade Commission (FTC) from 2003. (The 2003 report is also available here.) To sell their products and services within the EU, companies based in the United States must comply with these privacy regulations.

Reportedly, Vestager said:

"If a few companies control the data you need to cut costs, then you give them the power to drive others out of the market...”

She is not the only one concerned:

"A number of European executives echoed Ms. Vestager’s fears about how a small number of American tech companies could use their large-scale data collection to favor their own services over those of rivals. Among them was Oliver Samwer, the German entrepreneur who co-founded Rocket Internet, one of the region’s most high-profile tech companies."

The EU has several antitrust investigations underway:

"... for example, investigations into Apple’s tax practices in Ireland and has started a wide-ranging inquiry into e-commerce that analysts say could encompass the likes of Amazon, among others. Ms. Vestager also brought antitrust charges against Google last April, saying the search giant had unfairly favored some of its digital services over those of rivals. An announcement in that case is expected in late spring... while a separate European investigation continues into whether Google used Android, its popular mobile software, to unfairly restrict rivals..."

It seems wise for consumers in the United States to pay attention to events and negotiations in Europe to ensure as much competition and privacy as possible.


The Most Discussed Topics On Facebook During 2015

Facebook logo What did Facebook members discuss the most during 2015? It wasn't all lolcats, music, selfies, and humor. The social networking giant published its list of most discussed global topics:

  1. U.S. Presidential Election
  2. November 13 Attacks in Paris
  3. Syrian Civil War & Refugee Crisis
  4. Nepal Earthquakes
  5. Greek Debt Crisis
  6. Marriage Equality
  7. Fight Against ISIS
  8. Charlie Hebdo Attack
  9. Baltimore Protests
  10. Charleston Shooting & Flag Debate

Survey: 40 Percent Of Companies Expect Data Breaches Caused By Employees

eSecurity Planet reported the results of a recent survey of information technology managers and employees. The survey included workers in the United States, United Kingdom, Germany, and Australia. The key findings:

"... 40 percent of companies expect to experience a data breach resulting from employee behavior in the next 12 months... 75 percent of employees believe their company doesn't give them enough information about data policies... 58 percent don't understand what would actually constitute a security breach... 50 percent of respondents admitted that they disregard their companies' data protection policies in order to get their jobs done."

The phrase "insider data breach" refers to data breaches caused by employees. Companies seem focused on external threats from hackers, while not focusing also upon insider threats. Lax or untrained employees and poor internal processes are often the root causes.

These survey results are not good. The results indicate that companies are not doing everything they can (and should) to protect the sensitive customer, client, employee, and retiree information they have collected.


Learning Apps Company Confirms Data Breach Affecting 11.6 Million Persons

Vtech logo Earlier today, educational toy maker VTech confirmed a data breach affecting 11.6 million persons. On November 27, Motherboard first reported the breach affecting 5 million parents and 200,000 children. The data breach is larger than first reported by many news organizations.

In its FAQ page, VTech confirmed that on November 14 hackers accessed its customer database:

"... on our Learning Lodge app store customer database and Kid Connect servers. Learning Lodge allows our customers to download apps, learning games, e-books and other educational content to their VTech products.  Kid Connect allows parents using a smartphone app to chat with their kids using a VTech tablet."

The company learned of the data breach on November 24 when a journalist inquired. During its current breach investigation, During its breach investigation, Vtech has temporarily suspended operations at Learning Lodge, the Kid Connect network, and a dozen websites including both PlanetVtech and VSmileLink sites in the US, France, Germany, United Kingdom, and Spain. Vtech's customer data includes the USA, Canada, United Kingdom, Ireland, France, Germany, Spain, Belgium, the Netherlands, Denmark, Luxembourg, Latin America, Hong Kong, China, Australia and New Zealand.

The number of persons affected by the breach:

"In total 4,854,209 customer (parent) accounts and 6,368,509 related kid profiles worldwide are affected, which includes approximately 1.2 million Kid Connect parent accounts.  In addition, there are 235,708 parent and 227,705 kids accounts in PlanetVTech. Kid profiles unlike account profiles only include name, gender and birthdate."

The VTech FAQ page also listed the number of breach victims by country. Parent accounts include the following data elements: name, e-mail address, security question and answer for password retrieval, IP address, mailing address, download history, and encrypted password. VTech's customer database does not contain credit card payment information, nor Social Security and similar identification information.

VTech describes itself as a global leader in electronic learning products for children and the world's largest manufacturer of cordless phones. Founded in 1976, VTech is headquartered in Hong Kong and has operations in 11 countries including manufacturing facilities in China. It employs about 30,000 employees, with 1,500 research and development professionals in Canada, Germany, Hong Kong, and China.

Even though customers' passwords were encrypted, VTech advised breach victims to change their passwords anyway, as skilled hackers may break the encryption. This is critical if breach victims used the same passwords, security questions, and security answers at other online sites.

This is not good. Whatever security detection software VTech used needs to be upgraded or replaced. A company should not learn about a breach from a journalist. The data elements stolen are sufficient for criminals to impersonate data breach victims, attempt to break into victims' other online accounts (e.g., banking), and send spam e-mail messages.

Do you or your children use VTech apps, games, or e-books? If so, what breach notifications have you received?


Transcript: Pope Francis' Speech To The U.S. Congress

Earlier today, Pope Francis spoke to the U.S. Congress. He said some very interesting things, mentioned several names That was the first time a Pope spoke to a joint session of Congress. He mentioned topics I didn't expect to hear, and emphasized working together to support each other to solve some challenging problems facing society:

"... no religion is immune from forms of individual delusion or ideological extremism. This means that we must be especially attentive to every type of fundamentalism, whether religious or of any other kind. A delicate balance is required to combat violence perpetrated in the name of a religion, an ideology or an economic system... The challenges facing us today call for a renewal of that spirit of cooperation, which has accomplished so much good throughout the history of the United States. The complexity, the gravity and the urgency of these challenges demand that we pool our resources and talents, and resolve to support one another, with respect for our differences... If politics must truly be at the service of the human person, it follows that it cannot be a slave to the economy and finance... I think of the march which Martin Luther King led from Selma to Montgomery fifty years ago as part of the campaign to fulfill his "dream" of full civil and political rights for African Americans. That dream continues to inspire us all..."

While video of the speech is available online at many sites, often it is helpful to read (and re-read) the words. CNN provided a transcript, which I am happy to provide in full below. I am not a Catholic. I am a resident of this planet and concerned citizen of the USA.

The transcript of the Pope's speech:

"Mr. Vice-President,

Mr. Speaker,

Honorable Members of Congress,

Dear Friends,
I am most grateful for your invitation to address this Joint Session of Congress in "the land of the free and the home of the brave". I would like to think that the reason for this is that I too am a son of this great continent, from which we have all received so much and toward which we share a common responsibility.

Each son or daughter of a given country has a mission, a personal and social responsibility. Your own responsibility as members of Congress is to enable this country, by your legislative activity, to grow as a nation. You are the face of its people, their representatives. You are called to defend and preserve the dignity of your fellow citizens in the tireless and demanding pursuit of the common good, for this is the chief aim of all politics. A political society endures when it seeks, as a vocation, to satisfy common needs by stimulating the growth of all its members, especially those in situations of greater vulnerability or risk. Legislative activity is always based on care for the people. To this you have been invited, called and convened by those who elected you.

Yours is a work which makes me reflect in two ways on the figure of Moses. On the one hand, the patriarch and lawgiver of the people of Israel symbolizes the need of peoples to keep alive their sense of unity by means of just legislation. On the other, the figure of Moses leads us directly to God and thus to the transcendent dignity of the human being. Moses provides us with a good synthesis of your work: you are asked to protect, by means of the law, the image and likeness fashioned by God on every human face.

Today I would like not only to address you, but through you the entire people of the United States. Here, together with their representatives, I would like to take this opportunity to dialogue with the many thousands of men and women who strive each day to do an honest day's work, to bring home their daily bread, to save money and --one step at a time -- to build a better life for their families. These are men and women who are not concerned simply with paying their taxes, but in their own quiet way sustain the life of society. They generate solidarity by their actions, and they create organizations which offer a helping hand to those most in need.

I would also like to enter into dialogue with the many elderly persons who are a storehouse of wisdom forged by experience, and who seek in many ways, especially through volunteer work, to share their stories and their insights. I know that many of them are retired, but still active; they keep working to build up this land. I also want to dialogue with all those young people who are working to realize their great and noble aspirations, who are not led astray by facile proposals, and who face difficult situations, often as a result of immaturity on the part of many adults. I wish to dialogue with all of you, and I would like to do so through the historical memory of your people.

