Category: Corporate policy gone wrong

Google chooses misandry

I recently got a Future Me email (an email sent to my future me):

Dear FutureMe,

Today is International Men’s Day. Every year, Google celebrates International Women’s Day with a Google Doodle. And every year, Google gives the finger to International Men’s Day. Can you spell misandry?

I deleted my Google account today. I don’t need misandrists in my life.

Me, November 22, 2024

I also deleted my Google account on the theme Make Orwell Fiction Again. I have a hat I bought for myself and as gifts. It seemed hypocritical to have a Google account and be promoting Make Orwell Fiction Again.

Google might have recognized their own misandry and decided to treat men with as much respect as they treat women with a Google Doodle on November 19. But I would not bet money on 2025 being that year.

pfSense 24.11 is not good

I had purchased the Netgate 3100 from the company because I thought that would get me the best compatibility and support. Well, an update was made available: 24.11-RELEASE (arm) and I made the mistake of applying it six days ago. My whole router/firewall has crashed thrice since then.

I’ve been pretty unhappy with Netgate for a while now, so a couple of days ago I pulled the trigger on purchasing a Protectli Vault V1210 Mini PC. I’ll install OPNsense on it and duplicate what I have in the Netgate. Then the Netgate 3100 will go to the landfill.

When I bought the Netgate appliance, I didn’t know about the shenanigans the Netgate owners were doing with their staff. I wish I had known that; I would have started with something other than Netgate.

In the Make Orwell Fiction Again category, I remember reading several articles about how the Netgate owners screwed a former employee, and it ended up in lawsuits. Those stories have now been memory holed. Sigh.

Later, I found a definite bug in their SMTP over TLS implementation, in the initialization routine. Mind you, I’ve been doing SMTP for more than twenty years. I know how to do SMTP via telnet, and can do really low-level commands with it. Everyone with that particular version of pfSense would be affected by not being able to do SMTP over TLS to an outside mail server because of this initialization bug.

I wrote up the bug with the steps to duplicate it, and I tried to submit it to Netgate technical support.

Their answer was “You don’t have a current support contract. Buy a support contract, and we’ll work on it.”

I am not paying you to fix your shit. You should be paying me for so clearly identifying where your software fell down.1 The pfSense user interface under System > Advanced > Notifications has a checkbox to Enable SMTP over SSL/TLS. This should work, and it did not. I went through the steps at the command line level, and everything was there and workable. The certificates validated, and email flowed like it should – if I did it manually.

That they wanted me to pay them to fix their broken software is galling.

I do miss the days of Novell, where their published policy was “Yes, you need to pay to open a support ticket, but if this turns out to be our bug and not something you could have fixed on your own by RTFM2, then we will refund you your money.” I think in the twenty years I was a GroupWise admin, almost every support ticket I opened with them ended up being zero cost for us. Once, the support technician said that yes, they had already known about the bug, but the Technical Information Document (TID) was only a day away from being published. Heh. If I’d waited a day, I could have RTFM’d the TID and not bothered with opening a ticket. Yes, he refunded us the support ticket cost. Sure enough, the next day the TID was published, with exactly the same steps the support technician walked me through to solve the problem.

  1. I’m pretty sure it was an extra carriage-return character when calling OpenSSL. ↩︎
  2. The Novell folk were always nice and polite, so in this case it is Friendly manual ↩︎

Expedia Untrustworthy: my frustrating encounter at a Holiday Inn Express in Gridley, California

My stay at the Holiday Inn Express in Gridley (Oroville Lake) wasn’t particularly terrible. However, during the checkout process, something incredibly bothersome occurred: they adamantly refused to provide a printed receipt (folio). The counter agent simply refused, conveniently attributing it to management’s decision.

It’s possible that this nonsensical decision stemmed from misguided management. I don’t hold the agent responsible for following instructions. Nonetheless, two aspects make this situation particularly irksome:

Firstly, I understand why financial departments require receipts: scammers exist. Secondly, they lied about sending me an email receipt.

