Category Archives: Just My Opinion

Bill Me Later

April 7th I bought a used Nikon D600 package off of Ebay to replace the one I dropped off of a waterfall. It has been awhile since I bought anything off of Ebay because I’ve disagreed with their policies and prices for selling through them. But I went to Ebay to research the price of used D600 bodies, and in the process stumbled across a really good deal on a package that included one of the lenses I wanted to get as well. So a few days went by and I returned to Ebay when the auction closed. Made my bid with a few seconds to spare, and got the package for the price I wanted. At checkout, Ebay popped up a deal to open a Pay Me Later account which sounded attractive, as it was tax time and the saving account was a bit thin. So I went through the application process which they promised would provide a quick approval. Or in this case, a quick disapproval. Which surprised me because I have really good credit. I own a home and haven’t missed payments, I don’t carry a balance on my credit cards, I don’t have any other outstanding credit loans. Thinking maybe we got caught up in the Target credit card theft, I even checked my credit record. Clean as a whistle. Chalking it up to some kind of computer glitch, I went ahead and checked out with out the Bill Me Later. I totally forgot about Bill Me Later, until two weeks later, when I got a letter from them informing me “We regret that we are unable to approve you for the service at this time for the following reason:”
Certain elements of the transaction vary significantly from typical customer purchase behaviors due to the risk associated with this type of transaction, as well as the time of day of the transaction.
I had to read that several times because of the poor grammar, but I think they were presenting two reasons. First, the transaction varied significantly from typical customer purchase behaviors. Ok, I’m buying a camera. I’m sure lots of people buy cameras off of Ebay. But maybe they were alarmed because I’m also a photographer? Yep, that sounds pretty suspicious. Second, they were worried about the time of day of the transaction. Hmm, I bought the camera when the auction ended, which happened to be 8:20am on a Saturday. Not really under my control. You’d think a company that does most of their business with Ebay would understand that the Internet is open 24/7 and wouldn’t even take the time of day into consideration. The letter went on to say I didn’t need respond to them, but when I see stupidity at this level, I have to respond. They didn’t include a phone number or email, but did suggest I contact Bill Me Later “at the above address”. Really? Snail Mail? An internet company that resorts to 20th century means of communication? Not wanting to spend that amount of energy on contacting them, I went to their web site and found a customer support telephone number. Their phone system provided two and only two options, enter the phone number of the account (don’t have an account, that’s why I’m calling) or enter the reference number of the transaction (which obviously, I also don’t have). No way to get around it by pressing 0 for operator or any other keys I thought of. Finally after about 5 cycles, their computer finally figured out I didn’t have a correct answer, and it put me on hold for the next human. I was finally connected with Melany. I think this lady works for every company I’ve ever called with a customer service question. She was super excited to take my call, and her voice was just dripping with enthusiasm. /sarcasm Seriously, she sounded like she needed an IV drip of a highly caffeinated drink. I gave her the back story on my case, and read her the explanation in the letter. I explained I was curious what they meant by “significantly different from typical customer purchase behaviors”. She asked for the reference number so I repeated the 28 character reference number to her. Do they really need 28 characters to keep track of the people their system declines? That offers something like a billion million possibilities using just numbers. Seems a bit overkill. Or so I pondered while on hold. She finally came back with a pretty anti-climatic answer. She didn’t know. She thought it might be because the information I entered didn’t match the information I had in my Ebay account. I only have one house so I’m pretty sure the address I entered would have matched, as well as any other info they asked for. At this point I wasn’t going to do business with Bill Me Later anyways, but I at least wanted to know their reason. Apparently they don’t even know the reason. That’s not the kind of company I want to be making financial transactions with.

