My horrible experience with Three Ireland

I have not ranted about the ineptitude of companies for a while, but this time I have to go back to it. Most of the people who follow me on Twitter are probably already fully aware of what’s going on, so if you want to skip on reading this, feel free.

When I moved to Ireland in 2013, I evaluated quickly the mobile providers available and decided to become a customer of Three Ireland. I was already a customer of Three back in Italy, and they had the same offer here than they had there, which involved the ability to be “Three like at home”, roaming on foreign Three networks for free, using the same allowance of calls and data that you have on your own country. Since my expectation was to go home more often than I actually did, roaming to Three Italy sounded like a good deal.

Fast forward four years, and I ended up having to give up and moved to a new provider altogether. This all precipitated since Three Ireland took effectively four months to fix up my account so I could actually use it, but let’s take one step at a time.

Back in January this year, my Tesco credit card got used fraudulently. Given I have been using Revolut for most of my later trips to the States, I can narrow down where my card was skimmed as one of three places, but it looks like the MIT Coop store is the most likely culprit. This is a different story, and luckily Tesco Bank managed to catch the activity right away, cancelled my card and issued me a new one. This is something I talked about previously.

The main problem was migrating whatever was still attached to that card onto a different one. I managed to convert most of my automated debits onto my Ulster Bank MasterCard (except Vodafone Italy, that’s a longer story), but then I hit a snag. My Three Ireland account was set up to auto-top-up from my Tesco Bank card €20 every month. This was enough to enable the “All you can eat data” offer, which gave me virtually unlimited data in Ireland, UK, Italy, and a few other countries. Unfortunately when I went to try editing my card, their management webapp (My3) started throwing errors at me.

Or rather, not even throwing errors. Whenever I would go to list my payment cards to remove the now-cancelled card, it would send me back to the service’s homepage. So I called them, and I’ll remind you this is January, to ask if they could look into it, and advised I won’t be able to take call because I was about to leave for the USA.

The problem was clearly not solved when I got back to Ireland, and I called them again, told me I would be contacted back from their tech support and they will give me an update. They called me, of course always at awkward times, and the first thing they asked me was for a screenshot of the error I was shown, except I was shown no error. So they had to go back and forth a couple of times with them, both on the phone and over Twitter (both publicly and over direct messages).

At some point during this exchange they asked me for my password. Now, I use LastPass so the password is not actually sensitive information by itself, but you would expect that they would have built something in place where they can act as one of their customers, for debugging purposes, or at least be able to override the password, and just ask me to change it afterwards. Since the second auto-top-up failed and required me to make a manual payment, I decided to give up, and send them screenshot of both the loading page and the following landing page, and send it to them as requested.

Aside note here: the reason why these auto-top-up are important, is that without these, you get charged for every megabyte you use. And you don’t get any notification that your all-you-can-eat expired, you only get a notification after you spent between €5 and €10 in data, as that’s what law requires. So if the auto-top-up failed, you end up just using your credit. Since I used to spend the credit on Google Play instead (particularly to pay for Google Play Music All Access — my, what a mouthful!), this was not cool.

By end of March, when the third auto-top-up failed, and I ended up wasting €15 for not noticing it. I called them again, and I managed to speak to the only person in this whole ordeal who actually treated me decently. She found the ticket closed because they did not receive my screenshot, so she asked me to send them directly to her address and she attached them to the ticket herself. This reopened the ticket, but turned out not to help.

At this point I’ve also topped up the €130 that were required to request an unlock code for my Sony Xperia XA phone, so I decide to request that in parallel while I fight with trying to be able to configure my payment cards. Since the phone is Sony, the unlock code comes directly from them and Three advises is going to take up to 21 working days. When I send the request, I get an email back telling me the unlock request was not successful, and to contact the customer support. Since I was already bothering them on Twitter, I do so there, and they reassure me that they took care of it and sent the request through.

Also, this time I give up and give them my password, too. Which became even funnier, because as I was dictating it to them I go to “ampersand” and they reply “No that’s impossible, it’s not a valid character for the password!” — as it happens it is indeed not a valid character, now. When I set my password it was valid, but now it is not. I found out after they fixed the problem, because of course by then I wanted to change my password, and LastPass generated another one with the & character.

