Archive

Archive for the ‘Anti-Inspiration’ Category

How not to run a web site – RadioPopper

September 23rd, 2010 Comments off

Disclosures: Six months or so ago I contacted RadioPopper by voicemail and email offering my services (on spec) because I loved the elegance of the underlying idea behind their product. I got no response. No this isn’t sour grapes.
I have spent hours researching the system and reading and viewing demonstrations online. Photography is my hobby and occasional source of income. Reading about this stuff is my twisted idea of a good time. I haven’t, yet, bought a system.

Why am I picking on these guys? Because using them as an example, others may learn something. Because I really hope they learn from it. I’d like to see them succeed on a grand scale because I love the essential elegance of their idea. Because it’s like shooting fish in a barrel and it makes for a chance to comment on a lot of very common classes of mistakes using only one site. Because I’d like them to give me free gear to thank me. Somehow, I don’t see that happening now though. 😉 I really do think it’s a solid product based on all I’ve seen and read. The site, however, is a trainwreck.
===========================================================
The product and why I think it’s so outstandingly cool:
RadioPopper, (or is it radiopopper? more on this later)  is a company that produces eponymously named products for professional and serious enthusiast photographers to make better use of their flashes.  RadioPopper’s products enable the use of what are generically referred to as ‘Speedlights’ (hotshoe mounted, battery operated ‘flash guns’) via RF remote control but in ways significantly more elegant and flexible than the most common tool for this purpose, the Pocket Wizard. The secret to this is a delightfully slick integration with the line of sight Infra-Red control systems Nikon and Canon cameras already have built in. I can’t emphasize enough how much I think RadioPopper’s solution is cool. It is, in the parlance of the geek, a truly great hack.

RadioPopper is simply (marvelously) a bridge, a means of converting the existing IR control signals to RF and back again. It’s brilliant because, as far as your camera and flashes are concerned, there is no RadioPopper in the chain of command. That means everything you already know about setting your camera’s controls, your flash’s controls, all your expectations for the behavior of the whole system remain exactly the same except the largest problems with both those systems (Nikon iTTL/CLS and Canon/ETTL); line of sight and serious distance limitations inherent to IR remote control, simply go away.
=============================================================

Site fails:

