Robert John Morton
The Internet Website Hosting
Internet Insecurity
Spam Email
Digital Exclusion
Security Warnings
Modern Websites
Semantic Indexing
Router Problems
About ISPs
Introduction
W@y Internet
NET,
Oi,
Blink
Claro,
GVT
Conclusion
After 10 years of excellent service, Way TV went bust. I had to search quickly and frantically for a new provider. I decided to try an ISP called NET. This was my beginning of woes.
I searched the Web for ISPs who could provide an Internet access service in my locality. I found three: Oi (who had taken over the old W@y TV service), NET (NET Serviços de Comunicação S/A) and GVT (Global Village Telecom). GVT is the last company on this planet with which I would wish to do business. I will reveal why later. I therefore decided to try one of the services offered by NET.
I found a package offering 15 Mbps download speed and 2 Mbps upload speed. This was adequate and the price was reasonable. However, I needed to ascertain that this service did not have ports 21, 4662, 4665, 4672, 47862, 57195 closed because I needed these to be open for the file sharing protocols through which I made my articles freely available. I would really have liked a fixed IP address with port 80 open as well. However, I was not hopeful that this would be possible and resigned myself to having to live without it. Try as I might, I could find no information whatsoever about the status of listening ports from NET's website. I logged in to NET's chat facility through which I could chat live to an "expert". I tried chatting with several of their "experts" at different times but not one of them answered my direct and pivotal question about listening ports. It was obvious to me by then that none of these "experts" even knew what a listening port was. And neither, apparently, did their supervisors.
My only option was to take on the service conditionally. I ordered the 15Mbps service from NET on Friday 07 August 2015 via NET's website. I included the option for integrated telephone service because the additional cost was minimal. This included the migration of my current telephone number from an Oi telephone line to the new NET telephone. My Oi telephone account was a simple stand-alone telephone service. It was completely separate from the old W@y TV Internet service which Oi had bought and taken over. My order was confirmed by email from NET on Friday 07 August 2015 at 10:59 am. The installation was scheduled for the morning of Tuesday 11 August 2015.
On the morning of Monday 10 August 2015, I received a phone call from a man purporting to be the installer of the NET service asking directions to my home. I gave the directions but said the installation had been scheduled for the next day. He arrived at about 11:30 hrs. with a modem, RJ45 connecting cable, a large coil of coaxial cable and a bag of tools. Not having expected any disruption until the following day, both computers were running and I was working on-line through the old [W@y TV] cable service. Everything was working perfectly as it had been doing for the past 11 years. I had to log off from my Internet activities but left the computers and router running.
The technician disconnected the coaxial cable, which carried the old W@y TV cable service to my apartment, from the splitter in the W@y TV source cable at the distribution box in the hallway outside the apartment. He reconnected the cable to the apartment to a different splitter which was on the source cable of the NET cable service.
The technician then went into my work room and disconnected the old Motorola cable modem from my TP-Link router and removed the modem, He replaced it with the different modem, which he had brought with him. He had brought it loose and unboxed. There were no instructions with it and no user manual. He connected the new modem to my router through the short yellow RJ45 cable he had brought. He connected the new modem's power supply and plugged it into an outlet. He also plugged my telephone into the new modem he had brought. The modem he had brought with him was as follows:
|
|
The technician did not install any coaxial cable anywhere: neither in my apartment nor anywhere else in the building. He used the existing coax that had been installed 11 years previously by W@y Internet and was still in place. He therefore did not use any of the large coil of coaxial cable, which he had brought with him.
The lights of the new modem illuminated in the normal way to indicate that it had synchronized correctly with the NET digital cable service. I tried to access web sites from my browser. There appeared to be no access to the worldwide Web. The browser appeared to be unable to access a Domain Name Server. I then opened the web interface of my TP-LINK router (through which I had been accessing the Internet up to a few minutes before for over 5 years via the old W@y TV Internet service) which had been working perfectly minutes before on http://192.168.1.1:86 to check the WAN status report:
WAN information registered by router:
| Endereço MAC: | BCAEC55CE92A [de router] | |
| Endereço IP: | 100.68.64.37 [IP Dinâmico] | pings OK |
| Máscara de Sub-rede: | 255.255.224.0 | |
| Gateway Padrão: | 100.68.64.1 | pings OK |
| Servidor DNS: | 201.17.128.74 | pings OK |
| 201.17.128.79 | pings OK |
This indicated that the router had established contact with the modem correctly and had acquired DNS servers. I tried to access a common well-known website. The browser appeared not to be able to establish contact with a DNS. I pinged the working IP address of the modem as well as the IP addresses of the gateway and the DNS servers. All answered my pings correctly as shown in the above table. I also pinged the standard IP address 192.168.100.1 for modem web interfaces. The RCA Thomson modem answered the pings correctly. I tried to access the modem web-interface on 192.168.100.1:80. The page started to load but the modem reset the connection almost instantly before any of the page appeared on screen.
