Tech Support

Technical support topics that can’t easily be found elsewhere.

Cache Busting using Javascript

Posted by Justin A. Parr on August 10, 2024
Posted in: Tech Support. Tagged: , , . Leave a Comment

Cache Busting using Javascript

 

Problem

Google Chrome (and possibly, other browsers) don’t properly honor the Cache-Control header.

If you are on Page A, click a link for Page B, then hit the back button to go back to Page A, Chrome uses a pre-rendered, cached version of Page A, which may now have stale content.

Action Location
Start Page A
8:05 AM
Click link on Page A Page B
8:10 AM
Hit browser back button Page A
8:05 AM

At this point, Page A is basically static.  Any dynamic content won’t be refreshed, even if it executes in Javascript.

Disrupting this behavior is known as “cache busting”.

 

Solution

Add this Javascript to your page’s <HEAD> section:

<SCRIPT>
function nocache(){
  var tc3=new Date();
  var delta=tc3-tc1;
  if (delta>2000) {
    window.location.reload();
  } else {
    tc1=tc3;
  }
}
var tc1=new Date();
setInterval(nocache,1000);
</SCRIPT>

 

How it Works

When the page first executes, it creates a Javascript variable tc1 with a current timestamp.

Then, it sets up a timer callback function, nocache(), which executes every 1 second.

When nocache executes, it creates a new timestamp (tc3), and if the difference between the two is greater than 2 seconds, it reloads the current page.  If not, it updates the tc1 timestamp to current.

The result is that if the page remains static for more than 2 seconds, it will refresh.  However, as long as the page is active, it keeps updating the timestamp in tc1 instead.

If you click the link to Page B, wait 2 or more seconds, then hit the browser’s back button, the timestamp in tc1 will be the point in time from when the link was clicked (more than 2 seconds ago).  One second after you hit the back button, the nocache function sees that tc1 is more than 2 seconds out of date and reloads the page.  If the page successfully reloads, tc1 is updated in the process.  If not, it simply retries the reload every 1 second.

Also, if your page uses JSON or XML to dynamically render content, the nocache timer function can simply call your page’s update function rather than reload the entire page.

 

Conclusion

When you hit the browser’s back button, Chrome tries very hard to use a pre-rendered page from cache rather than use the Cache-Control header or contact the server to see if the page is stale (which it should be doing).  This means that when you hit the back button, any dynamic code has already executed, and the page picks up where it left off from a script execution standpoint.  Unfortunately, this includes any events that have fired, which means that the pre-rendered version of the page is basically static.

I have seen other solutions that use the onpageshow event, or other event hooks.  However, I have found these to be unreliable in Chrome for cache busting.  In contrast, the timer hook must be honored for basic page functionality, and therefore can’t simply be killed off like other events.

A side effect of this approach is that if the server is unavailable and the page tries to refresh, it will get stuck in a refresh loop until the server is available again.  This is not necessarily a negative behavior, but could easily be fine tuned using a counter, for example, to only try to refresh a set number of times and then stop.  During page load, “retries” is set to some number, n.  “Retries > 0” is then added as a condition to the if block, which then decrements retries during each execution.  If retries hits zero, it updates tc1 to current, which stops all attempts.  In another variation, retries can be its own, outer “if” block, so that some other exit action can be executed, for example, alerting the user that the server is offline and the page is stale.

A fleshed-out version would look like this:

<SCRIPT>
  function nocache() {
    var tc3=new Date();
    var delta=tc3-tc1;
    if (retries>0) {
      // Normal action
      if (delta>2000) {
        retries-=1; 
        window.location.reload();
      } else { 
        tc1=tc3; 
      }
    } else {
      // When retries hits zero, set error text, make the element visible, and disable the nocache timer
      var e=document.getElementById("ErrorText");
      e.innerHTML="The server is offline and this page is dead.  Have a nice day.";
      e.style.visibility="visible";
      clearInterval(nocachetimer);
    }
  } 
  var tc1=new Date();
  var retries=3;
  var nocachetimer=setInterval(nocache,1000); 
</SCRIPT>
<DIV ID=ErrorText STYLE='visibility:hidden; display:block;'>&nbsp;</DIV>

I hope you find this useful, and thanks for reading!