  • Make sure a visitor or searcher finding your site can quickly determine what you make and if they are a potential buyer of your product. Site Fail: There’s no meaningful descriptive text about the product or what other products/systems it works with on the site home page. In fact, you have to dig into a pdf to get a real sense of the value. (see below)
  • Know who you are so others can talk about and link to you. Protect your marks. Site Fail: Inconsistent branding. RadioPopper or radiopopper? Text in CamelCase, logo all lower case. Looks amateurish. Pick one. Stick to it. How did the marketing department not commit to the typographical treatment in a design they approved? Why did they approve typography in a logo design they weren’t prepared to follow through with in text? [EDIT: I don’t mean to suggest text treatment and graphic treatment must always match. Rather, if you are doing something ‘cute’ like all lower case or CamelCase, be consistent. All upper case, outside a logo, can seem shouted, that’s a scenario where you might wisely go with standard initial caps in text. See Adobe’s Photoshop branding. Sometimes all caps. Sometimes initial caps. Never CamelCase.]
  • Don’t exclude half your potential customers by simple neglect in what you tell them: Site Fail: Their Products page discusses only Canon system compatibility and only once. It only very ambiguously mentions Nikon.  They have a Product, that by all indications including third party reviews and commentary works equally well on both leading DSLR systems and yet only one gets substantial search exposed text on the site. You have a  product that serves roughly 80% of the DSLR market and yet your main product page only significantly discusses compatibility with half that? If the product works as well as it seems to on both systems, give equal visibility to both. Optimize how you document that to maximize search performance to users searching from the customer bias of either system. Look like you care equally about the two halves of your target market, about both platforms you expended substantial R&D to support. Crow about your product in meaningful and substantial ways that make your site more likely to show up in search for all of your potential customers.
  • If you promise a way to engage your customers in an ongoing dialog, deliver. Don’t look for ways to make people wonder if you are even still in business. Site Fail: A blog is personal and regularly updated. Radiopopper have a site section called Blog. A blog is personal and regularly updated yet Radiopopper’s updates are as infrequent as once every three months.  Do customers seeing such sparse updates even know they’re still in business? Either blog and have a meaningful and frequently updated engagement with the audience, a humanized editorial presence or delete the blog and move the content to a press releases directory. Companies don’t have to have a blog. There are lots of good reasons not to. A major good reason not to is simply not having the resources to maintain one. Contrast RadioPopper’s blog with their principle competitor’s blog: http://pocketwizard.wordpress.com/. PocketWizard is older, larger, more successful and, in my opinion, from an engineering elegance perspective? Inferior. Don’t make yourself look like a bozo compared to your principle competition. Especially don’t do it when you have competitive advantages over them.
  • Don’t appear to be trying to obfuscate your size in a way that is both obvious and pointless. Every company wants and needs to appear to be a leader. Often, companies use good techniques to appear larger and more successful than they are. There’s nothing inherently wrong with this unless it’s actually dishonest or it immediately rings hollow. Site Fail: The home page links to a site section called “Team” that is really a gallery of photographs grouped by photographers who’ve used the product. A lot of the shots are GREAT. All of of them are at least very well crafted. It’s a very good idea to appeal to the aspirational instincts of would-be customers by showing them high quality work using your product. It’s a hideously bad idea to call that section ‘Team’ when, in fact, these are users not employees. It’s an even worse idea to call the section Team when there is no actual team directory of the company. Compare this to another company in a similar market. Really Right Stuff. They do a great job of humanizing the company and staff on their site without making themselves seem either too large or too small to take proper care of their customers and convey confidence in their viability as a business. They almost certainly outsource their manufacturing. That’s fine. Most electronics companies do. Really Right stuff is transparent about their outsourcing. RadioPopper? It looks like two guys working a part time job and being cagey about it. This does not instill customer confidence. Gary Fong looks like one guy working a part time job. He works this almost folksy entrepreneurial angle in his marketing and he sells a LOT of product. You don’t have to pretend to be Sony to be perceived as committed and able to sustain your business and your customers’ investment.
  • Offer your customers and potential customers a way to understand who you are, your history and your business goals. RadioPopper have an ‘About Us’ page.  Site Fails are legion: Two people are named and, presumably, pictured on this page. One, presumably the founder and President/CEO; Kevin King and VP, Matt Kachevas. Kevin’s name is linked. Mike’s isn’t. Kevin’s link dead-ends unresponsive to an offsite page (presumably his professional portfolio site). You can’t control whether outbound links work all the time. You can make sure there is local content that summarizes and highlights content at that outbound link. You can make sure, if two people are important enough to be featured on your ‘about’ page that they each have a basic bio and contact page. If you’re the founder of the company? You can make sure your site is up.  Matt Kachevas is titled as a VP. Either you stipulate both titles or you stipulate neither. Why do I say presumably pictured above? Because the one photo of two people is so small and composed in such a way that it’s impossible to tell who’s shown. It’s not cute, it’s not slick, it’s not arty, it just comes off as amateurish  This same page has two major headings, Images and Videos. Both are empty of content. This is particularly problematic because there actually is available content for both headings elsewhere on the site. Images shot by Kevin who was a professional photographer who founded the company based on his own experience in the field should be presented but remember, there are also the gallery images discussed under the ‘Team’ section above.  Don’t display prominent headings for content offerings you don’t populate. Don’t squander the content you have.
  • If you sell a technical product, customers will be concerned about support. Make them feel they’ll be supported. Site Fails: Oddly, there’s no major site section called “Support”. There is one called “Education”. Don’t get cute about your site section names. If somebody googles “Radio Popper Support” as they research a potential purchase they’d best land on a support page. Once a potential customer gets to the ‘Education’ page because they were psychic enough to figure out that RadioPopper meant support, they will actually be greeted by some useful content. Not just useful, actually pretty well executed how-to videos. Not just well executed but, in the case of Matt’s demonstration of the mounting brackets? Good humored and revealing of some very slick engineering. Hell, on this page, they even, finally, mention Nikon support as if a full peer to Canon. FINALLY, the other half of their potential market is able to see there are products for them. Despite this, this page alone is riddled with epic fails:
    • No links to product manuals. The manuals exist. They’re linked from the ‘Products’ page. Link them on the support page.
    • The models they have support videos for represent both Nikon and Canon. Name the brand of device discussed in ALL links. Not just the top two.
    • No forum for user to user support discussion. If you have any customers, let them work for you to support each other. If you’re just growing your customer base, offer prizes and discounts to major contributors and be open about your goal to build a forum. Crowdsource your ducomentation and support. Collect more search-exposed text about your products at your site. If you don’t have any customers, talk amongst yourselves until you do. Yes, this demands an investment in site moderation. It’s cheaper than taking phone calls.
    • No breakdown of the various product lines. No clear delineation of which line does what. They do offer this pdf: http://www.radiopopper.com/docs/radiopopper_x_compatibility_guide.pdf Yes, it explicitly calls out the fact the system is both Nikon and Canon compatible. Yes, this document, finally, discusses, albeit awkwardly how the system actually works. No, in discussing how it works, it doesn’t emphasize the market differentiators (The MUCH older, larger, and widely used PocketWizard product line still can’t do what RadioPopper can) No, it’s not available as HTML. No it’s not hyperlinked and enhancing their exposure to search. Yes, that’s an epic fail.

