When contract hunting goes wrong: TEKsystems & Allegis Group

I was approached by a recruiter from TEKsystems who were looking for a Linux systems administration and automation type person for a project with one of their clients.  I took a look at the job description, and it seemed like a pretty good match for my skills, so I was happy to apply and for TEKsystems to represent me.

I was interviewed three times by members of the team I would be working in over the course of about two weeks.  The people were based in Sweden and Norway and, having previously lived in Norway, I felt brave enough to try out bits of my very very rusty Norwegian.  The interviews all seemed to go well and, a few days later, I was offered the role which I accepted.  A start date of May 15th 2023 was agreed.

I consider it a sincere and meaningful compliment when I am offered work, so it’s important to know that, in accepting this role, I had turned down three other opportunities, two permanent roles and one other contract.

As this role was deemed inside IR35, I would have to work through an umbrella company.  It’s usually less friction to just go with the agency’s recommended option which was to use their parent company, Allegis Group.  I duly went through their onboarding process, proving my address, identity, right to work and so on and so forth.  All pretty standard stuff.

As May 15th approached, I was conscious that I had not, as yet, received any initial onboarding instructions neither directly from the client or via the agency. Whom did I contact on the 15th, when and how?  As this was a remote work contract, I was also expecting delivery of a corporate laptop.  This had not yet turned up.

Late in the week before the 15th, I had a call from the agency saying that there had been some kind of incident that the team I would be working with had to deal with.  They had no-one available to do any kind of onboarding with me, so would I mind deferring the start of the contract by a week?

It turned out it was very convenient for me.  A friend of the family had died a few weeks earlier from breast cancer and the funeral was on the Friday beforehand and, as it happened, my wife and daughter also got stranded in France due to the strikes.  A couple of extra days free to deal with all of that were helpful, so I agreed and everyone was happy.

Towards the end of that week, there had still been radio silence from the client. The agency was trying to obtain a Scope Of Work from them which would lead to an actual contract being drawn up for signing.

The next Monday was a bank holiday and, on the Tuesday morning, I got this message from the agency.

Hello Martin

We would like to update you to confirm we are unable to continue with your onboarding journey, and as such your onboarding journey has now ceased.

We wish you all the best for your future assignments.

Many thanks,

OnboardingTeam@TEKsystems

Needless to say, this was rather surprising and resulted in me attempting to get in touch with someone there to discover what was going on.  No immediate answer was forthcoming other than vague mentions of difficulty with a Swedish business entity not being able to take on a UK-based resource.  I was told that efforts would be made to clarify the situation.  To the day of writing this, that’s still not happened.  Well, not for me at least.

At the end of that week, it became obvious that whatever problem had happened was terminal for my contract, so I started back contact hunting and reactivating my CV on the various job boards.

I asked TEKsystems if they would offer any kind of compensation.  I’d acted entirely in good faith: I’d turned down three other offers of work, told other agencies I was no longer available and deactivated my CV on the various job boards.  It seemed fair they should offer me some kind of compensation for the lost earnings, wasted time and lost opportunities.  They have declined this request leaving me entirely out of pocket for the 3 weeks I should have been working for them and, of course, unexpectedly out of work.

I’m obviously back looking for my next opportunity and I’m sure something will be along in due course.  This is a cautionary tale of what can go wrong in the world of contracting and, if your next contract involves TEKsystems or Allegis Group, you might wish to be extra careful, making sure they are actually able to offer you the work they say they are, and that you get paid.

Getting started with a UniFi Dream Machine Pro

It’s not an exaggeration to say that I’m an Ubiquiti fanboy. I like their kit a lot and my home network has been 100% UniFi for quite a few years now.

I’ve just moved in to a new home which I’m getting rewired and this will include putting structured network cabling in, terminating back to a patch panel in a rack in the loft. I have a small amount of “always on” kit and I wanted as much as it as reasonably possible to be in standard 19″ rack format. This is when I started looking at the Ubiquiti Dream Machine Pro to replace a combination of a UniFi CloudKey and Security Gateway, both excellent products in their own right.

My expectation was that I would connect the UDMP to some power, move the WAN RJ45 connection from the USG to the UDMP, fill in some credentials and (mostly) done! As I’m writing this down, you can probably guess it didn’t quite work out like that.

