Closer To The Ideal

Apparent Software has suffered an encounter with the abusive anti-fraud squad at PayPal. I’ve personally had an experience that exactly matches their story. This is what happened to them:

I log into my PayPal account and what do I see? “For my protection” they have limited the ability of my account to withdraw or send money but most severely, they also disallowed the account to receive payments!

Frantically, I go to MacGraPhoto’s buy page, click buy and see a message “The seller can’t receive payments at this time”. At about the same time I get an email from a potential customer that says that he can’t buy the bundle. In the server log I see other people trying buy the bundle and leaving. Lost sales. Not good. Not good at all.

My PayPal’s page lists lots of things that I need to provide to PayPal regarding my personal identity and regarding the sales. Some requests are totally not relevant to the case or to our business.

…We talked about the nature of the business. They wanted to see some shipping confirmation and tracking numbers. I explained that we’re selling downloadable software and the “shipment” is actually an email with license codes. I also explain that it’s a 2 week promotion where we bundled with some other developers for a mutual sale. She then asks me to fax to her signed agreements that they, the developers, allow me to sell their software. I tell her that we only have email correspondence and she says ok, fax it.

I prepare a fax with our terms and conditions document, 6 email correspondences where other participants agree to the terms and also, in the first page, explain the whole issue of the bundle sale. Total of 26 pages. It takes almost a day to see the faxes in the system. Finally on Nov 22 I get an email that they’ve received the documents.

I call back customer support, finally get another “limitations specialist” who checks the faxes and says me that it looks ok but I’ll have to wait to get my answers over the email in the next 48 hours.

After 24 hours I receive an email that includes:

– Please provide a letter of authority from the original copyright owner
and copy of the licensing agreement which states you have the authority to
duplicate and distribute the product.

…I ask the person to reconsider our previous documents and tell him that we started to collect signatures (we indeed emailed the 6 developers by this time and asked them to print and sign a one-page, three sentences paper about the bundle). He said ok. Wait another day or two.

During the day we collect most of the signatures and then I receive another email from PayPal. The subject was new: “PayPal appeal denied”.

I had exactly the same experience with PayPal in early 2002 – I had a big spike in sales, which they thought was suspicious, so they limited my account. I called them and they asked for documents. I faxed them documents and then they asked for more documents. I had about $2,000 sitting in my PayPal account, some of which I’d been planning to use to pay my rent that month. I was forced to borrow money from friends, with the promise that I would pay them back as soon as I could withdraw money from my account. My friends were a bit baffled – many of them did not know what PayPal was, but assuming it was like a bank, they couldn’t understand how a bank might simply freeze one’s account without first getting a court order.

Every time I satisfied one of their requests, they’d make another request for more data. 6 weeks went by.

In the end, they restored my account, but for 6 weeks they threw my life into chaos. At that time I was receiving most of my money via PayPal, so it was as if I’d suddenly been fired from my job or something, not being able to receive any money from PayPal. Their customer support was the least helpful customer support I’ve ever dealt with.

Today, I was at the train station in MetroPark, New Jersey. I was catching the commuter train back into New York City. The terminal that displayed the schedule had an error message on the screen. I do not know why these are so common, but I see error messages like this a lot, on public terminals at bus and train stationsm, and airports. The errors always seem to be on Windows operating systems.  Always.

Brad Delong asks “Why does Berkeley think it should be in the business of building its own content management systems anyway?“.

His complaint:

May I say that a content management system that–if you have been off dealing with another crisis in the middle of a task–decides when you come back and try to save your work that you are no longer logged in and dumps you to a login page after which it dumps you not on the page you were working on but on the root page, LOSING YOUR WORK!!!1!!

Such a content management system is HELLSPAWN!! Is WROSE THAN HILTER!1!!!1!…

He is complaining about bspace, which is based on the open-source
Sakai, a content management system written in Java, and focused on the needs of universities.

I think Delong’s post is a good reminder of how infuriating it can be for users when software fails to behave in the ways users expect. I also suspect this is a good example of an issue that users will regard as a bug, but the programmers will see it simply as a potential future feature that they may or may not add (”Should we catch POST info if a user is not logged in?”).

