ExtremeLabs, Inc

This is the summary: Comcast, a/k/a xFinity, is the most miserable utility that I have ever used. In my humble opinion, they epitomize the evils of monopolies, and the ghastly, truly awful implementation of customer service and support that can happen when twits are in charge of support implementation.

I write this as suddenly, my email is dead. I cannot reach smtp.comcast.net with a password that works; some process killed it. I’m on the phone with an ineffective customer support person that’s clueless about why this happened. How could I have been using this username/password combination for about two years, then another one for years before that.

But wait– it’s not fixed yet. The update is that someone from ComcastBiz will call me within 24hrs. Like that ever happens.

But my account disappeared. Vanished. Who knows what email was in there; I never checked it. Now it’s re-established again, afresh. It took an hour and fifteen minutes, two CSRs, and no one really knows why the account died in the first place.

Comcast: you are shameful. You disable your CSRs with inadequate software, improper procedures, and hamstring them with the most awful of arbitrary systems infrastructure. You should be ashamed. Very ashamed. Stop spending money bribing politicians and fix your infrastructure.

I’ve tried drawing parallels from the birth of the computer industry to what’s going on inside the mobile/cell industry. There aren’t many parallels.

The microcomputer industry was built on populism and platform competition. Ok, there’s one parallel. People like my friends and I build our own computers. We might even make or modify an operating system to go with them, because we were geeks and willing to learn things like assembly languages that made things tick.

There were early adopter civilians that did the job of learning obtuse user interfaces on early micros, hassling printers into submission, and generally becoming self-appointed wizards in a quest to make use of technology in a productive, profitable, and occasionally fun way.

Cell phones, on the other hand, started out as an analog of the landline telephone. At best, you could see the number you were dialing. A few small applications were added on. You couldn’t use them for data unless you were willing to pay mind-boggling prices, and wait for extremely slow data transfer rates.

Things changed. Computers picked up graphical user interfaces and microcomputers grew exponentially in raw computing power. Security stank, stunk, and stinks, but that’s another post. The graphical user interface (GUI) allowed programmers and hardware makers to allow their stuff to work together through common communications points. Several GUIs emerged, often modeled from research done long ago at Xerox’s Palo Alto Research Center (PARC).

Personal computers with power the size of huge mainframes emerged, and adaptations of personal computers started to permeate data centers across the planet. Today, the vast amount of corporate and government computing power rests on the advancements made from microprocessor technology and incumbent operating system advancements– with power programs that are fueled by these advancements.

In the palms of our hands, by contrast, phone technology evolved slowly until data communications entered the picture. A cat and mouse game of features versus data communications versus useful applications within the small form factor that mobile/cell phones represent, began.

Phone makers took it upon themselves to fund operating system and application development. Phones with a few smarts came onto the scene, starting with offering from RIM, Palm, and others. Ubiquitous mobile data helped improve demand for email apps. SMS, unavailable on some systems, became a competitive application. Basics were standardized, like alarm clock apps, rudimentary contact managers, and even web browsers. Several years later, the mosh of what’s possible across the world of cell/mobile phones has no standards, just customers that have become used to being brutalized.

Because carriers subsidize phone costs, they have controlled the development of phones, and often limit the features of the phone to increase their revenues. Those phone makers that attempt to control their platform have also thwarted applications development on their phones as well. This sort of chicanery flies in the face of the compatibility and open standards that the computer industry has come to accept as a hallmark of open technology and evolution.

That phone vendors try to convince consumers that their phones are HDTVs, fully functional replacements for personal computers, becomes a fantasy gap between reality and convincing consumers of the lies. There has been a successful bridge where consumers now use phones as entertainment devices, as well as short-message communicators. But you can’t change the size of tiny keyboards and displays into those of personal computers, and voice-to-text command of phones is at best, unreasonable– and for many reasons.

Does this mean that phone development will shelve? No. Consider the myriad applications that are evolving. But the platforms have become for the large part closed, in terms of hardware. It becomes necessary for software developers to increase functionality and find markets. In the meantime, the brutishness of carriers and phone platform vendors cripples the industry’s growth. A reality check is due.

Yes, I’ve been half-assing it. Now it’s time to do this daily, weekends excepted. There’s so much strangeness to talk about.

Like Comcast using Ben Stein as a greeter on their on-hold prospecting line for their new business class service. Ben Stein, a purported whiz-guy, has been terminated by the NY Times for being a shill of a barely legitimate credit reporting series. This is also a guy that makes conservatives look downright liberal. Comcast, what were you thinking?

And more, each and every day.

Up on the contemplation list: VMWorld and DEMO. Maybe there are more. Email me: thenderson@extremelabs.com

Like email? Hate email? Tired of spam, phishing, and scams?

It takes an email box or a mobile phone to perform a lot of the scams, spams, and phishing on the Internet. For years, I’ve taken the steps to report identifiable fraud to Google, Yahoo!, MSN/Live/Hotmail, and dozens of other ISPs. One forwards these types of mail to ‘abuse@(name of ISP)’. Some respond. Most don’t. I don’t think they care that they’re the transport for 419, lotto, and user information phish fraud.

They don’t react because it costs money to have people deal with the problem, but they’ve become an attractive nuisance in my estimation. What needs to appear is a monitored mailbox called ’419@’ to permit ISP mail abuse personnel to concentrate efforts where public protection merits it. Spam and nuisance complaints take low priority– and fraud must take a higher one. A mandated message to the complainer and action within 24hrs would drop fraud problems rapidly. RFC, anyone?

