T=Machine

Almost a year after Apple’s disastrous “force consumers to download Lion, instead of installing from DVD”, apparently it still doesn’t work. It’s hard to recommend OS X to anyone after this experience.

UPDATE 2: Apple’s “download a file from the internet” code is so bad it’s causing the MacBook to overheat – 80 degrees celsius, very close to the “automatically reboot” temperature. This is *to download a file*. Apple’s misuse / misunderstanding of web technologies seems quite incredible.

(the process is called “storeagent”)

My last 24 hours:

1. Buy Lion
2. Download starts
3. …it’s a 4gb download, this takes a long time…
4. Download stops at 25% for no reason.
5. Resume button gives a wait cursor for 5 seconds, then goes back to “paused”
6. Repeat twice
7. Third time, the Resume button is disabled, and now Lion is stuck in “Waiting” and there’s no buttons you can press except “cancel”
8. …
9. Remains in “waiting” for many hours. Googling suggests this is a permanent crash in Apple’s App Store.
10. Cancel the download, re click the “buy app” link
11. Apple quits OS X, kills all apps, deletes all unsaved data, throws me out to the login screen
12. Login again, and Lion icon has appeared in the dock.
13. …but: Lion now refuses to even start downloading – it’s stuck on “Paused, 0 of 0 bytes”

UPDATE:

1. Try again (delete OS X Lion, re-purchase from App Store) and … finally the download starts. Waiting now to see if it will complete this time, instead of giving up partway like before…

I.e. Apple’s infrastructure is still blocking me from downloading the OS. How hard can it be to *download a file* ?

Next step: walk in to an apple store and ask them to give me a USB stick, since their webserver is FUBAR.

Filed under : Web 0.1, bitching, web 2.0

2 Comments »

Two things here: if you run any Rails site, check out the security hole ASAP if you haven’t already. You might be safe – but given that even GitHub wasn’t, I’d double check if I were you. (The Rails community seemingly isn’t patching it – and there’s nothing recent on the Security list. Which leaves me going: WTF? The evidence is right there on GitHub of how bad this is right now, in the wild).

Secondly … what just happened? Apart from doom and gloom and “the end of every unpatched Rails site on the planet”, there’s a fun story behind this one. As someone put it “it’s the whitest of white-hat attacks” (i.e. the “attacker”‘s motives appear extremely innocent – but foolish and naive)

It seems that GitHub got hit by the world’s nastiest security hole, in Rails – trivial to take advantage of, and utterly lethal. The hole appears to allow pretty much anyone, any time, to do anything, anywhere – while PRETENDING to be any other user of the system. So, for instance, in the attack itself, someone inserted arbitrary source code into a project they had no right to.

Hmm. That’s bad. It effectively destroys GitHub’s entire business (it’s already fixed, don’t worry)

But it gets worse … it’s a flaw in the RoR framework, not GitHub itself (although apparently GitHub’s authors were supposed to know about the flaw by reading the Rails docs, as far as I can tell from a quick glimpse at the background). Rails authors have (allegedly) known about it and underestimated how bad it is in the wild, and left Rails completely open with zero security by default.

So, allegedly, the same attack works for most of the web’s large Web 2.0 sites – any of them that run on Rails.

WTFOMGBBQ!

Who was the perpetrator of this attack? Ah, well…

made an impossible issue, a post that GitHub’s database believed was created 1,000 years in the future.

Classy. Dangerous (high risk of someone calling the police and the lawyers), but if people won’t believe you, and *close* your issues, claiming it’s not that important, what more amusing way to prove them wrong?

Whoops, shouldn’t have done that

I can’t state this strongly enough: never attack a live system. Just … don’t.

Any demonstration of a security flaw has to be done very carefully – people have been arrested for demonstrating a flaw allegedly *at the owner’s request*, because under some jurisdiction’s it’s technically a crime even if you’re given permission. In general, security researchers never show a flaw on a real system – they explain how to, and do it on a dummy system, so no-one can arrest them.

(why arrest the researcher? Usually seems to be no reason beyond ass-covering by executives and lawyers, and a petty vindictiveness)

Homakov appears to have been ignorant of this little maxim, hence I’m writing it here, let as many people as possible know: never attack a live system (unless you’re very sure the owners and the police won’t come after you)!

GitHub’s response

On the plus side, they fixed it within hours, on a weekend. And then proceeded to tell every single user what had happened. And did so in a clever way – they put a block on all GitHub accounts that practically forces you to read their “here’s what happened, but we’ve fixed it” message. They could have kept it quiet.

Which is all rather wonderful and reassuring.

On the minus side, IMHO they rather misrepresented what actually happened, portraying it more as a malicious attack, and something they fixed, rather than what it was – the overspill from an argument between developers on some software that GitHub uses.

