On Sun, Oct 23, 2016 at 11:23 PM, Richard Holbo <holbor@sonss.net> wrote:
That said... getting end users to actually fix the broken routers etc. etc. is NOT easy. Very often we'll notify customers, they will _take their stuff to the local computer repair guy_ ... or office depo.... and they will run whatever auto scan they have and say it's all fine. Customer puts it back in, it's still broke, and they call customer support and want us to pay for the trip because _their_ expert says it's fine...
Totally accurate. I have knowledge of a company in my area that does this. They install tons of 'home security' and 'business security' devices on the cheap. The regular course of action is to plug the device directly into the back of the ISP router and let uPNP handle everything because the installer knows *nothing* about networking, IP addresses, firewalls, routers, etc... The installer also part-times as a home repair tech, and the procedure for any suspected infection is: 1. Plug the infected computer into the business network 2. Boot it up 3. Install AVG Free and run a scan 4. Install Windows Updates 5. Return the computer with a $85 invoice. 6. When the machine comes back a few weeks later, it's obviously not because she failed to remove the virus, it's because the user got a *new* virus. 7. GOTO 1 8. The loop repeats a few times until the customer gets frustrated, then their machine is wiped and reinstalled. I think the only way out of this is for some organization to step up and start issuing competency certificates (Not CompTIA!) that show the tech has demonstrated a particular level of competence to handle IT. Maybe like the Michelin Star system or ASE certs for mechanics. 1-star for people that might be able to plug in power and ethernet, and on the other end a 5-star--where you'd trust them to work on your grandmother's pace-maker while it is in production. Re-test every 2-3 years. Maybe even a group modeled after a lot of 'open governance' projects that you see in open source today. Heck 'NANOG Certified Technician' *does* have a peculiar ring to it... Then have a huge marketing campaign to let home and small business to go to the website to find a local *qualified* technician. The only down-side is that it's ridiculously difficult to test for certain engineering qualities. Not trying to be rude here, but I'm sure lots of people on this list have run into the two types of techs out there: #1 is there for the paycheck. They know how to install Windows Updates and run a virus scan. They probably know one OS (usually Windows) well enough. If they click the mouse and reboot long enough they can get 2 or more computers to talk together. They show zero signs of improvement or change unless it affects their paycheck. #2 is there for the love and curiosity of learning, creating, and exploring. They are constantly learning new stuff, exploring, researching, and tinkering at home because the love figuring out How Stuff Works. (I've found the second type of tech become the best engineers.) The first type is what you run in to when it comes to all these crappy device installs--old vulnerable router, webcams with default password and uPNP forwards from the internet, and infected desktop machines. 10 years ago it was perfectly fine to install AVG and Windows Updates, but because they haven't kept up, they don't realize that doesn't cut it now-a-days. They probably don't know what firmware is, let alone that some of these devices can/should be upgraded. (I caught one installing a DVR based on Windows XP last week. I said "Isn't XP end of life?" "No, I just bought it last week." *facepalm*) Give the customer a reliable way to weed out the dead-wood and get a *good* technician, and most of them will gladly pay more. Or they will eventually after having no end of trouble with the first kind of tech. Sorry for the long rant, but it's either industry self-regulation or government regulation. Something will have to change. -A