How good is your unsubscribe?

How far down the list do you get? These are all real issues with real newsletters or mailing lists I have at some time had the misfortune to subscribe to. Some of them are still filling up my spam box after multiple attempts at getting rid of them.

  1. Is it possible to unsubscribe? If not, why are you reading this? Shouldn’t you be apologising to your users?
  2. Does every message explain how to unsubscribe? Or are you sending periodic reminders with newsletter metadata? *Shudder*
  3. Do I have to contact your domain to unsubscribe? Otherwise I’ll assume the whole thing is a phishing attempt.
  4. Can I unsubscribe by email? Useful if bandwidth is low.
  5. Can I unsubscribe by replying to the newsletter? Much simpler than copying a address or sending “unsubscribe newsletter” to, especially on a phone.
  6. Can I unsubscribe by clicking a URL? The web is a powerful thing.
  7. Can I unsubscribe without typing anything? You’re already generating unique emails, so it would be very easy to generate unique URLs.
  8. Can I unsubscribe in a single click? Why have two steps if you can have only one?
  9. Can I re-subscribe with a single click? For those silly accidents.

UK technology fail

Since moving to the UK after living in Norway, France and Switzerland, it seems that this country, more than any other I know of in the Western world, is stuck in the 20th century. Here are some examples encountered in the last few months:

  • Many banks support no other authentication than usernames and passwords. No one-time pads, SMS codes, smart cards or client certificates, at least one of which was supported at all of my other banks. My bank forces you to enter your password at the counter, in front of other customers.
  • Don’t talk to me about Internet banking. Compared to every other bank I’ve used, my UK bank has by far the worst usability. If something fails, it doesn’t give any hint to what happened, and just sends you to the front page. Retrying means finding the same form again and filling in everything. It doesn’t play nicely with any online shops. It takes several days to add every single payment recipient. And its “company search” doesn’t find big UK companies.
  • Usually three or four buses arrive within two minutes, and then none for 20 minutes. Sometimes these clumps even have more than one of the same bus line.
  • Automated check-outs at supermarkets are sometimes OK: They take cards and cash, weigh your items properly, and calculate the sum properly when there’s a discount. However, none of them do all of these, and some of them seem to do none of them.
  • The phone only has a signal when the stars align just right. At home 1-2 bars, at work 0-1 bars.
  • The roads are too narrow for buses to pass, but there’s still parking on both sides.
  • I just ordered something online (via bank transfer since the card doesn’t work for some reason). The confirmation page showed the bank details. The confirmation email showed the final sum. Neither showed both.

Sometimes it’s so surprisingly backward that it’s amusing. Mostly I just wonder whether people care about service at all.

SMS authentication on fail recently added two step authentication. Hooray for taking security seriously! Unfortunately the setup page is full of fail:

  • No indication whether the trunk prefix should be included in the number. I tried both with and without one, twice, but never received a single message. It is not obvious how it would occur to anyone to try both, especially for people who always use one or the other.
  • Why is Google Authenticator so massively emphasized over SMS? Granted, many rich* people have a smartphone, but there is no indication why using a third party app is preferable to the solution which works on every mobile phone capable of connecting to an existing network. YAGNI, and if GitHub gets by with SMS then it’s good enough for me.
  • Why is there a separate “Send SMS” button? Surely by the time the “Verify Code” page shows up you should have sent the message.
  • The first page contains an obvious button to go to the next step. The second page contains three differently styled button-ish elements to show download links for one app and two plain links to go to the next page. The third page (after following the “use Two Step Authentication via SMS” link) contains one left-aligned and one right-aligned button. I haven’t got to the last page yet; I just hope it isn’t too crazy.
  • No relevant help page in sight.
  • No context-sensitive support link. For a new feature of such importance and with the possibility of locking people out pending manual intervention I’d expect more direct support integration.
  • Most search results for “sms authentication” in their forums seem to revolve around problems deactivating this feature. Sounds like it’s simply not ready yet.

PS: I’m using SMS codes for several other international services, and they all work fine.

* If you’re reading this, then you are very likely within the 10% richest people on the Earth.

Bug #1: Home directory is not version controlled

How to reproduce: Modify dotfiles and scripts in the home directory on multiple machines without keeping track of the changes.

What happens:

  • Lots of manual work to synchronize and merge changes.
  • Uncertainty about which changes exist where.
  • Lost work because of minor mistakes or giving up on complex merges.

What should happen: Changes should be reproducible, visible and simple enough to be merged.

How to fix: Use version control.


  1. Fork an existing version controlled home directory.
  2. git clone --recursive git://
  3. Merge with your existing home directory.
  4. make clean to do miscellaneous cleanup before you
  5. commit and push.
  6. make install to create symbolic links from your home directory to the repository.
  7. clone and pull on any machines which need your changes.

That’s pretty much all there is to this workflow, really. There’s a ton of commands with descriptive tags in .bash_history, configuration for Bash, Vim, Awesome WM, screen layouts, email tools, and much more that you can copy (and criticize) all you want.

BT VDSL modem linkjacking HTTP URLs

Yet another reason to install HTTPS Everywhere and NoScript: It looks like our BT Hub 4 is linkjacking all HTTP URLs:
NoScript blocking warning

Turns out they just want to show a useless landing page:

BT landing page

This wouldn’t be so annoying if it didn’t happen on every new IP that connects to the hub. Isn’t the proof in the pudding – if the rest of the web works, why is the landing page necessary?

Precycling phone directories, Oxford style

Quick guide to reducing paper waste by precycling phone directories in Oxford, UK:

Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “Thomson Local” directory, to <address withheld>. Thank you!

Best regards
<name withheld>

Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “Yellow Pages” and “Packed full of useful stuff” directories, to <address withheld>. Thank you!

Best regards
<name withheld>

Subject: Subscription cancellation

Good day

Please stop sending unsolicited mail, including the “The Phone Book” directory, to <address withheld>. Thank you!

Best regards
<name withheld>

Now let’s see the result…

Reply from Yell/Hibu

Dear <name withheld>,

Thank you for your email.

I am sorry to hear of the problems you have encountered.

Your email has now been passed to the relevant team to stop the directory and they will be in contact with you regarding this matter.

Inorder to assist you regarding the unsolicited mails please provide us with your account number or business name, address along with the postal code and telephone number.

Should you have any further queries please do not hesitate to call our Customer Service team on 0800 555 444.

My emphasis. Thanks, but I’d rather not give any more information to an advertising company who have already spammed me. That was email lesson #1 way back in the 20th century. You know perfectly well how to stop spamming based on the address which I already sent you.

Awesomely slim Linux desktop setup

Welcome, weary traveler. I sense you have become frustrated with your distribution of choice, for incessantly reinventing the wheel, trying to adopt all the worst practices of Apple and Microsoft, providing poor documentation and/or really supporting only the most basic of setups. Fear not, for there are light-weigth, flexible, well-documented no-nonsense alternatives available.

A combination of Ubuntu nausea and a harddisk crash gave me the necessary kick in the ass to set up Arch Linux, SLiM and awesome yesterday. Rather than reiterate a bunch of commands and copy-pasteable configuration which would be obsolete in an Internet day, I’ll point you to the documentation and some resulting user configuration:

My current configuration: