Friday, October 21, 2005

software: no path to decent anti-virus, or other system software

The trial Norton AntiVirus I picked when I upgraded to XP SP2 has expired. I was on the verge of ordering Norton AV 2006 when the form prompted me for a "coupon code", and a Google search pointed me to this litany of horror stories regarding anti-virus software: botched upgrades, software that won't uninstall cleanly, incompetent support, etc. Which reminded me of my own Symantec software renewal heck on another PC, and two friends' off-and-on problems with McAfee updates.

Experienced users are clear about what they want from system software like anti-virus:
  • do one thing only and do it well
  • if it does lots of things, install and enable only those features the user wants
  • make it easy to later disable and uninstall unwanted features
  • not litter the Windows registry with lots of confusing values
  • run few startup programs, services, system tray icons, and processes
  • those few should be obvious, well-named, and easy to disable and uninstall
  • implement a simple reliable subscription update service that continues to work for years
  • upgrade in-place cleanly
  • uninstall cleanly
  • have good diagnostics linked to a complete knowledge base for when (not if) it goes wrong
That's what matters to me for anti-virus, CD burners, media players, photo organizers, printers, scanners, etc. because software that does too much and does it badly is going to f*** my computer over.

Yet it's impossible to find how well a given piece of software does on these criteria before committing to it. The worthless reviews in PC magazines never cover these issues: the reviewer obviously installs the software on a virgin PC, does a cursory run-through of its features, runs some dubious performance tests ("It scanned 23,571 files on my hard drive in 42 minutes!"), finds some trivial flaw to prove she or he is paying attention ("It failed to unpack a compressed .ARC file from 1986") then wipes the disk clean and writes a glowing puff piece that's little better than the manufacturer's feature list.

Returning to anti-virus software, the big names do too much and the 'net is full of horror stories of them going wrong. But are the smaller companies any better? It's hard to tell; Trend Micro PC-cillin says "features include Home Network Control and Wi-Fi Intrusion Detection" and AVG's technical FAQ won't even render in my Firefox 1.5beta2.

"It works for me" testimonials are no use; 18 months ago I would have said Norton AntiVirus works fine and updates cleanly.

Categories: , , , ,

Labels: ,

Wednesday, October 19, 2005

"The whole thing is so brilliant it makes me laugh"

I've read about the Clock of the Long Now for years and thought it only a mysterious plaything for rich eccentric inventors, but just like the author of this Discovery article when I came to
A sunbeam striking a precisely angled lens at noon triggers a reset by heating, expanding, and buckling a captive band of metal.
I fell for it. An amazing endeavor.

Monday, October 17, 2005

music: going deep on Bob Dylan

Bob Dylan, sure, legend, I have the Biograph box set of vinyl, but I always respected rather than enjoyed his music. So watching the "No Direction Home" documentary on PBS was revelatory. His development is so completely rooted in the 1950's folky New York coffee bars, yet the timelessness of his songs transcends the milieu. And his grating naïf presentation is more than a homage to the folk and blues traditions, it's the whole thing restated through his songwriting.

Young Elvis Costello copped so much attitude from young Dylan that he should be arrested. To be so aware of your talent yet viciously protecting it from anyone trying to box it in by denying everything. Reporter at press meeting 1: "You write lots of topical [protest] songs -" Bob Dylan: "No I don't!" Reporter at press meeting 2: "You've stopped writing topical songs -" Bob Dylan: "Everything I write is a topical song!"

I had a similar experience watching the much less ambitious documentary John Lennon's Jukebox, also on PBS. Hearing the songs from which he stole the harmonica on "Love Me Do", the shouts on "I Want to Hold your Hand", the guitar lick on "Ticket to Ride", really deepens your appreciation. The Beatles loved their roots and hearing those roots in context pulls you in deep.

Categories: ,

Tuesday, October 11, 2005

style: pocketless pants immortalized

Ever since a family gang of pickpockets stole my money years ago, I've never used the back pockets in pants. The next step, if they're sewn-on patch pockets, is to cut them off altogether, leaving either just the rivets or a faint Rachel Whiteread-esque memory of the pockets.

It seems natural and functional to me, but others find it deeply odd. CSS master and Burger Time supremo btap just immortalized it in the Pocket Mischief comic. Thanks Brian!