It took another month for them to finally figure out the problem, and another three or four requests for screenshots, despite them knowing my password. And a couple of times asking me to confirm my email address, despite it already being in the system and all. But at least that part got fixed.

Now remember the unlock code request above? 21 working days in most cases mean around a month. So a month after my unlock code request I call them, and they inform me that the 21 working days would expire the next day, a Friday. The reason is to be found in Easter and bank holidays being present, reducing the number of working days in the month. Fair enough, I still ask them what’s going to happen if the 21 days promise is breached, and the guy on the phone denies it is even possible. Of course the day after I got to chat with them again, and they realize that there was no update whatsoever and there should have been at least one.

They decide to request an urgent unlock, since on the Thursday I would be leaving for China, and they promise me the unlock code would be there by Monday. Goes without saying it didn’t work. When I called on Monday they told me that only Sony can provide the unlock, and since it was a long weekend they were not going to answer until at least the day after (May 1st was bank holiday, too). At this point I was pissed and asked to speak with a manager.

Unfortunately the person at the phone was not actually human, but rather was replaced by one of those call center scripts kind of drone and not only kept telling me that they had nothing personal against me, which I did not care if they did, to be honest, but refused to redirect me to a manager when I pointed out that this was ludicrous after fighting four months to get the other problem solved. They kept saying that since the ticket is closed, there was nothing they could talk to me about. They also insisted that since the unlock code hasn’t arrived they couldn’t even offer me a trade-in with an unlocked phone, as that is only available if the unlock code fails to work.

I ended up having to buy myself a new phone, because I could not risk going to China with a locked phone again. Which turned out to be an interesting experience as it looks like in Ireland, the only places to buy unlocked phones are either corner shops selling Chinese phones, or Argos. I ended up buying an Xperia X from Argos, and I’m very happy of the result, although I did not intend to spend that money. But that’s a story for another day, too. Of course the unlock code arrived the day after I bought my new phone, or should I say the day after I gave up on Three Ireland, and moved to Tesco Mobile.

Because at that point, the drone got me so angry that I decided to just spend all of my credit (minus €20 because I hit the usage limit) buying movies and books on Google Play, and when I picked up the phone on Tuesday, I also picked up a SIM for Tesco Mobile. I found out that MNP in Ireland takes less than an hour and just involves a couple of confirmation codes, rather than having to speak with people and fill in forms. And I’m indeed happy on Tesco Mobile right now.

Why am I so riled up? Because I think Three Ireland lost a big opportunity to keep a customer, the moment when I expressed my dissatisfaction with the service and with the lack of unlock code. They could have offered me a trade-in of the current phone. They could have given me the credit I spent because of their issue back. They could have even offered me a new, any new phone, locked to their network, to make it harder for me to leave them. Instead they went the road of saying that since the problem has been solved at all, there was never any problem.

I found this particularly stupid particularly compared to the way Virgin Media and Sky Ireland seem to have it down to practice: when I called Sky to ask them if they had any better offer than Virgin, back when I used TV service, they told me they couldn’t do better broadband, but they would offer me a lower price on the TV package so that I could unbundle it from Virgin. When I called Virgin to remove the TV package (because at the time they were going to increase the monthly fee), they offered to lower their price for a year to make it still more convenient for me.

i-Sim: a quirky way to get Internet in Asia

I started writing this while sitting on a very comfortable bed in a fancy hotel in Hong Kong. I spent the weekend in the SAR in the middle of a business trip to Shanghai, thanks to the multi-enty visa I managed to be given this time.

Whith a not quite relaxing trip to Pudong Airport in Shanghai (all my fault!), and the flight being delayed for well over an hour due to traffic control (weather forced a number of other flights late, even though by the time it was our turn, the weather was vastly fine), I got to the airport in a bit of a short temper (even by my own standards). The hotel was supposed to have a mobile wi-fi for me, but as I arrived almost at midnight, and the train requiring me to change stations, and not sure how long it would run, I was ready to spend more money for a Uber. That meant getting an Internet connection before getting to the hotel.

