Monk and Paladin And The Barista Who Did Not Know Better

Monk and Paladin walk into a decently sized town near the Calim Desert. Think Suzail, but without all the dead bodies in the alleys.

Monk: Paladin, do I smell coffee?

Paladin: I don’t know Monk. I smell coffee, well I think I do, I’m never really sure, but how would I know what you smell?

Monk: That was…never mind. Yes, I do smell coffee, and there is the shop it is coming from.

Paladin: Can I have coffee too?

Monk: You don’t drink coffee. Or anything else. It’s one reason why I like you, you neither consume nor expel food. You are the cheapest of dates.

Paladin: I like the smell.

They walk into the shop, oblivious to what their argument sounds like.

Monk: You can smell coffee from anywhere in this building, they make it here.

Paladin: That’s other people’s smells. I want my own smell.

Monk: You mean besides oil and dirt?

Paladin: Huh?

Monk: Never mind. Yes, you can have your own coffee to smell.

Paladin: YAY!

They walk up to the counter in the shop, waiting calmly in line. They are lawful after all. When you are lawful, you follow the rules.

Shopkeep: Can I help you?

Monk: Two coffees please

Shopkeep: What kind?

Monk: The kind that’s already made and able to be poured into the largest mugs you have the fastest. I’m not picky unless what’s made tastes like a beholder’s taint.

Shopkeep: None of our coffee tastes like that, it is all imported directly from Calminshan…

Monk interrupts the shopkeep.

Monk: Kid, I’m sure that story is fascinating, however, I don’t even care enough to argue over the price markup that story gets you. Just give me coffee. Better yet, give my friend here the coffee, I’m going to sit over there and pretend I didn’t have this conversation.

Shopkeep: That will be ten coppers

Monk puts the money on the counter and walks away. The shopkeep commences to making the coffee, and hands both mugs to Paladin. Paladin is puzzled at one of the mugs but doesn’t think about it much. In truth, Paladin doesn’t think about anything much.

Paladin: Here you go monk, your coffee

Monk takes a sip and gets the kind of look a small child gets when you promise them a pony and give them a goat. He is betrayed.

Monk: Paladin, this is not coffee. This is tea.

Paladin: The man said “here’s your coffee” and that is what he handed me. Maybe it’s special coffee.

Monk: It is special in that it is tea. Someone gave me tea instead of coffee.

Paladin gets a worried look on his face. he’s not bright, but he does recognize certain dangers. People messing with Monk’s coffee is high on that list. Monk gets up to go talk to the shopkeep.

Shopkeep: Is there a problem?

Monk: This is tea.

Shopkeep: Yes it is, our special house blend.

Monk: I ordered coffee. I got tea. Can we fix this.

Shopkeep: But you’re one of those monks, aren’t you?

Monk raises an eyebrow at this. Paladin can see his friend starting to get tense in what he calls his “beatin’ arm” and decides that he needs to pay full attention to the aroma of his coffee. In truth, it does smell rather nice.

Monk: Yes, but I fail to see…

Shopkeep: Well, everyone knows monks drink tea. You look like you’ve been walking a while, clearly, in your fatigue, you misspoke.

Monk: No, I didn’t. I want coffee. Cof. Fee. Coffee. Comes from a bean. Keeps you awake. Keeps me from getting headaches that make me all murdery. Coffee. One word, two syllables. Right behind you on the stove. Dump this shit out, pour some coffee in the cup. Hand the cup to me.

Shopkeep: Our tea is most certainly not shit good sir. I’m insulted that you would even implrrrk!

The shopkeep suddenly finds talking to to be a bit of a chore, what with Monk grabbing the shopkeep’s tongue between his index finger and thumb in a painfully tight grip.

Monk: Paladin?

Paladin: Yes Monk?

Monk: I believe I saw a butterfly outside. You should go play with it.

Paladin: Monk, this is a more arid climate than butterflies…

Monk: <STARE>

Paladin: Oh look, a rare desert butterfly! Come here butterfly, we can smell my coffee together.

Paladin quickly leaves the shop. He has a good idea what is about to happen and not seeing it will be very helpful in him keeping his vows intact and his docent on his chest and not in an inconvenient place, and he doesn’t mean the back of a ffolkewagon.

Monk: Allow me to demonstrate the ramifications of your error in judgement.

Sounds come out of the shop. Sounds that would not be out of place if made by someone with a full mug of tea inserted into their colon at high speeds while their limbs are bent into the shape of a coffee pot and the lid of a coffeepot fused into their skull. All done in a very methodical, well-planned fashion. Totally not chaotic.

Passers by try to ask Paladin what’s going on, but Paladin ignores them while running around yelling “COME BACK BUTTERFLY, THERE IS MORE COFFEE TO SMELL” in a slightly hysterical tone. The passers by are not sure who is more terrifying, but they all remember sudden business they have. In Zhentil Keep. Where it is safe.

Monk walks out of the shop and sits at one of the tables with a fresh mug of coffee. He takes a long sip, sighs deeply and smiles.

Monk: Ah, sweet, wonderful, coffee. How I love you.

Paladin looks like he’s thinking about going back into the shop, but Monk catches his eye and says “No no my friend. Let us stay outside today.” Paladin is in full agreement with that sentiment.

The coffeeshop keep never did get rid of that limp.

Paladin Is The Biggest Shuriken

<Monk and Paladin walk…oh you get the idea.>

Monk: You look like you’re in charge here

General <Looking not happy about being interrupted>: That would be my good fortune. However did you guess, aside from the banners and people calling me “General”?

Paladin: “See, I told you he was the general!”

General: “Is there a point to you two aside from bad comedy?”

Paladin: “We’re here to help!”

General: “…just…how do you plan to do that?”

Paladin: “Monk hits real good and I get hit real good”

General: “Anything else?”

Monk: “Hmm…nope. He feels no pain, and I dish it out in interesting ways, that about covers it.”

General: “Well, as you may notice if you look overhead, our problem is a bit long distance and airborne, so unless you have some distance weapons, you’re kind of useless”

Paladin: “Monk could throw me! He can throw anything”

General: “…really now.”

Monk: “Well, yes, I probably could, but then he’d be rather far away, and he doesn’t deal a lot of damage on his own. And he runs faster than an Otyugh. Barely. So it would take him forever to get back here.”

General: “Not a lot of damage? even with that sword?”

Monk: “Not unless the dragon runs onto it several times of its own accord. Paladin only carries it because that’s what Paladins have. They have swords. He is a Paladin, he has a sword. His real value centers on nothing being able to possibly hit him hard enough to hurt him, much less actually damage him.”

General: “I get all the winners. Well, how about you?”

Monk: “I have shuriken. They’re returning, very nice, but face it, the dragon would die of old age before I killed him with a small circle of metal, even a magical returning one.”

General: “Too bad you can’t stick it into his armor, then you might be useful. Oh well. If you happen to know where I can get some…what are you doing?”

Lots and lots of hammering noises, with Paladin giggling. As Paladin is a warforged, it’s a rather disconcerting sound. Especially as he is face down in the mud while Monk is straddling him while doing what looks like punching him in the back over and over.


Monk: “I’m” PUNCH “Not” PUNCH “Tickling” PUNCH “You!” PUNCHPUNCHPUNCH. “There.” He hops off of Paladin. “Okay Paladin, stand up”

Paladin stands up, and shows the now largeish group clustered around the latest addition to his armor: the shuriken that has been beaten into his back plates.

Paladin: “Monk, what did you do?”

Monk: “Well, I can throw you, and I can throw shuriken, and you don’t return, well not quickly, but shuriken do return quickly…oh good, I didn’t use the acid one.”

Paladin: “I’m a shuriken?”

Monk: “Yes, you are now the world’s biggest shuriken.”


