Behind the Screens: My Experience at Diamond IT

Behind the Screens: My Experience at Diamond IT

No Comments

TL; DR: Navigating Challenges at Diamond IT: A Call for Change

Starting my Project Engineer (Sr. Professional Services Engineer) job at Diamond IT (Bakersfield, CA) was fraught with issues, from needing login credentials for my workstation to dealing with outdated and malfunctioning equipment. My optimism for a structured training phase quickly faded as I encountered disorganized sessions and a lack of support, which left me feeling isolated and undervalued. Despite identifying a significant client opportunity early on, my efforts were ignored, mirroring the company’s broader issues with communication and follow-through.

The promised cultural and operational transformation at Diamond IT never materialized, leaving me to navigate a workplace dominated by a small-world mindset, where mid-level leaders, entrenched in their ways, sold dreams but failed to deliver tangible results. My tenure ended abruptly without feedback or discussion, reflecting the company’s deeper problems with transparency and engagement. This blog post reflects on my time at Diamond IT, highlighting the need for genuine commitment to employee support, effective communication, and alignment between stated values and actions.

Simon Sinek: “A team is not a group of people who work together. A team is a group of people who trust each other.”

A Rocky Start

My introduction to Diamond IT was anything but smooth. Imagine the anticipation of starting a new role, only to be met with a critical oversight: Not only did my hiring manager make virtually zero contact in the weeks leading up to my start to talk about their plan, but my workstation arrived on the Saturday afternoon before my Monday start date without login credentials or any setup instructions. This wasn’t just an inconvenience but a red flag waving in the welcome breeze. Despite my proactive approach—sending urgent messages to alert my handlers (4x People) of the predicament—these responses for help echoed unanswered.

The situation escalated to the point where I had to resort to an emergency escalation in the early morning hours of my start. This experience relates to the ideas I discussed in “The Call-First Conundrum: Rethinking Tech Support Efficiency,” where I advocated for empowering users with self-help resources and proactive support. My experience highlighted the need for streamlined processes and quick assistance to ensure a smooth onboarding and productive work environment, especially if you offer onboarding as a service to your clients.

Less than a week later, my machine began freezing and crashing repeatedly. Realizing they had sent me a device running EOL (End-of-Life) Win 10, I had to spend most of a day wiping, reinstalling, and bringing myself back online with Win 11. From there, this used computer with evident physical damage to the upper-right-hand side of the screen just kept creating more problems with USB docks and other peripherals, often leaving me troubleshooting loud popping noises coming out of my speakers, hinting at potential motherboard failure without quite reaching that point.

Ironically, I had worked at the manufacturer for over a decade, making this experience the epitome of irony as it blocked my work and forced me to deal with secondhand equipment issues. These incidents were my first encounters with the company’s systemic communication and resource allocation issues, setting a tone of frustration and concern right from the start. Nobody seemed to pay attention to detail, and they needed to be more thoughtful regarding how my experience as a remote worker was unfolding.

W. Edwards Deming: “It is not enough to do your best; you must know what to do and then do your best.”

Quiet Before the Storm: The Whale Referral

Shortly after joining Diamond IT, I introduced an opportunity that could have significantly altered the company’s trajectory. This was a warm lead I had nurtured even before my tenure began. A large Private Equity firm overseeing a slew of lucrative companies had built trust with me and proposed expanding into their portfolio with another 130+-seat client engagement—a ‘Whale‘ in the truest sense.

My prior engagements had paved a solid path, including discussion of per-employee pricing with this potential client’s CEO and CFO, setting the stage for what should have been a fruitful collaboration under Diamond IT’s banner. This lead was handed over within my first week, a testament to my dedication and a potential early win for the company.

However, my anticipation for a swift and enthusiastic response from Diamond IT’s senior leadership faded as time passed. My emails and follow-ups seemed to vanish into a void, leaving the ‘Whale‘ referral adrift. The silence was perplexing, particularly given the magnitude of the opportunity at our doorstep—a lucrative opportunity that validated my capabilities and potential contribution to Diamond IT.

The situation grew increasingly ironic when, after months of unyielded attempts to get this referral off the ground, the marketing team approached me with a proposal for a new referral program. The irony was biting; there was an initiative to garner new business pitched to me while my significant, ready-to-convert referral languished unattended.

As I mentioned in my “Internal Battles” blog post, this experience echoed the reluctant hero syndrome I had encountered, but this time from a seemingly non-existent Sales team. That challenge was marked by minimal assistance and last-minute heroics, often overshadowing proactive collaboration.

The company’s failure to follow up on this lead also, in my opinion, demonstrates a disconnect between their stated client-centric approach and their actual actions, which I touched upon in “Beyond Assumptions: Sailing Toward Customer-Centricity.” As I mentioned in that blog post, true success lies in understanding and prioritizing customer needs rather than making assumptions or letting opportunities slip away.

My efforts to bring a game-changing client into the fold were not only overlooked but were bizarrely juxtaposed against a backdrop of inaction and missed opportunities. In my mind, a genuinely customer-obsessed company could never let this happen!

It was difficult having to delay a lucrative client for months while waiting for a response from Diamond IT. I’ve invested years into building relationships and securing referrals like this, so it’s frustrating to realize that I could have pursued it on my own and brought in significant revenues instead of embarrassing myself in a gut-wrenching waste of an opportunity.

Peter Senge: “Learning is not compulsory… neither is survival.”

Mirage of Mastery: The Training Paradox

The optimism I had for a structured and enlightening training phase quickly dissipated. What started as a seemingly robust plan on paper became a series of mismanaged encounters and missed opportunities. My first interaction with the company’s so-called ‘Wizard,’ the gatekeeper of many of Diamond IT’s critical systems, indicated the chaos to come.

Not only were they completely unaware of our multi-day, multi-topic, multi-hour 1:1 scheduled training, per their own onboarding process, but the response—’What do you need?‘—left me questioning the coherence of the training strategy. Even if, for some reason, the meeting wasn’t appropriately scheduled, my expectation was that as a critical knowledge resource within the company, they would be aware of a new employee’s presence and their own role in their own training process.

My one training meeting concluded without clarity on simple topics, like preferred communication methods or how to handle escalations; no matrix or guidance was provided on who to contact for specific issues. My attempts to connect with the Wizard through Teams were redirected to email, only to be told later—usually after a day—that email wasn’t their preferred contact method, suggesting I submit a ticket instead, and so on. This cycle of communication misdirection only emphasized the distance between us.

When we spoke, the reluctant tone and look in their eyes revealed uncertainty, fear, and discomfort, marking me as an outsider from the start. This initial interaction foreshadowed my subsequent experiences. Despite their apparent engagement with others in the company, their interactions with me felt like an attempt to erect barriers, albeit without explicitly stating so.

As the days unfolded, it became increasingly clear that a genuine interest in my development was missing. This lack of preparation and engagement wasn’t just an oversight; it reflected a more profound, systemic issue with Diamond IT’s approach to my development. This indifference could be rooted in several factors: perhaps some of my collaborators disagreed with my hiring, preferred another candidate, or harbored discomfort towards the new ‘transformational‘ hires changing the status quo.

Whatever the underlying reason, the burden of this problem was unceremoniously shifted onto me, embodying an apparent disregard for their responsibilities and a potential underlying disdain not just towards my handlers but towards me as part of this new wave of change.

The excitement I initially felt for their weekly Friday training sessions quickly waned. I was bombarded with messages urging me to disconnect from assisting clients with their urgent issues to join these sessions, challenging my judgment. This insistence, especially under the banner of being “client-obsessed,” struck me as odd.

Despite being swamped with projects, the expectation to notify and obtain approval from three Managers if I couldn’t attend seemed more suited to a school setting than a professional environment. It was as if they were accustomed to managing a team of insubordinates needing constant supervision rather than professionals.

Working with these ‘Teachers‘ became less about learning and more about asserting control. The facilitators, with a clear preference for rank-and-file discipline, often reduced my role to that of a token participant, occasionally tossing me trivial questions to create the illusion of my involvement. This approach, steeped in a desire to maintain a rigid hierarchy, made genuine collaboration or contribution impossible.

Evidently, my presence unsettled them, challenging their identity as the undisputed authorities within the room. Rather than harnessing the diversity of experiences I brought to the table, they sought to reinforce their dominance, converting what should have been an opportunity for collective growth into a display of ego-driven power plays. This dynamic stifled the potential for meaningful exchange and showed a profound misunderstanding of leadership and mentorship.

The situation was more than just a source of frustration; it directly impacted my productivity. I was ready and willing to learn and adapt. Yet, I found myself without the necessary support or resources—a surprising and disappointing reality, especially given the company’s public image and promises.

The whole experience made me think of natural diamonds—not for their sparkle but as a reminder that even the most esteemed entities can have flaws. It’s a poignant metaphor for the company: outwardly brilliant, yet upon closer inspection, seemingly lacking in the very facets that genuinely matter.

Albert Einstein: “The only thing that interferes with my learning is my education.”