I’m usually okay with using portable hotspots (like the one I’m reverse engineering) but the problem here is that you have to rent one, and that means binging it back before flying out, which is a hassle. Of all the booth around me when I got in the arrivals’ hall, only one advertised SIM cards, so I headed towards that. After a good ten minutes waiting with the clerk explaining a guy how the thing worked, I gave up and proceeded to one of the desks that rented hotspots, but the card payment happens online, and it ended up blocked on Verified by VISA – and while I could have looked up the VBV password on LastPass, it seemed too sketchy. So I headed back to the SIM booth, as they had no customers.

What it turned out to be, is a bit quirky: they sold i-Sim data cards. The quirk is that while you buy a SIM and a 7- or 30-days plan, and you get 200 MB of data. Except, you actually have nearly unlimited data during the period, just as long as you click on some ads in their app.

It sounds like a bit of a scam, doesn’t it? It definitely reminded me of the Pay to surf stuff that was going on back in the ‘90s, and that, I’ll admit, at the time got me too. But it turned out to be working quite fine in Hong Kong, for me. Let me describe the experience.

The feature that made me more interested than wary about this, despite the bell I kept hearing, was that the service is available in Singapore, in addition to Hong Kong, Macau, Taiwan and Korea. This was relevant because after my trip to Shanghai, I headed to Singapore for SREcon Asia & Australia, and I was already planning to get a SIM there too, after all I am an Ingress player.

Since it’s just two days here, and then a few more the week after the next in Singapore, a single 7-days subscription wouldn’t have helped much, so I originally intended to get the 30-days one. The price was reasonable, HK$129 for the 30-days, particularly when you consider that the mobile hotspot rent would be HK$50/day with a minimum of four days. As it happens, the clerk was as tired as me, and by mistake activated a single 7-day pass on the SIM, which was supposed to be HK$59 (down from HK$69 regular price). When he realised the mistake, he offered to make it up for me by giving me the pre-order price (HK$49), and sell me two SIMs, the second one not activated yet, but with an already attached 7-day plan, which turned ended up being quite the deal for me. For those wondering, it’s just a bit less of €12.

For the i-Sim to be enabled, you have to activate it with their app. I checked the app permission both when I installed and when it requested extra, and it seems to be sane. It does ask for phone identity, but works fine without. It asks for camera permissions if you want to scan the barcode rather than typing the long SIM identifier by hand (particularly useful if you don’t know the manufacturer code by heart like the clerk did, except the gray barcode is effectively unreadable by the phone’s camera so I ended up having to type it anyway.

In the app, beside having a way to check how much data you used, there are a number of hexagons for different “areas” of advertisement. F&B (food and beverage) is the one the clerk recommended with the most ads, but I checked the others out and I even found an ads for the Intercontinental Hotel. Each time you select one of the ads with the i-Sim green logo in the bottom corner (not all of them do), a countdown indicator appears on the top-right. Only close the advertisement once it completes, and i-Sim will give you another 10 or 20MB credit (appears to depend on advertiser). It behaves like so many mobile games nowadays, where you can get more in-game currencies if you watch ads to completion.

As far as I can tell, the ads are not specific to the location you run them in, but they appear to be always Hong Kong’s. They also appear to have improved them during my week in China, as they went from being simply static images my first time, to being webviews pointing to the OpenRice or Facebook pages of the place, at least for most restaurants. I think this may be a bit buggy as now the counter appears and completes before the webview even finishes to load in some cases, so I assume they’ll have to find a combined option at some point.

On the technical side, the SIM uses the network of Three HK, which is ironic given my recent spat with Three Ireland, but it also means it appears to cover the tiny country very well. It does have its own APN settings though. The clerk insisted on setting them up himself, similarly to how the one in Shanghai did, although this time I managed to watch him doing so. He also explained to me how to set them again if I need for the new card, although I kept telling him I knew that. In Singapore it uses StarHub, and also seems to have good coverage around the city.