Monk: “General, you and your men better give me some room here”

General: “I have no idea what is going on, two loonies are beating each other up, and there’s still the dragon. Sure. Men, give the nutter room”

Monk bends over and grabs paladin by the feet. “Hold your shield over your head!” he says, then yanks Paladin off his feet and commences to spinning him around. The soldiers are giving him ALL THE ROOM. With a grunt, he lets go. As Paladin flies at the dragon, complete with fading “WHEEE!!! I’M A SHURIKEN! WHEEEE!!!”, Monk stands there and waits, with one ear cocked. In a few seconds a loud, albeit faint “KLONNNNG” followed by a very surprised and painful dragon roar echoes across the battlefield. not long after, Paladin’s “WHEEEE!!!” can still be heard, only getting louder. Quickly. As if he was flying back at Monk. Which he is.

Monk: “you should probably all get out of his way. Those things move fast on the way back”

At this point, the soldiers are diving out of the way, expecting Paladin to paste Monk, given the size differences. Monk doesn’t even try to get out of the way. All the soldiers duck and wince as Paladin come sailing back at Monk’s outstretched hand and…nothing. No screams, no impact, just Paladin madly giggling and yelling “DO IT AGAIN! DO IT AGAIN!”. The general looks up to see Monk’s hand in the middle of Paladin’s back, balancing him there effortlessly.

General: “Bu..wha…HOW?”

Monk: “Well, if I can catch a razor sharp throwing star that bursts into flame on impact or acid or whatever and it doesn’t do that when I catch it, then logically, that should apply even if it’s nailed into Paladin’s back. One second…”

Monk flings Paladin at the dragon again. WHEE! KLONG! ROAR! followed by ever-increasing streams of dragonese profanity.

Monk: “Well, it’s a good thing he’s already evil. Such language.”

General: <Just stares, slackjawed. As are the other soldiers. Because…wtf.>

Eventually, after 4–5 throws, the Dragon flies off, a bit limpy in the wings, muttering angrily to itself. Something about:

“Screw this, I’m going to take that gig as a spelljammer tow truck my cousin offered me. Illithids aren’t as fucked up as whatever the hell that giggling…nope, nope, nope.”

General: “I don’t want to know how that worked. Ever. I don’t want to talk to either of you ever again. For once, I sympathize with the dragon. I’m going to go home, get really drunk, then retire and do something more sane. Like raising Beholders.”

Monk: “Um…I hate to raise the point, but those shuriken aren’t cheap…”

General: “Payroll wagon’s that one that used to have guards around it. whatever’s in it is yours. Just go away and never let me see either of you two again.

Monk & Paladin: “YAY!!!!”

Monk And Paladin And The Very Sorry Giant

(yes, I know I said these would stay on tumblr. Tumblr’s srch is pure shit, so they are also going to be here, along with some other bits. Thank god I linked to them on Facebook. At least Facebook’s search works.)

What happens when Intelligence is a dump stat

So some background. I have a son, yes I know, seems impossible, but true nonetheless, and he is almost 25, an age where his sense of humor is finally catching up to his mouth. We play D&D, and have played a lot of D&D Online. He has a Paladin he plays, a warforged, and I primarily play as a monk. This is the outgrowth of a long-running series of comedy bits we do when we play. It may get updated as I feel like it.

As I ponder it, this may also what happens when you read too much Robert Asprin. There’s a certain amount of “Myth Inc.” at play here.

Villager: “Save us, oh save us from the evil giant!”

<Monk and Paladin walk up and see what is happening.>

Paladin: “YAY! TIME TO PLAY KLONG!!!!”

Villager: (to Monk): “What’s ‘Klong’?”

Monk: “It’s his favorite game. He runs up to the giant and the giant smashes his fist into him”

Villager: (aghast): “But that will kill him, surely!”

Monk: “Now why would it be his favorite game if it killed him?”

Off in the distance, Paladin finally finishes running up to the giant. It took a while. Paladin runs faster than an Otyugh. Barely. The giant notices Paladin “jumping” (he jumps higher than an Otyugh can. Barely) to get the giant’s attention. “GRAAAAAGH” says the giant, hauls back his fist and takes a mighty swing at Paladin.

“KLONNNNNNG” goes Paladin

“CRACKPOPSNAP” goes the Giant’s fist

“AAAAAAGH” goes the Giant.

The giant walks off, holding his severely broken hand very gingerly, crying a bit.

Villager: “He…defeated the Giant by breaking its hand on his face?”

Monk: “Yep.”

Villager: “Doesn’t that hurt?”

Monk: “It might if he thought about it more. He’s not a thinker.”

Villager: “How can we ever thank you!”

Monk: “Platinum, usually.”

Villager: “Um…we’re not a rich village”

Monk: “Have you seen his other favorite game, ‘Smashhouse’?”

Villager: “…I thought you lot had to be good”

Monk: “Technically, I just have to be lawful. Good and Evil are really minor considerations for my lot. And I am. Lawful that is. I have a specific procedure I follow for everything. This is the “We just saved you from being pasted by a giant and now you want to be cheap about it” procedure. See? Totally not chaotic!”

Villager: “How is this good?”

Monk: “Are you getting wiped off the bottom of a giant’s boot? Paladin may have even gotten a scratch from a callous on the Giant’s fist. He risked a fresh polish for your village! I’ll have to fix that if he did. You ever polish a ticklish Warforged? No? Well, it’s not easy.

Also, you’re not all dead. I may have mentioned that already, but it’s worth repeating.”

Villager: “…I see your point. How much platinum will you need?”

Monk: <hands him a decently-sized sack> “This much”

Villager: “That’s…right, not giant’s toe jam…quite reasonable.”

Monk: “I knew you’d agree!”

Am I Being Punked?

The title is what I was saying to myself as I built a couple of scripts for a twitterfriend. Guy had asked about printing to n-up PDF from Keynote via AppleScript. I happened to have Pages running so I started poking about.

First, you have to print to do n-up PDFs. The export to PDF function in any iWork app is incapable of doing that. Okay, that’s a pain in the ass, but sure, I can justify that, n-up is traditionally the realm of printing. But, at least with the basic “print” command, you can get most of the way there:

tell application "Pages"
	set theDoc to the first item of every document
	--the "ignoring is needed so the script doesn't stall at the dialog
	ignoring application responses
		print theDoc with properties {pages across:3, pages down:2} with print dialog
	end ignoring
end tell

This is pretty straightforward. The only odd bit is the “ignoring” part. That’s in there because otherwise, the script will pause forever on the print sheet.

Now, if you have a PDF printer already set up, and it’s your default, then you redo the print statement to not display the print dialog, et voila, you have a PDF, (depending on how said printer handles saving.)

If you don’t have a PDF printer set up, then we have to do a bit of UI scripting. This is tedious for a few reasons that I’ll get into after the code.

--System Events manages ALL UI scripting
tell application "System Events"
     --target  pages
     tell its application process "Pages"
          --obviously for your needs, 
	  --you'd have to manage window targeting
          --since you have to do it by name
	  tell its window "johnwelch.pages"
	       --talk to the existing print sheet from 
	       --the tell keynote/pages block
	       tell its sheet 1
	            set theMenuButton to its menu button "PDF"
	            --expand the button
		    click theMenuButton
		    --go down twice
		    key code 125
		    key code 125
		    --hit return which brings up 
		    --another sheet 1
		    key code 36
		    --gives the sheet time to display
		    delay 5
		    tell its sheet 1
		         --this saves. I have no way to 
			 --deal with overwriting files 
			 --without doing more targeting.
			 --this is so messed up.
			 tell its button "Save" to click
		    end tell
	       end tell
	  end tell
     end tell
end tell

It’s fairly straightforward. There’s a document (*.pages) with print sheet (sheet 1). This is the first issue. Give this a better name. “Print Sheet” maybe? Because as we’ll see, this sheet can have a sheet and what is its name? Right, sheet 1.

