The View from Landmark

Trends and issues in personal computing from Bud Stolker, a long-time PC consultant. The View from Landmark features tips and techniques to make time spent with your computer more productive and rewarding, commentary on new personal computer policies and trends, plain-English explanations of new hardware, software, and network designs and their relevance to you, and answers to common questions. There may be personal material interspersed if Bud believes it is of general interest.

Thursday, April 14, 2005

Letter to my (soon to be ex-)Credit Union

This letter provoked an immediate response from my credit union.
See "Epilog" below the letter.

Kathleen O. Geary, President and CEO
Patricia J. Ellis, Chairman of the Board
HEW Federal Credit Union
200 Independence Ave. SW
Washington, D.C. 20201

April 14, 2005

Dear Ms. Geary and Ms. Ellis,

I don’t generally examine my statements from HEWFCU. I parked a little money there a long time ago, and assumed that, as in the past, your institution -– and mine -– would quietly grow my savings.

Imagine my surprise, then, when I took a closer look and found that your monthly “inactive account fee” had taken what was a little over $200 at the end of 2002 and slashed it to $155 by the end of 2004. This is a loss of close to 25% in two years, despite the fact that this is an interest-bearing account.

Surprise! I read the credit union newsletter but must have missed the notice announcing the new fee.

I don’t object to modest inactivity fees in general, but this one seems more than a little punitive.

Let’s face it--the loss of $50 won’t ruin me. But it does sour my long-term relationship with HEWFCU, which I joined well over 30 years ago.

It seems this credit union has switched from a policy of “let us help you grow your money” to one of “let’s take what we can while he’s not looking”.

Your message on the credit union’s Web site cites as a daily goal “Exceeding Expectations Every Time”.

Certainly you have exceeded all expectations for greed. Twenty-four bucks a year to maintain my puny account?

You should be ashamed –- and I should be more watchful. I should have participated in credit union elections and “thrown the bums out” when that policy was first instituted. But I note that there is no election for the HEWFCU Board this year. Without opposition, the same people who were on board when the fee was put in place are automatically re-elected. (Good way to save money!)

I am considering depositing the smallest amount of money possible -– to keep the account active -– so I can participate in the next election.

As far as managing my money, I can do better throwing a buck a month down the sewer than sticking with HEWFCU.

I invite your response but will be surprised to actually hear from you. Clearly small-account holders don’t count for much. Shame on your credit union for nickel-and-dime-ing my account in such a disappointing way.


Bud Stolker
(Edward W. Stolker, Jr. / account #40077, a number which I still know by heart)



Six days after I wrote this letter, two credit union officials called me at the request of Ms. Geary. HEWFCU is refunding all of my money and is changing its policy on inactive accounts, according to Jeff Goff, the credit union's VP for Administration, and Brian O'Sullivan.

Under the new policy my account will not be subject to inactivity fees, since I'm over 55. But those fees paid to date would not have been refunded had I not complained.

"We're very lenient in refunding these fees when asked," admitted Goff, hinting that when the fee was first instituted there were complaints. He justified the inactivity fee by claiming it costs $72 a year to maintain an inactive account. And, he said, "The fee is to notify members that the account is inactive." Duh!

Seems like if they had my best interests at heart they might have written instead of charging. Let's see . . . I made 43 cents interest last year (interest is a quarter of one percent annually) and was assessed $24 in fees. I guess charging me is a better deal for them than writing me!

Why didn't I contact Member Services before writing the letter, he asked. Well, I did call, but the recording said I was ninth in line for service, and that the wait for the first caller was an estimated 18 minutes. "We're trying to address that too," remarked Goff.

Good thing I didn't let the account languish for another six months. I would have been charged an Escheat fee of $50 or the entire account balance, whichever was less.


PS -- a day after writing the Epilog: Attempting to enroll in the "Internet Home Branch" feature so I can check my balance from home, I am greeted with a persistent "page cannot be displayed" error. I guess the server is busy processing inactive account fees.

Tuesday, April 12, 2005

Cracking a Password-protected Dell Laptop

A client brought me her Dell laptop today with an interesting security problem: Her 14-year-old son and genius-grade computer geek, retaliating for the loss of his computer privileges, had password-protected her computer so that she could no longer access her business files.

She wanted me to crack through the protection and retrieve her files.

No problem, I figured. I’ll just remove the CMOS battery that holds the time, date, and hardware configuration, and the computer will revert to its factory defaults (including no password).

It didn’t work that way. In fact, I was utterly unable to get past the security screen.

It turns out that many Dell, IBM, HP, Sony, and Toshiba laptops are protected by a password chip. This EEPROM (electrically erasable programmable read-only memory) chip requires an EEPROM programmer (an electronic device) to retrieve the data. Trouble is, the chip is soldered to the motherboard and is extremely delicate.

Dell sells a lot of laptops to the Defense Department. That chip is part of DoD’s C2 security scheme for computers, which as you’d expect is pretty strong. The government's “Trusted Computer System Evaluation Criteria” define a series of divisions from D (least secure) to A (most secure), with levels within those divisions. There’s no “back door” password for C2, nor will Dell help unlock the computer.

My client actually had two identical computers. The twin was her son’s, which she had confiscated. So I put her hard disk in her son’s unprotected computer, hoping that it would work there.

It didn’t. The password protection covered the hard disk in or out of the computer – just what you would expect a security protection scheme to do.

A German entrepreneur advertising on eBay will try to retrieve the password if you unsolder the chip and send it to him. But even if you solder in a new chip successfully and unlock the computer, the hard disk remains locked.

Basically, there is no easy way around the protection except to get the password from the person who put it in. But in this case, he’s been sleeping on the garage floor for several nights and shows no signs of giving in.

Bottom lines:

1. Make regular copies of your data and put them in a safe place.
2. Don’t separate a geek from his computer without considering the consequences.
3. Spank your child regularly, starting at an early age.

Update April 14: Wanting to go back to a normal life, the son at long last gave up the password. Mom promptly put her own password in place, shared it with a couple of friends in case of extreme emergency, and deducted my consulting fee for research and experimentation from her son’s bank account. Case closed.