The UDMP completely failed to get an internet connection via all the supported methods applicable. PPPoE didn’t work, using a surrogate router via DHCP didn’t work, static configuration didn’t work. I reached out to the community forum and, in fairness, got very prompt assistance from a Ubiquiti employee.

I needed to upgrade the UDMP’s firmware before it would be able to run its “first setup” process, but updating the firmware via the GUI requires a working internet connection. It’s all a little bit chicken and egg. Instead, this is what you need to do:

  • Download the current UDMP firmware onto a laptop.
  • Reconfigure the laptop’s IP to be 192.168.1.2/24 and plug it in to any of the main 8 ethernet ports on the UDMP.
  • Use scp to copy the firmware to the UDMP using the default username of “root” with the password “ubnt”:
    scp /path/to/fw.bin root@192.168.1.1:/mnt/data/fw.bin
  • SSH in to the UDMP and install the new firmware:
    ubnt-upgrade /mnt/data/fw.bin

The UDMP should reboot onto the new firmware automatically. Perhaps because I’d been attempting so many variations of the setup procedure, after rebooting my UDMP was left in a errored state with messages like “This is taking a little longer..” and “UDM Pro is having an issue booting. Try to reboot or enter Recovery Mode”. To get round this I updated the firmware again, this time doing a factory reset:

ubnt-upgrade -c /mnt/data/fw.bin

The UDMP then rebooted again without error and I was able to complete the setup process normally.

It’s a bit unfortunate that UDMPs are shipping with essentially non-functional firmware, and it’s also unfortunate that the process for dealing with this is completely undocumented.

Letter from my MP regarding Dominic Cummings

I wrote to my MP, Julia Lopez (CON), asking for her view on whether Dominic Cummings had broken the law or not and if he should be removed from his position. Here is her response:

Thank you for your email about the Prime Minister’s adviser, Dominic Cummings, and his movements during the lockdown period. I apologise for taking a few days to get back to you, however I am in the last weeks of my maternity leave and am working through a number of tasks in preparation for my return.

I have read through all the emails sent to me about Mr Cummings and completely understand the anger some correspondents feel. It has been a very testing time for so many of us as we have strived to adhere to new restrictions that have separated us from loved ones, led us to make very difficult decisions about our living and working arrangements or seen us miss important family occasions – both happy and sad. Those sacrifices have often been painful but were made in good faith in order to protect ourselves, our families and the most vulnerable in the broader community.

Given the strength of feeling among constituents, I wrote to the Prime Minister this week to advise him of the number of emails I had received and the sentiments expressed within them, highlighting in particular the concern over public health messaging. Mr Cummings has sought to explain his actions in a press conference in Downing Street and has taken questions from journalists. While his explanation has satisfied some constituents, I know others believe it was inadequate and feel that this episode requires an independent inquiry. I have made that request to the Prime Minister on behalf of that group of constituents.

Mr Cummings asserts that he acted within lockdown rules which permitted travel in exceptional circumstances to find the right kind of childcare. In the time period in question, he advises that he was dealing with a sick wife, a child who required hospitalisation, a boss who was gravely ill, security concerns at his home, and the management of a deeply challenging public health crisis. It has been asserted that Mr Cummings believes he is subject to a different set of rules to everyone else, but he explained in this period that he did not seek privileged access to covid testing and did not go to the funeral of a very close family member.

I am not going to be among those MPs calling for Mr Cummings’ head to roll. Ultimately it is for the Prime Minister to decide whether he wishes Mr Cummings to remain in post – and to be accountable for and accept the consequences of the decision he makes – and for the relevant authorities to determine whether he has broken the law. Whatever one thinks of this episode, I think the hounding of Mr Cummings’ family has been disturbing to watch and I hope that in future the press can find a way of seeking truth without so aggressively intruding into the lives of those who have done nothing to justify their attention.

Thank you again for taking the trouble to share with me your concerns. I regret that we cannot address everyone individually but the team continues to receive a high number of complex cases involving those navigating healthcare, financial and other challenges and these constituents are being prioritised. I shall send you any response I receive from the Prime Minister.

Best wishes

Julia

My affiliate links

It occurred to me that collecting all these in one place might mean I remember to tell people about them and therefore they might get used!

I’ve been a customer of Zen Internet for a very long time.   They’re an award winning ISP and have the best customer support I’ve ever experienced, not that I’ve need to use it very often.  Using my link gets us both some free stuff.