C – Access Other Data Types As Byte Array

Posted by Justin A. Parr on June 19, 2022
Posted in: Tech Support. Leave a Comment

C – Access Other Data Types As Byte Array

 

I’m working on an Arduino project.  Yes, I know I complained about them before, but that’s before I found out about the Espressif ESP32 and it’s smaller cousin, the ESP12 / ESP8266.  These have built-in WiFi and Bluetooth, and have all sorts of cool features.

So, if you’ve visited this site in the last couple of years, you may have noticed that in the upper-right corner of the page, there is a widget called “Temperature at Casa de Parr”.  This runs on a Raspberry Pi Zero W (like the Gate Controller).  There is a DS18B20 temperature probe attached to the Pi, which is in a weather-proof case, and a second one connected via a wire, which sits just below the water level inside the pool.

At the time, the Pi was WAY overkill for this type of application, but for about $30 and some coding, I had a WiFi-accessible thermometer – very cool.

Well, I’ve been working on re-creating this using an ESP12, which is about $4, and I can use the same DS18B20 temperature probes.

Although the DS18B20 temperature probes are very consistent (precise), they are not very accurate, and therefore there is a need to store a calibration factor – basically an offset that you can add or subtract to the measured temperature, which may be two or three or even four degrees off, in order to calibrate it to the “real” temperature.

Of course, this assumes that the error is a constant at all temperature ranges – we could talk about two-point (linear-gradient) or three-point (curved) calibration, or even use an n-point bezier curve, which would be much more accurate, but for my needs, a constant is probably sufficient.

Unlike the Pi, which uses an SD card as its file system, the ESP can’t read or write any files unless you attach an SD card reader and write some code to read and write the files.  Instead, they are designed to have a single, static program that gets stored in flash memory, which loads and runs automatically at boot.  In addition, it has 512 bytes of EEPROM that’s accessible to the user, to store things like state or settings – 1/2 KB isn’t very much storage.

So to store my calibration factor, I need to write a float to EEPROM, and the method for writing to EEPROM is to write one byte at a time.  A float is 4 bytes, and therefore I have to perform 4 write operations to 4 separate EEPROM addresses.

In order to accomplish this, I need to access my 4-byte float as a byte array.  The easiest way to do this is to create a casted pointer, and I thought the concept behind this was interesting enough that you, dear reader, might be interested in it as well.

float f;
char *c=(char *)&f;
for(int i=0;i<4;i++)
  EEPROM.write(iBaseAddress+i,c[i]);

 

How This Works

The “char” (or byte) data type is one byte – normally, you would use an array of char as a string:

char myString[]="Hi There!";

At this point, you can access the individual bytes of myString as elements in the array:

myString[3]=='T';   //true

In addition, I can create a char pointer to my string, and access the pointer as if it was my original string:

char *c=&myString;  //& means "Address of"
char *c=myString;   //The compiler knows what you're trying to accomplish
c[3]=='T';          //true

Using the address operator (&) we can assign the pointer c to the address of our string &myString.  However, if you just assign a pointer to a string, most compilers know what you’re trying to accomplish, and just directly assigning it results in the same thing – the pointer c holds the address of myString.

If we try to do this with our float, we get a type conversion error:

float f=3.14;
char *c=f;          //Error:  Can't convert float to char
char *c=&f;         //Error:  Can't convert float to char

However, if we cast our float as a char, we are telling the compiler to treat the variable f (a 4-byte float) as if it was a char.  Using casting with the address operator returns a pointer to a char, which really points to our float:

char *c=(char *)&f;

Now, c[0] through c[3] are the four bytes of our float.

 

Conclusion

I wrote this out within my code, and I got to thinking about it – I don’t do very much c coding these days, and I should probably double check.  I found NO GOOD answers, and the top answer seemed to be to use a union:

union {
  float f;
  char  c[4];
} fl;
fl.f=3.14;
for(int i=0;i<4;i++)
  EEPROM.write(iBaseAddress+i,fl.c[i]);

This works, and I could certainly create a union type:

union fltype {
  float f;
  char  c[4];
}
union fltype fl;

This is certainly more readable, but the only time I need to read a float as a byte array is when reading or writing to EEPROM.  Using type casting just seems like a cleaner solution.