The next day, once I had put the old W@y TV service back, I discovered by web search that the RCA modem the technician had installed was an old discontinued model, which could only be configured via telnet. Since telnet is a vulnerable service, which I don't use, I had closed the telnet port (Port 23) in my computer's firewall.
A second technician had by now arrived at the request of the first technician, who was clearly out of his depth. The second technician told me that the web-interface address was wrong and should be 192.168.0.1. I pinged this address. No response. There was no service at all on that address. I tried a remote ping-back, which gave my IP address, as seen from the outside world, as 186.206.255.254.
The second technician rang his superior. Then he told me that the problem was with the NET service itself and nothing to do with my equipment configuration. He said the problem was because NET is changing over to IPV6 addressing so the modem would have to be reconfigured for IPV6. Of course, there was no mention of this in any of the scant information available prior to purchase. Furthermore, as is apparent in the above table, all necessary addresses had been acquired for the WAN (Internet) side of the router. All these are clearly IPV4 addresses. There isn't a single IPV6 address in sight, neither is any needed.
I tried again with my computer connected straight to the RCA modem, thus bypassing the TP-Link router. I still could not access a single website. My computer has an absolutely up to date version of the Linux generic kernel, its headers and all necessary auxiliary packages. Its networking software is 100% IPV6 compatible. I opened the networking configuration utility but could see no evidence that it was trying to acquire an IPV6 DNS.
The second technician said that an expert called Sirley would come tomorrow [the day for which the installation was originally scheduled] at 9:00 am to re-configure the modem. The two installers could do no more.
Before leaving, they presented a multi-layer form to be signed. The in-fill was essentially illegible but it was duly signed, assuming it was to verify that they had attended the premises and installed the equipment, which they had. The two installers left at about 12:30 hrs. leaving the bottom copy, in which the in-fill was completely illegible. Being British, I am, as a customer, always used to receiving the top copy (written layer) of a multilayer form. Here in Brazil, however, I am not too familiar with the rules in this regard. That evening, I took a closer look at the form. Please click the image for a high resolution view of the form. I [1] had inadvertently signed a form whose illegible in-fill did not reflect the truth.
Although the entire written in-fill of the form was totally illegible, the marks against certain yes/no tick-boxes could be deciphered. These asserted that:
All the above were lies. The technician did not bring a Welcome Pack. Nor did he bring a copy of the contract. Hence I did not know the contract number when I decided to cancel it. The technician did not instruct me on how to use the system. He couldn't. It wasn't working. Consequently, the ticked statement saying that the NET service was working perfectly as witnessed by the customer was an outright lie. The customer was never asked to show an identity card, which, had I been asked, I could have shown them there and then. Especially with a company like NET, one must remember the age-old advice: caveat emptor (let the buyer beware).
I tried making phone calls with the telephone connected to the new service. I had difficulty obtaining a dial tone. Eventually I heard a dial tone and dialled somebody I know. The call was successful. I managed to make another successful call. That was the last call I was able to make. Try as I might for over half an hour, I could not acquire a dial tone. What use would this be in an emergency? What use would it be for anything? Furthermore, I did not know the number of the NET telephone from which I was calling. It wasn't my normal number. The telephone plain and simply did not work. I re-plugged my telephone back into the original normal telephone line supplied by Oi (formally Telemar).
The following morning, the "expert" Sirley never showed. The second technician had given me his cell phone number 83351796. Nobody answered on this number. I rang NET and made a new appointment (Protocolo de atendimento: 01-31-50542887946 Tuesday 11 August 2015 14:00 BRT) for yet another "expert" technician to come. He came at about 12:20 hrs.. He connected his laptop (running Microsoft Windows) to a spare port on my LAN router. He was able to test download speed and access web sites. He said the problem was my OS, Linux. This to me seemed rather strange. The technician said he could do nothing more. He only knew about Microsoft Windows. Having been in IT for over 50 years, I knew well this kind of declaration. It's always the fault of the user's equipment, despite it having been working perfectly well with the W@y TV service for 11 years. I knew it was now up to me, the customer, to resolve the technical difficulties with the NET service.
