Category Archives: Smackdown!

Update 4/30/08: the gentleman whose name appeared here as the CEO of Kärcher USA is no longer with the company. At his request, I removed his name from the post.

I own a Kärcher electric pressure washer. I bought it because it was reputed to be from a solid company. Over the five or so years that I’ve had it, it’s worked well enough, but it failed, so I wanted to get it repaired. Here’s the deal:

• if you have a gas pressure washer, you can take it to one of Karcher’s service centers.
• If you have an electric pressure washer, and it’s under warranty, Karcher will exchange it for a refurbished unit under their “rapid exchange” program.
• If you have an electric pressure washer, and it’s out of warranty, too bad. Karcher won’t fix it. I spoke to Shane, at their customer service [sic] center. He said, “Oh, if you want to fix it, you can order the parts from us.”

So, I fired up Word and made ready to send them a letter asking how I could get the unit fixed. Surely what Shane told me can’t be right. However, here’s what I learned:

• The Karcher USA web site doesn’t list an address or telephone number for their US office.
• The customer support number on their website goes to what’s obviously an outsourced firm; they’ll only give out the company address, not the phone number. That’s because (drum roll) they don’t have it
• If you use an online directory to find their phone number, the listed telephone number for their Atlanta office rings incessantly; no one ever answers
• Their press releases don’t include any contact information
• The press release site for the parent company requires a user name and password to log on

After a whole bunch more web searching, I found their correct address (2825 Breckinridge Blvd, Suite 120; Duluth, GA 30096) and phone number (678-935-4545). No one answers that number, either, but I plan to keep trying until I get a human. In the meantime, I’d certainly advise against buying anything from these folks, given their unusual mastery of customer-avoidance techniques.

Update: I found this page, which lists XXX as the CEO and 678-935-4550 as the fax number. Score!

Update: I faxed them a letter. It’s in the “more” section.

Update: I got a call on Friday, July 29, from a customer service rep who offered me a discount on a remanufactured unit. He was supposed to send me some email explaining which units I could choose from– but lo and behold, 10 days later, no email. Hmmm. (And yes, I checked the spam filter logs; no such email ever arrived here)

Continue reading →

Ed Brill links to this CRN article that talks about a “bounty” being offered to partners who convert customers from Notes or Oracle. Two brief thoughts (I’d write more but have too many other more pressing things to do). Disclaimer: I don’t have any specific knowledge of this program, or any other one for that matter.
First, if this is like other MS programs, the “bounty” is actually funny money and a non-story. Let’s say the partner moves a 1,000-seat organization and (according to whatever criteria MS has) the bounty is $20/seat. That means that the partner gets up to $20,000 from Microsoft to either spend on MS consulting / design / deployment services (via MCS) or to use for application and data transition. IOW, Microsoft is paying the partner to do work that the customer would otherwise have to pay for themselves. This is hardly what Ed makes it out to be, with his sinister implication that MS is “plucking” “pieces of meat”. Sheesh. It’s the logical equivalent of the car dealer giving you a tank of free gas when you buy the car.
Second note: I’ll bet a nickel that IBM has similar programs for selected competitors. Why? If you want sales people to do something, you have to give them incentives, and the #1 incentive in that world is cold hard cash.

I got a “press release” from a company called Mayo Communications. Here’s an excerpt so that you can decide whether they’re a good firm trying to rep their client, or a despicable bunch of ambulance chasers who are using a tragedy to drum up PR. I’ve redacted the client’s name to avoid giving the publicity they so avidly sought.

“Be More Alert And Report Suspicious Acts Says
Nation’s Top Counterterrorism Expert XXX
***
“Suspicious people covertly photographing metro railway and trains have been observed and reported in major cities across the nation – from Los Angeles to New York,,” said XXX, CEO, YYYY.
Los Angeles, CA (July 7, 2005) — “The typical terrorist attack is planned months to years in advance,” said XXX, CEO & Founder XXXXX, ZZZZ, reacting to four explosions that rocked the London subway and tore open a packed double-decker bus during the morning rush hour Thursday. The deadly explosive terrorists’ attacks injured more than 700 people left more than four dozen people dead.