Windows CertUtil – List Certificate Stores

Posted by Justin A. Parr on December 28, 2021
Posted in: Tech Support, Tech Tip. Leave a Comment

Windows CertUtil – List Certificate Stores

I needed a way to list all of the Windows certificate stores…

Google failed me, so here it is:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>certutil -enumstore

(CurrentUser: -user)
LocalMachine
(CurrentService: -service)
(Services: -service -service)
(Users: -user -user)
(CurrentUserGroupPolicy: -user -grouppolicy)
(LocalMachineGroupPolicy: -grouppolicy)
(LocalMachineEnterprise: -enterprise)

My
Root
Trust
CA
TrustedPublisher
Disallowed
AuthRoot
TrustedPeople
Homegroup Machine Certificates
SmartCardRoot
SPC
TrustedDevices
Windows Live ID Token Issuer
CertUtil: -enumstore command completed successfully.

If you’re looking for the store names listed in MMC, they are listed with a completely different name, because… Microsoft:

CertUtil Storename In “Certificates” MMC Purpose
My Personal Certificates assigned to this user or machine
Root Trusted Root Certification Authorities Root CAs trusted by this machine – typically this isn’t used very often
Trust Enterprise Trust Active Directory and other CAs related to management and authentication
CA Intermediate Certification Authorities Intermediate CAs trusted by this machine – typically this is not used.  The server should serve out an intermediate that is downloaded on the fly, and must chain to a root CA in “Third-Party Root Certification Authorities”
AuthRoot Third-Party Root Certification Authorities Public trust providers such as DigiCert / GeoTrust or Thawte

 

To list all of the certificates within a store:

C:\Windows\system32>certutil -store authroot
authroot
================ Certificate 0 ================
Serial Number: 7777062726a9b17c
Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
NotBefore: 1/29/2010 8:06 AM
NotAfter: 12/31/2030 8:06 AM
Subject: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template: 
Cert Hash(sha1): f9 b5 b6 32 45 5f 9c be ec 57 5f 80 dc e9 6e 2c c7 b2 78 b7
No key provider information
Cannot find the certificate and private key for decryption.

================ Certificate 1 ================
Serial Number: 600197b746a7eab4b49ad64b2ff790fb
Issuer: CN=thawte Primary Root CA - G3, OU=(c) 2008 thawte, Inc. - For authorized use only, OU=Certification Services Division, O=thawte, Inc., C=US
NotBefore: 4/1/2008 6:00 PM
NotAfter: 12/1/2037 5:59 PM
Subject: CN=thawte Primary Root CA - G3, OU=(c) 2008 thawte, Inc. - For authorized use only, OU=Certification Services Division, O=thawte, Inc., C=US
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template: 
Cert Hash(sha1): f1 8b 53 8d 1b e9 03 b6 a6 f0 56 43 5b 17 15 89 ca f3 6b f2
No key provider information
Cannot find the certificate and private key for decryption.
.
.
.
.
.
================ Certificate 52 ================
Serial Number: 01
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
NotBefore: 5/30/2000 4:48 AM
NotAfter: 5/30/2020 4:48 AM
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template: 
Cert Hash(sha1): 02 fa f3 e2 91 43 54 68 60 78 57 69 4d f5 e4 5b 68 85 18 68
No key provider information
Cannot find the certificate and private key for decryption.
CertUtil: -store command completed successfully.

 

And there you go, kids… always remember to use your powers for good and not evil.

 

Find the Center of a Circle Using Only a Pencil and Straight Edge

Posted by Justin A. Parr on February 18, 2021
Posted in: Math and Science, Tech Tip. 1 comment

Find the Center of a Circle Using Only a Pencil and Straight Edge

I bought a wood lathe recently, and the first time I tried to center some wood, I went through the painful process of remembering how to find the center of a circle.  This, despite having had three years of mechanical drawing classes.