Then I had a eureka moment. For such a problem as this, the difference in the operating systems was irrelevant. If it worked with the technician's Windows laptop but not with my computer, something within my computer was blocking the passage of certain data which the laptop was letting through. "My firewall", I shrieked. My firewall settings must be blocking a listening port required by the NET service. I switched off my computer's firewall. I was then able to access websites from both my Linux machines. However, it left my Linux computers unguarded and potentially vulnerable. I had to make sure that I disabled or uninstalled all unrequired service dæmons. It was then around 12h50. The third technician left. At least I now had Web access.
Since my experience with the NET service, I have never discovered why my web browser should need an open listening port in order to access a DNS. It has remained a mystery. I cannot see why the browser ever needs to listen on an incoming port at all. This is doubly mystifying since the firewall in my TP-Link router has exactly the same listening ports open as the computers do, except that the computers have additional listening ports open for services limited to the Local Area Network (LAN), such as printing on Port 631 and NFS on Ports 15, 16, 31 and 32, which are not open in the router's firewall. Unfortunately, I never had time to investigate exactly which port the NET service needed and why. It makes me rather suspicious of what "else" the NET service may have been trying to do in my computer other than finding and serving the requested web page.
The technician having left, I set about to verify that all my required services were operating correctly. I started my web, FTP, eDonkey/Kademlia and Gnutella/G2 servers. My FTP and Web servers only had visibility within the LAN. They were not visible to the outside world. This was no surprise as the service only provided a dynamic IP address. I could live without them. I would have to live without them from now on. My eDonkey/Kademlia and Gnutella/G2 servers were firewalled. All their required listening ports were blocked, even though they were all open both in my computers' firewalls and router firewall. They could only be being blocked by the NET service itself. I used an external web-based port checking service to check the operation of 8 listening ports that I needed to be open. All were being blocked by the ISP [NET]. Not so much as one of the listening ports I required was open.
I don't know whether the ports were being blocked by the ISPs routers or simply by a firewall inside their modem. But, without a user manual for instructions on how to do so, I could not get configuration access to the modem. So the question was moot.
I could not share my essays and articles with colleagues and other interested people all over the world. They preferably need to be able to access them on my FTP site and download those files which contain essays and articles that they may wish to read. Without open ports my eDonkey/Kademlia and Gnutella/G2 servers can work after a fashion, but incoming searches would be impossible, which rather defeats the object of the servers. I finally tried to access the FTP server of my web hosting service in the USA. I could not connect to my web hosting service by FTP. Consequently I could no longer maintain and update my own web site.
For me, these blocked listening ports rendered the NET service completely and utterly useless and unworkable. Consequently, after no more than an hour's rigorous testing, I realized there was no option but to cancel the NET service, which I did at 13:20 hrs. on Tuesday 11 August 2015.
I could not cancel the contract without knowing the contract number, which of course, I did not know because I had never been given a copy of the contract. After a long and stressing telephone call, I finally managed to prize the contract number (013028414190) out of NET. Then followed four attempts to cancel the contract:
| Attempt | Protocol № | Time | Date | Attended by | Modem to be Collected |
|---|---|---|---|---|---|
| 1 | 013150543019564 | 13:10 | 11/08/2015 | unknown | |
| 2 | 013150543024663 | 13:20 | 11/08/2015 | unknown | |
| 3 | 013150543683229 | 13:37 | 11/08/2015 | unknown | 19/08/2015 |
| 4 | 013150543743585 | 13:38 | 13/08/2015 | Anderson | 24/08/2015 |
In the first two attempts, the person who attended gave a protocol number and then left me waiting indeterminately until the call finally dropped. Finally, at 13:37 hrs. the NET functionary verified that the contract was cancelled without onus and that the modem would be collected by NET on the 19th August 2015.
I immediately removed the NET modem from my installation and put back the original W@y TV service's RF cable modem. I disconnected my apartment's cable from the NET service cable at the distribution box in the corridor and reconnected it to the old Oi (W@y TV) service cable. I was — however temporarily — back on the Internet.
I spent Wednesday, 12 August 2015 at my computer catching up with my two entire mornings of lost working time. The following morning (Thursday 13 August 2015), I telephoned NET to make sure that the migration of my original telephone number from the original Oi telephone line had been cancelled too. Then it all began all over again. I was told that there was no record of my contract having been cancelled and that neither had the migration of my telephone number been cancelled. That is when I embarked on the fourth attempt to cancel the contract. This time my call was handled by a person who identified himself as "Anderson". At 13:38 hrs. on Thursday 13 August 2015, Anderson assured me that:
Early, on the morning of Friday 14 August, I had an uneasy feeling about the fourth cancellation attempt. Why should it be any different from the other three? Furthermore, NET had extended the time it was going to delay in collecting the modem. NET may use this to construe that I had had use of their service from 10 August until 24 August, which was 15 days or half a month. In fact, I had had workable access to their service for less than 40 minutes, a fact they could easily verify by pinging their modem remotely and seeing that it was not connected. Even then, I could only access the NET service with my computer firewalls completely disabled.