Categories: ,

Monday, October 10, 2005

non-support: Earthlink can't help me help itself

I tried to tell Earthlink about the bug I found in their Fraud & Abuse Submission Form: it displays a useless error page if the text of the phishing e-mail is too big. I know this rarely works with big companies, so I specifically said
I want you to report this BUG in the "EarthLink Fraud & Abuse Submission Form" to the Web engineering manager. Please respond when you have done so.
I also know this doesn't help. "Rachel T 3692" promptly responded with a canned template response about phishing and fraudulent e-mail, completely ignoring my bug report. The template even suggested using the same form that I'm telling them has a bug.

I replied saying that was unacceptable, and "Please respond to my original question below as I wrote it or escalate it to someone smarter than you who can understand my bug report."

I also know that escalation also doesn't work. "Sammie K 3781" promptly responded apologizing for the first response, but included another canned template response about corrupt cookies. Anyone can reproduce the problem I reported in two minutes and see that cookies aren't a factor. At least he or she said "we will surely forward your concern to our engineers and provide you other mean of reporting HTML source of the phishing e-mail".

It is so sad. Clearly Earthlink has no concept that customers could support them. They have a Support organization focused on resolving customer issues quickly at minimum cost, they have an Engineering organization developing their software, and the two have no ability to talk to each other. I doubt Rachel T and Sammie K or their manager have ever met the development and quality assurance engineers working on Earthlink's Web applications. The people in support would probably would get in trouble if they took five minutes to reproduce my bug instead of responding to the next customer incident, or if they took the initiative to find out the QA manager for Web applications and put me in touch with her.

The cluetrain manifesto, which told corporations in part "Figure out how to have conversations with your customers over the Internet," is 6 years old.

Meanwhile I can file bug reports myself against most Open Source applications to deliver feedback straight to the development engineer, with no costly support organization or QA group getting in the way.


web: Earthlink bites the hand that feedbacks

SPage's law: the part of every Web site with the most problems is the feedback form for reporting problems.

I get a phishing e-mail from "Processing Support <procsupport@earthlink-encryption.com>" titled "EarthLink Network user data confirmation." It invites me to fully verify my identity at a secure form which is actually a link to http://customers.earthlink-encryption.com:4443/?signature=V3pPcOZpKgxLaYBMV...

I visit Earthlink support and quickly find their Fraud & Abuse Submission form, http://securitycenterkb.earthlink.net/fraudmi.asp?route=email.
The form tells you to copy and paste the source of the e-mail message into a text area, and even gives you instructions on how to view the message source. All good so far.

But when you submit, you get a useless generic error page http://securitycenterkb.earthlink.net/error/errorMessage500.asp
So I couldn't report fraud using Earthlink's fraud reporting form!

I guessed that there's a bug in the form processing such that it can't handle large amounts of text in this text area. But many phishing scams use big complicated HTML to hide their contents from spam detectors; in this case the text is in table cells separated by rows of white-on-white garbage text.
<table cellpadding="0" cellspacing="0" border="0"><tr><td><span >Dear</span></td></tr>
<tr><td><span style="font-size:78%;color:#FFFFFF;">Pb</span></td></tr></table>
<table cellpadding="0" cellspacing="0" border="0"><tr><td><span > Ear</span></td></tr>
<tr><td><span style="font-size:78%;color:#FFFFFF;">yP</span></td></tr></table>
... etc.
Does the textarea have a reasonable size limit, does the form warn you it has a size limit, does it have a character counter, does it stop accepting text when you exceed that limit, does it warn before submission, and does the server-side script check? No, no, no, no, no, and no.

Labels: ,

Tuesday, October 4, 2005

Web-based drawing overlays with annotations

I'm remodelling a house. The drawings of the architect and the acoustician don't match and they have trouble incorporating each other's adjustments. We'll have similar issues when FiFi LaChintz does the interior decorating and Groundskeeper Willy does the landscape design. So I want a Web-based drawing presenter that lets you place and overlay multiple images in different formats, adjust their translucency (like onion-skinning in Macromedia Director), and make annotations.

So in the stack of images
  • June plan.dwg
  • speaker_placement.jpg
  • Sept plan.dwg
you'd have annotations between layers like
  • "The equipment racks have moved East."
  • "You have the speakers centered on the window bays, not the room"
  • "The cable run in your sketch have to go through the rafters in mine"
The program doesn't have to do any interactive drawing of its own, just present a layered set of drawings.

It's similar to Google maps with an arbitrary set of graphics from the Web.

A server would do image conversion (few browsers can render .dwg files).
I'm not sure if you can do the overlays on the client (png files with different alphas in overlapping divs)?

Maybe Autocad has this, but their Windows-only viewer seems no longer free.
Maybe Madocromebedia Acrobat has this, but it's hardly Web-based.

Categories: , , ,