Anyone can make a reservation, receive the email confirmation, print it out, present it to the finance department for reimbursement, and then cancel the reservation. Financial departments are aware of this, which is why they rightfully demand proof of actual hotel stays. The receipt (folio) contains the final charges and the checkout date.

The Holiday Inn Express in Gridley, California, flat out refused to provide me with the receipt/folio: all because someone wanted to save a penny on a piece of paper.

This would have been less troublesome if they had actually sent me the email receipt as promised. However, they failed to do so. I highly doubt that the agent knew for sure—she was probably instructed to inform customers that they would receive an email.

To clarify, the email receipt did not end up in my junk mail folder. I’ve been an email administrator for twenty years. I ought to be able to figure that out, no?

This ordeal frustrated me to the point that I decided to leave a negative review on Expedia. That’s when I discovered that Expedia allows property owners to censor the reviews they display. Each time I submitted a review, I received a rejection message claiming it was unacceptable. I tried toning it down and making it friendlier, but it still didn’t meet their standards. Only after significantly revising it did they finally accept it.

The most valuable lesson I learned from this experience is that Expedia’s review system is untrustworthy. I have no intention of ever using their service again.

The Rocket Mortgage web site is privacy hostile

If I have any sort of privacy controls enabled, the Rocket Mortgage web site does not work. They have some sort of cross-site scripting going on where they throw something at https://streaming.split.io/ (which is actually a ably.com )

Even when I tell Firefox to keep everything together in the same container, Rocket Mortgage fails it. My only choice to get it to work is to disable all privacy controls.

Thanks, Rocket Mortgage. I simply love you for pimping out my data to advertising johns. Not.

The year 2022: Late stage 2021 but with new, higher prices

h/t to one of Scott Adams Twitter followers, responding to a challenge to summarize 2022 in the snarkiest way possible.

The whole thing is a psy op run by incompetents at behest of elites inflicted upon the aimless. It came about through sixty years of indoctrination: “Buy this shit from our advertiser; that will make you happy.”

Amazon disappointment – I’ve removed my Echo (Alexa) devices

There was a recent policy change at Amazon which I hate, and as a result, I have removed the Amazon Echo (Alexa) devices and app from my life. It does mean I’ll be carrying my phone with me more.

A part of the Vision Statement for Amazon is “Our vision is to be earth’s most customer-centric company”. Well, this change in policy belies that; trying to annoy their customers for more money is the new practice. That’s the nice way to put it; predation is the stark reality.

So, what happened?

  1. Amazon Music started inserting audio advertising into my morning music play. This happened four days ago.
  2. Amazon raised their prices on Prime membership, and I opted-out at the beginning of October (about one month ago).

I’ve mentioned before that I hate bullies, and dislike advertising. I also really liked setting up my morning wakeup routine to start the day with inspirational music. This change by Amazon crossed all three lines.

So if my morning wakeup routine is spoiled anyway, what really do I need these devices for?

Other than as voice controlled light switches, they are sometimes a convenient voice controlled timer. I don’t need this – it’s a nicety at best.

The bargain was they would listen in, the app on my phone would do tracking, and Amazon would do (whatever) with that data. I assumed they were monetizing it somehow; that was fine – that was the bargain. But now that they’ve crossed the line and spoiled my morning wakeup routine, I’m out.

Really, the only power consumers have is the power of money; either the boycott or favored trade.

Part of the annoyance is that I purchased the .mp3 files outright. I made my playlists out of only these files. Yes, I wanted the artists to get paid for their work, and thought is was only fair that Amazon also got paid for doing the work to set up the deal, import the files and handle the transactions to the artists. My point is that I paid for these files. Anyone that would wrap my files inside their advertising is a bully / predator.

