Friday, September 21, 2007

Pissed off at Rogers

I got a voicemail from Rogers today alleging that my computer was launching a DOS attack, so they disabled my internet connection. I'm very pissed off at how this was handled though. First, I had to wait half an hour just to speak with a human being - while constantly being told by a recording that I should go online to their technical support website (Gee, I'd love to!)

Then I talked to a guy and he escalated me to a security guy, who told me that I had a virus. But he couldn't give me any information on what kind of virus it apparently was, or what IP address it was apparently attacking (he gave me the last three octets, which is meaningless), or what port it was apparently attacking, or even agree on what time this alleged attack occurred. So how am I supposed to fix it? His only suggestions, after a very condescending lecture on what exatly constitutes a DOS attack, were to format the drive and reinstall windows, or to call a technican (by which he meant a futureshop-type technician, which is on par with my own technical skills if I'm allowed to have Google) In the meantime I'd run a full virus scan and ad-aware, and they both found nothing. Which is unsurprising because I run a full virus scan (and update defs) on a daily basis and do the same for ad-aware on a weekly basis. So I told the guy I'd bet him $10,000 that there was no virus on my computer, and he said he'd reconnect my connection, but if the DOS attack happened again my account would be suspended for a week. Without any warning or further information. So I said fine. This was at 7:30.

By 9:00, my account still hadn't been reactivated. So I called again, waited again, got another tech who went through the EXACT SAME SCRIPT! And then told me that the previou tech hadn't said he's reconnect me when he did say so explicitly! And then lectured me extensively about having malware on my computer! So dude FINALLY agreed to reconnecct, reread me the whole disclaimer thing again, and told me to unplug my modem for 10-15 minutes(!) and then I'd be reconnected.

Which I was. And now I'm running TrendMicro Housecall just to double check things. But I really resent how there is no leeway in this process for an honest mistake. The whole thing is based on the assumption that I'm either malicious or incompetent. If I could have specific information about the IP address being attacked or the port or the exact time of the attack, I could track what my computer was doing at the time. But no, instead they don't even give me the leeway to make a reasonable diagnosis and talk to me condescendingly. I have impeccable technological hygiene, I have the tech knowledge to fix whatever the problem is, but I just don't know offhand. But these security guys are working from a script and can't help me diagnose. And meanwhile, every test I know how to run, all my logs, everything I can google up, shows that my computer is not doing anything wrong. It's behaving the same as it has for the past 2 years, I can identify every single process that's currently running, and I have no sign whatsoever of what this alleged problem is. But if this alleged incident reoccurs again, they'll cut me off for a week without even telling me. I'm not happy.

Edited to add an analogy:

If I had some problem that was on Roger's end and they couldn't resolve it on the first try, it would be unreasonable for me to demand a week's free service. The most reasonable way to troubleshoot an unknown problem does involve some trial and error, and as a user I have to accept that. Now, if my computer does start launching a DOS attack, I'm perfectly fine with them cutting me off mid-attack. But the most reasonable way for me to troubleshoot an unknown problem would be to eliminate all processes and then reconnect them one by one. So, to successfully identify and resolve the problem, the attack would have to be relaunched. What should happen then is they disconnect me and call me automatically to inform me of the attack, then I say "Okay, I've just identified what's causing it, I'll eliminate that." Then they reconnect me and everything's fine. To arbitrarily disconnect me for a week if the attack reoccurs just once is completely counter to good troubleshooting principles. A three strikes rule, with notification (including specific time and duration) of each offence would be far more appropriate.

3 comments:

laura k said...

This happened to us once, although it was less extreme. Awful.

impudent strumpet said...

So what happened?

laura k said...

Oops, sorry it took me so long to get back to this!

We told them we would run a full virus check and a spyware check - which, like you, we do all the time anyway. They said we also had to contact a third party who would certify our system was clean.

We promised we would do this, knowing we would not, and it seemed they knew we also would not. It seemed like a formality. That was it.

I'm sorry that I can't remember what or who this third party was.