Michael Eriksson's Blog

A Swede in Germany

Posts Tagged ‘web design

WordPress and its user-hostile administration area

leave a comment »

And don’t you believe it: The morons from WordPress still managed to introduce links where they do not belong, despite use of quotation marks.

Advertisements

Written by michaeleriksson

April 8, 2019 at 11:08 am

WordPress and its user-hostile administration area

with one comment

As I tried to refresh a page from my WordPress account earlier today, I found that I had been logged out.* More specifically, I was forcefully lead to (what I assume was) a log-in page that simply did not work or show anything useful, but which complained about a lack of JavaScript. (No, activating JavaScript did not help.) After digging around, I found a log-in page that did work, logged in—and found myself in some version of the administration area that did not even slightly resemble what I was used to, and which simply did not work—with or without JavaScript activated. Problems included incomplete displays, “my sites” simply not being found, and (browser-side) warnings about a possible XSS** attack by a “doubleclick.net” address***.

*Having a dedicated user-account and browser for WordPress, I have no qualms about never logging out manually. Automatic log-outs, on the other hand, are so rare that I cannot even recall the previous time that it happened (or whether I had similar problems back then).

**Cross-site scripting: Roughly speaking, an attempt to cause mischief for a user by including JavaScript from one site into another, in order to circumvent the user’s and browser’s security controls/checks/awareness/whatnot.

***Presumably, a part of Google’s advertising efforts that still carries the name of the former “DoubleClick” brand. The alarm is likely a false positive to the degree that this is almost certainly is not caused by an illegal activity; however, (a) users are still better off without it, e.g. for privacy reasons, (b) the integration into the WordPress pages is obviously not done sufficiently well.

After wasting five to ten minutes trying this-and-that, I contemplated simply foregoing WordPress entirely and effective immediately*, but resorted to a last ditch attempt: One of my old tabs contained a page from the (familiar) admin area. I copy-and-past-ed** it into a new tab, and things suddenly worked as they should.

*WordPress sucks, and I have long-standing plans to move away anyway. However, time constraints and the many other things that I do has postponed this ever again.

**Just re-loading would likely have worked equally well, but keeping the old tab intact gave me a better chance at a second attempt, should something go wrong.

The difference is likely that this link already led to the blog specific admin area, which still works as it should; while what was served after log-in was a user account admin area.* Should the above happen to you (or me, at a future time): Look at the URL. If it begins with “https://wordpress.com/me”, you are probably stuck in the user level area, and you should try to get to the blog area, which will begin with “https://michaeleriksson.wordpress.com/”**. The “dashboard” of the blog administration can then be found under “https://michaeleriksson.wordpress.com/wp-admin/index.php”**, from where other parts of the administration can be found. (In all cases, with reservations for future changes.)

*There can be more than one blog associated with each user account.

**For my main WordPress blog. Please substitute your own blog name/address as appropriate. Also see excursion below.

Excursion on WordPress, incompetent handling of post-by-email, and how this can influence a text:
I have written repeatedly of how WordPress handles post-by-email incompetently, e.g. through introduction of artificial links. This text provides a good example: without the quotation marks around “doubleclick.net” above, it might have been mangled into “http://doubleclick.net” and turned into a link, which is not only contrary to the purpose of use above, but could also be highly confusing to the reader. Knowing of this issue, I resorted to add quotation marks where I would not normally have used them.

The use of e.g. “https://michaeleriksson.wordpress.com/” above is yet another example of why WordPress handles links poorly: I do not intend to link—only to make a statement of how a link would begin. Indeed, going directly to this address would show the published blog—not the administration area. (But here, I would have used quotation marks anyway, because I discuss strings.) Further, “https://michaeleriksson.wordpress.com” would normally have called for a use of place-holders, e.g. in that I had replaced “michaeleriksson” with “[your blog]”. I refrained from doing so, because I see at least a risk* of mangling.