Minor fail there. It would be better for the name to be descriptive. Then we tell UI scripting to click on the menu button “PDF”. This is the second failure, but only a partial one. Depending on the machine, this menu can have a number of different items, but there are some that are static, namely:

  1. Open In Preview
  2. Save as PDF
  3. Save as PostScript

I should be able to directly access those. (Honestly, the menu isn’t that dynamic. It would be pretty easy to determine the number of items before it opens. As it stands now, until you click on it, it has…zero items. So we have to do two down arrows (key code 125) and a return (key code 36) to select the right option. Being able to directly click a menu item by name is much better, and would make this much more simple.

If I could do more in the print command, like have a property that was “Save as: PDF” with an element that took an alias or fURL, that would be even better, because then the entire UI scripting block would literally not be needed. But it doesn’t, so it is, and why not just make things easier? This would also probably be a help for accessibility, something of minor importance to Apple, or so I hear.

Now, we’ve “clicked” on “Save as PDF” which gives us a sheet for sheet 1 named? Right, “sheet 1”. Begin to see why I think that name is a bad idea? Like maybe name this one “Save as PDF”. I dunno where I’ve seen that before, but it seems logical. But I’m sure “sheet 1 of sheet 1” is better. I eagerly await the explanation of how.

Note, this does nothing to handle “a file with that name already exists.” I’m sure you can handle that via UI Scripting, but as we’ll see in the Keynote section, I just don’t feel like doing the extra work.

So I get done with this, and I’m excited, because Keynote should be about the same. Minor changes in terms of tell block and System Events targeting, Bob’s your Uncle.

Bob Is Not Your Uncle

In fact, Bob is so not your Uncle, he’s at someone else’s house being their uncle, and they are all laughing at you for you have no Bob to be your uncle.

Keynote’s accessibility is a shameful mess. I don’t say that lightly. Here’s the first part:

tell application "Keynote"
     set theDoc to the first item of every document
     ignoring application responses
          --the "ignoring is needed so the script
          --doesn't stall at the dialog
          --note that Keynote ignores the n-up 
          --properties because pound sand, that's why
	  print theDoc with properties {pages across:3, pages down:2} with print dialog
     end ignoring
end tell

Our first sign we’re in trouble is that Keynote ignores the n-up settings in the print command. Oh, it looks good in the UI, but if you save that to a PDF without taking further action, you do not get what the UI says you will. This is the first, cardinal, unforgiveable sin of development:

Never Lie To The Human

There’s no excuse for this. None. But Keynote lies to you here. Which is a shame, because you now have to undertake a journey of purest suck.

tell application "System Events"
     --target keynote
     tell its application process "Keynote"
          --obviously for your needs, you'd have 
	  --to manage window targeting
	  --since you have to do it by name
	  tell its window "Open House Preso.key"
	       --talk to the existing print sheet
	       --from the tell keynote/pages block
	            tell its sheet 1
		    --this is where you select a 
		    --grid layout. No, it has no
		    --goddamned name.
		    --no, i don't know why.
		         tell its checkbox 2 to click
		         --oh, you thought the "how 
			 --many slides per page" popup 
			 --had a name? LOL
			 --it's pop up button 1 of group 3
			 --because THAT'S NOT FRAGILE
			 tell its group 3
			      tell its pop up button 1
			      --expand the button
			      --go down one option
			      key code 125
			      --hit return
			      key code 36
			 end tell
		    end tell
		    set theMenuButton to its menu button "PDF"
		    --expand the button
		    click theMenuButton
		    --go down twice
		    key code 125
		    key code 125
		    --hit return which brings up 
		    --another sheet 1
		    key code 36
		    --gives the sheet time to display
		    delay 5
		    tell its sheet 1
		         --this saves. I have no way 
		         --to deal with overwriting files 
			 --without doing
			 --more targeting. this is so messed up.
			 tell its button "Save" to click
		    end tell
	       end tell
	  end tell
     end tell
end tell


Where oh where do I start?

Well, what the hell, when you’re in a swamp, it doesn’t matter which way you walk, you’re getting gunk in your shoes. So to click on “Grid” which is the only way to get n-up printing, even though, as you recall, we had told Keynote to print n-up and it looks like it will, it is again lying to us. So we have to do this.

According to System Events, “Grid” is checkbox 2 of sheet 1. Now, let us be clear on what we’re talking about here…

That is a mighty strange checkbox

I have seen stupid and I have been stupid and I have never seen a checkbox that looks like that. This is a checkbox:

Look! Checkboxes!

Yes, I know, you can have pictures, but come on. First, everything in that grouping is mutually exclusive. I can’t select slide AND grid or grid AND outline. So even allowing for pictures, those aren’t checkboxes, they’re flibbertygribbin’ radio buttons. So again, again, Keynote’s UI is lying. But even worse, want to know what the name of the “Grid” “checkbox” is? Checkbox 2. No, really, that’s the name.

Accessibility fail, and you don’t have to take my word for it, here, from the accessibility inspector:


Apple’s. Own. Accessibility. Inspector. is pointing out this problem. So it’s not only not a checkbox, it’s badly done accessibility-wise, and it makes scripting it fragile, because what if something changes and it’s no longer checkbox 2, it’s now pop up button elebenty? (I mean, if you’re going to lie about what something is, go big.) Oh look, you have to rewrite. ]

But wait, it gets better. So along with an accessibility audit fail, what does the actual inspector tool think this is? Well, let’s see…

Oh well, that makes sense, according to the Accessibility Inspector it’s a toggle button with a role of AXCheckBox that behaves like a radio button, that’s totally logicalAAAAAAAAAAAAAGAHWHAT IS GOING ON HERE, WERE YOU ALL HIGH?

Like, I’m trying to be nice here, but this is just awful. This is just a single control that has two different type values, no name and a role that makes no sense, and IF YOU WOULD JUST GIVE IT A LABEL, A TITLE, AND SOME HELP TEXT I WOULDN’T HAVE LOST TEN YEARS OFF MY LIFE SPAN NOT PUTTING MY HAND THROUGH THE SCREEN OF MY LAPTOP.

How does this get approved? I mean, Apple cares about accessibility, they’re hiring loads of accessibility people and this passes muster? Mind you, there’s four controls in this group.

we’re not done

Since we have now managed to select grid via equal amounts of magic and luck, we have a pop up that lets us select how many images per page. The default is four. Surely that has a name we can use, I mean it’s part of the “Grid Layout:” group, right?



Oh gods.

Nope. It’s pop up 1 of group 3. I mean, it’s not like it has a real name:

Saved from a life of sloth

Yeah. So…yeah. I mean, the accessibility audit is polite about it but even it is throwing up its hands at it all:

Bob will never be your uncle

Once you get to where you’ve “clicked” on pop up 1 of group 3 (such an intuitive name, I shall remember it always), then it’s generic up/down arrow keystrokes and the enter keystroke and you’re out of this grotty hell and “clicking” away on the PDF menu item button tra-la-la, time to get ragingly drunk so as to forget this ever happened.

There’s no excuse for this…mess. I am not a coder. I can beat on ASOC/Python/Bash to get things done, and I’m attempting to learn Swift (on macOS, so we all know I’m doomed, because heaven forfend the gods of coding education stoop to making tutorials for the Mac.) But I am not a coder/dev/whatever by any means. Which means this issue is so obvious, so pronounced that you do not need terribly special skills to spot it. By “spot it” I mean get thoroughly Bog’d.

I just wanted to write a script to do a fairly simple thing and found…this. I don’t even know where to begin to report the bugs on this, there are no less than eleven separate accessibiity bugs in the print dialog alone, along with the print script command bug and the feature requests that would make this all go away.

