Jan 082016

This article keeps popping up (along with related articles).  The Author Mat Honan jumps to conclusions not supported by the facts.  He makes claims such as “the way WE daisy chain account” being a problem, well maybe HE does that (and I suspect a lot of users do as well).

His problem can be summed up easily.  He relied on his Apple account as a point of security.  Once that was compromised (easily via simple social engineering phone call) they then could take over his GMail account (because the author used his Apple email as an alternate address) and once in that account the bad guy had the ability to  take over everything.

In an attempt to deflect blame from himself (and Apple) the author keeps repeating his same baseless assertion that passwords are bad and is now in a crusade to ‘kill’ passwords.  Mat Honan needs to grow up and accept responsibility for his own screw up and help people understand how to properly use passwords and properly secure online systems (as much as possible) rather than sowing FUD to protect his ego.

Main take away is never trust third parties who have no interest in securing your data with your ‘keys to the kingdom’.  There is no one set of rules that works or applies to everyone.  In my case (as an example) I have a yahoo account I use for non-sensitive sites (forums, online shopping sites where it NEVER store CC’s, etc).  All of my banking and financial access credentials are linked with addresses that are highly secure (server controlled by myself or trusted third party).  All of my secure passwords are the maximum complexity allowed and all are different.  This works for me.

People in general need to stop blaming technology when a failure is due to misuse (by themselves or others).

Jan 072016

Someone posted a comment on an old article with a bunch of SEO related rubbish and of course a link to a paid add-on for WP…    Search Engine Optimization doesn’t interest me in the least. It used to be possible to game search engines and it still is to some extent, however these tactics will backfire eventually.

A well written article in a good content management system stands on its own without any effort spent trying to trick or game search engines.  SEO is the refuge of bad writers and spammers only, don’t waste time on it.

Dec 072015

Reno Gazette Journal is gushing about AT&T GigaPower and of course not reporting on anything that would reflect badly on AT&T.  For starters the only pricing they talk about is bundled with other services, according to ArsTechnica

AT&T generally charges $110 a month for Internet-only gigabit service, with a lower price of $70 in cities where it has to compete against Google Fiber. Both of those prices require customers to opt into “Internet Preferences,” which gives AT&T permission to examine each customer’s Web traffic in order to serve personalized ads

So you have to agree to let them spy on you?  What happens if you want to use TOR?  Do they ban you? AT&T is also notorious for data caps and the upload speed is terribly by many accounts.

If you’re going to report you should report ALL of the facts, not just read a press release…  Pretty much what I expect these days anyway.

Oct 222015

We have an old mattress, figured I’d see if we can dump it at the transfer station as part of our mandated 4 ‘standard puckup truck’ loads per year.  Easy question, first off does the transfer station accept them, so I asked:

Does the transfer station on Commercial row (Refuse, Inc. – Sage Street Transfer Station) accept mattresses and boxsprings? Thanks.

WM Response

Yes they do accept those items. They are chargeable please contact then as to how much they will cost.

I replied:

As a City of Reno customer I can dispose of one standard pickup truck load 4 times per year.  By “Chargeable” do you mean this isn’t included in the “standard pickup truck load”?

WM Response

Thank you for contacting Waste Management. I would really like to help you but those questions can only be answered by the transfer station. I would give them a call to have your questions answered the best way possible.

Oh really?  I responded:

That doesn’t make any sense.  According to the City of Reno their agreement with WM allows:

“City of Reno customers can dispose of one standard pickup truck load of waste four times a year. Customers must show recent trash bill or have identification that matches the service address on their bill and be current in their payments to use this service.”

Either a mattress is ‘waste’ for the purposes of the above or not.

Perhaps you should refer me to your legal department, I’m certainly not going to rely on calling someone at the transfer station as an authoritative answer.

WM Response, finally I get a straight answer:

I do apologize for the inconvenience and frustration. After further research I discovered that you can in fact dump a mattress there for no cost of your own.

There is no sane reality where the above exchange happens.  Only a “business” that operates by using government force to keep customers does shitty ‘service’ like the above not result in bankruptcy.


EDIT: I got a survey request the next day, oh yeah I’ll take your survey.  The most ridiculous questions came as the end, ‘would you recommend WM to friends’…. and the final question ‘how likely are you to continue doing business with WM’..  er.. MONOPOLY… DOH..  I added a lot of comments though…  they’ll fall on deaf ears but at least I tried.