*I have made good experiences with quoting, which seems to protect the text, but if I find an exception I would need to research a work-around, edit, and/or re-publish the text, which would cost me time and energy. To boot, this would involve a delay and inconsistent texts being sent to subscribers. Better then to take the safe road.

Written by michaeleriksson

April 8, 2019 at 11:04 am

Follow-up II: Some more experiences with eCommerce and poor web-design II

with one comment

As a further follow-up to recent writings ([1], [2], [3]) I have to categorically advice to stay away from Cyberport. What has transpired here is so Kafkaesque as to stretch the believable.

I placed my order on the 26th March, received an email request for choice of alternate payment methods on the 27th, and immediately replied. After having received no reaction by the 29th, I sent a reminder and additionally set a deadline for the 1st of April. On the 1st, I received an email incorrectly claiming that I had not replied to the request from the 27th, with no indication that my reminder from the 29th would be known either. I immediately replied, quoting my previous emails and requested an immediate resolution.

Today (i.e. the 2nd), I received what amounts to the same email again—and again with no acknowledgment of any of my replies and reminders.

I note that I have had no email problems on my end, including no error messages, no bounces, no indications that other recipients would not receive their emails, …, and must conclude that Cyberport has a severe email problem on its end, is unable to perform even the most basic customer service actions, and/or is deliberately* doing something inexcusable.

*I tend to apply Hanlon’s Razor, but it is noteworthy that the 1st of April is involved. Combine this with an individual employee with an inexcusable attitude, and it is not impossible.

I have now unambiguously rescinded my order.

Excursion on computers:
In parallel, I have looked for alternative providers. Apart from the problems of finding OS-free computers and an online store with reasonable payment options, I am puzzled by the current price and “bang for the buck” levels. It has been quite some time since I last followed price developments, but there does not appear to be a significant price advantage for desktop computers anymore (despite the savings on the display, keyboard, whatnot, and from the lesser need to keep things small). Very many systems sell for absolutely astronomical prices*, probably because the desktop market has been skewed towards very high-end gaming computers. The cheaper systems, on the other hand, have considerably worse** specifications than I would have expected from the standards and trends from, say, five years back (when I was much more up-to-date).

*Often upwards of two thousand Euro, quite often upwards of one thousand Euro—are we back in the 1990s?

**Many systems have dual-cores below 3 GHz. None of the cheaper systems (and far from all of the more expensive) have 16 GB of RAM, many fail to have even 8 GB, and I have even seen some with a measly 2 (!) GB. As a comparison, my 2012 desktop had 2 GB, and was not a very expensive one. By Moore’s Law, I would have expected 16 and 32 GB to dominate even among the lower end systems.

Excursion on shelves:
After Bauhaus’ failure, I visited some other websites, and found that of competitor Hornbach to be much more user-friendly. It, too, suffers from excessive reloading, but is so much faster that this is acceptable (but still not ideal). I have replaced my Bauhaus order with a roughly equivalent one from Hornbach. (The payment options were similarly weak; however, I decided to risk prepayment, seeing that Hornbach, unlike e.g. Cyberport, is well-known, “brick and mortar”, and has a history that goes back decades.)

Written by michaeleriksson

April 2, 2019 at 1:47 pm

Follow-up: Some more experiences with eCommerce and poor web-design II

with 2 comments

I recently wrote of my negative experiences with Bauhaus [1] and eCommerce, including the inexplicable payment problems.

I have now received an email answer from Bauhaus to my request for a solution to enable the purchase despite the technical problems caused by Bauhaus. This answer is depressing and shows a complete disregard for customer interests, leaving me with a grand-total of possible two hours* of time wasted with nothing to show for it—and, yes, I was too optimistic in ascribing the behavior to an unintended technical problem.

*Including the phase two weeks ago described in [1], but not including the time spent writing texts. The single order that failed might have taken around an hour, including browsing the catalog and working with the abysmally slow website.