As a reference, the service will activate on a new card only once the card registers on the network. Which means you can’t start “topping up” the data until you actually land where the card will work, which is what I was hoping on doing while in China, heading to Singapore. Despite that the procedure was quite simple: switch the card number from the app, confirm you want to deactivate the old card, then once on the flight switch the SIM cards around, reset the APN to the NTT one, and that’s it. It’ll take a while to register on the network the first time, but for me it registered fine just after immigration clearance and before picking up the luggage.

Both the app, and the card, appear to have worked fine for me. I have used to “top up” over a GB of data, even though I clearly didn’t need that much, and it used less than 50MB itself. Given you can also use it over WiFi, it makes it fairly convenient. The ads I’ve seen are all in Chinese, which means they vastly fly over my head, and I only see the drawings, although there is the occasional image that includes English text to invite you to try some restaurant or other. There appears to have been a promotion with IHG as well, although it got me to an error page when I clicked on it, too bad.

So how does this fare, money for service? I’m happy with it as it is. I’m not sure if the prices of connectivity in Hong Kong or Singapore make this more expensive, but €6 for a week of nearly limitless connectivity is more than reasonable in my experience. The fact that you can actually not bother topping up the 200MB until you actually need to, means the ads are not even in your way.

Do they track you? Maybe, but how I wouldn’t know. Yes I had to sign up for an account, but they don’t appear to ask you for much information. And even if they were to do traffic profiling, they would see very little as obviously all (or nearly all) my connections are encrypted already (Chrome’s Data Saver takes care of the random HTTP link that still go around).

The only thing that makes me sad is that while they say the SIM is reusable, it only is reusable for the 90 days after you activated your last plan. I don’t think I’ll be back to Asia within three months, because among other things I’m mostly booked solid for that time frame, which makes moot this particular point. I got lucky to have gone to HK before Singapore, and I may be able to hand one of the two SIMs to one of my colleagues, if they allow me to hand the SIM to a different account.

I wonder if they are profitable, and if they’ll stay in business or not. For this trip, it looks like it was a good deal for me.

It’s 2014, why are domains so hard?

Last year I’ve moved to Ireland and as of last December, I closed the VAT ID that made me a self-employed consultant. The reason why it took me a while to close the ID was that I still had a few contracts going on, which I needed to have expire before. One of the side effect of closing the ID is also that I had/have to deal with all the accounts where said ID was used, including the OVH account where almost all of my domains, and one of my servers, were registered — notably, xine-project.org has been registered forever at a different provider, Register4less of UserFriendly fame.

For most accounts, removing a VAT ID is easy: you update your billing information and tell them that you no longer have a VAT ID. In some rare cases, you have to forgo the account, so you just change the email address to a different one, and register a new account. In the case of OVH, things are more interesting. Especially so if you want to actually be honest.

In this case, I wanted to move my domains out of my account, in Italy, with a VAT ID, to an account in Ireland, without said ID — one of the reasons is that the address used for registration is visible in most whois output, and while I don’t care for my address being public, the address is now my mother’s only, and it bothered me having it visible there. That was a mistake (from one point of view, and a godsend from another).

First problem is that you cannot change either your account or your VAT ID status out of an OVH account, which meant I needed to transfer the domains and server to a different account. There was (and possibly is, I don’t want to go look for it) some documentation on how to transfer resources across contacts (i.e. OVH accounts), but when I tried to follow it, the website gave me just a big “Error” page, unfortunately “Error” was the whole content of the page.

Contacted for help, OVH Italia suggested using their MoM management software to handle the transition. I tried, and the results have been just as bad, but at least it did error out with an explanation, about trying to cross countries with the transfer. I then contacted OVH Ireland as well as OVH Italia, with the former, after a long discussion where they suggested me to do … exactly what I did, “assured me” that the procedure works correctly — only for OVH Italia apologizing a couple of days later that indeed a month earlier they changed the procedures because of some contractual differences between countries. They suggested using the “external transfer” – going through your standard transfer procedure for domains – but it turns out their system fails when you try that, as the domain is already in their database, so they suggest using the “internal transfer” instead (which as I said does not work).

