Michael Eriksson's Blog

A Swede in Germany

Posts Tagged ‘usability

The misadventures of a prospective traveler

leave a comment »

Three issues that have collaborated to drive me nuts today:

  1. I had promised my father and step-father to try to come to Sweden over Christmas or New Year’s.

    For this purpose, I had already made several attempts to find suitable tickets with the Tor Browser (relayed through Tor or directly over my non-torified Internet connection, even with JavaScript enabled). This had proved very annoying and unproductive. For instance: The Lufthansa site simply does not load at all, it just hangs with a perpetually waiting tab. The SAS site loads, appears to work, allows me to fill in all criteria—and then does nothing when I try to submit the search. Ditto EuroWings. A meta-search that I attempted to use was hopelessly slow, insisted on (with every single search) re-including flights with a change of planes,* and also insisted on re-ex(!)cluding potentially cheaper late-night** flights. At least one site interrupted my search by having a JavaScript pop-up demand that I take a survey to improve its usability…*** Almost invariably, these sites had various annoying blend-ins/-outs, animations, overly large images, poorly structured pages, …

    *Which roughly doubles the travel time between Düsseldorf and Stockholm (that have the most suitable airports) and is highly unwanted by me.

    **A smaller negative than changing flights…

    ***First tip: Do not molest customers with such pop-ups!

    Having given up and postponed the search twice already, and now having the 28th of December, I decided to install a brand-new vanilla Firefox, in the hope that at least the SAS/EuroWings problems would be explained by some version incompatibility with either the Tor Browser (as a Firefox derivative) or my version being too low.*

    *Many web-sites, in the year 2018!, still fail to make browser-agnostic implementations, insist on very recent versions of browsers, and similar—usually with no indication to the user that they do. (And visiting an eCommerce web-site without JavaScript on is more-or-less bound to fail.)

    First attempt, SAS: Everything seemed to work, but the web-site was now even more visually annoying than before. The choosing of dates, for some reason, worked in a different manner than before and was highly counter-intuitive. Seeing that there also (not entirely unsurprisingly) were no good flights prior to the New Year and that prices were unnecessarily high, I decided to look elsewhere first.

    Second attempt, Lufthansa: Still did not load…

    Third attempt, EuroWings: To my great and positive surprise, everything appeared to work perfectly, showing me timely and much-cheaper-than-SAS flights. Things kept working as I began my purchase, entering name, address, and whatnot—and I even found the alternative to pay by invoice!* Alas: As I tried to confirm the last step, I was met with an uninformative error message and the request to start again from the very beginning. There was, in particular, no mention of factors like the last few seats on that flight having been suddenly snatched by someone else, or invoice payment not being possible on so short notice**. Before starting over from the beginning, I gave just the last page a second try. I re-entered some (inexplicably deleted) information and re-submitted. Same error message—but now followed by an intrusive pop-up suggesting that I start a chat with someone… I clicked the dismiss button—but, instead of disappearing, the pop-up did a weird and time-consuming animation and kept blocking a significant part of the page even after the animation was finished. At this point, I had had enough, closed my browser, and decided to find other means—which will likely amount to going to a physical travel agency and visiting at some point after the New Year…

    *Thereby removing one of my last doubts, namely the risk that I would be forced to pay with a combination of credit card and 3D-secure—which I (a) have never attempted with my new bank, (b) fear would involve the idiotic use of SMS (I do not currently have a cell provider), (c) had found to simply not work at all with my previous bank (the to-be-avoided Norisbank).

    **For which I would have had some sympathies–but, in that case, invoice payment should never have been offered in the first place.

    These events are the more annoying, seeing that there actually was a time when it was reasonably easy to handle tasks like these over the Internet—it really is not that hard to implement a decent search–choose–pay UI. However, year for year, the usability of various Internet shops and whatnots grows worse and worse, and appears to make more and more specific demands on the browsers. Much of this goes back to the obsession with Ajax. Credit-card payments are also not what they used to be, being much more laborious and likely to fail than in the days before 3D-secure and similar technologies. Worse, from the customers point of view, they likely lead to a net loss of security, whereas the stores and involved payment entities see the gains.* Then, if not relevant above, we have the inexcusably poor efforts of various delivery services, notably DHL, which often make it less of a fuzz to go to a store and pick up a purchase in person…

    *For the customer, the risk that someone will manage to fake a payment is reduced, but if someone does, he has very few options to prove that he was the victim of fraud. Without 3D-secure, the burden of proof was on the other party, and the customer had very little risk at all (short of additional work). The merchants and credit-card acquirers, on the other hand, can have large costs and losses when a fraudulent purchase is followed by a charge-back—and 3D-secure helps them, not the customer, by reducing this risk.

  2. Installing and setting up Firefox proved to be a PITA. Apart from the issues of the next item, I note that any version of Firefox has tended to come with very poor default settings, including default UI behavior; and that the “new” Firefox is highly reduced compared to the “old”.* After installation and prior to my attempts at finding tickets, I spent at least five minutes going through and correcting settings—that were then, obviously, only even valid for that one user account**…

    *The changes would be enough for a long own text. For now, I will just note that (a) that the GUI-configurable settings have been reduced to a fraction of their previous scope, (b) the general attitude described in e.g. [1] is continued.

    **I have a number of user accounts for different purposes, in order to reduce the risk of and damage from security breaches and whatnots. This includes separate accounts for eCommerce (the current), my professional activities, ordinary surfing, porn surfing, and WordPress.

    To boot, a new dependency was installed: libstartup-notification0. I did some brief searching as to what this is, and it appears to be just a way for an application to change the shape of the cursor during startup… (Beware that my information might be complete.) Firstly, why would I want the cursor to change?!? Secondly, even if this was seen as beneficial, it certainly is not reason enough to add yet another dependency—there already are too many useless dependencies, many of them recursive (also see portions of a text linked below).

  3. The idiotic Debian “alternatives” systems and the “desktop nonsense”.

    Disclaimer: Some familiarity with Debian or similar systems might be needed in order to understand the below.