I will certainly never use Bauhaus again, not even the physical stores, unless it backs down from this customer-hostile stance. Factoring in the extreme slowness of the website, I can only encourage others to avoid it. I note that Bauhaus’ website has by now cost it the chance at orders over thousands of Euro of products and services (most of it relating to events in [1] prior to the current order). The issue is the more annoying, because I basically had already decided against using Bauhaus for any of the intended orders (cf. [1])—I made the mistake of still ordering the shelves from Bauhaus and was immediately burnt.

To quote pertinent parts*:

*A few minor manual corrections were necessary after copy-and-paste, since Bauhaus appears to have used non-standard characters or encoding. Reservations for undetected problems caused by this.

Bei jeder Bestellung erfolgt eine automatisierte handelsübliche Prüfung der Adress-und Bestelldaten, auf die wir keinen Einfluss haben.

Die angebotene Zahlart ist abhängig von verschiedenen Faktoren.

Abhängig von Warenwert, Größe und Gewicht der Artikel sowie der Kategorie der Artikel stellt Ihnen der Online-Shop eine Auswahl an Zahlarten zur Verfügung.

Wir behalten uns nach dieser Prüfung vor, bestimmte Zahlungsarten im Rahmen des Bestellvorgangs auszuschließen.

Translation (with reservation for the correctness of terms of trade):

For every order, an automatic customary-in-the-trade (“handelsübliche”) check of address-and [hyphen present in original] order data is made, on which we have no influence

The offered payment methods depend on different factors.

Depending on the value of the goods, size and weight of the article and the category of the article, the online-shop gives you a selection of payment types.

We reserve the right to, after this check, remove specific payment types from the order transaction (“Bestellvorgang”).

This might have been acceptable in principle, had the payment options not already been offered. Filtering out the options before the user makes a choice could be OK, but doing so after he has already started choosing, and then choosing based on faulty premises, is inexcusable. To boot, there was no prior information that this might take place and no obvious means to make a preliminary check—to avoid spending all that time waiting on and searching on the uselessly slow website.

Further, either I was filtered out based on flawed criteria* or a very large proportion of the users will meet similar problems. I note that while some type of credit or similar check is not unusual, it is usually very explicit** and to speak of “customary” (“[handels]üblich”) for whatever checks Bauhaus used is extremely dubious.

*My credit rating should be flawless and not an obstacle. I also do not recall having given an authorization to perform a credit check, implying that this would boil down to me living in the wrong place (“address”)—if so, intolerable. The order value was small (possibly, around a 150 Euro) and would not be a legitimate cause for concern. The size and weight might have been well above average, but there is no obvious legitimate reason as to why this should have affected the payment methods. Further, both the value and size/weight were known before showing payments methods, and (for what should be a strictly internal check) it cannot be justified to not make the corresponding check in advance.

**E.g. in the form of a request to do a credit check or, for invoicing, a request to send data to a separate service, e.g. Klarna. I note that doing such a check without my consent would involve an illegal use of my data.

Also note that there was no indication of any connection to a check made in the messages displayed, including no mention of credit rating, size, weight, whatnot having had an impact. On the contrary, the impression of a Bauhaus wide restriction for everyone is created. This gross miscommunication is a further time waster.

As for the Cyberport issue discussed in the same text: Cyberport had per email requested that I state my preferred other payment options. I did so on the 27th (same day) and requested further instructions, due to the vagueness of the request. I am still waiting on a reaction from Cyberport. (But note that a lack of reaction within, at the time of writing, 46 hours need not indicate a major problem. It still compounds the delay, however. Even if Cyberport eventually honors my order, it will arrive at least three times later than originally indicated.)

Written by michaeleriksson

March 29, 2019 at 7:16 pm

Some more experiences with eCommerce and poor web-design II

with 4 comments

Sometimes, I feel like tearing my hair out—fortunately, what little is left is cut too short to get a good grip…

Prior to and after writing the previous installment ([1]), I tried to use the German Bauhaus for some major purchases for and/or some works on my apartment, having made good experiences as a minor customer in the physical stores. This included replacing my (awful) current kitchen.