Lost Signals: The Communication Gap

Effective communication and training are the lifeblood of any successful organization, yet both seemed to need more supply at Diamond IT.  My requests for guidance on critical issues impacting my projects were often met with silence or lots of “Yeah, I’ve seen that before, “after the fact that never prepared me for these well-known major client-impacting blockers and obstacles.

When I was lucky, the responses were only delayed, and other times, I’d never receive one, left on read in Teams, leaving me to navigate complex client issues with Diamond’s recommended solutions, all without proper guidance.

Each attempt to get help from the experts while doing my job introduced new obstacles—unanswered emails, ignored requests for clarification, and a pervasive sense of being an outsider trying to decipher why I always seemed to be chasing down the tribe members.

The irony of the situation was not lost on me: a company that prided itself on its tech prowess and client service failed to apply the same principles to its internal operations, at least from where I was sitting.

The “Groundwork for Greatness: The Knowledge Path” blog post highlighted the importance of comprehensive documentation and knowledge sharing. However, based on what I saw in the documentation system, these practices needed to be more present within the company.

The training process relied on a “learn by doing it wrong first approach (in client environments) that left me feeling unsupported, harassed by proxy, and shifted in opposing directions as I received conflicting advice. But, most of all, and to the temporary detriment of my mental state, I felt entirely ill-equipped to serve clients effectively, especially given my sky-high billing rate.

At the same time, the disasters borne out of previous neglect that I was uncovering in client environments on nearly every project were largely being flat-out ignored by everyone I tried to contact about them; aside from the occasional reply, there was little or no substantive follow-up. These were severe problems in some cases, like unstable Active Directory domain controllers, failed activations, and crashing servers.

As I discussed in “The Call-First Conundrum: Rethinking Tech Support Efficiency,” empowering employees with the right tools and resources is crucial for delivering exceptional customer service, but Diamond IT seemed to fall short in this regard when it came to supporting my success.

The lack of effective communication channels and lack of comprehensive training at Diamond IT mirror the struggles I highlighted in “Internal Battles: Unsung Heroes of Customer Support.” Just as I emphasized the importance of empowering support teams with the right tools and resources in that blog post, my experience underscores the need for robust training programs and open communication to ensure employees can deliver exceptional service.

George Bernard Shaw: “The single biggest problem in communication is the illusion that it has taken place.”

Visionary Clashes: The Cultural Rift

Amidst the challenges I faced, I’d always held onto what I believed would be a future turning point: The hiring manager’s entire “sell” of the company to me was based on the fact that they were championing a “radical transformation” within Diamond IT aimed at propelling the company to new heights based on their past successes in other roles.

However, as months passed, it became increasingly clear that the promised overhaul had yet to materialize meaningfully. Key performance indicators (KPIs), employee reviews, technology standards, process guides, quality initiatives, and even the most basic enhancements in quoting and delivery—hallmarks of successful MSP leadership—remained notably absent, and this leader had been “transforming” now for over ~9 months before I arrived!

My interactions with them left me questioning whether their previous successes resulted from their direct influence or simply the fortune of stepping into roles within thriving environments. This skepticism was further reinforced by my experience with my outside consultant Manager, who, despite claiming to “work with numerous MSPs” in nearly every conversation, never seemed to have any anecdotes or ideas on improving our processes.

The lack of engagement with our tangible progress and innovation during my interactions only compounded my doubts. This experience reminded me of the “Wizard of Oz” syndrome I had written about, where the illusion of competence often overshadows the reality of organizational dysfunction.

The company’s culture, touted as “Client Obsessed” and “We’re all in this together,” seemed to falter in practice when addressing my needs. Requests for help often went unanswered, and conversations would abruptly stop without reason, drowned out by the constant stream of memes and random humor in the company chat; meanwhile, I was drowning in work, desperately seeking assistance from a tribe that, from the very beginning, largely ignored my contributions and creations.

This disconnect between the stated values and the actual behavior mirrored the tribal mentalities I had discussed in “Crafting Culture: The Balance of Ego, Bias, Beliefs,” where the pursuit of likability and social acceptance can hinder genuine collaboration and client focus. The gap between a company’s espoused values and the reality of its work environment highlights the impact of leadership’s actions and the importance of aligning words with deeds.

Without a solid foundation of aligned values, authentic collaboration, and a genuine commitment to growth, the dissonance between words and actions becomes increasingly apparent, ultimately undermining the progress and success the company seeks to achieve.

Sure, there’s an undeniable thrill in attracting and recruiting A-players, convincing them to join a company with the promise of a transformative culture and environment. However, delivering on those promises is a formidable challenge for even the most skilled dream salesmen, especially when confronted with the conscious reality of day-to-day operations.

As I pointed out in my blog post, a culture prioritizing likability over competence and failing to foster genuine collaboration can hinder growth and success. In the case of Diamond IT, this tribal mentality has created an echo chamber of neurodivergent leaders and heroes who leave little wisdom behind, effectively severing the company’s capacity to grow and adapt.

For leadership, joining the tribe represents a form of surrender, a concession of “I can’t transform you, so I’ll become one of you,” acknowledging that immaturity is the actual barrier to growth. Still, as you can imagine, when they are a part of the problem, that dynamic goes right over their heads.

Peter Drucker: “Culture eats strategy for breakfast.”

Navigating the Maze of Indifference

My attempts to bridge operational gaps also met with indifference. I’d recently delivered concise summaries of the issues to my manager, asking them to please take action or at least acknowledge them. The response—or absence thereof—was revealing. They asked, ‘What do you want me to do with this?’ The question clearly highlighted a lack of initiative and an overtly casual approach to problem-solving.

Despite their busy schedules, their claimed expertise in working with MSPs seemed to translate into nothing more than a series of rushed calls with little substantive follow-through. While busy on the surface, this pattern of activity needed to have a meaningful impact on our challenges, revealing a disconnect between purported expertise and actual effectiveness.

This disconnect wasn’t just a barrier to my personal growth; it was emblematic of a broader cultural malaise. The absence of a solid foundation of documentation and standards, the reluctance to engage in meaningful mentorship, and the overarching resistance to change were not merely hurdles to overcome. They indicated a company in stasis, seemingly content to repeat past mistakes rather than learn from them and evolve.

As I navigated this friction of inefficiency and neglect, I couldn’t help but reflect on the opportunity cost—to myself, the team, and the clients we served. The ‘Wheel of Friction‘ and ‘The Cycle of Disconnect,’ as I came to refer to them openly, were not just a metaphor but my current reality that I wrote about to try and distill our problems into something easy to understand and not entirely negative.

Here’s what I sent over:

‘The Wheel of Friction’:

“Starting behind, we rush to clear our backlog, but without documentation or standards, progress is slow, increasing friction for newcomers. They face many unexpected issues, which, although known internally, are undocumented. This cycle of encountering known problems and deferring documentation puts us continually behind, creating a ‘Wheel of Friction’ that hampers acceleration and learning.”

‘The Cycle of Disconnect’:

“This cycle of repetitive problem-solving without capturing learned solutions ensures that newcomers and even seasoned team members encounter old issues as if they were new, slowing progress and perpetuating inefficiency. We blindly navigate our projects by failing to document solutions and operating without clear standards. This approach, akin to walking in the dark, prevents us from foreseeing and avoiding recurrent obstacles, ensuring we remain perpetually behind. Our attempts to move forward are hampered by our reluctance to illuminate the path by acknowledging and documenting our current reality, including the state of our systems and the details of our execution strategies. This cycle of undocumentation, vague guidance, and reliance on top-of-mind execution undermine our efficiency and capacity to learn, adapt, and ultimately, succeed.”

In documenting these challenges, my goal was not merely to vent or criticize for the sake of it. It was to hold up a mirror to the organization to underscore the need for a fundamental shift in culture, mindset, and operations.

Still, my insights didn’t land well with my handlers ‘small world‘ mindset, even though I’ve been navigating the corporate cosmos for years, collaborating with evolved beings. I’ve already journeyed to where they’re aspiring to reach and understand the mechanics of organizations that have achieved what they’re aiming for, and this, in my opinion, is far from the the path to success.

Observing them confidently botch things up, struggle to collaborate, and then give me the cold shoulder for highlighting what was glaringly evident turned my weekdays into a surreal, never-ending loop. It was like living in my own Monday through Friday version of the Twilight Zone, where pointing out the obvious made me the outsider.

This cycle of encountering known problems as if they were new, perpetuating inefficiency through a lack of documentation and standards, was a drag on progress, a barrier to learning, and, ultimately, in my mind, a disservice to the ethos of innovation and excellence that Diamond IT purported to uphold during my interviews. Seeing the team mishandle tasks and let down clients was like witnessing a slow-motion disaster from my desk.

As I saw it, the path forward required not just recognition of these issues but a commitment to action—a commitment that remained elusive during my time at Diamond IT.

John C. Maxwell: “Change is inevitable. Growth is optional.”