So, these folks used the occasion of a terrorist bombing to hype their client (the “nation’s top counterterrorim expert”). Here’s what I wrote back to them:

It is difficult for me to express my distaste for your use of the London bombings as a vehicle to pimp the “expertise” of your client, the alleged “Nation’s Top Counterterrorism Expert”. Your mail makes your firm out to be sleazy opportunists of the worst sort. (As a side note, you really should run your press releases through a proofreading pass; it contains a number of grammatical and typographical errors).
I would rather eat an old shoe than use any of my publication venues to give your client free publicity– but you can bet that I will tell my readers and listeners that, within hours of the London bombings, I was contacted by a PR firm seeking commercial advantage for their client on the bodies of London’s dead.

It’s popular for people to claim that corporate bloggers like Microsoft’s Robert Scoble threaten the conventional PR industry. I can only hope that there’s some truth to that claim.
Update: I got an (unsigned) response from Mayo. It seems pretty clear that one of us doesn’t get it, and I don’t think it’s me:

Everyone has an opinion, unfortunately not everyone agrees with you! but I will remove you from our list since you biggest challenge is deleting emails.
FYI. Time Magazine along with other more important trades are running the story in Monday’s issue. hope you sugar coated your shoes, too.

Nothing like compounding an initial error by being arrogant and antagonizing the people to whom you’re evangelizing your customer. Is this representative of what other PR firms are doing for their customers? I sure hope not.

I’ve turned off trackbacks for all posts older than 5 days. I’m tired of having to clean up spam every single day.

Last night I got spam from a fellow named Steve W. Martin, author of a book called Heavy Hitter Selling. (I’m purposefully not linking to his web site or the book’s page on Amazon, so as not to give him any juice). That’s not that unusual; I get a dozen or so spams a day. What really irked me about this was his use of a service called Jigsaw.com, which pays its customers for uploading other people’s contact data. Jigsaw is much worse than Plaxo; at least with Plaxo there’s some utility to making your contact information available. Jigsaw bills itself as a sales lead database, and (to their credit) their TOS prohibits spamming– but I’m still not thrilled with the idea that someone I know made a buck (literally; Jigsaw pays $1/contact) so that boneheads can send me spam. I’m sure a lot of more famous bloggers (cue: Scoble!) will probably be hearing from this guy soon.

Last night I got spam from a fellow named Steve W. Martin, author of a book called Heavy Hitter Selling. (I’m purposefully not linking to his web site or the book’s page on Amazon, so as not to give him any juice). That’s not that unusual; I get a dozen or so spams a day. What really irked me about this was his use of a service called Jigsaw.com, which pays its customers for uploading other people’s contact data. Jigsaw is much worse than Plaxo; at least with Plaxo there’s some utility to making your contact information available. Jigsaw bills itself as a sales lead database, and (to their credit) their TOS prohibits spamming– but I’m still not thrilled with the idea that someone I know made a buck (literally; Jigsaw pays $1/contact) so that boneheads can send me spam. I’m sure a lot of more famous bloggers (cue: Scoble!) will probably be hearing from this guy soon.

You know Microsoft has to love it when the CEO of Intel publicly trashes Windows security:

Pressed about security by Mr. Mossberg, Mr. Otellini had a startling confession: He spends an hour a weekend removing spyware from his daughter’s computer. And when further pressed about whether a mainstream computer user in search of immediate safety from security woes ought to buy Apple Computer Inc.’s Macintosh instead of a Wintel PC, he said, “If you want to fix it tomorrow, maybe you should buy something else.”