For this purpose, about two weeks ago, I brought home a 1500-page catalog, which I assumed would be extremely helpful in preliminary planning, both with regard to what I wanted to do/buy and whether Bauhaus was a suitable partner for the task. This turned out not to be the case, because (a) large parts of my interests were not covered sufficiently (including that much of the kitchen products that they do have were not present), (b) almost all products that I checked (and actually found…) lacked a price. Instead of a price, there was a lowest-price guarantee—if I found the same product cheaper somewhere else, Bauhaus would give me an even better price. But what help is that when planing?!? When it comes to areas like furniture, house-hold appliance, and whatnots, prices between products in the same category can easily vary by a factor of ten, with a much smaller variation in quality. For my purposes, a current-price-with-reservations-for-changes would have been much more helpful than a lowest-price guarantee. I suspect that the same applies to most other customers, who will not decide on a certain product (“it’s just diviiine”) and then compare prices.* Instead they will look at products of a certain type and compare them—with price, it self, being one of the most important criteria.

*There might be some few that do decide before knowing the price, e.g. because they are very rich or lack price consciousness. But: Are those very likely to compare prices or look for lowest-price guarantees? They might not care about the missing price, but they have little benefit from the price guarantee either.

I tried to compensate for this by also looking at the associated website—slow as molasses, dependent on JavaScript, and guilty of the filter-change-causes-reload issue discussed in [1]. It was so horrible that I gave up and decided to use Bauhaus only as a fallback for the major buys/works, in case the many competitors did not work out.

Early this morning, I spent some time browsing the catalog, just in case, and decided that I could at least use Bauhaus to order some shelves (prices were usually present…), and I went to the website to look in detail at what was present and what matched my intended measurements. Here the many search criteria (including dimensions and material) really came in handy. The speed remained agonizing low, however, mostly due to the filter-change-causes-reload issue,* and interesting products often turned out not to be currently available or not available in the online store… I was sorely tempted to just give up; but decided to push through, seeing that I had postponed the shelves for close to a year already.

*Cf. [1] where this was less serious due to the very limited number of criteria. Here a greater number of criteria were present, I wanted to apply several of them and had to wait again and again: Max width—reload. Min width—reload. Min height—reload. Max price—reload. More specific product type—reload. Reduce to a certain brand—reload. Try another brand—reload twice. (Once to deselect the first brand; once to select the next.) Etc. Note that the great number of products made the alternative to filtering an even slower manual check of hundreds of items.

I made my choices, entered all my data, proceeded to pay, and … payment turned out to be impossible! I first tried my credit card, ran straight into 3D-Secure* hell, and opted to go back to try something else. Lastschrift* was offered, I clicked on the corresponding button, and was immediately met with a message to the effect that “we cannot offer this payment method at this particular time”. Odd: Two seconds ago, you claimed that you could! Next attempt: Invoice. I clicked on the button—and was met by the same absurd message! I tried to go back for something else, but found nothing that was usable. (I do not recall the exact options, but one was “gift card”, which is useless for someone who does not already have a gift card**…)

*See below discussion for more information on some payment methods.

**To which can be added that gift cards make lousy gifts: Never buy them, never use them as gifts. (I know that I have written something on this before, but I cannot find it on short notice. The gist: Gift cards lock money up to the advantage of the merchant. The customer is better of with regular money.)

To boot, these messages are hard to explain technically: There might be some odd case where a payment with Lastschrift is not possible, because a service provider somewhere has a technical issue; however, this should be very rare and would require a more reasonable error message. For invoice*, on the other hand, there is no excuse that could reasonably apply, short of an internal problem that made more-or-less any purchase impossible—which should then be explained well in advance.

