Brendan O'Connor: August 2008 Archives

One product of my youth and inexperience is that when people around me reminisce about the “good old days,” I almost invariably don’t remember when said days existed. For instance, in Montana, old ranchers always get together and remember the “good old days” when we had “real” winters; for reference, in my lifetime I have seen 3+ feet of snow on both August 22 and June 19, and I didn’t have a Halloween costume that wasn’t quickly retrofitted to work with snow pants until I was 13. I cannot, for the life of me, imagine how hellish the “good old days” must have been, given what they’re being compared to.

All that said, one area in which I wish for “good old days” of some sort is in tech support. Unfortunately, I don’t remember tech support ever being a useful and quick source of information; it’s always been terrible (perhaps because, being a CS person, I only call it when I have something I can’t fix, which is a bad sign), and it only seems to get more so with wonderful advances like outsourcing call centers, and expanding layers of voice menus. (The only counterexample to this: I called Creative one time to ask a question about a particular hardware component of a sound card; not only did an actual human answer the phone, but she actually solved my problem immediately, and was friendly to boot. That’s it, though.)

Even so, though, most companies at least tend to bother to support software, especially if they sold it to you. Even Dell, who is terrible (which is why I no longer buy things from them). And especially if you paid an awful lot of money for it.

There is, however, one extraordinarily large counterexample to this principle, and it is for this reason that this company regularly wins my own “Worst People In the World” award— and by regularly, I mean whenever I need to talk to them. The company? Gavel and Gown Software. The product: Amicus (which means “friend” in Latin; I assume they called it this because “hellish demon-spawn that kills productivity and loses your data for no reason” doesn’t sound as nice in Latin).

So admittedly, I don’t have a great blog readership, meaning that I do know that a not-insignificant chunk of the people who read this actually know what this software is (hi, mom and dad!), but for the rest of you, it’s a domain-specific software program for lawyers, allowing them to do case management— keeping track of hours spent, phone calls and numbers, deadlines, trial dates, lots of stuff. Like a lawyer BlackBerry on crack. Very useful, assuming you’re a lawyer and it’s working.

Note well, however, that last condition: “it’s working.” This software is incredibly badly written. I wouldn’t allow my Java students to get away with it, but then again, my Java students have never written code this bad (and remember, I’m the guy who submitted “Code So Bad It Needs An Apology” to The Daily WTF).

I’ll just make a brief list of things wrong with this, in the hope that you’ll get the idea— but note that this is just a selection, far from everything that’s bad:

• All networking is over NetBIOS.
• Not only that, but no NetBIOS code is included, so the program requires you map the server’s program folder as a network drive.
• There are no permission restraints, and so the program requires that all clients (I.E., lawyers, not technophiles) have full read/write access to said network drive— that is, the program folder for the server installation.
• There are no locking paradigms, so if two lawyers edit the same file at the same time, someone’s change might get lost— or alternately, it will corrupt the database.
• The database? Visual FoxPro. Not good.
• To link with its accounting program, Amicus Accounting (note, this is written by the SAME COMPANY), Amicus directly manipulates Accounting’s database files— again, written in FoxPro, and again, with no locking.
• The database can be corrupted by any client exiting improperly— for instance, due to a power outage. Again, not the server— ANY LAWYER KICKING THEIR CORD.

I could go on— for days— but I won’t, because you’d probably stop reading. Suffice it to say that if I turned this in for any class at Hopkins, I’d be shot dead on sight by my professors. And they’d be right.

Here’s the sad part; this wasn’t programmed by a student— at least, not officially. No, this is “Enterprise” software. That means it costs a lot of money, as in multiple thousands of dollars (gotta scalp those lawyers, I suppose). So you’d think, then, that when their software breaks itself, through no outside intervention, they might, oh say, provide recovery tools?

Nope.

Well then, surely you could call them and get a recovery tool?

No.

You can at least call them and have them recover it, right?

No, and to cut out the next fifteen questions: you can’t call them.