This morning, the advertisement specifically said “Buy Amazon Music Unlimited and you won’t get advertisements”. Or, I can just completely opt out. Spotify costs the same as Amazon Music Unlimited, they do have Joe Rogan, and they have an API I can use to create my morning playlist programatically.

In that way, Spotify is better: I can write a Python script to classify songs into lists, and pick two from the spirtitual category, one from the energetic category, build today’s list and program Spotify to play that. I could even then put the songs in a FIFO queue (perhaps with some randomization). Much better than anything I could get with Amazon Music.

It’s not lost on me that the Open Source community has a project, Mycroft, which would let me connect to my IoT devices without the data tracking which was the part of the Amazon Echo bargain. I’ve already got one Raspberry Pi. All it really needs is a microphone. Guess what I’ve got on order?

Maybe I don’t even need Spotify. Maybe I can just get Mycroft or Home Assistant to play .mp3 files on various Bluetooth connected devices.

Until I get that set up, I’ll have to use my phone apps for controlling the lights and keeping timers. This is a minor inconvenience at worst. And if eventually I hook Mycroft up to a Home Assistant and a Magic Mirror, the better.

“Free” apps for your smartphone

There has been a long standing piece of knowledge in the computer industry that if you are not the customer, you are the product being sold. That is to say that advertisers are the customer, and the data that the “free” services harvest from you is what is being sold to them.

There’s a reason why you get offers for a free hamburger if you order is from their app (and the like). If you use the app, you collect reward points and get discounts and such.

Oh By The Way

TANSTAAFL

Do be very selective in what apps you install. They are all pretty much data harvesting machines.

Man, Imprivata sucks

I need the administration manual for Imprivata (they do hardware based single-sign on). If I search for Imprivata onesign administrator guide I get a document on the Imprivata web site which is a marketing fluff piece.

Really, Imprivata? This is how you want to “help” me?

Turns out to get the actual administration manual, I have to go to manualzz.com

That doesn’t look sketchy at all.

Seriously Imprivata: how can you be that stupid?

And, by the way, the documentation my co-worker wrote says that their administration web sites don’t work with anything other than IE (Microsoft Internet Explorer, which is in hospice care, and has been since last summer).

I get it, software is hard, and upgrades can be tricky. It takes time to not break things.

But hiding your user and administrator manuals is downright customer hostile.

Sigh. Everything would be fine if only Imprivata would do as I say. (But seriously, I wouldn’t be the only person helped if they didn’t try to make it difficult for me to figure out how it broke this time).

I did not join Planet Fitness, because of their payment policy

Update: user K replied with what I think is the best insight so far:

Just happened to me today when I went to sign up after a year since I was a member. Noped right out of there. You’re right about the merchant fees but I suspect the real reason they are not billing with cards anymore is because of the high volume disputes they have. I used to work for a bank in the claims department and gym memberships and credit scores were our bread and butter. Visa and Mastercard have set rules in regards to merchant rights and would almost always return the funds back to the customer. An ACH transaction does not have the same protection and NACHA regulations does not cover product and services therefore if a customer disputed the transactions the likelihood of receiving the funds back is slim to none.

(emphasis added by me)

I did join a different gym. I was ready to join Planet Fitness; I took the tour, a pleasant young man explained the membership plans, and they sent me a link to sign up at. The facility seemed good, and it was closer to my home than the one I did end up at. But their sign up process demanded that I hand them my checking account number and routing number. That’s a nope, and we’re done.

I even found the Contact Us part of their web site and sent them an email asking what other options were available. They never bothered to respond.

The gist of the problem is computer security; Planet Fitness internal IT security isn’t that good. Well, no-one’s internal security is all that good – just ask T-Mobile: their 2021 data breach was T-Mobile’s fifth incident in four years. Worse, when T-Mobile was asked about the potential for security problems, their answer was “What if this doesn’t happen because our security is amazingly good?

I can’t help but think that Planet Fitness feels the same way.