Where, exactly, do I begin? Because I do have things to do. Like not be found dead at my laptop with the feedback assistant waiting patiently for the next item in the list.

Look, clearly the iWork team needs some QA people for their UI accessibility stuff. And scripting stuff. Y’all should maybe give me a call, send me an email, I appear to have skills you desperately need. We can fix this, it is totally fixable, fixing it is necessary. So let’s do this?

Hey…it’s Dad

So this started as a bit of a lark, based on a Questionable Content strip. But the response was interesting, and I bought the domain, Not just to have it, but I dig the concept. Aside from the strip, it’s also somewhat based on Chloe Condon’s boyfriend bot. While honestly, and sadly, I can see a use for a service that, if needed, has a grizzled old grumpy, yet affectionate guy show up to check in on his child because they just happened to be in the same place, there’s other uses.

You’ve seen the response to “free mom/dad hugs” signs at Pride events. Be nice if that wasn’t the only time you could get them. Hearing someone say “Hey…you’re kinda dumb sometimes, but I love you” feels good. Yeah, I know, it’s a service, you’re paying for it, but man, there’s times when regardless of source, hearing that drags you back from the edge a bit. Gives you a little distance from the precipice so that instead of looking over the edge, it’s a bit easier to look up at the stars.

Or for the events where you just want to look at “your” side and see people there smiling and cheering for you, making silly faces. Maybe walking you down an aisle. Doing stupid dances. Making awful jokes. Taking pictures at a graduation. Being family, even if it’s just for a few hours.

Or just when you need, so badly to hear a friendly voice on the phone because the day has just sucked, and you feel beat down, and you need someone to call Dad and have them call you Scooter, and that the people who made you feel bad are dumbasses and you’re really awesome.

I can’t even begin to imagine how to build that. The screening, boith background and empathic would be intense, although I know a few people who would do well there. That would be hard, along with the actual, you know, programming and infrastructure. I’m only good at one of those. And lord knows, I ain’t got squat for moola.

But I think it could be cool. And if one is going to even think about building something in a world that seems to delight in making people miserable in search of profit, why not have it help people feel good?

Keep on keepin’ on

This is a (very) sad followup to No No Honey, That’s a fon-don’t →

That post was written on the 16th of July. To date, a tech evidently did come out to my house to do something about the door on the TNI box on my house. Here is what they did:

This is not a proper repair

Yep. That’s it, they tie-strapped it. Now, had I gotten a call saying something like:

Hey Mr. Welch, this is CenturyLink, we don’t have any boxes on the truck, so I tie-strapped it on temporarily, and I’ll be back out in <time frame> to properly fix it, I just didn’t want to leave it hanging.

I’d have been fine with that. That’s totally okay, totally acceptable.

That is not what happened. No call, and ticket closed. Oh honey, no. That’s not going to fly. So I just called. For a fourth attempt at fixing this. Highlights of the call:

  1. I get snipped at about using a speakerphone
  2. I have to explain what a TNI is. That’s on the outside of the box, btw.
  3. We go on a journey of imagination wherein I picture the current setup of my DSL modem because he’s worried my signal strength isn’t what it should be. (Not like a bad cover could cause that)
  4. He wants to set up a time to fix my bandwidth. I tell him how about we fix the problem that’s been extant since the 8th of July: the broken external box. If they manage to get this fixed on the *fourth* attempt, then MAYBE we can talk about my bandwidth.
  5. I finally get him to agree. In theory, someone will be out tomorrow.

For friends of mine, no, I did not lose my shit about 1). Thought about it, but I want this fixed, I don’t want to have to deal with hurt feelings too. I am however reconsidering my “Anyone but Comcast” stance. Because at this point, I’m unsure I could get worse customer service sans tasing.

OH…right, the return label finally showed up. About a week after I capitulated, printed out my own and shipped it. I do have the receipt for that, because we know they’re going to claim I didn’t send the old DSL modem back.

No No Honey, That’s a fon-don’t

Recently, I had a lightning strike hit close to my house. Like about 10′ in the air and 10′ off my deck. Didn’t hit the ground, but blew the cover off the DSL TNI box. (The box where your DSL/phone lines go into your house.) Ripped the cover off, I found it about 10′ away. The surge through my phone line took out the DSL modem, my Orbi Router, the PS4 that was connected to the Orbi router via Ethernet, the TV that was connected to the PS4 via HDMI…I didn’t even know that last one was possible.

Weird too. The Orbi will happily turn on and talk to the other satellites, but the Ethernet board is dead, so you can’t talk to the outside world worth a crap. The TV turns on and you can select whatever input you want, but the HDMI boards are evidently fried. The PS4 just won’t. It can’t even with this.

That happens. I mean, I live in Florida, lightning is real, and there’s not a lot of surge suppressors for HDMI or Ethernet. (although if anyone knows of one, that’s not stupid expensive, let me know!)

But this post is about how CenturyLink (very poorly) handled this situation. Now, in Tallahassee, or Tally, there’s two options: Xfinity/Comcast and CenturyLink. So Dumb and Dumber in terms of customer service. Tally does not have a large permanent population, so the ROI on things that people in proper urban areas get, like fiber to their house? That’s infinity. Since 2008, my bandwidth has gone from 10Mbps down to 25Mbps down with CenturyLink. So my grandchildren, if they live in my house, will be dead before they see a gig. Comcast/Xfinity aren’t even options, so don’t ask.

There’s never going to be municipal broadband, because while neither company will spend a damned dime on meaningful infrastructure upgrades, (why should they, it’s not like they have any competition, and at this point, they make money from the churn) they have spent millions ensuring that no town in Florida, no matter how small, will legally be able to do municipal broadband as long as they “promise” they have upgrades in the works.

It’s like me promising you a ride in my Lambo tomorrow. Tomorrow will never come.

So economically, they’re in a good place. Industry with a natural high cost of entry? Check. Town so small that no one is going to build anything better? Check. State that would rather set itself on fire than cross its plutocratic overlords? Oh honey, it’s Florida. Our idea of advanced K-12 education is the stingray shuffle.


Using my phone as a hotspot, I get on da intertubes and do the CenturyLink service chat. They’ll get me a new modem. 2-3 business days, (this is on a Saturday), and I pay $16 for shipping. That irks me, but whatever. Then I ask for a tech to come out and just check the lines. I mean, I know they took a surge. There’s no doubt, I have the charred ethernet cable that was plugged into the PS4 as proof.


Dat is burnt

So they won’t send a tech until after I get the new cable modem, at least not via chat. Um…no. So I call their support number. After a few minutes spent blowing off their phone tree by hitting “0” over and over, I get a human and of course, it’s the standard nonsense, they’ll show up “sometime” between 8am and noon on Tuesday.

Goddamnit, that’s half a day of vacation time. That’s real money they are taking out of my pocket for this. That’s how I view it, I am not just paying my bill, I am paying for it with my bill and half a day’s worth of vacation time. This is getting expensive. But, I’ve no real choice, so I ask them to have the tech call before they show up, you know, courtesy. They say they will make sure of that.

We all know what happens.

It’s 1pm on Tuesday, so outside of the window, and I’m pissed, because no phone call. I call CL support (and yes, I am ranting about this on Twitter. It’s my thing) and they say they may not be there until 2pm. I remind them, forcefully, that they said between 8-12 and they say “well, that’s really a guideline, it’s more like anytime between 8am-2pm.”

“So the time you told me was a straight-up lie”


We reschedule. Same drill for Thursday. I take the whole day off. The opportunity cost for this has now tripled, and there is no chance in hell CenturyLink will discount my bill for my hourly rate. 1:30 pm, nothing. No call. I go online to check the status of my ticket, and there isn’t one. It’s been canceled.


Call them again. I am not happy. I demand to see a supervisor. Mind you, that modem that was supposed to take 2-3 business days I ordered Saturday? Still not here. So that’s nonsense too, because now we’re at 4 days.

