1055 stories
·
36 followers

The Company Serving the Needs of the Permanent Rural Underclass

3 Shares

This profile of how Dollar General fills the shopping niche of the nation’s permanent rural underclass should be sobering.

Dollar General’s sales per square foot have risen steadily in recent years, to $229, but they’re still far below the industry average of $325 and less than half of Walmart’s. Their gross profit margins were 30.9 percent over the last five years, though, compared with 25.1 percent at Walmart. The dollar chain doesn’t carry the big-ticket purchases—bikes, appliances—that Walmart does. It thrives mostly on selling low-ticket items and basics, such as toilet paper, that help shoppers on tight budgets get through the week. At Dollar General, a package of eight Pop-Tarts is $2, or 25¢ a tart. At Walmart, shoppers can buy the same eight-pack, but more often they save by spending $9.98 for a bulk package of 48—only 20¢ a tart. Dollar General doesn’t offer much bulk. A Dollar General store also has lower startup costs; it spends as little as $250,000 for a new store, vs. the more than $15 million Walmart puts into a new Supercenter.

The company declined to comment for this story, but in March 2016, Chief Executive Officer Todd Vasos outlined the chain’s “2020 Vision” for 125 investors gathered at a hotel in Nashville, south of the headquarters in suburban Goodlettsville, Tenn. (Shareholders include T. Rowe Price Associates, the Singapore sovereign wealth fund GIC, BlackRock, and Vanguard Group.) The presentation detailed a site-selection strategy focused on small towns, dubbed “Anytown, USA.” Then Jim Thorpe, Dollar General’s chief merchandising officer at the time, defined the core customer for the investors: “Our Best Friends Forever”—an extremely cash-strapped demographic, with a household income less than $35,000, and reliant on government assistance, that shops at Dollar General to “stretch budgets.” Thorpe said these BFFs represented 21 percent of the chain’s shoppers and 43 percent of its sales. His final slide touted a goal of increasing sales 50 percent, to $30 billion, by 2020.

There are really only two ways brick-and-mortar retailers can meet such a grand goal: open hundreds of stores or, much harder, radically increase same-store sales. Vasos’s presentation included a map that looks similar to an epidemiological forecast, with yellow and green dots spreading like a pox. The yellow dots represented the chain’s 12,483 existing stores. The 13,000 green dots were the “remaining opportunities”—some in low-income urban neighborhoods, but most in small and very small towns. There’s almost no white space east of the Mississippi, except for the tip of Maine and southernmost end of Florida. The Rust Belt is overflowing with green dots piled upon yellow, and the Eastern Seaboard is almost exclusively green.

Dollar General’s chief rival, Dollar Tree Inc., which also owns Family Dollar, has a plan that’s almost as ambitious. In a recent Securities and Exchange Commission filing, Dollar Tree indicated that it believes the U.S. market can support 10,000 Dollar Trees and 15,000 Family Dollars. That’s almost 11,000 more stores than its current 14,500, though it isn’t putting a timeline on the expansion. In August, Randy Guiler, vice president for investor relations at Dollar Tree, told me it would “determine each year what our pace of growth will be.”

“It reminds me of a craps table,” Brown, the commercial real estate analyst, says. “Essentially what the dollar stores are betting on in a large way is that we are going to have a permanent underclass in America. It’s based on the concept that the jobs went away, and the jobs are never coming back, and that things aren’t going to get better in any of these places.”

So the future of small-town America is not even Walmart. It’s the dollar store chains. And that’s not great when it’s your only option, either as a consumer or as an employee. But there are huge opportunities here because, combined, there are still a lot of people in these towns. The endemic struggles of these places is part of our broader national failure to have a rural planning strategy that makes any sense at all. It’s pretty much just about waiting for these people to move or die, which isn’t a strategy at all.

I will say that the one weakness of this story is that the whole thing is coded white. The profiled town is in the same county as Walmart headquarters in Bentonville, Arkansas, which is a white area, being the Ozarks. But the meatpacking industry there has led to a big racial transition. In 2000, the town was 16.5 percent Latino. In 2010, it was 28.4 percent Latino and presumably that number has increased since then. Yet every person talked to seems to be white. Given that Latinos tend to open their own stores, that’s part of the story too. Moreover, it’s worth noting that this nation has always had a permanent underclass–people of color. That’s hardly a new thing. But in this story, as in so many others, especially since the election, non-whites are largely erased from these stories of working class hard times. The article at least mentions Latinos in meatpacking, but that’s it. So there’s more to this story. But it’s still important in making us aware of the need for a real rural policy in this country. If nothing else, the outsized political impact of rural communities and low-population states should make this a priority for the left.