My visit takes place at a time when men and women of good will are marking the anniversaries of several great Americans. The complexities of history and the reality of human weakness notwithstanding, these men and women, for all their many differences and limitations, were able by hard work and self-sacrifice -- some at the cost of their lives -- to build a better future. They shaped fundamental values which will endure forever in the spirit of the American people. A people with this spirit can live through many crises, tensions and conflicts, while always finding the resources to move forward, and to do so with dignity. These men and women offer us a way of seeing and interpreting reality. In honoring their memory, we are inspired, even amid conflicts, and in the here and now of each day, to draw upon our deepest cultural reserves.

I would like to mention four of these Americans: Abraham Lincoln, Martin Luther King, Dorothy Day and Thomas Merton.

This year marks the one hundred and fiftieth anniversary of the assassination of President Abraham Lincoln, the guardian of liberty, who labored tirelessly that "this nation, under God, [might] have a new birth of freedom". Building a future of freedom requires love of the common good and cooperation in a spirit of subsidiarity and solidarity.

All of us are quite aware of, and deeply worried by, the disturbing social and political situation of the world today. Our world is increasingly a place of violent conflict, hatred and brutal atrocities, committed even in the name of God and of religion. We know that no religion is immune from forms of individual delusion or ideological extremism. This means that we must be especially attentive to every type of fundamentalism, whether religious or of any other kind. A delicate balance is required to combat violence perpetrated in the name of a religion, an ideology or an economic system, while also safeguarding religious freedom, intellectual freedom and individual freedoms. But there is another temptation which we must especially guard against: the simplistic reductionism which sees only good or evil; or, if you will, the righteous and sinners. The contemporary world, with its open wounds which affect so many of our brothers and sisters, demands that we confront every form of polarization which would divide it into these two camps. We know that in the attempt to be freed of the enemy without, we can be tempted to feed the enemy within. To imitate the hatred and violence of tyrants and murderers is the best way to take their place. That is something which you, as a people, reject.

Our response must instead be one of hope and healing, of peace and justice. We are asked to summon the courage and the intelligence to resolve today's many geopolitical and economic crises. Even in the developed world, the effects of unjust structures and actions are all too apparent. Our efforts must aim at restoring hope, righting wrongs, maintaining commitments, and thus promoting the well-being of individuals and of peoples. We must move forward together, as one, in a renewed spirit of fraternity and solidarity, cooperating generously for the common good.

The challenges facing us today call for a renewal of that spirit of cooperation, which has accomplished so much good throughout the history of the United States. The complexity, the gravity and the urgency of these challenges demand that we pool our resources and talents, and resolve to support one another, with respect for our differences and our convictions of conscience.

In this land, the various religious denominations have greatly contributed to building and strengthening society. It is important that today, as in the past, the voice of faith continue to be heard, for it is a voice of fraternity and love, which tries to bring out the best in each person and in each society. Such cooperation is a powerful resource in the battle to eliminate new global forms of slavery, born of grave injustices which can be overcome only through new policies and new forms of social consensus.

Here I think of the political history of the United States, where democracy is deeply rooted in the mind of the American people. All political activity must serve and promote the good of the human person and be based on respect for his or her dignity. "We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable rights, that among these are life, liberty and the pursuit of happiness" (Declaration of Independence, 4 July 1776). If politics must truly be at the service of the human person, it follows that it cannot be a slave to the economy and finance. Politics is, instead, an expression of our compelling need to live as one, in order to build as one the greatest common good: that of a community which sacrifices particular interests in order to share, in justice and peace, its goods, its interests, its social life. I do not underestimate the difficulty that this involves, but I encourage you in this effort.

Here too I think of the march which Martin Luther King led from Selma to Montgomery fifty years ago as part of the campaign to fulfill his "dream" of full civil and political rights for African Americans. That dream continues to inspire us all. I am happy that America continues to be, for many, a land of "dreams". Dreams which lead to action, to participation, to commitment. Dreams which awaken what is deepest and truest in the life of a people.

In recent centuries, millions of people came to this land to pursue their dream of building a future in freedom. We, the people of this continent, are not fearful of foreigners, because most of us were once foreigners. I say this to you as the son of immigrants, knowing that so many of you are also descended from immigrants. Tragically, the rights of those who were here long before us were not always respected. For those peoples and their nations, from the heart of American democracy, I wish to reaffirm my highest esteem and appreciation. Those first contacts were often turbulent and violent, but it is difficult to judge the past by the criteria of the present. Nonetheless, when the stranger in our midst appeals to us, we must not repeat the sins and the errors of the past. We must resolve now to live as nobly and as justly as possible, as we educate new generations not to turn their back on our "neighbors" and everything around us. Building a nation calls us to recognize that we must constantly relate to others, rejecting a mindset of hostility in order to adopt one of reciprocal subsidiarity, in a constant effort to do our best. I am confident that we can do this.

Our world is facing a refugee crisis of a magnitude not seen since the Second World War. This presents us with great challenges and many hard decisions. On this continent, too, thousands of persons are led to travel north in search of a better life for themselves and for their loved ones, in search of greater opportunities. Is this not what we want for our own children? We must not be taken aback by their numbers, but rather view them as persons, seeing their faces and listening to their stories, trying to respond as best we can to their situation. To respond in a way which is always humane, just and fraternal. We need to avoid a common temptation nowadays: to discard whatever proves troublesome. Let us remember the Golden Rule: "Do unto others as you would have them do unto you" (Mt 7:12).

This Rule points us in a clear direction. Let us treat others with the same passion and compassion with which we want to be treated. Let us seek for others the same possibilities which we seek for ourselves. Let us help others to grow, as we would like to be helped ourselves. In a word, if we want security, let us give security; if we want life, let us give life; if we want opportunities, let us provide opportunities. The yardstick we use for others will be the yardstick which time will use for us. The Golden Rule also reminds us of our responsibility to protect and defend human life at every stage of its development.

This conviction has led me, from the beginning of my ministry, to advocate at different levels for the global abolition of the death penalty. I am convinced that this way is the best, since every life is sacred, every human person is endowed with an inalienable dignity, and society can only benefit from the rehabilitation of those convicted of crimes. Recently my brother bishops here in the United States renewed their call for the abolition of the death penalty. Not only do I support them, but I also offer encouragement to all those who are convinced that a just and necessary punishment must never exclude the dimension of hope and the goal of rehabilitation.

In these times when social concerns are so important, I cannot fail to mention the Servant of God Dorothy Day, who founded the Catholic Worker Movement. Her social activism, her passion for justice and for the cause of the oppressed, were inspired by the Gospel, her faith, and the example of the saints.

How much progress has been made in this area in so many parts of the world! How much has been done in these first years of the third millennium to raise people out of extreme poverty! I know that you share my conviction that much more still needs to be done, and that in times of crisis and economic hardship a spirit of global solidarity must not be lost. At the same time I would encourage you to keep in mind all those people around us who are trapped in a cycle of poverty. They too need to be given hope. The fight against poverty and hunger must be fought constantly and on many fronts, especially in its causes. I know that many Americans today, as in the past, are working to deal with this problem.

It goes without saying that part of this great effort is the creation and distribution of wealth. The right use of natural resources, the proper application of technology and the harnessing of the spirit of enterprise are essential elements of an economy which seeks to be modern, inclusive and sustainable. "Business is a noble vocation, directed to producing wealth and improving the world. It can be a fruitful source of prosperity for the area in which it operates, especially if it sees the creation of jobs as an essential part of its service to the common good" (Laudato Si', 129). This common good also includes the earth, a central theme of the encyclical which I recently wrote in order to "enter into dialogue with all people about our common home" (ibid., 3). "We need a conversation which includes everyone, since the environmental challenge we are undergoing, and its human roots, concern and affect us all" (ibid., 14).

In Laudato Si', I call for a courageous and responsible effort to "redirect our steps" (ibid., 61), and to avert the most serious effects of the environmental deterioration caused by human activity. I am convinced that we can make a difference and I have no doubt that the United States -- and this Congress -- have an important role to play. Now is the time for courageous actions and strategies, aimed at implementing a "culture of care" (ibid., 231) and "an integrated approach to combating poverty, restoring dignity to the excluded, and at the same time protecting nature" (ibid., 139). "We have the freedom needed to limit and direct technology" (ibid., 112); "to devise intelligent ways of... developing and limiting our power" (ibid., 78); and to put technology "at the service of another type of progress, one which is healthier, more human, more social, more integral" (ibid., 112). In this regard, I am confident that America's outstanding academic and research institutions can make a vital contribution in the years ahead.