    When a Debian user installs an application, e.g. Firefox, /usr/bin/firefox (or whatever applies) does not contain the Firefox binary—nor even a link to the Firefox binary. Instead, it links to an entry in /etc/applications, which in turn links to the actual binary (unless a certain setup has even more indirections involved). To boot, this system is administered by a poorly thought-through tool (update-alternatives) and/or configuration; to boot, it is vulnerable to applications arbitrarily overriding the status quo, as well as adding pseudo-applications (e.g. x-www-browser) that at least I simply do not want polluting my system.

    In fact, these pseudo-applications are likely the reason why this system was added in the first place—because e.g. x-www-browser can be “provided” by a thousand-and-one different real applications, it would be highly complicated to work with straight links, let alone binaries (especially when one of the “providers” is removed). For real applications, there is a much better way to solve such problems—namely, to just link e.g. /usr/bin/firefox directly to the usually sole instance of Firefox present and give the user an explicit choice of the “default” Firefox every time a new Firefox version was installed or an old removed.

    Why do I not want these pseudo-applications? Firstly, they bring me and most reasonable users, at best, a very minor benefit (for which they bring the cost of the indirections and the greater effort needed when looking for something). Secondly, the “providers” are usually sufficiently different that unexpected effects can occur.* Thirdly, they are often used by other applications in a manner that is highly unwanted: For instance, one of the alleged main benefits of x-www-browser is that any other application, e.g. an email reader, should have an easy way to open an HTML document, without having to bother to check what browsers are installed—but I absolutely, positively, and categorically do not want my email reader to even try this. In a saner world, this would be something configurable in the email reader (and only there), and those who want this endangerment can configure it, while those who do not want it simply do not configure it. By having x-www-browser, the user no longer has such control. Worse: Since the real application behind x-www-browser can change without his doing (be it due to presumptuous applications or an administrator with different preferences), the effects can be very, very different from the expected—e.g. that a known browser with JavaScript, images, and Internet access disabled (appropriate for reading e.g. HTML emails) is replaced with an unknown browser with everything enabled. (Which, in combination with email, could lead to e.g. a security intrusion, leaking of data to a hostile party, activation of unethical tracking mechanisms of who-read-an-email-when, and similar.)

    *For instance, there are many highly specific tool families, e.g. awk, whose members will superficially appear to be and behave identically (much unlike e.g. Firefox and Chrome/Chromium, as x-www-browser candidates), but will have subtle differences that can lead to a failed execution or a different-than-expected result in certain circumstances. Such problems, especially when undetected, can have very serious consequences. It is then much better for the user to, depending on circumstances, pick the specific awk-version he needs by explicit call (=> the alternatives system is not needed), make sure (for a one-user system) that he only ever has one instance installed and use the generic “awk”-name (=> the alternatives system is not needed), or restrict himself to only the common base of identical features. In the last case, the alternatives system would have some justification—however, it would place a very high burden on the user in terms of not making mistakes, might still fail due to undocumented differences or bugs, and is vulnerable to other differences, e.g. regarding performance. Obviously, this would also reduce the available capabilities of the tool in question—in many cases, quite severely.

    Similar remarks concern the “desktop nonsense” (which would deserve a long text of its own; a partial treatment is present). In this particular case, there are at least two* further mechanisms (/usr/share/applications, /usr/lib/mime/packages/) that cause similar problems, including allowing e.g. email readers to launch things that they should not launch. I have used the tool chattr to forbid additions to these two directories; however, due to the incompetence of the apt implementers and/or package builders, this is only a partial help: Despite these entries being unimportant for the actual functioning of the system/the installed application, the chattr-setting leads to a hard error from the apt-tools. I know have to “de-chattr” the directories, re-attempt the install, manually delete the added files, and “re-chattr” the directories … Effectively, I do not prevent the directories from being polluted—instead I trade an increased work-load for the benefit of knowing when I have to manually clean them up after pollution.

    *Proof-reading, I suspect that /usr/lib/mime/packages is not strictly desktop related, and might better have been treated as a third area. In the big picture, this does not matter. (And I do not have the energy to sort out “what is what” at the moment.)

Advertisements

Written by michaeleriksson

December 28, 2018 at 6:43 pm

Poor user interfaces / gkrellm and battery notifications

leave a comment »

Even the world of software development, even in the Linux and “open source” areas, often shows such signs of incompetence that it boggles the mind. This in particular where usability and workflows are concerned.

Take what I just observed: I tried to activate the low-battery notifications in the monitoring tool gkrellm.* These are activated through a checkbox on one config page, with the actual configuration (what to do when) on another, in a pop-up—it self disputable, considering that there were ample space to put both parts on the same page. I opened the other page, filled in appropriate values, closed the pop-up, and checked the check box to activate the settings. What happens? I am alerted that the settings have changed and that I must now open the pop-up to enter information (I do not recall the exact formulation). As I re-open the pop-up, I see that the settings just manually entered have been arbitrarily restored to empty default values!!!

*I run my notebook attached to an electric socket almost without exception and normally have no need for notifications. However, recently, some type of glitch in the connection at the notebook-side has led to a temporary interruption on several occasions—and today I awoke to find that my notebook had ran its battery down and shut off during the night.

Not only is this an extremely user-hostile restriction on the workflow, it is also not communicated in advance, the reset of the values borders on the inexcusable per se,* and (with some reservations for the detail implementation) this could prevent one of the most obvious uses of the settings—to keep a constant set of detail settings that are activated or deactivated as the situation fits.**

*With few exceptions, values explicitly set by a user should never be changed automatically or as an unexpected side-effect of a manual action. A similar example is the cookie settings in Firefox: If someone allows cookies per the main option, chooses the sub-option to disallow third-party cookies (as he should!), and later deactivates cookies per the main option, then a later reactivation of cookies will also change the sub-option to allow third-party cookies, which is counter-intuitive, against the stated will of the user, and to boot a poor default setting. (Disclaimer: I have not verified that this mis-behavior is still present in recently re-vamped Firefox.)

