UNDERDOG of PERFECTION - Page 25 - a blog on technology, music and geek culture from room34

Please think twice before leaving a flippant negative review

Last week I launched a new WordPress plugin, No Nonsense, and much to my surprise, it started to pick up steam after just a couple of days. It turns out, it got featured with a nice review on WP Tavern, and people took notice.

Unfortunately, almost immediately, it got a couple of really negative reviews, both of which were clearly dashed off with very little thought, or apparently even the slightest bit of effort on the part of the reviewers to try to determine the cause of their issues before leaving a negative review — rather than submitting a support ticket, which would be the correct channel for addressing a problem… if they actually wanted to solve it.

I take pride in the quality of my work, and I try hard to make sure it performs flawlessly. I respond quickly to any issues — even for a free plugin like this — because I want to make things right. So it is really painful to have the product of my efforts permanently stained with a negative review by someone who can’t be bothered to take the time to write a single cohesive sentence detailing the issues they had with it.

I understand the temptation to rip on something you think is garbage, and I’ve left a few one-star plugin reviews myself. But I feel it’s important to at least explain in detailed and objective terms why I think something is bad. And maybe if it’s clearly something brand new, I’d wait a while to see if the creators take the time to work out the kinks first.

So, no matter what you do, no matter where you are, if you are in a position to criticize someone else’s work, I implore you to take a second and think about the impact you might be having on that person and on what they’re trying to accomplish, and whether or not your criticism is truly valid and warranted. Perhaps it is not, in which case, I would respectfully suggest you stay quiet. But maybe it is. In that case, think about whether a terse and flippant negative review is really the best way you can contribute to improving the situation, or if there’s a more effective, more constructive way to share your input.

Two-factor authentication is not the solution to the inherent flaws of password-based security

Uh, I really don’t have much more to say than that.

OK, maybe a bit. As a web developer working in client services, at least once a week I am confronted with the situation of having to log into a client’s account for something… MailChimp, GoDaddy, etc.

Many of these services have switched to 2FA-by-default, which I agree is more secure than plain old passwords (which I bet some of them still store in their databases as clear text). But 2FA is a pain in the ass. Especially when you’re in my position, and the phone number or email address that receives the one-time authorization code belongs to the client, not me.

Any time I need to log in, it requires coordination with the client to be sure they’re available to pass along the code to me. Which is just stupid.

Fortunately a lot of these companies have realized how common this kind of situation is, and how it’s a valid scenario, and they’ve worked around the limitation by creating “teams,” so clients can add me to their account as my own separate user, with my own login credentials, and my own 2FA.

But it’s still a pain in the ass. And not every service offers it. For example, MailChimp used to allow up to 3 users, I believe, on their free accounts, but now it’s just one. Of course, of course. Just pay for the service, right? Well sure, but service providers with a free tier imposing such a ridiculous limitation on that free tier as a way to upsell the paid tiers is kind of self-defeating. “Hi, we’re creating a crappy experience for you, and that’s the only experience you’ve known with us. But if you start paying us, we’ll make it not-crappy. We promise!” OK.

But it’s not really MailChimp’s fault. It’s that 2FA sucks. It’s more secure than plain ol’ passwords, but it’s even less convenient.

And while I’m ranting futilely, why do we even need security at all? Because people suck, period.

…

While I was writing this, I was waiting for a client to send me a 2FA for MailChimp. I’m in! And fortunately, this particular client is on the paid tier, so I was able to add myself as a user. A process which involved… wait for it… a CAPTCHA! (Time for another rant.)

New WordPress plugin: Remove Broken Images

If you have a WordPress blog dating back many, many years, and you’ve just completed a massive cleanup of images from your Media Library, or if you just have any other reason why there might be a bunch of <img> tags in your blog posts that no longer go anywhere, you may be wondering if there’s an easy way to just, you know, have those annoying broken image icons not show up all over your pages.

Now there’s a way!

OK, actually there already were a few different ways, via free plugins, but as is so often the case with a lot of these types of small, single-purpose plugins, I find they’re almost always either really clumsily written, overloaded with unnecessary features, or both.

So I wrote my own.

This plugin couldn’t be simpler. It assumes that you just don’t want to display broken images — whether that’s the ugly little “missing image” icon some browsers display, the large outlined box containing an ugly little icon and the missing image’s “alt” text, or just a big blank white space. It doesn’t have an option for showing a different, placeholder image. Because, let’s be honest, that doesn’t look good… especially if you have more than a few of these to deal with. Having the same placeholder appear all over your site looks as bad as having broken image icons everywhere.

The plugin relies on the JavaScript error event, and uses some very compact jQuery code to remove any <img> tags that trigger the error, and their containing link and caption element, if present.

The end result is a clean looking blog with no indications whatsoever that anything is missing. Unless the text of your blog post describes the image in excruciating detail. In that case… you’ll just have to wait for version 2.

You can download Remove Broken Images right now from the WordPress Plugin Directory.

Just another Halloween…

So last night a kid who honestly was probably too old to be trick-or-treating said, “thank you SO much” very sarcastically when I dropped one small piece of candy into his pillowcase and it stuck very conspicuously near the top, so it was obvious how little I gave him.

I immediately had negative thoughts about his reaction, but I had nothing to say because honestly, he was right. It was pretty stingy. But the problem was, we only bought one bag of candy this year, not knowing how many kids to expect, and it turned out to be a busier-than-usual year. (Most years we buy 2-3 bags and have 2+ bags’ worth left over at the end of the night.)

I started the night giving each kid 2 pieces, but I quickly realized that at that rate I was going to run out before 7 PM, so it was time to dial it back.

So yeah, I guess I deserved to get called out by a snotty 13-year-old for my less-than-copious candy offerings. Some people might say kids shouldn’t act so entitled but honestly, this is part of the social contract we agree to when we decorate the front of our house and turn on the porch light on October 31. Kids are going to come to our door for the express purpose of us putting a reasonable amount of candy into whatever receptacle they happen to be carrying, and one “fun size” Twix is not a reasonable amount.

On a more positive note, not only did it feel like a “normal” year last night, but SLP and I even managed to watch both Halloween and The Shining in their entirety, without falling asleep. (Well… she may have dozed off briefly around the time Dick Halloran was sensing the call to leave his Miami retreat.)

The day Facebook performed seppuku

I don’t have much to say about all of this, other than that I would probably, yes, be posting this on Facebook if it were affecting literally anything else in my known realm of existence.

Today Facebook killed itself. But its undead corpse will surely rise again.

The problem is some kind of colossal DNS snafu, which has, for all intents and purposes, temporarily caused facebook.com to cease to exist.

Ah… the air somehow smells fresher today. The water tastes better. The sun shines brighter.

But I know it won’t last.

Anyway… today’s the day it happened. Here’s some more in-depth information from Ars Technica which hopefully will not disappear down the Memory Hole anytime soon.

Update: This Cloudflare blog post probably provides the definitive explanation of what happened.