“Gee, it’s going to take a while to get a supervisor.”

“That’s okay, I’ve fired up D&D online, Thursday is Raid Day, I have the time.” Over an hour, I sit there playing video games and waiting. Because babies, I play MMOs. I can grind. Finally get a supervisor on the line. They get an earful. An angry, yet polite earful. (No profanity, I don’t call anyone names.) While this has been going on, CenturyLink’s twitter support line has been getting a play by play. (Yes, I did enjoy the knowledge that I had, in some small way, messed up their call time averages. I am more than capable of being petty towards a multi-billion-dollar company when it requires no effort on my part. I am in fact driven by caffeine and spite.)

I don’t know who did what, but by five o’clock that night, I had the modem and had talked to a tech who said my lines were fine. Oh, they managed to mess up the new modem. No return label.


Fine. I know where the local office is, I’ll run it over on my lunch break. HAAAAaaaa…no I won’t. That office is closed, the other one close by isn’t open to the public. Go back to work in a foul mood, because CenturyLink has literally not done one thing correctly here. “Oh you can just print the…”

“No. I won’t do that. Send me one.”


“I have spent a day and a half of my vacation time because your tech arrival times are outright lies and no one working for a phone company is able to actually use one. I wasted  gas trying to return your modem to you today because evidently, having a local public-facing office isn’t something you do. I’m going to probably have to carefully check my next bill to make sure it’s actually properly prorated and you want me to waste time, paper, and toner to make up for your screwup?

No. I will absolutely not lift a finger a millimeter more than required by physics to assist you in any way, shape or form. You can just send me a return label.”

“Well that will take another 2-3 business days.”

“And? That’s hardly a threat. Had you done things properly in the first place, we wouldn’t be in this call at all. I have done nothing wrong, you have done nothing right. Send me the label.”

It’ll probably take a week for that to happen.


There is nothing about this that was necessary. CenturyLink could have had some simple steps in their support process that would have completely removed the frustrations they created, and I feel these apply to any support org:

  1. Don’t Lie. Don’t even come close. If you say someone will be there in a four-hour window, they better be there, especially when someone is taking time to wait. Don’t say “well, we say four hours, but we really mean six.” The first rule of lying well is never tell people you’re lying. It’s important.
  2. Communicate. Call. Call the customer as the tech is heading out to their office/home. If there is the slightest chance you’ll miss your window, call and let the customer know ASAP so it can be handled before they’ve had hours to go full Tsar Bomba on you. No one likes getting the full Tsar Bomba.
  3. Don’t be petty. Why am I returning this modem? It’s dead. Unless it’s for recycling, this is a dead-assed modem. Just let me throw it away, or better yet, the tech should have said “Hey, since you got the new one now, let’s make sure it’s working and I’ll just take the old one with me.” That would have worked splendidly. Also, really? Sixteen bucks for 2-3 day shipping? Come on man. That’s just petty.
  4. Make sure you do what you will say. If you say 2-3 business days, then by god, make it so. If you say there will be a return label in the box, then by god make it so. Don’t lie, and don’t be stupid about things.

None of this is not hard to do right. In fact, it’s almost harder to do wrong. I guarantee any time “wasted” on calling me to let me know the window wasn’t going to happen was blown to smithereens by my ass being on hold for an hour.

Even when you don’t have competition, don’t be jerks. Because my dudes, you think I have any loyalty to CenturyLink at this point? If I could get better service from the Manson Family Internet, I’d switch so fast there’d be a flame trail, and I guarantee I’m not alone.

Really, at this point, CenturyLink should just stop pretending. Because what they have now is an insult to the people who do support well.



Is This Satire? Does It Matter?

A few days ago, Shekar Kirani posted a Twitter thread about “10x Engineers”, you know, the magical creatures that can do anything. My first thought was a) this is a myth and b) this is a person who will damage a company far more than they help it. But there’s more to it. (For what it’s worth, this is not satire. Kirani appears to truly believe 10x engineers are necessary for a startup. Kirani clearly has more tolerance for spoilt children than I do.)

So let’s look at what he says. Note, for this post, we are talking about Kirani’s version of a 10x coder, which is not a person to hire at all. The truth is a bit more expansive and less awful:

1. 10x engineers hate meetings. They think it is a waste of time and obvious things are being discussed. They attend meetings because the manager has called for a “Staff meeting” to discuss the features and status.

This is often the case, but it is not always the case. Many meetings are “unnecessary”, but then, people are also awful at communicating things unless made to. If people communicated better, more completely, and more regularly, many meetings would be even more unnecessary. But they don’t, and so we have meetings. But the subtext of this is that to a 10x engineer, no one “less smart” than they are may make requirements of their time. This isn’t about the usefulness of the meeting. This is about a “manager” (and you can hear the disgust Kirani has for that position, even though that’s what Kirani is) daring to think they have the right to make the 10x engineer do something other than what they want. Another subtext to this is: If you’re a manager, you’re clearly too stupid to do “real” work.

This is the same reaction a small child has when they have to do something they don’t want to do. Given the “10x engineers” I’ve known, the way both act out that resentment will be surprisingly similar, other than the small child can more easily be made to be reasonable. Or at all.

2. Timings in the office for 10x engineers is highly irregular. They tend to work when very few folks are around. If there is a crowd or all-hands meeting, they are not visible. Most of them are late-night coders and come late to the office.

Sorry your highness, but when you choose to work for someone who is not you, you sometimes have to do things you don’t like. Yes, there is a remarkable similarity between 1 and 2. Almost as if, once again, the 10x engineer isn’t subject to the same rules as everyone else. Now, I have no problem with flexible work hours. As someone who dearly misses working midshifts, and would love to be back on a midnight – 8am schedule, I get it. But, even when I worked mids, there were things I had to do at work during the day. Didn’t like it, because it was usually in the middle of my sleep schedule, but I did it. I didn’t expect the entire company to wrap itself around my needs. Doing that, regardless of talent level, is the sign of a self-centered jerk.

Do not employ self-centered jerks. They are never worth the pain they will cause.

3. 10x engineers laptop screen background color is typically black (they always change defaults). Their keyboard keys such as i, f, x are usually worn out than of a, s, and e (email senders).

This is utter elitist nonsense. Kirani should have not gone to 11 with this, because this item is just stupid. And ableist. It also assumes that all “real” 10x engineers do everything in vim or perhaps emacs. Honestly, I can’t tell, because you have to be some kind of real dip to actually believe this level of tripe, and “tripe” gentle reader, is the kindest word I have for it.

4. 10x engineers know every line of the code that has gone into production. If a QA or support folks alert an issue, they know precisely where the fault (or bug) is and can fix the same in hours vs days

Haaaah…no. In fact, once the code base gets to a certain size, this is not the case. They may be faster at it, but that’s not the same thing. Also, Kirani’s 10x engineer has to fix it, because Dog knows, if you try to let anyone access their code, they will have a fit. Especially someone not as smart as them by their standards. 10x engineers, again, tend to be rather spoiled. In Kirani’s world, no one else is capable of fixing a bug, because his 10x engineer is the only one who knows where anything is.

This is a real danger: the reality of the 10x engineer being the only one who knows the code (Kirani actually uses this as a point in their favor later on) because they won’t document. So they can never take a vacation, not that they would, and if they leave, you are screwed, because again, no one else has a clue about the code, it is written for one person’s eyes. I’m also going to bet in Kirani’s world, anyone doing anything not related to engineering or making money is a waste of carbon only suitable for a soylent green vat.

A 10x engineer will kill your company with this kind of thing. They’ll kill it via burnout, via leaving, via not being able to juggle the plates anymore, but following Kirani’s advice will kill your company dead.