**E.g. in that someone using a notebook on a daily commute might have them off (as an unnecessary disturbance, because he knows that he will arrive before the battery runs down), but have them on when otherwise working without external power.

Generally, gkrellm has a very odd and unexpected user interface, be it in the main product, the various plug-ins individually, or the various plug-ins compared to another. (The F1-key opens the configuration, not the help. Sometimes a mere click on a plug-in activates or deactivates a feature; sometimes it does not. Extra information is sometimes displayed when clicking minuscule squares with no functional identification. The configuration is usually poorly though-through. Etc.)

Written by michaeleriksson

November 10, 2018 at 4:08 pm

Tax declaration for 2017/More on Elster etc.

leave a comment »

My second go at the tax declaration was more successful than the first. A few, likely incomplete, remarks, however:

  1. As far as I can tell (without making a detailed check) all the old problems remain (cf. e.g. [1], [2]). This includes the inability to edit multiple forms in parallel and the arbitrary number-format issues, both of which were big annoyances. The latter includes complications like that copying “11,30” into the one field leads to an error message that decimal positions are forbidden, while copying “34” into another brings the error message that two decimal positions are mandatory (even though an exact number was intended—not a rounded “34,25”). Never mind that all other tools I use follow the convention of a decimal point while Elster strictly uses the German convention of a decimal comma
  2. The handling of VAT (not Elster specific) is an unnecessary cause of complications and not very logical: Despite* VAT merely being collected by businesses on behalf of the IRS**, it counts as income when collected and as cost when either paid out the IRS or paid to other business (based on their bills). This introduces several pointless fields and the need to copy*** data from the one form to the other, where the net result should be 0.**** Really, this should not be income and cost—but positive and negative cash flow: There is no* change, even temporary, in terms of overall net assets and the “accounting balance” —only temporary fluctuations in the bank balance.

    *Looking at practical intent and logic: The formal system might be different, which would explain the illogical procedure.

    **I refer to the German Finanzämter and the general system by “IRS” for convenience and understandability. The correspondence to the U.S. entity is not perfect, however.

    ***It remains the case that data input or calculated in one form cannot be automatically synchronized with other forms referencing the same values, introducing manual steps and potential errors. This is especially absurd, seeing that these values do not really benefit the other forms—a good system would require the IRS to input the values (preferably automatically) based on the forms.

    ****At least once the yearly VAT declaration has lead to a correcting payment over the monthly pre-declarations and pre-payments.

  3. My VAT calculations were partially foiled by some older submitted forms no longer being readable—for no discernible reason.
  4. Various copy actions were made the harder through Elster somehow (likely not deliberately) disallowing the copying of calculated values from the forms. Whereas it is normally not a problem to copy any piece of text from an HTML page, this was simply not possible here. (I did not investigate in detail why this was so, but a brief look at the HTML code makes me suspect that the values were somehow displayed through CSS instead of normal text.)
  5. I tried to save* the EÜR-form with dummy values of “TODO” for some fields where I did not have the values at hand,** wanting to complete the rest and come back to these fields later. This with the particular point that I had now identified all the fields that I needed, allowing me to target these specific fields later—without having to go through the entire document again, costing me additional effort and introducing the risk of missing a field the second time around. Alas, not only were these fields marked as containing errors, but it was impossible to save the form without correcting these errors. (Note: Not send the form, which would have been OK—merely save the form.) Imagine if a code editor refused to save code that did not compile, a text editor text with spelling errors, or a spread-sheet fields with invalid formulae.

    *Thinking back, I am a little uncertain whether I tried to save, just move to the next page of the form, or both. Whichever applies does not alter the idiocy, however.

    **Including some of the aforementioned VAT fields.

    As a workaround, I filled these fields with absurdly large values that would have caused correspondingly absurd totals to appear, (a) giving me a chance to see what fields were picked, (b) making it obvious if a field had been missed. Still, this is suboptimal and introduces a further moment of risk.

    Needless to say, the nifty feature of being able to mark (e.g. through a check-box) what fields are relevant-but-still-incomplete is not present.

  6. Many of the forms could be made a lot easier by adding a few central switches that suppress irrelevant parts (“married yes/no” e.g.—someone not married has no possible use for half the “Mantelbogen”; with some reservations for when circumstances change during the year).
  7. The form to send a free-text message to the IRS is particularly idiotic (also see previous discussions for other problems): A reasonable form would have one page, with three fields, viz. identification number, subject, and body. The actual form has several pages, including requests for information like address, company address, data about a spouse, …
  8. Some of the problems (including the previous item?) could be explainable by a conceptual flaw: Instead of Elster being connected directly to the IRS (just like my online banking is connected directly to my bank), it is a “service” provided by another governmental organization that merely sends the data to the IRS in a manner similar to offline tools by third-parties. Without this conceptual flaw, a number of simplifications, e.g. with regard to data input and changes of address, would be possible.
  9. Elster is excruciatingly slow. For instance, to close the one form, open another, copy a value, close the second form, open the first form, and paste the value, takes ages. (And remember that it is not possible to have two forms open in parallel.) Even switching from the one page of the same form to the next, an operation that should be almost immediate, causes a very noticeable delay. (I never timed these operations, but on some occasions it might have been as much as ten seconds.) All in all, I spent several times longer waiting for Elster than I did actually interacting with it.
  10. The German tax system makes a great use of “Freibeträge”, amounts that the tax payer can deduct without e.g. providing receipts. In some cases, e.g. for relocation costs, this can be an advantage when the overall costs are small enough. In others, it is more or less fraud. Notably, there is a blanket amount that any employee can deduct for “Werbungskosten”*, which is painted as a great service towards the people—as if this was a tax break. In reality, it is nothing but an invalidation of all deductions smaller than this blanket amount: The overall amount of money needed by the government is not magically reduced, implying that the same money is collected through a higher overall tax rate. The blanket amount then merely means that “if you have Werbungskosten below this amount, you cannot deduct any Werbungskosten”, very similar to the deductible of an insurance policy. A further complication is that many with somewhat higher actual costs will not bother to state these costs—finding all** the receipts and making all the checks needed to claim, say, an additional 50 Euro will be more effort than is worth the trouble. To boot, this system is unfair in as far as even those with considerably lower Werbungskosten can use the full amount, causing a flow of money from*** those with higher Werbungskosten to those with lower…

    *I am uncertain what a good English translation could be. The general meaning is costs related to work and that only arose through work. Examples include e.g. special clothing (mostly blue collar) and professional literature (mostly white collar).

