Hadn’t rented from Hertz in many years until last week. Made sure to fill the tank back up as high as it would go just in case. Get thru security at the airport and already had a $26 charge for fuel. Still working on getting this fixed. Funny how they can charge within 5-7 minutes but they take 5-7 business days to process a refund.
Good luck. I’m fighting them from the beginning of April because they failed to check the car in properly (I asked for a receipt and they said they couldn’t print one at the return, despite being in the receipt line). I got charged for the next renters days, late fees, recovery fees, and tolls accrued by them. They agreed to refund (which still hasn’t happened) and a few days later they charged me for not returning the car full (it was).
Fortunately for us it’s just a credit card charge that’s being disputed. For friends of ours they reported the car stolen and filed a police report.
This doesn’t seem like how a legitimate business operates, but more like a syndicate. While I understand individual locations are franchises, they have eerily similar catastrophic failures that seem to regularly occur.
This is probably important context to include when you make this recommendation (from your other comment):
> Ultimately they sent me a bill for the cost of the rental minus the gas and threatened to take me to collections if I didn't pay it.
This is the always-necessary reminder that credit card chargebacks do not in fact relieve you of the duty to pay for services that you did receive. A chargeback may be necessary to get the merchant's attention, but you do need to be careful to actually pay them the correct amount in the end.
It's funny you should say that, because OP actually tells a more complete version of the story here [0]. Hertz did send them a new bill with a threat to send it to collections if it weren't paid.
Maybe still a win in the end because the incorrect charge was removed, but I get really uncomfortable with how casually people recommend chargebacks on this forum. They're not intended to get you out of charges that the other party can prove you did agree to pay.
Bundled with a bunch of charges that were, in fact owed. OP disputed the whole charge (probably because that was the only option), but it's important to know that Hertz did come after him for the rest of the money.
Right: as you say there probably was no other option -- OP was in a bind because all the charges are packaged together. There wasn't really a neat solution to this, except how OP played it, which could have ended up going badly wrong.
18 U.S.C. § 2512, which prohibits the manufacture, possession, advertisement, sale, and transportation in interstate or foreign commerce of devices that are primarily useful for the surreptitious interception of communications
(although is this a hardware-specific prohibition?)
This is a ChatGPT-level question :) . Pasting GPT-4 response:
If someone is caught installing a backdoor into a software library such as libxz, particularly one that interacts with a secure communication protocol like OpenSSH, they could be charged with several offenses under United States law. The specific charges would depend on the details of the case, but here are some possibilities:
1. Computer Fraud and Abuse Act (CFAA) Violations: The CFAA is the primary federal law in the U.S. for computer crime. It prohibits a variety of different types of computer-related activities, including unauthorized access to a computer system, causing damage to a computer system, trafficking in passwords or similar information, and more. A person who installs a backdoor could be charged with unauthorized access and/or causing damage.
2. Wire Fraud: If the backdoor was used to obtain sensitive information or to cause harm, the person could be charged with wire fraud. This is a federal crime that involves using interstate wire communications to carry out a fraudulent scheme.
3. Identity Theft: If the backdoor was used to steal personal identifying information, the person could be charged with identity theft.
4. Economic Espionage Act (EEA) Violations: If the backdoor was used to steal trade secrets, the person could be charged under the EEA.
5. National Stolen Property Act (NSPA) Violations: If the backdoor was used to steal data or other "property," the person could be charged under the NSPA.
6. The USA PATRIOT Act: If the backdoor was used in a way that could be considered "cyberterrorism," such as causing harm to a critical infrastructure system, the person could be charged under the USA PATRIOT Act.
It's also worth noting that if the person was working on behalf of a foreign government or organization, they could be charged with additional crimes, such as espionage.
Keep in mind that this is a complex legal issue, and the specific charges would depend on the details of the case. If you're dealing with a situation like this in real life, you should consult with a legal professional.
As someone on reddit mentioned yesterday "Jia Cheong Tan" is an anagram of "CIA Agent John". Which may be accidental or a funny pun by the backdoor coder.
No, but the patience is quite amazing which makes me think it is someone who is employed to do this either by an intelligence agency or by a major ransomware company.
I think the undersold part with the patience/timeline taking years is that “Jia” surely has more identities and scams in play.