(I am also amused that Kirani even allows for bugs given points 6 & 7, which would seem to make bugs impossible by a 10x engineer. Which goes to show you that Kirani literally has no gods-damned clue about his own thesis.)

5. Most of the 10x engineers are full-stack engineers. For them code is code, they don’t care whether it is front-end, back-end, API, database, serverless, etc. I have rarely seen them doing UI work.

We can tell. So can everyone trying to use their code, because it’s a gods-damned awful mess of arcane procedures that only make sense to one person, because there’s only one person who counts. God help the poor bastards who have to try to fit that code into a usable UI, because the 10x programmer won’t.

This also tells you where Kirani’s head is at. No, not up his nethers. Okay, not just up his nethers. Kirani is still living in the glory days of the 90s when a UI was something people too stupid to do real engineering bolted onto code once it was done. I’ve used interfaces like that. They’re awful.

6. 10x engineers can convert “thought” into “code” in their mind and write it in an iterative fashion. Given a product feature, they can write that entire feature in one or two sittings of 4 to 6 hours with a caffeinated drink without distraction.

The problem with this of course is when that feature has to be used or coded by someone who isn’t the 10x coder, because at no point will that thought be written down, and the source code will rarely be written to be readable by anyone else. So basically, what you will have is code that no one can ever touch or modify. 10x coders will slow your company down with this kind of thing, because it is the opposite of teamwork.

It also means that even if you hire another one of Kirani’s 10x manticores, (I refuse to call them unicorns. Unicorns are beautiful. Manticores are just assholes who destroy everything they touch. Rather like Kirani’s 10x engineer), they will be of little to no use to you, because manticores can’t work together. They treat everyone else poorly, especially that manticore over there who thinks they know anything when clearly they don’t. I mean, they use 4 spaces as an indent instead of one. Only a fool does that.

7. 10x engineers rarely look at help documentation of classes or methods. They know it in memory and can recall from memory. They write code at the same ease as writing English. No breaks, no pauce, just type.

Normally, I am forgiving of typos, but this one (“pauce”) is so perfectly illustrative of the problem with “just type it all from memory”. I mean, that’s not even a homophone issue. I guess manticores aren’t that good at English either. As well, the 10x coder will know some of the classes and methods in memory, but all of them? Nope. And the arrogance that makes them think they don’t need to look things up will fundamentally limit them to only being able to use the things they have in memory. This is ultimately limiting as hell, because new features? What are those? New methodologies? Who has time for that, I am birthing code from my thoughts as Zeus did birth Athena herself.

8. 10x engineers are always learning new frameworks, languages ahead of everyone in the company. They are not afraid of anything new. If there is something new (e.g. blockchain) they gobble up, setup, experiment before anyone is getting started.

Wait, I thought you said they had everything already memorized? There is an unavoidable problem with Kirani’s thesis. Points 7 & 8 just happen to illustrate it in sequence. As well, Kirani’s Manticore leads you into the infinite stench of the Bog Of Never-Released-Product because “wait, we have to move everything to this NEW framework…” That’s not to say you never look at anything new, but again, Kirani’s Manticore has no time to actually get something done. Besides, once they memorize this new framework (see number 7), they’ll be able to do the entire conversion in their head, (see number 6) and it will take them almost zero time (number 7 again.)

Begin to see the pattern?

9. 10x engineers are poor mentors as they can’t teach others on what to do OR parcel the work. They always think “It takes too long to teach or discuss with others, I would rather do it myself.” They are also poor interviewers.

They are literally incapable of helping anyone else improve their skills, delegating tasks, managing workloads, or helping anyone but themselves including the rest of the company…HIRE THEM NOW! HIRE THEM ALL! Honestly, if I ran a company, every time one of Kirani’s Manticores applied, I would work day and night to get them hired…

…by my competition. Because man, I’d be a market leader in about a year without even trying hard. Seriously, why would anyone want this kind of person working for them. Let us unpack what Kirani is recommending here. He’s saying you should hire someone who:

  • Can’t communicate what they know in a useful fashion
  • Doesn’t want to communicate what they know in a useful fashion even if they could
  • Will relentlessly micromanage and resist any attempt to remove things from their plate
  • Can’t assist the company in evaluating new hires

Kirani’s Manticore is literally only capable of working by, and for themselves. Well, not the latter. Turns out working for yourself involves a lot of communication and meetings. So really, they’re only capable of working for someone else, but never in a way that requires any form of normal human interaction.

This is an asshole. Kirani’s Manticore is in fact, an asshole.

Two more points, almost done.

10. 10x engineers don’t hack things. They write quality code and know exactly how the code has to evolve, and have a mental model of overall code structure. They write at most one design document, and the rest is in the code.

Undocumented code, (no, the source is not, in and of itself, documentation. That Kirani believes this shows how far up his own nethers his head dwells) is a hack. It is the worst kind of hack, because it lets you fall in to the “if it ain’t broke, don’t fix it” trap. That’s a trap because it leads you into corners you don’t know you’re in until you try to grow the product or the company, and you discover this code that is only readable, fixable, maintainable by one person cannot actually be grown or even updated. But that’s okay, Kirani’s Manticore was going to rewrite the entire thing from scratch anyway. This time, they’ll incorporate your useless new features that don’t really matter, but you’re the boss and the customers want it.

(I am being kind using neutral pronouns. Kirani’s Manticore is always male. I’ve never in my life seen a woman be this much of an asshole. I’m not saying it’s impossible or can’t/hasn’t happened, I’ve just not seen it and new reader, I Am Not New.)

Also, Kirani’s definition of Quality is shall we say…at odds with any useful definition.

11. 10x engineers rarely job hunt or move out of the company. They move out because you make their life miserable with the process, meetings, training, and other non-value-added activities. If you come across them, hold on to them. Celebrate them.

Kirani literally called training a non-value-added activity. Which is directly at odds with item 8. It is also at odds with literally everything useful about keeping good people. Training is one of the key things you can do to retain them. Here is my advice, take it or not: If you find you have accidentally hired Kirani’s Manticore, fire them. Fire them before they drive everyone else out of your company, and/or make you the target of a hostile work environment claim. Because Kirani’s Manticore is an asshole, and nothing, I mean nothing is worth that.

Shekar Kirani is the kind of person who thinks Uber would have been a paradise had they fired all the non-bros who were bringing everyone down.

Oh, minor addendum. If you really want to know where Kirani’s head is at, read this tweet. The pertinent part:

Find the best in each & get the best out of them. That’s what good managers do.

That’s VC for “use them and dump them.” So yeah. Shekar Kirani. Don’t listen to him.


Not all…

So first, watch this, and then the followup video a ways down the stream. First, this dude has issues. I think that’s obvious, he has issues, and he’s not handling them well. Which in the US, is, sadly, unsurprising. As a country we suck at brain health. (note: while mental health is the preferred term, I have some issues with it because it implies mental health is some non-physical thing. It’s not. Mental health is brain health, and I think that if we start thinking about it that way more, we might stop with the idea that you can just “fix” brain health issues by “not feeling sad.”)

Set aside the massive amount of schadenfreude one feels when Angry Mite gets taken down (tip: you never know when the person you dare to attack you knows how to do it properly. That’s a proper takedown and control right there) and listen to this guy. He has clearly had some less-than-happy encounters on dating sites. Now, clearly, this is not just about his height. Even when he’s not raving in a bagel shop, I’m guessing he’s not the easiest person in the world to deal with.

Funny how all the “If you can’t handle me at my worst, you don’t deserve me at my best” memes seem so inappropriate here. Yeah, I hate those.