    **Note that it is not enough to find the receipts for those 50 Euro—the entire amount, blanket + 50 Euro, needs to be covered.

    ***Measured against the baseline of a sound deduction system. Compared to a system where Werbungskosten are not deductible at all, however, the flow still benefits the people with higher Werbungskosten.

    The true reason for this blanket amount is likely that the IRS wants to avoid additional work on its own end, notably checks of receipts* and the like.

    *However, the last few years, receipts have grown less important and are no longer collected by the IRS by default. Obviously, the tax payers still need to keep the receipts in case of e.g. an audit.

Written by michaeleriksson

November 2, 2018 at 8:27 pm

Posted in Uncategorized

Tagged with , , , ,

Follow-up: My recent problems with Unitymedia

leave a comment »

The situation around Unitymedia (cf. [1], [2]) remains extremely frustrating:

  1. My support inquiry is still unanswered, despite a reminder.
  2. I still cannot use the main Internet connection of my apartment.
  3. While I am able to use the hotspot functionality as a workaround, it is (not unexpectedly) considerably slower than my real connection used to be. To boot, there are continual, highly annoying interruptions, leading to e.g. SSH sessions dying and needing a restart, and “ping”* does not work at all. Not to forget: This type of access is inherently more dangerous than the regular use, because it is easier for a hostile entity to listen in on and/or manipulate the communication.

    *Neither does e.g. “traceroute”, and I suspect that the entire ICMP is blocked, which would border on the negligent, seeing that this protocol has an import role in ensuring correctness and efficiency of Internet communications. (Blocking just specifically ping is dubious, but might be somewhat excusable due to its occasional abuse for denial-of-service attacks. For me, however, the lack of ping is a major nuisance, since I need to keep an eye on a few servers, and ping is the best way to do this; especially when reachability problems can be either a server-side problem or a connection problem, as is currently the case.)

  4. The miserable web interface of the router* works better in the newly installed Chromium than it did in Firefox; however, the situation is not satisfactory: Approximately every second attempt to run the built-in trouble-shooting results in a long wait and then an unspecified failure; every second results in a long wait and the claim that everything would now be OK—while de facto everything remains just as broken as before.

    *I note that the router is provided by and is the property of Unitymedia, with the implication that problems, malfunctions, whatnot, are Unitymedia’s responsibility—not e.g. those of an independent retailer.

Written by michaeleriksson

April 1, 2018 at 7:24 pm

My recent problems with Unitymedia

with 2 comments

Incompetent and user/customer hostile businesses has been a recurring theme in my writings. My experiences with Unitymedia rank among the very worst, however.

Problems until recently were mostly limited to abusing my email address for spam. However, the developments in the last two weeks are utterly inexcusable. Even in a somewhat abbreviated listing:

  1. Visiting my apartment in Wuppertal for pre-sabbatical preparations*, where I have had an Internet connection from Unitymedia for almost a year-and-a-half, I find that the connection no longer worked. This after my only using it for a total of roughly two months, due to my long absences, and now that I finally was going to use it on a daily basis for the foreseeable future.

    *Cf. a previous post.

  2. I attempt to trouble-shoot through the web interface of the router—only to find that the web interface simply does not work with my Firefox. This without any messages as to why, no “please activate X”, or anything indicating that something was amiss—apart from things not working. For instance, a button that was to be pressed was not visible; for instance, after finding the invisible button and pressing it, nothing happened.

    This state persisted after I had verified that all the likely complications, including cookies, JavaScript, and images, where activated and functioning.

    Having limited time, I (temporarily) gave up and focused on other things.

  3. Back in Cologne, I tried to log in to the customer area of Unitymedia’s website. This was not possible, with repeated errors of

    Bad Request

    Your browser sent a request that this server could not understand.

  4. I also investigated Unitymedia’s WiFi hotspots*, hoping to use them as a work-around. This was fruitless, with no information easily found (but compare below).

    *Every (WiFi-)router is per default enabled as a hotspot for other Unitymedia customers, implying that they can access the Internet without extra cost when away from their own routers. (Assuming that another router is sufficiently close by.)

  5. I now contacted customer service per email, giving a detailed record of events and including my last invoice number (the customer number not being obvious from any of the information available in Cologne).

    The result was a pure boiler-plate email claiming that my customer account could not be found based on the data given—utterly absurd since I copy-and-pasted the invoice number. (And have subsequently verified that I sent the correct number.)

    Worse: This email committed many of the sins I discuss in a previous post, including altering the subject line and not including the original message—and added one entirely new: The sender was replaced by a “no-reply” address in an ongoing conversation. These are inexcusable in any context (cf. the linked-to post), but in an ongoing conversation?!?!? Effectively, I have to go back to a previous message and copy the recipient address from there in order to reply!!! An absolute and utter travesty of email use.

    Whether Unitymedia is just utterly incompetent or are deliberately trying to sabotage email communications*, I do not know. Either which way, this is so far beyond the acceptable that the decision maker should be summarily fired for this alone.

    *For some reason, many businesses appear to be extremely email adverse and/or view email as a pure one-way channel for them to send messages, mostly spam, to their customers. Common problems include hiding email addresses, taking any chance to ask the customer to call customer service instead, trying to divert customers to Facebook instead of email, … On a few occasions, I have even had emails to officially publicized addresses be given an automatic response of “please use our contact form instead”.

