Category: Annoyances

Posted on
by

Yesterday, my phone suddenly started downloading something called “Facebook build (somethingorother).” It didn’t show any progress, wouldn’t go away, and I worried that maybe it was a piece of malware or something buggy. A quick search turned up nothing. A later search found other people asking what this was. Late last night, there were articles about “Hey, why is Facebook updating itself!”

It turns out that yes, Facebook is now downloading its own updates on Android phones and tablets instead of just pushing them out through the relevant app stores (Google Play and Amazon, mainly). I’m sure they thought it was a great idea — web browsers like Firefox and Chrome have been doing this for several years on the desktop.

The problem is that it violates expectations of what the app will do, and where your software is coming from.

Imagine your car’s manufacturer issues a recall. Now imagine three scenarios:

Scenario 1: You receive a notice of the recall, asking you to make an appointment to bring the car in for maintenance. (For those of you who don’t drive, this is how it normally works.)

Scenario 2: You receive a notice offering to send a technician out to do the repairs at your home or workplace. (This would be awesome, but impractical.)

Scenario 3: You’re sitting in the living room when you hear a noise from the garage. You go out to investigate and find someone messing with your car.

That’s what this feels like.

It’s one thing to offer software through third-party channels. The fact that it’s possible is one of the reasons I prefer Android to iOS. In that case, notifying me of updates, maybe even simplifying the download would be very convenient — if I know ahead of time that it’s going to happen. And if they’re not switching channels on me. A download coming from some new location, but claiming to be a familiar piece of software, and a notice telling you to install it? That’s how trojans work.

In short, it’s a violation of trust…and if there’s one thing we’ve learned about Facebook over the last few years, it’s that the social network has enough problems with trust.

Posted on
by

ShareThis is rolling out a tool for “frictionless sharing.” That’s the term for those apps or widgets that “let” you broadcast everything you do on a site to your social network. I suppose it sounds great for publishers, because your content gets shared more, but…

As someone who reads stuff online, “Frictionless sharing” is a privacy disaster waiting to happen. Undo is nice, but in a world where updates are pushed instantly, you can’t count on it.

As someone who follows social networks, it’s just more noise. I don’t want to know every article you read in your latest wiki walk. I’ll tune it out, or I’ll tune you out. What I want to know is which articles, photos and videos you think are worth sharing.

Posted on
by

Randy Cassingham of This Is True has been driving a weekly Twitter event he calls Pet Peeve Wednesday, with the hashtag #PPW*. Some items I’ve posted about things that Just Bug Me(tm). I guess I shouldn’t be too surprised that they fall into two categories, tech and language.

Tech Annoyances

  • Mobile websites that change the URL so you can’t reshare the page on Twitter without sending desktop users to the mobile site. Or worse: the ones that redirect you from a full article to the front of their mobile site, so you have to hunt around for the article that someone was trying to share with you.
  • New password forms should always spell out the password policy before the user tries to pick something it doesn’t like.
  • If you have to cite a bogus law to claim that your email is not spam (or worse, that recipients can’t callit spam), it’s spam.

Language Annoyances

  • “Weary” means you’re tired of something, not concerned about it. You’re thinking of “wary” or maybe “leery.”
  • If you’re going to reference “Wherefore art thou Romeo?”, remember: she’s asking why, not where. (Think of it this way: The answer to “wherefore?” is “therefore,” and you know what “therefore” means.) It’s a lead-in to the “What’s in a name?” speech.
  • What do people think an “intensive purpose” is, anyway? The real phrase, “for all intents and purposes,” at least makes sense.
  • The word is “foolproof,” as in even a fool can’t mess it up, not “full proof.” (As opposed to what, half-proof?)

*There’s a hashtag collision with both “Pet Peeve Wednesday” and “Prove People Wrong” using the same tag.

Posted on
by
Banner: Comic-Con International

If you’re trying to get a message out, or provide a service, analytics are great. They tell you what’s working and what’s not, so you can focus on what does work. Unfortunately, when it comes to email, a lot of organizations use a third-party click-tracking service, which registers which mailing the user clicked on, then redirects them to the real website.

Why do I say unfortunately?

Because it’s what phishing does: Sets up a link that looks like it goes one place, but sends you somewhere else instead. In the case of a legitimate email with a click tracker, you end up at the real site eventually. In the case of a phishing message, you end up at a fake login page that wants to capture your username & password, or a site with drive-by malware downloads. Using this technique in legit mail trains people to ignore warning signs, making them more vulnerable to the bad guys. And it makes it harder for security software to detect phishing automatically.

Now add another reason: You don’t control that click-tracking service, so it had better be reliable.

That’s what happened with Comic-Con registration today.

Getting tickets to San Diego Comic-Con used to be a breeze, but last year the system broke down repeatedly. It took them three tries, with multiple handlers, to open a registration system that didn’t melt in the first few minutes.

A few days ago, Comic-Con International sent out a message with the date and time registration would open, and a link to where the page would be when it went live. They went to a lot of trouble to make sure their servers could handle the load, as did the company handling registration. They built a “waiting room” to make sure that people trying to buy tickets would get feedback, and get into a queue, when they arrived, but could still be filtered into the registration system slowly enough not to overwhelm it.

The weak link: The click tracker.

Continue reading