November 2012

I’m about to launch a Kickstarter campaign, which means I need to complete the Amazon Payments online tax interview process (since Amazon is the only payment mechanism for Kickstarter), but I can’t because Amazon repeatedly gives me an extremely unhelpful error message early in the tax interview.

Here’s the screen video. First you see the problem happening in Firefox, then I switch over to Chromium and show it happening there too, then back to Firefox just to confirm. Note that Chromium says the interview process is only “10%” complete, whereas Firefox has it at “20%”. This is because earlier in Firefox I had finally made it past this error on an earlier step, and am now stuck at 20%; in Chromium, I couldn’t even get past that first step. Update: I later reproduced the problem repeatedly with Internet Explorer on Windows, at a nearby Kinkos, though that’s not captured in this video.

The error just says:

There was an error. You may retry by closing this box or abandon the interview to try again later.
[Abandon Interview]     [Close]

That’s it. Pretty informative, eh?

Anyone seen this problem before? I guess my next step is to go to a Kinkos and rent time on a Windows machine; a pity, but I’ve got to get this done, and reimplementing Kickstarter is (pardon the expression) a nonstarter. I realize it greatly simplifies their business to just offer one payment mechanism, but this is far from the first report of problems with Amazon Payments; I hope Kickstarter decides to diversify their payment mechanisms someday.

Update: The problem happened on the Windows machine at Kinkos too, in both Internet Explorer and Firefox. I eventually found a workaround: I kept hitting “Abandon Interview”, then restarting from the beginning: it seemed to let me go one more step each time, though I had to do a lot of abandoning and restarting to finish the process. Urgk.

Notes: on my own machine, the software details are: Firefox / Iceweasel 10.0.10 running on Debian GNU/Linux; Chromium version 22.0.1229.94 Debian wheezy/sid (161065). I didn’t get the details from the Windows machine at Kinkos.

I’ve been traveling and spending a lot of time in cafés, hotels, etc, recently. So I’m on a lot of different wireless networks, most of which are open to the public though they are sometimes password-protected (with the password physically posted in the vicinity of the network).

This also happened to be around the time the Open Wireless Movement had their public launch. So I got to thinking…

What if every time I signed on to a new network, the dialog box asked me if I wanted to upload to a global database the network name, password (if any), lat/long location, and any other information it can glean automatically?

example dialog box, with option unchecked

One would just use one’s judgement about when to send the information upstream to the database. I think there’s no problem relying on judgement here: after all, these are already public networks that accept strangers — when there’s a password at all, anyone who has it (e.g., anyone in or near a certain cafe) can already share the password with whomever they choose. The only people who can take advantage of it are those in the area anyway. If your judgement says it’s okay to share the information, then you just check the box (which starts out unchecked by default, because this should always be a positive decision by the user):

example dialog box, with option checked

Then, of course, when a device is searching for a wireless network to join, it would consult the same global database (copies of which would be synced automatically to the local machine from time to time).

The upload option could prompt the user to offer an optional “notes” field, for example to include the location’s name, physical address, access policy, whatever. Well, there are lots of possible tweaks, but you get the general idea.

Is anyone already doing this?

After extensive interviews with all the candidates, and careful consideration of their proposals, policies, and vaccination histories, endorses

President Barack Obama

Barack Delano Obama

for President of the United States.

U.S. readers, please vote today.

Today’s New York Times has a perfect example of why journalists need to evaluate what people tell them, and why objectivity can’t mean simply repeating the claims of every party large enough to get a reporter’s attention:

In the battles, Republicans are mobilizing to defend against what they say is the potential for voter fraud, and Democrats are preparing to protect against what they say are efforts to suppress voting rights.

The only way for that paragraph to be quality journalism is if it is followed immediately by an explanation of the fact — yes, fact, because that’s what it is — that there is no voter fraud problem, that the absence of a voter fraud problem is well-documented and known to anyone who takes even a mild interest in the matter, and that Republican efforts to “solve” this non-existent problem can therefore only be explained by some other motivation. It seems obvious that that motivation must be a desire to suppress turnout, since the demographics most affected by needless voter ID laws tend to vote Democratic, but hey, if you’d rather offer that as one hypothesis and let the readers draw their own conclusion, that’s fine. What’s not fine is to simply report both claims as though they’re equal on their merits and then provide no factual investigation. Why bother informing readers if you’re not going to inform readers?

(Voter registration fraud is fairly common, but is completely different from voter fraud. It has no effect on election integrity — it’s a fraud on the organization(s) conducting the registration drives, not on the electorate.)

Unfortunately, the NYT did not include these easily-verifiable facts (which are even admitted by Republicans who aren’t playing along) anywhere in the article. To read it, you’d think both sides are lawyering up because each side is likely to be guilty of some nefarious attempt to steal the election. The truth is that only one side is likely to be guilty of that. That side needs its lawyers in order to perpetrate the attempt, and the other side needs its lawyers in order to defend against it.

My side is the one defending democracy. I wish both were, but if only one side is, then that’s my side. Everything else is a distraction, when you have one side actively trying to prevent the other from voting. If you’re a U.S. citizen, I hope you’ll join us, and vote for Barack Obama and for Democrats in every national race for which you are a constituent.

The birtherism idiocy was bad enough; the refusal of most Republican elected officials to outright dismiss it when the subject comes up is unconscionable. And now attempts to commit election fraud (by preventing qualified voters from voting) in the false name of preventing voter fraud? This used to be a respectable political party; maybe someday it will be again, but the signs aren’t too promising of late :-(.

I just ran into a (retrospectively) hilarious but subtle user interface .

This is the Dokuwiki administrative panel for adding or editing a user account. Can you spot the potential problem here?

User add/edit form, with Real Name field immediately following single Password field.

You might not see it right away, perhaps because you’re used to sites using a dynamic popup window for password confirmation.

Password confirmation is where you enter the new password, and are then asked to repeat it in a separate field, typically immediately following the first password field, to make sure that there are no typos (because after all, if the password isn’t what you thought it was, you might have a hard time logging in to fix it). Sometimes the confirmation field is right there in the form, and sometimes it pops up only after you finish entering data in the first password field.

But this interface doesn’t do a confirmation field at all. That makes sense, if looked at purely logically: I was logged in as the admin user, using the form to create a new kfogel account for myself. Since the password I’m entering is for kfogel, not admin, there’s no danger that I won’t be able to log back in and fix it if I get it wrong — I’d just log in as admin again, whose password is not being changed here.

The problem is expectations. With very other piece of software where I go through this routine, I have to enter the password twice (original plus confirmation). Reflexively, I did so here too. I know, it says “Real Name” next to the field, but, as with most users, what’s in front of my eyes is no match for what’s behind them. So I blithely entered the password into the second field too, thinking it was the password confirmation.

The result:

Resultant user list, showing my password in the clear.

Oops :-).

While I was doing this, I was chatting in IRC with another admin of the same wiki. He was creating his own non-admin user account at the same time I was. After I made the above mistake, I told him about it in IRC — and while I was telling him about it, he was busy making the same mistake:

kfogel, I just pasted my password in the real name field too! What a blooper

At this point, I think that qualifies as a user interface bug, not a user bug!

The fix is easy: on or before submission, have the form notice if the Password and Real Name fields contain the same value, and ask the user if they really meant that. Filed as DokuWiki bug #2654.