KINGSQUEAK.ORG & KC2RGW.COM

In my previous summary, your hero left off by filing a written dispute of the ludicrous claim settlement offered by Allstate. In a nutshell, they didn’t pay for anything at all of significance with regard to the damage inflicted by hurricane Irene.

Well the game is still going here. What they do is continually rotate your claim dispute among agents, who in turn claim to have called the customer, send you a letter saying “we have tried to reach you but you never answer and will cancel your claim” over and over again.

In fact I have called each of them at least three times, leaving detailed voicemail each and every time and I have not spoken to an employee of Allstate since the claims adjuster was on my property in front of me.

This is a carefully orchestrated fraud here. There is simply no way this is accidental. Every one of the myriad of phone numbers they have to reach me have voice mail and call history logging on the accounts. I mean they have just plain *never* even called, not even once.

All I can tell any of you reading this is to be sure you dump Allstate before you learn your lesson too. My roof (the one they claimed was undamaged) continues to pour in water even in the lightest rain causing sheet rock to fall in through the ceiling. My out of pocket expenses were almost $9k for the repairs to heating equipment and they never came forward to do any mold abatement work either so the long term effects of all of this are still to be determined.

I was offered a few hundred dollars for paint and sheet rock repairs without any remedy for the actual fix for the problems.

Share on Facebook

So I’ve been looking into banking alternatives since my current bank is a company that I really don’t want to support any longer. This has run me straight into a wall that honestly I was surprised to find was so common.

I’m looking into credit unions and alternative online banking solutions and have found, at least so far, they all fail to deliver on the following, somewhat basic facilities. Mind you, many that I have looked into are far from small operations.

Passwords

I have been just plain stunned at how bad the password policies are, after checking through about six different online banking alternatives. The worst one of all was a 4 digit PIN, numeric only for access to online banking! Most are 8 chars, but alpha-numeric only, no special characters at all…this is just plain INSANE.

Online banking is such a huge target, anyone providing this service should provide for at LEAST 12+ characters, accepting any printing character a keyboard can produce. Please, a 4 digi numeric PIN? This could be cracked in a disturbingly short amount of time with a computer 15 years old.

Two-factor authentication as an option. Really…this is not hard to do. There are completely free HOTP compatible two-factor tokens all over the place. Why oh why haven’t banks just freely adopted two-factor token auth by now? I even protect my email access this way, yet my bank account is far more exposed.

One Time Use Credit Card Numbers

So, in a single year I was frauded three times due to making purchases through vendors that use the small merchant bank transaction systems. Even though I wasn’t charged for the problem by my bank, I had to go through a security audit process to file the claim and then change my CC number across about a dozen or more established accounts that I have…THREE TIMES in a single year.

My current big evil bank has a disposable card system whereby for each online transaction I make, I generate a new CC number specific to that purchase. This has options for the max limit of that number (which I set to the next even $5 amount vs the total) and an expiration date (which I set to 60 days). This means there is a 60 day window for fraud exposure, with a maximum potential yield of the difference between my transaction and the next higher $5 increment.

These one-time CC numbers also mean that I can sign up for nasty services that require annual renewals and do so automatically without my consent and they simply can’t get to my account beyond the initial transaction. This allows me to opt-out from companies that will make it nearly impossible to cancel. They simply have no valid information for my account unless I choose to give it to them for the next year of service.

These things are not expensive to implement, nor for a customer to understand, yet here I am, struggling to find anyone who has. If you apply all of the above the potential for fraud is dropped dramatically. I’ve spent a couple years of active online transactions using the disposable CC numbers without a single fraud issue. This has saved me a lot of hours of aggravation and I can’t even imagine the cost overhead to my provider that has been saved.

Get with the program banks!

Share on Facebook

So most of the comments are in the code that explain this. In the old full featured TNC’s there used to be host mode mbox functions so that if someone connected to you and you weren’t there, they could leave you a message.

The PMS utility that used to be in axutils for linux packet seems to have disappeared so I put this hacked Perl script together to provide the basic function I wanted.

The script prompts for a callsign or return email address and accepts the message input. The message is dumped to a plain text file and is emailed to my account the way I have it configured. If email is down, I still get copies of the messages stored locally. You could add something to pop up a message dialog as new files appear or play a system sound etc., pretty flexible.

It’s far from a hardened and secure script, but really I don’t think too much could be done with this considering how and where it is used. Just be aware that it wasn’t done with the intention of having it face the internet.

Link to the file directly is here

Grrr the cut/paste wrecked the code that was here…use the link above to view it in plain text glory.

Share on Facebook