Good Design – Bad Design
Some things are designed well, and others aren’t. Posts in this category are meant to call out both, and in the case of bad designs, provide comparison or contrast to the same function designed properly.
Bad Design: WinZip – An Annoying Pop-Up Ad from an Irrelevant Product
The company where I am currently employed uses WinZip as its desktop standard for archive software.
This isn’t my preferred option, but whatever.
One minute, I’m cruising around in a spreadsheet, and the next, this pops up:
They company in question has an enterprise license for WinZip, which means that I’m running a fully-licensed copy.
I will cover some of the history of WinZip, and why I think it’s irrelevant, and then I will tell you exactly why I think this pop-up is wrong. I will also make some recommendations for both software designers and corporate desktop administrators.
Some History
…and, “Why I think WinZip is irrelevant”
Back in the DOS days, there were competing lossless file compression standards, and that’s still true today.
In the 1980’s and early 90’s, disk space was always at a premium, whether it was deciding what to delete off your hard drive so that you could install a new program, or how many programs you could back up to a floppy disk.
And, before the internet, you connected to Bulletin Board Systems (BBSs) through a very slow modem to find and download software. Smaller files meant that a BBS could host more files, and also, that your download time would be significantly faster.
The first commonly-used compression program for microcomputers was simply called “ARC”. Not only did ARC compress files, but it had the ability to compress multiple files in to a single “archive” file, and later versions could even span multiple floppy disks – handy if you were backing up your hard drive.
Due to its ease of use, single-file archive format, and itself being a small file that was easy to find and download, ARC quickly became standard among BBS operators and users. Every PC in the 80’s had a “C:\UTILS” folder, and ARC was one of the programs inside of it.
Although ARC was commercial software developed by SEA corporation, it was distributed as “shareware” – a license that allowed both individual users and BBS operators to freely “share” the file by copying it, but requested that users send in some money and obtain a proper license if they decided to keep using it. Of course, no one did that, and eventually, SEA released the source code for ARC.
A couple of years later, along came Phil Katz, who wrote a much faster and more efficient implementation of ARC, of course called PKARC, and rather than have both compression and extraction functions within the same executable, Phil Katz split the extraction function in to a separate program called PKXARC. This meant that you could download the much more svelt PKXARC if all you needed to do was extract files without compressing them, but in either case, you would benefit from the much faster code.
PKARC soon became the de facto tool for using ARC files.
Later, Phil Katz co-developed the ZIP file format – the same one that’s in use today. And, like ARC, everyone started using ZIP files, especially popular with BBS operators due to the smaller file sizes and faster extraction routines.
Soon, like ARC, every PC had PKZIP and PKUNZIP in their C:\UTILS folder alongside PKARC and PKXARC. Eventually, people just stopped using ARC altogether.
And thus, Phil Katz built the bulk of the PKWare software empire off of one little shareware utility.
However, PKZIP had one major drawback: It was a command-line program, requiring some knowledge of what a command line is, how to use it, and how to use PKZIP within it.
As operating systems evolved toward Graphical User Interfaces (GUIs) and began to focus on ease-of-use, there was clearly a gap.
You could download a ZIP file from a BBS using your terminal program running in a window, but then you would have to shell out to a command prompt and run some arcane (pun intended) commands to extract the files within it, in to a usable format.
In the early 90’s WinZip emerged as a graphical front-end to PKZip. With PKZip installed, and with WinZip properly installed and configured, a user could simply double-click on a zip file to extract its contents, or drag and drop some files to create a new ZIP file. WinZip handled the user interface, and on the back end, it ran PKZip with the appropriate command-line switches.
Eventually, WinZip adopted a “clean-room” ZIP implementation, and dumped PKZip. Now, there was no complicated dependencies nor configuration. If a user needed to open a zip file, they could simply download and run WinZip as a single program.
As Windows 95 boosted the popularity of home computing, WinZip quickly became much more popular than PKZip. PKWare made a feeble attempt to release a competing GUI product, but it was too-little, too-late. WinZip had been on the market longer, most users were familiar with it, it had better desktop integration, and it was far easier to use.
By the late 90’s, WinZip was one of the first programs you needed to download after any new operating system was installed.