An Abrupt Farewell

One day, my journey with Diamond IT came to an unforeseen and unexplained end. My dismissal was as surprising as it was unceremonious, with no prior discussions, feedback, reviews, or indications of dissatisfaction from management. This abrupt conclusion left me reflecting on the missed opportunities for dialogue and improvement for myself and the company.

Despite my dedication—evidenced by my high project utilization rates (~70-80%+) only four weeks into my training, extensive overtime (40+ hours) in the early months, and consistent resolution of client issues (100%) along with closing half a dozen projects—many were half-done, and several were left aging in precarious states for over six months.

I also produced nearly 80 documents in IT Glue filled with valuable wisdom for ongoing projects, such as tons of useful PowerShell scripts for troubleshooting and over 17 essential fix articles for problems I’d encountered with the current tech stack. Nothing of this caliber existed anywhere in IT Glue when I was employed.

This was all before I hit my 90 days with the company! I’m a rockstar, by definition, and I don’t even require all these backup singers and stage performers. I do my job well and take quality and client impact seriously.

Months ~1-3: For the first three months, my sole point of contact was limited to weekly 30-minute calls with a consultant who, despite having been an executive of some sort for almost 15 years, seemed as removed from the action as one could be. This pivotal detail, curiously omitted during the interview process, became a thorn in my side. In my attempts to connect and cut through the act, I reminded them of my history with over 30 managers, hinting at a desire for genuine, substantial interaction rather than the superficial exchanges we were stuck in.

At one point, after getting nowhere with them, I made my stance clear: “Let’s drop the act; I see through it.“. Yet, my straightforwardness seemed to make no impact, met with uniform indifference that only reinforced their distant managerial style.  I found it disconcerting to be managed by someone who couldn’t harness their past leadership experiences. It was as if their ability to lead effectively depended on others’ competence rather than their own initiative. This shift—to being overseen by someone whose guidance was as insubstantial as a stand-in rather than the seasoned professional I expected—was both ironic and exasperating.

Month 3, Week 4: Senior Manager: “You’re doing a GREAT job!! `You ramped up quickly; it’s unbelievable, and there were no client complaints. Things are going really well. I realize I have been neglecting the projects team, and I will set more 1:1 calls with you and start helping the team.”

Month 4, Week 1: Senior Manager: “You seem a bit frustrated, and I just want to be sure you’re still on the team. I know there are problems, and things are a mess right now, and I’m sorry.”

(To which I agreed, I was committed to a better “future,” and we both acknowledged the current reality compared to where we wanted to be… They realized this and showed weakness in their tone, conveying that I’m a key part of the rescue effort to make this plan work.)

Month 4, Week 2: “This shouldn’t be a surprise. You know there have been problems, and yeah, it’s not a good fit, so let’s cut to the chase we’re letting you go.” 

(I asked the HR consultant if they knew that nobody in the company had ever said a word about a problem before this call. They remarked that they “needed to look at how they offboard people.” Meanwhile, I was a full 30 days past my 90-day review, written contractually into my employment agreement?) 

The abrupt nature of my departure from Diamond IT connects to the themes of transparency and trust I explored in “Finding Good Vendors: Lessons from Dental Chairs.” Just as I stressed the importance of choosing vendors who prioritize client well-being and maintain open communication, my experience highlights the value of fostering a culture of transparency and dialogue within an organization.

The lack of formal feedback and opportunities to voice concerns at Diamond IT undermined the trust and collaboration necessary for me to be in a thriving workplace.

Brene Brown: “Clear is kind. Unclear is unkind.”

Future Lessons: Wisdom Gained

Though fraught with challenges, my time at Diamond IT offered valuable lessons on the importance of communication, leadership, and organizational culture. In reflecting on these experiences, I propose the following recommendations for ANY company or individual, drawing from the insights shared in my previous blog posts:

  1. Live Your Culture: Align actions with stated values, fostering a genuine commitment to client success and employee support. Encourage open communication and collaboration, ensuring no one is left behind in pursuing excellence.
  2. Embrace Standards and Documentation: Establish clear standards and invest in comprehensive documentation practices to ensure consistency, efficiency, and scalability. Break the ad-hoc, top-of-mind decision-making cycle and empower employees with the knowledge they need to succeed.
  3. Empower Employees with Training and Resources: Provide robust training programs and equip employees with the necessary tools and resources to deliver exceptional service. Move beyond the “learn by doing it wrong” approach and cultivate a continuous learning and improvement culture.
  4. Foster Authentic Collaboration: Encourage genuine collaboration and break down silos like ‘Tribes’ that hinder progress. Create an environment where everyone’s contributions are valued and teamwork is the foundation for success.
  5. Embrace Expertise and Continuous Improvement: Welcome the insights and expertise of experienced professionals, using their knowledge to drive innovation and growth. Continuously seek opportunities to learn, adapt, and evolve as an organization. Don’t be intimidated by competent people and feel they’re threatening your standing in the company simply because they know similar things.
  6. Transition From Oversight to Empowerment: Shift from a “babysitter” approach to one that values autonomy and personal accountability. Encourage your current people manglers to guide rather than micromanage, fostering an environment where employees are trusted to take initiative and make decisions. This empowers individuals to manage their responsibilities effectively, promoting a culture of self-sufficiency rather than dependency.

My narrative shares personal experiences and urges Diamond IT to reflect and grow. By addressing highlighted concerns, the company can achieve its true potential, fostering an environment rich in transparency, respect, and shared success.

It’s important to acknowledge the many amiable and diligent individuals within the company who were committed to quality and client satisfaction yet hindered by their inability to effect change, especially in the Service Department. Despite the challenges, there were many enjoyable moments and remarkable team events, like our memorable Christmas party in Bakersfield!

I wholeheartedly support Diamond IT’s family leadership, including the CEO.  They were very kind and helpful outside of the technical work. Their integrity and openness to new perspectives for the company’s benefit mirror my own approach to business growth.

However, with their newly chosen leaders, achieving their collective objectives should have taken much less than a year to show real progress. Simply introducing these ‘Big Ideas‘ and selling that dream to the team, then failing to materialize it, is nothing new; just another illusionist leader using smoke and mirrors to buy more time to figure it out.

Aside from selling expensive tickets (salaries) for their unskilled entertainment, their actions have yet to demonstrate that they can replicate the success of their previous roles in actively steering any growing business toward its objectives, especially when faced with the challenge of transforming a less-than-functional environment.

Effective leadership means setting clear goals, building a genuine team beyond tightening tribal bonds, and achieving tangible progress. My concern, possibly echoed by others, regards the company’s direction under current advisement—valuable for lessons on what to avoid, yet missing prompt, definitive achievements.

As I move forward, sharing these lessons with the wider professional community aims to spark discussions on the importance of open communication, empowerment, and continual improvement. Through such dialogue, we can all work towards more resilient and fulfilling work environments.

Peace and Cheers!

-Matthew

Henry Ford: “The only real mistake is the one from which we learn nothing.”

.

.

.

.

.

Disclaimer:  All of my blog posts seek to promote transparency, collaboration, and excellence within organizations. They are not meant to defame or cause harm but rather to inspire positive change and reflection across the industry. This blog and all others on this site reflect my personal views and experiences, specifically at Diamond IT, emphasizing my perspective. It’s important to acknowledge the absence of formal feedback or channels for open dialogue during my time there, prompting me to share these insights publicly.

This post intends to document and reflect constructively on both positive and negative experiences. Open and respectful dialogue is encouraged, and I exercise my freedom of expression within the bounds of this platform.

Please note that any attempts to infringe upon these rights will be addressed appropriately, including recourse to numerous pre-existing policies applied to protect my freedom to express myself. As a long-time card carrying member of the ACLU, nothing is more important to me than continuing to write transparently and honestly without any distractions.

I invite insights from Diamond IT and any other person or company, aiming for a transparent and balanced dialogue. Our discussions must remain professional and dedicated to positive evolution.

For example, a company might say, “We’ve addressed leadership issues, resulting in significant improvements. Our new onboarding program, clear escalation procedures, and openness to challenging existing assumptions depart from past practices. We’ve moved beyond the influence of dominant personalities that once steered our culture towards tribalism and closed-mindedness. Our commitment is now towards a more inclusive, forward-thinking environment.

Troubleshooting Printers – Scan to SMB and Network Discovery Issues on Windows Server 2022

Troubleshooting Printers – Scan to SMB and Network Discovery Issues on Windows Server 2022

When transitioning servers, one might encounter issues with printing and scanning, particularly due to the deprecation of certain Server Message Block (SMB) protocols and adjustments required in Network Discovery settings. This is often the case with Windows Server 2022 and similar platforms. Devices like printers, which may operate on outdated firmware that isn’t publicly available or is no longer supported, depend on these older protocols.

Initial Steps for Troubleshooting:

Ensure these preliminary actions are taken:

  • Confirm the accuracy of Address Book Entries.
  • Check the DNS settings, firewall rules, and permissions for sharing and files.
  • Reboot the printer following any DNS adjustments.

Addressing Specific Issues:

SMB Protocol Connection Failure

Problem: The printer cannot connect to the server using SMB over TCP/445.

Solution: Reactivate SMBv1 Protocol on Windows Server.

  1. Run the PowerShell command: Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
  2. Then, activate SMBv1 on the server with: Set-SmbServerConfiguration -EnableSMB1Protocol $true

Network Discovery Connectivity Issue

Problem: The printer cannot complete NETBIOS discovery via UDP/137 even with Network Discovery enabled, which also deactivates upon revisit.

Solution: Activate and configure Network Discovery Services (DNS Client, Function Discovery Resource Publication, SSDP Discovery, UPnP Device Host) to automatic and then reactivate Network Discovery to maintain its setting.

  1. For the DNS Client: Use Set-Service "Dnscache" -StartupType Automatic followed by Start-Service "Dnscache"
  2. For Function Discovery Resource Publication: Apply Set-Service "FDResPub" -StartupType Automatic and start it with Start-Service "FDResPub"
  3. For SSDP Discovery: Use Set-Service "SSDPSRV" -StartupType Automatic and initiate it with Start-Service "SSDPSRV"
  4. For the UPnP Device Host: Implement Set-Service "upnphost" -StartupType Automatic and begin the service with Start-Service "upnphost"

Ensuring Success:

Conduct tests to ensure scanning from the printer is successful. Monitor the network and server logs for any anomalies.

Considerations:

Be aware, enabling SMBv1 can expose systems to security risks. It’s recommended to upgrade or replace outdated hardware for improved compatibility and security.

Authoritative SYSVOL Restore via Replication Reversal on Windows Server

Authoritative SYSVOL Restore via Replication Reversal on Windows Server

No Comments

Issue: In scenarios where the SYSVOL directory on a primary Domain Controller (DC) is either blank or corrupted, there’s a need to restore it authoritatively from another healthy DC in the environment. This guide focuses on resolving and rectifying replication issues within the Active Directory (AD) forest.

Preparation: Ensure backups of AD and SYSVOL from a known good state are available. Verify the health of AD and DFSR replication on all DCs.

Identifying the Authoritative DC: Designate the DC with the healthy SYSVOL (DC ‘B’) as the authoritative source for SYSVOL replication. Modify DFSR attributes to establish its primacy in replication.

Performing Authoritative Restore: Follow the detailed steps outlined in Microsoft’s guide for performing an authoritative synchronization of DFSR-replicated SYSVOL. This involves modifying DFSR attributes and initiating an authoritative SYSVOL restore.

Replication Monitoring: After the authoritative restore, closely monitor the replication status. Ensure that the previously blank or corrupted SYSVOL on DC ‘A’ now correctly replicates from DC ‘B’.

Validation and Cleanup: Validate the integrity of the SYSVOL contents on all DCs. Confirm successful synchronization across the domain using tools like dcdiag, repadmin, and DFS Management Console. Perform any necessary cleanup tasks as per the Microsoft guide.

Known Side Effects: Authoritative SYSVOL restore is an advanced operation that can impact AD replication and requires careful execution. Incorrect implementation can lead to broader replication issues within the AD environment.

Additional Notes: Authoritative SYSVOL restore should only be performed by experienced administrators. A clear understanding of AD and DFSR mechanisms is crucial. Please always make sure that reliable backups are available before proceeding.

Public Links: For detailed instructions, refer to Microsoft’s guide on AD Forest Recovery – Performing an authoritative synchronization of DFSR-replicated SYSVOL.

Detailed Steps:

Identify the Domain Controller with the Correct SYSVOL Content: Review the SYSVOL folder on each domain controller to determine which contains the correct and up-to-date content. This may involve comparing the contents of the SYSVOL shares or examining the contents of Group Policy Objects (GPOs) stored within SYSVOL.

Access the DFS Management Console: Open the DFS Management Console on one of the domain controllers. This console provides tools for managing Distributed File System Replication (DFSR), including configuring replication groups and connections.

Navigate to the Replication Group: In the DFS Management Console, navigate to the replication group that controls SYSVOL replication. This replication group typically includes all domain controllers within the domain.

Modify the DFSR Configuration: Locate the configuration options related to SYSVOL replication within the replication group settings. Look for an option to designate a specific domain controller as the authoritative server for SYSVOL replication.

Select the Authoritative Domain Controller: Choose the domain controller you identified in Step 1 as having the correct SYSVOL content. Select this domain controller as the authoritative server for SYSVOL replication by modifying the DFSR configuration accordingly.

Apply the Configuration Change: Save the changes to the DFSR configuration. This action effectively designates the selected domain controller as the authoritative source for SYSVOL replication within the replication group.

Ensure Replication of Configuration Changes: Confirm that the changes made to the DFSR configuration are successfully replicated to all other domain controllers within the replication group. This ensures consistency across the environment and prevents conflicts or inconsistencies in SYSVOL replication.

Monitor Replication Status: Monitor the DFSR replication status to verify that the designated authoritative domain controller replicates SYSVOL content to other domain controllers. This helps ensure that the corrective change has been applied effectively and that SYSVOL replication functions as expected.

QuickBooks Database Server Manager SQLANY Errors

QuickBooks Database Server Manager SQLANY Errors

No Comments

Issue: QDSM unexpectedly shuts down, particularly when utilizing the ‘Scan’ function for repairs.

Error events are logged, including Event IDs 4, 1, 1000, and 1016, indicating issues with database service timeouts, SQLANY 17.0 component errors, and application faults involving QBServerUtilityMgr.exe and KERNELBASE.dll.

Temporary Fixes:

System Reboot A complete server reboot can temporarily resolve the issue, although it may not provide a guaranteed or permanent solution due to potential port conflicts upon system restart.

Service Restart Sequence: Temporarily stopping the DNS Server service, starting the QuickBooksDB## service and QBMonitoring service, then restarting the DNS Server service can circumvent the issue without a reboot.

Solution:

Port Reservation: Conflicts between QDSM and other services, such as DNS, often stem from overlapping port usage. Reserving ports specifically for QDSM can prevent such conflicts.

a. Stop the DNS Server service and the QuickBooksDB## service using the Services console or Command Prompt with administrative privileges.

b. Open Command Prompt as an administrator and execute the following command to reserve a range of ports for QDSM, adjusting startport and numberofports as necessary:

netsh int ipv4 add excludedportrange protocol=udp startport=55368 numberofports=5

c. Restart both the DNS Server service and the QuickBooksDB## service.

Validation Steps: After implementing the permanent solution, monitor the QDSM service for stability and ensure it remains operational without unexpected shutdowns.

Review the Event Viewer for the absence of previously noted error events related to QDSM and SQLANY 17.0.

Known Side Effects: Port reservation may require adjustments based on other services running on the server to avoid new conflicts.

Monitoring USB Drive Activities with PowerShell Script

Monitoring USB Drive Activities with PowerShell Script

No Comments

Introduction: At times, managing USB drive activities in a corporate environment can be challenging, especially when there’s a need to balance security concerns with operational requirements. Our consulting practice has encountered situations where limited retention policies in EDR/Logging tools and the need to allow USB drives pose a significant challenge. To ensure data security and compliance, we needed a solution to monitor USB drive activities, particularly during offboarding processes.

The Solution: We developed a simple yet effective PowerShell script that monitors USB drive activities to address this challenge. The script is designed to detect when a USB drive is inserted and log any file transfers or deletions that occur on the drive. This allows us to keep track of data movements and identify any potential security risks, such as unauthorized data transfers or leakage.

How It Works: The script is triggered whenever a USB drive is detected manually or through automated alerts from tools like Datto RMM, which has a component for this scenario. It runs continuously for a predefined period (24hr), monitoring all file activities on the USB drive. After the monitoring period ends, the script generates a report detailing any file transfers or deletions that occurred during that time.

Implementation: Implementing this solution is straightforward. Simply download the PowerShell script from the provided link and integrate it into your existing monitoring infrastructure. For example, you can configure Datto RMM to execute the script as a component whenever a USB drive is detected, or perhaps run it as a scheduled task. This allows you to leverage existing tools and workflows while enhancing your security posture without complicated paid tools.

View Script

 

 

Crafting Culture: The Balance of Ego, Bias, Beliefs

Crafting Culture: The Balance of Ego, Bias, Beliefs

My tech career went global early in terms of clientele, starting before I was legally allowed to drink. It’s been a dynamic path, guided by more than 30 managers in various industries, including managed services, manufacturing, and a large cybersecurity company.

In my experience, I’ve noticed how a lack of self-awareness and differing values and beliefs can profoundly affect workplace behavior. These elements are crucial in shaping everyday interactions, conflict resolution strategies, and defining roles and relationships with clients and colleagues.

From small firms to global corporations, my experiences highlight how aligning values and beliefs is critical in shaping workplace behavior and influencing personal interactions and overall organizational dynamics.

Through sharing my experiences, I seek to examine the influence of cultural factors on workplace dynamics. Drawing from various professional environments, my insights aim to highlight the unique ways these elements shape our professional interactions and challenges.

