help

Back to the 80's...

Most of my first week in Mexico was spent doing battle with two cellular companies:  Boost Mobile and AT&T over cellular coverage and pricing.

As the loser of said battles my only remaining recourse is to document the events within this blog so to serve as a warning to those in similar predicaments so that they will learn from this experience and not waste time getting gobsmacked by indifference and incompetence.

Prior to moving, I enjoyed AT&T cellular service in the SF Bay area.  I very recently changed back to iPhone ownership because the iPhone would pair with my hearing-assist device where as my HTC (Verizon) would not - this, despite spending a full day at the audiologist coaxing the phone, like a groundhog emerging from it's hole, to "see" the bluetooth device.  Eventually I abandoned my HTC phone in favor of the iPhone since the iPhone took the pairing on the first attempt.

(side note: to the credit of Verizon, when they learned of why I was switching phones, they waived the contract cancellation fee.  Well-played, Verizon - you have, through your sense of humanity, ensured an advocate in me!)

Anyway, life was good until I crossed the border into Mexico.  Within inches, AT&T graced me with a free text message informing me that cellular roam rates would now be incurred at $0.99/minute of talk-time and $19.97/megabyte of data.

Considering I had an unlimited data plan, with tethering, $20 per meg struck me as wee bit...shall we say, excessive...  Off to the interweb lumbered I, searching for call plans for my phone that would allow me to use my US phone in Mexico (albeit within a few miles of the international border) without the looming threat of immediate bankruptcy for doing so.

I was unsuccessful in locating a comparable AT&T plan that included Mexico in it's cellular goodness without having first to pledge most, if not all, of my future earnings to this corporation in return for minimal utilization of their services.  So, back across the border to the nearest AT&T store where I met a most-helpful clerk.

Jonaton was aware immediately of my "special" needs -- I don't care for cellular minutes being hard-of-hearing but, instead, rely heavily on data use for my communication needs.  In other words, I communicate with emails and text messaging.  I can use the phone but it's an involved process and, I assure you, I will not hear every word spoken with accuracy.

The best plan, even after he called advanced customer care, was something called the Viva-Mexico plan -- where I can have 450 minutes of talk time per month (on either side of the border) but data would be offered only as a pay-as-you-go option:  text messages would cost $0.50 each and data can be consumed at the rate of a mere $5/mb.  This would also lower my basic bill by half - to about $55/month.

I commented: Boost offers me unlimited text, email, phone and data, with international support, for $55/month -- how can you (AT&T) compete with this?  He just threw me a sad look and said: We can't.

Having, literally, no other choice being a new contract holder, I accepted the new calling plan.  When I later crossed back into Mexico, I tried the cellular service and it works ok.  Texting still seemed really flaky and I don't want to pay $0.50 per text, so I turned off all cellular service and now only use the phone, while in-country, when I can access wireless.  Basically, I am paying AT&T $55/month to not penalize me for the cost of the phone (new plan) or contract cancellation, said total being close to $1,000.

Phoneless, I next went to Boost Mobile because (a) everyone in Mexico uses the radio over the phone, and (b) the phones work in Mexico this close to the border over voice and text as well.  Finding a radio-phone, however, turned out to be an epic quest as all stores in the US have stopped stocking the phones in preparation for the removal of the IDEN towers which provide radio communications, making the (what I like to call the "beep-beep") part of the service go the way of the dodo.

Boost is actively tearing-down their IDEN towers - radio, a far superior communication service in terms of speed and clarity imo, for some reason is going away in the US at the end of this year.

I visited a total of five Boost stores without finding a single radio-equipped phone.  I finally decided on the smart phone option but the last store was out of stock of the particular model I wanted, (weird -- phone stores with no phones) so we headed back to the first store we stopped at.  Where at I learned that the store manager had contacted her manager who hand-delivered his last two radio-phones to the store.  Of which one had already sold.  Awesome!

I snatched the other one up (prematurely) declaring victory over the phone consortium's efforts to thwart my communication needs!  Huzzah!

We activated the phone and I returned to my new home...where I learned that the phone would not work on the cellular or text network.  Dialing 611 -- Boost's customer service number which they promise on their website will never be restricted was, on my phone, restricted.  The split-second I pressed the "ok" button to send a call, a screen pop-up declared "Service Restricted" on my call.

Two people, sitting next to me on my couch, both with Boost service, both with the exact same model of phone, were able to make cellular calls (to the US and Mexico) and send text messages.