But I am also not going to dismiss the idea that he has been treated poorly for being short. Because people suck, and say things, even without intending to be mean that are. Lord knows I’ve done it, every one has. Intent only exists in our heads, everyone else is stuck with our words and actions. If said words and actions don’t match the intent, well, one’s intent stops mattering. What’s the saying? Intent is not magic. As well, online encounters can tend towards snark. I mean, there’s entire web sites devoted to “witty” shut downs of people on dating sites. Quite often, those guys deserve it. Quite often, the women deserve it too. People can, and regularly do, suck.

But it is also obvious that this guy is now in a state where as far as he’s concerned, it’s all women. They’re all treating him like crap because he’s short. Every look, every action that can be interpreted as bad towards him is. That’s not something you just wake up doing. He’s probably gotten a lot of that, to the point where he assumes it’s constant, even when it’s not.

This is where “not all…” comes in. Now, there’s basically two ways to use that concept, and they are directly opposed to each other. The first one is the one we see the most, because it’s the public version. “Not all…men/women/christians/cops/muslims/etc.” We see that one a lot, especially women. There’s a common variant: “A few bad apples…” It’s the same thing though: just because some members of a group do a bad thing, that doesn’t mean all members of a group do that bad thing.” Well, that’s both accurate and profoundly ignorant. It ignores the second part of the variant: “…spoil the barrel.”

It does not take 100% of a given member of a group doing bad things to make you sick and tired of that group. Look at the spate of “<blank> while black” videos over the last few years. Now, remember that for every one of those we see, there’s a lot we don’t. It would be a unique occurrence for something like that to be 100% documented. If you’re black, hispanic, a member of the many indigenous tribes in the US, or any person of color in this country, I’m going to go out on a limb, by which I mean I won’t leave my chair, and bet you’ve had something similar to what we see in the videos happen to you. Multiple times.

As a person, it does not take that happening a lot before you develop the (completely understandable) mindset that everyone in that group is just an asshole, or at least it is safer to treat them as assholes until proven otherwise. So when something like “how dare you be black and out where I can see you” happens, or the video of the woman showing just what it’s like to be her walking around the city, happens, and the first, or damned close to it response is some gorp going “Well, not all <whatever>…”, it’s infuriating right? Because it’s dismissive and self-centered. The person saying that does not care about what’s happening, they just want to make sure you know they’re blameless. That’s ultimately what it’s about. Guys saying “not all men” don’t give a fuck about all men. They want to make you acknowledge that it’s not them. Okay Skeezix, you’re awesome, it’s other men. Same thing with “not all white people” or “not all cops”, etc.

The people saying that don’t care about what’s happening, they just want to make sure you know it’s not them.

That’s the first version of “not all…”. It’s the external version, and the really crap one.

But there’s another version, and I think it might have helped this guy. It’s the internal version that focuses on blaming individuals, not groups. For example, in Jr. High and High School, the most consistently worst bullying I got was not from jocks, it was from nerds and women. (Please do not try to argue my life with me. You weren’t there.) The computer/D&D nerds and the popular girls were an endless source of torment for a rather formative part of my life. It’s why even now, I laugh at the idea that nerds/geeks are welcoming and open to all kinds of people. The personal and external data on this shows it to be fiction. People are factional regardless of group. Being an outcast does not remove the ability to turn other people into outcasts.

But, what I learned, helped unintentionally by my dad, (tl;dr, he felt racism et al was a sign you had too much free time, and that blaming all for the actions of one was kind of stupid) was to use “not all…” to remind myself that just because this person or those people are being shitty to me, not everyone in that group is crap. That I need to allow for non-awful behavior and be open to it. To not assume that every one in a given group is awful by default.

This is not easy to do. Some groups, y’all do not make it easy on folks. And when you have crap treatment be so constant that it feels like the norm, you’re going to fail at it. That’s understandable, but I would ask that you keep trying. Because honestly, it can help. It can help you not turn into that guy in the video. Note that I am not saying ignore all slights. Not even…slightly. If someone is awful to you and does nothing to earn forgiveness, there’s nothing wrong with cutting that person out of your life to the extent possible and never dealing with them again, whether it be purely on social media or solely in “real” life, or a mix.

You are not required to martyr yourself to a warped version of forgiveness to be a good person.

But, when someone who is part of a group is a shitty person, or even a lot of someones…remember that there are probably people who are part of that group who have no idea who these other people are, and who may only be a part of that group incidentally or accidentally, and…I’m not saying set aside your experiences, that is unreasonable and possibly dangerous. But allow for someone to not be awful. Be at least a little open to that possibility. That’s the point of the internal “not all…” in the end. To help you not be more miserable than necessary.

(Also, before the pedants arrive: This does not apply to all groups. Someone is a fucking Nazi or in the Klan? Yeah, then it is ALL of them. They ALL suck, and should be treated that way. But really, what’s the point of trying to bring up extremes as the norm? If that’s all you want to do, maybe I’m not the guy you should interact with.)

Everything is on fire

Just in case you’re not reading about the latest security implosion, (does that even mean anything any more? It’s not like it’s rare), Zoom, a GoToMeeting clone decided that “convenience” outweighed all concerns, including any form of common sense, professional ethics and sanity. Here’s the best, most detailed writeup from the guy who discovered it. It’s long, but read it anyway.

By “convenience” I mean, they didn’t want to do the “hard” UI/UX work to make their app actually easy to use. No, instead, they just made it effectively impossible to fully uninstall without some command-line time, and made it so it could stealth reinstall at any time if you clicked on a web link. If the person building the “meeting” decided your camera should be on when you “joined”, your camera was on. Brilliant. How convenient. Totally not creepy or bad at all.

I mean, they actually viewed having to click a button a worse sin than not giving you a choice. But, you could go into the Zoom client and in the settings turn the “your camera automatically comes on when you join a meeting” off. Because that’s what most non-tech people do, instantly traverse (regularly awful to use) app preferences on a newly installed application to set it up. Ow, my eye-rolling muscles just cramped. This is literally the worse sort of “opt-out as default” behavior, but hey, convenience. For Zoom that is.

So yeah, Zoom. Who, without warning, or explanation, installed a hidden webserver on your mac. Not “oops, we forget to tell you”, but actually hidden. (You don’t name the directory “.zoomus” if you aren’t trying to hide it. That’s the only reason to start a file/directory name with a period. Period.) What was the purpose of this webserver? Why to automatically reinstall the Zoom client if you clicked on the right kind of link. Of course, that only worked from a series of trusted domains. And it’s not like Zoom would accidentally almost let one of those domains go up for grabs…

Doing a whois lookup on all of the domains listed in the source code returned some interesting results. For example, the domain was scheduled to expire on May 1st, 2019. Had this domain registration been allowed to lapse, the takeover of this domain would have allowed an attacker to host an infected version of the Zoom installer from this site and infected users who had uninstalled Zoom from their computers. Essentially, this would have made this vulnerability a Remote Code Execution (RCE) vulnerability. I disclosed this bit of information to the Zoom team during my call with the Mozilla security team on April 26th, 2019. Within 5 hours of the end of that call that domain had been registered out to May 1st, 2024.


But it’s really easy to manually fix this. Delete the app, then just run these two terminal commands:

pkill "ZoomOpener"; rm -rf ~/.zoomus; touch ~/.zoomus && chmod 000 ~/.zoomus;
pkill "RingCentralOpener"; rm -rf ~/.ringcentralopener; touch ~/.ringcentralopener && chmod 000 ~/.ringcentralopener;

and bob’s your uncle. For some value of “bob” and “uncle”. The sad thing is, Zoom didn’t even begin to think of the badness of this until they were getting beaten up over it. No, really, here:

Some choice quotes:

There are two matters also brought up in this inquiry that deserve to be addressed.

First, a local denial of service (DOS) vulnerability for Mac devices. In this vulnerability, a hacker could potentially target a Mac user who already has Zoom installed with an endless loop of meeting join requests, effectively causing the targeted machine to lock up. Again, we have no indication that this ever happened. We released a fix for this in May 2019, though we did not force our users to update because it is empirically a low-risk vulnerability.