And they initially reported they’d “suspended” the user’s account. Normally I’d support this action – generally it’s a bad idea to let it be known you’ll accept attacks and not fight back. But in this case it appears that GitHub didn’t read the f***ing manual, and the maintainers apparently (based on reading their tickets on the GitHub DB) refused to accept it was a serious problem – and apparently didn’t care that one of their own high-profile clients was wide open and insecure. The attack wasn’t even against GitHub per se – it was against the Rails team who weren’t acting. IF it had e.g. been a defacement of GitHub’s main site, that would have been different, both in impact and in intent. Instead, the attack appears to be a genuinely dumb act by someone being naive.

Seems that GitHub agreed – although their reporting is a bit weak, it happened days ago, but they never thought to edit any of their material and back-link it.

“Now that we’ve had a chance to review his activity, and have determined that no malicious intent was present, @homakov’s account has been reinstated.

…and it’s pleasing to see that their reaction included a small mea culpa for being unclear in what they expect (although anyone dealing with security ought to be aware of this stuff as “standard practice”, sometimes it’s not security experts who find the holes):

“We haven’t been as clear as we should have been on how to responsibly disclose security problems, and for that I’m sorry. To prevent future confusion about security-related account suspension, and to make explicit our stance on responsible disclosure, we have added a section entitled Responsible Disclosure of Security Vulnerabilities to our Security policy.”

Rails’s response

I’d expect: shame, weeping, and BEGGING the web world to forgive their foolishness. I’m not sure, but it’s going to be interesting to watch. As of right now, the demo’s of the flaw are still live. I particularly like one commenter’s:

drogus closed the issue 5 days ago

kennyj commented

5 days ago

“I’m closing it (again).
@drogus was close it, but it still open.
github bug?”

Closed

kennyj closed the issue 5 days ago

“github bug?” LOL, no – massive security flaw :).

Filed under : amusing, marketing and PR, programming, security, server admin, system architecture, web 2.0

0 Comment »

Please email me (adam at red-glasses.com) if you have skills / interest in the following:

1. Mass market (i.e. everyone + their mom) telling stories
2. javascript frameworks for complex visual 2D stuff (e.g. iGoogle, Netvibes, etc)
3. Visual manipulation of large 2D images on mobile (especially iPhone)

NB: we have no funding yet, just an idea. This is a scatter-gun first approach – if things go well, there will be another call for people in 2-4 months time.

Filed under : entrepreneurship, facebook, recruiting, startup advice, web 2.0

0 Comment »

Steve Yegge’s Google Platforms Rant is not so much a rant as a sign of someone fighting an inappropriate culture. We saw stuff like this a lot at NCsoft when people were trying to turn around the $100 million clusterf*ck that created hundreds of redundancies all the way to director level.

It’s a great article, but a couple of the key points resonated with my own experience of Google UK’s hiring practices a couple of years ago. There was clearly a lot wrong with the internal culture, but as an outsider I couldn’t quite put my finger on it. Here’s the crux of Steve’s post (but seriously – read the whole thing, it’s rich and meaty):

That one last thing that Google doesn’t do well is Platforms. We don’t understand platforms. We don’t “get” platforms. Some of you do, but you are the minority. This has become painfully clear to me over the past six years. I was kind of hoping that competitive pressure from Microsoft and Amazon and more recently Facebook would make us wake up collectively and start doing universal services. Not in some sort of ad-hoc, half-assed way, but in more or less the same way Amazon did it: all at once, for real, no cheating, and treating it as our top priority from now on.

But no. No, it’s like our tenth or eleventh priority. Or fifteenth, I don’t know. It’s pretty low. There are a few teams who treat the idea very seriously, but most teams either don’t think about it all, ever, or only a small percentage of them think about it in a very small way.

It’s a big stretch even to get most teams to offer a stubby service to get programmatic access to their data and computations. Most of them think they’re building products. And a stubby service is a pretty pathetic service. Go back and look at that partial list of learnings from Amazon, and tell me which ones Stubby gives you out of the box. As far as I’m concerned, it’s none of them. Stubby’s great, but it’s like parts when you need a car.

…and finally, reading that, it clicked for me what I saw that was so wrong:

Google has forgotten what a Product is

“It’s a big stretch even to get most teams to offer a stubby service to get programmatic access to their data and computations. Most of them think they’re building products.”

That pair of sentences, back to back, is the problem: people outside Google would put the word “except” in between. Googlers put the word “because” in between. Google’s cultural definition of Product has got lost and perverted somewhere along the way, and now looks and smells like the real thing but is – to the rest of the world – a fake. Except Google – internally – can’t see this.

Every Googler I talked to worshipped at the altar of Product-as-King; three quarters of them would then – even in the same sentence – admit that they hated Product, didn’t believe in it, and felt it was a waste of time — “get out of my face with your product BS, and let me write beautiful code in my Ivory Towers, and leave me alone”.

They were smart people; they never said this explicitly (although one came very close – and you could see the moment when he had the thought: “oh crap; if anyone else hears I said that…”, then backtracked very hastily) – instead they frequently said mutually conflicting things, and dressed them up in enough abstractions that you could pretend that they weren’t conflicting. They were very good at it – I could tell there was a crack, but I couldn’t work out where the fault-line lay.