You might remember that I ditched the Google Toolbar a couple of months ago. Steve Rubel is reporting on another good reason to do so: the newest version includes a feature called Autolink. Greg Linden explains it very simply: with this feature turned on, Google’s modifying web page content to add its own links. For example, addresses are linked to Google Maps pages. Book ISBNs and package tracking numbers are linked too.

The folks at Google Blogoscoped toss this off with “talk about the Google OS taking over our lives”, but you know what? Microsoft tried something similar with their IE support for smart tags. Smart tags are exceptionally useful in Office, because you can easily write your own smart tag code to recognize objects unique to your business (like chemical compound names for a pharmaceutical company). I wrote one that recognizes scripture verses (you know, like “John 3:16”). When MS proposed extending this feature to IE, the furor was incredible. Walt Mossberg, Dave Winer, Dan Gillmor, and a host of other influencers immediately started screaming that Microsoft was taking control over web content and generally acting like an 800-lb gorilla. The EFF even opined that the MS smart tag implementation might be illegal. In fact, here’s what Chris Kaminski had to say:

Even if smart tags don’t violate copyright or deceptive trade laws, they still violate the integrity of the web. Part of the appeal of the web is that it allows anyone to publish anything, to take their thoughts, feelings and opinions and put them before the world with no censors or marketroids in the way. By adding smart tags to web pages, Microsoft is interposing itself between authors and their audience. Microsoft told Walter Mossberg “the feature will spare users from ‘under-linked’ sites.” Microsoft is in effect deciding how authors should write, and how developers should build, websites.

Worse, Microsoft’s decisions may be at odds with the intent of the site’s author or developer. If an Internet Explorer 6 user visits Travelocity and looks at a page with information on visiting Nice, France, the smart tag that aggravated Thurrott will link the word “Nice” to Microsoft’s Expedia site. With smart tags, Microsoft is able to insert their ads right into competitors’ sites.

Microsoft is crossing the Rubicon of journalistic and artistic integrity. Editors and authors no longer have final authority over what their sites say; Microsoft and its partners do. For a preview of what the web may look like for Internet Explorer 6 users who also have Office XP or Windows XP installed, take a look at InteractiveWeek’s Connie Guglielmo’s preview. With smart tags, Microsoft is effectively extending its role from being a supplier of tools people use to view content to being the executive editor and creative director of every site on the web.

So, check that out: Kaminski accuses Microsoft of “deciding how authors should write”, “insert[ing] their ads right into competitors’ sites”, and becoming “the executive editor and creative director of every site on the web”. He left out barratry and mopery and dopery in the spaceways, but that’s still a pretty damning list.

Now Google’s doing the same thing. Will we see the same reaction?

My guess is “no”. Google’s widely publicized mantra of “don’t be evil” is increasingly often being used to excuse behavior for which Microsoft, Oracle, or IBM would be roundly condemned. This is just the latest such instance. Don’t get me wrong: as a user, I think Autolink could potentially be a useful feature (but then I thought the same thing about smart tag support in IE). As a web content provider, I’m not comfortable with the idea that another entity (which may not have my best interests at heart) is modifying my content before someone else sees it. If Microsoft was wrong then, so Google is wrong now.

SearchEngineWatch says “the commercial possibilities are massive”– I’d have to agree. My somewhat cynical guess, though, is that , and that raises the question of whether it’s OK for Google to make money by modifying other people’s web content. My guess would be “not so much”– look back at the Kaminski quote and see the part about ad insertion again. On the other hand, I see that Dave Winer is labeling this as “a line they must not cross”– an encouraging early sign.

Update: Adam Gaffin points to this article, pointing out that I have Google ads enabled. True. One prominent difference, of course, is that I get to choose whether ads appear on my page or not; I have some reasonable control over the ads’ appearance, and I could filter out competitors if I wanted to. Autolink doesn’t provide any of these features, except that it allows you to disable it. If I’m an Amazon affiliate, let’s say, how do I stop Autolink from doing something nasty to Amazon links on my page? Sure, it might not do that now, but as any competitive strategist knows, you judge competitors by their capabilities, not by their intentions.