If you attempt to call them, they will redirect you to their Sales department, who will tell you that you must pay them $700 (yes, that’s right, SEVEN HUNDRED DOLLARS) to speak with their Tech Support. That’s before they do anything, before you even know if they can help you (and they usually can’t), before they charge you extra for any services rendered.

For software that broke itself.

Not for them to come out and fix it; for them to TELL YOU WHAT THEY DID TO IT.

And when you complain about this, they will shout rude epithets at you (so much for nice Canadians— oh yes, did I mention this is a Canadian company? Probably so one can’t sue them into a grease smear on the dirt, which is a non-zero likelihood when catering to lawyers), then hang up.

The worst part? There’s no alternative. This is actually the best of the legal suites that exist. Not only do they not support Linux, they actually accuse you of being a Communist if you ask about Linux support. And their software… is appalling.

“But Brendan, you’re a CS person. You even have a shiny new degree. Why don’t you write a replacement?”

Well, that’s always the Open Source response, is to fix it yourself if you have a response. But that’s not really feasible— mostly because there aren’t enough people who owe me sufficient favors to help me write software this boring. And I shouldn’t have to write it myself— we paid thousands of dollars for this, then paid thousands more for an upgrade they said would help. They should have some level of accountability.

Maybe I’m just naive to think that— but if I worked for a company with that bad of a track record for customer support, I think I’d have a hard time not, oh say, slitting my wrists each morning.

Luckily, I don’t— and our customers notice.

Anyway, to all those of you out there starting companies to serve niche markets, like lawyers or doctors or basketweavers: they care about how they’re treated too. Keep that in mind.

For my part, I fly back to Hopkins tomorrow, to start the Great MSE Escapade. I know I haven’t written something retrospective about Six Apart yet, and I swear I’ll get to that soon, but at the moment, I need to find out how to bribe Lys to get in her carrier tomorrow morning.

Colleen McGarry, Six Apart's office manager / house mother (the person who makes sure we don't walk in front of traffic, who finds staplers for us when we're holding them, and all those other things to make sure work happens occasionally around here), has to put up with a lot. I won't disclose who mailed this letter... but I can assure you that I'll be making fun of them shortly. :-)

Six Apart has been for the last eight weeks an unbelievable ride in a variety of ways— the people, culture, and technology here are all just fantastic. Not only are 6A’s people some of the best anywhere, but they’re all amazingly friendly, and willing even to help answer the questions of a most definite n00b.

When I arrived in June, my experience in Perl was limited at best; a semester way, way back in high school in MT, and a few projects last semester at Hopkins. As I’ve mentioned before, however, I work with some of the most prolific Perl programmers in existence, and they were quite happy to help me where I encountered problems (e.g., everywhere).

Another amazing cultural facet of 6A is its giving back to the community— not just in terms of volunteerism and donations, although they do that too, but in terms of releasing programs to the outside world, so that programmers don’t have to solve the same problem that hundreds of others have already done. Six Apart is responsible for over 2% of the enormous CPAN Perl repository, with hundreds of modules used every day in millions of applications, including things that power some of the world’s most high-traffic websites. 6A was kind enough to let me release code that I worked on for one of our Hackathons— weekly events where we can work on any project we’re interested in.

I wrote an hCard parser in that one day, then spent several more not only adding (a lot of) tests, but adding creation abilities, polishing, bugfixing, and taking comments from a legion of 6A people who volunteered to give advice: Simon, Tatsuhiko, Ben, Brad, Bryan, and David. At long last, Ben and David said I could release it into the wild, and I’m happy to announce version 0.01 of Data::Microformat, freshly uploaded with my newly minted PAUSE account, is available in CPAN.

David was even kind enough to post about it on the official 6A blog— check it out!

Now if you’ll excuse me, I have just nine (working) days left at Six Apart, and an incredible list of things that need doing.

Yesterday, when I saw this article, I had a flashback to a conversation I had with a family friend back in May. She’s a labor attorney, and a very astute advocate of civil liberties, having fought for the rights of workers for her entire career. She has to fly incredibly frequently for her job, however, and I asked her how she dealt with the insanity that is TSA:

“Oh, I don’t deal with it— I have a CLEAR card.”