  6. I sent back further (redundant!) information, and now Unitymedia apparently did manage to find me. However, instead of addressing the issues at hand, a message amounting to “we tried to call you; please call us back” was given—something which is entirely pointless, seeing that I am not in Wuppertal at the moment… Worse: Going by the time the email was sent, I and most others would have been at work in the first place—if they had reached me (or whomever) it would have done no-one any good, making the phone call a waste of time. I had described the events in sufficient detail and without being in the presence of the router, there is very little else that I could reasonably have added or tried.

    To boot, I currently have no use for a cell phone and have let my pre-paid SIM expire. Apparently, however, someone who does not have a cell phone is not allowed customer service…

    Also to note: The information that I had additionally requested should have been given per email, not per telephone. If I had wanted information per telephone (extremely error prone), I would have called myself; I sent an email and both common sense and common courtesy requires a reply by email.

    Almost needless to say, this reply also committed all the above email sins…

    As an aside, there are quite large bootstrap problems involved by now: Almost any attempt to open a contract requires leaving a phone number and/or email address—quite often “and”; often specifically a mobile phone number. This even when there is no actual justifiable need; this even when the contract is for e.g. telephone services. When I moved to Düsseldorf in 2011 (?), for instance, the provider I first turned to for telephone and Internet services (Deutsche Telekom) required a pre-existing phone number to even leave the first screen of the process. We could be approaching a state where e.g. an immigrant simply is stuck, not being able to get basic services because he does not already have basic services.

  7. I replied correspondingly, including pointing to the fact that most of the checks Unitymedia should do could or even must be done without my involvement. (For instance, checking that everything is OK with my contract does not require my involvement; correcting errors in Unitymedia’s web pages must not involve me.) This email is still unanswered.
  8. Today, I had grown tired of waiting and not wanting to risk further delays, seeing that I only have the Cologne apartment (and the Internet connection there) until the end of next week, I installed Chromium*, hoping that this would work with the atrocious web pages of Unitymedia. Well, to some approximation, it did. After various hitches, including a password field that refused my securely generated password** and an incorrectly constructed confirmation email***, I finally managed to register and login in.

    *An open source version of Chrome.

    **The best approach to secure passwords is complete randomness. Restrictions like “must contain a digit” can be helpful in slightly protecting idiots who try to use “password” as the actual password, forcing them to move to e.g. “pasSw@w0rd”. However, the emphases is on “slightly” and these restrictions lower the security of random passwords. (Since they are no longer completely random.) The procedure of Unitymedia is made a mockery by insisting on a “security question”, which very, very significantly lowers the security of the password mechanism: A glass window next to a steel door. (The considerably better, even if not perfect, way is to have the ability to send an email with a “reset” link to a pre-defined email address.) As for the security question, I originally tried to use (approximately) “security questions are a bad idea” as the answer. This was rejected as invalid, with no indication of why. (Length? The spaces? After replacing it with a shorter, random string without spaces it worked.) Complete and utter idiots!

    ***The (HTML) email was so poorly written that it did not even render in my email client, appearing to be entirely empty; I was forced to save the email to a text file and to open it manually in a browser. The actually needed contents where several lines of text and a link; the actually provided contents were an order larger due to the inclusion of various information about who was the CEO and whatnot; the actual size of the HTML code was 61406 (!) characters, compared to 1657 for the actual text. (The latter, imprecisely, measured through copying the text from my browser and copying it into the Linux “wc” tool; the former not including several external images, which are incidentally a big “no no” when using HTML emails.) Running the HTML through tidy, a HTML validator, gave no less that 159 (!) warnings.

  9. After navigation through the visually horrifyingly designed pages, with their illogical structure, dodging repeated annoying and uninteresting messages that Unitymedia had wonderful new offers for me, and generally being on the very, very end of my patience, I finally found instructions for how to use the hotspots—with smart phones. A use with computers, even notebooks, is apparently not on the agenda (but I assume that the instructions are sufficiently adaptable that it will be possible).

    However, before use I had to activate the functionality, set a password, and whatnot. Before submitting the corresponding form, I clicked on the link for the Terms-and-Conditions—only to unexpectedly find myself looking at a PDF document within Chromium. I closed it to download and reopen it in a proper PDF viewer—only to find that the tab with my data was gone. (Apparently, the PDF had opened in the same tab.) I re-opened the tab and went back to the original page—only to find that the data I had entered were gone. At this point, I just gave up, wanting to save my blood pressure from a complete disaster.

    (This is of course only partially the fault of Unitymedia. Most of it likely falls on a weird default behavior from Chromium, which incidentally proved to be very frustrating and limiting in other regards too, e.g. in the use of annoying animations and filling the “new tab page” with a redundant Google search page, neither of which appeared to be possible to deactivate through the main settings.)

The web pages of Unitymedia could basically be used as an example for aspiring web designers of how not to do it. I will not attempt a detailed analysis (because that would require me to go back and look at them in corresponding detail, for which I have neither the time nor the patience). However, I do note especially on the visual side the need for excessive scrolling to reach any content, any screen typically containing just a few lines of text—and large, uninteresting images or large swatches of even less interesting empty space. Technically, they provide an excellent example of why Ajax/DHTML/whatnot are rarely a good idea and why it is almost always better to develop regular HTML pages, using vanilla forms, and possibly some very minor piece of JavaScript for some special tasks. Content-wise, the pages are confusing, making it hard for even a very experienced surfer to find the right information. By and large, I would liken the visit to trying to find useful product information in a supermarket flyer.

Written by michaeleriksson

March 22, 2018 at 5:31 pm

Eternal September? I wish! (And some thoughts on email)

with 2 comments

One of the most unfortunate trends of the Internet is that erstwhile standard procedures, behaviors, whatnot are forced out by inferior alternatives, as an extension of the Eternal September. Indeed, the point where even the Eternal September can be viewed with some nostalgia has long been reached:

The name arose through a combination of how, every September, the Internet would see a sudden burst of college freshmen, who still needed to learn how to handle themselves and who were an annoyance to older users until they had done so; and how the popularization of the Internet outside of college caused this inflow of unversed users to take place over the entire year. Even so, in the early days, the new users tended to be of over-average intelligence, tech affinity, and/or willingness to adapt—and many could still continuously be made to leave their newbie status behind. The problem with the Eternal September was its Hydra character: Cut of one head and it grew two new.