I should add, WordPress has exactly the same problem. Last week I started writing what I thought would be a short post for this blog, but I got carried away by my theme and wrote a long post. Then I went to get some dinner. I left the browser open, with the post unpublished. I came back after dinner and made some more edits, then hit the publish button – and just like that, my work vanished, because while I was out getting dinner, WordPress logged me out (for some reason I’d assumed that the auto-save feature was also refreshing my session info).

One of the nice things about building my own CMS was that I was free to fix the bugs that bothered me most, and this was a big one for me. I added a feature to my CMS that caught any POST info and showed it on screen, even if the person was logged out. This allowed recovery of the post. I worked on my CMS from 2002-2007 and then abandoned it because I could not keep up with projects like WordPress. Nowadays I force myself to use other people’s open source software, because it is economically rational to do so, but I hate some of the choices they make, and some of the features that they fail to implement.

In the comments, Jacob Davies posts this comment, which I thought was very funny and very on point:

Conversation that has happened more times in my career than I care to mention:

Someone else: “How long of a title shall we allow? 32 characters? 64?”

Me: “FOR THE LOVE OF GOD WHY DO WE NEED TO SET A MAXIMUM LENGTH? IS THIS 1952???”

Someone else: “But what if they put in a really long title and fill up the database?”

Me: “THE VERY NEXT FIELD – THE ‘CONTENTS’ FIELD – IS A FREE-TEXT FIELD WITHOUT A LENGTH CONSTRAINT SO IF THEY WANTED TO FILL THE DATABASE THEY COULD DO IT THERE ANYWAY.”

Someone else: “Won’t it waste space if we allow a variable-length string in the title?”

Me: “OH MY GOD YES A TERRIFYING LOSS OF ABOUT 3 BYTES ON A RECORD THAT IS A MINIMUM OF 1024 BYTES LONG AND OFTEN OVER A MEGABYTE, YOU ARE SO RIGHT.”

Someone else: “Yes but every other system has a length constraint for titles.”

Me: “YES AND I SUPPOSE IF EVERYONE ELSE WAS JUMPING OFF A BRIDGE YOU’D DO IT TOO.”

etc

Computer programmers are subject to some kind of strange mental degeneration in which they rate the potential waste of 0.00001% of the capacity of a modern hard disk as more important than the ability to enter titles longer than 32 characters in length.

For much of the last 3 weeks I’ve used Windows laptop running XP (instead of my usual Ubuntu Linux machine) which gave me a chance to try out some of the browsers that have no Linux version.   One of the greatest aspects of the current web development scene is that most of the surviving browser projects are competing on how well they can implement web standards and HTML5 (contrast the current scene with 1996, when Microsoft set out to break the web, with its “embrace, extend and exterminate” strategy).

I’ve already noted that FireFox seems to have surpassed Internet Explorer, in terms of usage. Microsoft will hopefully soon kill Internet Explorer and replace it with something else.

I admire much of what Brendan Eich has done. And for the last several years, FireFox has been my web browser of choice. But FireFox drives me crazy with its demand for resources. Compared to any other browser I’ve tried, it demands more RAM. With just one window open, it will grab 60 to 90 megs of RAM (compared to, say, 14 for Chrome). With several pages open, which is normal for me, FireFox will grab 200 to 250 megs of RAM. Chrome might grab a 3rd of that. (These statements are true for FireFox 2 and 3, and Chrome 1.)

FireFox allows plugins, which is the main reason I use FireFox. The Firebug and Session Manager plugins are essential tools for me. However, FireFox doesn’t police the resource usage of these plugins. They can crash any machine: Macs, Linux, Windows. (Those of you who want to claim “Linux never crashes”, please note that a process can use up most of the memory on the machine, and then the machine becomes unresponsive. For the user, this is the same as a crash, even if in some hair-splitting way it avoids the technical definition of a crash.)

Chrome has the kind of plain, minimalist design that is a signature of most of Google’s products.  I like it a lot, though it has many annoyances. Yahoo Mail normally auto-suggests email addresses as I start to type them, but this doesn’t happen when I use Chrome. Also, when using WordPress, Chrome embeds inline styling, whereas other browsers do not. Also, again with WordPress, Chrome erases all line breaks every time I update a post, so that the text is reduced to one giant paragraph. Basically, most of the Javascript that is out there was not written with Chrome in mind, and Chrome has some kind of conflict with it. Also, surprisingly, I’m not able to log into some of my favorite forums with Chrome.  I get no error message, but I am not treated as logged in, even after giving the correct username and password (I have the same problem in Safari, but not in FireFox).