Online-Offline Convergence in Work Culture

Online behaviors don’t stay confined to our screens; they inevitably influence our workplace dynamics. The quick judgment and fleeting attention spans, hallmarks of platforms like TikTok, find their way into our offices. This leads to a surface-level engagement with tasks and a tendency to quickly dismiss new ideas, undermining depth and persistence in professional work.

Similarly, the relentless online pursuit of ‘fairness‘ in a symphony of toxicity on sites like Reddit often translates into persistent workplace complaining and subtle manipulation tactics bordering on covert harassment. The boldness gained from online anonymity can result in a lack of respect and accountability in face-to-face interactions, challenging professional norms and leading to conflict.

Moreover, the echo chambers and confirmation bias prevalent in online communities can narrow employees’ perspectives, making them resistant to diverse viewpoints and critical feedback. This can stifle open discussion and thoughtful decision-making in the workplace.

Online behaviors, mirroring social media’s quick judgments and echo chambers, are reshaping workplace dynamics, necessitating reevaluating professional norms and interactions.

This trend was evident at the Security Operations Center of a global tech company where I worked. Some teams, less engaged with tasks, let personal activities like watching YouTube videos or playing Magic cards eat into work hours. This behavior was more than just a slip in work ethics; it reflected a deeper issue. These individuals often complained about trivial matters, echoing their dissatisfaction with their jobs and themselves. It stemmed from a sense of superiority over others in the room. The negative undercurrent disrupted their productivity and the overall workplace environment.

Similar to toxic dynamics in online spaces, these patterns highlighted a significant shift in workplace culture. They underscore the importance of addressing personal habits and attitudes. If left unchecked, these behaviors can profoundly affect the entire workplace, emphasizing the need for a conscious effort to foster positive work habits and a healthy professional environment.

Mirror Judgments: Reflections of Self-Worth

In the workplace, opinions and judgments about colleagues often reveal more about the observer’s insecurities than others’ abilities. Such assessments can sometimes be less about factual evaluation and more about the evaluator’s biases and self-perceptions.

For example, despite my extensive experience, I was once taken aback by a comment from a colleague about my client interaction skills. They remarked, ‘You’re better on the phone with clients than I thought you’d be.‘ This observation from someone significantly junior in the industry underscored a common workplace phenomenon. Individuals often project their insecurities and self-doubts onto others, especially those they view as competition or threats to their professional standing.

Opinions and judgments often mirror insecurities, shaping a culture where biases, rather than true capabilities, influence perceptions of worth and status.

This tendency to project insecurities manifests in various ways, subtly shaping a culture where biases and preconceived notions, rather than true capabilities, influence perceptions of worth and status among colleagues.

Continuing in this vein, we must introspect how we form opinions and judgments about others. Examining these thoughts’ roots is crucial when assessing someone’s abilities or character. What makes you think these notions are accurate? More often than not, these quick judgments are colored more by our own experiences, biases, and insecurities than by the actual qualities of the person in question.

Ultimately, when we solidify these opinions, we view that person through a ‘fixed lens,’ dismissing the possibility of their growth or change. This mindset limits our perspective and potentially hinders the professional development of the person being judged.

Unity vs. Productivity: Navigating Workplace Tribalism

In workplaces, the tribal mentality often reflects our deep-rooted fear of becoming outcasts. This ancestral instinct, geared towards ensuring survival through social acceptance, can inadvertently foster cliques and a culture of groupthink. In such environments, the unconscious drive for inclusion and unity often overshadows individuality and independent thinking.

The primary goals of a tribal group, which focus on unity and collective survival, sharply contrast with the objectives in a business context. In the corporate world, the emphasis is typically on innovation, efficiency, and productivity. This fundamental difference suggests that pursuing likability and social acceptance can sometimes be counterproductive in workplace settings. It risks undermining the essential professional qualities of competence, individual creativity, and independence.

It’s important to remember that the concept of ‘likability‘ is highly subjective and varies greatly depending on the observer’s biases and perspectives. This subjectivity can significantly distort the perception of a person’s worth or abilities, especially in work settings where cliques or ‘tribal‘ mentalities prevail. As a result, assessments based on likability rather than merit can lead to skewed workplace recognition of talent and potential.

Clique dynamics, mirroring tribal mentalities, starkly contrast with business goals, highlighting how the pursuit of ‘likability‘ can conflict with professional competence and innovation.

These dynamics create an interesting paradox. On one hand, the human desire for social connection and acceptance is natural and can foster a sense of community and teamwork. On the other hand, when this desire morphs into a tribal mentality, it can create divisions and hinder the full realization of individual skills and innovative potential in a professional setting.

In my past roles, I’ve observed these dynamics in various teams. More than just choosing specific seating arrangements or clustering together, these cliques created a distinct ‘us versus them‘ divide. Their interactions with those outside their circle were marked by subtle cues—shared glances, unspoken agreements—clearly delineating who was ‘in‘ and who was not.

These ‘Homo Cliquus‘ groups exhibit a strong preference for being invite-only. They often gather near water coolers or lunch areas, engaging in their rituals, exchanging weekend stories, and laughing at inside jokes. While they interact seamlessly within their group, their engagement with others is minimal. This exclusivity doesn’t just create an unwelcoming atmosphere; it actively stifles the potential for diverse ideas and collaboration.

Such tribal behaviors in the workplace erect invisible barriers, finding ways not to be helpful and hindering open communication and teamwork. It’s a vivid illustration of how these clique mentalities can impact not only the culture of a company but also its capacity for innovation and productive teamwork.

Feedback Frenzy: Constructive Criticism or Hidden Agendas

Having worked under the guidance of dozens of managers, each with their unique approach, I’ve witnessed a diverse range of styles in handling feedback and complaints. One manager, in particular, stands out in my memory. He approached complaints with a meticulous and unbiased stance. His ability to uncover hidden agendas was keen, whether it was a covert attempt by another manager to undermine someone or an unfair effort to get an employee wrongfully fired. His commitment to considering multiple perspectives was not just remarkable but also a shield against unwarranted negativity and workplace politics.

Proper coaching transcends mere complaining. It involves blending constructive feedback with actionable guidance for growth, a key to fostering a positive team environment. This approach contrasts sharply with the practices of some first-time managers I’ve observed. Some of these managers were previously my colleagues. As they transitioned from their roles as individual contributors, they often grappled with their new responsibilities. They exhibited familiar intellectual weaknesses, now magnified in their managerial roles.

A common pitfall for these new managers was their tendency to ignore team input. This often led to repeated unilateral decisions and poor outcomes. The aftermath involving a trail of apologies, often without changing the behavior or, in many cases, a complete lack of acknowledgment. Such actions significantly disrupted the workplace culture.

Effective leadership hinges on providing genuinely constructive feedback, a skill contrasting starkly with the pitfalls of inexperienced management, where criticism often overshadows guidance.

Reflecting on these varied experiences with managers, it becomes evident that there is a fine line between complaining and coaching. Too often, what is intended as feedback can devolve into complaints without constructive guidance or support. Effective coaching, however, is about more than just pointing out flaws; it involves providing actionable steps and support for growth. It’s about building up, not breaking down.

Moreover, navigating the management of talented individuals by ego-driven, inexperienced leaders can be challenging and rife with missed opportunities for personal and professional growth. The difference between a leader who can inspire and uplift and one who relies solely on authority and criticism is stark, and it dramatically influences the trajectory of team dynamics and individual development.

Final Reflections: Shaping a Positive Workplace Culture

Reflecting on the range of experiences I’ve encountered, it’s evident that workplace culture is deeply influenced by the subtle undercurrents of personal bias and the more observable aspects of managerial styles and policies. This exploration across various professional settings highlights the critical need for awareness, empathy, and adaptability. Cultivating a workplace that equally values competence and character is essential.

For instance, consider the manager who investigated complaints with an unbiased lens. His approach demonstrated the power of empathy and fairness in leadership. Such leadership resolves conflicts and fosters trust and respect among team members. Similarly, addressing challenges like clique dynamics and tribal mentalities in teams can transform the workplace by eliminating your resident a-holes and replacing them with a-players.

A harmonious workplace hinges on empathetic leadership and adaptability, fostering an environment of trust, inclusivity, and collaborative growth.

As we progress in our careers, we must remain mindful of the impact of our actions and decisions on those around us. How we handle feedback, engage with colleagues, and approach conflicts can significantly shape our organization’s culture and effectiveness. We should aim to create ripples of positive change. Let’s foster a work environment where everyone feels valued, heard, and motivated to contribute their best.

Ego’s Veil: Unmasking Performative Advocacy

Ego’s Veil: Unmasking Performative Advocacy

One day, during a brief lunch break from work, I stood in line at a local restaurant, craving a sandwich to refuel for the rest of the day. As I waited, a colleague approached me. Although we didn’t know each other well, they recognized me from the office and discussed ‘Cyber Patriot.’ This was a well-known competition where industry mentors teamed up with students to tackle hacking challenges. I had heard of it and engaged in the conversation, nodding in agreement and mentioning that it sounded like a worthy cause. However, my main focus at that moment was satisfying my hunger with a sandwich.