FedEx is up to no good. I got my corporate Amex bill and noticed that there were two shipments listed– one for $25 and one for $55. I’d used FedEx to ship my SPOT watch (< 1lb) back for repair and to seen a book to a friend in Long Beach. Sure enough, the shipment dates and tracking numbers matched. When I called FedEx to ask them WTF, the explanation was simple:

FedEx: We’ve been encouraging our customers to use our shipping materials. When you ship a package with nonstandard packaging, we automatically dim weight it.

Me: What does that mean?

FedEx: We take the package dimensions and calculate a standardized weight, then bill you for that.

Me: (incoherent spluttering) Why didn’t anyone tell me this?

FedEx: You should have noticed the change in your latest Service Guide.

Me:

(more spluttering) I didn’t GET a service guide this year!

They were kind enough to remove the overcharge for those two packages, but there are two more enroute right now that’ll have to be re-rated once I get the bill. In the meantime, FedEx’s perverse website has decided that two addresses which look the same to humans aren’t really the same, so it won’t let me log in to order some more of the Holy FedEx Boxes that I have to use in order to not be grossly overcharged. Grrrrr.

If you use FedEx for shipping, check your bills very, very carefully.

FedEx is up to no good. I got my corporate Amex bill and noticed that there were two shipments listed– one for $25 and one for $55. I’d used FedEx to ship my SPOT watch (< 1lb) back for repair and to seen a book to a friend in Long Beach. Sure enough, the shipment dates and tracking numbers matched. When I called FedEx to ask them WTF, the explanation was simple:

FedEx: We’ve been encouraging our customers to use our shipping materials. When you ship a package with nonstandard packaging, we automatically dim weight it.

Me: What does that mean?

FedEx: We take the package dimensions and calculate a standardized weight, then bill you for that.

Me: (incoherent spluttering) Why didn’t anyone tell me this?

FedEx: You should have noticed the change in your latest Service Guide.

Me:

(more spluttering) I didn’t GET a service guide this year!

They were kind enough to remove the overcharge for those two packages, but there are two more enroute right now that’ll have to be re-rated once I get the bill. In the meantime, FedEx’s perverse website has decided that two addresses which look the same to humans aren’t really the same, so it won’t let me log in to order some more of the Holy FedEx Boxes that I have to use in order to not be grossly overcharged. Grrrrr.

If you use FedEx for shipping, check your bills very, very carefully.

Amazon released their 2004 list of the best computer books, and once again Secure Messaging with Microsoft Exchange Server 2003 wasn’t on it. Dang! I was all set to be depressed, but then I saw this great post from fellow author Ed Bott, with whom I agree totally:

Nothing on Windows XP or Windows Server 2003. Nothing on Linux or Mac OS X or cascading style sheets or PHP or Adobe Photoshop or computer security or digital music or photography. You know, topics that lots of people might actually be interested in.
From all of us computer book authors, thanks for the support, Amazon. (Not.)

Of course, if you want a really good computer book, I have just the thing 🙂

I’ve had a long series of email discussions with Troy Werelius, CEO of GOExchange’s parent company. I’m now convinced that the sales rep didn’t intend to be dishonest, but that he was trying to bolster his case that eseutil is complex (true), dangerous (true), and not for use by the unwary (true). He pointed out that it was unfair of me to criticize GOExchange as “little more than a scheduling engine that wraps around eseutil” without having used it. That’s a fair criticism, although in my defense he has been reluctant to talk about what the product actually does do. To avoid confusion, I’ve removed my earlier post.

However, let me make something perfectly clear: I do not think that it is a good idea to run eseutil except in certain specific, well-defined circumstances. It is not a tool for routine or casual use. Reasons to use eseutil include fixing a damaged database or running an offline defrag, neither of which are routine maintenance operations. I think that’s where the central point of disagreement between my viewpoint and Troy’s lies.