A century ago, at the beginning of the Great War, which Pope Benedict XV termed a "pointless slaughter", another notable American was born: the Cistercian monk Thomas Merton. He remains a source of spiritual inspiration and a guide for many people. In his autobiography he wrote: "I came into the world. Free by nature, in the image of God, I was nevertheless the prisoner of my own violence and my own selfishness, in the image of the world into which I was born. That world was the picture of Hell, full of men like myself, loving God, and yet hating him; born to love him, living instead in fear of hopeless self-contradictory hungers". Merton was above all a man of prayer, a thinker who challenged the certitudes of his time and opened new horizons for souls and for the Church. He was also a man of dialogue, a promoter of peace between peoples and religions.

From this perspective of dialogue, I would like to recognize the efforts made in recent months to help overcome historic differences linked to painful episodes of the past. It is my duty to build bridges and to help all men and women, in any way possible, to do the same. When countries which have been at odds resume the path of dialogue -- a dialogue which may have been interrupted for the most legitimate of reasons -- new opportunities open up for all. This has required, and requires, courage and daring, which is not the same as irresponsibility. A good political leader is one who, with the interests of all in mind, seizes the moment in a spirit of openness and pragmatism. A good political leader always opts to initiate processes rather than possessing spaces (cf. Evangelii Gaudium, 222-223).

Being at the service of dialogue and peace also means being truly determined to minimize and, in the long term, to end the many armed conflicts throughout our world. Here we have to ask ourselves: Why are deadly weapons being sold to those who plan to inflict untold suffering on individuals and society? Sadly, the answer, as we all know, is simply for money: money that is drenched in blood, often innocent blood. In the face of this shameful and culpable silence, it is our duty to confront the problem and to stop the arms trade.

Three sons and a daughter of this land, four individuals and four dreams: Lincoln, liberty; Martin Luther King, liberty in plurality and non-exclusion; Dorothy Day, social justice and the rights of persons; and Thomas Merton, the capacity for dialogue and openness to God.

Four representatives of the American people.

I will end my visit to your country in Philadelphia, where I will take part in the World Meeting of Families. It is my wish that throughout my visit the family should be a recurrent theme. How essential the family has been to the building of this country! And how worthy it remains of our support and encouragement! Yet I cannot hide my concern for the family, which is threatened, perhaps as never before, from within and without. Fundamental relationships are being called into question, as is the very basis of marriage and the family. I can only reiterate the importance and, above all, the richness and the beauty of family life.

In particular, I would like to call attention to those family members who are the most vulnerable, the young. For many of them, a future filled with countless possibilities beckons, yet so many others seem disoriented and aimless, trapped in a hopeless maze of violence, abuse and despair. Their problems are our problems. We cannot avoid them. We need to face them together, to talk about them and to seek effective solutions rather than getting bogged down in discussions. At the risk of oversimplifying, we might say that we live in a culture which pressures young people not to start a family, because they lack possibilities for the future. Yet this same culture presents others with so many options that they too are dissuaded from starting a family.

A nation can be considered great when it defends liberty as Lincoln did, when it fosters a culture which enables people to "dream" of full rights for all their brothers and sisters, as Martin Luther King sought to do; when it strives for justice and the cause of the oppressed, as Dorothy Day did by her tireless work, the fruit of a faith which becomes dialogue and sows peace in the contemplative style of Thomas Merton.

In these remarks I have sought to present some of the richness of your cultural heritage, of the spirit of the American people. It is my desire that this spirit continue to develop and grow, so that as many young people as possible can inherit and dwell in a land which has inspired so many people to dream.

God bless America!


Payment Scam Dupes Airbnb Customer. Was There A Data Breach?

Airbnb logo Readers of this blog are aware of the various versions of check scams criminal use to trick consumers. A new scam has emerged with social travel sites.

After paying for a valid stay, an Airbnb customer was tricked by criminals using an wire transfer scam. The Telegraph UK described how an Airbnb customer was tricked. After paying for for their valid rental with a valid credit card, the guest:

"... received an email from Airbnb saying that the card payment had been declined and I needed to arrange an international bank transfer within the next 24 hours to secure the apartment. Stupidly, I did as asked. I transferred the money straight away to someone I assumed was the host as they had all the details of my reservation."

Formed in 2008, Airbnb now operates in 34,000 cities in 190 countries.

After checking with their bank, the guest determined that the credit card payment had been processed correctly. So, the guest paid twice, with the second payment to the criminal. The guest believes that Airbnb experienced a data breach. According to one security expert:

"The fraud works by sending an email to a host that appears to come from Airbnb asking them to verify their account details. The host foolishly responds thus giving the fraudster access to their account and all the bookings correspondence. Even though the addresses are anonymised the fraudster can still send emails to the customers via Airbnb to try to extract a second payment by bank transfer."

What can consumers make of this? First, hosts should learn to recognize phishing e-mails. Don't respond to them. Second, guests need to remember that inattentive hosts can compromise their identity information. Third, guests should never make payments outside of Airbnb's system.

Criminals are creative, persistent, and knowledgeable. Consumers need to be, too. Read the Scams/Threats section of this blog.


Discover Introduces 'Smart' Credit Cards With EMV Chip Technology. Are We There Yet?

Discover chip credit card This month, Discover Bank began to ship upgraded credit cards for its cardholders. The new "smart" credit card includes an embedded EMV chip that offers far more security. The chip stores and transmits encrypted data with a unique identifier for each transaction. The EMV chip technology was developed jointly by Europay, MasterCard, and Visa.

In the United States, cardholders will use the new cards the same way they used the old cards with the obsolete magnetic strip technology. At retail stores with older terminals, cardholders will continue to swipe their cards to make purchases. At retail stores with the chip-enabled terminals, cardholders will instead insert their card into the new terminals. To withdraw cash at bank ATM machines, a PIN number is required.

Like other new credit cards in the United States, the new Discover credit cards use "chip and signature" technology. I asked a Discover customer service if their new credit cards could be used in Europe, where cards use the "chip and PIN" technology. (When the United Kingdom switched to EMV chip cards years ago, fraud in stores there decreased 70 percent.) The customer service rep stated that the new cards could be used in Europe, provided the cardholder sets up a PIN number before their trip.

Wise readers note the limitations. The new chip cards won't stop hacks and data breaches at companies, employers, and banks that archive consumers' payment information. The new chip cards won't offer any more security or payment protections until retail stores upgrade their terminals. Credit Card Forum described the method being used to encourage retailers to upgrade by October 2015:

"... the card networks (Visa, MasterCard, AmEx and Discover) are giving both [retail merchants] and card-issuing banks an incentive (both a carrot and a stick) to upgrade by October 2015. At that point, the networks will institute a “fraud liability shift.” That’s a fancy way of saying “adapt or pay.” If a consumer’s card is involved in fraud, whichever party involved in the transaction (the bank that issued the card or the merchant that accepted it) that didn’t upgrade to EMV will be held accountable."

Retailers see the situation differently. CNBC published a retail spokesperson's commentary about the new "chip and signature" credit cards:

"Retailers are also asking card issuers to take more than a half step, and issue "chip and PIN" cards to American consumers. As it currently stands, banks are only issuing "chip and signature" cards in the United States, a less secure standard as signatures can easily be forged. It has been reported by the Federal Reserve that including a PIN makes a transaction up to 700 percent more secure, yet to date, banks are not issuing these cards to American customers... The fastest, easiest and smartest thing we can do to make transactions more secure in the near term is to upgrade credit cards with Chip and PIN technology. Retailers are making the investments needed to accept them, but we need the financial industry to make the same commitment."

Discover chip card and new terminalSeveral banks and card issuers in the United States offer EMV-chip credit cards:

  • American Express Premier Rewards Gold
  • Bank of America Travel Rewards
  • Capital One VentureOne Rewards
  • Chase Freedom
  • Chase Sapphire Preferred
  • Citi Diamond Preferred
  • Marriott Rewards Premier
  • Plenti Credit Card from Amex
  • USAA Preferred Cash Rewards World MasterCard

Browse a longer list of EMV-chip cards available in the United States. Both cardholders and non-cardholders can learn more about the new chip credit cards at the Discover site.

Why go part of the way and introduce EMV chips with signature instead of with PIN numbers? Seems to me, the banks seem mare more interested in shifting the liability of data breaches from them to retailers, rather than provide cardholders with state-of-the-art EMV security that's already available in most other parts of the world.

What are your opinions of the new "chip and signature" credit cards in the United States?


