Introducing… Free Money

This is the first post in a new series called Free Money. The plan is to start with $50 Canadian and see how fast it can be grown, or lost, online.  Any online site is fair game but there will be no buying and selling on sites like eBay. The experiment will be limited to prediction contracts, equities, forex, bets, whatever can generate a return without actually producing a physical good.

With such a small amount of starting capital it is hard to really get into any serious trading online and so we will start in the minor leagues.  Prediction markets have popped up in the mainstream news over the last few years and are perfect for our needs. The contracts are cheap and have defined payoff dates so they make a good place to begin. The merits of various prediction markets such as inTrade (not currently operational), iPredict, Betfair, etc. are discussed in many places online so we will not cover the benefits and shortcomings of each here.  If a particular service is used then it will be mentioned but no single service is going to be endorsed. A new post will be made after every transaction is performed. Let’s get started.

On Thursday there were rumours that Cypress was going to sell about 500 million euros worth of gold to help with their financial problems.  The goal is to find some way to benefit from a drop in the price of gold.

I decided on iPredict for this first transaction. For anyone not familiar with iPredict the contracts have hard deadlines.  The contracts pay $1 if the event occurs and $0 if it does not. The price is always between 0 and 1 dollar and is meant to indicate the chance of the event occurring.  So a contract selling for 45 cents means the event has a 45% chance of occurring. If you disagree with the number then you enter the market and make your money. You can either buy or sell contracts and yes you can sell short. Because of the small size of the prediction markets you normally cannot just decide a price is appealing and then buy/sell as much as you like. There are only so many contracts available and their values can vary quite a bit if you buy more than 5 at a time. This means that in some cases you need to spread your prediction around to a few different contracts.

The London PM price of gold on Thursday April 11th was US$1,565.00. There were two predictions of intrerest and after a few quick calculations and trades the current position is:

London Fix AM Gold price to be LESS THAN US$1,570 on 1   May 2013

+48 (long) Avg.Cost: $0.5134.
Total Cost: $24.6432

Gold price to be greater than   or equal to US$1,570 and less than US$1,600 on 1 May 2013

-50 (Short) Avg.Cost:$0.3018.
Total Refundable Cost(to cover largest possible loss): $34.91

After trading fees, 10 cents cash remained.  Total Cost: NZ$59.6432

The original plan was to trade $50 Canadian dollars but iPredict is in New Zealand. NZ$60 was deposited and there was a NZ$1.05 deposit fee. So in the end the total investment was about CDN$53.14.  To make all future posts easier our starting amount will be considered CDN$55.

The contracts are complete on May 1st 2013 but since this is a prediction market they can be traded at any time.  The plan is to keep them until the contract date but if there are any changes you can be sure that you will see them here on If all goes according to plan the free money should be flowing in no time.


Recent WordPress Brute-Force Attacks

Over the last few weeks this site has been subjected to a brute force attack. I took it as a complement since it is the second hack attempt this year, the first being successful. My site must be in high demand.  The botnet is using the login name “admin” and then trying to guess the password.  So essentially this an attack targeted at people that install the WordPress system and leave everything on the default settings (my login is admin1, of course).  It seemed fairly harmless as I was only getting about 5 attempts an hour in short bursts.  Even if I had a user with the name admin, at that rate the password would never be guessed.

Earlier this week the login attempts started accelerating and I decided to look into this a little more.  Turns out this is a actually a massive attack on all WordPress sites across the internet.  You can get the details from Ars here. Not being targetted specifically is a bit of a relief but kind of a let down as well; I guess the site is not in that high demand after all.

So if you are running a site/blog using the WordPress system then you need to login and make sure that you do not have an account named admin.  For now it seems that unless you are in control of your hosting server then the best bet is to wait.  Not the most reassuring advice. Installing an IP logger on your login page will give you an idea of the size of the attack but installing any of the more server hungry PHP-based login security plug-ins is probably not a good idea at moment unless you know what you are doing.  And really, if you have your admin account set to “admin” then you really do not know what you are doing.  If configured incorrectly, some login security plug-ins will cause your server to crash under such a larger number of requests.  If you do insist on using admin as your login name then at least follow XKCD’s advice on passwords.