Mac OS X vs. Windows

I’ve been using Apple’s Macintosh computers since 1984, yep the year they came out. Since that time I have been a big fan of them, and have owned 11 different models, 8 desktops, and 3 laptops. I have also been using PC’s since 1981 when they ran on DOS. I have used Windows from it’s inception up to XP. Having used both over many years, it still surprises me that Windows remains the dominant platform. I often get into debates about which one is better, and often even when the other party grants that Apple makes better products, they claim they are too expensive. I’m going to leave the whole stability question out of this article and instead concentrate on specific differences between the two platforms that I feel make Macs worth that extra money. (It really is hard to leave that stability issue alone though after seeing so many friends and clients loose work and data to viruses, or have their Windows machines slow down so much because of their virus protection programs hogging resources.) These are listed in random order, as I think of them. 1. PDFs – Apple’s operating system includes the ability to create PDF files from any application. Windows you need to purchase Adobe’s Acrobat program to get the same functionality which will cost you an additional $300. If you need to combine two or more PDF files into one, on a Mac you can use the provided program Preview to do this. With Windows, you need to buy Acrobat. 2. Screen Shots – Macs have always had the ability to take a screen shot simply by pressing Command-Shift-F3 and you get a nice shutter sound as confirmation. It leaves the screen shot as a file on your desktop. OS X also includes a program called Grab that provides lots of other options for screen capture. Windows users can press the PrtScn key (which under DOS actually sent the screen to the printer) and find that nothing really happens. Until you open a graphics program, and select paste. Then you have to save the file. 8 steps vs. 1 for the Mac. In my web design work, I often ask clients for a screen shot when trying to solve layout problems (usually caused by Internet Explorer). It amazes me how many Windows users I have to explain the procedure to. Speaking of Internet Explore, that brings up two related items: 3. Mac OS X includes one of the best browsers out there, Safari. It is known for displaying HTML and CSS code as the standards define them. Windows, on the other hand includes Internet Explorer, the absolute worst browser out there. While each version of IE has gotten better about following standards, the early ones were so buggy that they’ve left a path of destruction all over the Internet. Webmasters regularly pull their hair out and have sleepless nights because they can’t get their web sites to work with all the different buggy versions of IE out there. Every time Microsoft fixes one they create another so many sites end up serving different content to each and every version of IE that hits their site. 4. To test a web site design I’m working on, I need to be able to open it in all of the major browsers out there. On the Mac I can install and run multiple versions of the same program. On Windows you can’t do this because different programs use external library programs that also get updated and prevent backwards compatibility. Not only is this helpful for browser testing but it’s handy for other purposes as well. I have three different versions of Photoshop installed on my Mac, CS, CS3 and CS5. Adobe has a habit of removing features in newer versions so sometimes it’s easier to open the older version to complete some tasks then try to figure out how to do it in the new version. 5. Apple’s OS X supports running Windows (or multiple versions of Windows) either natively through BootCamp, or as emulation through various software programs. The reverse is not true. So Apple’s computers can run more software than Windows computers. 6. Apple support. Even if you don’t sign up for Apple Care, you get support from the company that has consistently been ranked number 1 in the tech business. After experiencing the support with Apple Care, I’ll never buy a computer without it again. But most importantly, because your hardware and software come from the same vendor, there is no blame game played when you call with a problem. With Window’s you problem could be caused by the cpu, the graphics cards, the keyboard, the mouse, the hard drive or Windows, all of which might be different vendors and each can say it’s not their problem until you’re left spinning in circles. 7. Apple includes more hardware than those lower priced machines you see advertised. I remember back in the early 90s when every Apple shipped with Ethernet built in. PCs you had to add and configure a card, and good luck if the Ethernet card didn’t cause a conflict with your modem card because they shared the same Com port. Oh you had to open the PC and move some dip switches and jumpers to get it to work? Isn’t that handy! So yeah, now Windows has caught up and has plug and play. In my experience it sort of works, but not to the level that Apple’s does. On a recent forum someone was mentioning how expensive the new Mac Mini was at $799. Funny thing was that when I compared it to a similar package called the Pandora Mini and configured them the same, the Pandora ended up being several hundred dollars more expensive because the cheap base price only included things like 512 meg of memory, vs. 4 gig for the Mac Mini.

