Expedia Untrustworthy: my frustrating encounter at a Holiday Inn Express in Gridley, California

My stay at the Holiday Inn Express in Gridley (Oroville Lake) wasn’t particularly terrible. However, during the checkout process, something incredibly bothersome occurred: they adamantly refused to provide a printed receipt (folio). The counter agent simply refused, conveniently attributing it to management’s decision.

It’s possible that this nonsensical decision stemmed from misguided management. I don’t hold the agent responsible for following instructions. Nonetheless, two aspects make this situation particularly irksome:

Firstly, I understand why financial departments require receipts: scammers exist. Secondly, they lied about sending me an email receipt.

Anyone can make a reservation, receive the email confirmation, print it out, present it to the finance department for reimbursement, and then cancel the reservation. Financial departments are aware of this, which is why they rightfully demand proof of actual hotel stays. The receipt (folio) contains the final charges and the checkout date.

The Holiday Inn Express in Gridley, California, flat out refused to provide me with the receipt/folio: all because someone wanted to save a penny on a piece of paper.

This would have been less troublesome if they had actually sent me the email receipt as promised. However, they failed to do so. I highly doubt that the agent knew for sure—she was probably instructed to inform customers that they would receive an email.

To clarify, the email receipt did not end up in my junk mail folder. I’ve been an email administrator for twenty years. I ought to be able to figure that out, no?

This ordeal frustrated me to the point that I decided to leave a negative review on Expedia. That’s when I discovered that Expedia allows property owners to censor the reviews they display. Each time I submitted a review, I received a rejection message claiming it was unacceptable. I tried toning it down and making it friendlier, but it still didn’t meet their standards. Only after significantly revising it did they finally accept it.

The most valuable lesson I learned from this experience is that Expedia’s review system is untrustworthy. I have no intention of ever using their service again.

The Rocket Mortgage web site is privacy hostile

If I have any sort of privacy controls enabled, the Rocket Mortgage web site does not work. They have some sort of cross-site scripting going on where they throw something at https://streaming.split.io/ (which is actually a ably.com )

Even when I tell Firefox to keep everything together in the same container, Rocket Mortgage fails it. My only choice to get it to work is to disable all privacy controls.

Thanks, Rocket Mortgage. I simply love you for pimping out my data to advertising johns. Not.

The year 2022: Late stage 2021 but with new, higher prices

h/t to one of Scott Adams Twitter followers, responding to a challenge to summarize 2022 in the snarkiest way possible.

The whole thing is a psy op run by incompetents at behest of elites inflicted upon the aimless. It came about through sixty years of indoctrination: “Buy this shit from our advertiser; that will make you happy.”

Amazon disappointment – I’ve removed my Echo (Alexa) devices

There was a recent policy change at Amazon which I hate, and as a result, I have removed the Amazon Echo (Alexa) devices and app from my life. It does mean I’ll be carrying my phone with me more.

A part of the Vision Statement for Amazon is “Our vision is to be earth’s most customer-centric company”. Well, this change in policy belies that; trying to annoy their customers for more money is the new practice. That’s the nice way to put it; predation is the stark reality.

So, what happened?

  1. Amazon Music started inserting audio advertising into my morning music play. This happened four days ago.
  2. Amazon raised their prices on Prime membership, and I opted-out at the beginning of October (about one month ago).

I’ve mentioned before that I hate bullies, and dislike advertising. I also really liked setting up my morning wakeup routine to start the day with inspirational music. This change by Amazon crossed all three lines.

So if my morning wakeup routine is spoiled anyway, what really do I need these devices for?

Other than as voice controlled light switches, they are sometimes a convenient voice controlled timer. I don’t need this – it’s a nicety at best.

The bargain was they would listen in, the app on my phone would do tracking, and Amazon would do (whatever) with that data. I assumed they were monetizing it somehow; that was fine – that was the bargain. But now that they’ve crossed the line and spoiled my morning wakeup routine, I’m out.

Really, the only power consumers have is the power of money; either the boycott or favored trade.

Part of the annoyance is that I purchased the .mp3 files outright. I made my playlists out of only these files. Yes, I wanted the artists to get paid for their work, and thought is was only fair that Amazon also got paid for doing the work to set up the deal, import the files and handle the transactions to the artists. My point is that I paid for these files. Anyone that would wrap my files inside their advertising is a bully / predator.

This morning, the advertisement specifically said “Buy Amazon Music Unlimited and you won’t get advertisements”. Or, I can just completely opt out. Spotify costs the same as Amazon Music Unlimited, they do have Joe Rogan, and they have an API I can use to create my morning playlist programatically.