Google’s illusions of Product

As Steve puts it later on:

Google+ is a prime example of our complete failure to understand platforms from the very highest levels of executive leadership (hi Larry, Sergey, Eric, Vic, howdy howdy) down to the very lowest leaf workers (hey yo). We all don’t get it. The Golden Rule of platforms is that you Eat Your Own Dogfood. The Google+ platform is a pathetic afterthought. We had no API at all at launch, and last I checked, we had one measly API call. One of the team members marched in and told me about it when they launched, and I asked: “So is it the Stalker API?” She got all glum and said “Yeah.” I mean, I was joking, but no… the only API call we offer is to get someone’s stream. So I guess the joke was on me.

Product. Platform. Since when have those been mutually exclusive? Not in this Millennium, I believe…

And even when Google gets over their hatred of Platform, even with something as simple as the pixels that their apps put on screen, they’ve jumped the shark:

You know how people are always saying Google is arrogant? I’m a Googler, so I get as irritated as you do when people say that. We’re not arrogant, by and large.

But when we take the stance that we know how to design the perfect product for everyone, and believe you me, I hear that a lot, then we’re being fools. You can attribute it to arrogance, or naivete, or whatever — it doesn’t matter in the end, because it’s foolishness. There IS no perfect product for everyone.

And so we wind up with a browser that doesn’t let you set the default font size. Talk about an affront to Accessibility. I mean, as I get older I’m actually going blind. For real. I’ve been nearsighted all my life, and once you hit 40 years old you stop being able to see things up close. So font selection becomes this life-or-death thing: it can lock you out of the product completely. But the Chrome team is flat-out arrogant here: they want to build a zero-configuration product, and they’re quite brazen about it, and Fuck You if you’re blind or deaf or whatever. Hit Ctrl-+ on every single page visit for the rest of your life.

It’s not just them. It’s everyone.

Any genuine Product person would run screaming from that situation – there’s nothing salvageable. It’s like someone coming to you with their design for a chocolate teapot: “Once you’ve had your tea, you can have a tasty chocolate treat too!”, leaving you wondering: where do I even start with trying to explain to this person what they’re missing?

Filed under : android, facebook, programming, project management, social networking, startup advice, web 2.0

1 Comment »

StackOverflow.com has long had one of the worst search-engines I’ve ever seen. It’s clearly a simple thing hacked together. It generally doesn’t work, and most of the people I know use google isntead, and rely upon Google to collage all the stackoverflow results together.

Occasionally, you have search terms where Google gives you lots of non-programming hits (e.g. “iphone video (something)”. So the above method fails, and you have to use the appalling SO search engine.

Then you get this, because the search engine is so poor that it often ignores search-terms, so you have to creatively re-search and experiment to find the results you need:

ARRGGGH!!!

Filed under : bitching, community, web 2.0

10 Comments »

I’ve known MOO for 6 years (back when they were PleasureCards), and I’ve been using them as my primary business / personal cards for most of that time.

Back when they only did the PleasureCard form-factor, it was always fun to find a fellow MOO customer. Shared conversations were easy with strangers, usually over the great reactions we get from non-MOO users.

Ever since they first integrated with flickr, one concept has come up again and again in those conversations:

“What about a custom 52-card deck made using MOO.com?”

Rounded Corners…

MOO just introduced a new option on their cards – Rounded Corners. This is a trivial thing.

…unless, like me, you still want to do that 52-card playing deck. Now much easier!

Also, they recently upgraded their Flash uploader / composer software, and seem to have fixed most of the bugs that plagued the last version I used, back in 2010.

What do we need to make this work?

The Spec

To make a deck of playing cards, we need:

1. At least 52 unique cards, ideally 54-58 (2-4 jokers, plus 2 blanks in case a card gets damaged)
2. All cards have an identical back
3. All cards have a unique front (except for the blanks, which share the same empty image)
4. ROUNDED CORNERS

Also, to make this more than just a vanity project, it would be great if we could also have:

1. The “identical back” has some (subtle) text – maybe just the URL of the author/company, plus their twitter handle

MOO’s current features

1. 52-58 unique cards: FAIL: they do a “maximum” of 50
2. identical back, full-sized image: SUCCESS (it’s a new option: full-image instead of contact details)
3. unique front: SUCCESS (this is MOO’s raison d’etre)
4. ROUNDED CORNERS: SUCCESS
5. TEXT on the identical back: FAIL: their flash uploader won’t let you (“Computer says No”)

So, I sent an email to MOO support, outlining the above, and making some suggestions about how I could make this work – but asking if there’s an easier way?