Starting with a pencil and straight edge:

  1. Mark a line on the straight edge that’s a little more than 3/4 of the diameter (height) of the circle.  It doesn’t have to be exact.
  2. Make a mark (M) at the top of the circle.  The location of the mark need not be exact.
  3. Align the straight edge so that the corner is on mark M, and the line on the straight edge touches the right edge of the circle.  Draw a line (A) from somewhere above the center of the circle out to it’s edge.
  4. Repeat on the left side, drawing line B.
  5. From where line B ends, line up the straight edge so that its corner sits on the end of line B, and its line touches the lower-right-hand edge of the circle.  Draw line C along the straight edge, crossing the vertical center line.
  6. Repeat from the end of line A to the lower-left-hand edge of the circle, and draw line D
  7. At this point, lines C and D should form an “X” near the bottom of the circle.
  8. Draw a vertical center line (E) by aligning the straight edge with mark M and the intersection of lines C and D.  Start the line above the center, and go all the way to the bottom edge.
  9. At this point, line E passes through the center vertically, but we need to find the horizontal center.
  10. From where line E touches the bottom of the circle, align the straight edge so that it crosses line A, and the line on the straight edge touches the upper-right-hand edge of the circle.  Draw line F, crossing line A.
  11. Repeat this on the left side, crossing line B, and drawing line G.
  12. At this point, there should be an “X” on the left formed by lines B and G, and one on the right formed by lines A and F.
  13. Align the straight edge across the intersections of the left (B,G) and right (A,F) intersections, and draw the horizontal center line H.

The center of the circle is at the intersection of the vertical (E) and horizontal (H) center lines.

 

How This Works

Let’s call the distance from the corner of the straight edge to its mark S.

Let’s call the points where the horizontal center line meets the circle’s edges H1 (left) and H2  (right), and the point where the vertical center line meets the bottom V.

If we start at M and walk clockwise around the circle, we would pass through the points as follows:  M (start) → H2 → V → H1 → M (back to start).

If the radius is 1, then the diameter is 2, and the length of MH2 is 1.41. We initially selected S to be about 3/4 of the diameter, or about 1.5.

The circle’s radius, R, is 1/2 the length of MV or H1H2.  The length of MH2 would be √ R2 + R2 , and the same is true for H2V, VH1, and H1M.

If we assume that the radius R is “1 unit” (the actual length is irrelevant), then √ 12 + 12 = √ 2 , or about 1.41.

If the radius R = “1 unit” then the diameter = 2 ⋅ R = “2 units”.

By selecting S such that S is 3/4 of the diameter, 3/4 ⋅ 2 = 1.5.  Since S>1.41, and we make two consecutive S-length marks around the circle, we know for a fact that 2 ⋅ S is greater than the length of MH2V.

By doing this twice, once clockwise, and once counterclockwise, we get lines C and D.  We can call their intersection point T

MAD = MBC = 2⋅S. Point T is located at the intersection of lines C and D. Triangles ΔMAT and ΔMBT are congruent. MT bisects AB.

It’s easy to prove that this forms two congruent triangles:  ΔMAT and ΔMBT.  If the line MT is the base of both, then because they are congruent, the height of both are the same, which means that MT perfectly bisects AB).

Since this line MT also bisects the equilateral triangle ΔMAB which is inscribed within the circle, that line must pass through the center of the circle as well.

Carrying MT out to the edge of the circle gives us point V.

By drawing a line from V of length S to the edge, we get line F, which crosses line A.  We can call this intersection point U.

Points U and W are at the intersections of A and F, and B and G respectively. MUV is equilateral because MU=UV. MUV is congruent to MWV.

If we knew where the center of the circle (point O) was located, we could make the congruent triangle argument, that ΔMUO is congruent to ΔVUO, and just as with the vertical center line bisecting ΔMAB, UO would perfectly bisect the larger equilateral triangle ΔMUV.

On the other side, we draw line G of length S, which crosses line B at point W.  Same congruency argument:  ΔMWO is congruent to ΔVWO, and WO bisects equilateral triangle ΔMWV.

Because MU = VU we know that ΔMUV is equilateral, and the same for ΔMWV.  Further, because of the congruency argument, we know that MU = MW and VU = VW, and therefore ΔMUV is congruent to ΔMWV.

If line UO bisects triangle ΔMUV, then it must intersect MV exactly at its center.  Same for WO and triangle ΔMWV.

Therefore, WU passes through the center of both triangles at point O, where WU intersects MV.

And therefore, point O must be at the center of the circle, because VO = MO, and we know that MV passes through the center of the circle.

Note that this trick ONLY works if the the mark on the ruler (distance S) is > 1.41 times the radius.