Similar to PKWare, WinZip had a “trialware” license that allowed you to freely use it for a couple of weeks, and then either delete it or license it.
To help drive revenue, unlicensed copies of WinZIp would pop up a friendly reminder. Once you entered a license code, the reminder disappeared. Further, a license was perpetual, and initially allowed for perpetual upgrades. So for about $10 (if I recall), not only could you license WinZip to get rid of the annoying pop-up, but you could also freely download and upgrade to the latest version every couple of months when it was released.
WinZip prospered as it virtually ruled the market. Over time they added new features and updated the GUI, but WinZip was still WinZip.
And then Microsoft released Windows XP, which had built-in support for zip files.
It’s hard to believe that Microsoft turned a blind eye to this lucrative niche for nearly 10 years, but on the other hand, they were probably gun-shy after having recently fought off anti-trust litigation from Netscape. In versions of Windows prior to XP, if you double-click on a ZIP file without WinZip (or another ZIP handler) installed, you more or less get a message that says “what the heck do you want me to do with this??”
Now, with Windows XP and onward, you could double-click a ZIP file to open it, or right-click some files and send them to a “compressed folder”, which is Microsoft’s codename for a ZIP archive file.
Even worse for WinZip, by the time Microsoft released XP, there were Free and Open Source Software (FOSS) alternatives such as WinRAR and 7-Zip. Initially, each of these only supported a proprietary archive format (RAR and 7z respectively), but eventually they both ended up supporting multiple archive formats, including ZIP, and even the advanced features of the ZIP format, such as media spanning and AES encryption.
And, WinZip’s market began to dry up.
Casual users didn’t need to download anything – they simply used the operating system’s built-in ZIP file handler.
Power users could download FOSS utilities for free, such as WinRAR and 7-Zip, and simply avoid both the cost of WinZip and its increasingly clingy, laggy user interface and more frequent and annoying beg-ware pop-ups.
As it turns out, switching from a perpetual to an annual license model was a smart move for WinZip.
Rather than die out like ARC and PKZip, there is just enough recurring revenue from corporate licensees to keep it on life support.
So, despite being completely obsolete, WinZip is still running out there, with it’s ever-more kludgy and annoying user interface, limited features, and annoying pop-ups.
And, companies like the one I work for are still running it, because, hey, it works, and hey, they still have a license for it.
Why Pop-Up Ads are Bad
<RANT>
In case you don’t remember using a computer in the 2000’s, let me describe what it was like:
- “Windows has some updates for you!”
- “Update to the LATEST version of Adobe Flash to view this page!”
- “Adobe Acrobat needs to be updated.”
- “Your virus definitions are out of date.”
- “You’re not running the latest version of WinDVD / WinAMP! Download it now!”
- 10 browser pop-ups for spray tanning you should buy online, software that can clean your PC, stock you must buy immediately, adult websites you HAVE to try right now, the truth about “x”, and whatever else you don’t care about.
Play this every couple of hours on endless repeat while you’re trying to edit a document or watch a movie.
PEOPLE. HATE. POP-UPS.
People hate pop-ups so much that every modern browser has a built-in pop-up blocker – code that specifically stops a website from opening new browser windows.
People hate pop-ups because they are pre-emptive. You have to STOP doing what you WERE doing (which was important to YOU), and click “close” on a useless pop-up. You can’t ignore a pop-up, because it’s right there, blocking whatever you were working on behind it. It’s even worse when you’re typing, because you have to take your hands off the keyboard, which is both slow and distracting.
People HATE them.
So why have a completely random pop-up inside a fully-licensed product??
If I was running the trialware version (if that even still exists), then a pop-up is justified when I first launch the program. “Hey… we see that you still haven’t registered…” OK, fine.
BUT I HAVE registered. It’s fully-licensed. And, I DIDN’T EVEN HAVE WINZIP RUNNING!! So it obviously has hooks in to the scheduler (Microsoft’s biggest architectural mistake, but that’s another story) for the sole purpose of trying to sell me more WinZip crapware, that I can only assume has even MORE pop-ups!
What’s even worse is that I don’t need any of the “new features”, and I don’t want them. I don’t need some crappy product “running tasks in the background” or “sorting through my photos”.