My plan (in brief):

1. Online, it says a “max” of 50 cards. That’s probably not a hard limit – is there a way I could get 60, if e.g. I do a large enough order size? You guys do orders in multiples of 50, 100, 150, 200, 400, 600, 800, 1000. I could do 60 cards (only a slight wastage over the 58), and make my orders in multiples of 600. i.e. 10 complete sets.
2. There seems no reason to prevent me putting an image and text on the identical back – it’s just that your loader won’t allow it. Any way around this? I could bake the text in, but then it would be a massive pain to change – I would do fewer print runs.

MOO.com Support FAIL

I reached out to MOO, explained how I could achieve this with manual pain, working around the missing features. Also, asking if they had better ideas of how to do it – or if there was a way around the 50-card-limit?

MOO’s response:

Thank you for getting in touch with the MOO Team.

You can have multiple images on one side of the cards in a pack, you can’t specify how many of each but the systems will divide the designs as equally as possible.

The other side must remain exactly the same for every card in the pack.

You can upload a logo to the left right top or bottom of the side of the cards with the text on (contact info etc).

basically, if you were to upload 52 different designs (cards) and 2 jokes, your total uploads to a pack of 100 would be 54. The remaining 46 would be repeats of the first 46 to be uploaded.

I hope the above makes sense.

Some observations:

1. I’ve bought literally thousands of MOO cards over the years, and I know very well how it works. I didn’t need a re-hash of the facts I’d already included in my original email! I’m surprised he didn’t see from my account how many cards I’ve ordered in the past
2. He’s simply wrong about the logos; go on the website right now, and you’ll find that you can put a full screen image on both sides of the card.
3. No real answer about my core request. Is it impossible to do 60 cards instead of 50? Maybe, maybe not. Who knows?

Understandable, but overall I’m disappointed by that response.

I’m doubly disappointed that MOO featured the following on their website, 2 years ago:

http://www.moo.com/blog/2009/07/02/the-story-of-jacks-rounded-cornered-business-cards/

…but apparently isn’t interested in other people doing this for themselves.

What now?

I can still do this, it’s just going to be a LOT harder (I’ll have to do lots of things manually that MOO could automate easily). I’ll document it as I go, it’s a fun challenge. Part 2, coming soon…

Filed under : amusing, marketing and PR, web 2.0

2 Comments »

This is cool – a great use of Google’s tech, a great example of what it *really* means to drag Online Games and MMO’s out of the stone-age of “do what Diablo did, but with more people on screen”.

Sadly, it doesn’t quite work – none of the stereographic projection stuff (which is key to making Google StreetView) is working here. Oh well.

And it raises the question: why didn’t R* do this themselves, and make more of the R* Club (their “social/online” part to GTA) than the silly farting-about it was at launch?

http://www.gta4.net/map/

Filed under : games design, social networking, web 2.0

0 Comment »

(a.k.a.: “how not to advertise on the internet, lesson 101 for Advertising Agencies who have no idea how “advertising” works, or what it exists for”)

Tonight, as I tried to show someone a game, it took 12 – twelve! – refreshes of this page
before Gamestop would stop replacing a URL with a flash advert for something unrelated.

The advert was for cat food. !. !!. !!!111!!!!!!!11. Some stupid crap that I don’t want, and which Gamestop *should know without doubt* that I’ve seen 50+ times before; they know this because every time I view that page, I’m logged-in to the Kongregate badge-tracking system (via cookies and auth).

(they also know that I have *never* clicked on the ad; it doesn’t take genius to work out that I have zero interest in the product, and that every time they show it to me, they are almost certainly damaging the client – what kind of ad-agency is so stupid as to *not* realise how bad this is?)

Maybe … they are very, very stupid – and deliberately pissing-off players with adverts they’ve already seen – or, perhaps, they are charging advertisers 50 times (or more) to show adverts to the same individuals over and over again. It damages the website’s reputation, so presumably (educated guess) reduces the usage of the Kongregate domain; I’d be surprised if they’re doing it without some kind of remuneration…

(NB: this new take on ads did not exist until GameStop purchased Kong; I feel reasonably confident in guessing that neither of the Greer siblings had anything to do with this insanity)

If I worked for the advertising agency that had an employee who was stupid enough to sign this deal with GameStop, I’d be suing for breach of contract, fraud, or negligence right now; this is *not* how advertising works. Not even the most basic level of 1990′s-era checks have been put in place: IMHO either GameStop is screwing their clients, or they’re just really, really stupid (I’m betting on the latter).

Filed under : games industry, web 2.0

3 Comments »

Oh, yes:

http://xkcd.com/869/

…please, FOR THE CHILDREN, don’t put a “make it look like an iPhone app, but remove 90% of the content” theme on your website.

Filed under : advocacy, iphone, web 2.0

0 Comment »

I had a serious customer-support problem with Skype recently, relating to money they’ve taken from me. It’s proved excessively difficult to get a response from them – surprising, considering their size, their brand, and the fact it’s a paid-for service. It raises some interesting questions over Customer Support / Community Support, and how they can/should be scaled.