FacebookTwitterGoogle+Share

Read the whole story
wmorrell
3 days ago
reply
Share this story
Delete

You can do everything in Javascript with six characters: []()!+

1 Comment

Springing from the august tradition of esoteric programming language Brainfuck, behold the mind-mangling power of JSFuck. (more…)

Read the whole story
wmorrell
4 days ago
reply
Javascript is the gift that keeps on giving.
Share this story
Delete

New KRACK Attack Against Wi-Fi Encryption

1 Comment and 2 Shares

Mathy Vanhoef has just published a devastating attack against WPA2, the 14-year-old encryption protocol used by pretty much all wi-fi systems. Its an interesting attack, where the attacker forces the protocol to reuse a key. The authors call this attack KRACK, for Key Reinstallation Attacks

This is yet another of a series of marketed attacks; with a cool name, a website, and a logo. The Q&A on the website answers a lot of questions about the attack and its implications. And lots of good information in ArsTechnica article.

There is an academic paper, too:

"Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2," by Mathy Vanhoef and Frank Piessens.

Abstract: We introduce the key reinstallation attack. This attack abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key. This resets the key's associated parameters such as transmit nonces and receive replay counters. Several types of cryptographic Wi-Fi handshakes are affected by the attack. All protected Wi-Fi networks use the 4-way handshake to generate a fresh session key. So far, this 14-year-old handshake has remained free from attacks, and is even proven secure. However, we show that the 4-way handshake is vulnerable to a key reinstallation attack. Here, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying handshake messages. When reinstalling the key, associated parameters such as the incremental transmit packet number (nonce) and receive packet number (replay counter) are reset to their initial value. Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake. The impact depends on the handshake being attacked, and the data-confidentiality protocol in use. Simplified, against AES-CCMP an adversary can replay and decrypt (but not forge) packets. This makes it possible to hijack TCP streams and inject malicious data into them. Against WPA-TKIP and GCMP the impact is catastrophic: packets can be replayed, decrypted, and forged. Because GCMP uses the same authentication key in both communication directions, it is especially affected.

Finally, we confirmed our findings in practice, and found that every Wi-Fi device is vulnerable to some variant of our attacks. Notably, our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key.

I'm just reading about this now, and will post more information
as I learn it.

EDITED TO ADD: More news.

Read the whole story
wmorrell
4 days ago
reply
Yep, this is bad.
denubis
3 days ago
Is it bad that as an academic kinda sysadmin my first response is "phew. I don't need to burn a monday doing emergency patches?"
Share this story
Delete

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

1 Comment

(credit: Aurich Lawson / Thinkstock)

An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severe vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time. An advisory the US CERT recently distributed to about 100 organizations described the research this way:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

According to a researcher who has been briefed on the vulnerability, it works by exploiting a four-way handshake that's used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it's resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.

Read 5 remaining paragraphs | Comments

Read the whole story
wmorrell
4 days ago
reply
Well this week should be interesting. 🤢
Share this story
Delete

Google Disables Button on Home Mini in Response to Privacy Bug

2 Comments

Matt Weinberger, writing for Business Insider:

Google is permanently disabling a feature on the forthcoming Google Home Mini smart speaker after a reviewer discovered that it was surreptitiously recording his conversations without his knowledge or consent.

The issue, Google says, was that the button on top of the device was faulty and would sometimes activate on its own. In response, Google acknowledged the bug and issued a software update that would disable that button for all users while it explored a long-term fix.

I try not to play the “What if this were Apple?” card often, but come on. This is ludicrous.

Read the whole story
wmorrell
6 days ago
reply
“Oh, so advancing speech recognition technology by decades with a massive training corpus of candid speech is considered evil now?” — some Google engineer, probably. Yes I know they officially quit using the “don’t be evil” motto years ago.
Share this story
Delete
1 public comment
joelowrance
6 days ago
reply
I'm probably naive,but if it was Apple? I'd believe it actually was an accident.

The Rules of the Gun Control Debate

3 Shares

David Frum on the implicit, unspoken rules of the gun control debate in the U.S.:

Rule 3. The debate must always honor the “responsible gun owners” who buy weapons for reasonable self-defense. Under Rule 1, these responsible persons are presumed to constitute the great majority of gun owners. It’s out of bounds to ask for some proof of this claimed responsibility, some form of training for example. It’s far out of bounds to propose measures that might impinge on owners: the alcohol or drug tests for example that are so often recommended for food stamp recipients or teen drivers.

Rule 4. Gun ownership is always to be discussed as a rational choice motivated by reasonable concerns for personal safety. No matter how blatantly gun advocates appeal to fears and fantasies — Sean Hannity musing aloud on national TV about how he with a gun in his hands could have saved the day in Las Vegas if only he had been there — nobody other than a lefty blogger may notice that this debate is about race and sex, not personal security. It’s out of bounds to observe that “Chicago” is shorthand for “we only have gun crime because of black people” or how often “I want to protect my family” is code for “I need to prove to my girlfriend who’s really boss.”

Read the whole story
wmorrell
13 days ago
reply
Share this story
Delete
Next Page of Stories