Since moving to the UK after living in Norway, France and Switzerland, it seems that this country, more than any other I know of in the Western world, is stuck in the 20th century. Here are some examples encountered in the last few months:
- Many banks support no other authentication than usernames and passwords. No one-time pads, SMS codes, smart cards or client certificates, at least one of which was supported at all of my other banks. My bank forces you to enter your password at the counter, in front of other customers.
- Don’t talk to me about Internet banking. Compared to every other bank I’ve used, my UK bank has by far the worst usability. If something fails, it doesn’t give any hint to what happened, and just sends you to the front page. Retrying means finding the same form again and filling in everything. It doesn’t play nicely with any online shops. It takes several days to add every single payment recipient. And its “company search” doesn’t find big UK companies.
- Usually three or four buses arrive within two minutes, and then none for 20 minutes. Sometimes these clumps even have more than one of the same bus line.
- Automated check-outs at supermarkets are sometimes OK: They take cards and cash, weigh your items properly, and calculate the sum properly when there’s a discount. However, none of them do all of these, and some of them seem to do none of them.
- The phone only has a signal when the stars align just right. At home 1-2 bars, at work 0-1 bars.
- The roads are too narrow for buses to pass, but there’s still parking on both sides.
- I just ordered something online (via bank transfer since the card doesn’t work for some reason). The confirmation page showed the bank details. The confirmation email showed the final sum. Neither showed both.
Sometimes it’s so surprisingly backward that it’s amusing. Mostly I just wonder whether people care about service at all.
wordpress.com recently added two step authentication. Hooray for taking security seriously! Unfortunately the setup page is full of fail:
- No indication whether the trunk prefix should be included in the number. I tried both with and without one, twice, but never received a single message. It is not obvious how it would occur to anyone to try both, especially for people who always use one or the other.
- Why is Google Authenticator so massively emphasized over SMS? Granted, many rich* people have a smartphone, but there is no indication why using a third party app is preferable to the solution which works on every mobile phone capable of connecting to an existing network. YAGNI, and if GitHub gets by with SMS then it’s good enough for me.
- Why is there a separate “Send SMS” button? Surely by the time the “Verify Code” page shows up you should have sent the message.
- The first page contains an obvious button to go to the next step. The second page contains three differently styled button-ish elements to show download links for one app and two plain links to go to the next page. The third page (after following the “use Two Step Authentication via SMS” link) contains one left-aligned and one right-aligned button. I haven’t got to the last page yet; I just hope it isn’t too crazy.
- No relevant help page in sight.
- No context-sensitive support link. For a new feature of such importance and with the possibility of locking people out pending manual intervention I’d expect more direct support integration.
- Most search results for “sms authentication” in their forums seem to revolve around problems deactivating this feature. Sounds like it’s simply not ready yet.
PS: I’m using SMS codes for several other international services, and they all work fine.
* If you’re reading this, then you are very likely within the 10% richest people on the Earth.
How to reproduce: Modify dotfiles and scripts in the home directory on multiple machines without keeping track of the changes.
- Lots of manual work to synchronize and merge changes.
- Uncertainty about which changes exist where.
- Lost work because of minor mistakes or giving up on complex merges.
What should happen: Changes should be reproducible, visible and simple enough to be merged.
How to fix: Use version control.
- Fork an existing version controlled home directory.
git clone --recursive git://github.com/your-user/tilde.git
- Merge with your existing home directory.
make clean to do miscellaneous cleanup before you
make install to create symbolic links from your home directory to the repository.
pull on any machines which need your changes.
That’s pretty much all there is to this workflow, really. There’s a ton of commands with descriptive tags in
.bash_history, configuration for Bash, Vim, Awesome WM, screen layouts, email tools, and much more that you can copy (and criticize) all you want.