5 Banks Plead Guilty And Pay More Than $5.5 Billion In Penalties

U.S. Department of Justice logo Earlier reports have proven true. Five banks have plead guilty and will pay more than $5.5 billion in total penalties to U.S. and European regulators to settle charges that traders rigged foreign exchange markets. USA Today reported:

"Five major banks Wednesday agreed to plead guilty to criminal charges and pay more than $5.5 billion in collective penalties... The Department of Justice, the Federal Reserve and other U.S. and European authorities and regulators said corporate units of Citicorp, JPMorgan Chase, London-based Barclays, and Royal Bank of Scotland acknowledged their traders rigged foreign exchange prices of U.S. dollars and euros from Dec. 2007 to Jan. 2013... UBS also acknowledged involvement in the rate-rigging. However, the Swiss banking giant received conditional immunity from criminal prosecution because it was the first to report foreign-exchange misconduct to DOJ investigators."

U.S. Attorney General Loretta Lynch described in the Justice Department announcement the wrongdoing:

"Starting as early as December 2007, currency traders at several multinational banks formed a group dubbed “The Cartel.” It is perhaps fitting that those traders chose that name, as it aptly describes the brazenly illegal behavior they were engaged in on a near-daily basis. For more than five years, traders in “The Cartel” used a private electronic chatroom to manipulate the spot market’s exchange rate between euros and dollars using coded language to conceal their collusion. They acted as partners – rather than competitors – in an effort to push the exchange rate in directions favorable to their banks but detrimental to many others. The prices the market sets for those currencies influence virtually every sector of every economy in the world, and their actions inflated the banks’ profits while harming countless consumers, investors and institutions around the globe – from pension funds to major corporations, and including the banks’ own customers..."

The fines by bank:

"... to pay criminal fines totaling more than $2.5 billion – the largest set of antitrust fines ever obtained in the history of the Department of Justice. And the fine that Citicorp alone will pay – $925 million – is the largest single fine ever imposed for a violation of the Sherman Act... Switzerland’s UBS AG, has agreed to plead guilty and pay a $203 million criminal penalty for breaching the non-prosecution agreement it entered in December 2012 regarding manipulation of the London Interbank Offered Rate, or LIBOR – a benchmark interest rate used worldwide. he breach of the NPA was based in part on UBS’s fraudulent and deceptive currency trading and sales practices related to foreign exchange markets, its collusion with other participants in the FX markets and its failure to take adequate action to prevent unlawful conduct after prior civil, criminal and regulatory resolutions.  In other words, UBS promised, in other resolutions, not to commit additional crimes – but it did."

The announcement did not state which, if any, bank executives would go to prison for the wrongdoing. The announcement did not state what portion, if any, of the fines would be tax-deductible. Previously, penalties and fines paid by some banks have been tax-deductible. Some experts and politicians have stated that better disclosures are needed for settlement agreements.


Court Rules Against 2 Banks On Residential Mortgage Abuses That Led To the 2008 Recession

Nomura Holdings logo The New York Times reported on Monday that a federal court judge:

"... ruled that two banks misled Fannie Mae and Freddie Mac in selling them mortgage bonds that contained numerous errors and misrepresentations... The ruling came in a closely watched case brought by the government against the Japanese bank Nomura Holdings and Royal Bank of Scotland. They were the only two of 18 financial firms that took their case to trial, arguing that it was the housing crash, and not deceptive loan documents, that caused the bonds to collapse."

The cased was decided by Judge Denise L. Cote of Federal District Court in Manhattan and not by a jury:

"... after the government dropped a claim that would have entitled the banks to a jury. After that, legal experts became more pessimistic about the banks’ chances: Judge Cote has a reputation for taking a hard line against the banks. They also expressed surprise that the Nomura and R.B.S. did not settle, though some suspected that as foreign banks, they were less concerned with risking their reputations in the United States. Judge Cote has asked the F.H.F.A. to submit a proposal for damages, which are expected to be about $500 million."

Nomura plans to appeal the decision. The judge's ruling (Adobe PDF) stated:

“This case is complex from almost any angle, but at its core there is a single, simple question. Did defendants accurately describe the home mortgages in the offering documents for the securities they sold that were backed by those mortgages? Following trial, the answer to that question is clear. The offering documents did not correctly describe the mortgage loans. The magnitude of falsity, conservatively measured is enormous. Given the magnitude of the falsity, it is perhaps not surprising that in defending this lawsuit defendants did not opt to prove that the statements in the Offering Documents were truthful. Instead, defendants relied, as they are entitled to do, on a multifaceted attack on plaintiff’s evidence. That attack failed, as did defendants’ sole surviving affirmative defense of loss causation.”

Pause for a moment and let that sink in. The defendant banks' didn't even try prove that their mortgage disclosures were truthful. Instead, they only attacked the evidence presented by the plaintiffs. What does this say? Plenty.

Goldman Sachs and Bank of America settled out of court and paid about $18 billion in penalties. Earlier this year, Bank of America raised prices for its checking account customers by implementing monthly fees.

In August 2014, the Bank of America agreed to a massive settlement with the U.S. Justice Department and several states' attorney generals. The $16.65 billion settlement agreement resolved both federal and state civil investigations into activities by the bank's former and current subsidiaries, including Countrywide Financial Corporation and Merrill Lynch, related to the packaging, marketing, sale, and issuance of residential mortgage-backed securities (RMBS). The bank acquired Merrill Lynch in 2009, and Countrywide in 2008.

In January, the chief executive at JPMorgan bank claimed that banks are under assault from regulators. Really? That's a bunch of malarkey. Stop breaking the law and investigations will stop. Government regulators, and courts, are doing their jobs based upon the facts.


Senator Releases Report Calling For Greater Automobile Security And Privacy

Earlier this month, Senator Edward Markey (D-MA) issued a report calling for greater automobile security and privacy for consumers. The "Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk" report included questions Senator Market posed to 16 automobile manufacturers during 2014. The questions focused upon how vehicles might be vulnerable to hackers, and how driver information is collected and protected.

Senator Markey sent letters to the following automobile manufacturers:

Automobile Manufacturers Queried
1. Aston Martin The Americas
2. Audi of America**
3. BMW North America*
4. Chrysler Group LLC*
5. Ford Motor Company*
6. General Motors*
7. American Honda Motor Co. Inc.*
8. Hyundai Motors North America*
9. Jaguar Landrover LLC*
10. Automobili Lamborghini America
11. Mazda North American Operations*
12. Mercedes-Benz USA*
13. Mitsubishi Motors North America*
14. Nissan North America*
15. Porsche Cars of North America*
16. Subaru Motors America*
17. Tesla
18. Toyota North American Region*
19. Volkswagen Group of America*
20. Volvo North America
*Provided responses to Senator Markey's inquiry letters.
** Audis response was included with Volkswagon's submission.

Some of the questions asked:

  • How does the company assess whether there are vulnerabilities related to technologies it purchases from other manufacturers as well as wireless entry points of vehicles to ensure malicious code or other infiltrations cannot occur? 
  • Does the company utilize independent third parties to test for vulnerabilities to wireless entry points? 
  • Do any vehicles include technology that detects or monitors for anomalous activity or unauthorized intrusion through wireless entry points or wireless control units? And how are reports or unauthorized intrusion or remote attack responded to? 
  • Has the company been made aware of any intentional or inadvertent effort to infiltrate a wireless entry point, and what, if any, changes were made to protect vehicles from vulnerabilities in the future? 
  • What types of driving history information can be collected by navigation technology or other technologies, and is this information recorded, stored, or sold? 
  • Has the company received any request for data related to the driving history of drivers, and what were the reasons and final disposition of the requests? 
  • Which vehicles include technologies that can enable the remote shutdown of a vehicle, and are consumers made aware of this capability before purchase, lease ore rental of the vehicle?

Regarding automobile data security, the report found four trends:

  1. Almost all vehicles (nearly 100 percent) include wireless technologies that could pose vulnerabilities to hacking.
  2. Most manufacturers were unaware of or unable to report on past hacking incidents,
  3. Security measures to prevent unauthorized, remote access are inconsistent and haphazard across manufacturers.
  4. Only two manufacturers were able to describe any capabilities to identify, diagnose, and/or respond to unauthorized access or hacking in real-time. Most said they rely on technologies that cannot be used for this purpose at all.

Regarding privacy, the report found:

  • Auto manufacturers collect large amounts of data about driving history and vehicle performance
  • A majority of automakers offer technologies that collect and transmit wirelessly driving history information to data centers, including third-party data centers. Most did not describe effective means to secure the information collected.
  • Manufacturers use the data collected in several ways with vague descriptions, such as to “improve the customer experience,” and involve third parties. How long the data collected is retained varies greatly across manufacturers
  • Often, customers are not told about the data collection. When they are told, often they cannot decline or opt out of the data collection without disabling valuable features (e.g., navigation)

Download the "Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk" report (Adobe PDF). After reading it, I had several reactions. First, I would love to know why Aston Martin, Lamborghini, and Tesla failed to respond. Are data security and privacy not important to them? If they are important, then does their failure to respond indicate some internal disorganization?