Justin’s Perfect Quiche – Build-Your-Own

Posted by Justin A. Parr on November 30, 2020
Posted in: Food and Cooking. 1 comment

Justin’s Perfect Quiche – Build-Your-Own

I make quiche once or twice per year, and I don’t have a specific recipe that I follow – I usually google for things like portions, temperature, and cooking time.

This year, I decided to take some notes and provide a general quiche framework that will work for any kind of quiche you want.

The goal is to have 4 cups of eggs, cheese, plus other stuff (filler ingredients) that we pour in to a 9″ pie crust.  Although a 9″ pie crust will hold about 5 cups, the quiche will rise during the cooking process.

One major tweak from “normal” quiche recipes:  Instead of milk, I use sour cream, which has much more fat in it and also significantly improves the flavor.  Because sour cream is more dense, I use bread (chopped up) so that you don’t end up with a 2″ thick egg-crete block.

Equipment:

  • 9″ Pie Pan, greased, and a sheet pan to bake it on
  • Mixing Bowl (I usually skip the mixing bowl, and just mix the ingredients in the 4-cup measure)
  • Whisk
  • Cutting board and knife as needed for bread and other “filler” ingredients
  • 4 Cup measure
  • Sautee pan and wooden spatula – if you use cooked ingredients, the pan and spatula are not needed

Ingredients:

  • 9″ Pie Crust
  • 2 to 3 slices of bread
  • 8 to 12 eggs
  • 1/2 to 3/4 cup of sour cream
  • 2 Tbsp of brown mustard
  • 1 cup of shredded cheese
  • 1 to 2 cups of filler ingredients
  • 2 Tbsp of oil or butter to sautee ingredients – if you use cooked ingredients, the oil or butter is not needed
  • Salt, pepper, garlic powder, onion powder to taste.  About 1/2 teaspoon each.

Note:

  • For every 4 eggs, use 1 slice of bread and about 1/4 cup of sour cream.
  • If you have more filler ingredients, use fewer eggs – minimum of about 8.  If you have fewer filler ingredients, you’ll need more eggs, and thus more bread and more sour cream.
  • Makes at least 8 portions
  • About 20 minutes prep time, and about 1 hour 30 minutes cook time, which includes 15 minutes of resting time, or about 1 hour 50 minutes total.

Preparation:

  1. For any raw filler ingredients, cut them in to small slices or bite-sized pieces, and sautee them in the sautee pan until tender.  They don’t need to be cooked to annihilation, just cooked to the point of tender.  Let them cool.
  2. For any ingredients that are already cooked, such as ham, bacon, or other leftover meat, cut them in to small bite-sized pieces.
  3. Preheat oven to 375.
  4. Grease the pie pan and lay out the pie crust, crimping or folding the edges as you would with any other kind of pie.

Cooking:

  1. Cut the crusts off the bread, and cut the bread in to small cubes.
  2. Add the following in to the mixing bowl, then whisk until the eggs are fluffy:
    • Eggs – at least 8
    • Sour cream – at least 1/2 cup
    • Brown mustard
    • Salt, pepper, and optionally, garlic powder and onion powder.
  3. Add the following in to the mixing bowl, then stir
    • Bread (cubed, with crusts removed)
    • Shredded Cheese (about 1 cup)
    • Filler ingredients (Pre-cooked and cut in to bite-sized pieces)
  4. Pour all of this in to a 4 cup measure.  At this point, in the mixing bowl, mix up some additional eggs if needed.  If you have 3 cups of stuff, you need to add about 4 eggs.  If you have 3-1/2 cups, you need to add about 2 eggs, etc…
  5. At the point where you have 4 full cups of eggs + other stuff mixed and sitting in the 4-cup measure, carefully pour all of it in to the center of the pie crust.
  6. Place the (now-filled) pie pan on top of the sheet pan (in case it spills over), and place both in the pre-heated oven.
  7. Bake for 375 for up to 75 minutes.  Check the center at about 50 or 60 minutes, and monitor closely until the entire thing is solid.  It will rise about 1/2″ to 1″ during the baking process.
  8. Remove from the oven and let stand for about 15 minutes.
  9. Cut in to slices and serve.

