The Importance of Forgiveness

As I write this, I must take a moment to acknowledge the rather monumental elephant in the room that is ever-present in all of our lives: Hypocrisy. I’m no different than you, dear reader; I have my own flaws (too many!), and for the topic of this post I’m no different. Indeed, I’m probably far worse than you. I’ve contemplated forgiveness for many people I’ve known over the years, repeatedly falling short and never truly forgiving them in my heart.

In this post, I’ll explore a little bit about the underpinning reasons for this (my ex-girlfriend) and what it means. I’m writing this only for the sake of completeness for the handful of friends who’ve read the rather painful post that predated this and served to provide some context.

I apologize that the post inspiring this one is no longer available. I’ve since set it to private viewership since it expressed a great deal of frustration and anger that I don’t think is appropriate to retain here.

What Forgiveness Isn’t

Forgiveness isn’t about reconciliation–that’s a myth. Far too often, I’ve heard many of my friends and acquaintances lament forgiveness as a binary thing: Forgive someone and reconcile with them or remain angry with them and never forgive. Except that this isn’t true. Forgiveness certainly can coincide with reconciliation. Oftentimes it doesn’t.

Forgiveness also doesn’t mean that you accept what ills someone inflicted on you. You accept the outcome, but you need not accept that their behavioral pattern is justifiable or should be encouraged. If someone flings arrows at you, forgiveness means that you accept the new-found knowledge that this individual isn’t who you thought they were. You move on, taking this lesson to heart, and accept that your own response and understanding of their particular situation must adapt. Sometimes this means adjusting your relationship with that person. Sometimes this means leaving the relationship entirely.

In my particular situation, the latter was the only option: Our relationship had soured to such an extent and the final coup de grâce levied against me so toxic and unconscionable that it was better to cut all ties. “Friends,” as an option, was out of the picture. At the very least, I knew that it would make future relationships easier with her out of my life since whomever I eventually meet would undoubtedly know–or learn–what transpired.

But, I mean not to dwell on past misfortunes. I’d rather discuss what this means, and the positive ray of sunshine in all of this that is perhaps the most difficult pill to swallow: Forgiveness isn’t about the third party in your life who has wronged you. It’s about you.

Where the Lesson Started

My mother had been not-so-subtly encouraging me to attend church with her in the weeks following the demise of my then-long-term relationship. I resisted, but after many long evenings of prayer and thoughtful contemplation, I relented.

Before I continue, I wish to point this out: I know some of my readers aren’t especially religious–if at all–so this isn’t intended to be a near-Pharisaic display of my faith. This is provided for completeness and to explain some of my reasoning behind this post.

The first sermon I attended after a long hiatus from church services was, perhaps ironically, on anger (and forgiveness). This didn’t surprise me; I felt that I was being drawn to church for a reason, and I knew God had a message for me if I were only to obey His call. Specifically, the sermon was part of the pastor’s series on Jesus’ Sermon on the Mount, and more topically, it was a discussion of Matthew 5:21-26.

Under God’s law, anger and murder are treated the same. Except that anger has a few special conditions: If you’re angry with someone, you must forgive them. If you know someone is angry with you, you must ask them for forgiveness; if they don’t accept, then the responsibility is upon them and your involvement is washed clean.

Matthew 5 isn’t particularly clear on this point, and it requires reading associated texts (some from the Old Testament) to gain a complete understanding of Jesus’ message that may otherwise be somewhat cryptic to modern audiences (Jewish audiences of the day had arguably clearer understanding). With sufficient due diligence, an understanding can be made that in Christendom, forgiveness is a particularly important concept. Indeed, it’s one that appears throughout the New Testament, up to and including Jesus’ sacrifice.

The crux of this didn’t impact me until the very end of the sermon when the pastor ended with his closing prayer. While it’s been many weeks since, and I’m paraphrasing his words; he said something to the effect of: Lord, if there is anyone here who is angry with another, possibly because that person was done wrong by someone else or they were hurt by that person, help them forgive the wrongdoer so they can be right with you.

It struck me at that point that the message I was called to hear was one I’d already anticipated–but sometimes knowing the answer and hearing the answer from someone else are opposite sides of the same actionable outcome. Oftentimes I’ll know what I need to do, but it may not seem like the correct outcome until I hear someone else verbally repeat the knowledge I thought I had internalized.

Further Coincidences

As I struggled with finding my own path toward forgiveness, I ran across an article on NPR (not my first choice) titled “Why Forgiving Someone Else is Really About You.” Curious timing aside, the article makes a strong case toward painting forgiveness as resolving internal conflict and finding freedom from one’s own emotions.

It was a particularly well-timed read since I’d felt myself occasionally vacillating between mild anger or resentment whenever I’d think about my ex-girlfriend. Sometimes I’d see or hear something that would bring back a couple of memories, and I’d relapse into thinking nonsense thoughts like “Why did you do this to me?” Then I’d snap back to reality and recognize that the path forward, thus far, has been incredibly positive compared to the path I was on with her.

But the chains of resentment are difficult to rid yourself of, and I think forgiveness truly is the first step toward freedom.

What Forgiveness Is

By forgiving someone, particularly a person who inflicted great pain or misery, you rob them of whatever power they might hold over your life. Forgiveness is the first step toward accepting past events and finding a way forward. By forgiving someone, you begin a healing process that will help mitigate how often you find your thoughts consumed by their actions toward you.

It’s incredible how freeing that feeling truly is. By forgiving someone, you can accept the way things are and deal with them accordingly. You reduce the influence of negative emotions toward someone else and (eventually!) find a resolution where positive emotions take priority.

Again, forgiveness isn’t about reconciliation. Of course, this is situational: Sometimes reconciliation is a valid outcome as part of a forgiveness strategy, but it shouldn’t be seen as the only outcome. In some cases, as with my failed relationship, reconciliation simply isn’t possible or desirable. Shifting toward a friendship after many years of romance rarely works. Perhaps this is a tremendous understatement if the romance ended in a substantial breach of trust or as a consequence of underlying trust issues or repeated dishonesty (each of which I had to endure). If the person in question simply isn’t trustworthy, or if continuing any relationship with them would result in worse outcomes, it’s apropos to cut your losses instead and walk away than it is to endure more of the same.

It took me years to recognize these truths, and I’m sure there will be many more examples where my decision-making process falls short of any semblance of “did you learn something from this?” But I fully expect that the long term benefits of finally understanding the importance of forgiveness will be everlasting.

I would encourage you to consider forgiveness if you’re in a situation where someone’s actions are eating at your soul. It doesn’t mean you have to reconcile with that person–or go out of your way to be friendly!–but by forgiving them, you deprive them of the power they hold over your life; power they may not even be aware of! You start the important process of ridding them from your conscious mind, and only then can you begin to heal. Suffice to say: Sometimes healing the wounds inflicted by another and finding your own path toward happiness is the best form of retribution.

Misery loves company, but it loathes happiness.

Comments Off on The Importance of Forgiveness
***

New PayPal/GoDaddy Scam?

As I was getting ready to enjoy a couple relaxing hours this evening on the 8th of July, 2019, a notification popped up via KDE Connect from my phone. Ordinarily, if it’s an email (which this was), I’d ignore it and go about my business. But something caught my eye: It said “invoice” somewhere in the text and also mentioned “GoDaddy.”

Puzzling, I thought, because I have all GoDaddy-related emails go to a separate folder, and they typically say nothing about an “invoice” in the message text. I quickly clicked on my email and, there, at the bottom of the window, sat a new message from PayPal with the title “Invoice from GoDaddy” with one of my domains in parenthesis at the end.

Before I continue, I’ll confide a small secret: I panicked. Oh, yes, I panicked. I don’t know why, because I use a password manager for everything, and 2FA where possible, but there’s always a small seed of doubt lurking in the darkness, desperately trying to convince you of the worst.

Escaping from my brief delirium, shortly after rationality finally kicked back in, I thought to myself “Ah-hah! It’s most likely this is a phishing email! This is the first one I’ve received in quite a while!”

I won’t deny that I felt the pangs of confidence–and a healthy sprinkling of arrogance–as I clicked through to examine the email headers in their entirety. Of course it was going to show up as an email that neither originated from PayPal nor from any reputable email service except, perhaps, from a hacked account being exploited for spam.

As I scrolled through the DKIM signatures and the SPF validation, not to mention the SMTP exchanges that clearly identified this as a legitimate PayPal emailing, reality set in. This wasn’t going to be quite so simple as an email scam. This was, in fact, a legitimate mailing from PayPal themselves.

Now, I’d be lying to you if I said that I was completely free of my panicked state. Nay, it returned, with somewhat more strength, to concern me even more deeply that perhaps my PayPal account was victim of an as-yet unknown attack or exploit. Quickly, or as fast as fumbling and vaguely worried hands could manage, I logged in to my PayPal account. There, at the bottom of the activity list, was an invoice–for $56.00 USD.

First, I’ll point out that this is just an invoice. It doesn’t mean that any money has exchanged hands. Yet. But it was still cause for alarm, because someone had decided it might be cute to exploit trust and the general imposition people feel toward settling outstanding debts for services rendered. To say this is a scummy, disgusting practice would be something of an understatement.

However, here’s where the scammer made a couple of critical mistakes (ignoring the more obvious ones–more on that momentarily). Of these, the most obvious was their account name on the requested transaction: It was written in Russian. Second, the string they used for “GoDaddy” did not match what GoDaddy actually uses for their billing statements. I don’t expect most people would consider the latter until it was too late, but I think the Russian name might’ve been something of a flashing neon sign that really ought to give pause for thought.

There were a couple of other clues that immediately shouted “SCAM!” (in capital letters), but they might not be helpful toward potential victims that have dozens of domains or are otherwise pressed for time and simply cannot consider these alternatives. The first of these was the timing. The domain they were targeting was indeed up for renewal, but they missed the expiration date by one day. I had already received an email from GoDaddy about the pending (automatic) renewal several days before and had it floating around in the back of my head. This invoice was therefore something of a surprise. As such, considering this background provided an immediate indication that something wasn’t quite right. The second was that all of my domains automatically renew. I don’t receive invoices from GoDaddy–only receipts. Oh, and finally, I don’t use PayPal to pay for my domains.

Admittedly, that last one was something of a dead ringer for potential scam (or a cracked account) material.

Before doing anything, I immediately started scouring the Internet for clues. Surprisingly, I couldn’t find anything about fake invoices from GoDaddy. I found some from buyers looking for shoes (of all things), and dozens of examples of phishing emails. This wasn’t a phishing email–this was a legitimate notification from PayPal informing me of an invoice that had been fraudulently sent. So, I did what any self-respecting (lol) person would do in a time of abject puzzlement: Take to Twitter.

It didn’t take me long to find someone else complaining to both the GoDaddy and PayPal Twitter accounts about receiving an invoice for $47 on a renewal that wasn’t up yet. I replied, suggesting that it might’ve been a scam, and that I received something similar.

Of course, I don’t know that the Twitter user in question was complaining about a fraudulent invoice. They didn’t provide enough information to deduce whether or not there was anything off about the invoice they received. But hey, why not offer it up as a possibility?

About 5 minutes later, I had a notification waiting for me on Twitter. It was PayPal’s support account asking for details via DM. I’m still a bit shocked in retrospect, to be completely honest, because I didn’t expect to hear from anyone much less one of the companies in question. I certainly can’t complain, either.

As expected, they asked for account information, location, and the nature of the issue. However, they also asked for screenshots of the offending invoice (couldn’t they see it?). After a brief back-and-forth, they strongly recommended I report it to their abuse department. I was quite pleased with the immediacy of their interest, but it remains to be seen what happens with the abuse report. (I’ll have to wait until later in the week for a reply, if any; I’m not holding out much hope.)

But the saga doesn’t end there.

I’ve heard mixed things about GoDaddy’s customer support. I’ve had a wide array of experiences myself but limited mostly to their sales department (they’re rabid up until the moment you turn off the whole “I’d like to be contacted for sales purposes,” which was apparently re-enabled at some point in my account’s history). I mused for a while about whether GoDaddy should know their name was being exploited for the gains of less savory individuals. I strongly considered against it, I won’t lie, but my conscience got the better of me.

I loaded up their web chat and almost immediately got in touch with one of their support representatives. She (I’ll assume it was a she, based on the feminine accents on the name; if not, for privacy, we’ll just roll with it) asked for my name and a description of the problem.

Well, this was awkward. I hadn’t really thought that far ahead, because the problem wasn’t really a problem with GoDaddy. It wasn’t a problem with my account. It wasn’t a problem with my domains, customer service, or any particular product offering. I told her as much. The problem was weird, I can’t deny that, but I felt someone needed to know. Even if it didn’t matter, at least I could sleep better at night knowing that I tried to do something about it. After all, I can’t be the only one targeted in this scam. What if someone else were to fall for it?

I explained the issue, and she quickly escalated the ticket through the account verification process, and then asked for some additional information. I explained a couple of times that the problem wasn’t with an account or domain per se so much as it appeared to be a new-ish scam, and that I mostly wanted to report it for my own satisfaction.

We went back and forth with a couple of relevant questions, and then she asked for a copy of the scam email. I was somewhat surprised, because I hadn’t exactly received a scam email from anyone. I asked if she meant the PayPal message; she said yes. So, off went the PayPal message (as an attachment to preserve headers), and I asked if she would like screenshots of the PayPal account pages with the invoice. Much to my surprise, she also wanted copies of those.

At this point, I’ll be honest. I don’t know what good any of this is going to do. I do know that the GoDaddy support representative was incredibly helpful, and she seemed genuinely interested in my concern (even going so far as to say “You are such a responsible person” to sate my worries). I was a bit taken back by her kindness, to say the least.

What surprised me with this whole ordeal was GoDaddy’s interest in the problem. They weren’t the ones who were dealing with invoices to third parties masquerading as someone else. They were merely the third party whose name was being exploited to commit fraud. It remains to be seen if PayPal expresses concern outside social media. I hope they do, but for now, it’s been awfully surprising to me that I received far more customer care from a company who couldn’t do anything about the problem. (I say “couldn’t,” even though technically they could, as the scammer was using their name and logos–i.e. trademarks–without permission.) Nevertheless, PayPal’s social team responded to me very quickly, so they at least get a few points for expediency.

All things considered, I feel the night ended on mostly positive terms. The initial shock of receiving a fraudulent invoice that wasn’t via a phishing attempt certainly took me by surprise, but in the end, the positive experiences with a random customer service representative probably half-way across the world expressing concern and compassion for others who could become victims of this scam more than made up for it. It’s a reminder that no matter how big a company is or how variable its reputation is viewed by customers on the receiving end, there are still humans who work for them. Sure, there are humans who typically see it as just another job. That’s normal.

However, no matter how rare it may be, it’s worth noting that there are those who see it as their duty to help. It may be woefully uncommon in our society today, but there are genuinely people who want to do the Right Thing™.

I don’t expect I’ll ever know if the representative who helped me managed to escalate the ticket and share the information about this scam to others who might be able to do something. Even if they could, there isn’t anything GoDaddy could do about this scam in the first place. This is clearly in PayPal’s sphere of influence, but perhaps if they know about it they can inform their customers when they inevitably receive the calls asking “Why am I receiving this invoice?”

No comments.
***

Linux on the Lenovo Y740 Legion (2019)

It’s easy.

No, really, it is. There’s a couple gotchas and some minor inconveniences (probably self-induced in my case), but provided you didn’t do anything particularly unusual with the system configuration at purchase, it should work.

First, I want to preface this with a brief overview of my configuration. I selected one with an NVMe SSD for its primary drive and a mechanical SATA drive for the secondary. I did not select one with Optane and with good reason, but I’ll get to that in a moment. All things considered, it’s a fairly banal, boring configuration with the exception of some of the features new to the 2019 lineup (notably the Corsair RGB keyboard and configurable fan LEDs). Interestingly, the behavior of this system’s EFI isn’t especially novel or noteworthy. It just works.

Caveat emptor: The configuration I discuss in this post may not work for you. I made decisions specific to how I wanted to use this system and performed some tasks manually to avoid overwriting defaults that shipped with the laptop. I’m also using Arch and other distros may present challenges specific to the software they ship or the utilities they package. Always back up any important files and do not perform these steps if you’re unwilling to lose data. I didn’t, but I’d only just gotten the laptop a couple days prior. Had I been using it for some months, I might have performed these steps differently. Some may also question why I didn’t perform a clean install of Windows; I considered it, but I didn’t feel the need to do so.

Now to the meat of the process: Before I started, I made certain to have available two USB sticks (both bootable): One with the Arch ISO image, and the other with a bootable Windows 10 installation via the Media Creation Toolkit. The latter was in my pile of tools in the event things went south and I needed to reinstall completely.

When booting to Linux on the Y740, you’ll note that the NVMe drive is not visible from Linux. This appears to be due to the storage configuration in BIOS. By default, it’s set to Intel’s Rapid Storage Technology; switching it to AHCI resolves the issue. One of the curious things to note when changing this configuration is the ominous warning that applying a different setting will delete all data on attached disks. I found this isn’t the case, but this is also why I’d recommend against selecting a model with Optane installed. I’m not certain on this point–you should certainly do your own research–but I believe with Optane installed, BIOS transparently configures it as a drive cache. Changing this on such a system may cause data corruption which is possibly what the warning implies. (The help text for this setting also mentions it’s specifically for Optane-equipped systems, hence my speculation.)

Once the drives were configured to use AHCI, the NVMe disk was accessible via Arch, and I proceeded to image it to the mechanical storage drive (using dd, of course). This image was then moved to permanent storage on my other systems in the event I did something incredibly stupid.

I look at it this way: If I didn’t have it available, I can almost guarantee I probably would have done something stupid. Always keep a backup!

(Speaking of stupid: This section is somewhat intentionally out of order but necessary for the story to flow; read below for potential video issues, because you will encounter them.)

Now, at this point, I had two choices. My initial thought was to partition the drives accordingly, and reinstall Windows completely. This would have been the ideal situation, but I wanted to save some time (and use the system in its stock state, minus some annoying cruft like McAfee). So, the next choice was to shrink the volumes on the SSD and the storage drive to roughly half. I gave Windows somewhat more storage, because it’s Windows, and because I plan to use this as a casual gaming system in addition to doing work. Doing so is easy enough: To resize the NTFS volumes, go to Computer Management -> Storage -> Disk Management. Then, you’re only a reboot away from getting started.

This is the easy part.

With the partitions resized, and a USB stick in hand, I feverishly pressed F12 to bring up the boot device selection screen–and promptly noticed that the USB stick wasn’t anywhere to be found. After unplugging it and putting it back in, BIOS appeared satisfied enough to present me with it, and off I went. I didn’t notice this with another stick I was using, and I had some difficulty replicating the problem. I’m not sure if this is a fault with the USB flash drive I had the Arch ISO written to or whether it’s just an idiosyncrasy of this BIOS. Either way, things appeared to work great…

Until the stick booted, that is.

Apparently the nouveau drivers that ship with Arch don’t work with the GeForce 2060 particularly well. I was greeted with what looked like vague video corruption and a line roughly one pixel high that appeared to be the bottom strip of whatever text was printed to the screen. Bummer. Rebooting, pressing F2, and getting into BIOS to examine whatever other configurations might help seemed to be my only salvation. Without much clue what else to pick, I noticed the graphics configuration had two states: Discrete graphics (that is the NVIDIA card) and “switchable graphics.” I knew from helping my girlfriend with her now-crippled Acer that the “switchable graphics” setting likely allowed the system to select between the integrated Intel UHD graphics on the CPU die and the discrete (NVIDIA) card; my theory at this point was to presume that doing so would allow Linux to boot up using the Intel chipset, hopefully avoiding the video corruption immediately after the kernel loaded up.

It worked, and from here we could progress.

The Arch installation was fairly pedestrian from this point: Setup the free space with partitions (I went with /boot and root on the SSD, although I should have left them merge–more on this in a moment–and the mechanical drive got a /storage mount point and swap), format as appropriate, install, configure, and… done!

Just kidding. That last part should be cry while you figure out how you want to setup your boot loader. You see, I’ve rarely used EFI systems outside virtualization. All of my systems are pre-2014-ish, and the one or two I’ve had the (dis)pleasure of poking at were all Windows machines. So, what are we to do?

(Aside: Wiping my girlfriend’s system and installing Linux would probably end with my face on a milk carton.)

First thing’s first: We need to figure out the time. No, I don’t mean how long the whole process had taken up to this point! I quite literally mean the time. One of the pain points dual booting Windows and Linux is how to handle the system clock. Once upon a time (sorry), Linux would begrudgingly chug along with the system clock configured to local time. This is a terrible idea, and I still have no idea why Windows insists, but fortunately, you can change Windows’ behavior easily enough. However, doing so requires the foresight to change this setting before getting started–something I didn’t have because I’m stupid and it only occurred to me when I got to the point of configuring the clock. Perhaps you’ll be luckier. You’re reading this after all!

Now, where were we? Oh, right! The bootloader. This is one of the deficiencies with using Linux on newer systems. Generally speaking, EFI, UEFI, or whatever your motherboard manufacturer has decided to call it, requires special attention that we Linux users haven’t had to give to boot loading since the 2000s. No, I wouldn’t use grub either–it does apparently have EFI support, but I have painful memories getting it working under VirtualBox with EFI enabled. Perhaps this is a VirtualBox-specific issue, but I’m inclined to believe we’re better off using tools designed for a specific purpose. In this case, rEFInd.

I won’t pretend to be a subject matter expert. I’ve never used rEFInd before. The Arch Linux wiki does have fantastic resources that can help you get started, but the thing I noticed with my particular configuration is that special attention had to be placed on configuring the OS declarations in esp/EFI/refind/refind.conf. If you’re following along at home, you should at least read this section on UEFI and the entry on rEFInd.

For my system, I did not follow the automatic installation with refind-install, because I didn’t want to overwrite the default EFI boot entry. Thus, I followed the manual installation process by copying rEFInd into the EFI system partition. Note that this alone is not enough to get rEFInd to work with the Y740’s BIOS. I’m not certain whether this is due to a step I’d skipped earlier in the installation or whether it’s an artifact of the manual install, but I found the only way the Lenovo BIOS would see rEFInd even if it’s in the EFI system partition is to configure the boot order via efibootmgr –bootorder 0004,0009,2001,2002,2003. I assume this should just work, but nothing I did would force the BIOS to recognize rEFInd (with the ID 0009). Changing the boot order did work, however, and with Windows (0004) as the primary–temporarily at least–and rEFInd (0009 on my system) as the secondary, I learned that BIOS had been forcibly configured to see rEFInd allowing me to change the UEFI boot order accordingly.

I also discovered that I could not get rEFInd to recognize the /boot/refind_linux.conf configuration. I’ve not investigated why, but I suspect it’s either due to my choice of partitioning (remember, I’m using a separate /boot and root!) or misunderstanding of rEFInd. However, configuring Arch via esp/EFI/refind/refind.conf has worked just fine. I should also note that by esp in the former example and above paragraphs, I mean the EFI System Partition. I mounted this (/dev/nvme0n1p1 on my system) to /boot/efi for ease of access. I’d suggest doing the same if you plan on going down this route.

Finalizing the Linux installation was relatively painless once the bootloader struggle was resolved, and I had NFS plus KDE working more or less out of the box. The system does quite well under Linux thusfar, although I’ve yet to configure wireless networking. I suspect the wireless NIC will work fine: I can see the card in ip link and the ridiculously named “Killer 1550i” cards are, as far as I know, simply rebranded Intel 9560NGW chips.

There is some unfinished business, and I’ve encountered at least one or two teething problems. First, this configuration doesn’t address secure boot. I was primarily focused on getting Linux working rather than working with secure boot. I’m hopeful this won’t be especially difficult, and from what I’ve read it appears the process is relatively straightforward. I’m planning on going the machine owner’s route with regards to kernel signing, with further plans to automate the process in a pacman hook. I’ve also noticed the wired network didn’t come up automatically in spite of being enabled via systemd (I prefer using systemd network configurations via /etc/systemd/network over NetworkManager), and there’s a large amount of i2c_hid spam in the journal. I suspect this may have something to do with some of the peripherals in the system (touchpad? wireless mouse?).

I’ll eventually write a part two once I get some of the remaining issues resolved, along with documenting whatever else I may encounter. If you’re using Linux and just bought one of these systems, please don’t feel overwhelmed with the installation process. Just be cautious, think things through, and have a plan of attack. Don’t forget to back things up, too. Oh, and as much as I don’t like Windows 10’s Microsoft account option, I would recommend logging in with one at least once because it ties the software license for that machine to your account. If you decide to reinstall Windows, this is a good thing, in my opinion!

2 comments.
***