UK technology fail

Since moving to the UK after living in Norway, France and Switzerland, it seems that this country, more than any other I know of in the Western world, is stuck in the 20th century. Here are some examples encountered in the last few months:

  • Many banks support no other authentication than usernames and passwords. No one-time pads, SMS codes, smart cards or client certificates, at least one of which was supported at all of my other banks. My bank forces you to enter your password at the counter, in front of other customers.
  • Don’t talk to me about Internet banking. Compared to every other bank I’ve used, my UK bank has by far the worst usability. If something fails, it doesn’t give any hint to what happened, and just sends you to the front page. Retrying means finding the same form again and filling in everything. It doesn’t play nicely with any online shops. It takes several days to add every single payment recipient. And its “company search” doesn’t find big UK companies.
  • Usually three or four buses arrive within two minutes, and then none for 20 minutes. Sometimes these clumps even have more than one of the same bus line.
  • Automated check-outs at supermarkets are sometimes OK: They take cards and cash, weigh your items properly, and calculate the sum properly when there’s a discount. However, none of them do all of these, and some of them seem to do none of them.
  • The phone only has a signal when the stars align just right. At home 1-2 bars, at work 0-1 bars.
  • The roads are too narrow for buses to pass, but there’s still parking on both sides.
  • I just ordered something online (via bank transfer since the card doesn’t work for some reason). The confirmation page showed the bank details. The confirmation email showed the final sum. Neither showed both.

Sometimes it’s so surprisingly backward that it’s amusing. Mostly I just wonder whether people care about service at all.

SMS authentication on wordpress.com fail

wordpress.com recently added two step authentication. Hooray for taking security seriously! Unfortunately the setup page is full of fail:

  • No indication whether the trunk prefix should be included in the number. I tried both with and without one, twice, but never received a single message. It is not obvious how it would occur to anyone to try both, especially for people who always use one or the other.
  • Why is Google Authenticator so massively emphasized over SMS? Granted, many rich* people have a smartphone, but there is no indication why using a third party app is preferable to the solution which works on every mobile phone capable of connecting to an existing network. YAGNI, and if GitHub gets by with SMS then it’s good enough for me.
  • Why is there a separate “Send SMS” button? Surely by the time the “Verify Code” page shows up you should have sent the message.
  • The first page contains an obvious button to go to the next step. The second page contains three differently styled button-ish elements to show download links for one app and two plain links to go to the next page. The third page (after following the “use Two Step Authentication via SMS” link) contains one left-aligned and one right-aligned button. I haven’t got to the last page yet; I just hope it isn’t too crazy.
  • No relevant help page in sight.
  • No context-sensitive support link. For a new feature of such importance and with the possibility of locking people out pending manual intervention I’d expect more direct support integration.
  • Most search results for “sms authentication” in their forums seem to revolve around problems deactivating this feature. Sounds like it’s simply not ready yet.

PS: I’m using SMS codes for several other international services, and they all work fine.

* If you’re reading this, then you are very likely within the 10% richest people on the Earth.

Bug #1: Home directory is not version controlled

How to reproduce: Modify dotfiles and scripts in the home directory on multiple machines without keeping track of the changes.

What happens:

  • Lots of manual work to synchronize and merge changes.
  • Uncertainty about which changes exist where.
  • Lost work because of minor mistakes or giving up on complex merges.

What should happen: Changes should be reproducible, visible and simple enough to be merged.

How to fix: Use version control.

Workaround:

  1. Fork an existing version controlled home directory.
  2. git clone --recursive git://github.com/your-user/tilde.git
  3. Merge with your existing home directory.
  4. make clean to do miscellaneous cleanup before you
  5. commit and push.
  6. make install to create symbolic links from your home directory to the repository.
  7. clone and pull on any machines which need your changes.

That’s pretty much all there is to this workflow, really. There’s a ton of commands with descriptive tags in .bash_history, configuration for Bash, Vim, Awesome WM, screen layouts, email tools, and much more that you can copy (and criticize) all you want.

BT VDSL modem linkjacking HTTP URLs

Yet another reason to install HTTPS Everywhere and NoScript: It looks like our BT Hub 4 is linkjacking all HTTP URLs:
NoScript blocking warning

Turns out they just want to show a useless landing page:

BT landing page

This wouldn’t be so annoying if it didn’t happen on every new IP that connects to the hub. Isn’t the proof in the pudding – if the rest of the web works, why is the landing page necessary?

Precycling phone directories, Oxford style

Quick guide to reducing paper waste by precycling phone directories in Oxford, UK:

To: info@thomsonlocal.com
Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “Thomson Local” directory, to <address withheld>. Thank you!

Best regards
<name withheld>


To: service@yellgroup.com
Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “Yellow Pages” and “Packed full of useful stuff” directories, to <address withheld>. Thank you!

Best regards
<name withheld>


To: directory.products@bt.com
Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “The Phone Book” directory, to <address withheld>. Thank you!

Best regards
<name withheld>

Now let’s see the result…

Reply from Yell/Hibu

From: Customer.Service.Team@hibu.com
Dear <name withheld>,

Thank you for your email.

I am sorry to hear of the problems you have encountered.

Your email has now been passed to the relevant team to stop the directory and they will be in contact with you regarding this matter.

Inorder to assist you regarding the unsolicited mails please provide us with your account number or business name, address along with the postal code and telephone number.

Should you have any further queries please do not hesitate to call our Customer Service team on 0800 555 444.

My emphasis. Thanks, but I’d rather not give any more information to an advertising company who have already spammed me. That was email lesson #1 way back in the 20th century. You know perfectly well how to stop spamming based on the address which I already sent you.

Awesomely slim Linux desktop setup

Welcome, weary traveler. I sense you have become frustrated with your distribution of choice, for incessantly reinventing the wheel, trying to adopt all the worst practices of Apple and Microsoft, providing poor documentation and/or really supporting only the most basic of setups. Fear not, for there are light-weigth, flexible, well-documented no-nonsense alternatives available.

A combination of Ubuntu nausea and a harddisk crash gave me the necessary kick in the ass to set up Arch Linux, SLiM and awesome yesterday. Rather than reiterate a bunch of commands and copy-pasteable configuration which would be obsolete in an Internet day, I’ll point you to the documentation and some resulting user configuration:

My current configuration:

Ubuntu phone fundraiser

Canonical has started a fundraiser to develop an Ubuntu/Android phone. There’s a 600 USD early bird tier for one day to get the phone itself, and afterwards it’s a massive 830 USD.

As someone who was extatic at the Ubuntu progress in 2007 through 2009, but foaming at the mouth at their massive “not invented here” syndrome ever since, I don’t think I’ll be pledging anything for this. For example, the dual boot feature. They say they already have the Ubuntu desktop integration working on Android, so you’ll be able to use it immediately. Great, let’s do that. “Then shortly after launch we’ll push out a free software update that adds this desktop integration to Ubuntu mobile as well.” So we’ll have a functioning Android phone with Ubuntu desktop integration from the get go, and then we’ll have to start using Ubuntu natively instead of Android later? You want users to learn to use two GUIs which do the same thing to use one phone? (Actually three, unless the Ubuntu desktop works exactly like native Ubuntu, and assuming anyone who buys this is already familiar with Ubuntu.) Now that’s usability fail. How about either Android or Ubuntu? Sounds more like someone thinks Ubuntu isn’t quite ready for handhelds yet, and they want the users to beta test before reinventing the wheel once again.