Troubleshooting FTP

Posted by Justin A. Parr on November 29, 2020
Posted in: Rants, Tech Support. Leave a Comment

[Edits, 7/28/2022:  There were a couple of technical clarifications required]

Let me start off by saying “I HATE FTP!”

It was developed in the early 1970’s, before the Internet was really the Internet, and before the existence of firewalls or any other type of network security.  Over the last nearly-50 years, it has picked up so many band-aids that the entire protocol is now just basically one big kludge.

Despite its shortcomings, and despite the availability of newer and far superior file transfer tools, banks, governments, and anyone else with a mainframe continues to use it.

So, unfortunately, people like you and I get stuck supporting it.

If you’re having an FTP problem, or are just morbidly curious to learn about an antiquated protocol, read on…

Continue Reading

Bad Design: WinZip – An Annoying Pop-Up Ad from an Irrelevant Product

Posted by Justin A. Parr on September 15, 2020
Posted in: Analyses and Responses, Good Design - Bad Design, Rants, Tech Recommendations. 2 comments

Bad Design: WinZip – An Annoying Pop-Up Ad from an Irrelevant Product

 

The company where I am currently employed uses WinZip as its desktop standard for archive software.

This isn’t my preferred option, but whatever.

One minute, I’m cruising around in a spreadsheet, and the next, this pops up:

They company in question has an enterprise license for WinZip, which means that I’m running a fully-licensed copy.

I will cover some of the history of WinZip, and why I think it’s irrelevant, and then I will tell you exactly why I think this pop-up is wrong.  I will also make some recommendations for both software designers and corporate desktop administrators.

 

Some History

…and, “Why I think WinZip is irrelevant”

Back in the DOS days, there were competing lossless file compression standards, and that’s still true today.

In the 1980’s and early 90’s, disk space was always at a premium, whether it was deciding what to delete off your hard drive so that you could install a new program, or how many programs you could back up to a floppy disk.

And, before the internet, you connected to Bulletin Board Systems (BBSs) through a very slow modem to find and download software.  Smaller files meant that a BBS could host more files, and also, that your download time would be significantly faster.

The first commonly-used compression program for microcomputers was simply called “ARC”.  Not only did ARC compress files, but it had the ability to compress multiple files in to a single “archive” file, and later versions could even span multiple floppy disks – handy if you were backing up your hard drive.

Due to its ease of use, single-file archive format, and itself being a small file that was easy to find and download, ARC quickly became standard among BBS operators and users.  Every PC in the 80’s had a “C:\UTILS” folder, and ARC was one of the programs inside of it.

Although ARC was commercial software developed by SEA corporation, it was distributed as “shareware” – a license that allowed both individual users and BBS operators to freely “share” the file by copying it, but requested that users send in some money and obtain a proper license if they decided to keep using it.  Of course, no one did that, and eventually, SEA released the source code for ARC.

A couple of years later, along came Phil Katz, who wrote a much faster and more efficient implementation of ARC, of course called PKARC, and rather than have both compression and extraction functions within the same executable, Phil Katz split the extraction function in to a separate program called PKXARC.  This meant that you could download the much more svelt PKXARC if all you needed to do was extract files without compressing them, but in either case, you would benefit from the much faster code.

PKARC soon became the de facto tool for using ARC files.

Later, Phil Katz co-developed the ZIP file format – the same one that’s in use today.  And, like ARC, everyone started using ZIP files, especially popular with BBS operators due to the smaller file sizes and faster extraction routines.

Soon, like ARC, every PC had PKZIP and PKUNZIP in their C:\UTILS folder alongside PKARC and PKXARC. Eventually, people just stopped using ARC altogether.

And thus, Phil Katz built the bulk of the PKWare software empire off of one little shareware utility.

However, PKZIP had one major drawback:  It was a command-line program, requiring some knowledge of what a command line is, how to use it, and how to use PKZIP within it.

As operating systems evolved toward Graphical User Interfaces (GUIs) and began to focus on ease-of-use, there was clearly a gap.

You could download a ZIP file from a BBS using your terminal program running in a window, but then you would have to shell out to a command prompt and run some arcane (pun intended) commands to extract the files within it, in to a usable format.

In the early 90’s WinZip emerged as a graphical front-end to PKZip.  With PKZip installed, and with WinZip properly installed and configured, a user could simply double-click on a zip file to extract its contents, or drag and drop some files to create a new ZIP file.  WinZip handled the user interface, and on the back end, it ran PKZip with the appropriate command-line switches.