There are other issues. Lots of them, and I’d encourage you to go check out their site and see if you can spot them. This site is, in so many ways, an object lesson in everything (Except abusing Flash. Congratulations are due them for not making that all-too-common mistake) not to do when building and maintaining a website for a high end consumer product. I’d also encourage you to seriously consider buying the product because, honestly, it looks very cool and uniquely useful. What I wouldn’t encourage you to do is hire the company who is credited as having built the RadioPopper site.

Post to Twitter Post to Facebook

Categories: Anti-Inspiration, Media Tags: ,

Backups.backupdb, Little Snitch and obnoxious ISP help

September 18th, 2010 4 comments

So, Little Snitch, which you need to buy, understand, and use, picked up a late-night habit of reporting attempts to connect to Backups.backupdb.  It bothered me. I did some digging. I was late to the party because my ISP had made a change I hadn’t noticed.

Apparently, for reasons unknown (to me anyway), Time Machine goes looking for a thing called ‘Backups.backupdb’ via sun.rpc and will seek this as if it were a host in the mythical top level domain .backupsdb even when Time Machine is turned off.

The reason Little Snitch reports an attempt to connect to an actual host is because some weasel at my ISP decided that hijacking my typos of domain names in browsers etc. was a revenue opportunity. To them, my typo was a great excuse to run a search and show me the results on a page full of ads instead of just returning NXDOMAIN and letting my browser say “I can’t find the host you typed you fumblefingered fathead’ like it should.

Because, they want to show me ads, any domain, even non-existent domains, ‘resolve’ and a web server spams me with the aforementioned ‘help’ fixing my typo with search results that could be useful for what they think I meant to type alongside a bunch of ads to cover the cost of being so nice to me. SunRPC having been told that yes, somebody is out there listening, proceeds, presumably, to try and shovel my files off to it for safe keeping. Little Snitch asks me and I say “Deny”.  Noticed something here? Little Snitch’s job is to tell you when anything initiates a connection you didn’t explicitly ask for and get permission. Think software might be phoning home? Little Snitch will catch it. Think you have a trojan? Little Snitch will catch it.

How did I end up with this non (sub) standard DNS? I didn’t choose to use OpenDNS because I don’t need yet another intermediary in my life and I don’t need content filtering.  My ISP decided to make DNS a revenue opportunity. The fix, such as it is, seems to be working. I now use the IP’s of the real name servers at my ISP and not the ones run by these ‘moenitizers‘ .

So, conclusions:

  1. Get Little Snitch.
  2. Check to see if your ISP is ‘helping you out’ by returning search results when you typo a domain. Not a file location but the domain name. (The stuff that goes between the http:// and the next /)
  3. Complain to them about the ‘help’
  4. Find out how to access their real domain name servers and not the ones they are using to show you ads.
  5. Poke at Apple to make Time Machine be actually off when you turn it off.
  6. Poke at Apple and try and get an answer for why, on or off, users don’t have a readily available control to say “don’t go to the network”.
  7. Read these links and learn more about this.

Wired story about what Dan Kaminsky found by way of a security hole you could drive a bus through with this sort of ‘helpful service’.
An Advisory from the ICANN Security and Stability Advisory Committee (SSAC) July 2004
An Advisory from the ICANN Security and Stability Advisory Committee (SSAC) June 2008
This Blog Post from Mac Lab

This thread on Macintouch
Schneier on Security – Hacking ISP Error Pages

Finally, tell me if you learn more about this issue, I and others would like to know.

Oh, and Apple? More granular control of Time Machine, even if buried under an ‘Advanced Options’ button or something would be very nice. K’ Thanks Bye!

Post to Twitter Post to Facebook

Categories: Anti-Inspiration, Civil Rights, Security Tags:

Online Activation

September 17th, 2010 2 comments

******UPDATE******* Yet another case of DRM not just limiting what you can do with what you paid for but putting you in jeopardy. In this case Microsoft DRM creating security vulnerabilities. Serious ones.

*****UPDATE****** No surprise but Microsoft Office 2011 will apparently require activation. What a marvelous opportunity to buy iWork and or download OpenOffice.