At least my radio worked.

The next morning I searched their web site for solutions and, finding none, called customer service.

Remembering how difficult it is for me to use a phone, stumbling through Boost Mobile's IVR (interactive voice response) system was an absolute nightmare of chaos and misdirection.  I challenge you to get to a live person within five minutes of making the connection.  Not hold-time, mind you, but simply by navigating through their IVR options.  It took several tries - hanging-up and recalling - before I learned which options to not press.

As a former support manager, I've designed IVR systems.  Companies use them when they either (A) want to quickly route customers to the right person to talk with or, (B) do not want to talk to their customers.  Boost was clearly in category B - you have to have the persistence and patience of a diplomat to get to a real person.

I finally reached a live person and was further aggravated by having to repeat all of the information I plugged into the IVR back to the CSR.  This, to me, screams of incompetence and ambivalence towards the customer.  If you're not going to use/save the information I provide, then don't waste my time asking me for it.  (IVR Design Note:  A good way to reduce turn-over in your customer service organization is to not have your customers so spun-up and angry that they free-rage on your CSRs when they finally reach them.)

The CSR was clearly ESL (English as a second language) and I spent several minutes explaining the situation to her.   She attempted to "fix" my phone by having me turn the phone off and on several times, and performing master resets from the advanced settings menu.  Restricted service prevailed.  We quickly exhausted her catalog of diagnostic options.

I was escalated to level 2 -- which was another ESL person, who immediately asked me for all of my information starting with everything I plugged into the IR and why I was calling.  So, in addition to the IVR not recording anything, the CSRs apparently do not record anything about why you're calling them so that people in other departments can access (and learn from) the information.  Or they silo the info and the tech folks simply cannot see what the non-tech folks write.

Then the tech informed me (as did the CSR) that the IDEN service was going way at the end of the year leaving me with the impression of: since my phone has radio and this service is expiring, they don't feel as if they are obligated to help me with my issue.

First thing level-2 wants me to do is reset the phone: turn it off/on, master reset, remove the battery, etc.  I wondered if he thought that if he asked me to do this, if it would differently from when the CSR asked me to do this.

Still restricted service.

Side note - on my phone display, I show full bars, that line-1 is ready, and I am connected to the Boost network.  There's no reason why the phone should not work.

So eventually, the tech gets frustrated and takes the cop-out response of: well, since you're in Mexico, our $5 international plan only means that calls are guaranteed to work from the US to Mexico and not from Mexico to anywhere.  Doesn't care that services work on other phones in my proximity and has no interest of pursuing the issue further.

And that's how we ended the call.

So, my next thought was that maybe the counter-person at Boost (back in the US) forgot to register my cell with the network.  I gave my phone to one of my friends with an identically-working phone because she was heading over the border the next day and agreed to stop by the Boost store and ask them to look at it.  However, when she got to the border with the phone, she called her husband from my phone and since cellular service seemed to working, she decided to not go to the store and instead returned with the phone.

Which was still service restricted.

So, I called Boost back, and within about 30 minutes finally made it back to a level-2 tech who was quite puzzled as to why my phone wouldn't work.  We tried several variations of the reset, but nothing worked.  I opined to him that because the "Service Restricted" message was popping up so quickly when I pressed the send key, that the problem was in the phone's ROM and service restriction was software and not tower based.

He agreed that this was a possibility especially considering that my phone, chronologically, was a year or two older than my friends' phones that were working.

I asked him to call me, to see what he heard on his end and that was the end of that call as I was dropped.  Apparently too much to handle, the tech either intentionally dropped my call or his phone system was at a level so advanced he cannot work it properly.  In either case, I was pretty sure I wasn't going to get resolution from him.

Contacting Boost CSR a final time about my brick, that I've yet to use successfully, I asked about returns and refunds and was informed, in no uncertain terms, that I have pre-paid for my service.  They have no refund program.  Is there anything else we can "help" you with today?

So I paid about $110 for a brick -- at least I can use the two-way for the time being.  $3/day for 30 days (more or less) with more features I can't use than I can.  Sweet deal, yo.

Yesterday, I went to the Nextel store in Rosarito to inquire about IDEN and cellular service.  tl;dr - I can get a minimal calling plan (120 minutes) with unlimited radio for about $40/month.  I only get 20 text messages per month but additional texting is about $0.06 per message.  (It's nice when a phone company doesn't subject you to violent sex acts for a service, isn't it?)  All services on the phone work into California up to about Bakersfield at which point they become 1-way only.  Not sure how I feel about that but, hey, at least it works and I would have full services.