Eventually, WinZip adopted a “clean-room” ZIP implementation, and dumped PKZip.  Now, there was no complicated dependencies nor configuration.  If a user needed to open a zip file, they could simply download and run WinZip as a single program.

As Windows 95 boosted the popularity of home computing, WinZip quickly became much more popular than PKZip.  PKWare made a feeble attempt to release a competing GUI product, but it was too-little, too-late.  WinZip had been on the market longer, most users were familiar with it, it had better desktop integration, and it was far easier to use.

By the late 90’s, WinZip was one of the first programs you needed to download after any new operating system was installed.

Similar to PKWare, WinZip had a “trialware” license that allowed you to freely use it for a couple of weeks, and then either delete it or license it.

To help drive revenue, unlicensed copies of WinZIp would pop up a friendly reminder.  Once you entered a license code, the reminder disappeared.  Further, a license was perpetual, and initially allowed for perpetual upgrades.  So for about $10 (if I recall), not only could you license WinZip to get rid of the annoying pop-up, but you could also freely download and upgrade to the latest version every couple of months when it was released.

WinZip prospered as it virtually ruled the market.  Over time they added new features and updated the GUI, but WinZip was still WinZip.

And then Microsoft released Windows XP, which had built-in support for zip files. 

It’s hard to believe that Microsoft turned a blind eye to this lucrative niche for nearly 10 years, but on the other hand, they were probably gun-shy after having recently fought off anti-trust litigation from Netscape.  In versions of Windows prior to XP, if you double-click on a ZIP file without WinZip (or another ZIP handler) installed, you more or less get a message that says “what the heck do you want me to do with this??”

Now, with Windows XP and onward, you could double-click a ZIP file to open it, or right-click some files and send them to a “compressed folder”, which is Microsoft’s codename for a ZIP archive file.

Even worse for WinZip, by the time Microsoft released XP, there were Free and Open Source Software (FOSS) alternatives such as WinRAR and 7-Zip.  Initially, each of these only supported a proprietary archive format (RAR and 7z respectively), but eventually they both ended up supporting multiple archive formats, including ZIP, and even the advanced features of the ZIP format, such as media spanning and AES encryption.

And, WinZip’s market began to dry up.

Casual users didn’t need to download anything – they simply used the operating system’s built-in ZIP file handler.

Power users could download FOSS utilities for free, such as WinRAR and 7-Zip, and simply avoid both the cost of WinZip and its increasingly clingy, laggy user interface and more frequent and annoying beg-ware pop-ups.

As it turns out, switching from a perpetual to an annual license model was a smart move for WinZip.

Rather than die out like ARC and PKZip, there is just enough recurring revenue from corporate licensees to keep it on life support.

So, despite being completely obsolete, WinZip is still running out there, with it’s ever-more kludgy and annoying user interface, limited features, and annoying pop-ups.

And, companies like the one I work for are still running it, because, hey, it works, and hey, they still have a license for it.

 

Why Pop-Up Ads are Bad

<RANT>

In case you don’t remember using a computer in the 2000’s, let me describe what it was like:

  • “Windows has some updates for you!”
  • “Update to the LATEST version of Adobe Flash to view this page!”
  • “Adobe Acrobat needs to be updated.”
  • “Your virus definitions are out of date.”
  • “You’re not running the latest version of WinDVD / WinAMP!  Download it now!”
  • 10 browser pop-ups for spray tanning you should buy online, software that can clean your PC, stock you must buy immediately, adult websites you HAVE to try right now, the truth about “x”, and whatever else you don’t care about.

Play this every couple of hours on endless repeat while you’re trying to edit a document or watch a movie.

PEOPLE.  HATE.  POP-UPS.

People hate pop-ups so much that every modern browser has a built-in pop-up blocker – code that specifically stops a website from opening new browser windows.

People hate pop-ups because they are pre-emptive.  You have to STOP doing what you WERE doing (which was important to YOU), and click “close” on a useless pop-up.  You can’t ignore a pop-up, because it’s right there, blocking whatever you were working on behind it.  It’s even worse when you’re typing, because you have to take your hands off the keyboard, which is both slow and distracting.