Scrolling a web page, using the arrow keys on the keyboard, is important to me. I read a great deal online, and for me it seems natural to want to use the arrow keys to move down the page as I read. Here is one area where Chrome is especially good. It scrolls smoothly. FireFox is usually broken in this regard – it tries to move the cursor down the page, but if the HTML is laid out in a way that allows the cursor to skip the main text of the page, then FireFox simply drops to the bottom of the page. This drives me crazy.

Safari 4 seems to be in between Chrome and FireFox in terms of resource use. It is wonderfully standards compliant and leads the way in supporting HTML5. I admire it for that, though until more browsers support HTML5, I can’t imagine using any of the new tags on a commercial web site.

Right now I can see using FireFox when I want to use my favorite plugins, and I can see using Chrome when I want a fast web browser, but I’m not sure what would cause me to use Safari.

I’m comfortable making this prediction: IE will continue to fade, and Microsoft will continue to fade, and FireFox, Safari and Chrome will all have more browser share a year from now than they currently do. So it is time for designer to start checking their designs in all of these browsers.

A very interesting post by I Am El Gringo:

For the time-constrained, I submit to you the results of my highly scientific research:

• Yahoo: Minimal Use of tables. I found a picture of Hugh Downs horizontally aligned with it’s caption in a table
• Google Home Page: Not only does Google use tables for it’s iconic home page, it embeds styling in the <td> tags. The horror.
• YouTube: Uses tables for of layout of videos
• Windows Live: Uses tables for footer layout
• MSN: There is one table, but it’s only for stockquotes which is tabular data
• MySpace Semantically pure. MySpace. Whoda thunk it
• Facebook: Does form layout with tables
• Blogger: No tables anywhere on the front page
• Orkut All tables all the time
• Rapidshare: A table with a single <td> for header placement. And again a single <td> table for the central “browse” section. Tsk tsk
• Microsoft: Navigation bar is a table. What did you expect? Unicorns and rainbows?
• Google India: It’s the same Google layout. I wonder if they used copy and paste for the template?
• Ebay: Tables, tables every where
• Hi5: Tables for every thing, pretty much. BTW, I didn’t even know this site existed until last week. Alexa rank 14!?
• Photobucket: Tables for photo gallery layout
• AOL: AOL’s layout is semantically pure! Friggin AOL?
• Google UK: Same GOOG layout. I’m now sure the copied an pasted their html
• Amazon: Now that’s just silly
• IMDB: They used tables for their 3 column layout. What! No CSS framework?
• Imageshack: Semantically pure as the driven snow.
• Finally, even though it’s not on Alexa’s top 20, log in to your Gmail account and look at
  the use of tables

My Hypothesis: Pure CSS design == overcompensation

So, the five companies that use CSS are the web powerhouses–MSN, MySpace, Blogger, AOL and Imageshack. MSN, MySpace and AOL have been maligned for years throughout the web savvy community. My hypothesis is that these companies are overcompensating for the crap that they’ve taken thoughtout the years by designing their site in pure CSS.

Other companies that have more web street-cred like Google and Facebook don’t really have to worry about how the web design community sees them. This leads to things like Google making extensive use of inline styling on their homepage instead of putting it in their stylesheet. I’ve never heard anyone claim that the Google folks are slouches at the web design/development thing. Why is that?

This is a horrifying failure of risk management and system administration good practice:  JournalSpace loses all data in its database and has no backup:

Blogging platform JournalSpace (which I’d never heard of to date) has ceased to be, following a wipe-out of the main database for which there was no back-up in place. According to the JournalSpace blog, the database was overwritten as a result of a malicious act from a disgruntled ex-employee.

The lack of backups is the fault of management, for they had the authority to make better decisions, and they had the ethical responsibility to protect the data of their users. Nevertheless, they try to shift the blame to one of their employees:

It was the guy handling the IT (and, yes, the same guy who I caught stealing from the company, and who did a slash-and-burn on some servers on his way out) who made the choice to rely on RAID as the only backup mechanism for the SQL server. He had set up automated backups for the HTTP server which contains the PHP code, but, inscrutibly, had no backup system in place for the SQL data. The ironic thing here is that one of his hobbies was telling everybody how smart he was.