In that way, Spotify is better: I can write a Python script to classify songs into lists, and pick two from the spirtitual category, one from the energetic category, build today’s list and program Spotify to play that. I could even then put the songs in a FIFO queue (perhaps with some randomization). Much better than anything I could get with Amazon Music.

It’s not lost on me that the Open Source community has a project, Mycroft, which would let me connect to my IoT devices without the data tracking which was the part of the Amazon Echo bargain. I’ve already got one Raspberry Pi. All it really needs is a microphone. Guess what I’ve got on order?

Maybe I don’t even need Spotify. Maybe I can just get Mycroft or Home Assistant to play .mp3 files on various Bluetooth connected devices.

Until I get that set up, I’ll have to use my phone apps for controlling the lights and keeping timers. This is a minor inconvenience at worst. And if eventually I hook Mycroft up to a Home Assistant and a Magic Mirror, the better.

“Free” apps for your smartphone

There has been a long standing piece of knowledge in the computer industry that if you are not the customer, you are the product being sold. That is to say that advertisers are the customer, and the data that the “free” services harvest from you is what is being sold to them.

There’s a reason why you get offers for a free hamburger if you order is from their app (and the like). If you use the app, you collect reward points and get discounts and such.

Oh By The Way


Do be very selective in what apps you install. They are all pretty much data harvesting machines.

Man, Imprivata sucks

I need the administration manual for Imprivata (they do hardware based single-sign on). If I search for Imprivata onesign administrator guide I get a document on the Imprivata web site which is a marketing fluff piece.

Really, Imprivata? This is how you want to “help” me?

Turns out to get the actual administration manual, I have to go to manualzz.com

That doesn’t look sketchy at all.

Seriously Imprivata: how can you be that stupid?

And, by the way, the documentation my co-worker wrote says that their administration web sites don’t work with anything other than IE (Microsoft Internet Explorer, which is in hospice care, and has been since last summer).

I get it, software is hard, and upgrades can be tricky. It takes time to not break things.

But hiding your user and administrator manuals is downright customer hostile.

Sigh. Everything would be fine if only Imprivata would do as I say. (But seriously, I wouldn’t be the only person helped if they didn’t try to make it difficult for me to figure out how it broke this time).

I did not join Planet Fitness, because of their payment policy

Update: user K replied with what I think is the best insight so far:

Just happened to me today when I went to sign up after a year since I was a member. Noped right out of there. You’re right about the merchant fees but I suspect the real reason they are not billing with cards anymore is because of the high volume disputes they have. I used to work for a bank in the claims department and gym memberships and credit scores were our bread and butter. Visa and Mastercard have set rules in regards to merchant rights and would almost always return the funds back to the customer. An ACH transaction does not have the same protection and NACHA regulations does not cover product and services therefore if a customer disputed the transactions the likelihood of receiving the funds back is slim to none.

(emphasis added by me)

I did join a different gym. I was ready to join Planet Fitness; I took the tour, a pleasant young man explained the membership plans, and they sent me a link to sign up at. The facility seemed good, and it was closer to my home than the one I did end up at. But their sign up process demanded that I hand them my checking account number and routing number. That’s a nope, and we’re done.

I even found the Contact Us part of their web site and sent them an email asking what other options were available. They never bothered to respond.

The gist of the problem is computer security; Planet Fitness internal IT security isn’t that good. Well, no-one’s internal security is all that good – just ask T-Mobile: their 2021 data breach was T-Mobile’s fifth incident in four years. Worse, when T-Mobile was asked about the potential for security problems, their answer was “What if this doesn’t happen because our security is amazingly good?

I can’t help but think that Planet Fitness feels the same way.

Why can’t I have the membership fee charged to my credit card? When their IT infrastructure gets breached (not if), I can easily get a new credit card number from my credit card company – if Planet Fitness would allow me to use a credit card. I’ve actually had to do that before; I got a physical letter in 2016 letting me know of a breach with a particular company that I did business with every couple of months. Changing the credit card number was pretty easy. Slightly annoying, but if that was the worst thing to happen to me in 2016, I’m leading a pretty charmed life.

But what happens when Planet Fitness loses my checking account number (and routing number)?

That would be a disaster.