FYI, the initial complaint is over what looks like a scam – if you pay for Skype, but don’t use it frequently enough, they cancel the service but keep the money. It was probably buried somewhere in the smallprint, but I certainly don’t remember that as part of what I signed-up for: “pay now … get screwed later!”. Whether or not it’s legal, it’s certainly dishonest (they give no explanation, it’s NOT part of the marketing materials, it’s just “policy”). It feels like theft.

Their website was useless. So, I asked them about it…or, at least, I tried to.

1. Reply-to-email: I replied to the email they sent me where they said they’ll be taking my money but NOT providing the service. They sent it from “noreply@notifications.skype.com”; this is a fundamental abuse of the email system, a sign of amateurish support teams. FAIL
2. Email-to-support: I tried forwarding that + my question to the standard email address – support@skype.com. I’ve been using Skype for 5 years, and I thought this address existed. Eithet my memory is wrong, or they’ve deleted it since. It doesn’t exist at the moment – you get a mailserver error. FAIL
3. Google for “email support skype”: I tried again, emailing the support address that Skype’s own employees have sent emails from – right now, on Skype.com, you can see example emails sent from “support@skype.net” (maybe this was what I remembered from years ago?). But if you send an email to that address, you get an email back saying: “Thank you for your email. Unfortunately this email address is no longer in use.”. FAIL

500 million accounts … too many?

Skype’s customer-support is unusually weak here; this is a paid-for product, and they’re actively blocking people from getting support. That’s not how support works; that’s what you do when you don’t have a support team – usually because you’re too poor to afford it AND you have no paying customers. Doing this with paying customers is surprising. Especially for a large product/brand.

I remember in the very early days of Skype they already had 50-100 employees for what was a comparitively small operation. IIRC, a big chunk of that was dedicated to support, and a big chunk to marketing – only a very small part was tech. I’d assumed that with their 10′s of millions of users, they had a highly automated customer-support system.

Today, they have well over half a billion user accounts – and it would seem that even their automated systems have failed. Why else would they put a block on industry-standard email aliases? And deliberately shutdown their own support address?

Obviously, those addresses would be flooded with spam and FAQ emails … but *all* commercial customer-support systems are specifically designed to handle those probems – and at large scale, too.

My guess is simply that whichever commercial system they use wasn’t architected to a high enough quality, and is incapable of handling Skype’s uniquely large customer base. This isn’t a criticism of that system – there are very few companies in the world with so many users of a single product. i.e. there’s very little demand for a product to be so carefully engineered.

But it begs the question: why hasn’t Skype put something better in place? Surely they have the resource and the skill to source or architect something better? Or is it a company policy to provide second-rate, low-quality support – even for their paid customers?

What Would Facebook Do?

…hopefully, I’ll post on this in more detail later, but briefly: they *eventually* went to specialist external vendors to provide the scalability they needed:

1. Facebook was incapable of reliably delivering messages to users for most of the past 3+ years
2. I’ve run several groups large and small, and found that approx 30% of all messages DIRECT to *opt-in* users went undelivered in the FB messaging system
3. (speaking to other people who ran facebook groups, or had huge numbers of Friends, the experience was commonly repeated. e.g. I know a few people who had to setup multiple FB accounts because they had “too many friends” to fit on a single account)
4. Facebook recently (last 6 months) replaced their internal, proprietary messaging with an external, specialist system from a company that specialises in high-volume messaging (according to the vendor; caveat emptor)
5. Reports from other people who still use Facebook for large groups / large numbers of friends suggest the “lost in the post” phenomenon is now cured

Incidentally, I don’t/didn’t think much of Facebook’s tech team (although quite possiby it’s improvements in that team that have lead to fixed like the one above). It’s very hard to be sure, going on just public info, but I used to read their blog, and their posts about performance and architecture were for a long period … amateurish.

On some core subjects, they betrayed a deep lack of experience and understanding – and apparently no effort being taken to correct that, but rather they preferred to “hack” away with band-aid solutions. Great fun for them, but not appropriate for a billion-dollar service, IMHO.

Filed under : community, marketing and PR, mmo signup processes, startup advice, web 2.0

0 Comment »

IMHO, Flickr/Yahoo has one of the best user-authentication systems I’ve ever seen. I’m sure it’s no accident that Twitter (eventually) moved to a system that is extremely similar.

(NB: I don’t know if flickr copied if from someone else, but they were the first I remember seeing like this, many years ago)

You want sensitivity in your security? Yeah!

It’s so sensitive that it’s currently blocking FlickrEdit’s (bad, broken, buggy) implementation. Not just with an error; not even with a warning … but with giant red letters, a yellow background, and a warning icon:

I was pretty annoyed that the app was seemingly so poorly written it wasn’t doing the desktop-based auth that it should be – and that it popped-open a web browser and “told” me to login (Flickr’s auth-system is slightly more seamless than that, and a much better user-experience).

But I was very impressed that Flickr noticed it too, and decided to warn me that this might be a scam of some kind…

Leaving just one question…

…is this open-source project buggy, or has someone hacked the source and put in a virus? Hmm…

Well. I’ve contacted the project owners, and informed them. Interesting to see what they say.