*Yes, there are some sites that use an external provider to check the credit-worthiness of the customer before allowing invoice purchases. No, this is not a valid excuse—if this had been the case, Bauhaus should have accepted the (small) extra risk, rather than refusing the customer. To boot, most setups would likely have this check and Lastschrift independent of each other, which reduces the risk of a simultaneous error considerably.

This evening, I came home to find that Cyberport (cf. [1]) had refused to accept “invoice” as means of payment—after the fact and without voicing any type of complaint at the time of my original order.

To boot there was no good information on how to proceed, just a list of alternate payment methods, most of which are problematic or out of the question entirely (and which well illustrate the problems with online payments):

  1. Nachnahme (roughly, cash on delivery): Comes with a 6.90 Euro surcharge*. This is payable by the recipient of the package, although the sender is the beneficiary. The sole benefit for the customer is that he can be assured to have received his package at the time of payment, but, unlike e.g. invoice/credit-card/Lastschrift (cf. below) he has no additional recourse if the contents of the package are faulty.

    *If using DHL at the time of writing, according to official information. Other providers might have different fees; and fees change over time.

    To boot, this applies per package and is outside the control of the recipient: If the sender decides to split an order into more than one package, the recipient has to pay this fee multiple times.

    As an aside, there are legal restrictions to the degree a merchant can enforce fees on means of payment towards the customer. Whether these apply to Nachnahme is, unfortunately and in my understanding, untested—and without a legal block, the customer is still stuck with paying the fee that by rights should be paid by the merchant.

  2. Credit card: This used to be a wonderful means of payment. Today, there is a considerable risk that 3D-Secure* (or a similar mechanism) is used, which leads to a very high error rate and/or requires additional technology (e.g. a smart-phone), and increases effort considerably to boot. (See parts of [2] for why 3D-Secure is a negative for the customer and brings benefits only to other parties.)

    *I am still waiting for feedback as to whether Cyberport uses 3D-Secure.

  3. PayPal: Apart from the extra effort to create an account and whatever might apply, I have heard so many* stories of abysmal customer treatment or even outright fraud** from PayPal that I would not even consider opening an account there.

    *I used to work for a competitor of PayPal’s. During this time, I read a fair bit about the competition and heard quite a few “trade” stories. There are entire websites dedicated to this topic.

    **In the characterization by the customer. I have not investigated the actual intent behind the events, but the mere fact that customers are lead to such characterizations point to business methods that are, at best, negligent of the customer’s rights and interests.

    (I am uncertain what rights the customer has when having paid for undelivered or faulty merchandise. If these rights are weak, this is an additional issue.)

  4. Sofortüberweisung: An idiotic, unethical, and by rights illegal* “service”, which forces the customer to hand log-in information to his online banking to a third party**—in gross violation of both common sense and the typical terms and conditions* of the bank. I would never, ever, resort to this absurdity.

    *In my understanding, a very regrettable law change has made this type of approach legal and required banks to change their terms and conditions to allow it. The motivation (IIRC) was something along the line of allowing competition—the rights of the customer were not mentioned with one word. Much better would have been to crack down heavily on such abuse and to make clear that an account (be it bank, computer, service, …) holder must never be forced to give out such information.

    **Who then logs in to his banking, transfers money, and tells the merchant that the transfer was successful.

    (I am uncertain what rights the customer has when having paid for undelivered or faulty merchandise. If these rights are weak, this is an additional issue.)

  5. Vorauskasse (advance payment): Because the customer pays in advance, he has no protection against fraud and he is left to the whims of the merchant in case of problems.

    I have used it myself and got burnt by Beyer. I would only use it again if I trusted the merchant—never for a first buy, as with Cyberport.

  6. Giropay: A means of payment provided by the banks that provides a similar functionality to Sofortüberweisung, but does so in a manner that respects the users rights, does not drastically reduce security, and is compatible with the interests of the bank. (In fairness, there have been some concerns about sharing of non-login data, e.g. addresses, with the service provider in a non-transparent manner.)

    A decent protection of the customer is (IIRC) present in the case of undelivered or faulty merchandise, but I am vague on the details.