Sure, I could close the compromised account, and open a new one; but my paycheck gets deposited there. Everything funnels through there. I even had a need to get paper checks printed up a year ago, and that expense of the rest of the paper checks would go in the shredder. Is Planet Fitness going pay me to get new checks printed? If I sued for it, I’m pretty sure I’d win – unless their defense was “well, if you are stupid enough to give us your checking account number, then that’s on you.” Maybe that is the way they think about their customers. 🤷

It also bothers me that Planet Fitness is only being somewhat truthful about why they want to pull the money directly out of my checking account. From their web site:

The method in which members are able to pay for their monthly membership varies by location, but many Planet Fitness clubs accept payment through checking accounts only. We require an Electronic Funds Transfer (EFT) through checking accounts for your convenience: This allows us to be able to continue your membership without interruption or the hassle of updating your payment information if your credit cards are lost/stolen, invalid or expired.


I have a problem with “… for your convenience ….”

This is flat out falsehood. It’s not for my convenience, it’s for Planet Fitness’ convenience.

Also, Planet Fitness doesn’t have to pay the credit card company their commission. That’s the real reason they are willing to risk my security; they are being cheap. My security versus a tiny bit of extra profit? SELL ‘EM OUT BOYS!

It’s also important to note that there’s a major discrepancy in ACH vs. credit card fees. Broadly speaking, ACH transactions have the lowest costs associated with any payment system. On the other hand, credit cards typically charge 2.5% of the transaction value in fees, plus an additional processing fee. So, when it comes to ACH vs. credit card fees, ACH is the clear winner.


So, I found a gym that lets me pay by credit card. It is farther away from my home. It doesn’t have as many locations. But it does let me subscribe with a credit card, and it doesn’t lie to me about why they prefer to have my checking account number. They did ask; but they were honest and said it was because they wanted to avoid having to pay the credit card merchant fees. If I was willing to pay more to cover that, they’d let me use a credit card for billing. Yes, I am, because I know that no company’s IT security is all that good. I’m paying now for for easier recovery later. That gives me peace of mind.

Microsoft as bully, yet again

Personally, I think that people have the capacity to be both humble and bullies. But it is a conflict, and, some people think they are being helpful when actually they are bullying. “If only you did things my way, and then everything will be better” says the bully under the delusion of being helpful.

Recently, Microsoft pushed out an update to Windows 10 which adds a “News and Interests” widget to the Windows task bar. You don’t get a choice; it will be installed whether you want it or not. You can turn it off after the fact, of course. But what the person at Microsoft behind this change does not care to hear is that I didn’t want to be violated in the first place.

All it really does is remind me that I don’t have control of this machine; Microsoft does.

Thanks, Microsoft. I already dislike you, but, I hadn’t gotten a recent reminder of why.

“What’s the big deal‽‽‽ It’s just a little thing. I was being helpful and making your life better” says the bully. Yeah, no. I hear what you are saying, and I see through the deceit (conceit) that this is somehow for my good. It is not. It is an ego stroke for yourself and nothing more.

If it were really for my good, it would be turned off by default, and not installed by default. Microsoft could say “we added a new feature, if you want”, and I’d be fine with that. But pushing it without permission tells the truth of the act.

Abandoned LastPass

LastPass was, for seven years, my password manager of choice. I liked that Steve Gibson of Gibson Research Corporation liked it. I liked that it had Yubikey support. I liked that it had an app for my iPhone. I liked that because it was a cloud service, my passwords followed me around.

The idea is a good one, too: memorize a single complex password, use it plus 2FA (“second factor authentication” in this case my Yubikey) and then make the passwords on every other web site extremely complex. Like Hn6k344SdRt#CT_Epste1nd1dn’tk1llh1mself_PFnPr2XP#J$4P*@Lyxi!r complex.

I did not mind paying for that service, since I know that it costs money to run servers and pay employees and such. The price really wasn’t too bad, either.

But somewhere along the line, the creators of LastPass decided to cash out. They sold the company to LogMeIn. But now, the LogMeIn folks are out cash money, and they need to make that money back; the quicker, the better. Suddenly I and all their other customers began to look like marks to be played.


For several months, I wanted to take a screen shot of my LastPass initial login screen, and then post the screenshot to the Reddit Asshole Design community. What it was, was that all of a sudden, LastPass would post a fake “Warning – We Care About Your Security” alert every time I logged in. But what it really was, was a request to put my credit card number on file with them, so they could auto-renew. It wasn’t about my security. It was about theirs. I’m going to need to buy a pair of cowboy boots, the bullshit is getting so deep around here.

This was a constant reminder that the company had changed, and wasn’t the same company I signed up with. What finally pushed me over the edge was their announcement that as of March 16, 2021 you have to pay, or else “no passwords for you!” if you want to use LastPass on mobile. So now we see their true character: “I Am Altering the Deal, Pray I Don’t Alter It Any Further.”

And I’m out.