Today’s situation is far, far worse: There is no filtering* of who uses the Internet, be it with regard to intelligence, technical understanding, willingness to learn from more senior users, …; and, by now, the vast majority of all users are stuck in a constant newbie state. Indeed, we have long reached a point where those who have been on the Internet since before the problems became overwhelming** are viewed as weirdos for doing things the right way***. Worse: Websites are usually made for the “lowest common denominator”, with regard to content, language****, and interface, making them far less interesting than they could be to the old guard. This is paralleled in a number of negative phenomena on the Internet (and, unfortunately, IT in general): Consider e.g. how much less profitable it would be to spam a collective of STEM students than a random selection of the overall population, or how much less successful an Internet-based virus among the tech savvy.

*A formal filter, a legal restriction, an equivalent of a driver’s license, or similar, was not in place before the Eternal September either. However, Internet access outside of higher education was reasonably rare, and even within higher education it was far more common in STEM areas than in e.g. the social sciences. Correspondingly, there was an implicit filter that made it far more likely for e.g. a math major to have Internet access than for e.g. a high-school drop-out.

**The linked-to Wikipedia page puts 1993 as the start date in the U.S., but other countries like trailed somewhat. I started college in 1994 and the situation was reasonable for a few years more, before the Internet boom really started—after which is has been downhill all the way.

***Note that while there is some arbitrariness to all rules and there is usually more than one legitimate way to handle things, there is at least one important difference between the “old ways” and the “new ways” (even aside from the benefit of continuity and consistency, which would have been present with the old rules): The old ways were thought-out by highly intelligent people and/or developed by trial-and-error to a point where they worked quite well—the new are a mixture of complete arbitrariness; ideas by less intelligent and less experienced users, or even managers of some software company; attempts to apply unsuitable “real-world” concepts to the online world; … To this must be added the technical side: Someone who understands it, all other factors equal, is objectively better off that someone who does not—and less of a burden to others.

****Even Wikipedia, once an exemplary source of good writing, has gone downhill considerably, with regard to both grammar and style. (Notably, the “encyclopedic writing” aspect is increasingly disappearing in favor of a more journalistic or magazine style. I have long had plans for a more detailed post on Wikipedia, including topics like an infestation with unencyclopedic propaganda, but have yet to get around to it.)

A particularly depressing aspect, but great illustration of the more general problems, is the (ab-)use of email by many businesses, government institutions, and similar, who simply do not understand the medium and how to use it properly. No, I am not talking about spam here (although spam is a gross violation)—I am talking about everyday use.

Consider e.g.:

  1. That many businesses and virtually all (German) government institutions fail to quote the original text when replying and replace the subject line with something to the effect of “Your message from [date]”.

    The former makes it harder to process the message, in particular when a re-reply is needed, often forcing the user to open several other messages to check for past contents; the latter makes it much harder to keep messages together that belong together*, to find the right reply to an email, identify why a reply was sent**, etc. To boot, these problems likely contribute to poor customer service through creating similar issues on the other end, e.g. through a member of customer support not having all the information present without looking through old emails or some ticket system: Even if the information is there, access will be slower, more resources will be wasted, and there is a major risk that important information will still be missed.

    *Not only manually, but also through giving automatic “threading” mechanisms in email clients an unexpected obstacle.

    **When the original text is not included, this becomes even harder. In a worst-case scenario, when several emails were sent to the same counter-part on the same day (rare but happens), it might not even be possible to make the correct match—or only through comparing various IDs in the message headers. The latter is not only much more effort than just looking at subject lines, it also requires that all involved software components have treated them correctly, that the counter-part has used them correctly, and that the user knows that they exist…

    The explanation for this absolutely amateurish and destructive behavior is almost certainly that they have never bothered to learn how to handle email, and just unreflectingly apply methods that they used with “snail mail”* in the past. This is the more absurd since going in the other direction, and altering some snail mail procedures in light of experiences with email, would be more beneficial.

    *This phrase gives another example of how the world can change: Twenty years ago, I could use the phrase and simply assume that the vast majority of all readers would either know that I meant “physical mail sent by the post”—or be willing both to find out the meaning on their own and to learn something new. Today, while typing the phrase, I am suddenly unsure whether it will be understood—and I know that very many modern Internet users will not be willing to learn. I might be willing to give the disappearance of the phrase a pass: We can neither expect every phrase ever popular to continue to be so in the long term, nor the phrases of any group to be known in all other groups. However, the attitude towards learning and own effort is a different matter entirely.

  2. When messages are quoted, established rules are usually ignored entirely, especially with regard to putting the quote ahead of the answer and to intermingle quote and reply, which makes an enormous difference in the ease of processing the reply. Some tools, notably MS Outlook, more-or-less force a rule violation on the users… When quote and reply are intermingled it is usually not done in the established manner, with separating new lines and use resp. non-use of a “> ” prefix; instead, the new text is simply written straight into the old and separated only by a highly problematic* use of a different color.

    *Among the problems: The colors are not standardized. The result becomes confusing as to who wrote what in what order after just a few back-and-forths, to the point of making a lengthier email discussion almost impossible (whereas it was one of the main uses of email in the days of yore). It forces the use of HTML emails (cf. below). There is no guarantee that the colors will be visible after printing or a copy-and-paste action to another tool (notably a stand-alone editor). Not all email clients will be able to render the colors correctly (and they are not at fault, seeing that HTML is not a part of the email specifications). Generally, color should not be used to make a semantic differentiation—only to highlight it. (For instance, in the example below, an email client could automatically detect the various “>” levels and apply colors appropriately; however, the “>” signs must remain as the actual carriers of meaning.)