    I would be willing to use this, but have so far never had the opportunity, and I cannot vouch that it usually works technically.

What is not on the list is what non-negotiably should be present—the German gold-standard of payments: Lastschrift.*

*This allows the merchant to transfer the amount in question directly from the customers bank account, while the customer has the right to cancel incorrect transfers after the fact. The result is quite close to a credit card without having to have a credit card. (But without an actual credit, obviously.) While it might sound dangerous at first glance, it actually works quite well.

Written by michaeleriksson

March 27, 2019 at 11:49 pm

Some more experiences with eCommerce and poor web-design

with 5 comments

Since I have spent (and intend to continue to spend) a lot less time traveling, I have just ordered a desktop computer to get more comfort over my laptop.

This provided several good illustrations of how poorly thought-through many web-shops are.

For instance,* during the actual order stage, I found that copying my VAT-identification into the corresponding field led to an unspecified error—allegedly, something was wrong, but no word was given as to what. A bit of experimentation revealed that because I had not typed the VAT, the field did not recognize that an entry was present… This is idiotic on at least three counts: Firstly, this is the type of information that should be copied as a matter of course, to reduce the risk of accidental errors (and work needed). Secondly, a good developer would not have let himself be fooled by something like that.** Thirdly, a reasonable error message should have been given, e.g. that a mandatory field was empty. This would have made the error search much faster and would have avoided red herrings like a syntax error or an accidental copying of the wrong value (or an incomplete copying of the correct value). The error message displayed also showed the design error of appearing (only) at the top of the page, instead of next to the field. This was especially bad because the top of the page was not visible without scrolling when the field was visible… (However, at least the field was actually marked red, so that the user knew to search for an error message—I have seen even this be left out on some other sites.)

*At http://www.cyberport.de

**Most likely, a heuristic was used that “if the user has typed something, the field is not empty”. This is highly naive and the (easy) check whether the field actually was empty would be much better.

Similarly, there was one of those idiotic* “please re-type your email address” fields. Of course, I just grabbed the original entry and pasted it—and nothing happened. Apparently, instead of realizing that this type of field is an idiocy, the designer had decided to block copy actions to force a re-type. To boot, this was done without any discernible error or warning message.

*Email addresses, too, are best copied from a fix source—not typed. If it is copied, there is no risk of a mistype and the “re-type” field is a pointless time-waster. Most non-copiers will likely rely on auto-complete, which will almost always either give the correct result or the wrong result twice. Again the “re-type” field is a pointless time-waster. For those who do type, the clear majority can be expected to either type and double-check sufficiently carefully that the address is correct in the first field, while those who do commit an error will usually do so due to a memory error, which will usually be repeated in the “re-type” field… Again, this field is a pointless time-waster. (A better approach could be to e.g. put a warning text next to the first field, to indicate the communication problems that could ensue if the address is mistyped and “please double-check it”.

Earlier, I had visited a number of category pages from one of Germany’s most popular physical electronic stores.* This with an eye on looking for other things that might be interesting, the store(s) having a very wide selection of products, be it on- or off-line. Not only did I have to jump through hoops to get to these pages,** but once there, they were all empty… Whether this was due to an internal error or an unprofessional reliance on e.g. Google***, I do not know. What I do know is that I wasted a fair amount of time, bought nothing, and definitely will not return in a hurry.

*Conrad resp. http://www.conrad.de

**There were usually several clicks and a lot of scrolling needed (instead of the one click that should have been needed), because the original links did not lead to the category pages—but to information pages that contained a link to the real category page somewhere towards the bottom.

***Google (and a few other companies) provide extensive APIs that can facilitate web-development. For an online store, it should be a given that these are installed locally. However, some developers fail to do so, and instead rely on versions running on Google’s (or whoever’s) servers. This brings problems both with reliability and user privacy, and I have blocked some of these servers to protect myself from privacy violations.