Why can’t I have the membership fee charged to my credit card? When their IT infrastructure gets breached (not if), I can easily get a new credit card number from my credit card company – if Planet Fitness would allow me to use a credit card. I’ve actually had to do that before; I got a physical letter in 2016 letting me know of a breach with a particular company that I did business with every couple of months. Changing the credit card number was pretty easy. Slightly annoying, but if that was the worst thing to happen to me in 2016, I’m leading a pretty charmed life.

But what happens when Planet Fitness loses my checking account number (and routing number)?

That would be a disaster.

Sure, I could close the compromised account, and open a new one; but my paycheck gets deposited there. Everything funnels through there. I even had a need to get paper checks printed up a year ago, and that expense of the rest of the paper checks would go in the shredder. Is Planet Fitness going pay me to get new checks printed? If I sued for it, I’m pretty sure I’d win – unless their defense was “well, if you are stupid enough to give us your checking account number, then that’s on you.” Maybe that is the way they think about their customers. 🤷

It also bothers me that Planet Fitness is only being somewhat truthful about why they want to pull the money directly out of my checking account. From their web site:

The method in which members are able to pay for their monthly membership varies by location, but many Planet Fitness clubs accept payment through checking accounts only. We require an Electronic Funds Transfer (EFT) through checking accounts for your convenience: This allows us to be able to continue your membership without interruption or the hassle of updating your payment information if your credit cards are lost/stolen, invalid or expired.

https://www.planetfitness.com/about-planet-fitness/customer-service/billing-faqs

I have a problem with “… for your convenience ….”

This is flat out falsehood. It’s not for my convenience, it’s for Planet Fitness’ convenience.

Also, Planet Fitness doesn’t have to pay the credit card company their commission. That’s the real reason they are willing to risk my security; they are being cheap. My security versus a tiny bit of extra profit? SELL ‘EM OUT BOYS!

It’s also important to note that there’s a major discrepancy in ACH vs. credit card fees. Broadly speaking, ACH transactions have the lowest costs associated with any payment system. On the other hand, credit cards typically charge 2.5% of the transaction value in fees, plus an additional processing fee. So, when it comes to ACH vs. credit card fees, ACH is the clear winner.

https://gocardless.com/en-us/guides/posts/ach-vs-credit-cards/

So, I found a gym that lets me pay by credit card. It is farther away from my home. It doesn’t have as many locations. But it does let me subscribe with a credit card, and it doesn’t lie to me about why they prefer to have my checking account number. They did ask; but they were honest and said it was because they wanted to avoid having to pay the credit card merchant fees. If I was willing to pay more to cover that, they’d let me use a credit card for billing. Yes, I am, because I know that no company’s IT security is all that good. I’m paying now for for easier recovery later. That gives me peace of mind.

Microsoft as bully, yet again

Personally, I think that people have the capacity to be both humble and bullies. But it is a conflict, and, some people think they are being helpful when actually they are bullying. “If only you did things my way, and then everything will be better” says the bully under the delusion of being helpful.

Recently, Microsoft pushed out an update to Windows 10 which adds a “News and Interests” widget to the Windows task bar. You don’t get a choice; it will be installed whether you want it or not. You can turn it off after the fact, of course. But what the person at Microsoft behind this change does not care to hear is that I didn’t want to be violated in the first place.

All it really does is remind me that I don’t have control of this machine; Microsoft does.

Thanks, Microsoft. I already dislike you, but, I hadn’t gotten a recent reminder of why.

“What’s the big deal‽‽‽ It’s just a little thing. I was being helpful and making your life better” says the bully. Yeah, no. I hear what you are saying, and I see through the deceit (conceit) that this is somehow for my good. It is not. It is an ego stroke for yourself and nothing more.

If it were really for my good, it would be turned off by default, and not installed by default. Microsoft could say “we added a new feature, if you want”, and I’d be fine with that. But pushing it without permission tells the truth of the act.