Kodak can't remember numbers...

Just to set the record straight: I really love my Kodak M883 digital camera: it's lightweight, has great optics [sure, I'd like more than 3X zoom, but this is a relatively low-end consumer model], easy-to-use controls, and takes really great pictures.

However, this morning, I stumbled onto the dark side of the Kodak implementation: every time you offload your images from the camera SD memory stick, the camera starts renumbering at 1! Unbelievable... and tech support told me that this applies to most of their current cameras.

What this means is that you can't simply copy the images into the same folder (if, for example, you organize your images by month or by subject for easy retrieval)... that won't work because sooner or later you'll have have two images called "100_0001.jpg", "100-0002.jpg", etc. What a pain... and such a simple thing to have done right in the first place. My older Nikon and Kodak cameras don't have this problem.

Come on, Kodak... you can do better than this.

So here's the simple but irritating work-around. I found out by testing that the camera searches the SD card and finds the highest-numbered image in the image folder (that's "\DCIM\100KM883" for my model; yours will have a different model number but the '\DCIM\" part should be the same) and starts one higher than that. If there are no images in that folder, then it starts at 100_0001.jpg.

To solve this problem, make sure that there is one image left in the image folder that is at least equal to the highest number you have already saved. Easy way to do this is to simply delete all the images except the last one. That way, the camera will start numbering at the next higher number, which is just what you want. Or delete everything from the image folder (like many image managers such as Picasa do after offloading the images), and then copy/create a new file with the last image number that you have used.

If you're a *nix user, cygwin user, or Mac Terminal user, you know that the 'touch' command will do this for you quickly and easily. If you're on Windows, you can download a free version of the touch command and then say "touch :DCIM\100KM883\100_<4-digit number>.jpg" (substituting the correct drive letter and image number) and it will create an empty file and thus cause the camera to number as you would expect it to.

If Vista is so great, why does it...

not recognize that a file has already been backed up?

I'm using (the new) Windows backup [Editor's Note: Why break the old backup routine and not even provide a way to get data from the old backup files?] and doing a weekly incremental backup, which is supposed to backup only the files that have changed since the last backup.

However, I notice that all my backups are over 8Gigabytes, and I know I don't use that much space in a week. I dig into the backup directories and see that -- each week -- the "incremental" backup is including a 5.5Gigabyte file that hasn't changed in months!

Go figure...

Ring-around-the-password...

Just installed a new version of CloudMark Desktop (was SpamNet) onto my system and ran into a most frustrating version of ring-around-the-password (they're not the only one; see my previous comments about DirecTV... shame).

Here's the deal...

I've had SpamNet on my machine for several years -- ever since the first beta -- and love it. It does a terrific of blocking spam and not black-holing too many of my wanted emails. I've had the same password for most of that time as well. Great service!

However, when I did a clean install of the latest version, I had to access My Account, so I entered my email address and password: "Invalid password" came back. I tried it a couple of times to make sure that I had typed it correctly but no, it still complained. I checked my password storage at www.4MyPasswords.com [Full disclosure: I developed and support that free site] and yes, I had the correct password.

So I clicked on the link to reset my password, followed the instructions, entered my new password and -- you guessed it -- I got "Invalid password" again, even though I had copied the new password to my clipboard and pasted it back in: no chance of getting it wrong that way.

What I found out after some experimentation is that CloudMark does not accept special characters in their password prompts(!) yet they blithely allow you to type in special characters when resetting your password -- no message, no warning, they just disappear.

I finally figured this out, entered a new password without any special characters (I had used an asterisk, as this make password guessing more difficult and my password more secure) and now everything works again.

So, I give CloudMark two Tech-Blech(tm) awards:

Tech-Blech award #1 for implementing such a poor user interface that throws away data without telling the user.

Tech-Blech award #2 for designing such poor securty by not allowing special characters in their passwords and thus reducing the security of their site.

And they call this "Customer Support"?

Where do they dream up this stuff that they call a user interface...?

I'm working in QuickBooks (2007) and I get an error:
(SideNote: I've been seeing lots of 'help' errors in various products these days -- maybe they just don't figure that it's worth getting it right).

So I go online to the Intuit/QB site, can't find anything helpful, and go to submit a problem report. I get ALL THE WAY through writing it up, filling out their prompts, click the 'Submit' button and get this display:

They couldn't tell me that in the very beginning?

Note to Intuit: This is an excellent way to alienate your customers and ensure that you get no feedback!

What did you say my password is?

When is your password not your password?

When the company decides to change their password handling and implements it poorly.

Case in point: I used to have a "strong" password (i.e., one that's harder to guess because I have used special characters and relatively random selection of characters) at DirecTV -- "gt*9facts" (not my real password, of course). I've used my strong password for well over a year now with absolutely no problems. BTW, if you want a few pointers on creating a strong password that's easier to remember, visit http://www.4mypasswords.com/welcome/tutorial. Or see the Wikipedia entry on strong passwords.

Just the other day, I needed to login to my DirecTV site and entered that password: it failed. I tried several times (I can make typing mistakes :-) but to no avail. I finally clicked the "Forgot your password?" link, thinking that maybe I had changed the password and forgotten about it.