Second, I was struck by the lack of focus on data security among the respondents. Websites and mobile apps provide terms of use and privacy policies. Mobile device manufacturers (e.g., laptops, tablets, smart phones) also provide these policies. Telecommunications providers do, too. Many mobile apps do, too. Why not auto manufacturers? Do they consider themselves a special, exempt class? All auto manufacturers should provide consumers before purchase with terms-of-use and privacy policies that fully discuss data collection, data retention, and data sharing. After purchase, they should inform consumers of changes to those policies

Third, the lack of focus by auto manufacturers on data security and privacy is an alert to the hackers, identity thieves, and fraudsters worldwide that these autos are vulnerable. While writing this blog, I have learned that the bad guys are persistent, creative, and posses the same equipment, software, and technologies as the good guys. Autos contain computing technologies that are similar to other mobile devices (e.g., laptops, smart phones, tablets, fitness devices, and wearables). Autos should have the same data security protections: firewalls, anti-virus software and updates, and so forth. So, it makes sense to keep a strong focus on data security and privacy.

Fourth, the lack of focus by auto manufacturers on data security and privacy is an alert to governments and spy agencies worldwide. Why? They already perform surveillance using other mobile devices. Autos are just another mobile device they'll add to their lists.

The lack of  focus represents a data security and privacy disaster of epic proportions in the making.

What do you think of the automobile security and privacy report?


Considering A Cruise Ship Vacation? What Consumers Need To Know

It's the middle of Winter, and you are probably tired of the cold, the snow, or both. At this time of year, many people consider warm weather vacations.Last week, a friend asked about cruise ship vacations:

"Do you have a travel agent you use for cruises? A group of us who are turning 60 this year are thinking of taking a cruise to celebrate. Maybe a repositioning cruise. Are there suites for 5 people? Any advice is most welcome."

Cruise ship vacations are popular. A cruise is a good way to sample several destination ports, and return to the ports you like for a longer, land-based visit. You can board a cruise ship near where you live, or sail from a popular travel destination.

According to the industry group Cruise Lines International Association (CLIA), about 20 million consumers went on cruise ship vacations globally during 2012.There are about 60 cruise lines with 400 total ships. The industry generated about 356,000 jobs paying $17.4 billion in wages to American workers.

It's not just more people cruising. Experienced cruise customers also book cruise itineraries with longer durations. The CLIA surveyed travel agents and 37 percent reported an increase in books of longer cruises (e.g., 14 to 100 days duration). If you have the time and money, several cruise lines offer itineraries of 30 days or longer.

I was happy to answer my friend's questions. Nobody wants to overpay or have their wallet "mugged" during a vacation. My wife and I have sailed on 22 cruise ship vacations to many parts of the world. For several years, i ran a cruise group of interracial couples and families. At a major creative advertising agency, I worked on web projects for a cruise line client. Interesting publications include the book, "Devils On The Deep Blue Sea," a history of the cruise industry, and industry magazines such as Porthole and Cruise Travel. So, I know the industry well and feel pretty qualified to give advice and answer my friend's questions.

1. Your interests. Decide what type of vacation you and your group like. Some people like as much beach time as possible. Others like golf. Others like Eco-tours. Others like active sports, such as hiking, bicycling, surfing, snorkeling, and scuba diving. Some like motorized excursions including off-road vehicles. Pick a cruise line and itinerary that fits your interests. Royal Caribbean focuses upon active sports.

2. Themed cruises. If you group has a specific interest, there is often an itinerary for that. So you can find singles cruises, NASCAR cruises, cruises for nudists, gay/lesbian cruises, and so forth. Carnival has the best night clubs and discos. It also has the best Las Vegas style shows. Celebrity Cruises is known for having the best food. Disney focuses upon families with children. All ships in Royal Caribbean's fleet feature rock-climbing walls. Some include specialize pools you can surf in. A good place to start looking for theme cruises is www.cruisecritic.com. Other places to look include Cruise Addicts and Cruise 411.

3. Cruise lines. Just like land-based hotels, there are entry/discount, mid-range, and luxury cruise lines. Entry/discount: Carnival, Royal Caribbean, Disney, Costa, and Norwegian. Mid-range: Holland America, Princess, Celebrity, and MSC. Luxury: Crystal, Cunard, Seabourn, Silversea, Windstar, Viking, and Avalon. The entry/discount cruise lines focus upon people under 40. The mid-range cruise lines focus on people 55+. The luxury cruise lines tend to have smaller ships with 150 or 200 passengers. The entry/discount cruise lines tend to have larger ships, with as many as four or five thousand passengers.

The primary language spoken varies by cruise line. For example, when we sailed on Costa and MSC in the Mediterranean, we noticed that the primary language spoken on board was Italian. We do not speak Italian and felt we had a poor experience on board these two cruise lines.

4. River or ocean cruises? My friend and her group seemed interested in ocean cruises. There are also river cruises. The two types are ENTIRELY different. Rive cruises are all about the shore excursions: you get off the ship every day, Usually, the shore excursions and tips are included in one cruise price. Viking River Cruises and Avalon Waterways focus on river cruises. Some destination ports are only acessible via river cruises.

5. Departure ports. When selecting an itinerary, some people start with the departure port because that is often a city you may want to explore its land-based attractions, restaurants, and sights. Then, you can get good and juiced before you board the cruise ship. When traveling in Winter, it is always wise to arrive at the departure city 2 days before the ship sails, in case your flight is delayed by bad weather. Departure ports we have sailed from: Amsterdam, Boston, Ft. Lauderdale, Honolulu, Los Angeles, Miami, New Orleans, San Juan (Puerto Rico), Seattle, and Venice (Italy).

6. How the industry works: pay their minimum deposit. Buy travel insurance at that time, too. The full amount is typically due 90 days before the ship sails. You will probably set up an account through the cruise line’s website to indicate in your profiles any preferences (e.g., non smoking, diets, physical limitations, etc.). After you have paid for your cruise, then you can select (and pay for) the optional shore excursions in each destination port.

Similar to airlines, all of the major cruise lines have rewards programs for frequent travels. Some consumers book travel with a single cruise line to generate as many rewards points as quickly as possible. Some pick itineraries based upon where they want to go, and then look for cruise lines sailing there.

Some consumers wait until the last minute and book whatever empty cabins are available. This is a good strategy for consumers (e.g., retirees) with flexible schedules who can travel on a moment's notice. It's a good way to get a cabin cheap, but you may not get the cabin location you want on a ship. This strategy works well if you live reasonably close to the departure port. If not, what you saved on a low-priced cruise may be eaten up by higher, last-minute, air fares.

7. Selecting your cabin: there is no single correct way. After selecting a ship or itinerary, some people select a cabin type: inside, outside, balcony, suite. Others pick a specific cabin on a ship they already know. All of the cruise lines have websites that present deck plans. My advice: no matter what type of cabin, you do NOT want a cabin underneath the disco, dining room, or lido deck pool... unless you like hearing footsteps overhead.

8. Use a travel agent? Some in your group will likely ask: are travel agents necessary? While you can do it all yourself and book your cruise through a cruise line’s website, you may want more service or have questions. Travel agents are there to answer your questions. They can give you the kinds of advice I mentioned above, recommend hotels in departure cities, often get you a lower price than the cruise line’s website, and book all elements of your vacation: the cruise, hotels, air travel, and transfers between airports, hotels, and cruise ship terminals. Whenever we work with a travel agent, we have in mind a budget and the probable retail price for the itinerary we want. We use a travel agent located nearby, so we can visit their office.

9. Read cruise reviews. Once you've selected 3 or 4 itineraries and ships, then it makes sense to read cruise reviews about the ships or itineraries you are considering. Many passengers write and post online their reviews. This is a good way to learn about the advantages and disadvantages of a ship or itinerary. A good place to read passenger-written cruise reviews is the Community section at the Cruise Critic site. Select the cruise line and then the cruise ship you are interested in.

As I said above, my wife and I have sailed on 22 cruises; both ocean and river cruises; and to most parts of the world: Mediterranean, Alaska, Hawaii, Bermuda, Panama Canal, the Caribbean, and northern South America. We have sailed on almost all of the above entry and mid-range cruise lines. We’ve only sailed on one of the luxury cruise lines.

Learn more: 8 tips about cruise ship vacations.

My friend really appreciated this detailed reply. If you have sailed on cruise ship vacations, what are your favorite itineraries? Your favorite destinations? Favorite ships? Any advice you have for new cruisers?