All I need to be able to do is encrypt a ZIP file and read encrypted ZIP files.
BUT, because I’m on a corporate laptop, rather than downloading a superior product like 7-Zip, which is simple, fast, and free, I’m forced to run WinZip and deal with bulky, slow software and random crappy pop-ups. What a user experience!
</RANT>
Just let this sink in for a minute… My recent experiences with WinZip have been so frustrating that I just spent 3 hours of my personal time writing this blog post.
Tips for Corporate Desktop Admins
Why do corporations still use WinZip? Probably one of several reasons:
- You have used it for years. So what. The current version is a kludgy piece of crap. Move on.
- You already own a license. This falls under the sunk cost fallacy. Once an investment significantly diminishes in utility, the best course of action is to STOP SPENDING MONEY ON IT.
- We have to train our users. No, you don’t. The 7-Zip interface is similar to the WinZip classic interface, and anyone who has used a computer within the last decade will figure it out.
- WinZip is secure. So are 7-Zip and WinRAR. But, now that no-one out in “the real world” is running WinZip, finding new vulnerabilities is much more difficult. Existing WinZip deployments could sit on desktops for years in a vulnerable state. In contrast, with 7-Zip being one of the most popular pieces of FOSS of all time, there is lots of active development, and any vulnerability would be quickly identified and patched.
- “Open Source” licensing is questionable. No, it’s not. Have your legal department review and approve the GPL and move on.
- Being open-source, there is little or no support. IT’S AN ARCHIVE UTILITY. HOW MUCH SUPPORT DO YOU REQUIRE? Having said that, there’s probably more support out there for 7-Zip than any Microsoft or IBM product. (Microsoft is the new IBM, they just don’t know it yet.)
- It’s difficult to deploy. You don’t even have to install it. Just copy the files and run it.
- It’s expensive. The “F” in FOSS stands for “Free”.
Tip of the day: DUMP WINZIP. STOP WASTING MONEY ON MAINTENANCE AND LICENSING. MOVE ON TO A SUPERIOR SOFTWARE PRODUCT.
Tip for Software Designers
If you are Microsoft:
If someone is making MILLIONS OF DOLLARS selling an add-on to your flagship operating system, hint, you might want to BUY THEM. Loot the codebase, integrate the functionality, and move on.
If you are a startup company with a niche product:
- Stay within your lane. Don’t over-innovate. Keep the feature set simple.
- Keep the User Interface as simple as possible. People are using your product out of necessity, not preference. They don’t want 15 levels of menus, nor “innovative” user interface elements. Keep it simple and fast.
- Don’t get greedy. You have a niche product, not a “desktop suite”. Charge users a few bucks for each license, and keep the product as simple as possible.
- Pivot when needed. Despite being battered in to the dirt by WinZip, PKWare didn’t go out of business. Currently, they are out of the desktop archiver market, and their current product offering is focused on security.
- Sell out at the top, not the bottom. Because you have a niche software product, someone will eventually come along who sells a better / faster / cheaper product. Once you begin to lose market share, it’s already too late. You WILL eventually have to sell – do you want to sell while your company is dominating the market, or as you walk out of bankruptcy court?
- NO POP-UPS. Remember your place. I don’t “WinZip” on my computer daily. I do a lot of things, and products like WinZip are a very small part of it. The LESS interaction I have, the better.
Enough ranting, I think my points are clear.
If you have a set of things, a permutation is a specific way that you can list those things. Although algorithms exist to list every permutation, most of them rely on recursion – the calling of a function from within itself – which is horribly inefficient.
If you want a non-recursive algorithm that lists every permutation, keep reading…
Thanks for Misusing My Personal Data!
15 months ago, I bought a house.
During the course of that transaction, I had to disclose personal information to:
- The finance company (two, since we dropped the first one)
- The insurance company
- The title company
I was required by Federal law to disclose information, including my:
- Birthday and date
- Social Security Number
- Full Name
- Address
You know, everything you might need to, you know, KNOW in order to steal my identity.
The business purpose for this was ostensibly to:
- Obtain credit information
- Review my financial records and assets
- Report a financial transaction to the IRS
And, it was ostensibly to be used ONLY in the course of doing business.
