Boycott Performance Bike

Boycott Performance Bike.

Performance is a company that sells bike components. They’re pretty big and have acquired their former competitors like Nashbar and SuperGo. That’s too bad because I really don’t like Performance. Maybe you shouldn’t either.

In 2001, Kevin Fu and I (along with some other members of the Applied Security Reading Group) were looking into the security of web cookies. We broke some cookie authentication schemes and made some recommendations about how to improve them. Most companies were very receptive and thankful when we contacted them privately and pointed out potential problems. Performance, Inc did not. Their site in 2001 had several problems, most notably guessable session ids that would allow anyone to access personal (e.g., password, address, credit card numbers) about other customers. They delayed for over a month on fixing these problems and suggested simply that I order over the phone if I was worried. That’s not the answer you want to hear from a company with your credit card number: anyone could have stolen as many credit cards as they wanted with a simple Perl script.

So, instead of making phone orders or checking if they’ve fixed their problems, I decided to delete all my credit card information from their website (as best I could), sign off all their mailing lists and never buy from them again. (It does look like their security scheme is slightly different now, but I don’t know how much better.)

On Monday, I got an unsolicited e-mail from them:

Welcome and thank you for subscribing to our specials email list!

As a subscriber, you will be the first to receive notice of all our special online promotions. Plus, you are now eligible to receive exclusive, online deals not offered to anyone else.

Thanks again, we know you will enjoy receive [sic] our mail. And remember, all online purchases are 100% guaranteed by Performance.

I didn’t subscribe to their list; I can only conclude they went through a list of people who had stopped ordering from them and added them to this specials list. And today, they sent me their latest specials.

I hate that I don’t have control over whether companies send me ads/catalogs and that I have to explicitly tell them not to sell my address, preferences, and who knows what else (”opt out”). I hate that most companies don’t let me tell them to delete information about me. And most, I hate those companies that still contact me (and, potentially, share my information) after I’ve told them not to.

I can’t fix privacy laws, but I’ve switched to supporting my local bike store: they don’t send me spam or keep my credit card information online. My suggestion for you? Boycott Performance Bike.

This entry was written by Emil Sit, posted on 24 March 2006 at 3:40 pm, filed under Rants and tagged , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

8 Comments

  1. Gary Snook
    Posted 22 November 2006 at 1:10 pm | Permalink

    Welcome to the real world, pork chop!! Privacy is an illusion especially on the internet. Act accordingly.

  2. Emil Sit
    Posted 22 November 2006 at 1:43 pm | Permalink

    Gary, I think that point is really brought home by the fact that my server logs show that your comment was posted from 207.13.126.2, which as of today was a /28 registered to Performance Inc. Thanks for the advice!

  3. Withheld for Privacy Issues
    Posted 16 February 2007 at 10:55 am | Permalink

    What tha? Gary Snook is the founder of Bitech; dba: Performance INC. This just goes to show how ridiculous this company is run. Their MIS department is sad, they refer you to there computer management company with IT problems. It is no surprise that there security is questionable. I worked for them in Atlanta. They are cocky and the District Managers especially in Atlanta are just followers to the slaughter. No social skills at all. The stores will fail eventually and to this demise I am glad to have left. DM’s belive that by reading “management skills” type books they can control the world. This is not a bike company this is a retail machine that has no real grasp of the concept of being human. The motto by the Dm in Atlanta is to get your “mookies” moving and “there will be consequences”. They practically refuse to terminate employees but rather give them less and less hours until they have zero for a few weks or months and they just disapper from the schedule. Sickening! They know that someone with zero bicycle experience will walk through the door off a bus and replace them. Whatever! For the founder of the company to call you “pork chop” how pathetic. It starts at the top and works it’s way to the bottom.

  4. Rich
    Posted 28 April 2007 at 8:18 pm | Permalink

    Perhaps Gary Snook should spend more time checking the quality of his house brand merchandise and less time responding to critiques of his stores policies regarding privacy. Snook..Your Forte` tires are beyond bad..they’re damn dangerous.

  5. Jeff Woelker
    Posted 16 May 2007 at 5:08 pm | Permalink

    I share your sentiments my friend.

    Performance Bike Spams

  6. Chip Tredo
    Posted 29 November 2007 at 7:19 pm | Permalink

    Well guys (gals?), I work at the Plano, TX store. I was delighted to get the job as I’ve been shopping them for 20+ years now, and the employee discount is keeping me in new tires on all my bikes. Despite what some of you have written, their products really aren’t bad. If you want “the lightest” or “the fastest” or “the most durable”, then yes, you need to shop somewhere else. Performance’s house stuff is very middle of the road. But when you consider their merchandise in a “price vs. performance” scenario (all puns intended) it really is a good value. Staffing… unfortunately, one bad apple can spoil any Blog. Of the 20 or so people working at my store, there are 2 that need to be let go. But the rest are knowledgable, helpful, and not inclined to be doing something else when there are customers in the store. We’re there to help y’all. (sorry, I’m in Texas, I have to use that language around here). re: internet security… I have no clue. But I’ve purchased stuff from Performance on-line many times, never had any problems. And I do agree with the one comment, the concept of “internet security” is a myth. - Chip “on your left…” Tredo

  7. me
    Posted 25 April 2008 at 12:54 pm | Permalink

    For my own reasons, I wanted to find out what other random people in this world had to say about Performance bicycle. Is there still a plano TX store? Please reply. Did the owners of Performance INC or BiTech shut it down? I heard the investors will walk into a store and if an employee doesn’t say anything to a customer within a minute or something, they will fire the employee.

    I dont’ care about the product comment but how they value people; both employees and customers. I think they force a profit for themselves; the investors, but it is only at the expense of the employees who are trying to operate the store with no budget for employees and training. Their give it away policies force this situation. Let me know if you have a different experience.

  8. Daniel Norton
    Posted 23 August 2008 at 5:58 pm | Permalink

    They’re obviously unethical goofballs from your story and from my recent experience with trying to stop spam from them: http://performance-bike-spam.blogspot.com/

One Trackback

  1. By Emil Sit » Privacy, the Internet, and me on 11 September 2007 at 10:26 am

    [...] always been careful not to reveal much personal information online and often distrust online vendors. Some of my friends are thus surprised that I have a homepage, a blog and now a tumblelog. However, [...]

Post a Comment

Your email is never shared. Required fields are marked *

*
*