The search criteria in several stores were abysmal*, missing even basics like the ability to filter computers based on e.g. OS (specifically, no** OS), amount of RAM, and similar. Typical sets of criteria were brand (rarely interesting***) and price (interesting, but not enough) and possible something else of lesser import (e.g. whether shipping could take place now or only in two days time). This resulted in result lists of dozens to hundreds of entries that had to be manually filtered. (With the effect that I looked through the first one or two pages, foregoing the many entries on later pages entirely…)

*Including http://www.cyberport.de

**As a Linux user, I do not want to pay extra for a Windows installation that I am just going to remove later. Of course, even among those content with a pre-installed OS, the question of which OS is often quite important. As an aside, the proportion of computers that still come with a pre-installed Windows is depressing—the year is 2019, not 1999, and it should be a given that a Windows installation is optional.

***While some might have a brand preference, it is usually far more important what characteristics the computer has, and in those rare cases where someone is justified in looking at the brand first, he would be better of going directly to the manufacturer website (for research, if not for the actual purchase; of course, after research, he could just search by product number and would never need the brand). A possible exception is a means to exclude some brand; however, this was never present. (Except by selecting all brands, and then de-selecting the one—with possibly disastrous time waste as the result. Cf. immediately below.)

A particular annoyance was the slowness that came through attempts to be interactive—confirming my observation that the more interactive and “helpful” a website tries to be, the slower and less helpful it tends to become. Notably, changing any filter setting leads to an automatic re-load, which implies a re-search or re-filtering server-side, which implies a considerable delay until the page is available again. However, it is rarely the case that the user only wants to change one filter setting,* and it would usually** be better to have him toggle the reload manually after making all changes. Consider e.g. prices on http://www.cyberport.de: Per default, they ranged from a few tens of Euros*** to many thousands. Naturally, I wanted to trim both values to, respectively, ensure that I got something actually usable and did not pay a fortune for something I did not need. However, to trim the range to e.g. 200–500 Euro, I had to change two filter settings. Both caused a reload with a significant loss of time.****

*Unless, obviously, the number of settings is too limited to begin with…

**One exception is when the one choice alters what other choices are available. This was not the case on these websites, however. (And when it is, it is usually better to pre-load such alterations in a manner that allows a client-side change of filter options without reloading the actual results from the server.)

***Presumably, either non-computers misleadingly put in the computer category or extreme mini-computers (Raspberry PIs or similar).

****To boot, the settings were not even input fields, but some type of weird bar, where the user had to move the ends of the bar until approximately the intended values appeared.

Excursion on email:
While a bit off topic, I note that Cyberport provided yet another example of the grossly unethical practice of not having a means to provide an email address without also consenting to spam, insteading forcing the user to revoke consent at a later time. (Of course, not providing an email address at all is not an option.)

Written by michaeleriksson

March 26, 2019 at 9:37 pm

Follow-up: The misadventures of a prospective traveler

leave a comment »

Recently, I had great problems booking an airplane ticket to Sweden, ultimately resorting to using a travel agency, which required both an unnecessary fee and a trip on foot.

For my return to Germany, my seasoned-traveler father booked the ticket from his computer.* While this worked in one go, the service that he ended up using (“supersavertravel”) was abysmal: The entire interface seemed geared at one thing and thing only—to coerce the user into buying expensive additional services that he did not need. This to the point that it was necessary to explicitly decline these many services and to do so individually—no, I do not want a hotel; no, I do not want extra insurance; no I do not want a rental car; no, …; no, …; no, …; no, …; no, …; no, …; no, …; no, …; no, …; … I even seem to recall (but could be wrong) that there was an additional query after submit along the lines of “You have not chosen this-or-that. Are you really sure that this is deliberate?”… Utterly inexcusable was the checkbox to decline spam: Where more main-stream businesses use a checked checkbox to imply “I consent to be spammed”, here the user needed to check the checkbox to decline spam…** The confirmation email, unsurprisingly, contained much more advertising and attempts to bring unneeded services to my attention than it did confirmation…***

*I had left my own computer in Germany in order to travel lightly; and only bought a one-way ticket to Sweden, because I did not know how long I needed to stay.