Months passed, and life took me on an unexpected journey across the country to California. Upon returning to the office for a visit, I unexpectedly bumped into the colleague whom I’d previously talked to about the opportunity. The recognition was immediate, and before I could exchange pleasantries, they scolded me, “Why didn’t you join Cyber Patriot?”

Taken aback, I responded, “Well, for one, I moved out of state.”

Their face contorted with a mix of disbelief and frustration. “You should have told me,” they retorted, their voice laced with exasperation, “I wouldn’t have wasted my time talking to you about it.”

My response was instinctual. “At the time, I didn’t even know I was moving. Besides,” I added with a touch of irony, “weren’t we just standing in line next to each other, waiting for food?”

The exchange left me pondering a curious question: Did this person honestly care about the cause, or were they more invested in the appearance of caring? When it came to genuine causes, advocating for them was never wasteful. But for some, the cause seemed secondary to the ego boost they received from championing it. It made me wonder whether they were more concerned about how they looked as part of a program rather than the essence of the program itself.

Upon reflecting on the incident, it became apparent that advocating for a cause carries the potential for meaningful impact. Yet, a distinct dichotomy emerged between impassioned advocacy and performative engagement. True dedication involves spreading awareness and genuinely understanding and valuing the cause’s purpose, untainted by a mere desire to enhance one’s image. This experience underscored the delicate boundary between selflessness and self-absorption, reminding me that we must all navigate where we stand.

It also highlighted the tendency for some to prioritize personal image over grasping a cause’s significance. Motivated by the hunger for validation, their actions often overshadow their genuine impact. The crux of the matter lies in introspection: Does our engagement stem from authentic empathy and altruism, or do we merely seek recognition? The answer holds the key to our level of involvement.

Finding Good Vendors: Lessons from Dental Chairs 🦷

Finding Good Vendors: Lessons from Dental Chairs 🦷

Relocating to California brought about more than just a change in scenery; it posed an unexpected challenge—finding a reliable dentist. What may seem like an unrelated experience holds a profound analogy for understanding why customers meticulously choose vendors, especially when they have dozens and hundreds of others circling them at all times, like sharks in a competitive sea. Join me as I share my dental journey and how it illuminates the pitfalls of hasty vendor decisions.

Dentist Analogy: The Discomfort Zone

My quest for a new dentist, driven by convenience, introduced me to a seemingly cost-effective practice. However, the veneer of affordability soon cracked, revealing profit-driven motives and a disregard for patient well-being. The waiting room turned into a nerve-wracking ordeal, with minutes stretching into eternity. Once inside, my interactions were fleeting and never with the actual dentist. The parallels with the vendor selection process were uncanny—quick convenience can often mask a lack of genuine concern for customer satisfaction.

Experiences with my dentist unfolded like scenes from a chaotic assembly line. The doctor juggled multiple patients, leaving me waiting with instruments in my mouth, yearning for his return amidst his multitasking. This led to frequent mistakes, with one incident culminating in a harrowing 2 am hospital visit due to an overlooked bite check after a procedure. The connections to vendor-client interactions were glaring—vendors who stretch themselves thin and lack focused attention can induce expensive errors, echoing the disjointed dental encounters.

Wisdom Teeth and Vendors: A Parallel Unveiled

The turning point came with the proposal for wisdom teeth extraction based on outdated information without proper examination. Seeking a second opinion introduced me to an oral surgeon whose methodical evaluation exposed the flaws in my previous provider’s approach, and clearly, the weight of the risk was solely on my shoulders. This episode uncloaked the pitfalls of vendor choices—entrusting vital responsibilities to vendors without comprehensive assessments by subject-matter experts can lead to preventable disasters.

Much like the dentist’s disregard for my unique situation, such as my age and how deeply rooted my teeth were into the nearby trigeminal nerve, vendors who skip personalized evaluations fail to comprehend clients’ distinct needs. Just as the oral surgeon tailored his approach and risk evaluation to my situation, businesses should insist on vendors who undertake comprehensive risk assessments, ensuring a snug fit between solutions and challenges.

Navigating the Vendor Seas: Sharks and Shoals

Vendor selection often sets sail with hopeful online searches and form submissions, reeling in vendors that promise the world. Yet, wisdom comes from my journey – where experience and vows sometimes part ways. The chasm between grandiose “We’ve done this hundreds of times…” declarations and actual performance becomes glaringly evident during execution. The divergence between vendors’ claims and their true capabilities resonates with the dangers of selecting a provider based solely on location or marketing hype.

Just as a website’s glitches lay bare the gap between pledges and practicality, vendors who fail to deliver on their assurances can compromise projects, leading to wasted resources and missed growth opportunities. Maybe they’ve executed tasks repeatedly, but success is another realm. The glittering logos on their homepage could well be from yesteryear’s corporate gigs, not their current venture’s finesse.

The Irony of Misaligned Pearspectives

A recent interaction with a copywriter highlighted a common pitfall: the assumption that we understand our client’s needs better than they do. This misconception often leads to misalignments between projects and their intended visions. This issue arose during a disagreement over including my company’s inception story on our website.

The copywriter’s stance was to omit crucial context – that our product was developed collaboratively with IT providers and supported by thorough end-user research. Instead, the copywriter leaned towards a generic approach, portraying us as just another company merely guessing at customer pain points.

Ironically, the same mindset that makes vendors think they understand customer needs without proper engagement also hindered the copywriter from recognizing the value of my insights. Just as vendors can overlook clients’ unique requirements, the copywriter disregarded the essence of our product’s creation journey—partnering with IT providers and conducting meticulous research.

Conclusion: Navigating the Labyrinth

In hindsight, my dental journey mirrors the intricacies of vendor selection. The parallels between my quest for dental care and the pursuit of reliable vendors reveal a shared truth: vendor choices require careful evaluation, meticulous risk assessment, and alignment with clients’ core values.

Just as I opted for a reputable oral surgeon for wisdom teeth extraction over mere convenience, businesses must prioritize expertise and excellence over quick fixes. In doing so, they avoid the allure of empty marketing and make informed vendor choices that propel their growth and success.

In essence, the dental chair and the vendor evaluation table bear uncanny similarities—both can induce discomfort or proceed seamlessly, all while you shoulder the associated risks. Just as selecting a dentist requires careful consideration, choosing vendors demands a thoughtful process. Prioritizing your well-being over their profit, reputable vendors align with the principles of a conscientious dentist.

So remember, when it comes to vendors or dentists, choose wisely – after all, you wouldn’t want a dentist saying, ‘Trust me, I’ve got the perfect painless solution,’ without the anesthetic, right?

Privacy Powerhouses: Optery, Kanary, DeleteMe, and OneRep

Privacy Powerhouses: Optery, Kanary, DeleteMe, and OneRep

No Comments

Unmasking Data Detox Tools

The term “Data Detox Tools” encompasses software applications and online services tailored to assist individuals in managing and overseeing their digital footprint and personal data across the expansive realm of the internet. In this context, the term “detox” metaphorically parallels the concept of purification, suggesting a process akin to eliminating unnecessary or potentially detrimental elements. In the digital sphere, a data detox entails taking deliberate measures to curtail the accessibility of online personal information.

(CEO of Data Privacy Company Onerep.com Founded Dozens of People Search Firms)

These tools offer a spectrum of features and functionalities designed to aid users in diminishing their virtual presence, mitigating vulnerability to data breaches, and thwarting the inappropriate use of personal data. Some common attributes of data detox tools include:

1. Personal Information Removal: These tools often furnish a service that detects and eradicates personal data from diverse online sources, including social media platforms, public databases, and search engine results.

2. Data Monitoring: Many tools actively monitor the web for references to your personal data and promptly alert you when instances arise on new websites or platforms.

3. Custom Removal Requests: A subset of tools permits users to formally request the removal of specific information from websites or search engine results that may have eluded automated identification.

4. Search Result Suppression: These tools are adept at relegating or suppressing undesired search results that might surface when someone searches for your name or other personal particulars.

5. Privacy Recommendations: Some tools extend beyond mere information removal, providing guidance and recommendations to elevate online privacy and security practices. This could encompass adjusting privacy settings on social media profiles.

6. Educational Resources: Many data detox tools are accompanied by educational resources, offering insights into best practices for safeguarding personal information in the digital landscape.

My journey to control my digital footprint began with DeleteMe, in which I chose to tackle the removal of my personal information from the internet. Over time, I noticed that alternative solutions provided automated services, contrasting sharply with DeleteMe’s manually-driven approach. While automation promises efficiency and breadth, DeleteMe requires human agents to carry out removal requests, which may be slower and less comprehensive.

DeleteMe has expanded its coverage from around 100 websites to a claimed 750. However, this expansion doesn’t necessarily translate to a more effective service, especially compared to automated systems like OneRep, designed to scale more effortlessly with technological advancements.