Product Activation is a process wherein, having purchased a piece of software, sometimes even directly from the vendor, when you go to install it, it refuses to work until you go back and ask for permission to use what you have already paid for.  This is an anti-piracy measure. The thinking is, if you buy a license of a piece of software that will install with a serial number alone, you can easily give copies and the serial number to friends, family or colleagues and violate the license terms. That this system is often applied even when a product is bought direct from the vendor associating a credit card with a serial number is emblematic of the paranoia behind these schemes.

(See the bottom of this article for a Wall of Shame list and links related to this issue which will be periodically updated. Please leave your own Wall of Shame contenders and productive suggestions for alternatives in the comments. Under no circumstances will rationalizations for why piracy can be OK be allowed to remain posted. Make that disingenuous argument on your own site.)

Let me be clear, crystal clear; Software piracy is wrong. Period. No “I just wanna try it.” no “It’s too expensive and I’m a starving artist.” no “They are an evil corporation and don’t deserve the money.” No. Period, end of story, if you use software you haven’t paid for you are morally and criminally liable and that’s that. There are edge cases carved out implicitly in a recent memo from the Copyright Office but for all practical purposes, these don’t apply to your objections to the price of Maya.

Having made that clear, online activation is a shameful, rude, value destroying, presumptuous and unacceptable abuse of the paying customer rationalized as a means of preventing theft. Online activation is something software buyers should protest and make untenable. This is the first of a series of posts discussing not only the pitfalls and problems with this kind of DRM but outing vendors who use it but also offering recommendations of, often superior, alternative products and even copy protection approaches. The purpose is  galvanize  you, the buyers of software to take active steps to make Online Activation so crushingly expensive and embarrassing that the practice ends.

First, what’s wrong with online activation:

  • You paid for the license. You should be able to use, or not use it, with privacy.  If you buy a retail license to a software title, it’s simply none of the publisher’s business that you have unless you choose to register with them. Consider a scenario where, for example, you are an technologist at a media company and you have been asked by your employer to crack the DRM on a DVD so they can use clips in a documentary within the bounds of fair use. This is now a legal circumvention of DRM but you, and your employer, have good reason not to want to telegraph your purchase and use of circumvention tools (the most usable such tools are commercial products despite the ample number of free and open source alternatives) prior to the release of your documentary. Consider the purchase of encryption tools. Even if it’s as benign a need as locking up your own web server password records, once you tell a company you use their encryption tool, they become potential participant in violating your privacy.  Bear in mind, if you buy it online, they have a record of your IP address etc. but not the IP of where you use your license. In the scenarios above, that can matter.
  • The file formats software stores your data in are not commonly openly documented. If you need to count on the publisher to allow you to activate their product, have their connection to the internet, or yours, be up and running when you need to access your data you are taking on a significant risk. If you buy a license to a tool, keep a backup of the installer and serial number and maintain access to the hardware and OS you need to run it, if they go out of business and can’t activate your software, you are unable to access your data or use the product you paid for. Should you not be able to replace the battery in your Oldsmobile because the company (division) went out of business and can’t reactivate it for you?
  • There is a litany of cases of where bugs not in the product itself but in the online activation schemes have made the software unusable or caused other problems on the computers where it is deployed. You get the normal accidental bugs and all the bugs associated with the software companies method of policing their paying customers.
  • If you are an IT technician or manager, you are forced to manually interact with each machine to activate each seat. This adds to your costs and strains your resources.

The software publishers who use this copy protection scheme feel they are entitled not just to sue or seek criminal charges against you for violating the license terms but to police your use of their products on an ongoing basis. Ongoing basis but you activate once and you’re done right? No. If you alter the configuration of your computer, reformat and reinstall, sometimes if you apply a bugfix update, you will be asked to activate again. At any moment, the possibility of needing to activate could come between you and your work using a tool you paid for. (See below for Symantec’s activation failure that demanded re-activation at every reboot.)

So, what can you do about this?

  • Don’t buy products with online activation copy protection. I will be updating this and other posts with a ‘wall of shame’ to help you know which products do this.
  • Call the companies on the phone to talk you through activation. Be really, really, really, stupid on the phone. Make it take forever to help you. Have fun with it. Make it a game with your friends and colleagues. Heck, invent a ‘tech support’ drinking game. Just make it more expensive to use these schemes than not to. This doesn’t need to consume your time. You can make this a background task constantly asking support to hold as you do other things. Yes, you will torture their employees. Yes, it’s mean, heck, it’s arguably downright childish but, it returns the costs to the perpetrator and if they can’t retain staff, they will rethink the policy.
  • Actively support the vendors of products that don’t do this. Buy their products instead. Promote them instead. Tell them and their rude competition why.
  • If you buy a product and find out after you bought it that it includes online activation? File a complaint with your local Better Business Bureau and/or Attorney General’s Office of Consumer Affairs.
  • If your software fails not due to a bug in the software but due to flaws in an activation process, complain. Loudly.
  • If you are an I.T. manager, insist on volume license packaging that doesn’t include these schemes. If you genuinely might need 200 seats of a product, the call to demand a ‘no-activation’ alternative will get noticed.
  • If you have some spare time, if you get burned, file a small claims action.
  • Make useful suggestions to the companies who do this for other ways they can non-rudely reduce piracy.