Imagine my surprise when the email from DirecTV told me that my password was, in fact, "gt*9facts"! Even cutting/pasting from the email into the website yielded a password failure.

Searching through the site, I finally found that they now had a policy that you could only use alphanumeric characters in your password -- that is, the "*" in my password was invalid.

So what went wrong here?

1. First, DirecTV implemented their change poorly. It's one thing to require new visitors to use the new requirements -- that's a simple change to the input validation scheme. It's totally another thing (and poor user interface design) to also change the processing of an existing password to exclude already-accepted characters. At the very least, what they should have done is allow existing passwords to continue to work; much less hassle for their users.
   
2. Second, DirecTV sent out a bad "Here's your password" email. If they implemented the change they did, then they should have put smarts into the rest of their password system. What they could have done is parse the password, note newly invalidated characters and either: (i) pointed out the problem and provided a link to automatically generate a new password; or (ii) modified the password, replacing those invalid characters with a standard replacement.
3. Finally, DirecTV reduced the ability of their users to generate strong passwords. Granted, many users do not generate strong passwords. However, please don't take away that capability for those of us who do want flexibility in generating good passwords. Better security is better.

As it was, I had to try my old password several times, get a little worried about my account having been cracked, get my wrong password email, and finally contact tech support, wait on line, and get them to assign a new one to me.

Not the right way to treat a customer!

Outrageous forms

Ever go to one of those sites for a "free" article and then get hit with an unbelievably long form where all of the fields are required? Obviously some marketing hack who figures this is a great time to fill their database with all kinds of wonderful information that they can them mine for gold.

Well, the same thing can also happen with companies that you already have a relationship with or with signups for fee events. And this can be exacerbated with poor website design and sluggish response.

I recently had one of those situations when attempting to send a question to Cingular about my online account. I wanted to know why my online bill had not yet been posted for the current month. So I figured I'd send them a message. They very conveniently had a link on their site to "Email us your billing questions". I thought this would be the quickest and easiest way to communicate with them... boy was I wrong!

It's a 3-step process (they say). Step 1 is a confirmation of your basic account information: no problem there. My difficulties started in Step 2, where they want to know what my problem is about.


Well... this looks like a 3-step process in and of itself, and it's only Step 2. Worse than that, there is obviously a round-trip to the server to display this information and it took 15-30 seconds to update the page after each selection. And the final item ("Sub-topic 2") simply returned a "There are no options for this Sub-topic" -- at least they told me before I had to wait for that item. But still, totally unacceptable!

Once you get past this page (if you get past it... I was beyond the point of trying to communicate with Cingular: now I wanted to see how bad this could be). I expected it to get worse, and I was right! Here's Step 3 of the dialogue. Notice that there are two images here: the list of questions (all required) that they ask you for can't be displayed on a single page!

The list of questions is unbelievably long and they are all required! I even have to enter (HAVE TO!) enter my current snail mail address before I can submit a help request... how bad can you get?

I guess they don't really want to get questions -- they just make it too hard to submit them!

Suggestions to Cingular: (1) Get some faster servers; (2) Read "Don't Make Me Think" (Krug); (3) Have real people check out your designs before inflicting them on your poor users.

Passwords & misinformation...

I continue to be amazed at the number of ways that people can botch signups for online services, and Dr. Dobb's Life 2.0 conference just reminded me of that.

You go to their site to register for this free conference, and you have to give them a password. The first question is "Why?" There's certainly nothing private about registering for a conference that I can see, but what the heck, I'll give them my password.

The instructions clearly say:

LIFE 2.0 PASSWORD (SIX CHARS MINIMUM)

so I carefully type in my usual "non-secure" password which has a special character included (old habit of putting in something a little less guessable, and the one I commonly use for these kinds of "Who cares?" registrations) and attempt to move on.

Up comes a dialogue box that says "Blah!"



yep, you read that right: "Blah!"

Hardly what I'd call a user-friendly response to a perfectly reasonable password that has been accepted by maybe 95% of the websites that I visit. After I click "OK" on this message (not what I would really like to tell them, but that's my only choice), they finally display "Password invalid! Please re-enter".

Notice that they don't tell me what's wrong with my perfectly valid password... just that it's wrong and I should try again.

(Un)Fortunately, I've learned that some sites -- like Dr. Dobb's site -- just don't get it when it comes to passwords. They:

1. Don't give you good instructions on how to enter your password.
2. Make poor decisions about what is an "acceptable" character in a password.
3. Don't give you good instructions when things don't work as expected.

What's ironic and a little said is that their "minimum 6 characters" is almost certainly based on the idea that longer passwords are harder to guess. That may or may not be the case, but not allowing special characters makes them easier to guess.

And just why is a special character (a few sites have only a few special characters that they don't allow... go figure!) not allowed anyway? It's not like a password is going to be 'executed' and thus open the door for some kind of hack... that is true isn't it Dr. Dobbs?

Too bad... it shouldn't be this difficult!