A year passes…
I get a “Happy Birthday” e-mail from:
- BOTH finance companies, even though I dropped one of them
- The insurance company
In addition, I got an actual birthday card in the mail from the finance company that we ended up using.
Two decades ago, I would have thought “how quaint!” and moved on.
However, in the days of identity theft, YOUR BIRTHDAY is a significant piece of non-public personal data that should be closely guarded.
If I had gotten a birthday card at the beginning of the month with a note that says “Hey, happy birthday this month!” We know it’s your birthday, but we respect your privacy, so we’ve stored a generic representation of your personal data rather than your actual birthday.
Completely acceptable.
The reason storing my ACTUAL BIRTHDAY is NOT ACCEPTABLE, is twofold:
- YOU HAVE NO REASON TO STORE IT. Once you’ve pulled my credit, sold me a house, and reported all of this to the government, there is no legitimate ongoing business need to continue to retain that information.
If your company stores data for which there is no valid, ongoing business purpose, you’re inviting a data breach. - YOU PROBABLY AREN’T STORING IT SECURELY. Is my birthday in a spreadsheet, stored on your laptop that you take to your house every night, which someone could steal from your house, or even worse, steal from the back seat of your car when you stop to pick up dinner on the way home?
Don’t laugh – I worked for a company where this exact situation happened – a spreadsheet containing personnel records, including social security numbers, was stored un-encrypted on the hard drive of a company-issued laptop that was stolen out of the back of someone’s car while parked in a restaurant parking lot.
So hopefully not on a laptop, but, pursuant to GLBA or FCRA or HIPAA or a number of other laws, we should hope that my birthday is stored on a server that’s encrypted, logically-secured, physically-secured, logged, monitored, audited, sitting behind a firewall, etc. More realistically, it’s stored “in the cloud” in your company’s sales system.
In addition to appearing completely unprofessional, the situation gives rise to the following, UNCOMFORTABLE QUESTIONS:
- What else are you storing without my knowledge and consent?
- Who do you share it with?
- Is it all stored by social security number? I hope not, but that’s how businesses were run 30 years ago.
<RANT>
And…
If WE NEVER DID BUSINESS AT ALL because MY WIFE FIRED YOU, then you have NO LEGITIMATE PURPOSE for storing my data, and ZERO REASONS to send me a birthday e-mail.
You know who you are…
</RANT>
Best Practices
Most data breaches result when companies store data that they don’t need, or store improperly, or both.
- Identify and catalog all systems that store Personally-Identifiable Information (PII) / Non-Public Personal Information (NPPI) / Protected Health Information (PHI) and other sensitive, personal data.
- Make sure these systems are secured properly – the Federal government provides guidance on securing financial and healthcare data.
- Audit the data regularly to make sure you are only storing what is needed for legitimate business purposes. This includes purging old data, as well as ensuring that you are not unnecessarily, permanently storing personal data fields.
- In most cases, a business is only required to retain business records for 3 to 7 years, depending on the type of business. If you have data older than that, you need to delete it!
- If you have data fields that are necessary, say, to perform a credit check, you need to store them temporarily, and then delete them when no longer needed. Those data fields should live only as long as the transaction, and no longer. 3 months to a year would be more than sufficient.
- If you want to store demographic information, or, you know, send birthday cards in a quaint attempt to appear personable, then at least use legitimate techniques to anonymize the data.
- Don’t store the birth year at all (if not needed for demographics)
- If you DO need demographic information, Round the birth year to a multiple of 5
- y’=int(y/5)*5
- if y’=y then y’=y’+5
- In your CRM system, set everyone’s birthday to the first of the month. If my birthday is April 22, store 4/1.
Send me a birthday card at the first of the month, and let me know that because you respect my privacy, you DO NOT STORE MY ACTUAL BIRTHDAY.
Frankenbolt (verb):
To assemble two or more completely dissimilar and poorly integrated components in to one unit, as in the patchwork manner of Frankenstein’s Monster.
Examples
- “Reporting was an afterthought. The developers obviously licensed a third-party component and simply Frankenbolted it in place at the last minute.”
- “Every application should stick to its core mission. Without a core mission, scope creep always results in an application with modules Frankenbolted all over it, like some bizarre freak-show attraction.”