My energy supplier is Octopus who seem to be rather more ethical than most and are trying to be a credible alternative to the “Big 6” companies. My referral link is here, we both get £50 if you sign up.

Huel is a meal replacement product.  If you’re like me and can only rarely be bothered cooking for one then Huel gives you a quick, easy, nutritionally complete drink to chug down with very little time and effort involved.  I like the vanilla flavour and some of the flavour packs are nice.  Using my link gets you and me £10 off an order.

Top Cashback is one the UK’s most popular cashback sites.  I’ve probably got several hundred pounds from it over the years.  It requires some discipline to use and may require you to use less draconian ad and cookie blocking software.  Using my link gets us both £7.50.

Barcamp Manchester 2016: A report

Timeliness is perhaps not an attribute I can add to this post, but I self-guilted myself into finally writing about the simply amazing experience I had at Barcamp Manchester 2016.

My ticket was booked mostly on a spur of the moment, I had a rare opportunity for a few days away from Daddy Duty and I have family in the vicinity of Manchester that I see infrequently.  Efficiency with rocks and avians.

The venue, Citylabs 1.0, is superb.  Modern, bright, clean, great facilities, nearby coffee (Starbucks, 10% discount for attendees, lovely staff), ropey wifi (does any venue actually have good wifi?) and plenty of breakout space for the hallway track.

I was slightly at a loss for what to do, not because there was a lack of things to do but because I’ve almost never been to any tech event where I wasn’t part of the organising team.  It was genuinely odd not to have already been at a venue for hours before it started.

The conference was kicked with an introductory talk from Claire Dodd who did a great job of introducing the unconference concept – what people should expect and how they could participate – all stuff I was aware of, except she threw in a curve-ball.  Well, for me at least: you must give a talk.

This might be a surprise to my readers who know me personally, but I’m not actually terribly comfortable with standing up in front of a group of people and talking on any subject, not even one I know well, but I started to ponder something I could talk about that might be of interest to a techie crowd.

I sat and watched The Wall being filled in and a little idea dinged in my head.  I had brought one of my drones with me, the weather wasn’t too bad, maybe I could take some people to do a little flying.

I found a friendly local and, with the aid of Google maps, I found a bit of scrubland not too far away from the venue that might suffice and so I put up a notice entitled “Let’s go fly a kite drone!” and sat back for takers.  I got four.

A couple of hours later, Amelia, Andrea, Tom, Jack and I drove off to Stretford Meadows.  A possibly enthusiastic name for an overgrown piece of scrubland criss-crossed with rough paths that were a challenge for the wheel-chair user of our group.  However we persevered and found a passable takeoff and landing site.

The weather was cool and clear but there was a heck of a wind blowing and I was honestly slightly nervous about putting people who had literally never handled a drone before in charge of my rather expensive aerial photography rig.  I wanted the group to be as hands on as possible, so members of the group unpacked and assembled the drone and controller ready for use.

Three full batteries gave everyone a good chance to play.  There was some nervousness from some members of the group but the stability of the drone – it even impressed me with station-keeping in such winds – meant that an initially nervous pilot, quick to give up the controls, made sure she had another more lengthy go later on.  One were we all pleased to have her take.

The group were so positively responsive to tips and techniques for managing the drone that I even crossed an initial mental red line of doing all the takeoffs and landings myself.   Even an automatic takeoff and landing in high winds can be treacherous, my students who tried handled the situation well.

Battery life is finite, so after about an hour we had to go.  I had members of the group disassemble and pack the drone away and back to Citylabs we went.

It was the first time I’ve ever attempted to present drone flying at a tech event and I think it went quite well.  I was certainly blessed with intelligent and sensible participants who helped enormously.  Jack was kind enough to take all the raw footage from the day and produce a short film which you can view here.

The second day at Barcamp was mostly recovery for me.  It had taken over 7 hours to drive up, I’d had a very full day with the drone school and then taking a rare opportunity to go to a nightclub and I was definitely low on energy and facing a long drive home.

Instead of potentially falling asleep on presenters, I spent Sunday on the hallway track and had the pleasure of spending time talking to co-organisers of the event Rick Threlfall and Sophie Ashcroft.

Rick and I share an interest in aviation, he has logged a few more hours that me in light aircraft.  Sophie is a rising star in the open source community not least in terms of event management and I was pleased to put her in touch with a jaded old ratbag who might help her with sponsor curation.