**Implying that the main idea almost certainly was to trick users into making the wrong choice.

***This in stark contrast to EuroWings below, where the confirmation email was informative, to the point, and did not even abuse HTML for the email text. (Portions of [1] contain some discussion of why HTML has no place in emails.)

A second trip turned out to be needed.* I tried EuroWings again, and this time everything actually worked.** However:

*My mother’s old house is being sold, and the time needed to sort through my own old books and whatnot turned out to be much longer than I originally thought.

**Contrast this with the original text. This time, I made sure to pay by credit card (3D-secure was not needed) instead of invoice. I do not know whether the old issue was a temporary server-side problem, a problem with a workflow somewhere, or whether there is some problem relating to invoices that I now ducked. (Regarding workflow: In my experience, most QA checks tend to run through fairly straight-forward scenarios, meaning that a scenario that involves the user e.g. going back to a previous step, responding to a validation error, actually reading the T-&-C’s, whatnot, is often left untested. These scenarios, however, are disproportionately likely to cause errors—especially when Ajax and other “state sensitive” technologies are used.)

  1. EuroWings too tried to advertise additional services, if far fewer, in a manner that detracted considerably from usability and prolonged the process unnecessarily. Unlike with “supersavertravel”, they were all opt-in, but it would be so much better if they were all collectively moved to a separate and skippable step, especially since they will only ever be interesting for a small minority of the customers. (Be it because they have no need, already have made other arrangements, would lose points with some program by booking/buying somewhere else, …)

    Hotels are a potentially odd area. In the specific context of a flight, admittedly, I can see many cases where it would be helpful to “co-book” a hotel. However, hotels are offered more-or-less everywhere, including for e.g. train-travel. In most of these cases, booking a hotel together with the means of travel turns the reasonable workflow on its head: It is usually the hotel, not the means of travel, that is the bottle-neck, and a reasonable workflow would then involve finding and booking a hotel first and finding means of travel second.

  2. Integrating a please-do-not-spam-me checkbox in the main pages would be trivial. Nevertheless, declining spam is only possible through visiting a separate page. On this page, moreover, the email address has to be added redundantly and manually, and it could be (depending on internals and the exact steps used by the customer) that the spam rejection only takes effect after the fact, e.g. in that the one click somewhere activates an unethical implicit consent to spam, while the other page only revokes this consent. This would leave a window of abuse open.

    Frankly, this is so common that legal measures are necessary: It must by law be forbidden both to use implicit consents and to require explicit rejections for any use of personal data (in general, but the more so for email data) that is not central to the process for which the data was provided. This, notably, from the customers perspective—not the data collector’s. (For instance, the data collector might see sending a news letter with advertising as a central part and having to send a confirmation email as an annoying negative, but for the customer it is the other way around.)

  3. There are potentially redundant entries for email, including one for the actual transaction and one for please-notify-me-in-case-of-delays. It would be better to keep them as one per default (if in doubt by automatically filling the one with the other and allowing a manual change). Further, the entries are likely made in the wrong order for most users, with a non-mandatory entry of please-notify-me-in-case-of-delays on one page and the mandatory actual transaction address on a later page. Further, the former came with a pop-up upon submit that urged me to fill in this non-mandatory field anyway—which seems more like fishing for email addresses than an attempt to provide a service.

    Why had I left the email address out? Well, I knew from my earlier attempts* that if I did provide an email address for notifications, then I would also be forced to provide a cell-phone** number—absolutely idiotic.

    *The attempts in general are described in the original text, but details like the above were left out.

    **Note that I currently do not even have a cell-phone. Also note that cell-phones too can be abused for spam (through SMS).

Written by michaeleriksson

February 25, 2019 at 1:08 am