For this reason, I decided not to wait any longer and to contact Anatel, the telecommunications regulator in Brazil. I registered on the Anatel website and filed a complaint against NET at 09:55 hrs. 14 August 2015 under Protocol №27016432015. I must now wait to see if it will have any effect.
The next day, Saturday 15 August 2015, at 11:05 am, NET called me by cell phone confirming the Encerrramento do Contrato (Termination of the Contract) and that the modem etc. would be collected between 12:00 and 17:00 hrs. on 24 August 2015. The Protocol № of this action was given as 013150544333121. Later, at 13:00 hrs. on the same day, NET called me again by cell phone saying that they had been contacted by Anatel and that the modem etc. would be collected earlier, namely, on Wednesday 19 August 2015 between 12:00 and 17:00 hrs.. The Protocol № for this action was given as 013150544155219. NET gave me telephone № 08000200200 to call, should there be any further problems.
This whole process of ascertaining the applicability of the NET Internet service to my requirements had consumed a whole week's worth of stressful mornings. My anger was raised because all this disruption could have been so easily avoided if the NET sales staff had not been so abysmally ignorant of the product they were selling. I had tried desperately to find out all the necessary technical information about the service before purchase, all to no avail. I was met at every turn with an impervious wall of ignorance.
It appears to me that NET employs people with little, if any, technical knowledge and provides them with little, if any, technical training. In other words, NET appears to me to have externalized the whole task of ascertaining the technical applicability of the offered service, plus the managing of their sales and technical staff. This task thus falls into the lap of the customer, without him being provided with any references to necessary proprietary information. The only place I was able to find any technical information at all was on blog sites for disgruntled users.
With all listening ports blocked, the NET service cannot rightly be called a proper Internet access service. And so NET is not strictly an ISP. It is simply a Web access service provider (WASP). The user can access content via a Web browser and partake in whatever restricted interactive facilities can be implemented through a Web page. But nothing more. NET's blocking of all listening ports, without allowing the user to unblock those of his choosing, is absolutely contrary to the Suggested Practices of the Broadband Internet Technical Advisory Group, the emboldened heading statements of which are listed below.
It appears to me that, on all these points, the service provided by NET scores a big fat zero.
At 16:30 hrs. on Wednesday 19 August 2015, a technician from NET collected the RCA/Thomson DHG534B modem, yellow RJ45 cable and wall wart power supply. NET did not incur any costs for installing any cabling or outlets within my apartment because these were already there.
Notwithstanding, on 12 December 2015, I received a totally unexpected and extremely severe letter from what appeared to be some kind of financial debt registry called Serasa Experian. The letter was dated 01 December 2015, post marked 03 December 2015. It was not received until 12 December 2015. As well as the name of Serasa Experian, the letter also bore the name Claro, which is a telecommunications service provider. However, as best as I am able to ascertain, the letter appears to have been sent by Serasa Experian. The letter was not signed. Please click the image on the right for an enlarged readable view of the letter.
The letter states (wrongly) that, for reason of non-payment, NET has terminated my contract and requested that my name be blacklisted, presumably on a publicly-viewable blacklist maintained by Serasa Experian, the author of the letter. The letter then specifies the creditor as:
NET BELO HORIZ
CPNJ: 40.432.554/0835-06
Endereço da Credora: R FLORIDA 1970 - CIDADE MONCOES -SÃO PAULO - SP - CEP:04565-907
The letter then details the alleged debt as follows:
| Valor da anotação | Data do vencimento | Natureza | Contrato |
| R$309,18 | 20/09/2015 | OUTRAS OPER | N28414190/05T654 |
The letter continues by making an overt threat that unless I settle the debt within 15 days of the date the letter was allegedly posted (03 December 2015) then my name will be made publicly available on Serasa Experian's blacklist of non-payers. Since the letter was received on 12 December 2015, this leaves me until Friday, 18 December 2015 to settle the "debt". That is 5 working days from becoming aware that this alleged unexpected and incongruous debt even existed.