Everyone making products used as supply chain components for someone else should be looking at the timeline and considering which of their developers might match the same pattern.
I do not believe that “Jia” had only one iron in the fire.
I wouldn't make a Pikachu face if it was proven to be a major actor.
But the "amazing patience" is not at all unusual among people who work on open source projects for fun, right?
And what would the payday have been for a single individual who managed to get this backdoor deployed in all major distributions? How much is something like that worth on the black market? Tens of millions of dollars?
most people now will say something about the commit timestamps indicating this is an Eastern European actor, but it seems like any sufficiently dedicated intelligence service could script their commits or even assign a person to keep certain sleep/wake hours just to falsify that data
After having worked in retail for 20+ yrs, both in the field and in IT, what I saw as the largest cause of shrink was always just simple accounting errors.
For example, I saw all the time a store would receive a case of merchandise from a vendor containing 100 toothbrushes, the computer says it's a qty of 100 for $2.99, but the receiver scans in the barcode for the whole case instead of the individual toothbrush and puts in a qty of 100 received. Now the retailer thinks they should have 10k instead of 100 brushes on hand, which gets picked up as a loss. I've seen similar things where the case pack sizes or prices were fat fingered by the corporate buyer and wrong in the system causing massive perceived shortages.
But that would only explain the ~20 billion dollar increase in shrink if stores had very high turnover due to low hourly pay (and a recent push for employees attempting to demand more), a strict immigration policy (or the afteraffects of low immigration during a recent pandemic) and poor working conditions (for floor employees), resulting in poorly trained employees that may not realize their mistake!
I've always heard that as "scheduled uptime" or "unscheduled outages". When I worked in a mainframe shop, they used to IPL (reboot) the mainframe every Sunday morning. That down time was never considered as part of the SLA.
Not disagreeing, just commenting that I would have assumed that taking the entire system offline for a reboot on a weekly basis would be untenable from a business perspective. It seems at odds with the concept of all the redundancy built into mainframes to ensure high availability and uptimes. Given that many mainframe-based systems (e.g. airline reservations) generally need to be available 24/7/365, I would have assumed that while one part of the system is being rebooted, others are still available so the overall application can continue to run uninterrupted.
I have a similar experience here in MA. Our town owns the power company as a non-profit and we have amazing service. We never lose power unless someone crashes into a pole or something, and even then it's only out for a short amount of time. When we have a big winter storm and all the surrounding communities on the large providers tend to be dark for days or longer, whereas here any outages are fixed quickly. They actually go around and trim trees off the lines to prevent future outages.
I always thought there were license restrictions from Nvidia preventing the use of their consumer grade GPUs in datacenters / cloud environments. Is this not the case?
To clarify, we don't offer any consumer cards (RTX 3080, RTX 4090, etc) mentioned in the thread. Instead, we provide professional cards from the RTX Series such as the RTX 4000 and RTX 5000.
Is there any decent tool to determine areas where symmetric broadband coverage in a given area is available? From what I can see on the FCC map it just using their "broadband" definition of 25down/3up which is akin to dial-up for most of the folks on HN.
I'd bet operators of major conferencing software have a pretty good idea of how well ISP connections work nationwide. Aggregated (or even maybe not) they would paint a very accurate picture. Now we just need to get someone in government, who will probably become a lobbyist after, to care.
A few years back Microsoft mentioned that something like 42% of all Windows computers have less than the 25Mbps broadband that the government is aiming for. Of course, not all computers run Windows, and even then it doesn’t tell you the difference between broadband availability and the desire or ability to pay for it.
yes this is true -- it turns out that MSFT has easily measured the time it takes to download upgrades on a very large scale. This private data is mentioned in the Princeton study "No WANs Land: Mapping broadband connectivity"
I agree. Not sure why all the hate. I’ve used SpinRite to recover some bad drives of mine and friends/family over the years and it’s worked quite well. Had one Windows box that was failing to boot before the login screen, ran SpinRite and it found / fixed some issues. Rebooted and the machine was fine. At least fine enough to copy everything to a new drive and ditch the old one. Haven’t tried it on an SSD though.
This is not a comprehensive checklist per se, but a minimum set of security controls to implement to help secure your AWS account and workloads running on AWS within your account.