Sep 182015

Decided to give Allods another go, installed and it came loaded with some crapware ‘gaming dashboard’ from my.com.  when I tried to uninstall it claims I’ll not be able to play Allods if I uninstall, when I confirmed that it tried to access the internet (which I denied) and blew up.  So I killed the task, deleted the files and then let windows blow out the uninstall entry….

Shortcut to aogame.exe.. no problem running without this crap..

All I can conclude is that it’s malware and serves no purpose at all…. kinda like nearly everything that wants to play ‘middle man’..

Aug 142015

Thursday Malware bytes reported on an ad server pushing malware via various exploits.

Checked my network and I’m already blocking adspirit.de at the router.  I have no idea why more people don’t do this, likely not all that many are running linux based routers or don’t have access. For those that do, here’s my simple script which runs weekly:

mkdir /tmp/hostupdate
cd /tmp/hostupdate
wget http://winhelp2002.mvps.org/hosts.txt

# copy local host definitions into hosts file first
cp /etc/hosts.local /etc/hosts

# we only want the host lines, no local host or comments.
grep -vE ‘localhost|#’ hosts.txt >> hosts.clean

# change to blackhole server
sed ‘s/’ hosts.clean >> /etc/hosts

# cleanup
cd /etc
rm -Rf /tmp/hostupdate

/etc/init.d/dnsmasq restart

Because I have other blocks and static hosts, I have a hosts.local file in /etc/ that is added to the hosts and obviously this system is my DHCP and DNS server for my local network.  People could of course shoot themselves in the foot a variety of ways, mostly by using a hardcoded DNS.. however if someone wants to do that.. so be it..

Apr 232015

A while back I decided to get Coach-net so we’d have easy access to roadside assistance while towing our trailer..  When you join online you get this list of options:


I chose basic, the list of features was good enough for me.. didn’t want all the fluff in premier.  So a week or so ago I got an email saying I could save $10 by renewing early.  I figured sure, why not.. Imagine my surprise when this shows up on the renewal page:


Notice anything unusual?  Nowhere on their website or in the membership materials does it state exactly what ‘gold’ membership is.. as far as anything else is concerned that doesn’t exist.  When I tried contacting them to find out how to renew my Basic membership I got a phone call a week later asking me to call back to discuss my membership options.

I don’t need to discuss options.. I know what I want.  I could save money by simply letting membership elapse and then starting again.. even after the $10 ‘one time’ processing feel.  Much easier still, I’ll just let it expire and not renew.  I’ll got to Good Sams Club if I want roadside assistance.

EDIT: when I asked one more time to explain why I couldn’t renew my Basic membership, I instead received a comparison of Gold and Premier plans..  Gold is pretty much basic but $20 more per year, so they’re doing  the classic ‘introductory offer’ or a bait and switch if you prefer.  Coach-Net can stuff this.

Feb 252015

I’ve always wanted to do a list.. so here it is! From here on out I’ll refer to Anthem BlueCross/BlueShield  as BS for reasons that will become clear.

First I’ll catch the reader up and set the stage.

Earlier in 2014 I bulged 2 discs in my lumbar area.  I spent half that year trying to resolve the problem without surgery. All through this I was taking narcotic pain meds (not the fun type apparently) and nearly unable to walk at times. I dutifully did my home exercises, went to physical therapy session (until BS cut me off, only 20 per year allowed)…etc.. Nothing worked, so surgery was our only remaining option if I didn’t want to be on increasingly strong pain medications for the rest of my life.  July 1st 2014 we started the ball rolling, the following list recalls the high points of the process.

1) Calling BS Member Services is useless

As I’ve been dealing with this for months and all other per-certifications (a lot of treatments require the insurer approve them, that’s the process) seemed to take a few days to be approved. I had no reason to think this would be any different.  All the while my situation is declining, the last nerve block shot is wearing off and I’m taking more pain killers.  Two weeks passes and nothing, so I called BS Member Services to see what’s up.

These calls made me realize that if there is any problem nobody there will try to fix it, nor can they even recognize a problem that’s staring them in the face. First person I spoke with didn’t even even use real words (kept telling me my case was PENDED… ??). Over the course of the next few weeks I would get a different story from each call, one day they have everything, the next they needed more clinicals and got them yesterday (after person yesterday said they have everything).. you get the idea.  I even switched to calling the pre-certification department directly which turned out to be even more useless and uninformative.