We see competition shows all the time, such as “Top Chef”, “Next Iron Chef”, “Chopped”, all of the baking competition shows, and even shows such as “Forged in Fire” and “Next Mythbuster”, where the loser of each round gets eliminated.
The goal of the show is to find “the best” out of a group of competitors, but this is not the likely outcome.
Let’s look at why, and how to fix it.
Or, why floating point operations are slow, and how to avoid them.
STOP USING STICKY STICKERS AS PRODUCT LABELS!
We’ve all done this 1,000 times…
You purchase a piece of wood, or worse, a piece of fruit, peel the sticker, and it completely self-destructs, leaving bits of sticker, and a sticky residue.
They COULD protect your data… they CHOOSE not to…
Unprofessional of the Year Award for 2019 Goes to Pizza Hut
- On 1/5/2019, placed an order at 8:00 PM Saturday evening
- Delivery time 9:45 PM. OK, they’re busy, but I’ll get my pizza eventually.
- 9:45 comes and goes, call the store multiple times for a status, and each time, they hang up on me.
- Pizza shows up at 11:15 PM. I bet THAT IS SOME HIGH QUALITY EATS. The driver offered to give it to me for free, but at this point, I don’t want whatever it is, that they managed to put in a box and send to me, so I refused the delivery.
It’s not the driver’s fault, obviously, but to show up at someone’s door an hour and a half late, and over 3 hours after I placed my order, with no call back, and no confirmation is completely unprofessional.
The driver alluded to the fact that the manager completely botched things up, but at this point, after multiple calls to the store, and multiple calls to their call center, I really don’t care.
- The manager needs to be fired for gross incompetence. There is no excuse for a 3 hour delay.
- The driver apologized. I should have told her that you SHOULD NEVER apologize for someone else’s mistake. She should be promoted, for at least attempting to handle the situation.
- Whoever was hanging up on customers needs to be summarily fired.
How to Turn a Bad Situation in to a Win:
Bad things happen.
Things can go from “OK” to underwater very quickly, but as the manager, you have to think about what outcome you want, and what swift action you must take to achieve that outcome.
- As soon as things started getting bad, the manager should have closed the store. This would have prevented more orders from coming in, and new orders could either be routed to another store, or the customers could simply be told that delivery service is unavailable at this time due to foreseen circumstances, rather than wasting the customers’ time.
- Any order delayed more than 15 minutes should necessitate a call to the customer. Most stores have 23 or fewer phone lines (the number of DS0 lines that can be carried on a T1/DS1 line), so it’s entirely possible that the phone system was overloaded… It’s up to the manager to take action! Use a cell phone to start calling customers and setting expectations. Tell the customer that there are unforeseen circumstances, don’t make excuses, set expectations, and then ask what the customer wants: Delayed delivery with a discount, or cancel the order. Give the customer the option. Empowering the customer, and then closely managing expectations is how to turn a losing situation in to a winning one.
Corporate Changes Needed
- There was no escalation path. Although you could call the call center, they were only empowered to take an order, and they have no ability to check the order’s status or cancel it. After a couple of phone calls, it became very clear that the call center is only able to transfer you to the local store…. which of course, was hanging up on customers. The call center should be 100% empowered to handle order changes, provide status, and cancel an order. Which brings us to the next problem….
- Complete technological failure.
- The Android app failed. The order was originally placed via the Android app, and the app is supposed to provide the user with a near-realtime status. However, the developers built the status function so that it ONLY runs on the newest versions of Android – I have 6.0, and the app simply tells me that my OS is out of date. There is no update for my device, for a newer OS, so the message you’re sending is that, to be a Pizza Hut customer, I have to go out and buy a new phone every year.
- The website failed. After an order is placed, there is no way to get a status or contact the store via the website. In the age of online, you have to call the store, on the phone to get a status.
- The store’s point of sale / order entry system doesn’t seem to integrate with the rest of their technology. How is it that, if by miracle I happen to be running the ordained version of Android, I can get a near-realtime status from the store, but neither the website, nor the call center can? The answer from the website, the call center, and the application was: “Call the store for a status.” Which would be OK, if the phones weren’t jammed. Wouldn’t it be nice for the manager to be able to post a status, so that everyone sees it instantly: “Due to unforseen circumstances, we are running behind. We are not accepting new orders at this time, and if your order is delayed more than 15 minutes, we will be contacting you.” BOOM, everyone is in sync.