The employee might be guilty of criminal actions here, but that doesn’t let management off the hook for having been so unprepared. If it hadn’t been an employee it might have been a tornado or earthquake or some other disaster – and the blame still would have belonged to management. Multiple backups, in different locations, is the precaution that a responsible company must make.

cb sums it up well in the comments:

lol, gotta love an internet company that has ‘a guy handling IT’. As if the IT side of things is an afterthought-which apparently it was in this case.

There is a second part to this story that I find very sad. One of the users of JournalSpace, a woman calling herself tinythoughts, shows up in the comments at TechCrunch and expresses her sadness, whereupon she is immediately attacked for her having ever used JournalSpace. I am puzzled and worried by the attitude that would defend the company and blame the customer.

This is tinythoughts:

i had one of the oldest journals on journalspace. i am really upset about losing about 6 years of writing, and my layouts which i made. it was bad enough when they lost years of comments. this is far worse. i am pretty sure i archived most of everything up til about a year ago on my external hd. i’m actually a lot sadder about this than i thought i would be.

This is the criticism that is then thrown at her:

If you value your work so much, you shouldn’t be using something that’s free and expect not to lose it.

At the end of the day, piss all you want. It’s your damn fault for leeching off a free service and expect it to continue to provide for you.

The day of FREE is over!

And then this was her response:

it wasn’t free. i was a paying customer for most of the time i was on there, until the first big data loss. after that, i did not get a pro account anymore and also began to write less on there.
as for losing my stuff, which i did value, as i said, i did back it up myself after that first data loss. however, i liked it where and how it was, accessible online to me and anyone else. we are talking about almost 6 years of content. that is not some small thing. even if you’re dumb, you should be able to understand that.
btw, i work in this industry myself, and i am pretty sure the days of free are not over. but all the best to you on being rude anonymously to others online.

She also adds:

I don’t believe their story. I think there is more to it. They’ve had problems before and they always lay it out like their users are technically stupid and willing to accept any dumb answer given to them. What happened really was a great loss for many users, who had been there for years, a community of really great people. The greatest loss is all of the time, life, love, and community each of those users put into journalspace, where it was all documented and washed away like sandcastles on the beach. I might be upset for my own loss, but not nearly as sad as I am for many of my friends there. I think journalspace owes them more than a lame excuse and an empty sorry.

The fact that someone is willing to attack the customers in this case, rather than the grossly irresponsible company, actually saddens me more than the already sad fact that a lot of people lost years worth of work. (Though if I lost that much work, I’d cry for days.)

I’m not sure how many times I’ve looked at this page without seeing this typo:

I assume that:

“Create a signature that automatically added to your emails”

is suppose to read:

“Create a signature that is automatically added to your emails”

I always find it surprising to find typos on a major site like Yahoo.

Yet another example of bad web programming. I was researching the subject of cancer and followed a link on a government site that gets me to this page:

I think its fine to print debugging information to the screen when a website is under development, but on a live site, I think the error messages should try to be more helpful. Perhaps the error message can suggest the average speed it takes the site’s sysadmins to fix problems of this time. Or the error message can suggest that the visitor go get the page out of the Google cache. Even the cutesy error message that Stikipad used was more reassuring than this.

Back on September 24th, I decided to put my Netflix account on hold. I knew I was facing a stretch of time when I was going to be too busy to watch movies. Apparently Netflix only allows you to put your account on hold for 90 days. Nevertheless, the form that I was presented with allowed me to choose any date in December, so I chose December 31st, as you can see here:

Upon submitting the form, I got the following error message:

This is, of course, an example of bad user interface design. They should not allow me to choose a date which they themselves forbid. It is confusing that their form should offer a date which is, in fact, not allowed.

Shelley Powers once wrote that she wouldn’t use an online service unless she was sure of the exit route:

I won’t use a hosted web service like Typepad or weblogs.com. It’s too easy for them to decide that you’re ‘violating’ terms of service, and next thing you know, all your weblog entries are gone. I saw this with wordpress.com in the recent events that caused so much discussion: in fact, I would strongly recommend against using wordpress.com because of this–the service is too easily influenced by public opinion.

I don’t use either my Yahoo or Gmail mail accounts. Regardless of whether I can get a copy of my email locally, if I decide to not use either account I have no way of ‘redirecting’ email addresses from either of these to the email address I want to use. (Or if there is a way, I’m not aware of it.) Getting a copy of my data is not an exit strategy–it’s an export strategy. An exit strategy is one where you can blow off the service and not suffer long-term consequences. A ‘bad’ email address is definitely a long-term consequence*.