The letter then specifies two telephone numbers (3003-0222 and 0800-722-0222) which I may call to negotiate how I may pay the "debt" and get my name removed from Serasa Experian's blacklist. I telephoned the appropriate number, whereupon I was asked to dial in my CPF number, which is a number allocated to all residents in Brazil, as a unique personal identification for all financial transactions and taxation payments.
At this point I became highly suspicious. This had happened before with regard to NET and also Oi (see later). These ISPs are surrounded by swarms of dubious businesses, some of whom provide out-sourced technical services and others who are simply phishers of personal information for purposes such as credit card fraud. Generally, the next piece of information asked for is one's RG (Registro Geral) number, which identifies a person as a citizen or a foreigner of permanent residence. Then follows a request for one's credit card number, including the 3-digit security code (presumably for the purpose of settling the "debt").
I had received a letter, right on top of the 11th hour, about an alleged debt about which I had had no previous intimation and which does not make any sense. This letter contains telephone numbers which are answered automatically, do not announce who they are and ask immediately for sensitive personal information. I have no way of verifying the letter's authenticity. To me, this spells scam.
The following facts are relevant with regard to this letter.
The contract was not terminated by NET: it was terminated by me.
This was not because of my non-payment but because I had found the service to be unsuitable for my purposes.
No information or warning regarding this charge was given prior to the trial purchase.
No invoice or statement of account regarding this charge was ever received prior to the letter received on 12/12/2015.
I had never seen any mention of a Contract N28414190/05T654 prior to receipt of the letter on 12/12/2015.
I used the service provided by NET exclusively for the purpose of evaluation.
This was necessary solely because NET was either unable or unwilling to provide me with the simple necessary and sufficient technical details about the service for me to be able to verify that it could not meet my requirements.
I used the service only for the 40 minutes I required to evaluate the suitability of the service to my needs, after which I removed the NET modem and disconnected the service from my apartment.
NET incurred practically no costs since all necessary cabling and fittings were already installed in my apartment and condominium building.
I managed to access the Internet for the first time using the NET service at 12:00 11/08/2015. I cancelled the service at 13:10 11/08/2015: Protocolo 013150543019564.
I was told by NET that the service was cancelled without onus: Protocolo 013150543743585.
The cancellation was arbitrated by Anatel: Protocolo 2701643-2015.
Due to the imminence of the threat to be placed on a blacklist of non-payers, I decided to deal with this through Anatel. So, on 13 December 2015, I registered an appeal to Anatel, via the Anatel website, about this "charge out of the blue" — apparently levied by NET.
The whole way this situation had arisen led me to suspect that the letter purporting to be from Serasa Experian was the work of a identity theft gang. It was a letter out of the blue. It arrived at the 11th hour, leaving no time for me to deal with the situation calmly and systematically. There was no prior intimation whatsoever about the existence of this charge. I had no reason to suppose of its existence. However, I was to be rudely surprised.
At 09:10 hrs. on 14 December 2015, I telephoned NET on number 10621, which I knew to be genuine. My call was attended by a functionary called Daiane who gave a Protocol No 013150585472291 for my inquiry. I related the situation of having received this letter purporting to be from Serasa Experian, fully expecting to be told that NET had no record of any outstanding debt, which of course it shouldn't.
To my absolute surprise, she said there was an outstanding debt of R$309.18 from 20/09/2015 which I had not paid and that I could retrieve a payment slip from the NET website or, if I preferred, she would send the payment slip to me by email. I opted for the latter.
I received the email to which was attached the bill-cum-payment slip shown on the left. Please click the image for a readable version. I note with interest that the nature of the charge is for "Itens Eventuais", which I would translate as "Sundry Items", which is appropriately nebulous, especially since I had asked for details of the charge. Details are shown below, although I have to admit that I was unable to read the microscopic print without a magnifying glass. NET charged me R$9.18 for 3 days use of their service. In fact I used it for only 40 minutes. The NET modem was connected to the coax for 70 minutes, after which the coax itself was disconnected from NET's service and reconnected to the old W@y service. The bulk of the rather excessive cost of R$300 is stated as being for the installation of the service.
The first thing my magnifying glass picked up in the "details" of the bill was that NET charged for the installation and usage of a service called "VIRTUA 15M S/Wi-Fi COM FONE". NET did not install anything that could be remotely construed as Wi-Fi.
The only activity, on the part of NET, which could be construed as installation of the service was as follows:
Please note that it was I who had to reconfigure my system to suit their modem by switching off my firewall. Even then, all I could do was access websites: nothing more. It was then I who disconnected their modem and reconnected the old W@y service. How can what NET did possibly justify a charge of R$300, especially when they said that the service would be cancelled without onus?