In the meantime, I have so much faith in Flickr’s authentication system (e.g. I know that it doesn’t share passwords) that I’m happy to go ahead and use the application. There are very few systems where I’d do this, but flickr’s (approach) is one of them.

Filed under : fixing your desktop, photos, security, system architecture, web 2.0

0 Comment »

Google has just announced that they’re deleting all web content (pages, files, downloads) from Google Groups, leaving only the mailing lists.

(Incidentally, they failed to inform the group-admins / owners that they’re doing this – which is mind-blowingly stupid when you think about it)

Just to be clear, *without* the web content: Groups is a high-spam mailing list with very poor setup and controls. It’s difficult to find a mainstream mailing list that is as bad as Groups. But it’s from *Google*, so you can trust it, and it had all this “web content” that’s essential to running a group – I’ve run a few groups using Google Groups.

(Google does NOT provide spam-filtering for their mailing lists: if you have an open group you will receive thousands of spam users even for groups of under 100 “real” people)

I’m disappointed that Google has taken the actions they have. Their web-hosting for Groups was hard to use but it *worked*. Google’s “production quality” was very low, but I trusted the company to keep the service live. Like many admins, I spend weeks of my free time wrestling with the tools until I could make a useable group, because I trusted Google not to do something Evil, like … well, like: deleting the content and the service. Never again…

Anatomy of a community-hating executive

When I look at things like this, and things like Yahoo’s acquisiton of Upcoming.org, it’s amazing how often these big companies:

1. Find/create a community with huge value
2. Take it over, and put their brand on it
3. Destroy it as thoroughly as possible, sowing salt on the ground to make sure it can never rise again

I find it hard to understand how/why these companies do something so stupid. Who allowed a committee / manager / executive to do something so self-destructive?

But then I realised there is a very traditional explanation for this kind of scenario, from back in the mid-20th Century:

1. Senior executive at “big internet company” wants a promotion/raise/etc
2. Said executive doesn’t really know what they’re doing, doesn’t really understand the business that the company is in
3. Exective’s manager cares even less themself; he/she is probably just hanging on waiting for their own pension
4. However, the exec knows that their manager rates “internet success” on the number of unique users that a service has
5. They spend $100 million acquiring / creating a useful service
6. PROFIT!!! (get their raise / promotion / whatever)
7. …and dump the project as fast as they physically can

The net effect on the service is this:

1. Service gets acquired/funded: All the best people working on the service get a big bribe / pay-off and are happy to leave to start something new
2. There’s lots of press releases from Big Internet Company, and lots of claims of all the Great Things that will be added to the service
3. Users get excited, and growth rate increases
4. … but then: …
5. Big Internet Company provides zero cash, because the Executive has received their promotion and no longer cares
6. Service falls to pieces
7. Service haemhorrages users
8. Big Internet Company’s finance department sees the spending on hosting / servers / bandwidth, and wants an excuse to shut it down
9. (there is no *need* to shut it down – but inexperienced and/or bored financial employees have nothing better to do all day; more on this in a future post)
10. Other executives come along and shutdown and destroy whatever they can, so that they look good in front of the finance department
11. Service becomes worthless for most people, and loses all but the tiny, hardest of hardcore, segment of users

I’d assumed that companies like Google had improved their hiring procedures a little, and weren’t so prone to this. Maybe not.

Filed under : web 2.0

2 Comments »

LinkedIn is running a promotion right now to get more people using their advertising platform.

It’s nicely conceived – two clicks (the first to login), and I was straight into writing an advert. Brilliant!

The advert-writing was simple, easy to understand, and fit within the top 500 pixels of the screen – really welcoming. Not at all complicated.

“And then you go and spoil it all / By saying something stupid…”

…like “your email address is dis-allowed”.

My startup doesn’t have a profile page on LinkedIn, so I can’t direct people to it. This hugely undermines the value of running and advert.

I try to create a profile. Takes a few false starts, and then:

“You cannot create a profile for a company unless you can receive an email at the same domain address as the company website”

Oh.

(this is, apparently, non-negotiable)

We don’t even run a mailserver, let alone have an MX record for our domain.

SO … after lots of effort trying to convert me into a paying advertiser, LinkedIn once again shoots itself in the foot. There isn’t even an OPTION for me to sort this out – it’s just a big “fuck off!”.

Sigh.

Filed under : web 2.0

4 Comments »

When I log into LinkedIn, I now receive 3 pages of spam. That spam is “every tweet by every person I’ve ever met”.

Somewhere, buried inside the avalanche of spam, are a few genuine LinkedIn messages. e.g. today I saw that a friend had moved to a new company – important, useful information.

Support: why would you want to refuse our spam?

I asked the LinkedIn customer support folks how to disable the spam. Their response:

You can “only hide the member’s Twitter updates [if you] also [hide all] their LinkedIn updates”.

i.e. your choices are:

1. Get spam
2. Get nothing

Hmm. Think about the people with tens of thousands of connections on linkedin. Their linkedin home pages must be absurdly high spam-to-signal ratio.

LinkedIn’s management: Twitter? WTF is Twitter?

LinkedIn’s CTO / lead architect / whoever authorized this stupid setup apparently “forgot” that the main feature of Twitter is it *allows* you to choose the people you receive tweets from.

(or, more likely, they’ve never used Twitter – it’s just a buzzword they’d heard of from a VC)

LinkedIn removes that choice. It simply forces everything on you. No filtering. No choices. Nothing. As a user, you exist to be spammed.

As a user, you exist to consume LinkedIn’s adverts, and nothing else. The site is – it would seem – not intended to be useful.

RIP LinkedIn.com

For a business to sink to such a low level of utility, and for the management to achieve such a high level of ignorance about the market, suggests to me that LI is moving rapidly towards implosion. I don’t believe it will still be with us two years from now. And that’s rather tragic, given how valuable it used to be.

Filed under : amusing, startup advice, web 2.0

6 Comments »

LinkedIn has unofficially officially removed their “updates” system – you can no longer find out what’s changed in your contacts’ roles, busines, lives, etc.

Some idiot at LI corp – who apparently is unaware of the normal consequences of becoming the lowest-common-denominator (i.e. unless you are the market leader on size, and *force* your competitors out of business, you price yourself out of existence. Well, you’re nowhere near Facebook, so you’re most likely to just put LI bankrupt) – has replaced it with a massive, 5-page long aggregation of twitter feeds.

(currently 5 pages on my account, but who knows how long it will get if more people add their twitter accounts?)

There’s a website for that – it’s called Twitter.com. Funnily enough, I already have 5 different Twitter clients, and they do an AWESOME job of subscribing to the twitter feeds I want to read.

None of that is applied to LI, of course – LI simply *forces* me to view everything that is tweeted by anyone. It’s as if the LI management team HAVE NEVER USED TWITTER IN THEIR LIVES, and have no idea how it works. Amazing!

The (hypothetical) idiot at LinkedIn has clearly achieved something – they’ve given a very short-term boost to the “Activity” on the site. At the cost of removing functionality that used to be there.

I suspect this is the beginning of the end for LinkedIn. At this rate, it will get more and more useless.

I wonder, is there a community anywhere for maintaining business contacts, viewing resumes, while preventing spam and leaving you in full control of who sees what and who can contact whom?

Filed under : community, web 2.0

0 Comment »

Is there a place to complain that UK government departments are breaking the internet standards and refuse to fix their websites?

Occasionally, you find sites that do this. Usually, when you tell the organization, they’re a little embarassed, and rush to fix them.

From HMRC, I got a polite, pedantic, *but entirely incorrect* response telling me that the “standard” was X, when I know that to be false (as does anyone who has read the offiicial standards, as documented by the Internet RFCs).

They apparently can’t be bothered to read the standards, and don’t care that they’re wrong.

No wonder so many people hate civil servants: holier-than-thou attitude coupled with being clearly, inarguably, wrong. Sigh.

Filed under : bitching, community, web 2.0

0 Comment »

There’s a conference in Brighton this week, and one of the industry media – GamesIndustry.biz – has a base here, so they’ve been cropping up a lot in the reporting. In passing, I noticed some glaring howlers in their web-design. The 1990′s called, they want their web-design templates back…

Three glaring errors I noticed in particular. One of these they’re in good company – it’s the same thing Rupert Murdoch has done, along with sticking his fingers in his ears and screaming “NA, NA! I CAN’T HEAR YOU! GO AWAY AND TAKE YOUR STUPID INTERNET-THINGY WITH YOU, YOU FREELOADING BASTARDS!” (not a literal quote, of course). Although a lot of people seem to think that’s a weak strategy even for the mighty news empire…

1. Sell a large number of Flash ads, and put them ALL in the same place. At the same time

What do you see when you view a page on this site?

If you have a laptop, and you surf their site, does the battery last noticeably less than normal? (hint: yes, it should – I’ve seen this happen on a wide variety of PC and Mac laptops)

Why?

Because they put not 1, not 2, not even 5 … not even TEN … but up to FIFTEEN SEPARATE FLASH ADS all animated SIMULTANEOUSLY on every page.

Flash wasn’t designed for this – the flash runtime can overhwelm a modern computer with just 1 rogue flash app; 15 is begging for trouble.

I suspect (because some of my former employers used to purchase them, regularly) that these “mini-ads” are a decent source of revenue for GI.biz. It’s a pity then that they’re mostly Flash, because that means an awful lot of people in the target audience (game developers), see something like this:

Incidentally, I offer a tip-of-the-hat to Relentless, whose animated-GIF has so many frames of animation that it smoothly animates some stuff that looks straight out of a Flash ad. Smart move on their behalf – they DIDN’T use a Flash movie.