After a couple of weeks someone at work mailed me a PDF of a flier they have pasted up around the office.  Turns out my employers brokerage has a help line for just this kind of thing, so I called.  I spoke to a very nice lady who was able to get to the facts pretty easily.   Somehow through all of this, all of the calls.. the month+ of screwing around nobody there could be bothered to actually find out what the problem was.. turns out they lost PT notes, xrays and MRIs among many other things.

The most basic information… and nobody there noticed or cared it seems.  I should have contacted the brokerage help line (that I didn’t even know existed!) at the first sign of trouble.

A few days later I get a letter from BS saying my surgery is denied as not medically necessary.  And reiterating the laundry list of things that they claim they didn’t have.  At this point I contacted my provider and let them know what’s going on and found out that I could pay for this myself.. roughly $7,000..  As we had that in savings I decided I’ll pay for now and deal with BS later.

2) Trying to get reimbursed is impossible

A week or so later, it’s now approved as medically necessary. This tells me something important.. it really should have only taken a week in the first place.  These asshats at BS caused me to suffer for weeks due to their incompetence/negligence or whatever it was.   I suspect they are specifically trained to put things off and kick the can down the road as much as possible, hoping that the ‘customer’ they are supposed to be helping will go away.

By the time they pulled their respective heads out of their respective asses.. I had surgery scheduled in a week, there was no way I was going to upset that process by trying to reschedule the surgery to take place at the local hospital.  Thus began my quest to be reimbursed for out of pocket money I spent due to their careless handling of my pre-certification.

Amazingly getting BS to pay the doctors and anesthesiologist was amazingl simple as they were both in network.  Took a few weeks to get a refund check, but I did and was paid back for that portion.  This left the surgery center, who informed me that they will not bother trying to submit the claim themselves as past experiences have proved that to be a waste of time, however they prepared a claim form for me which saved a lot of time.

Then I had to submit the claim.  Seems simple, mail it to the address BS told me to use in their claim filing instructions.  Simple.. or not so.  A few weeks later I receive a letter saying that I mailed the form to the incorrect address so my claim was denied . Did they provide the correct address? Nope, just denied my claim due to mailing to the wrong address.

A week of digging and help from the nice lady at our brokers help desk turned up the correct address and back in the mail… at this point I’m just hoping the address is correct and they don’t make up some more reasons to deny (not signed in blood, didn’t sacrifice a goat.. nothing is out of bounds).

Various thrashing around for a month or so trying to get this paid.  In the end they agreed to process that claim in network.  They screwed that up as well however in the end I received 2 checks to reimburse me sorta.  The checks totaled less than ½ of what I paid.. Further digging and they claim that’s the ‘usual and customary charge’, which turned out to be bullshit…. the usual and customary charge for my 2 procedures was over $6.. I got them a deal at a bit over $4k they should be happy to pay that.

After about 2 months of screwing around, I gave up working with them. Figured the only way to get any satisfaction would be through the courts.

3) Figuring out WHO to sue is difficult

In order to sue you first have to know the legal name of the entity you wish to sue. Sounds easy at first, “Anthem BlueCross BlueShield” should do.. but alas that’s not so. Large interstate businesses like to hide who they are (to make this difficult no doubt). Searches for their name in the state database turned out to be futile.

Lucky for me I stumbled across the following on their website:

Anthem Blue Cross and Blue Shield is the trade name of: In Colorado and Nevada: Rocky Mountain Hospital and Medical Service, Inc.

Bingo.. finally a break!  I found their details on the SOS website and set off to file suit in small claims court.  Sadly small claims around here (and elsewhere I suspect) does not allow punitive damages.. would be nice to get something for the pain and suffering..  Oh well, I’ll be satisfied with getting paid back.

4) Filing suit is easy sort of

Government agencies are slow to get with the program.. some forms are fill able.. others are not. As my case ‘narrative’ was pretty long I ended up recreating one of their forms in LibreOffice.. Was a bit concerned that it would be missing something, not quite right… or the like. However the clerk accepted my documents without any trouble. $106 later, then a stop at a process server to get the papers served (another $50) and my case was filed.

Then begins the wait.