Barcamp Manchester will return for 2017, dates not yet officially announced.  I hope to attend again, and I cannot recommend it highly enough.  An extraordinary event organised by an extraordinary team.

Elite Dangerous: Tips for explorers

If you’re not into, or don’t have the equipment to go bounty hunting, exploring in Elite Dangerous can be a lucrative way to make money.  Here are some tips for Commanders wanting to have a go.

You will need a detail scanner which costs CR250,000.  You can explore with just the basic scanner, but it’s much harder.  Assign the scanner to your secondary fire group. It you want to explore deeper space, then you’ll need a fuel scoop, too.   You can get by without a scoop to start with but it means you need to be careful not to stray too far from an inhabited system.  It’s a good idea to keep track of the last inhabited system you were at, if you start to run low on fuel, head back.

Pick a system where there’s no navigation information available, look for the red system information icon in the galaxy map. Systems with an actual name rather than a designation are likely inhabited.

As you jump into the system, whilst still in witchspace, set the throttle to zero. You’re going to arrive very close to the local primary and don’t want to get too hot.  As soon as you exit, press and hold secondary fire to charge the scanner, it takes a few seconds before firing.  The first object you’ll immediately pick up is the star, point the ship at it and hit your “target ahead” key.  You’ll see your ship start scanning it, this takes a little while.  If your detail scanner picks up any other nearby bodies, you’ll get an alert telling you.

Target each unexplored object in turn, working from closest to furthest away.   Anything within 5ls you can scan just by rotating your ship and pointing at it, however at some point you’ll need to start moving around the system.

Be careful near the star, it’s easy to overheat your ship.   If an object is on the other side of the star just point your ship away from the star to get some altitude and, when the heat levels decrease, gradually turn to get the target in your sights.

Learning to jockey the FSD’s autothrottle is essential.  If you keep overshooting objects then you’ll just waste time.  Once the object is in your sights, push the throttle forward until the power line turns blue and leave it there.  Your ship will now automatically accelerate and decelerate for you.  You’ll need to get each object within range to scan, the distance depends on the mass of the object.  Stars can be scanned from a long way out, gas giants from about 100ls, planets from around 20ls or 10ls and rock belts 5ls.

Not all systems contain planets, or they might be out of the range of your detail scanner.  You can try looking round the sky for objects moving relative to the background, I don’t bother and just move on the the next system.

Data you gather can be sold at any station provided you’ve travelled at least 20LY from where you got it.  The least you’ll get is a few hundred credits, however even a single star explored will usually net you around CR1200.   More interesting systems, with high metal content planets, will net you much more.  The highest I’ve seen to date is CR53000.  There seems no point in hoarding the data, the price doesn’t change regardless of distance.

Every so often, seems to be about 1 in 20, you’ll get an interdiction attempt.  It’s up to you whether you fight or flee but if you lose your ship, you will also lose any navigation data you have not sold.  If you get something juicy, it’s probably worth making a deliberate trip to an inhabited system to cash it in.

As you travel around a solar system, you’ll see blips on your scope marked Unidentified Signal Source.  If you investigate these then you may be lucky and it’s free cargo (albeit it will be marked stolen), or it may be dumped toxic waste, or it may be a trap.  The traps are not usually hard to evade if you don’t feel like a fight.  Stolen cargo can be offloaded at the black market, you might have to carry it around for a while before you find one.  I usually limit myself to investigating one USS per system, usually once I’m done with exploring.  If it turns out to be a trap then I just jump to the next system.

 

Buying a custom gaming PC from Overclockers UK

My current workstation and gaming PC is slowly disintegrating. I built it myself from components some 6 years ago and it’s simply wearing out.  Several USB ports don’t work and Windows sometimes bluescreens with errors that suggests bits of the motherboard are getting tired.  I don’t really have the spare time needed to build a high-end PC and make a great job of it, so I decided to treat myself to a pre-built custom system.   After hunting round, I settled on Overclockers as the company to buy from.

Their system configurator didn’t quite give me what I wanted, so I contacted them and asked if they could customise further which they could.   I put together my list of requirements, they send back a price.  I paid, cash wired to their bank account, upfront and sat back and waited for my new shiny liquid-cooled PC to arrive.

The system shipped.  It shipped to the wrong address.  I had provided Overclockers with a billing address and a shipping address.  They shipped to the billing address which is almost guaranteed to be unoccupied during regular working hours.