Developer Of Mobile Spyware App To Pay $500K Fine

Department of Justice logo The U.S. Justice Department announced the results of a court case where the developer of StealthGenie, a mobile spyware app, pled guilty and will pay a $500,000 fine. The app remotely monitors phone calls, text messages, video, and other communications on mobile phones.

Assistant Attorney General Leslie R. Caldwell said:

"Spyware is an electronic eavesdropping tool that secretly and illegally invades individual privacy... Make no mistake: selling spyware is a federal crime, and the Criminal Division will make a federal case out if it.”

Mr. Hammad Akbar, 31 and a Danish citizen, was the chief executive officer of InvoCode Pvt. Limited and Cubitium Limited, the companies that advertised and sold StealthGenie online. Users could install StealthGenie on a variety of mobile phones including Apple’s iPhone, Google’s Android, and Blackberry Limited’s Blackberry. The app was advertised as being untraceable.

This is the first ever criminal conviction involving the marketing of a mobile device spyware app. U.S. Attorney Dana J. Boente described how the app worked:

"The defendant advertised and sold a spyware app that could be secretly installed on smart phones without the knowledge of the phone's owner... This spyware app allowed individuals to intercept phone calls, electronic mail, text messages, voice-mails and photographs of others. The product allowed for the wholesale invasion of privacy by other individuals..."

Kudos to the Justice Department and F.B.I. for this conviction. I look forward to reading about more prosecutions and convictions of developers of similar mobile apps.


Banks Pay Huge Fines, Again. This Time For Foreign Exchange Trading Abuses

J.P.Morgan logo There is an interesting article in the Washington Post titled, "You Should Never Underestimate How Far Bankers Will Go To Game The System." Several banks recently paid huge fines:

"This time, it's a $4.2 billion fine. That's how much UBS, HSBC, Citibank, JP Morgan Chase, Bank of America, and the Royal Bank of Scotland are collectively paying to U.S., U.K., and Swiss regulators for rigging the foreign-exchange, or FX, market."

Citibank logo How the banks rigged the trading exchange:

"Traders at supposedly competing firms worked together to rig the benchmark FX rates in their favor. They deliberately triggered clients' stop-loss orders—the price they'd automatically sell at to limit losses—to boost their own profits. Along with revealing what trades their customers were about to make, which would let them all make it first... the bankers set up [online] chatrooms charmingly named things like "the 3 musketeers" where they planned all this out..."

Bank of America logo Kudos to regulators for catching the banks doing illegal activity. Before, it was abuses with residential mortgage-backed securities. The banks have often apologized for the abuses, but those apologies (and fines) are a mild, first step. Consequences must be more extensive.

U.B.S. logo This latest set of fines highlight what is wrong with the banking sector. Basically, the wrongdoing will continue as long as the likelihood of getting caught is low, no bankers go to prison, and the profits from said activities exceed the fines paid:

"... it's important to remember that these penalties are just the price of doing business for big banks—and tax-deductible ones at that.  And that's why the better news is that the Justice Department is still looking into criminal charges against some of these traders. Far too often, as Matt Taibbi has argued, the Justice Department has all too happy to have banks cut them a fat check rather than—and at the expense of—pursuing criminal charges that are hard to prove and even harder to explain to a jury."

The trading abuses went on for years. The Guardian UK reported:

"Two UK and US regulators said they had found a “free for all culture” rife on trading floors which allowed the markets to be rigged for five years, from January 2008 to October 2013.... In the UK, UBS was handed the biggest fine, at £233m, followed by £225m for Citibank, JPMorgan at £222m, RBS at £217m, and £216m for HSBC. Barclays has yet to settle. In the US, the regulator fined Citibank and JP Morgan $310m each, $290m each for RBS and UBS, and $275m for HSBC."

Consumers: when fines are tax deductible, it's a huge gift to banks because you are paying for the wrongdoing and not the banks. If fines continue to be tax-deductible fines, enforcement agencies fail to put bankers in prison, and politicians support the status quo, then the time to gather your torches and pitchforks fast approaches.


Rail Congestion And Delays Highlight Larger Issues Facing The USA

Last week, McClatchyDC reported:

"Last year’s freight congestion that was snarling Amtrak service in the upper Midwest has shifted east, and it’s gotten so bad that Amtrak has resorted to putting passengers on buses. Congestion on Norfolk Southern in recent weeks has delayed Amtrak trains from Chicago to Detroit, Boston, New York and Washington... Now it’s the Chicago-Washington Capitol Limited, which was late 97 percent of the time in September. At least through Friday, Amtrak is putting passengers of its Capitol Limited and Lakeshore Limited trains on buses between Chicago and Toledo, Ohio."

Everyone wants low-priced products. Rail systems move large volumes of low-priced products and keep transportation costs low. Everyone wants corporations to provide jobs. Those jobs can't happen if the country's rail system can't move products and good quickly, efficiently, and on time. This negatively affects the economy:

"Federal lawmakers and regulators are expressing concern about the congestion as it’s delaying freight shipments as well, notably for auto manufacturers, grain producers, coal-reliant electric utilities and even UPS."

BNSF logo Those who are quick to blame Amtrak or offer up the repetitive, knee-jerk privatization-is-the-answer claim, would be advised to remember that rail companies are having problems with the congestion:

"The nation’s largest railroads have been the focus of increased scrutiny because of congestion and safety issues around the growing transportation of crude oil. Last year, BNSF, which blankets the western two-thirds of the country, struggled to move a record grain harvest on top of an increasing volume of Bakken crude oil from North Dakota... Dave Pidgeon, a spokesman for Norfolk Southern, said the railroad was experiencing traffic volumes it hadn’t seen since the 2008 recession..."

Norfolk Southern logo So, our railway infrastrucutre can't seem to handle the good news of production spikes from grain, oil, and gas. How did this happen? How did the country get in this bind?

I love trains; both freight and pasenger. I think that it is important to remember that Congress voted in 2011 not to fund the high-speed rail project President Obama proposed in 2009. I'll bet that you forgot about that. USA Today reported in 2011:

"The House and Senate voted today to eliminate most of the $8 billion that President Obama sought next year for his vision of nationwide high-speed rail. Republicans trumpeted what they said was the death of the president's six-year, $53 billion plan, saying the future of fast trains lies along the Northeast Corridor, The Hill writes. The funding was eliminated in a deal with Democrats on a spending bill for the Transportation Department and other agencies..."

Other countries have "bullet train" systems. The USA doesn't. The President's 2009 proposal would have fixed that with a 220-mph bullet train in California, and provided Americans with J-O-B-S. Just this past week, a multitude of news media reported that China is the world's largest economy, or soon will be depending upon which economic indicators you use. Well, China has bullet trains. Last year, Japan tested an even faster 310-mph bullet train. Where is American innovation?

A great nation deserves a railway system that can move both freight and passengers quickly and efficiently. Right now, the USA can't. We are left with delayed freight, delayed passengers, and some passengers shifted to buses. Embarrassing.

The same 2011 USA article quoted conservative politician Shuster from Pennsylvania:

"Today's vote marks the end to President Obama's misguided high-speed rail program, but it also represents a new beginning for true intercity high-speed passenger rail service in America," Rep. Bill Shuster, R-Pa., chairman of the House subcommittee on Railroads, Pipelines and Hazardous Materials..."

Those Amtrak passengers that were bused should ask representative Shuster, and their elected officials, where is the high-speed rail he promised. Roughly 90 percent of households own cars. Car ownership by households has decreased since 2004, partly due to the last economic recession. Some studies have found that fewer youth buy cars. The trends of depressed wages and minimum-wage jobs will likely place continued downard pressure on car ownership. Those voters seek alternate transportation methods. Some want too use trains; for commuting and/or to avoid long car/bus trips in cramped seating.

Air transportation is not a viable long-term solution. It can't move the large freight volumes cost effectively. People I know who fly a lot on commercial airlines complain about the experience. You may remember some fights in the air earlier this year when passengers installed devices to prohibit seats in front of them from reclining. People mistakenly focused upon the device (e.g., Knee Defender) instead of the root cause: insufficient leg-room decisions by airlines. In a world with increasing prices for energy and concerns about climate change, you'd think that improvements to our railway infrastructure would get greater attention.

Click to view larger image of inter-city express trains. Cologne, Germany. September 2014 In 2000, I rode the high-speed inter-city rail between Munich and Nuremberg, Germany. (Generally, high-speed is over 200 kilometers per hour or 124 miles per hour.) It was fast, efficient, comfortable, fun, and on time. That was in 2000! Last month, I rode high-speed rail again in Europe between Hamburg, Cologne, and Amsterdam. Again, it was fast, efficient, comfortable, fun, and on time. There were no delays; no busing. None.