Troy is working on arranging a technology demo for the Exchange MVPs that will help all of us understand better what the product actually does– I’ll post my impressions of its functionality after the demo.

Thanks to the brain surgeons at SIxApart and Pair Networks, my MovableType upgrade has quickly gone off into the weeds.

• Pair’s resource limits are killing the mt-upgrade30 script before it can finish, so there are no comments.
• All my comments disappeared because the upgrade script can’t put them in the new format
• MT-Blacklist doesn’t work, in no small part because of its terrible documentation, but also because Pair doesn’t give enough detail in their error logs for me to figure out what’s broken
• Some part of the upgrade ate all my CSS, so my layouts have reverted to standard.

I’ll get it fixed eventually. In the meantime, please be patient.

So, now it’s getting personal. From Rob Novak via Ed Brill:

While standing there, I saw a title from Microsoft Press: “Secure Messaging for Exchange Server 2003”.  OK, that sounds reasonable.  It belongs there. Then I realized something.  Why in the WORLD would you need a 506-page book to tell you how to do secure messaging???  You just have to Sign and Encrypt!  What is with these people?

Fair question, one deserving of a comprehensive answer. The short answer: there’s a hell of a lot more to messaging security than “sign and encrypt”! What about anti-spam protection? What about hardening the base OS? What about risk assessment? What do you do if your boss comes to you and says he wants to read a coworker’s mail?
The book’s 506 pages because it:

• begins at the beginning with a detailed discussion of fundamental security principles, including the need for good physical security and the difference between various methods of authentication, encryption, and access control
• covers risk assessment and physical and operational security in some depth– rare for a non-textbook security book
• completely describes a workable patch management process, something that every Windows or Linux admin had better be good at (particularly on the Linux side, where patch auditing, assessment, and deployment tools suck. Disclaimer: I don’t talk about Linux patch management. Ha ha.)
• explains how to deploy and use S/MIME– a topic that’s poorly explained in most of the Exchange and Domino books I’ve evaluated to date. Can you cross-certify? Can you issue certificates to use the web client with smartcards? My readers can.
• explains how to use and secure a number of Exchange 2003 features that Domino doesn’t even have, like wireless device access, attachment blocking and control for the web client, the anti-virus API, and so on
• tackles several issues that even Domino admins care about, like message archiving and retention requirements and legal issues about when you can, cannot, should, and should not open or scan user mail for legal or law enforcement reasons, the DMCA, and so on.

In fact, I’m so confident that even Domino administrators who run on Windows would find the OS hardening, archiving/retention, and legal chapters to be useful that I’ll make a bet: I’ll let the Domino community pick a representative to review the book, and I’ll supply a review copy. If the reviewer doesn’t honestly think that this is a terrific and useful book, and that it does a great job of explaining the wealth of security features provided in Exchange 2003, then I’ll donate US$250 to a charity of Ed Brill’s choice. On the other hand, if the reviewer finds– as I’m confident he will– that the book rocks, the reviewer will post reviews at Slashdot, ERCB, his own site, and Ed’s site. Deal?

All right, I’ve had it. I am tired of waiting for “real” media to pick up on this story.
Oracle won’t give its customers security patches unless they buy a support agreement. This is flat-out wrong. It holds customers hostage in a particular nasty and egregious way: if you don’t buy support, you can’t get the patches you need to protect against vulnerabilities in products you’ve bought and paid for even if they’re still current.
If Microsoft did this, they’d be (rightly) pilloried. As it is, you can get any security patch for any supported product for free, either as part of a service pack or by directly calling Microsoft PSS. Microsoft has even extended the end-of-support date for Windows 98 and Windows NT so that customers can continue to get support (and patches) for them.
Of course, very few large Oracle customers run in production without support, as you would expect from such a large, complex group of products. Perhaps their customers don’t care that they can’t get patches without support because they all have it. I still think it’s wrong.
(n.b. I don’t know what IBM and Novell do in this scenario, but I aim to find out. Stay tuned.)