As the privacy protection market has matured, OneRep, which once felt revolutionary due to its automation, now shares the space with newer entrants. Optery and Kanary have carved out significant niches, boasting more agile and thorough services. They have leapfrogged over OneRep and DeleteMe, which may now appear less innovative.

While evaluating these new players, I encountered a startling outcome. When I cross-checked OneRep’s past performance for over two years, I uncovered that it had missed numerous profiles—well over a hundred and fifty —across sites it claimed to monitor. This highlighted a stark reality for me: OneRep’s algorithmic approach had limitations, failing to detect and deal with newer instances of my personal details across many providers and random links they generate; it also wasn’t handling Google exposures.

This shortcoming laid bare the challenges these data detox platforms face in keeping pace with the myriad ways personal information can manifest and mutate online. It underscored the need for continuous advancements in detection capabilities, something the newer entrants in the privacy sector might be better equipped to handle. The experience showed that relying on a single service could leave gaps in one’s digital privacy strategy.

(Dashboards for Kanary & Optery)

Points of Discontent with OneRep:

  1. OneRep’s zealous approach often removes entries unrelated to the individual, spanning different ages and family members. This approach raises both privacy and precision concerns.
  2. OneRep’s offering lacks visual evidence—such as screenshots or search result snapshots—for user review.
  3. OneRep’s interface lacks a mechanism for users to “Ignore” false positives or contribute to enhancing the system’s accuracy.
  4. Instances where removal efforts are indefinitely labeled as “In Progress” could be seen as intentional retention tactics rather than coincidental.
  5. OneRep’s incapability to facilitate custom removal requests or deliver robust user support contrasts with competing platforms that offer user-focused success metrics and timely removal estimates.
  6. Despite years of using OneRep, it overlooked 154 profiles, which Optery/Kanary subsequently removed. Most profiles were even on websites OneRep claimed to monitor, highlighting the risk of relying on a single service.
  7. Had to contact Support 3x to cancel my subscription. Regarding feature updates, and recommendations, they don’t reply at all.
  8. Random message from a person on Linkedin, reaching out to me as a prominent security pro trying to market a live scan using OneRep. Is this a marketing campaign?

The Dilemma of OneRep: A comparative assessment against emerging rivals, namely Kanary and Optery, highlights OneRep’s diminished efficacy. Kanary, for instance, boasts coverage across 325 sites, and its responsiveness to user input in expanding this coverage underscores its prowess. Introducing a feature allowing users to link affiliated company names is Kanary’s ingenious method to curb spam and invasive associations, such as those propagated by Lusha and Apollo.

Optery’s Remarkable Attributes: Optery excels with comprehensive coverage under its Ultimate plan, though the inability to accommodate family members under a single account presents a notable drawback. The user interface within Optery’s portal emerges as a frontrunner, facilitating quick validation through a visual stream of screenshots.

Optery’s “Optional Feedback” feature is noteworthy, enabling users to fine-tune platform accuracy, a process reminiscent of training the system to accommodate specific search variations and geographical locations.

Optery’s provision of “Custom Removals” is a laudable offering. It empowers users to request the deletion of specific URLs or search engine results, a testament to user control.

Final Appraisal: Kanary and Optery emerge as preeminent choices in data detox, effectively superseding OneRep and DeleteMe. My transition from OneRep to these innovative platforms yielded the removal of over 154 pieces of my personal data, even though I’d been running scans on that platform for years, underscoring the effectiveness of these new competitors. The robust scanning capabilities and advanced features secure Kanary and Optery as leaders in personal information removal. As my exploration of both platforms continues, my ultimate goal is to make an informed choice for a secure and enduring online journey.

(Note: I’m currently using BOTH Kanary and Optery because I can’t add family members directly into Optery, only invite them to the platform. With Kanary, I can add the information, and while some of it is verified, it does not force the family member to sign up for their own account.)

(This review reflects my genuine experience as a user of DeleteMe, OneRep, Kanary, and Optery and is unbiased and unpaid. I plan to enhance it with more screenshots soon.)

Instagram Account Recovery

Instagram Account Recovery

Is Instagram’s account recovery workflow disappearing on some accounts and devices? We’ve had reports from readers and friends who’ve had hacked Instagrams with no success in using Instagram’s published docs to recover the account once the attacker’s email and phone number have changed.

Here’s a copy of the official Instagram post: I think my Instagram has been hacked.

(Update 12/6 – After testing for weeks over 40 times we can see the option on an Android but at the same time not on his iPhone following the same process. Another user reports the option appeared on an iPhone. We put in the attacker’s email, then see ‘Need more help?‘ but it has to be from a phone that’s logged in before and not a new device.)

 

 

 

 

The email doesn’t say ‘Revert Change‘ anymore as indicated in the Doc above:

I can’t access this email’ or phone number is no longer in the UI no matter how long you wait or many times you resend the codes:

Clicking ‘Secure your account here‘ brings you to a login page or the Help Center. No workflow triggers an account recovery of any kind, whether from a mobile or web browser:

Password reset emails offer no option to declare you’ve lost access to the email or phone number on the account:

(It usually says ‘Need more help?‘ but that option is missing on some devices)

Instagram mentions its new selfie function to recover accounts, but how? There’s no UI in any apps to trigger the Account Recovery options that lead to this outcome.

How does one recover once a hacker has changed the phone number and email address on the account?.

Card Fraud – Express Store 2401

Card Fraud – Express Store 2401

*** Update 9/12/22 *** – Thousands of people are visiting this blog regularly due to card fraud of their own via Express Store 2401. I have not been able to gather any more information from the companies involved, but I continue to dig deeper into how they’re stealing these cards and other parts of the operation. It’s ridiculous that it’s been going on this long and that Wells Fargo isn’t concerned with somebody stealing a card that’s never been used.

 

 

Wells Fargo texted me the other night about its fraud system. The issue was an attempted charge from EXPRESS 2401 in Columbus, Ohio. After a bit of Google research, I found that the world is no stranger to fraud coming from this location.

I’ve never once used this card with any other merchant or website. It was activated in June of 2021 and then locked in a cabinet. It also seems that if something were purchased on Express.com, it would show up as CORP, not a particular store location.

Here is the response from Express:

As a part of the investigation, I’ve set out to answer a few questions about this particular scenario:

  1. How could the attackers steal a card that’s never been used before?
  2. Did attackers hijack the Express merchant account for this location?
  3. Why does fraud persist at store #2401 despite reporting to the banks and Express for over 8 months?

The story will be updated as more information is obtained about this issue at Express Stores.

 

Ben Damman aka TypeSend

Ben Damman

Ben Damman aka TypeSend

No Comments

In our experience with Ben Damman, the CEO of Aliens From The Future, Inc., we’ve encountered some challenges. We invested $8,041.67 for a project in September 2020, and there has been no meaningful progress. We’ve noted missed meetings, limited communication, and minimal code commits and observed him taking on new projects on Upwork. We’ve also come across similar feedback from others on the platform.

Ben Damman

From our records, Ben logged approximately 66 hours, including a twelve-hour day and a weekend. However, the only tangible output we noticed was a basic Elixir framework. He often shared messages such as “I’m about to commit a release” and “There will be a significant update soon.” He even assured repayment, mentioning, “The check is on the way.” Unfortunately, despite these communications, the deliverables and promises weren’t realized.

Ben Damman

Ben often speaks about his past experiences, mentioning roles at prestigious places like the White House and Apple. He also positions himself as an expert developer. Given these claims, it was surprising and disappointing for us that the commitments he made weren’t followed through, especially when it seemed he had the capability.

The frequent cancellations and last-minute rescheduling of meetings became our primary, if not the only, window of communication with Ben.

Ben once sent me a message, which I’ve captured in an image, explaining he missed our meeting because he was in “beast mode,” supposedly accomplishing a lot of work. Unfortunately, this approach seemed counterproductive, as I never received the promised screenshots, links, or instructions.

On one occasion, when inquired about his progress and well-being 91 days into the project—especially since there hadn’t been any tangible outputs or communication from his end—Ben attributed his lack of progress to political events in January and a coincidental stomach bug.

(In a particular instance, as showcased in the attached image, Ben extended an invitation for a call. I responded promptly within an hour, suggesting multiple time slots for our discussion. Regrettably, there was no subsequent communication or acknowledgment from his end.)

When Ben expressed his financial struggles to me, mentioning he was “low on money(unemployed), I empathetically gave him a $1k bonus from my own funds, hoping to assist. This bonus was attributed to a proposal he had drafted for our project. However, it’s noteworthy that up to that moment, the tangible deliverable from him was just a 1.5-page document. Even the presentation of this brief document was postponed as he had canceled the scheduled meeting for its unveiling.

Interestingly, just eight days after I terminated our contract that spanned from Oct 14, 2020, to Jan 19, 2021, another client posted the following review about their experience with Ben:

Ben Damman Aliens From The Future TypeSend
Ben Damman Aliens From The Future Typesend

During our engagement, Ben cited a personal tragedy—a death in the family in December—as a reason for delays. However, only a week after our contract termination, he undertook another project, displaying the same patterns of behavior—accepting funds but not delivering results. Between our two organizations, this amounted to a loss of ~$13,000.