It was W@y TV who had cabled my apartment over 10 years previously on 20 December 2005. The service order detailing this work is shown on the right. Please click on the image for a full sized view. I have paraphrased, in the following list, the installation work carried out under this order.
Total time taken: 1 hour 57 minutes. This I can imagine as justifying a charge of R$300, although W@y TV made no charge for installation at all.
NET did not carry out any such installation work. NET simply used the existing installation put there by W@y TV ten years before to allow me to test the suitability of their service. NET said to me plainly that the trial was without onus and then renegued on what they had said by charging a substantial fee. And this false cost could be what NET charged onwards to me as the customer for whom the work was purported to have been done.
It is entirely possible that NET truly believes that the installers it sent did the full installation of the coaxial cable and fittings to, and within, my apartment. As I am given to understand it, NET outsources the task of installation to various one-man-and-his-dog businesses. It is therefore entirely possible that the people who connected the NET modem in my apartment invoiced NET falsely for the price of a full installation, charging for the full time for drilling and routing, plus the cost of a copious length of coaxial cable and associated fittings.
Notwithstanding, NET made this charge without billing me or even telling me that they had made a charge. The first I know about it is 5 days before they place my name on a publicly-accessible blacklist of bad payers. I have never in my life been a bad payer. Thus, placing my name there constitutes a Tort of Defamation against my person and my character. Being a Public Servant, this could well jeopardize my career, my position and my pension, as well as precipitating future consequential losses and damages. And all without just cause.
Consequently, although I deny absolutely that I have any obligation whatsoever to pay this charge, I nevertheless decided to pay it. This is solely to avoid NET placing my name on the Serasa Experian blacklist. They have — deliberately, as it appears to me — left me no time to dispute this charge before my name would appear on the blacklist. I have thus been forced to pay a debt I do not owe in order to avoid suffering the unmerited dire consequences which NET and Serasa Experian have threatened to place upon me. To my mind, this makes me an undeserving victim of aggravated extortion perpetrated upon a hapless individual by two substantial corporations. Certainly, in any future judgement I may make, I shall regard the Serasa Experian blacklist of bad debtors as having no credibility whatsoever, either way.
On 16 December 2015, I received a phone call from NET saying they had received communication from Anatel. The person simply asked if and when I had paid the debt. I told the person I had paid it. The person then said that they had not yet received confirmation from the bank that the money had been received. He continued that, once they had received confirmation, they would remove my name from the bad debtors list.
This phone call clearly demonstrates the unmitigated audacity of this company. Firstly, despite the content of the Anatel appeal, the caller proceeded with the two audacious presumptions that 1) the debt actually existed and that 2) the delay in payment of the debt was entirely due to my deliberation, negligence or oversight. The context of the call revealed clearly that my name had already been placed on the Serasa Experian list of bad debtors, and that they would only remove it once their bank had confirmed receipt of my payment. There was no mention whatsoever of the illegality of the charge in the first place or even that I was disputing it.
It appears that one simply has to accept that this is the way things are done in Brazil and that all is governed according to the law that might is always right.
If NET had been honest and supplied me with the few technical details I had asked for in order to assess the suitability of their service to my purposes, I would never have requested the service. But NET's sales and technical staff told me that all but 3 listening ports were open. As a result, I requested the service only to find it could not meet my needs. I quickly discovered that no listening ports were open at my premises. NET supplied no instruction manual with the modem and NET's technicians refused to open the ports.
The second detail my magnifying glass picked up on the emailed bill from NET was a set of protocol numbers, which appeared as follows:
REGISTROS DE ATENDIMENTO:
013150585472291, 013150545287706,
013150545078543, 013150545054817,
013150544365529
The first one, 013150585472291, pertains to my telephone call in response to the letter from Serasa Experian on 14 December 2015. The other four protocol numbers I know nothing about and hence they do not pertain to any interactions between NET and myself.
The upshot of what NET did has thus gained them an extra R$309.18, which they would not have gained had they been honest. NET's shareholders must be pleased. I'm not. I find myself unable to suppress my feeling of moral obligation to state that I find this behaviour on the part of NET to be reprehensible.
On 06 January 2016, I arbitrarily decided to embark upon the gargantuan task of clearing all the accumulated junk from my email account. Buried way back in the truckloads of junk advertising for everything from sex pills to cut-price air fares, from dating sites to appeals from phoney charities, I spied an email title that began with the word "NET". I think I might have seen it way back in September or October 2015. I can't really be sure. Notwithstanding, the NET service having been cancelled without onus on the very day it was "installed", I must have dismissed it as being either a "sorry to see you go" email or a plain simple item of unrelated unsolicited junk advertising.