So, I'm going to chuck my Boost phone into the ocean once my month is up and buy the Mexico Nextel phone.  I use my Google-Voice number, which is paired to my Skype number, for all other phone services and eventually I'll add a Vonage number to my house that has a US number (to which I'll forward my Google phone to) and I'll be set.

Side note - I made the mistake of enrolling in auto-pay on the Boost mobile website assuming I would have a working phone similar to what my friends enjoy. While it was super easy to enroll, it's impossible to un-enroll from autopay on the website.  So another dreaded call to Boost is looming.  If you ever have to call Boost mobile, I recommend this information to help you get to a live person as quickly as possible.  I want something in writing from them canceling my autopay so that when they autobill me next month, I can force a refund.  (Look!  A windmill!  Chaaaarge!)

My AT&T phone I can use as a data terminal over wifi (facetime calls with the office and such) but I won't turn it on unless I'm back over the border in the US.  Once my contract is at a point where I can quit for $200, I'm out.

I have my Mexican Nextel for calling when I'm not at home.  If you're in the US and you want to call me, you're going to have to deal with your cellular provider and pay the extra fees that they'll extort from you.  Good luck with that.

Finally, I'm really hoping that Richard Branson does something spectacular with his Virgin line of phones.  It would be awesome to see a cellular company erase international borders and just have a phone that works, regardless of where you are, for a consistent fee.

Other than shoveling obscene amounts of profits into the never-satiated maws of the phone conglomerates, I just don't understand why this should be so difficult.  I honestly look forward to untethering myself -- like a heroin junkie coming clean -- from the cellular leash.  Freedom, I crave thy sweet sting!

I'm taking the path of least resistance.  If the phone companies don't want to offer something reasonable in return for my hard-earned dollars, then I have absolutely no problem converting those dollars to pesos and spending them here.

Just saying...

Apple Mail Encryption with GPGMail and OpenPGP

I've dabbled with encryption several times over the past few decades, never really getting serious about it.  It started when, in college, I would see that the faculty in the CS department had these weird signature blocks appended to the their USEnet posts containing something called a public key.

This is like setting a can of lighter fluid and box of blue-tip matches in front of a 10 year-old boy -- irresistible.

What I found in the later years is that using encryption for email is a lot like being one of the early adopters of the telephone.  Now that I have one, who am I going to call?  My family certainly doesn't use encryption in their email...those that have discovered email anyway.

Co-workers aren't likely to invest the time and effort into encryption simply because we're all too busy with work to be playing spy-games with our de-coder rings.

And, Dorothy, we're not in Academia anymore where, I imagine, it's really in use.  Closeted anarchists posting semi-heretical Berkeley-esqe rants against the Proletariat and all that.

And then there's the whole nouveau post-9/11 trend of "Guilty until Proven Innocent" thing happening.  I imagine some fedora-capped DHS agent squinting at me in a menacing fashion while I try to reason a plausible excuse for being so brazen as to need encryption for my emails in the first place...

So, at this point, let's assume that, like me, you're willing to whack the hornet's nest with a stick and use encryption for your emails and that you actually have someone on the other end willing to dust-off the de-coder ring and play with you.  We'll also assume that you know what PGP, GPG and OpenPGP actually are, and that you know how basic public-key encryption works.  (If not, leave comments to this article and I will do a future article explaining same.)

Standard Disclaimer: I am providing this tutorial as a hands-on, learn-with-me type of tutorial.  I am not an expert, nor do I pretend to claim anything other than neophyte status when it comes to encryption.  I do not advocate, support, or intend for you to use this, or any, technology as a means to intentionally bending, fracturing, or breaking laws in one or more jurisdictions.  MY only intent is to share what I've recently learned with you and to have some fun.

OK - that crap out of the way, let's get started.  First, as the title implies, this set-up is for Apple Mail under OS X Lion.  The release of the OS I'm currently working on is 10.7.4.

Download and install the GPGTools utility  (Version 2012.03.18 as of this writing.)

Although this article is for Apple mail, the GPGTools utility includes support for Enigmail in Thunderbird 7.  When you launch the installation utility, you'll be presented with a list of packages to install.  I installed all packages.