Second, when Zoom is installed on a Mac device by the user, a limited-functionality web server that can only respond to requests from the local machine is also installed on the device to help launch Zoom meetings. This is a workaround to a change introduced in Safari 12 that requires a user to confirm that they want to start the Zoom client prior to joining every meeting. The local web server enables users to avoid this extra click before joining every meeting. We feel that this is a legitimate solution to a poor user experience problem, enabling our users to have faster, one-click-to-join meetings. We are not alone among video conferencing providers in implementing this solution.

Oh. My. God. They are literally doing the “You can’t fuss at me for kicking a puppy because Billy punched a baby” thing. A software company pulling out little kid logic. Also, given the amount of security thought they put in their product, I don’t think I’m taking their definition of low risk seriously. Also, really, having to click a button is some kind of awful thing? Just how many Zoom meetings are people getting invited to where clicking a “you sure you want to do this” button is some kind of awful punishment?

Let me restate this: they stealth-installed a hidden webserver to circumvent built-in security in the name of “convenience”. The application defaults allow a remote meeting creator to turn your camera and mic on without warning. There are not enough letters in “bullshit” to describe the bullshit of this bullshit. And then, when they released a patch, they didn’t even try to push it out. A younger me would be screaming. Current me is just sighing, because current me sees this all the time.

Another one:

This week, a researcher published an article raising concerns about our video experience. His concern is that if an attacker is able to trick a target Zoom user into clicking a web link to the attacker’s Zoom meeting ID URL, the target user could unknowingly join the attacker’s Zoom meeting. If the user has not configured their Zoom client to disable video upon joining meetings, the attacker may be able to view the user’s video feed. Of note, we have no indication that this has ever happened.

Yeah skeezix, that’s how security researchers work. They tell you things before they get abused. That’s kind of the point. It’s why you should listen to them. (Not that security researchers are paragons of ethical behavior. But that’s a post for another time.)

And this one:

We do not currently have an easy way to help a user delete both the Zoom client and also the Zoom local web server app on Mac that launches our client.  The user needs to manually locate and delete those two apps for now. This was an honest oversight. As such, by this weekend we will introduce a new Uninstaller App for Mac to help the user easily delete both apps.

This was not an honest oversight, because the way to actually make uninstalling the entire app easy would have been to place everything in the application bundle, so when the human deleted the app, poof, all gone. This is not hidden master developer knowledge. It’s pretty common stuff and important for actual ease of use for the person who is using the app. Oh, and doing this means you don’t need an Uninstaller App that you have to install next to your app. Doing it the right way actually saves you work. Wow, imagine that.

This was a deliberate design decision whose point was to make it hard to fully uninstall the app. Don’t front my dude.


We appreciate the hard work of the security researcher in identifying security concerns on our platform. Initially, we did not see the web server or video-on posture as significant risks to our customers and, in fact, felt that these were essential to our seamless join process. But in hearing the outcry from some of our users and the security community in the past 24 hours, we have decided to make the updates to our service. In response to these concerns, here are details surrounding tonight’s planned Zoom patch and our scheduled July release this weekend:

If Zoom seriously did not see the potential problem in the web server, the defaults, or their application file layout scheme, then they are a company with all the security awareness of a brick, the people at Zoom making decisions are stupid to the point of appearing malicious, and you should most emphatically never use their software, because this will not be the last time stupidity at this level happens.

The fact it took a multi-day internet flogging to get them to see the light doesn’t make it any better.


That’s not the main point of this post. (If you are a new reader, I am a verbose kind of person. I wallow in it. You may wish to get used to that.)

The point is, this is why Apple is going crazy about UAC (and why they need to add more to it. Like network port usage.) Because in the Linux “it’s up to you to do everything” world, there’s no way in hell a non-technical user would be able to fix this. They’d not know what to look for, how to look for it and they certainly wouldn’t think to use:

pkill "ZoomOpener"; rm -rf ~/.zoomus; touch ~/.zoomus && chmod 000 ~/.zoomus;
pkill "RingCentralOpener"; rm -rf ~/.ringcentralopener; touch ~/.ringcentralopener && chmod 000 ~/.ringcentralopener;

Which is actually a series of commands ganged together:

pkill "ZoomOpener"
rm -rf ~/.zoomus
touch ~/.zoomus
chmod 000 ~/.zoomus
pkill "RingCentralOpener"
rm -rf ~/.ringcentralopener
touch ~/.ringcentralopener
chmod 000 ~/.ringcentralopener

Honest to god, it’s a good thing Zoom’s devs were kind of incompetent in how they hid their stuff. If they’d really wanted to hide it well, non-technical users would be nuking and paving forever because they’d keep reinstalling the Zoom client and having this happen again. I mean, even half-assing it could cause this, but at least it’s vaguely easy to find it.

The idea that guarding against this kind of crap is all up to the user and things like advanced UAC and SIP and the new read-only system volume coming in Catalina are “bad” or limiting freedom is an idea that is elitist at its core. It says “if you just want to use a computer, bad things will happen to you and it will all be your fault.” Note that computers are the only place we say this. If you told people that they had to know everything about vehicle design to ride a bus or drive a car safely, and if they didn’t, then any defects in the vehicle that harmed them were their fault, not the manufacturer’s, those same techno-libertarians would shit themselves to lighten their weight load so they could get to protesting faster.

Even worse, ponder doing that for aviation. Don’t know the difference between a safe level of speed-tape on an engine and a “don’t get on that plane, you’re gonna die” level? Don’t know what speed-tape is? Sucks to be you.

No one would ever fly again, and they would be correct to never fly again. But when it’s a computer? Oh well, it’s the user’s job to be a sysadmin/senior dev. It’s certainly not anyone else’s job to protect the user from predatory crap like that.

Zoom is not unique here, not even close. I’ve been seeing this kind of crap happen for decades. And the response, when the dev is caught is the same as Zoom’s. I cannot, literally can. not. recall an instance where the dev didn’t try to justify it, to somehow try to blame the people who caught them. To pull the “well, it’s not a real problem” crap. To pull all the dodges that somehow absolve them of any real fault.

Apple may not always implement things the best way the first time around, but they are doing more to make things safe to use by default than literally anyone else. Every time I see someone gripe about their new UAC in a new macOS release, it’s never “there’s a better way.” It is always, always “I find this inconvenient.”

Yeah, well I find having to help family members accept that their stuff has been destroyed because a dev didn’t give a crap and hoping they have a backup to be inconvenient.

The kind of “we don’t want to do things that are inconvenient for us, screw the user” attitude, so extensively on display here for Zoom has to end. There is a limit, eventually, and I think even Apple is getting close to it, on how much the OS vendor can do to protect people from a dev determined to do this kind of shit. At some point, we, the user community, have to be more angry at the devs pulling this crap than at the OS vendor who “allows” it. When an app installs a rootkit, whether or not the OS should have allowed that is a secondary point. The fact the dev decided to take that action is the real offense.

If someone kicks in my door and robs my house, I may be mildly annoyed at the door manufacturer for making a weak door, but the real offender is the person who broke into my house. When devs shove bullshit adware frameworks into their apps, it is they who are the worst offenders, not Google/Microsoft/Apple for not preventing them. It is the asshole’s fault, first and foremost for being an asshole. Zoom, in this instance, is the asshole, and based on what I see coming from them, they don’t really think they screwed up, but they would very much like the flogging to stop.

This kind of shit is what drives the increased UAC you’re going to see more and more of. If that bothers you, then when you hear fellow devs talking about this kind of idiocy, call them out on it. Get them to stop being assholes.

Because again, if it’s a choice between just regular people not having to become sysadmins and devs just to use their computer and your convenience? I’ll set your convenience on fire, and make s’mores.