The other day, Davin wrote a very interesting post called Counter Confidence, where he addressed issues of corporate citizenship with a simple question: what do you feel when you see a logo, and why?
In that spirit, here’s a little test:
How did that make you feel? Did it make you laugh? Did you gag?
My reaction was interesting: “Those ridiculous twerps are displaying their logo in public??!! UNBELIEVABLE!!!” Safe to say, it’s the first time I’ve ever felt embarrassed for a blimp. “Awww, poor blimp. Sorry to hear about your crappy paint job.”
You may have heard the recent story about how the CRTC has ordered Canada’s stubborn wireless providers to upgrade their 911 systems to catch up to the level other countries have been at since 2005. This has been debated and resisted for years. Typical stuff from our oligopolistic telecoms, but that isn’t why I have such a negative reaction when I see that logo.
My reaction is informed partly years of wonderful personal experiences dealing with that company and others like it, and most recently, by a story I saw today that you would have to see to believe. One of Bell’s business customers, a law firm in Ontario named Martin & HIllyer, got a $207,000 bill for long distance calls to Sierra Leone. This customer says they never made these calls. Rather, what really happened is someone figured out the password to their Bell voicemail and used it to “return” calls, thereby running up the massive bill.
Bell believes someone used an auto dialer to run through all the possible password combinations until they found the right one.
They publicly admit this.
What I can’t believe–and what Martin & Hillyer are no doubt having a hard time digesting–is that apparently, there is no security feature in the voicemail system that sets a maximium number of consecutive failed login attempts.
Can you believe that? I can’t. Wait, I already said that.
This is a simple security measure that would be effective against automated “brute force” attacks such as this. You’ve probably experienced it yourself. Three unsuccessful login attempts in a row? Sorry, now you have to get a new password. With Bell, that would mean you set aside half a day, call Customer “Service” where, after listening to hours of bad music and prerecorded messages reminding you how important your call is, you will be asked to answer some confidentiality questions, at which point they can set you up with a new password and send you on your way. Seems pretty straightforward to me.
Disbelief is creeping up again….really…are you guys sure your system doesn’t already have this feature?? You think your system was hacked by an auto dialer???? C’mon…you can’t be serious!
There are two other simple solutions: lose the feature that lets you make outgoing calls from voicemail, and perhaps more realistically: get rid of your Bell Voicemail.
There are other elements to this story that are incredible, but not surprising given the source: It will probably not shock any of you that Bell has blamed the customer. It should also come as no surprise that Bell has technology in place that can detect unusual calling patterns and block the services accordingly. They have said so themselves, but for whatever reason, that technology did not seem to do much good here. Finally, Bell has offered to reduce, but not eliminate, the resulting bills as a “goodwill gesture.” Did anyone expect a better solution from them? Not me.
Truth be told, these “lapses” in security sound like a good little moneymaker for Bell.
Ok, enough serious stuff for now. Here’s a hilarious video clip from Steve Nash. He is faster than sharks.