Ignorance is Bliss

Every once in awhile for some reason I take a look at the log files for either one of my web sites or one of my customers. The log files are a technical record of all of the requests for files that come in on the server. The requests can be from valid users going to one of my web pages, or they can also be from search engine spiders that visit from Google, Yahoo, etc. Occasionally I’ll also see visits that are the pattern of hackers testing the sites for known or unknown vulnerabilities. Here’s the first log record from today’s log file: - - [17/Jul/2011:00:28:39 -0700] "GET /cgi-bin/color.cgi?backcolor=CCCC33 HTTP/1.1" 200 67156 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +" 255 67465 This happens to be from the largest search engine site in China. The visit came from a computer called a spyder or bot. Baiduspider is not only a bad bot, but since it’s from China, I don’t need or desire it to be crawling my site. So it gets banned. How do I know it’s a bad bot? Well back in the mid 90s some guy decided to make a standard for defining a set of rules that spiders are supposed to follow. Like a lot of Internet standards, the robots.txt file was written by a computer geek, and therefore makes no sense. There’s also no good documentation for how it’s supposed to work, and you’ll find many conflicting opinions on how it is supposed to work. Google and other search engines have also added to the syntax, so you’re never sure if the search engine you’re targeting is going to follow the rules as you write them. There are even online syntax checkers that attempt to help you make sure your syntax is correct, but no matter which way you write the rules they will tell you you’ve written them backwards. I guess I need the secret decoder ring. The reason I was trying to make sense of all this again today is because while reading through the log files for this morning, I noticed that Yahoo’s Slurp bot was accessing the same files over and over, from different IP addresses. It’s only half way through the day and already Yahoo has downloaded the same image from my web site 39 times! Now that image doesn’t ever change so there’s no need to keep downloading every few minutes. It’s just another example of why Yahoo is such a non player in the search engine business these days. In researching the issue I came across many articles going back as far as 2007, of web masters having problems with Slurp. My favorite was this one “Yahoo! Slurp too Stupid to be a Robot” written back in 2009 on Jeff Starr’s blog. He decided to block Yahoo, not only because of their incompetence, but also because Yahoo wasn’t even sending any traffic to his site. So I looked at my site’s stats, and sure enough, Yahoo referred 150 out of 43,525 hits to my web site, or in other words .2% of my traffic came from Yahoo. Yet the Yahoo Slurp spider itself accounted for 5.67% of the hits on my site. Something’s seriously out of whack when the search engine itself accounts for 28 times the amount of hits as it sends you. Since I already hate Yahoo for their incompetence, I’m pretty close to just banning their bot completely. I’m giving them one more chance and if the recent change I made to the robots.txt file doesn’t slow them down, then I’ll start banning them completely. Once again, looking at the raw data in the log file has taught me that ignorance truly is bliss. I’m pretty sure that’s how the programmers at Yahoo must feel too.

bingbot – Another wonderful piece of coding from Microsoft

Well the folks that brought you the most easily infected PC operating system, and the buggiest and most non-compliant web browser, have done it again. Their latest invention is a crawler robot that may end up costing you money. All of the major search engines have robot computers that are known as crawlers, bots, and spyders. Their job is to go to web sites and follow all the links and then index those pages, follow the links on those pages, and go on and on and on. That’s how the internet is indexed these days. All well and good. Until Microsoft designed their bot. The search engine bots are supposed to have a minimal impact on your web site, coming by for a taste now and then. If they try to devour the whole meal at once it can impact your server, slowing it down for your visitors. This month after receiving the bill from my hosting provider, I noticed that I was charged extra for going over my bandwidth limit. That was the first time I ever experienced this so I did a bit of investigation. One account on my server was way above normal usage and after looking at the logs, I noticed that search engine bots were way over represented in the stats than they should have been. Drilling down into those stats I found that bingbot, Microsoft’s bot for their Bing search site accounted for 19% of the site’s traffic. It was hitting my site so often that it totally skewed the Webalizer stats for the month. The problem seems to have resulted in a voting script that I recently added and bingbot was trying every voting link which seems to have put it in an endless loop. For a long time bots ignored URL’s with question marks in them because only dynamically served pages would have them and the bots could quite often be caught up in endless loops when trying to follow them. Apparently the engineers at Microsoft thought they were smart enough to venture into the rough waters of dynamic URL’s, but they forgot to bring their lifeboats with them in case they needed to abandon ship. Their foolhardy venture cost me a small amount this month, and I’ve put some modifications into my robot.txt file to keep them out of that part of the site. Hopefully they will grab the updated robot.txt file soon and pay attention to it. Just for the record, here are all the IP addresses I found in the logs during a one hour period that can be traced to bingbot. At some points there were up to 4 different bingbots hitting my site at the same time! In all, in just this random 1 hour time frame that I picked, 34 different bingbots hit my site 94 times. Mostly indexing the same 15 pages over and over again. Apparently, I’m not the first to experience a bingbot binge.