Once the install has been completed, you'll see a little dialog box appear on your desk top telling you the installation was successful, and would you like to read the Quickstart Tutorial?  This would be a good thing to do because I am not going to walk you thought the next steps in any great detail.  This reference, however, does.  With pictures.  So... go there and follow the installation step to:

Generate a key

You will generate a public and a private key.  Anyone with whom you wish to exchange encrypted email with must also have done the same.  They're called public and private keys for a reason.  One you share with the public and one you do not.  Key, using the nomenclature, are stored on what's called a keyring.  There are public and private key-rings.  GPGTools refers to key-rings as  keychains - these are one and the same things.

Please note that for whichever email account you're going to use to generate a key-pair for, that account must already exist in Apple mail.  The email address is case-sensitive so make sure you type it in exactly as it is stored in Apple Mail -- otherwise, your encryption will not work.

Over the years, I have created several key-pairs for various email addresses I have had.  What's critically important to remember is this:  write down your pass-phrase.  Also, click on the Advanced options tab, and set an expiration date (a couple of years is fine and 4-years is the current default - point being: set an expiration date) for your keys.  That way if, after a few years, you return to a previous email account address, and you've certainly forgotten your passphrase from lack of use, then you'll still be able to generate a new key pair if the old one has expired.  To remove a key pair, most public key rings require you to enter your passphrase.  This is known as a conundrum.

Once you've created your passphrase and uploaded your key, and you can see your new key in your keychain, open Apple Mail.  Send an email to

the email address you've just created (I know...) and you should see two buttons appear in the lower-right corner of the header bar as shown in the image on the right.

The two buttons, as shown above, allow you to either sign or encrypt your mail message.

Signing your email is flagging the email to the recipient assuring them that it was actually you who sent the mail.  In order to sign an email, OpenPGP has to have access to your private key. (You did keep your private key private, right?)  Since you're the only one, presumably, with access to your private key, then signing the mail guarantees to the recipient that the mail did come from you.

The recipient does not need to have your public key, nor do you need to have the recipient's public key, to sign an email.  Think of this as the "certified mail" from the US Post Office equivalent for email.

If you have a recipient's public key, then you may send them an encrypted email.  The recipient will need to have your public key in order to decrypt and read the email -- this is why we store public keys on public key rings.

[codesyntax lang="text" lines="no" capitalize="no"]

-----BEGIN PGP SIGNATURE-----

Version: GnuPG/MacGPG2 v2.0.18 (Darwin)

iQEcBAEBAgAGBQJPtnyiAAoJEC4S4zGLhwvBFNMH/1Yoh59etAcYZpAhZ+htpd81
QzZWDxOR2PeXtPkY3GWl4vdW7GABJ9ysl8vpdErsDtXs6LEVZXag5mV6CGTDNXmm
pdozUJCgNwbHTgoIUdjinmAXLR+4pYSfALTB1S2qpxzMpykBkR7SMuPm3+0LC77/
dwnsSVx5CNtJd8cPoPjwXJ6zaStJCNK+H17MItS5kpw3MqMU35qZdNCDV6ehhA8j
FmTyFoh1TeTmuBrNECWz9z3KniG6SWVl3K21LmS8PQExeHq8qcHGBz5yK2YhoW/w
bn4PIyHaUiXKQTNhYBSd1DrCPUWJKDJ+VCKQ0L97aUPeVPQBI14jsFOgc1dwUjs=
=xfmB
-----END PGP SIGNATURE-----

[/codesyntax]

That's pretty much it -- once you send a signed an encrypted mail, you can rest assured that (hopefully) your emails are safe from casually-prying eyes as they're no longer being sent in clear-text across the ether sphere.

Here's the raw-text (what's sent out over the ether) of an encrypted email message:

 

[codesyntax lang="text" lines="no" capitalize="no"]

Return-Path: <mshallop@gmail.com>

Received: from [192.168.0.2] (c-50-136-203-107.hsd1.ca.comcast.net. [50.136.203.107])
by mx.google.com with ESMTPS id qu6sm6794406pbc.36.2012.05.18.09.54.57
(version=TLSv1/SSLv3 cipher=OTHER);
Fri, 18 May 2012 09:54:58 -0700 (PDT)
Content-Type: multipart/encrypted; boundary="Apple-Mail=_4C5344B9-76FE-43EF-8620-073841EBF944"; protocol="application/pgp-encrypted";
Subject: test both
Mime-Version: 1.0 (Apple Message framework v1278)
X-Pgp-Agent: GPGMail 201 (a30)
From: Micheal Shallop <mshallop@gmail.com>
Date: Fri, 18 May 2012 09:54:56 -0700
Content-Transfer-Encoding: 7bit
Message-Id: <407C94BA-32A1-4930-B9F6-BBFE7900D213@gmail.com>
Content-Description: OpenPGP encrypted message
To: Micheal Shallop <mshallop@gmail.com>
X-Mailer: Apple Mail (2.1278)