The last thing on Earth I would ever expect to receive by open email is a bill, especially since I had absolutely no reason to expect one. Notwithstanding, these irresponsible idiots actually sent me a bill via unprotected open email. I didn't even know they had my email address. I would never give my email address as a means for receiving bills. In this open unprotected email, they state my full name, my full postal address and my CPF number (a number which everybody in Brazil has as a means of uniquely identifying them for tax, financial and trading purposes). Together with my email address, this makes quite a bonanza for any identity thief, be he petty, organised or from some clandestine foreign agency.
The bill itself was in a separate PDF file attached to the email. This PDF file was completely open and unprotected. In other words, it was unencrypted. Not that NET asked for my public PGP key anyway. This bill, which is shown on the left, was discovered for the first time by me — entirely by chance — on 06 January 2016.
It too contained my full name, my full postal address and my CPF number, all of which I have removed from the illustration on the left. The bill also contained the number of the so-called "contract" (which I had seen for the first time in the letter from Serasa Experian), plus the due date and the amount "owed". If I had been expecting a bill at all, I would have expected it to arrive by normal post, as all my other bills do.
Again, this "original" emailed bill from NET contained a list of protocol numbers, which appeared as follows:
REGISTROS DE ATENDIMENTO:
013150545287706, 013150545078543,
013150545054817, 013150544365529,
013150544333121
013150544333121 refers to the phone call to me from NET on Saturday 15 August 2015 at 11:05 am confirming the Termination of the Contract (Encerrramento do Contrato). The other protocol numbers are unknown to me and hence they do not pertain to any interactions between NET and myself.
NET's email to me contained a link, which it invited me to click and follow, in order to change my account to automatic direct debit. Clicking on the link takes me to a web site that requires me to enter more personal data. Just to illustrate how dangerous it is to follow such a link in an email purporting to be from a known company, I will mention just two emails I received recently. Both looked very authentic and professionally produced.
The first was "from" a Brazilian bank call Bradesco. It gave details of a substantial outstanding debt that I owed. It said that I should follow the link to what was displayed as the bank's legitimate web address. Looking in the status bar of my browser, I could see that it was really taking me to a different address, namely: www. pwua.co/Sempre/ (IP 107.180.25.0), which appeared to be located on a GoDaddy server in Scottsdale, Arizona, USA. I clicked on the link. A very professional-looking web page appeared, which looked to me to be exactly that of the genuine Banco Bradesco in Brazil.
The page asked me to enter the number of my Agência (branch) — i.e. the sort code — followed by my account number and its check-digit. Naturally, I entered false Agência and account numbers, making sure the check digit tallied with the account number. Next, it asked me to type in my password by clicking on the appropriate keys of a displayed keyboard. Finally, it wanted my CPF. Interestingly, the first time I entered my (false) password, I was told it was incorrect. I entered the same password a second time and it was accepted. Nice touch. A good start to building an identity thief's dossier on me. None of the links on the page worked. The whole page was essentially a montage of images.
I received, almost at the same time, an email advising me to pay a fictitious debt that I "owed" another Brazilian bank Banco Santander. The server for this site had an IP address located on Christmas Island. Of course, that does not mean to say that the server was really on Christmas Island.
The universal advice and received wisdom is to ignore and delete any email that leads you to a website for any purpose relating to money or involving personal information. Such an email will almost certainly be bogus. And this is exactly what NET did with the email it sent to me. NET thereby also flagrantly disregarded the vulnerability it was placing upon me by publishing my personal details in an open email. No doubt NET finds it cheaper and more convenient to send bills by email. Obviously, this convenience outweighs the exposure to identity theft and personal damage to which this practice exposes its customers. Ironically, when I went to collect my mail today from the mailbox of my condominium building, I noticed bills from NET addressed to other residents. Obviously, they receive their bills from NET by normal post, as I would naturally expect. NET never sent any such bill to me by post. So why send a bill to me by email — a bill I was never expecting — without ever telling me that is what it had done or intended to do?
On Sunday 14 February 2016 I decided to make a new appeal to Anatel requesting reimbursement of the R$300.18 that I had paid on Monday 14 December 2015 to NET to avoid NET carrying out its threat to place my name on the Serasa Experian bad debtors list.