A simple mistake.  It happens.  I contacted the courier who were unable to redeliver again that day, but promised they would deliver it to the shipping address the next day.

Next day, my new shiny PC arrives.  I opened the smaller of the two boxes, one for spare components and so on, and immediately see a problem.  The spares and cables and whatnots are not branded with anything I specified, wrong motherboard and wrong graphics card.  I call Overclockers who suggest that the component boxes may have been mixed up and can I please open the main box and check. I do.  It’s someone else’s computer.  I later learn that my system has been shipped to somewhere else.  Overclockers’ mistake?  Courier’s mistake?  It doesn’t really matter. Overclockers have a courier come and pick up this system.

Meanwhile, my system makes its merry way back to Overclockers’ HQ and I, confusingly, get an email asking what I’d like done with it.   I suggest shipping it to the shipping address and could I please have an AM delivery so I don’t potentially waste a whole day.  I offered to pay for whatever that was going to cost.  Overclockers said it was no problem.  Super.

My PC finally showed up at Friday 8pm.   The more astute amongst you will spot that 8pm is not exactly an AM delivery.  Overclockers’ mistake?  Courier’s mistake?  I have no idea, the question has not yet been answered.

I unpack my new PC.  The first thing I notice is that there is a bolt rolling around in the bottom of it.  Stuff can come loose in shipping, so what.  I find that the bolt belongs to a radiator housing in the bottom of the case, there’s a hole, a loose radiator and tool marks around the hole.  Not ideal, but the system’s not going to be moved around much so no big problem.  Despite being an SLI system, there was no SLI cable installed linking the graphics cards.  Simple to fix, but a silly thing for an expert system builder to miss.

One of the customised things I asked for was the pre-cabling of some SATA drives bays: one for a blu-ray writer and two for a pair of big SATA disks I use for bulk local storage.   None of these were done.   I call Overclockers about this, and the loose bolt, and they say there’s not much that can be done without returning the system to them.  As I’ve no interest in another game of couriers, I grumble a bit but then do the cabling myself.

Over the next day or so I had almost no chance to really push the new system.  It ticked over happily, was lovely and quiet and lovely to look at too.  On Sunday night, though, the headphones went on, the office door was closed and I got on with a bit of GRID 2, with all the visual effects turned up to maximum.  I settled down for a couple of hours of hard racing.   After about an hour, the screen froze, went black, and all the system fans kicked into life.

I powered off, reached for my mini-torch and opened the case.  What I saw sickened me: liquid coolant leaking from the CPU block, down onto a graphics card and spilling on to the motherboard.  It was impossible to tell whether the CPU had simply thermally shut down or if the coolant had shorted something expensive.  It kind of didn’t matter.

The next morning I called Overclockers who arranged to pick the system up.  I asked if they could sort of the cabling and the loose bolts while they were at it.  They agreed.

A couple of days later, I got an email saying the system had been repaired and was on its way back to me.  The next evening I get a call from the owner of the billing address saying that a courier had tried to deliver something with my name on it.   They had shipped to the wrong address. Again.

I had now run out of patience and I asked for a full refund.   To their credit, Overclockers didn’t argue on this and they said one would be arranged.  As it was convenient for me, I asked to keep the Windows 8.1 licence and the SSD.   As it was convenient for them, I agreed to pay for these again separately, they would then issue a refund for the full amount of the original transaction.  I didn’t ask, but I kind of expected they would simply wire the cash back to my bank account.

After 3 days or so, nothing had showed up, so I called and they said that processing a refund might take up to 7 working days.

Today, 10 days on, nothing had showed up, so I called them and they said a cheque had been issued on the 4th and had been sent to……. you guessed it, the wrong address.  The owner of the address had not had a cheque arrive.

They offered to send a new cheque to the right address.  I suggested they simply wire the money to my account, I was told this was impossible due to the people who would have to do that being in Germany.  No, makes no sense to me either.  I asked if the cheque could be sent by special delivery, for which I was happy to cover the costs.   This was, of course, not possible.

So, 5 weeks after placing a cash order for a high-spec custom PC from Overclockers UK, I have no PC and they have a large amount of my money.

Please consider this post next time you’re thinking of ordering from them.

 

(Update: 15/4/2014:  A handwritten cheque arrived from Overclockers this morning. )

Communicado update: A change of tactic

The work to make Communicado’s life as difficult as possible continues and it does seem like we’re having some success.

When I started this project, Communicado registered all their domains through DAILY mostly using faked registrant data and hiding behind the privileges granted to individual private registrants.  I established a dialog with Nominet about this and it seems Nominet did take action to the point of suspending some of these domains.   Communicado then suddenly switched to using ENOM for registering their domains, I don’t know and have no way of knowing if they were booted off by DAILY or just decided to switch.  Either way, it made no difference, I could easily find the domains they were registering via Nominet’s PRSS tool.

As of Monday 16th, they have changed tactics again.  They have apparently abandoned the .co.uk namespace (I’m sure they’ll be missed) and have gone back to using a variety of .com, .net and .org domains.  Some seen in use today are:

actionallegiance.com
andronol.com
baotao.org
bigrockconsultants.com
coolpress.net
europacastno.com
greenroses.org
hourlycreative.com
pidchas.com

They’re easy enough to spot in the logs, but I don’t currently have a good way of searching the whois for these TLDs. Suggestions for such a tool (non-free is fine) are welcome.

Maintaining this list and the RBL service is taking time and money.  I will absolutely never be charging anyone for the list and the RBL will be free and open access for as long as it is sustainable to do so.  In addition to the ways you can help mentioned in previous posts, a more direct way you can help is to donate a little money, preferably in the form of Bitcoin to 1F9Y1Gd3Pmmchxa7uGFd3zBQY9zVuX78Jd.

More news when I have it, you can follow @Excommunicado for more frequent updates.

An update on Communicado

It has been a busy few weeks since I first blogged about Communicado, here are some of the highlights of what has been going on.

  • Communicado are still registering somewhere between 40 and 60 new domains a week.  The blacklist is being regularly updated and currently has 5364 domains listed.
  • Communicado appear to have switched registrars from DAILY to ENOM as of yesterday.  Makes no difference to picking up their domains.
  • Nominet has been investigating and tell me that some of Communicado’s domains have been suspended and they are in the process of suspending more.
  • Please follow @Excommunicado for news and announcements on Twitter.  Low volume, only on topic.
  • The existing text file download will continue to be updated but, by popular demand, I have set up a DNS RBL containing their domains.  As of the time of writing it is open access, that may change if it becomes too busy.  Using it is easy:
martin@olga:~$ host malimanosa.co.uk.excommunicado.co.uk
malimanosa.co.uk.excommunicado.co.uk has address 127.0.0.2
martin@olga:~$ host flobbletob.co.uk.excommunicado.co.uk 
Host flobbletob.excommunicado.co.uk not found: 3(NXDOMAIN)

If anyone wants to provide working configuration examples for SpamAssassin (or other similar tools), I will cheerfully link to them or post them here.

More news when I have it, have a Communicado-free afternoon!

Cooperative Energy and password security

As a protest vote against the Big 6 energy companies, I recently switched supplier to Cooperative Energy.   Switching is painless, fill your details in online, click the button and off you go.   They do of course want a password from you and I used LastPass to generate a unique one for me and memorise it.

Some time later, I went to login in to the customer portal just to see what I could do and was quite surprised to find my password didn’t work.  I mentally shrugged and clicked on the Forgotten Password link and waited for the usual password reset email to arrive.  I got this instead:

Dear Customer

The information you requested is…
eg!3fpp*hvfs

If you have any questions please contact our customer service team

(This is, of course, not my actual password, this is just an example that I’ll treat the same way as the Coop did.)

Here we have two immediate problems.  The first is, of course, they have sent me my password in plain text in an email.  We all know that’s a bad idea.  Secondly, what they have sent is not actually my password.  My password looks like this:

eg!3fP^P*hVFs

See what they did?  For whatever reason the caret has been removed and all the letters have be converted to lower case thus making my password less secure.    I sighed and went to change my password online and found I couldn’t.   If I want to change my password then I have to go talk to a human to do so.   This leads to problem three, which is that people generally pick stupid passwords and reuse them.   I’m sure Coop Energy only employ wonderful honest people, but giving them an email address and a stupid password is only ever going to end badly for someone eventually.

I’ve spoken to Coop Energy’s customer service team and they acknowledge the problems I’ve found.   Let’s hope, for the sake of a safer and more secure internet, they sort them out.