This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156)
--Apple-Mail=_4C5344B9-76FE-43EF-8620-073841EBF944
Content-Transfer-Encoding: 7bit
Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME Versions Identification

Version: 1

--Apple-Mail=_4C5344B9-76FE-43EF-8620-073841EBF944
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename=encrypted.asc
Content-Type: application/octet-stream;
name=encrypted.asc
Content-Description: OpenPGP encrypted message

-----BEGIN PGP MESSAGE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)

hQEMAy4S4zGLhwvBAQf/YX1vGFhG0CLd7UU79fjHd4/nIHH9DVVsi8oqsmIwBNpl
zXvDZf3+uw3B7Shk3bls1fHcUdU8LZprY+HbQVZlh7IiGZ28K67rNIHKUtwuoX2I
DpZcLdRPGn1iGi7TNRs/3Fn3fjCCT15uVAbZZRvR1G3XqUc+//3TstCMTaNtg5Rl
KZbKnnrOaIt/OAou7BFCLQgGKAAIa3m/gFHEQxxLVaAQ3JISeX4/UZ7YlXAj5SYp
juVRKfekmjpoFoM4erf0Jjaw63lSjAZWXJi1m6IY8uSkzQZRUwANMYE577mBiZhw
d1kIBJfBlxWjUOK6FYV3bDZFjc2Fn2WM4+tEloOrcNLpASNVPOh332341GjxwVAg
USYLkh1Co7yqaQ1c830CD58XxmYsR/x0B8etL1bYQtZDJYITMa649tYCYtrAvHSw
GsgwDD67yaICruIJqwPAtz5+fkoF9xnlltz0UTUSsmzrlGkdbkHSnVrvOdgbvJEz
60UM1p7idKEcR5SCkNuLD9hYJaD/C7qRhyxYfjyjPlwtSSb9aSY+TBa0t/lRmPtU
q5N/EHRdm3CmTVqE3eT1IOoRsFibYfRJNJnkqgmVZdoHm/QhTOmuyK1SeBbB3P7F
Lnw7hS6aB7RMISg8rWiPGap+QVO8lzMjIXhd5BDu1Kxkk5dr7FLOC37aSC7X52VT
QcwvYlYPSV5s+ivFk/uKtB8L3k9rHsYHHkP13lli2a9ELy+KTv0SFp0Q8ClaC9Xm
RoWXKQxrTV2wxub4/V0UfSSUfct0mHfTFDltpDPAfaEL/ARgvIUI2SD6WXvfbums
yG2fS4Rr9NHr9bgkZJqt+anNGQOmly7654ecckD+Nj2PtmXnowBOrub91VvXSfKB
TKHZ7xmX9GOnk6qsFZppiXIxDXR9zYeLb5Ks0hCF3XDhXu8DAkS4vbmPm7BIn6fu
N1niCzihe187mJ3bKAj5rLSHpbBrMt/XcbaL+eNz7xIEtpWQjk+8qFUaxl5NxIX1
KtCwLhxUeZUCKHIv/cGOJKPANfdhN2SYHasFJvJ1Jts4us4JJg4rBjH50hiYaQ3W
OhGSQP7kvcKqMzHBhSXBKPpnwBtJ+tkXy5IpeMHUrREpGt39EOO4oiiyRYSrrm2T
GswOJwvv4Z32hreR2eAgfPAXZW3R6MtGA07xN3mqPtV1IO+izegbflVpQEi8Zlq3
KfT/ljoLiDTKdIsrlfIgtgec+G5SH6znO9Kv1IidYg9wtdL6G2bsTP9pCV24bCem
srTw3NDKfTK56Yu1ESQpf0WYMTzpGjzDhyHW86F5ej+jJV2rd4kicxvy0HJXOGbI
iHPvKVVoA7bMvvfVARoMIlqiQ5gzm41+
=z4VQ
-----END PGP MESSAGE-----

--Apple-Mail=_4C5344B9-76FE-43EF-8620-073841EBF944--

[/codesyntax]

 

Reference Pages and Additional Reading:

GPGTools First Steps Secure Email in Thunderbird and Apple Mail with GPG