People HATE them.

So why have a completely random pop-up inside a fully-licensed product??

If I was running the trialware version (if that even still exists), then a pop-up is justified when I first launch the program.  “Hey… we see that you still haven’t registered…”   OK, fine.

BUT I HAVE registered.  It’s fully-licensed.  And, I DIDN’T EVEN HAVE WINZIP RUNNING!!  So it obviously has hooks in to the scheduler (Microsoft’s biggest architectural mistake, but that’s another story) for the sole purpose of trying to sell me more WinZip crapware, that I can only assume has even MORE pop-ups!

What’s even worse is that I don’t need any of the “new features”, and I don’t want them.  I don’t need some crappy product “running tasks in the background” or “sorting through my photos”.

All I need to be able to do is encrypt a ZIP file and read encrypted ZIP files.

BUT, because I’m on a corporate laptop, rather than downloading a superior product like 7-Zip, which is simple, fast, and free, I’m forced to run WinZip and deal with bulky, slow software and random crappy pop-ups.  What a user experience!

</RANT>

Just let this sink in for a minute… My recent experiences with WinZip have been so frustrating that I just spent 3 hours of my personal time writing this blog post.

 

Tips for Corporate Desktop Admins

Why do corporations still use WinZip?  Probably one of several reasons:

  • You have used it for years.  So what.  The current version is a kludgy piece of crap.  Move on.
  • You already own a license.  This falls under the sunk cost fallacy.  Once an investment significantly diminishes in utility, the best course of action is to STOP SPENDING MONEY ON IT.
  • We have to train our users.  No, you don’t.  The 7-Zip interface is similar to the WinZip classic interface, and anyone who has used a computer within the last decade will figure it out.
  • WinZip is secure.  So are 7-Zip and WinRAR.  But, now that no-one out in “the real world” is running WinZip, finding new vulnerabilities is much more difficult.  Existing WinZip deployments could sit on desktops for years in a vulnerable state.  In contrast, with 7-Zip being one of the most popular pieces of FOSS of all time, there is lots of active development, and any vulnerability would be quickly identified and patched.
  • “Open Source” licensing is questionable.  No, it’s not.  Have your legal department review and approve the GPL and move on.
  • Being open-source, there is little or no support.  IT’S AN ARCHIVE UTILITY.  HOW MUCH SUPPORT DO YOU REQUIRE?  Having said that, there’s probably more support out there for 7-Zip than any Microsoft or IBM product.  (Microsoft is the new IBM, they just don’t know it yet.)
  • It’s difficult to deploy.  You don’t even have to install it.  Just copy the files and run it.
  • It’s expensive.  The “F” in FOSS stands for “Free”.

Tip of the day:  DUMP WINZIP.  STOP WASTING MONEY ON MAINTENANCE AND LICENSING.  MOVE ON TO A SUPERIOR SOFTWARE PRODUCT.

 

Tip for Software Designers

If you are Microsoft:

If someone is making MILLIONS OF DOLLARS selling an add-on to your flagship operating system, hint, you might want to BUY THEM.  Loot the codebase, integrate the functionality, and move on.

If you are a startup company with a niche product:

  • Stay within your lane.  Don’t over-innovate.  Keep the feature set simple.
  • Keep the User Interface as simple as possible.  People are using your product out of necessity, not preference.  They don’t want 15 levels of menus, nor “innovative” user interface elements.  Keep it simple and fast.
  • Don’t get greedy.  You have a niche product, not a “desktop suite”.  Charge users a few bucks for each license, and keep the product as simple as possible.
  • Pivot when needed.  Despite being battered in to the dirt by WinZip, PKWare didn’t go out of business.  Currently, they are out of the desktop archiver market, and their current product offering is focused on security.
  • Sell out at the top, not the bottom.  Because you have a niche software product, someone will eventually come along who sells a better / faster / cheaper product.  Once you begin to lose market share, it’s already too late.  You WILL eventually have to sell – do you want to sell while your company is dominating the market, or as you walk out of bankruptcy court?
  • NO POP-UPS.  Remember your place.  I don’t “WinZip” on my computer daily.  I do a lot of things, and products like WinZip are a very small part of it.  The LESS interaction I have, the better.

Enough ranting, I think my points are clear.