Customer Perspective
Aside from being frustrated, I just wanted to get the food that I ordered.
After waiting 3 hours, which was an hour and a half PAST the delivery time, I had no idea if it was still on the way or if the order was cancelled, or if the store was on fire.
This is the point where some kind of escalation should have occurred, but there was no one to whom I could escalate.
After being hung up on, multiple times, and being told that the ONLY way to cancel my order is to call the store (and be hung up on), is extremely frustrating. There is no valid situation, save for life-and-death, that it’s acceptable to hang up on a customer.
I turned off my lights, locked my door, and the delivery driver STILL knocked on my door, over an hour later! How about a phone call?
The offer of getting the pizza for free was the right thing to do, but if things are going so poorly that you’re OVER AN HOUR AND A HALF LATE, how do I even know what’s in that box? I don’t want some half-cooked crap with the wrong toppings.
At this point, as a customer, this seems like a breach of trust.
From my perspective, I can’t trust your service, which means that I also can’t trust your product.
All it would have taken is someone in authority who was empowered to fix the problem, to change that perception.
Kudos to the driver, who at least tried to take care of the situation, but it’s the manager who miserably failed, and with a fairly severe technology deficit, there was no way that anyone could help me, except the manager, who was too busy hanging up on people.
Dear Pizza Hut:
I’m happy to have you hire me to fix these problems for you. I have a long track record of taking a complete train wreck like yours, and building a success story.
Short of that, I will no longer be a Pizza Hut customer.
Update – 2/6/2019
- The next day, the credit card charge still indicated ‘pending’, so my wife called the store to discuss the matter with the day manager. She explained that the delivery was refused, and was told “That sounds like a ‘YOU’ problem”, and the day manager hung up on her.
- We both submitted corporate complaints, which were simply referred back to local store (GALLOWAY AVE., MESQUITE, TX), and then summarily ignored.
- Fortunately, we disputed the charge with the credit card company, and got the charges reversed. My next stop would have been the BBB.
- It has been 30 days, and no one has responded to our complaints. This is an unacceptable way to treat customers, and a horrible way to do business.
Update – 4/16/2019
- I contacted the store on or about 4/13, just to see if they would be willing to discuss the matter.
- When I asked to speak to the manager, I was told I WAS SPEAKING to the manager (this was an obvious lie), and this so-called manager apologized profusely. He assured me that the entire previous management staff had been fired, and that there was all new management in place.
- When I asked for the district manager’s contact information, the so-called manager told me he couldn’t give that information out. I said, if he’s doing business, then surely he has a business contact.
- He hung up on me
- NO. In reality, this was just another sh##bag employee, willing to lie to a customer.
- ONLY AFTER I filed a complaint with the BBB (see below) did I get a half-hearted sorta kinda apology.
- Now, I’m starting to think that the problem is with Pizza Hut Executive Management, and that the problem is systemic.
Dear Pizza Hut:
WHEN IS IT OK TO LIE TO YOUR CUSTOMERS?
WHEN IS IT OK TO ISSUE A HALF-HEARTED APOLOGY ONLY AFTER I INITIATE A COMPLAINT WITH THE BBB???
I can fix this for you…. you need to hire me in an executive position, so that I can fire everyone in customer service, and everyone in technology, and rebuild both departments.
Oh, and ONE MORE THING. Let’s look at the tail end of that e-mail…
Disclaimer: This message (including any attachments) contains confidential information intended for a specific individual
and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure,
copying, or distribution of this message, or taking any action based on it is strictly prohibited.
This is tacked on for the sole purpose of allowing Pizza Hut to bully me in to taking down any copy of this e-mail I may choose to post.
Well…. LET ME EDUCATE YOU.
- This entire communication is covered under the Fair Use Act, and I’m publishing it, accordingly
- I don’t use Facebook or Google for my blog. Go ahead. Threaten people. There are no robots out there to help you silence me.
- If you issue a cease and desist, I will be obliged to post it here. TRY ME.