Since a couple of my domains were going to expire soon, this past weekend I decided to start moving them out of OVH, given that the two branches couldn’t decide how to handle my case. The result is that I started loading the domains onto Gandi — among the reasons, the VideoLan people and one of my colleague know them pretty well and suggested them warmly. This proved trickier, but it also provide one thing: not all French companies are equal!

I started by moving my .eu, .es and .info domains (I own among others automake.info, which redirects to my Autotools Mythbuster — the reason is that if you type the name of the info manuals on G+, it actually brings you there! I was actually planning to make them actually point to a copy of the respective info manuals, but I’ve not studied the GFDL enough yet to know whether I can). While the .info domains are still in limbo right now, as OVH has a five-days timeout before you transfer out, and the .es domains were transferred almost immediately (the Spanish NIC is extremely efficient in that regard, they basically just send you an email to confirm you want to change the registry, and if you accept, that’s it!), the .eu were a bit of a pain.

Turns out that EURid wants a full address to assign the domain to, including a post code; unfortunately Ireland has no post code, yet and even the usual ways to represent my area of Dublin (4, 0004, D4, etc) failed; even the “classical” 123456 that is used by many Irish failed. After complaining on Twitter, a very dedicated Gandi employee, Emerick, checked it out and found that the valid value, according to EURid (but not to Gandi’s own frontend app, ironically) is “Dublin 4”. He fixed that for me on their backend, and the .eu registration went through; this blog is now proudly served by Gandi and that makes it completely IPv6 compatible.

But the trial was not completed yet. One of the reasons why I wanted to move to Gandi now, was that Register4Less was requiring me sort-of-transfer the domain from Tucows (where they resold it before) to their new dedicated registry, to keep the privacy options on. The reason for that being that Tucows started charging more, and they would have had to charge me the extra if I wanted to keep it. On the other hand, they offered to transfer it, extend the expiration another year and keep the privacy option on. I did not like the option because I just had renewed the domain the past November for a bunch of years, so I did not want to extend it even further already — and if I had to, I would at that point try to reduce the number of services I need to keep my eyes on. Besides, unlike Register4Less and OVH, Gandi supports auto-renewal of domains, which is a good thing.

Unfortunately, for ICANN or whoever else manages the .org decided that “Dublin 4” is not a valid postal code, so I had to drop it again off the account, to be able to transfer xine-project.org. Fun, isn’t it? Interestingly both the .org and .it administrators handle the lack of a post code properly — the former as N/A and the latter as the direct translation N.D.. Gandi has been warned, they will probably handle it sometime soon. In the mean time it seems like the .eu domains are not available to Irish residents, as long as they don’t want to fake an address somewhere else.

And the cherries on top, now that I’m migrating everything to Gandi? Their frontend webapp is much better at handling multiple identically-configured domains, to begin with. And as they shown already their support is terrific especially when compared to the mirror-climbing of their other French competitors. But most importantly, have you read a couple of weeks ago, the story of @N? How an attacker got a hold of GoDaddy and caused trouble for the owner of the @N twitter account? Well, turns out that Gandi people are much more security conscious than GoDaddy (okay that was easy) and not only they provide an option to disable the “reset password by email” option, but also provide 2FA through HOTP, which means it’s compatible with Google Authenticator (as well as a bunch of other software).

End of story? I’m perfectly happy to finally having a good provider for my domains, one that is safe and secure and that I can trust. And I owe Emerick a drink next time I stop by Paris! Thanks Gandi, thanks Emerick!

I’ll be at FOSDEM

This is just a short post to let my followers know that I’ll be at FOSDEM next month. I’ve booked the flight back in September and I booked the hotel yesterday, so it’s all set. I just hope not to get lost through Bruxelles.