Meanwhile, back in the USA we remain focused on our love affair with autos: every person on their own in their own auto, despite the consequences from a lack of investment in our railway infrastructure. It's a myopic view. So much for American exceptional-ism.

A great nation needs a great railway system. Period. What are your opinions about the state of train travel in the USA?

Click to view larger image of passing a commuter train while on board an inter-city express train. Amsterdam, Netherlands. September 2014


Cruise Review: Sept. 13 - 27 Viking River Cruise From Amsterdam to Budapest

Click to view larger image of bicycle riders in Amsterdam, Netherlands. September 2014

For our 15th wedding anniversary, my wife and I enjoyed a vacation in Europe that included a two-week river cruise. Many people have asked me what a river cruise is like. So, today's blog post shares our experience and offers some travel advice.

We are experienced cruisers with 19 ocean cruises to various regions: Alaska, Caribbean, and the eastern Mediterranean. Those sailings included ships by several cruise lines: Carnival, Norwegian, Royal Caribbean, Princess, Celebrity, Holland America, Costa, and MSC. What's a river cruise like? Read on below.

Plan Ahead

We began researching our trip about 18 months before the departure date. This approach allowed us to browse and compare cruise lines, ships, itineraries, and prices. Early planning provided time to discuss travel plans with friends interested in traveling with us. We settled on the Grand European Tour itinerary by Viking River Cruises. The itinerary, sailing between Amsterdam and Budapest, included 15 days, 3 rivers (e.g., the Rhine, Main, and Danube), 5 countries, 16 towns, and 60+ locks. We'd visited Europe before and this itinerary included an interesting mix of destinations we had and hadn't visited.

Click to view larger image of house boats in a canal in Amsterdam, Netherlands. September 2014 You can sail the Grand European Tour itinerary in either direction. After reading the Viking River Cruises site and the River Cruises section of the Cruise Critic site, we settled upon the eastbound sailing from Amsterdam to Budapest. Prices for river cruises seemed significantly higher than ocean cruises, so we looked for discounts. We have used the Cruise Critic site before, and I highly recommend it; especially the passenger-written cruise reviews in the Community Forum section.

Viking offers three types of cabins: standard with small porthole windows, ocean views with floor-to-ceiling windows, and balconies. To save money, we selected the lowest priced cabin. From past cruising experience, we spent little time in the cabin.

Based upon our research, we noticed that prices are higher for river cruising compared to ocean cruises. A direct comparison is a little unfair since Viking's prices include shore excursions and free, unlimited beer/wine at lunches and dinners, while base prices for most ocean cruises exclude shore excursions and beer/wine/liquor packages. We were able to save money (~50 percent) by using Viking's "2-For-1" discount plan. To get the discount meant sending money early. I realize that not everyone is comfortable paying for a cruise a year in advance, but the savings appealed to us.

Pre- Or Post-Cruise Activities

Click to view larger image of Hamburg, Germany. September 2014 We always plan to arrive in the cruise departure city one or two days before the ship sails. That ensures stress-free travel, especially if there are flight delays due to weather. For this trip, we wanted additional time to visit Hamburg and Cologne. So, we budgeted three days in Hamburg to explore the city and to visit the Miniatur Wunderland model train exhibit; three days in Cologne to sight-see, visit the Chocolate Museum, and sample several local beers recommended by family living in a Cologne suburb.

We also budgeted three days to explore Amsterdam. I used the RickSteves site to research things to do in each city. We weren't interested in any post-cruise stays in Budapest. After adding in travel time between the airports, hotels, and cities, our total vacation schedule included 25 days.

Booking Travel

A friend traveling with us recommended a travel agent. We used that travel agent to book our trip on the Viking Alsvin cruise ship. In addition to Viking's 2-For-1 discount, that agent secured an additional discount for us. To protect our investment, we also purchased travel insurance with Travel Guard. We've used Travel Guard before and have been satisfied with their services.

Similar to ocean cruise lines, river cruise lines offer travel options that combine air and cruise travel, plus (bus) transfers between the airports and cruise terminals. Given our 25-day schedule, the travel agent wanted to charge a deviation fee from the cruise line's normal air-cruise transfers package transfers. The fee was hefty, so we decided to book air, hotel, and transfers on our own. We didn't want to do that work, but we disliked the fee more.

We prefer non-stop flights and booked non-stop flights on Lufthansa between Boston and Munich. Non-stop flights make travel easier and minimize stress from flight delays and changing planes. With air booked, we focused upon travel from Munich to Hamburg, Hamburg to Cologne, Cologne to Amsterdam, and Budapest to Munich. We initially considered train travel because I love trains, and train travel in Europe is efficient. Given the distances, that plan evolved into a mix of air and train travel: Air Berlin from Munich to Hamburg, trains between Hamburg, Cologne, and Amsterdam, and Air Berlin from Budapest to Munich.

Schedule Change From Viking

We left for our vacation as planned. While in Cologne, we tracked the Viking Alsvin's GPS position using the MarineTraffic site. Something seemed odd since the ship was sailing the Danube river instead of the Rhine river. Then, I received an e-mail message from the Customer Relations department at Viking River Cruises:

"Thank you for choosing Viking Cruises for your upcoming European cruise. Due to a scheduling change you will be welcomed aboard Viking Bragi.  Like Viking Alsvin, Viking Bragi is a new, state-of-the-art Longship, featuring all the same comforts and style as the rest of the Viking Longship fleet. She also has a warm and welcoming staff who will be delighted to have you as our guest. Your stateroom category and room number will remain the same."

The Bragi was built in 2013; the Alsvin in 2014. So, both are new ships. Both feature the same deck plans with four decks. Each carries about 190 passengers and 50 crew members. The notice didn't explain what prompted the "scheduling change," and an e-mail to the cruise line asking for more details went unanswered. We'd hear more about that later during the cruise.

Our Viking Cruise

Click to view larger image of Viking Bragi long-ship docked in Amsterdam, Netherlands. September 2014 We happily boarded the Bragi in Amsterdam and began our cruise. We found the crew hard working, attentive, and very professional. The ship and our cabin were clean and comfortable. The digital television system in our cabin offered a wide variety of programming, including European cable channels, music, and information about the cruise. WiFi was accessible in many areas of the ship, and the connection speed was acceptable. Since WiFi is dependent upon a satellite connection and a cruise ship is a moving vessel, broadband speeds may be slower than you are accustomed to at home. The on-board dining room featured five-star dining at every meal. The food and service were superb. The portion sizes were excellent.

During the first night we experienced plumbing problems in our cabin. Water from the bathroom sink backed up into the shower. After a late-night call to the front desk, a maintenance crew arrived and fixed the blockage. Unfortunately, the plumbing problem occurred again the next morning. After another call to the front desk, the maintenance crew returned and fixed the blockage. We did not experience any more plumbing issues, but the experience left us a little jittery since this was a new ship.

Day two included an awesome shore excursion in Kinderdijk, Holland to a UNESCO World Heritage site featuring 19 working windmills built during the mid-1800s. The tour guide explained how windmills operate, and the tour included the opportunity to explore the interior of a windmill.

Three key advantages of river cruising quickly became apparent:

  1. The focus is upon shore excursions. Everyday there is a new port to explore. You can use the shore excursions included with the cruise price, or pay a little more for optional, special excursions. Local guides led all of the shore excursions. In most ports, there was time after a shore excursion to explore on your own. We did this whenever possible.
  2. The ship's public spaces (e.g., dining room, lounge, cafe, sun deck) encourage you to meet other passengers. There is no assigned seating in the restaurant, and one seating. We met many other passengers.
  3. The ship's public areas allow passengers to easily watch (and photograph) the spectacular landscapes, castles, and towns you sail by. You pass something interesting every day.

The original schedule for day three included 10 hours docked in Cologne. We had planned to use that time for the included shore excursion, to explore on our own, and to meet family and friends. That plan quickly changed when the ship's Program Director informed all passengers that dock time in Cologne would be reduced by three hours. The Bragi needed more sailing time.

This was a disappointment. We completed the shore excursion, but had no time to meet family and friends at the pier. The optional shore excursion, a pub crawl around Cologne, was cancelled.

Click to view larger image of a view of the Rhine river from the Marksberg Castle. Germany. September 16, 2014 The Bragi's slow sailing speed caused other changes. The original schedule for day four included a stop at Koblenz for a shore excursion to the Marksburg Castle via bus, and then rejoin the ship further upriver in Braubach. Instead, the ship skipped Koblenz and docked at Braubach for us to depart on our shore excursion. During our shore excursion, the Bragi sailed further upriver where we rejoined it at St. Goarshausen. So, we missed seeing Koblenz, and spent more time traveling in buses to stay on schedule.