This last point is important. It’s vitally important that we respect why companies feel a need to take these measures. We must participate in a dialog wherein we seek out better methods to help companies who produce useful products to profit handsomely doing it and not be stolen from.

To that end, some alternatives companies can not only reduce piracy but build a healthy relationship with customers that will delight and engage them. Here you go publishers. Some ideas:

  • Make technical support conditional on registration. When you’ve done this, make the support good.
  • Offer premium training, plug-ins, templates, or discounts on other products to users who register.
  • Offer a ‘dongle’ version of a product as an alternative. Yes, dongles suck *but*, if you buy a product and have your dongle, it doesn’t matter if the maker stays in business if you need the tool a year later. (I do understand the limitations of this, ADB dongles speak to the perils on this  though there are ADB to USB adapters available.)
  • Track repeat registrations of the same serial number to different owners and build a blacklist of serial numbers.
  • Provide regular reasonably priced feature upgrades that require registration and a non-blacklisted serial number.
  • If you must, use concurrent use metering on a LAN but make this a feature. “Each serial number allows you to install this product on up to 3 computers on your local network. The software will check and refuse to launch when there are other users running the product. This is a convenience that allows you to install the product wherever it’s convenient but helps you stay in compliance with the license.” Every license becomes a ‘family’ license. You deliver more value to your customer at no incremental cost.
  • Coordinate your online sales with your registration process and bind the serial number to the purchaser’s name. This poses some challenges for volume license purchases but it adds a simple bit of “your accountable’ to the license. It does mean anonymous purchase is a problem but, relatively speaking, less problematic than activation.

Any other ideas? Be part of the solution!

[I am considering expanding the walls of shame, honor and the link collection for this as a more usable feature here than just updating this post.  Let me know if this would be useful to you.]

—————————
Wall of shame software products:
onOneSoftware: Plug-In Suite 5 (and component products also sold separately including GenuineFractals). They get a small pass for being fairly transparent that they use online activation but this is a pretty ugly ‘gotcha’ in their implementation: “DO NOT choose to remove license.  Removing the license will make your license code completely inactive.” and if my deadline is in 6 hours? “Our customer service team will be able to assist you with issues relating to download, purchase, shipping and/or registration of your onOne Software product. You can expect to get a response to your inquiry within 1 business day.” Buy this suite instead: Topaz Labs Plug In Bundle which largely overlaps the onOne feature set, is easier to use, updates and improves more often, has some additional functionality and doesn’t have rude copy protection schemes.

Adobe: Creative Suite Products. Some liberal policies and a generally forgiving response to glitches but, nevertheless, employ Product Activation.

MacRabbit: CSSEdit and Espresso. HTML/CSS specialized text editors. Activate online. User friendly license policy however “Licenses are personal. Installing your license on multiple Macs is fine, as long as you are the user of the license. For example, you can use one license on both your desktop and laptop, but not on all your employees’ Macs.”

————————
Wall of Honor Software Products: These products deserve your money. These publishers respect their paying customers. (Note: Do not assume there are no anti-piracy measures in place and that you can’t get caught pirating these products. There often are and you often can. They are listed here not because they are easy to pirate but because the measures in place don’t negatively impact the legitimate paid user.)

MacOS X Snow Leopard
Apple iWork ’09
Apple iLife ’09
Apple Final Cut Studio
Apple Aperture
(note: Apple’s Pro apps do check on the LAN and do implement some support access based copy controls. Generally quite civilized.)
Topaz Labs Photoshop and Aperture Plug-Ins
FilterForge – Photoshop Plug-In and stand-alone texture generator (Is inherently copy-protected by the need to use the great online community to keep growing your library of filters. Slick.)
Fetch FTP client (Will try to connect to fetchsoftworks.com when entering serial number but does not need activation)
BareBones BBEdit – The One True Text Editor
BareBones -Yojimbo – Slick document organizer and storage system. It’s not just a product, it’s a lifestyle
(Assume BareBones employs subtle protections in user-respectful ways I won’t comment on.)
PhotoAcute – PhotoAcute Studio – Slightly odd granularity to licensing but no user-hostile behavior.

—————————–
Related links:

Post to Twitter Post to Facebook