OMGWTFBBQ! That must take TONNES of animating frames! Why, yes – it uses an *unholy* 50 kilobytes, just to display one ickle GIF. Shocking. And yet … in 2010 … such a tiny tiny file in the scheme of things that it suffers nothing for not being Flash. (Flash was originally needed because internet bandwidth was poor; it only gradually grew into the all-singing, all-dancing beast we love today)

2. Hide all your content. Keep your news … secret

Try viewing any article on the site.

Follow any link that a friend sends you via email

Click on a link in any blog post or forum post.

Actually … you’ll have some trouble there. Lots of blogs and forums no longer link to GI.biz. Why?

Because anyone who follows the link only gets to see ONE SENTENCE of the article:

Hmm.

3. Block anyone who uses Gmail

If you try to sign-up on their site for an account using Gmail, the site refuses to “allow” you to create an account. It seems they have hard-coded a list of email domains that they consider “unacceptable” for game-developers to use.

Funny. I’ve been using gmail for my professional email for many years now. It seems a fairly common practice. Google’s … well … Google is a pretty well-known company these days. Their products are … well … kind-of popular. No?

I tried emailing the site admins to ask if there was a way I could create my account anyway – it’s fairly easy to check that my gmail account is bona fide. A funny thing happened.

Their website has no email addresses. Instead, it has a javascript that creates email-addresses on the fly. It’s a neat little javascript, and used differently would be pretty cool. But the way they chose to use it has two obvious effects:

1. It is impossible to use a web-mail client to email anyone at GamesIndustry.biz direct from the site (the right-click, “copy email address” won’t work because of the javascript)
2. Spammers have to look at the source-code to find the email address, and be a very very little creative with their bots (well within their capabilities these days)

Internet: 0, Newspaper/Web newsite: 1

O RLLY?

No, not really. I’ve got nothing against the news-site, and I’m well aware that this is only an echo of a bigger, louder noise: mainstream newspapers are in their dieing throes, lashing out at anyone and everyone in their panic.

But I’m suprised that a tech-industry focussed site chooses to fight so hard against the medium that so much of its own industry relies upon and worships. The first and third items above I would normally attribute to ignorance and just spending too little money for their web design team. But the middle one reflects an active decision to block the internet at large – even though the workaround is to create a “free” account, it’s an artificial barrier entirely of their own making.

I’ve spent a lot of time this year working with or around mainstream journalists, magazine staff, and authors. I’ve noticed a lot of this stuff going on. This is just a personal opinion, but … I humbly suggest that whenever ANY news/journalism site acts as though it’s at war with the very medium that the world + dog uses for spreading said news … that whatever else happens, it’s probably not going to end well.

Filed under : amusing, web 2.0

3 Comments »

…and Amazon’s intelligent recommendation engine leaps into action:

(if you don’t know who Tim Langdell is, and you work in the games industry, just Google him.

Filed under : amusing, computer games, games industry, web 2.0

0 Comment »

(where normaly people might “Be original, then Apologize if you fail”)

Just a minor piece of recent DRAMA! DRAMA!, something to cheer up the week…

This excellent piece of Advertising / Fun / Augmented Reality / Creativity was – like most big-budget ideas – based on someone else’s idea, someone who had the basic idea (and proved it non-commercially) first.

So far, so good.

This is the 21st Century. People notice when you clone ideas, and they comment. A lot of comments are brief and reflect the emotional reaction rather than a considered opinion. Especially if you disingenuously claim to have invented the idea, and put out press releases to that effect … when there’s plenty of evidence suggesting otherwise.

Still, that’s how life goes; you try something, you veer too close to “copying”, and you get some minor pillorying on a public website. You re-adjust; next time, you’ll try to add a bit more novel to an idea – or you’ll work harder to give credit where it’s due.

OR … or, one of your team can always just go for the all-out nuclear option, and insult everyone and everything in sight. In the world-readable comments thread. For bonus points, you can then delete your comments a day later when you realise what a douchebag you appear, and how damaging it’s become to your future career:

http://www.flickr.com/photos/pixelsumo/4752204508/sizes/o/

(I love how Nicholaus is naive enough / bad enough at his own career to imagine that simply deleting or editing a comment makes all evidence of it vanish :))

Filed under : amusing, community, social networking, web 2.0

0 Comment »

From one of those strange wending web-browsing sessions that started as innocent “work-related research” and ended up following the history of CDC…

IBM, 1964:

How is it that this tiny company of 34 people —including the janitor — can be beating us when we have thousands of people?

…to which Cray reportedly quipped:

You just answered your own question.

(and, incidentally, FUD – a phrase I associated with the 1990′s and linux – apparently dates back to the early 20th century. It puts in an appearance here, in the 1960′s, and lead to CDC winning a lawsuit for $600 million. Nice. Can you imagine someone pulling that one off against Microsoft in the 1995-2005 era? Or Apple, today? I doubt it…)

Filed under : entrepreneurship, web 2.0

0 Comment »