The only reason why I’m posting this is, actually, that I need some suggestion from somebody who knows Belgium: both my phone operators lack dedicated roaming up there, so I’ll probably end up with an hefty bill waiting for me back home. Given in Italy you really can’t get a local pre-paid SIM to user your phone if you’re a tourist, I’m not sure if the same holds true in Belgium. And most importantly, whether I could re-use such a SIM over the years (as I plan on coming to FOSDEM with regularity, if I survive the trip alone this time).

At any rate, if you want to discuss anything in person, I’ll be the guy with the strange hat and the purse satchel (geek points for getting the reference), hanging around with the Gentoo or libav folks.

Avoiding captive redirects on Libero/Wind/Infostrada

New chapter of my router project if you don’t care to follow it you probably don’t want to read this at all.

Libero – or Infostrada, Wind, how the heck do you want to call it today – is my provider. Like other providers in Italy, who have probably noticed their users using OpenDNS instead of the standard DNS they provide, they started providing “captive redirects” on failed urls: when you mistype an URL or you try to access an hostname that does not exist, they redirect to their own servers, using their own “search engine” (nowadays just a Google frontend!).

This breaks quite a few assumption, included the fact that the .local domains won’t resolve in the standard DNS servers, which in turn makes nss-mdns almost unusable.

Up to a couple of months ago, Libero only provided this service in the primary nameserver, and if you switched around primary and secondary servers, you sidestepped the issue (that was the actual advertised procedure by the Libero staff, on the public page that was linked from within the search results). Unfortunately this had other side effects, for instance the time needed for the update of records more than doubled, which was quite boring with dynamic DNS and with newly-created domains.

Luckily, pdnsd supports blocking particular IP returned by the results to avoid the fake records created for captive redirects, and the example configuration file itself provides an example for using that with OpenDNS to avoid falling into their redirected Google host (quite evil of them in my opinion). And in particular, at the time, there was only one host used for captive redirect, so the rule was quite simple.

Fast forwards to today, the rule have changed; first of all it seems like Libero now uses redirects on both servers (or the secondary fails so often that it always responds from the primary), and most importantly they increased the number of IPs the redirects respond from. After counting four different IPs I decided to go with something more drastic, and ended up blacklisting the whole /24 network that they belong to (which is assigned, in RIPE, to Tiscali France… which is quite strange). I’m not sure if I ended up blacklisting more than I should have; for now it blacklists just enough for me to keep on browsing the net without adverse effects that I can see, and it also no longer stop me from enjoying .local domains… and Firefox auto-search with Google when the hostname does not exist.

For those interested, the configuration section is this one:

server {
 label= “libero”;
 ip = 193.70.152.15, 193.70.152.25;
 proxy_only=on;
 timeout=4;
 reject = 195.210.87.131/32, 62.210.183.0/24;
}

The first IP (a single host) is the one that was used earlier, I keep it on the blacklist just to be on the safe side.

New phone – looking for a new provider

So, today I received my new phone, a shiny (well, not shiny because it’s opaque) Motorola V1075. I love it, good form factor, big but not too big, and I hear well during phone calls.

Now the problem is to choose a provider. I originally thought of using Vodafone, as that’s what most of my friends use, but I got a bad surprise when I looked up for a tariff plan: all the old ones, that were created with the name Omnitel, before Vodafone acquired it from Olivetti group, are still in place (and are the ones used by my friends), but cannot be activated; all the new ones have all the calls, to any provider, at the same price (like I have now on the Wind number).. but to one time and a half the price I have now! The only good things are the promotions, but they are temporised, and I should still pay a monthly quota even if I don’t use them.. yes, maybe I would pay less on some things, like SMS to Vodafone users, but whenever I actually do a phone call, I would spend all my savings.

I’ve asked my sister to procure me a SIM for my current provider, Wind, that although having limited services, it’s quite good with respect to tariffs it seems. My current plan is €.10/minute to every national provider (with €.10 at the answer), and €.10 for SMSs to any provider, national and international (tried that already, and it’s true). The bad side is that the coverage on this area is pretty bad on its own, and there’s no UMTS signal here.

The other alternative it 3, that covers this area with 3G signal, and has a similar tariff, but I’m not sure about this either. I got reports of bad practises from them in the past, and that causes my doubts.