5) They’ll spend $10 to try to save $5

Amazingly BS decided to throw more money out the window by hiring an attorney. A few weeks before the court date I get a letter from an attorney asking the court to grant a continuance. I pushed back, got them to make the attorney prove she had a deposition on that day (the claimed reason) and it seems she did. So the can is kicked down the road.

The next day I received a voice mail:

Hi <me> my name is <attorney> and I am the attorney that has been retained to uhm represent Anthem in the small claims matter and I was hoping that you could give me a call so that we could discuss your claim and also to see if we can work out a resolution my uhm I’m giving you my cell because…

As I’m not in the habit of, nor had any interest in ‘discussing’ this over the phone, I responded via email:

I received your voice mail, and appreciate you spending the time to reach out to me in this matter.  Bottom line is $2752.83 (claim + court fee + service).  If your client requests (or it’s a matter of standard practice) I will *not* sign a non-disclosure agreement or anything similar.

I’m hoping this is clear enough to avoid any further wasted efforts.  If I were the vindictive type I would be stringing you along for as long as possible in the hopes of increased billable hours to your client, however I’m just in this to get what I believe I’m due.

Have a good weekend.

If you have an attorney on ‘the other side’ that wants to speak to you via phone.. DO NOT GO THERE. It’s a gambit, in particular in states where consent is required to record conversations. Lawyers are really good at twisting words and making things sound ‘reasonable’ that are anything but. IMO this is never in your best interests unless you’re sharp and ready to battle wits in real time.  I prefer to do that via email where I can think about responses and have documentation of the conversation.

About 2 weeks before the court date, things started getting interesting. I received this voice mail:

.. if you have a chance please call me I need to discuss uhm resolving this case if you are not gonna argue or anything like that and it would just be so much more efficient if I was able to speak with you. ..

Argue? Me? Hell yes I’m going to argue every stinking point! A day or so later and several emails she finally got it that I will not engage in phone conversation with her.

Eventually (days later) she emailed an agreement letter she wanted me to sign for full reimbursement. However the letter offered broad protections to BS from future suit, including agreeing to not sue for things directly or INDIRECTLY related to lumbar surgery. Not this specific instance of lumbar surgery.. just lumbar surgery. If I had signed that I could have given up a LOT.  There was also a silly clause about BS ‘not admitting liability’. You hear that a lot when reporters report on cases.. however how can I sign that? It’s irrelevant anyway, and pretty much meaningless.

They also wanted a W9 form. Being somewhat of an accounting geek.. I know for a fact that a W9 is only required if an information return is required. Recovery of monetary damages is never taxable, no information return is required hence no W9. I was actually ready to concede that (BS already has my SSN anyway, and likely let it get out in the wild in the recent data breach) however due to my witty/logical and correct rebuttal the attorney decided they’d rather pay for me out of their pocket and get reimbursement from BS vs. having to go to court (or endure any further emails from me I suppose)

6) Persistence pays off

In the end they came up with an agreement that was focuses on the issue at hand, removed any W9 requirement, removed the junk about not admitting guilt and offered no more protections than if the case had been decided by the court. I received full payment and now get to enjoy the day off vs. going to small claims court.

My point in writing this article is to inform others that you can hold health insurance companies (any business in fact) accountable for their actions. Every time they screw over another ‘customer’ they are getting rewarded for bad behavior, we need to withdraw the rewards and make this as costly as possible if we’re ever going to see real substantive change.  If you have a good claim, stick to your guns and do not compromise.

If anyone wishes to contact me about this, needs help or encouragement to file their own claim.. feel free to comment on this posting (make sure to include a good email) and I will get back to you.  Obviously I cannot offer legal advice, however I can offer other advice that may be useful.

Feb 062015

Everyone that has Anthem should immediately file an initial fraud alert with any of the credit bureaus.  This is the simplest thing you can do to protect yourself right now.

Here’s some info on fraud alerts from the FTC: http://www.consumer.ftc.gov/articles/0275-place-fraud-alert

And the equifax fraud alert page.. NOTE: you only have to file with one bureau: https://www.alerts.equifax.com/AutoFraud_Online/jsp/fraudAlert.jsp

And in the ‘kick them while their down’ realm, in a couple of weeks I’ll be in small claims suing the shit out of Anthem for their gross negligence in handling a pre-certification for surgery….  weeks of unnecessary pain (too bad I can’t sue for that in SC).. I’ll be damned if I don’t try to get 100% reimbursed for my out of pocket on this.