    To give a (simplistic and fictional) example of correct quoting:

    >>> Have you seen the latest “Star Wars” movie?
    >> No.
    > Why not?
    The one before that was too disappointing.

  3. Ubiquitous use of “no-reply” addresses: Anyone who sends an email has a positive duty to ensure that the recipient can reply to this email. This includes event-generated automatic messages (e.g. to the effect of “we have received your email” or “your package has just been sent”) and news letters. Either make sure that there is someone human able to read the replies or do not send the email at all.* This is not only an ethical duty towards the recipient, it is also a near must for a responsible sender, who will be interested in e.g. tracking resulting failures.

    *The exact role of this human (or group of humans) will depend on the circumstances; often it will be someone in customer service or a technical administrator.

  4. Abuse of email as just a cost-saver relative snail mail: There is nothing wrong with sending relevant attachments in addition to an email text, and in some cases, e.g. when sending an invoice*, even a more-or-less contentless email and an attachment can be OK (provided that the recipient has consented). However, some take this to an absurd extreme, notably the outrageously incompetent German insurance company HUK, and write a PDF letter containing nothing that could not be put in an email, attach the resulting file to the email, and use a boiler-plate email text amounting to “please open the attachment to read our message”. This, obviously, is extremely reader hostile, seeing that the reader now has to go through several additional steps just to get at the main message** and it ruins the normal reply and quote mechanisms of email entirely. To boot, it blows up the size of the message to many times what it should be*** and increases the risk of some type of malware infection.

    *This especially if the contents of the invoice are to some degree duplicated in the email proper, including total amount, time period, and due date (but more data is better). Writing an invoice entirely as a plain-text email is possible, and then the attachment would be unnecessary; however, there can be legitimate reasons to prefer e.g. PDF, including a reduced risk of manipulation, a more convincing and consistent visual appearance if a hard-copy has to be presented to the IRS, and an easier differentiation between the invoice proper and an accompanying message. (There might or might not be additional legal restrictions in some jurisdictions.)

    **Note that it is not just a matter of one extra click to open that one attachment that one time. Consider e.g. a scenario of skimming through a dozen emails from the same sender, from two years back, in order to find those dealing with a specific issue, and then to extract the relevant information to clarify some new development: If we compare a set of regular emails and a set of emails-used-to-carry-PDFs, the time and effort needed can be several orders larger for the latter. Or consider how the ability to use a search mechanism in the email client is reduced through this abuse of email.

    ***This is, admittedly, less of an issue today than in the past (but HUK has been doing this for a very long time…). Still there are situations where this could be a problem, e.g. when a mailbox has an outdated size limit. It is also a performance issue with regard to other email users: The slow-down and increase in resource use for any individual email will be relatively small; however, in the sum, the difference could be massive. What if every message was blown-up by a factor of 10, 100, 1000, …? What would the effects on the overall performance be and what amount of band-width and processing power (especially if spam or virus filters are applied) would be needed? For instance, the two emails at the top of my current mailbox are, respectively, an outgoing message from me at 1522 Byte and the reply to said message at 190 Kilo(!)byte—roughly 125 times as much. The lion’s part of the difference? A two-page PDF file…

  5. Use of HTML as an email format: Such use should, on the outside, be limited to recipients known both to handle the emails in a compatible manner and to be consenting: HTML is not supported by all email clients, and not in the same manner by all that do. It poses an additional security and privacy risk to the recipient. It bloats the message to several-to-many times the size it should be. It makes offline storage of the email more complicated. It makes it harder to use standard reply and quoting mechanisms. The risk of distortion on the way to the recipient is larger. … Notably, it also, very often, makes the email harder to read, through poor design.

    To boot, the reason for the use is usually very dubious to begin with, including the wish to include non-informative images (e.g. a company logo), to try to unethically track the recipients behavior (e.g. through including external images and seeing what images is retrieved when), or to make the message more aesthetic*. A particular distasteful abuse is some newsletters that try emulate the chaotic design of a commercial flyer or catalog, which often deliberately try to confuse the readers—either the newsletter senders are incompetent or they try to achieve something incompatible with the purpose of a newsletter**.

    *This is simply not the job of the sender: The sender should send his contents in a neutral form and the rendering should be done according to the will of the recipient and/or his email client—not the sender. Efforts to change this usually do more harm than good.

    **Most likely, but not necessarily, to use it as advertising. I note that while newsletters are often unwelcome and while the usual automatic addition of any and all customers to the list of recipients is despicable, the abuse of a newsletter for advertising is inexcusable: Many will consent to being or deliberately register as recipients because they are interested in news about or from the sender; and it is a gross violation of the trust placed in the sender to instead send them advertising.

    There are legitimate cases where a plain-text email is not enough to fulfill a certain use-case; however, they are rare and usually restricted to company-internal emails. For instance, one of the rare cases when I use HTML emails is when I want to send the tabular result of a database query to a colleague without having to use e.g. an Excel attachment—and even this is a border-line spurious use: In the days of yore, with some reservations for the exact contents, this could have been done equally well in plain-text. Today it cannot, because almost all email readers use a proportional font and because some email clients take inexcusable liberties with the contents*.

    *For instance, Outlook per default removes “unnecessary” line-breaks—and does so making assumptions that severely restrict the ability to format a plain-text document so that it actually is readable for the recipient.

    Of course, even assuming a legitimate use-case, it can be disputed whether specifically HTML is a good idea: Most likely, the use arose out of convenience or the misguided belief that HTML was a generic Internet format (rather than originating as a special purpose language for the Web). It would have been better to extend email with greater formatting capabilities in an ordered, centralized, and special-purpose* manner, as has been done with so many other Internet related technologies (cf. a great number of RFCs).

    *Which is not automatically to say that something should be developed from scratch or without regard for other areas—merely that it should be made to suit the intended purpose well and only the intended purpose. Some member (or variation of a member) of the ROFF-family might have been suitable, seeing that they are much closer to plain-text to begin with.