My next step in email madness control would be voluntary. Allow a trusted, pooled, and funded authority to instantly kill any mail box provided by an email service provider– pending resolution that the mail box was actually used for fraud, deception, or unsolicited business. Any other use would be allowed, so that governments don’t get a chance to stanch free political speech.

They could pool together one or two humans, hopefully multilingual (not many languages are necessary to understand, and most 419/lotto/phish fraud seems to be in English anyway) could stop the flows on a 24/7 basis. This could dramatically eliminate those that can now fool ‘captchas’ and make rapid and huge numbers of phantom, illicit email accounts. This would require trust. It would also require each email service provider to actually look at the accounts to determine that the account was used for one of these three purposes, and decide to permanently disable the account, or to re-enable its use. Would the big email providers agree? I doubt they’d listen to any of us. I have a feeling they don’t care. I’d support the initiative, but I’m one more peon in an ocean of them to email providers.

Tomorrow: how ISPs/MSPs enable this, and why we should route around them.

You’d think that huge email services would have a vested interest reducing spam. Not only does spam occupy disk space (which gets cheaper all the time, admittedly), but it also protects their clientele from all types of fraud and deception. Indeed many of them don’t.

Traditionally, email servers had accounts that were specifically made to be a repository of complaints. These accounts have titles, as mentioned before, of admin@ or postmaster@ or majordomo@ the service provider’s domain. Some large services don’t have them at all. Some have them but these accounts are unwatched. Others misconfigure the account. Here’s one from just an hour ago:

The original message was received at Wed, 8 Oct 2008 16:07:41 +0200
from qmta08.emeryville.ca.mail.comcast.net [76.96.30.80]

—– The following addresses had permanent fatal errors —–

—– Transcript of session follows —–
MAILBOX FULL!!!
550 5.0.0 … Can’t create output
Reporting-MTA: dns; mail.j-mail.info
Received-From-MTA: DNS; qmta08.emeryville.ca.mail.comcast.net
Arrival-Date: Wed, 8 Oct 2008 16:07:41 +0200

Final-Recipient: RFC822; abuse%strompost.com
X-Actual-Recipient: rfc822; abuse%strompost.com
Action: failed
Status: 5.3.0
Last-Attempt-Date: Wed, 8 Oct 2008 16:07:42 +0200

From: Tom Henderson Date: October 8, 2008 10:07:32 AM GMT-04:00
To: abuse%strompost.com
Subject: phish fraud Fwd: Proposal Request!

This, of course, lacks diligence of any kind. Oddly, if one looks up the owner of the domain, it appears to be the Austrian Internic, or if I’m not mistaken, Internet.AT.

How do deal with unresponsive email service providers? There are a number of useful suggestions that I’ve heard, but the sanest seem to surround simply routing around their IPV4/6 addresses. This effectively cuts them off and forces them to deal with their onerous situation. More on that, tomorrow.

Step Three speaks to scams, and the fact that mail service providers, ranging from the venerable (Microsoft Hotmail/Live/MSN, AOL, Yahoo, Google/Gmail, Earthlink, and others) don’t respond with any haste– if at all– to requests to attend to close obvious fraud accounts.

For years, I’ve been receiving tons of spam that contain 419/lotto/phish fraud messages. Dutifully, I’ve sent email messages to the host email domain regarding each and every one of these messages. It’s clear that fraudsters understand that the email service providers are slow to close down accounts that are opened to receive replies to 419/lotto/phish messages.

Worse, so many email service providers simply do nothing with requests. I suspect that there might be but one or two employees total that are ‘burdened’ with examining accounts for evidence of fraud upon request. If each email service provider were required to examine fraud account closure requests quickly, then these emails would go away, and the fraud behind the emails would be stanched quickly, and one hopes effectively.

What would this require? The answer is to have major email account providers that will be willing to pay support personnel on a 24/7/365 basis to answer fraudulent account closure requests quickly.

Traditionally, one complains about spam (fraudulent or otherwise) to abuse@. That’s where I’ve sent my complaints– except that these days, many providers want complaints sent to a special mailbox, such as Microsoft’s report-spam@hotmail.com. Other accounts at the hosting mail service provider may also respond, such as the old traditional postmaster@, or even majordomo@.

But some email service providers (and large ones at that) don’t even respond at all. There is no place to complain to, and these providers are therefore poor citizens of the Internet (163.com– are you listening?). More on them tomorrow.

In Step One, the easy fix to mail reader apps is to eliminate languages that make no sense to the reader. If, however, one is multilingual, one needs to make exceptions to what should be a default mail filtering rule.

Step Two is similar in a way to Step One, in that it uses easy filtration rules to automatically delete mails from domains that are outside of the reader’s interest. In my case, I’d probably be happy to eliminate .ru, .cn, .jp, .br, and many other countries where I have no knowlegde of a single individual relationship that would be made by email. Today, just eliminating the .ru domain would allow me to have saved deleting over 300 spam email messages.

Some will say that this is onerous, even myopic. Nonetheless, if I want mail from a new and real Russian friend, I can always start in .com, .edu, .tel, and then move on. It’s a quirk of the top level domain (TLD) naming convention and the US origin of the Internet that causes this problem. And it’s a potentially easy fix to any email reader to filter undesired domains into the digital trash can. No fuss, no muss. Some people will mistakenly put potentially valid TLD-based email into the trash. Some people will mistakenly drive off cliffs. The reason that a default admittance hasn’t been made to this point most likely is that it’s a potential customer service problem and mail application makers don’t want to deal with it. It’s easy to add this filter, let people choose which domains they’ll like and which they want to completely deny mail from. If ICANN had been more responsible, we’d have other methods to stanch the flow of fraud, deception, malware, and other email-born problems. And that will the be the crux of tomorrow’s post.