Spammed if I do, Spammed if I don’t

Dealing with spam has become one of the least enjoyable aspects of being a web designer. Currently about 90% of the emails I receive are spam. Because many of the web sites I design have an email address that eventually finds its way to me I often get multiple copies of the same spam. Not only is the amount of spam that I receive a waste of my time and resources, but I also have to deal with unhappy clients who receive spam, or worse, those that can’t get their mail sent or received because someone else is blocking their good messages as if they were spam.

Intercepting Spam

There are three places that spam can get intercepted, and how well the first two work affects how much you’ll need to rely on the last defense, which is your computer.

The Sender’s ISP

The first line of defense is the spammer’s ISP. Spammers used to get caught because they would connect to their own ISP and start sending out thousands of emails. That was pretty easy to track and shut down. So spammers got smarter by trying several different approaches.
  • They search for mail servers on other ISPs that are open and send the mail through someone else’s server. Fortunately, most ISPs are smart enough to not allow relaying so this is becoming less common.
  • They search for web pages that use insecure forms processing and attack those to send spam. Older versions of the Perl script, FormMail were notorious for being hacked this way.
  • They craft trojan programs that make their way onto your Windows PC that allow them to take over some of the processing power to send their spam from your computer to your ISP. This is the most common way that spammers are currently sending spam. If you use Windows you need to make sure that you have taken steps to prevent viruses and trojan horses from infecting your computer. 
Still it would be best if ISPs could detect the spam as it’s being sent and just prevent it from going through the system clogging up everyone’s bandwidth. 

The Receiver’s ISP

The next step in the mail delivery process is the receiver’s ISP. ISPs try to determine if mail is spam on a continually evolving set of characteristics. There are also options on what they do with the mail they suspect is spam. They can refuse to accept it, they can accept it but archive it in a spam folder, they can mark it as suspected spam so that your PC can take over, or do nothing. The problem for ISPs is that while they might catch a lot of spam and prevent it from reaching your mailbox, they can also catch good mail and prevent you from ever receiving it. That’s why these days it’s always best to follow up on emails that don’t seem to be answered. It’s entirely possible that your email never made it to the recipient. For this reason I prefer the ISP to take a conservative approach to combating spam on the receiving end. I’d rather have ISPs prevent it from getting in the system, but once it’s there then unless they’re 100% sure it’s spam, they should let it through.

Your Mail Program

Whether you have a Mac, Windows, or Linux computer, your mail program has some built in tools to help solve your spam problem. Computer users need to learn how their email program works for setting up filters and take some responsibility for taking care of the spam that does get through. There are also add in programs that work with some email programs to make the filters work more effectively. For the Mac I can recommend SpamSieve. For Windows users, I would recommend that you switch to a Mac. I set up filters that look at the subject line, the from line, the content, and other criteria. Then depending on the confidence that I have in the filter only trapping spam, I do one of three things. If I absolutely know it is spam (for example, it’s coming from an address that has sent me spam before) then the filter deletes the message immediately. The next level down I move the message to the trash folder and mark it as read. That way if I find a good message goes missing I can still search the trash folder and recover it. The rest of the suspected messages go into a spam folder. I scan the contents of this folder at the beginning and end of each day. If I find any good messages in there they are moved to my inbox. Then I select the rest and delete them.