A few months ago we started using Stikipad to get ourselves organized. We started using the site under conditions that were close to an emergency – we had a web site that was past its deadline, and we were trying to regain control over a situation that had become chaotic. We began to post bug reports and notes to ourselves. Stikipad was useful to us as an easy-to-use online notepad, which we could use informally. It helped that it also had certain wiki features – it kept track of who made each edit, and it allowed us to revert changes when we made mistakes in editing.

Since then, we’ve started listing all the hours that we work on there. This data is vital for when we send out invoices to our clients. Also, all of the long, complicated to-do lists, for each project we’ve been working on, are all on there. We did not realize how important the site had become to us – we’d set up a quick, free account as a simple way to organize one project, but our use of Stikipad has grown so that lately it has been central to the way we schedule our time.

For the last three days, when we go to the site, the only thing we get is this error page:

The whole entire site has been down. You could not start a new account, nor reach any of the pages on our account, nor even reach the “Support” page. We all kept trying, at different times during Friday, Saturday and Sunday. There was no way into the site.

The site just came back to life tonight. But we are planning on giving it up. We feel we can’t trust it anymore. There has been no word on the Stikipad blog about what just happened. Their silence does not inspire confidence in us.

Stikipad does have an export option, which we could use religiously to keep our data safe. I blame myself for not already automating a daily download of this data. I’m fixing this particular oversight tonight. All the same, Stikipad can’t value our most vital data to the same extent we can, so it is perhaps best if we keep that data on our own server, and make the multiple backups of that data which we feel is needed.

 Yes, that is a broken image link on the Microsoft website (I hit refresh a few times and it was still there). Ironically, the page is talking about a new technique for debugging.

Part of what is becoming a continuing series on the subject of broken web pages.

Well, maybe “broken” is too strong a word. The CSS failed to load. Which happens sometimes. Which is part of why semantic markup is important. How much does the user experience survive the lack of style sheets? This from the front page of Old Navy:

Just curious, but does anyone know some common reasons why the CSS files might fail to load?

Also curious about the marketing. The front page of the site is aimed entirely at women. Do women buy clothes online more than men?

Yet another story about a badly programmed website, with really bad error messages.

I went to pay my monthly cell phone bill. Just last month, SprintPCS instituted a new policy, requiring stricter passwords with more letters and numbers in them. So I was forced to change my password. Perhaps I was also in a hurry, as I did not write it down in the usual place.

Today, unable to remember the new password, I clicked the link they offer for “Forgot your password?” I came to the screen you see in the first image.

I typed in my “username”, which is simply my telephone number. When I hit the submit button, I got, in response, a blank white page with the text “Error: 500″. That’s it. Nothing else. Just that text on a blank white page. You can see it in this second image:

I offer this anecodote as one more small piece of evidence for the case that most web sites are horribly programmed and poorly tested. I don’t mean to pick on SprintPCS, since there are many sites that are just as bad, but this just happens to be the broken website that I interacted with today.

Mind you, the above incident happened this morning, around 11 AM, and now it is 11 PM. I just went back to get screenshots. Twelve hours later, the problem is still there.

I sent SprintPCS an email about this. I have not yet heard back from them. I’ll update this post if I do hear from them.

UPDATE: wonderful response time. I just got this, on the 17th. The irony:

Date: Mon, 17 Sep 2007 14:08:18 -0500 [02:08:18 PM CDT]

From: Sprint Customer Solutions <ecare@cc.sprintpcs.com>

To: LAWRENCE@KRUBNER.COM

Subject: Re: Subject: ID # 20070914212929 (KMM38317571I123L0KM)

Hello Lawrence Krubner,

Thank you for contacting Sprint.

A ticket has been submitted in reference to the difficulty you are experiencing logging into your account online at Sprint.com. The ticket number is 16880851.

A follow-up call will be made to you within 36 business hours.

Thank you again for contacting Sprint. We appreciate your business.

Mary O.
E-Care
Sprint
“Where our customers come first!”

Refer someone to Sprint and get $25.

So after 3 days, they send me an email in which they promise to contact me within 3 days. Then they close with “Where our customers come first!” Hate to think how we’d be treated if we came second.