It was disheartening to observe his leisurely activities on social media—travels, dining out, moving to a new, picturesque home—all while communication gaps persisted. It felt as if he was comfortably living on the funds we provided without offering any tangible work in return. To see him repeat this pattern with another business, even after our experiences, was deeply unsettling.

Ben’s inaction severely impacted our operations and timelines, causing significant setbacks to our market entry. Initially brought onboard for troubleshooting, he was unable to perform that task. Instead, he persuaded us to create an entirely new environment using his preferred frameworks.

It was the visible association with figures like President Obama and references to esteemed organizations such as the White House, Apple, and Google on his social media that convinced me to engage him. Regrettably, I was lured by this perception of a ‘My jobs are my identity‘ ethos, expecting it to equate to reliability. However, the outcome was far from it.

Ben Damman Aliens From the Future Developer Missoula Montana

Ben has yet to deliver meaningful results for the funds we provided when the project was initiated. Instead, we felt the impact of his actions quite heavily—both financially and in terms of time. After engaging with us, Ben relocated and ceased communication.

While Ben seems to be familiar with financial disputes, the question remains whether we’ll be able to recover our investment. It appears that others have had to resort to legal measures to ensure their financial disputes with Ben are resolved, and we might have to consider a similar course of action:

(Per WhitePages.com)

$4,306 to Express Personal Services
$9,802 to Asset Acceptance, LLC
$3,600 GB, LLC
$1,640 Capital One Bank
~20k in legal judgments.

Despite being provided options for a significantly reduced repayment plan, Ben has not made any attempts to repay even a small portion of the amount. We were open to a generous arrangement where he could pay back only half the amount at his convenience, both in terms of amount and schedule. Yet, this proposal went unacknowledged.

The last communication I received from him was an email of varied formatting in which he labeled my inquiries as “harassment” and stated that any further communication should be directed through his attorney. Interestingly, Ben had, on multiple occasions, voiced his intention to repay us. However, he never firmly communicated a refusal either. It seems he chooses avoidance over addressing the issue head-on.

Thank you for your attention to this matter, and I wish you success in your endeavors.

Google Spamdexing Attack

Google Spamdexing Attack

No Comments

Found an interesting Google Results injection against sites running Solr search. Attackers created links in an unknown place with search parameters being passed to the websites. Google crawled these source pages, following the links and accepting them as content. It’s not all that sophisticated, but remember, it’s results that matter in this game.

Many more are on my Twitter from notifying the organizations of this clever little hack against Google’s results.

911: Google Webmaster Removal Tool

 

 

 

 

In an example URL from Berkeley.edu, notice how they’re passing a parameter to ?s= that the site appends into the code of the search results page. Somehow they’ve added this to Attacker Page 1, which was then crawled by Google, and it’s creating an XSS (cross-site) on the destination page, picking the search up as content.

The result is that Google is picking up keywords from those pages in its results effectively promoting them:

Image

Image

Image

Definitely don’t try this at home! ‘Snorting Viagra‘ hosted on Umassmed.edu.

Image

Check out all of the other organizations that have the search hack:

https://www.google.com/search?q=%22Search+Results+for+%22+Viagra%22 (Pages 1-7)

https://www.google.com/search?q=%22Order+without+prescription%22 (“Order without Prescription“)

You can take any of the domains found in the broad results and cross-check with a more specific search, for example, site:berkeley.edu “viagra”

Here’s a gallery of different University sites showing thousands of results with the pill advertisements. Hit escape if the gallery runs off the top of your screen:

Pages that show whatever you put into?s= Solr search. If the search parameter is replayed into the page, it creates the appearance of content. The attackers must’ve linked these from other locations to get them on Google:

In a similar scam where the attackers actually inject a real page into the site, these organizations were impacted. Some were the University of Massachusetts Medical Center, Hastings Library, and The City of Dry Rock, where the pages have been injected since at least December of 2020:

Image

Destinations of these links being advertised are some of the following sites like ‘WebMD(dot)shop,’ which is brazen:

All of these domains above are landing pages that eventually lead to anonymrxonline[.]com

Phone: 888-524-7141 [ANI: VIGAR]

This phone # has over 5k Google results and shows signs of being in use for pill dealing for over 6+ years. It was formerly advertised by

[email protected]
Skype Gina24Rx [BDay: 9/16]
Location: Costa Rica.

Uses another phrase ‘MyPharmaCash’ from this affiliate program: https://www.facebook.com/MyPharmaCash and Twitter https://twitter.com/24rxshop activity ceased in early to mid-may of 2015.

Skype resets are af*****@mypharmacash.com and gi*****@gmail.com or phone number (***) ***-**61

The registrant of mypharmacash.com before it went private in 2016 was Mariano Bolanos in San Jose, Costa Rica. This is the same location as ‘Gina24Rx‘ this time using an email [email protected].

The owner Marianos Bolanos has numerous domains for pill-related items. His activity has died down since 2016. Many of the domains are active, though I have not investigated all of them.

Domain Cnaacr.com belongs to the National Chamber of Agriculture and Agroindustry in Costa Rica. In the footer, it’s signed ‘Web development by Bernetz’ (WayBack)

Domain Bernetz.com belongs to the company Bernetz IT Services that’s also registered to Marcos Bolanos:

https://twitter.com/bernetzit?lang=en

 

Still putting some pieces together on this one…

Organizations I’ve notified about being listed on Google under these kinds of reflective (XSS) and direct injection attacks today:

American Association of State Highway
Alabama Theatre
Arizona Department of Health Services
Berkeley Materials Science & Engineering
BainBridge Island Museum of Art
Califonia Digital Library
Children’s Community Day School
City of Dry Ridge, Kentucky
City of Tullahoma, Tennessee
Columbus Tech
Columbia University
Dickerson Park Zoo
Eastern New Mexico University
Ewing Marion Kauffman Foundation
FPrime Capital
Generation Citizen
Gulf of Mexico Fishery Management Council
Hudson River Museum
Monroe County History Center
Museum of Durham History
Miami Music Project
Multiple YMCAs
Methodist University
Palm Harbor Fire Rescue
Pathways 2 Life
Philly Expo Center
QuickLogic Software
SAE Institute
Schoharie County NY
Iowa State University
Irish American Heritage Center
Illinois State University
SoftLab
The City University of New York
The Port of Philadelphia
Toledo Zoo
University of Southern California
University of California San Diego
University of Minnesota
University of Mary Washington
Unmanned Systems Labs @ Texas A&M
Virginia Commonwealth University
Washington Internation Trade Association
Wisconsin Small Business Development Center
We Fest – Country Music Festival
WinterThur Museum
Wheaton Arts
Working Men’s Institute (Indiana)

Impacted Orgs: Google Webmaster Removal Tool 

Phish Gallery & Blog Update

Phish Gallery & Blog Update

Update

Why has the blog been so dry? Well, it’s complicated. There are always people who don’t want to see you expressing yourself in a public way. These invisible haters will try to make connections between your personal activities, i.e., Blogging and work-related things, in any way they desperately can. I win those battles; it’s just tiring to explain to the suits how free speech works. Support the ACLU and EFF. 

Visit my Twitter Feed to see screenshots of various threats that come my way from readers, and my own mailboxes being flooded with threats. Many of them turn into future news articles in the days or weeks to come, so you get a head start. Otherwise, I tend to post the news I’ve been personally reading throughout the day. Maybe you’ll find something interesting. Thanks for reading. I’ll be back as soon as I finish realigning my career goals and getting myself in a good place to write again.

Phishing Gallery

It’s been a CRAZY year for breaches, ransomware, and other cyber terrorism. Truly a daily occurrence all over the world. A collection of phishing screenshots I’ve collected this year from various honeypots and other sources. We’ve worked with many organizations over the years to take down infrastructure related to these attacks. The trend I’ve seen across security products is that they block effectively, but it takes days. Secondly, the sites and email sources tend to go largely unreported.  If you want to make a difference: Protect future victims by sending the abuse emails. It may take hours, but it’ll take days or even weeks as everyone shields themselves without bringing the sites down. Many providers I reach out to will respond quickly to eliminate the artifacts.

Useful Links:

www.joesandbox.com

www.any.run

www.sentinelone.com

www.dnsfilter.io 

Websites:

(Click the right > key to move through the screenshots. I need to fix the jumping around with different sizes)

Emails + Attachments:

AlphaRacks Offline

AlphaRacks Offline

No Comments

We reported a massive phishing operation taking place back in July of 2018 at Alpharacks. The spam, child porn, malware, and phishing never stopped for a moment since writing about Alpharacks back in 2018. The abuse@ team never responded to any direct emails between Quadranet and myself. The blog is under development but at this time Alpharacks is still offline as of 5/26/19. Here is the most recent Statement from Alpharacks

See our article: Phishing – A Master Anglers Toolbox

Recent updates: