I think that anybody who publishes publicly should disclose who’s paying them, because it’s unethical not to. Call me old-fashioned. So I’m here to disclose a new paymaster and tell you almost nothing more. But stick around anyhow, because I have a moderately funny onboarding story.

Just the facts · For some months now, I have been working a few hours most weeks, part-time, for The Man. What man, you ask? The man, I mean: Uncle Sam!

Specifically, I’ve been helping an agency of the United States government, in the capacity of Invited Expert, with an in-progress litigation between them and Meta Platforms, Inc.

That’s all I’m gonna say. It’s a time-honored tradition to decline comment on an issue where litigation is in progress. Any questions on the subject will be met with stony silence. Maybe when the story is over there’ll be stories to share. But not now. Thanks for listening.

Oh, wait! · There is a story to tell! Let’s start with a screenshot.

The sam.gov web-site front page

So, when I was negotiating about Working for the Man, there were a couple of conditions. First, I needed to keep the relationship confidential for an initial period (now over), and second, our little family company needed to register as an official vendor to The Government Of The United States Of America. which means getting to know sam.gov, whose welcome page I have reproduced above. “Well,” I thought, “I’d better just go register, then, hadn’t I?”

[Narrator: (Hollow, mocking laughter, intermittent sobs.)]

Now, let’s be fair: It’s probably not reasonable to expect the process of getting set up to get paid, by the world’s single largest spender of money, to be lightweight. In any modern nation, there’s going to be a forest of legislation surrounding this, for good reasons. People being what they are, there are going to be those making it their lives’ work to figure out how to extract money fraudulently. There are going to be programs favoring certain sectors: Small businesses, disadvantaged minorities, and so on.

Also, I tip my hat to whoever came up with the name System for Award Management (S.A.M., get it?) and thus dub the money-spout Web site “sam.gov”. I grin a little every time it comes up.

Anyhow, getting registered took many weeks and included more than one episode of me shouting filth at the computer while family members escaped to other parts of the house.

First I had to get a number from NATO to help with co-ordinated acquisition; suppose I wanted to sell flame-throwers to France in future? That was pretty easy.

Then the first Boss Battle: Apparently at some previous point someone had already registered our company (An accountant? A lawyer? Me?) and when I entered the details, they were inconsistent with what was on file.

[Narrator: Sucks to be you.]

Of course, sam.gov would not reveal what the inconsistency was, its error message was along the lines of “Field mismatch, xthksby.”

Weeks passed. I uploaded multiple documents concerning every detail of the business. Finally, it worked. I then trudged through the many, many screens-full of registration questions which, I will concede, were mostly perfectly sane. Sam required reassurance on many subjects: That I had not been previously convicted of stealing from the government or systematically abusing my female employees or selling arms to Tajikistan, for example. You’d be surprised (well, I was) how many bad things I might have done (but hadn’t). I also had to confess that, for many special categories of extra-worthy vendor, I wasn’t one of those.

Then, unexpectedly, on another ordinary Web form, the final end-game Boss Battle, a field asking me to enter the Trade Register Number.

[Narrator: Oh, no, not the Trade Register Number! You’re doomed, doomed. Abandon all hope, ye who enter here.]

Any company that’s doing business has many different ID numbers having to do with tax and incorporation and banking and so on. I tried them all. (“Incorrect value, kthksby.”) I filed ticket after ticket with the General Service Administration help desk. I Googled furiously. I asked everyone. All these efforts bounced off sam.gov’s surface like bullets off Godzilla. Finally I sent a regretful email to the agency saying they’d have to do without my expert advice.

Literally the same morning that email went out, a wave of peace and beauty swept through the noösphere, and sam.gov relented. So now our little Canadian company has a “Unique Entity ID”. And an agency name and a contract number. And every month, I generate an invoice containing that data (we use Paymo, it’s totally great) and email it to an address that ends in .gov and, a few days later, we get a polite email acknowledgment which suggests an actual human is in the loop, then some dollars land in the bank account with the notation “US TREASURY”.

What’s the winning formula? · Well, I guess I’m now a minor expert in fighting my way into sam.gov, and I think I know what happened. Every time the registration process went off the rails, I created an “Incident” with the GSA Federal help-desk. In most cases, the response was the equivalent of “Did you try turning it off and on again? Ticket closed. Kthksby.” But on two occasions — once for the conflict with the pre-existing registration, once for the Trade Register Number — there was an eventual response like “Fixed it, re-submit.” And indeed they had fixed it.

So I think the winning technique is simply to flood their input queue with issues and eventually one will find a chink in the armour and reach an intelligent human being who Just Fixes It.

Anyhow, recently on the Fourth of July, at dinner, this Canadian family drank a toast to Uncle Sam.



Contributions

Comment feed for ongoing:Comments feed

From: Dave Pawson (Jul 25 2023, at 23:50)

A tribute to your patience Tim :-)

[link]

From: Luci (Jul 28 2023, at 11:50)

“ would not reveal what the inconsistency was, its error message was along the lines of “Field mismatch, xthksby.” sounds frustrating, but that’s considered best practice for a web application, lest a would be attacker get free hints of what to abuse next.

[link]

From: Luci (Jul 31 2023, at 13:00)

“ would not reveal what the inconsistency was, its error message was along the lines of “Field mismatch, xthksby.” sounds frustrating, but that’s considered best practice for a web application, lest a would be attacker get free hints of what to abuse next.

[link]

author · Dad
colophon · rights

July 24, 2023
· The World (150 more)

By .

The opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.

I’m on Mastodon!