  6. A particularly idiotic mistreatment of emails is exemplified by Daimler and in recent discussion for another large auto-maker (which one, I do not recall):

    If an email is sent to an employee at the wrong time, e.g. during vacation, the email is simply deleted…

    The motivation given is absurd and shows a complete lack of understanding of the medium: This way, the private time of the employees would be protected. To make matters worse, the “threat” comes not from the outside but from a (real or imagined) pressure from within the company to always be available. In effect, Daimler has created a problem, and now tries to solve this problem through pushing the responsibility and consequences onto innocent third parties.

    Email is by its nature an asynchronous means of communication; and one of its greatest advantage is that the sender knows that he can send a message now, even outside of office hours or during vacation periods, and have it handled on the other end later. He does not have to consider issues like whether the recipient (if a business) is open or (if a person) is at home with his computer on. Moreover, the “later” is, with some reservations for common courtesy and stated dead-lines, determined by the recipient: He can chose to handle the email in the middle of his vacation—or he can chose to wait until he is back in the office. Whichever choice he makes, it is his choice; and if he chooses the former against his own best interests, well, then he only has himself to blame.

    By this utterly ridiculous rule, one of the greatest advantages of email is destroyed. To boot, it does this by putting an unfair burden on the sender, who is now not only required to re-send at a later and less convenient time—but who can see a number of additional disadvantages. Assume e.g. that the sender is about to head for his vacation, sends an important and urgent email, goes of the grid for two weeks, and comes back to see that his email has not even been read. Or take someone who writes a lengthy email and loses* any own copy after sending—should he now be required to re-type the entire thing, because of a grossly negligent policy of the recipient’s? Or what happens when employees in very different time zones or with very different vacation habits try to communicate with each other? Should the one work during his normal off-hours or vacation so that the other can receive the email during his time in the office? What happens if the notification** of “please send again” from company A is it self deleted by company B?

    *Disk crashes and accidental deletes happen; I have worked with email clients that do not automatically save sent emails; and, in the spirit of this post, not all users actually know how to retrieve sent emails that are saved…

    **Daimler apparently at least has the decency to send such notifications. I would not count on all copy-cats to follow suit.

    Want to keep your employees from reading company emails in their spare time? Do not give them email access from home or do cut it off during those times when no access is wanted! The way chosen by Daimler turns the reasonable way of handling things on its head—to the gross detriment of others. (This even assuming that the intended goal is legitimate: These are adults. We could let them chose for themselves…)

Written by michaeleriksson

January 5, 2018 at 12:54 am

Posted in Uncategorized

Tagged with , , , ,

Follow-up: On Firefox and its decline

with one comment

Since my post on the decline of Firefox, the developers have released another “great” feature, supposed to solve the speed problem compared to Chrome and other competitors: Electrolysis* (aka. e10s).

*I have no idea how they came up with this misleading name. Possibly, they picked a word at random in a dictionary?

This feature adds considerable multi-threading capability and detaches the GUI from the back-end of the browser, thereby on paper making the browser faster and/or hiding the lags that do occur from the user.

In reality? In one browser installation* (shortly after the feature being activated) I had to disable this feature, because it caused random and unpredictable tab failures several times a day, forcing me to “restart” (I believe the chosen word was) the tab in order to view it again. Even the tabs that did not need to be restarted only displayed again with a lag every time another tab had failed. The net effect was not only to make the browser more error prone, but also to make it slower (on average).

*I have several Firefox (more specifically Tor Browser) installations for different user accounts and with different user settings, including e.g. separate installations for business purposes, private surfing, and my WordPress account. This to reduce both the risk of a security breach and the effects of a breach, should one still occur. As for why the other installations were not affected, this is likely due to the roll-out manner used by Firefox of just activating a feature in existing installations, based on an installation dependent schedule, instead of waiting for the next upgrade. Presumably, all the other installations had received upgrades before being hit by the roll-out. (This approach is both ethically dubious and a poor software practice, because it removes control from the users, even to the point of risking his ability to continue working. What if something goes so wrong that a down-grade or re-install is needed—with no working browser installed? This is very bad for the private user; in a business setting, it could spell disaster.)

Today, I had to deactivate it in another installation: After opening and closing a greater number of tabs, Firefox grew more and more sluggish, often only displaying a page several seconds after I had entered the tab, or showing half a page and then waiting for possibly 5–10 seconds before displaying the rest. This for the third time in possibly a week after my latest upgrade. (I would speculate on some type of memory leak or other problem with poor resource clean up.)

I note that I have never really had a performance problem with Firefox (be it with pure Firefox or the Tor Browser*) before this supposed performance enhancer, possibly because I use few plug-ins and have various forms of active content (including Flash and JavaScript) deactivated per default—as anyone with common sense should. This makes the feature the more dubious, because it has (for natural reasons) taken a very large bite out of the available developer resources—resources that could have been used for something more valuable, e.g. making it possible for plugins like “Classic Theme Restorer” to survive the upcoming XUL removal.

*Not counting the delays that are incurred through the use of Tor. I note that Tor is a component external to the Tor Browser, and that these delays are unrelated to the browser used.

Unfortunately, the supposedly helpful page “about:performance”, which was claimed to show information on tabs and what might be slowing the tabs down, proved entirely useless: The only two tabs for which information was ever displayed were “about:config” and “about:performance” it self…

Oh, and apparently Electrolysis is another plugin killer: The plugin makers have to put in an otherwise unnecessary effort in order to make their plugins compatible, or the plugins will grow useless. Not everyone is keen on doing this, and I wish to recall (from my research around the time of the first round of problems) that some plugins face sufficiently large obstacles that they will be discontinued… (Even the whole XUL thing aside.)

Now, it might well be that Electrolysis will prove to have a net benefit in the long term; however, we are obviously not there yet and it is obvious that the release(s) to a non-alpha/-beta tester setting has been premature.

Written by michaeleriksson

November 6, 2017 at 11:02 pm