On Wednesday 17 February 2016 at 10:50hrs a woman called Priscila Brajato Ribeiro Elias telephoned telling me to email a copy of the paid NET invoice to pribeiro@almavivadobrasil.com.br. During the afternoon of Thursday 18 February 2016 the same woman phoned my cell phone at work saying that my email with the attached paid invoice had not arrived. She said she would send an email to me with details of what to do. No such email ever arrived. I re-sent my email 3 more times. The woman said she would call me again at 12:00 the next day.
19/02/2016 The woman did not call, so at 12:30 I tried calling the number of the woman registered on my cell phone. A recorded message told me that the number did not exist. The woman rang at 12:43 but I was in a bus and could not hear what she was saying. Told her to ring later. She rang later, interrupting me at work. She cited Anatel Protocolo 51667-2016 and gave NET Protocol 013150585488438 for her call to me. She said I had not paid the R$309.18. I said I had. The call ended in stalemate.
I began to wonder why I had been asked to send the paid invoice pertaining to NET to an email address pertaining to "almavivadobrasil". I did an Internet search. I found that AlmaViva do Brasil is a telemarketing company. I could find no connection between AlmaViva do Brasil and NET.
On Friday 19 February 2016 at 16:50 hrs I discovered an email from Priscila Brajato Ribeiro Elias asking for a copy of the paid invoice, which I had already sent four times. I sent it again at 17:02 hrs together with a copy of the original invoice acquired on 14 December 2015. I sent it as a REPLY to the email she sent to me, so that there could be no mistake that the address to which I sent it was correct.
By Monday 22 February 2016 I had heard nothing further from Priscila Brajato Ribeiro Elias. I therefore assumed there would be no further action on her part since, as far as she was concerned, I had not paid and therefore no money should be reimbursed. Consequently, I re-opened the complaint process on the Anatel website, explaining that I had emailed the paid invoice to Priscila Brajato Ribeiro Elias four times and that she had denied having received it. I then uploaded the paid invoice to the Anatel website to form part of the on-going process and as positive proof that I had paid the invoice.
On Saturday 27 February 2016 from 10:58-11:12hrs Kateane (she refused to give her surname) of NET telephoned me from (031)350559299 giving Protocol 013160600932492. She asked for my CPF and bank details in order to pay the R$309.18 into my current account, I gave her my bank details. She said there would be a confirmation call shortly from either herself or a colleague that the payment had been made. At 13:17 hrs I received a call from NET (0411921094200) to verify account details again. At 14:22-30 hrs I received a call from NET (0411921087777 protocol 013160601992586) asking if I had been dealt with to my satisfaction. I confirmed that I had.
On Monday 28 February 2016 received 3 emails giving times and protocol numbers as follows: 12:06 hrs Protocol No. 013160601992586; 12:08 hrs Protocol No. 013160601970046; 12:09 hrs Protocol No. 013160601970046. These emails quite frankly conveyed nothing whatever to me.
On Tuesday 29 February 2016 at 14:15 hrs a woman from NET rang my home from 031-3505-9299. I was at work and so she was asked to call the next day during the morning only. She did not call again.
On Thursday 03 March 2016 I saw the following entry on my bank statement extract taken from an ATM:
Brazilian bank statements do not show who pays credits or by whom debits are received, so I have to assume it was NET since it is the only credit in the extract that I cannot account for. The amount, which is over double the R$309,18 NET owed me, was obviously the amount determined by Anatel to take into account inflation plus my efforts and the disruption caused to me by NET in this matter.
| Monthly Fee | R$89,90 |
| Delivery | Coax |
| Download Speed | 15 Mbps |
| Upload Speed | 02 Mbps |
| IP Address | Dynamic IPV4 |
| Listening Ports | All closed |
| Monthly Fee | R$50 to R$100 |
| Delivery | Coax (or ADSL) |
| Download Speed | 2 Mbps or greater |
| Upload Speed | 512 kbps or greater |
| IP Address | Fixed IPV4 |
| Listening Ports | All open |
The only possible complications are the delivery, addressing and port options, which are simply stated as follows. Delivery options: ADSL, Coax, G3, G4, Wi-Fi. IP Address options: Fixed IPV4, Dynamic IPV4, IPV6 (fixed). Listening port options: all open; user-configurable from modem's web interface; user-configurable, except as specified; all closed.
© August 2015 to January 2020 Robert John Morton
[1] I was not the ISP's actual customer, that was somebody else, who subscribed to the service on my behalf. However, throughout this essay, for clarity of prose, the first person singular has been used to indicate either or both of us. The other person has no knowledge, involvement or responsibility regarding any of the content of this monograph essay.
[2] Within this essay, an open port is a TCP or UDP port number that is configured to accept unsolicited incoming IP packets. An open port in this sense is also known as a listening port.