We quickly learned that things can change during a river cruise. Viking has buses pre-positioned in port destinations to carry passengers for bus-based shore excursions. If a ship encounters delays, Viking will use those same buses to move passengers to stay on schedule.

The day five stop included a wonderful walking tour around Miltenberg. We ate and drank beer in the hotel Zum Riesen, which many claim is Germany's oldest inn. The beer tasted great. The day six stop in Wurzburg featured an awesome shore excursion to the baroque Bishops' Residenz, a huge and very ornate palace, which is another UNESCO World Heritage site. If you have never visited this palace, I strongly encourage you to do so. You probably have seen nothing like it.

After leaving Wurzburg, the passengers were informed that we would be switching ships in Nuremberg to "get back on schedule." All passengers sailing on the Bragi from Amsterdam to Budapest would switch to the Alsvin, and similarly all passengers sailing on the Alsvin from Budapest to Amsterdam would switch to the Bragi.

The day seven schedule included a stop in Bamberg. I decided to skip the shore excursion and stay on board. Things became controversial that evening when one passenger got lost and missed the bus to return to the ship. Staff looked for this poor soul who, rather than staying in one spot, kept looking for the bus. They eventually found this person, but the damage had been done. The ship missed its scheduled time to transit the locks and we were forced to dock overnight at Bamberg, next to the smelly town dump.

This delay had a ripple effect: we spent more time the next day in buses to stay on schedule, and to complete shore excursions in Nuremberg. The stop in Nuremberg didn't include free time to explore on our own. Disappointing.

For the day seven shore excursion in Nuremberg, I took the optional World War II Documentation shore excursion. After a bus tour around downtown Nuremberg, we stopped to enter an administrative building used after World War II for the trials. That included a tour of Court Room 600.

After re-boarding the bus, the tour continued with a visit to areas used by the NSDAP/Nazi party circa 1929 – 1941. The areas included the Zeppelin Field (Adobe PDF), a parade ground for rallies, the incomplete Congress stadium (modeled after the Coliseum in Rome), and the Documentation Center (DC). The DC presented a wealth of details about how Adolph Hitler rose to power, democratic freedoms were removed in Germany pre-1933, and the many programs to remove and eliminate minorities – much based on pseudo-science. I was struck by the efficient propaganda machine, manipulation of citizens, removal of democratic freedoms, sneaky efforts to circumvent the post-WWI treaty of Versailles, and efforts to hide militarization prohibited by that treaty. It was a stark reminder about how citizens must carefully watch how any political party says one thing and does another. That shore excursion felt rushed. I could have spent two days in the DC, not two hours.

The day ten stop was at Passau, Germany a beautiful town where three rivers converge. We took the included shore excursion: a guided walking tour and a wonderful organ concert in the 17th centur Saint Stephen's Cathedral.

The day 12 stop in Vienna included a bus tour of the city and a complimentary Mozart and Strauss concert by the Wiener Residenz Orchestra. This was fabulous. The concert was in a private room that held about 350 guests. The 13-person orchestra included two dancers. This concert originally cost 64 Euros per person, but the cruise line provided it for free to compensate passengers for the inconveniences we had experienced.

We arrived in Budapest at night-time, which is probably the best time to arrive. You see the city buildings and bridges lit up. It is a unique, wonderful sight; another advantage of an eastbound sailing itinerary.

When leaving the ship, Viking ordered our car service since we had an early-morning flight departure. This level of service is noteworthy, as it is something we never experienced on ocean cruises. It was a pleasant 45-minute ride from the cruise ship to the airport. I paid the driver with a mix of Hungarian Forints and Euros.

Fitness Challenges

Click to view larger image of Sun Deck on the Viking Bragi long-ship. September 2014 For passengers interested in exercise and relaxation alternatives, the Sun Deck on the Viking Bragi is the place. It features a walking track (not running/jogging), lounge chairs for sun-bathing, tables and chairs for eating, a three-hole putting green, an over-sized chess set, and a shuffle board. Viking ships are designed so that railings, the pilot's house, and other items on the Sun Deck can be lowered to enable the ship to navigate under low bridges. Sometimes, the clearance is only a few feet. Our Viking cruise documents stated:

"Weather permitting, the ship's sun deck is the most popular area when the ship is sailing. During passage through locks or under bridges, it may be necessary to close the sun deck for passenger use. We invite you to use the other outdoor areas during these times."

May be necessary? During our cruise, the Sun Deck was closed for five straight days, about one-third of the total cruise, due to low bridges. I wish that the cruise documents had been more forthcoming about the closure. I practice T'ai Chi and the Sun Deck is the only place on board the ship with sufficient room. Several passengers joined me, and tai chi became a very social activity. The shuffle board and chess set seemed to have gone unused the entire cruise. We noticed that other cruise lines' ships had hot tubs.

The Viking cruise documents say that passengers wanting exercise options can use the on-board concierge to make appointments with land-based gyms and fitness clubs. One person in our travel group asked the concierge for assistance renting bicycles. The concierge needed time to research bicycle rental options. Perhaps, the cruise line should store bicycles on board. My impression: using land-based fitness clubs doesn't appeal since time the ship is docked in ports is already limited. Time spent at a land-based gyms could easily replace time for shore excursions.

Switching Ships

Every evening before dinner, the on-board Program Director explained to passengers during a Briefing in the Lounge what would happen the next day. This was a useful and appreciated method to keep passengers informed. During these briefings we heard about schedule changes affecting shore excursions. The Program Director on the Bragi worked very hard to explain things, and I got the impression that Viking's corporate headquarters made decisions the crew just had to react to.

The day before arriving in Bamberg, the Program Director explained what would happen during a ship switch. Basically, passengers packed up their luggage and settled their accounts on one ship by paying their on-board bills. Cash and credit cards were the options. The crew transported passengers' luggage to the new ship. During our shore excursion in Nuremberg, the buses took us to our destinations, and then transported us to the new ship.

Switching ships is a hassle in that you spend time packing and unpacking luggage; which defeats the purpose of booking a two-week cruise so you pack and unpack only once. Viking recognized this hassle and compensated passengers with free drinks and a complimentary concert during the shore excursion in Vienna, Austria.

Families And Children

Viking River Cruises' target audience seemed to be people ages 50+ and retirees. There were no children on our sailing. I did not see any resources on-board for children. Most passengers were from Canada. To enjoy a European river cruise, you should be pretty mobile. There is a lot of walking and uneven cobblestone paths in many historic sites. During our cruise, I saw a few passengers with canes or walkers. I didn't see any passengers in wheelchairs.

Summary

River cruises provide many conveniences: plenty of shore excursions, knowledgeable and local tour guides, great dining on board, spectacular sights, professional service by the staff, and the opportunity to sample beers and local foods daily in every port. You unpack and pack once.

Is a river cruise for you? Only you can decide that for yourself. I've been told that most river cruise itineraries don't include switching ships as we did. Regardless, it seems that things can quickly change during a river cruise. Weather can produce high or low water levels affecting navigation. River traffic, broken locks, and lost passengers can cause delays. Delays mean more time spent in buses to stay on schedule.

To be fair, weather (e.g. hurricanes, storms) can disrupt ocean cruises, too. I found the sailing on a river cruise to be far smoother than ocean cruises. People who avoid ocean cruises because of seasickness may find river cruises appealing. During our river cruise, we frequently never knew we were moving. At night and in bed, you may hear or feel the ship's rumble. That applies to both river and ocean cruising.

If you have never cruised before, then a river cruise is a great way to experience a cruise and meet people. You can pick a shorter itinerary than the two-week sailing we selected. A river cruise is a very social experience.

If you have sailed on ocean cruises before, then you know the importance of deck plans. When researching river cruise lines and ships, pay close attention to deck plans so you know what is (and is not) available on board. The available activities may or may not fit your lifestyle. For me, I was aware and still missed the on-board casino, hot-tubs, spas, and athletic facilities commonly offered on ocean cruise ships. I would not select a river cruise during the colder months because outdoor areas, such as the sun deck, would be even more inaccessible.

Are river cruises better than ocean cruises? Only you can decide. The important considerations are your lifestyle preferences and the regions, cities, and towns you want to visit. Some people may become bored with multiple shore excursions to churches, palaces, and castles. Others never get bored. If you are considering a river cruise, hopefully this cruise review has given you an idea of what it's like.

If you have sailed on river cruises, please share your experiences below, including the cruise line, ship name, and destination.

Click to view larger image of model train layout at Miniatur Wunderland exhibit in Hamburg, Germany. September 2014