Further Spam Suggestions

If the spam is coming from anyone other than a legitimate business (and you can identify that it really came from them) DO NOT reply to the email asking them or telling them to stop sending you spam. You won’t get your name removed and you’re simply confirming that their spam reached you and was read. You will end up getting even more spam. Also it is highly likely that the FROM address was forged. So replying back to that address will just make an innocent victim suffer even more. Add a filter to delete emails with your email address in the FROM address. Unless you’re in the habit of sending yourself emails. Spammers commonly forge the FROM address making it the same as the TO address. If you have one or more email addresses that forward to another email address, be sure when tracing a spam problem what address is initially being attacked. You can view the full headers in your email program to see what address the message initially went to. To figure out how to do this, use your email program’s help menu, or Google “display (your email program here) full headers”. Personally I wish the whole email system would adopt something similar to the phone system caller ID. Then you’d have the option to send email either anonymously or with your proven ID attached. It would also mean that you could choose to receive or block anonymous emails. But until something like that gets implemented, spam will be with us, and you need to learn how to control it on your own computer. Links for further reading:  

Yahoo 421 Message

First there was the telephone and it was a great invention. People could call their friends over long distances, call stores to see if they had merchandise or inquire about their hours, or call the police or fire department if they were having an emergency. This new invention was very convenient and every one rejoiced. Then other people found that they could call you at your home and try to sell you stuff. This saved them the expense of opening a store and advertising to get you to visit the store. These telemarketers as they became known, often called at inconvenient times, were usually selling things you weren’t interested in, and generally made the phone a lot less of a convenience for you. So the phone companies came up with a solution called Caller ID. This allowed you to see who was trying to call you and you could decide if you wanted to accept the call or not. Still the telemarketers persisted. They figured out devious ways to get around the call screening. This made the phone customers very mad, and they complained loudly to the phone company. So the phone company decided that it was too hard to figure out the problem calls on an individual basis and they needed some speedier way to decide if they would ALLOW the call to get to your home. They looked at patterns and found that a lot of telemarketers were in the 408 area code. So they decided that when anyone from the 408 area code tried to place a call to one of their customers, they would hang up on them before the call even got to the customer. They figured if it was a friendly call, the person would try again. Some times they would hang up repeatedly, until finally the person trying to call them would give up and write off the intended callee as a rude person because they didn’t want to talk to them. The person the call was intended for eventually dismissed their friend because they never called anymore. Invitations to lunches, birthday parties, and the latest gossip were all missed because the phone company’s intrusion into their lives. Worse the phone company soon found there were new area codes that they had no history on. Well this must be bad. This was probably telemarketers setting up a new shop to get around their previous restrictions. Better to ban them right off then have a customer complain about getting a call from a telemarketer. When customers in this new area code found that they couldn’t call their friends who were serviced by this phone company, they tried contacting the phone company to see what the problem was. The phone company didn’t have a phone number to call them, but they posted some information on their web site. Problem was the links on the web site went around and around saying click here, click there until you ended up back where you started. Finally after much searching, the right form was found to fill out. Customers submitted the complaint form and promptly received an automated response back saying the system was broken, and it might be a week before they would get to the request. Pissed off customers then went to the web to research the problem further and found out this has been going on for several years, with no solution in sight. The phone company provided a whole bunch of hoops that people could jump through in an attempt to make their phones work with the phone company’s network, but some solutions were inconvenient or impossible to implement. Many complaints were found on the web were people did everything the phone company wished and still their calls were prevented from going through. All sounds pretty ridiculous doesn’t it? What phone company would dare think it was their responsibility to screen calls for their customers.  Yet replace the phone company in the story with Yahoo and that’s basically the problem I have been experiencing after upgrading my server at Hurricane Electric. While the server is faster and boasts more modern software, it is hosting the same clients as before, sending the same emails as before. The only difference is that the IP address has changed. This is apparently enough to cause Yahoo not to accept mail from my new server. They won’t provide a reason why, and there’s little I can do about it. I’m caught in the middle with pissed off customers on something that is entirely out of my control. My hope is that if Microsoft is successful in their buyout attempt of Yahoo, they will immediately put their best programmers on the task of fixing this problem, and the ensuing mess will be so bad that people will flee the new MicroHoo in droves.