Wow, I said. Aren’t you concerned about giving that much data to a private corporation with no safety track record? (I could ask the same thing to Anil Dash, one of the VPs at my company, but he already wrote an explanation.)

“I’m too busy to deal with security; I don’t have another choice.”

I did— and do— see the practicality in this; shikata ga nai, as Kim Stanley Robinson often says, because security is so ridiculous. They harass me all the time, and for no justifiable reason. But I was concerned about what would happen in the near-inevitable data disaster, and I told her so. Now, just a few short months later, CLEAR has lost 330K+ records. (And don’t tell me that their investigation turned up no intrusion— TSA can’t even find the liquids I leave in my carryon, so I certainly don’t trust them to determine if a laptop has been compromised when the lost it for nine days.) And it’s not just the names and phone numbers, or email addresses, like a lot of websites might have; it’s all your personal data, because “we have to defend against terrorists.” So to defend against terrorists, all these people will lose a large part of their control of their identities.

It’s not, admittedly, like the government has a great track record of protecting data either; the VA, the Social Security Administration, and every other agency have had security lapses of one sort or another. At least there’s still some public outcry with the government, though; it seems like corporations aren’t even trying anymore— and corporations don’t even seem to notice when they should care, as I noted in a previous blog post.

The essential problem is that we give too much identity information away to all these places— governmental or private— in the course of our daily lives. Why does BGE, Verizon, or Hopkins need my social security number? (Especially because their declared use, “to identify you,” is most likely illegal.) Why does every arbitrary blog on which I might want to comment need my email address “to prove you aren’t a robot?” What, email addresses are perfect proof I’m not a robot now? (Of course, OpenID can solve that problem, but it’s not the default yet on too many blogs *cough* WordPress *cough*.) And why, in a simpler realm, does every arbitrary barkeeper get to have my home address, telephone number, height, weight, visual status (as in, if I’m partially blind), occupation (if I’m a commercial truck driver, it will be listed), etc. just so I can buy a beer? (Take out your driver’s license, and visualize giving that data to every scruffy character you’ve seen in a bar, ever. Now shudder.)

To take this to an even greater extreme, we have technologies like Gravatar, which can put my photo on any website I comment on— but it’s actually based on having given too much information away (my email address) in the first place! Why didn’t Automattic build it on URLs instead? (There actually is a technology to do it perfectly with URLs called hAvatar, but Automattic doesn’t seem to have invested as heavily into that, oddly….)

Of course, the reason for a lot of this is that we don’t have a method to give minimal-identity assurances, either online or in the real world. We have no way to prove to the barkeeper that I’m of legal age (which is all they need; they don’t need to know my age, just that I’m of legal age in the jurisdiction) without giving them all that other data too. We have no way to prove that I’m a new or old customer to Verizon.

We do, actually, have a way to give minimal identity to blogs at least, through OpenID— but blogs and other OpenID-enabled sites can still demand additional data through Attribute Exchange, and OpenID in general is not designed to enforce sanity on the data these sites want (usually for marketing reasons, which I don’t think is a good enough reason to give up all my personal information).

So the conclusion here? We’re screwed. All our identities are up for grabs, because we refuse to make a way to stop dropping data all over the universe. So either we need to do that— or we need to make a new society where identity is completely irrelevant, because your identifying details are already known to everyone in full detail, and thus their knowledge doesn’t identify you. Wait, I think I’ve already heard of that society.

We live with more opportunity each day to harness the data we all produce, as John McCrea has been talking about on his blog. Maybe it’s time for more people to wake up, and learn that maybe they don’t need to give all their data away, all the time.

I’m going to coin a new term for this: information sluts. As in, “why buy the person when you can get their data for free?”

Actions online are one thing— but giving my email, address, etc. to every random site that happens to ask for it is just as risky as sleeping with every person that asks. We have to realize this, and we have to address it— somehow.