Those Who Live by Google Analytics Shall Die by Google Analytics

LiveByTheSword1 542x361

We at Wild Bill Web Enterpises have been tracking the visitors (and other metrics) for our three websites–including TechnologyBloopers, WhyMenDieYoung, and Wilddancer—on a weekly basis using Google Analytics and on a monthly basis using our ISP for nearly two years, and are baffled by the helter-skelter, all-over-the-map, random-looking numbers Google Analytics is providing us. Apparently this is a common problem, with a lot of possible causes, including some possibilities that could be our fault (well, the lack of useful guidance from Google and other sources isn’t really OUR fault). And it isn’t that our visitor volume is so high that we are the victim of Google’s sampling process. But we, and probably millions of other website developers, find it highly difficult, even impossible, to make any decisions based on this data. Why don’t the Internet and the Web take advantage of the huge computing power of the hardware and software to provide reasonably accurate statistics so that we can make things easier and more productive for both us and our visitors?

Usability Testing: More Honored in the Breach than the Observance

BreachNotObservance 498x593

The Internet and the Worldwide Web have arguably changed the path of history. And they have made companies like Google into mega successes. But those companies have also caused much consternation among their millions of users. Why? Apparently they don’t bother to check with many (or any!) of those users to see how logical and self-evident their websites and associated tools are for their target audiences. Examples abound, and we will be posting some of the more egregious. But the Internet giants could have been even more successful, and keep website visitors on their sites longer (where they would be exposed to more advertisements) if their user interfaces were less opaque. The goal is usability, which is not rocket science. Two of most used tools are the Chrome browser and YouTube, which we will discuss in separate posts.

Ads Based on Recent Shopping Miss Their Target

TravelsmithMensPantsAndBlouse 541x298

I was shopping for MEN’s pickpocket-proof travel pants, and I must have visited in my search. That was on Monday, May 2. Now, on Wednesday, May 4, EVERY site I visit—on searches totally unrelated to clothing—I am dealt a Travelsmith WOMAN’S Walkabout Knit Short-Sleeved Drape-Neck Top. I hope that Travelsmith is not paying Google (I am using Chrome) or another ad-dealing company very much for these ads. What is their logic? Do they think that I want to buy my wife this top (admittedly, at $27 it IS a lot cheaper than the pants)? Fortunately, after repeating this advertisement ad nauseum, Google graciously offered to let me fine-tune my ad preferences. Hmmm.

But there must be millions of other victims of these faulty algorithms. And some folks, such as the Wall Street Journal’s satirist Joe Queenan, are even more outspoken (e.g., in his ridicule of Amazon, Expedia, and Netflix).

Live by the Sword, Die by the Sword

GoogleDorking5 550x330

But it’s already too late to put the sword back in its place. The Internet, the Worldwide Web, Google Search, social networks, and other on-line miracles have given billions of people capabilities they never had dreamed of. But in their haste the makers of these tools have also enabled evil-doers capabilities beyond the masses’ worst nightmares. History is full of other technological advances that have been used for both good and evil purposes, but more recently cyberattacks have permitted individuals or small groups, sitting in safety at their personal computing devices, to wreak havoc on millions of innocent victims. These cyberattacks appear to be increasing in frequency and scope of havoc. Most recently several news sources reported the charging of an Iranian hacker on March 24 of his 2013 attack on a dam in Rye Brook, NY, which he found vulnerable using a technique called Google Dorking. (The wheels of justice certainly turn slowly … especially compared with the speed of computers and their hacker masters!)

Apparently he did not use his knowledge to operate the sluice gate of this small dam (perhaps because it was disconnected from computer control at the time). And although this dam is in a rather backwater community (pun intended) and not much of a threat to national security or even significant injury to people or damage to property, the ability of the hacker to infiltrate the computer system demonstrates a capability to attack a much bigger and more dangerous dam or other strategic infrastructure such as an electric power grid.

The really scary thing is that almost certainly many other sectors are under similar attacks. One such sector is hospitals. Within the last two months the computer systems at the Hollywood Presbyterian Medical Center, the Methodist Hospital in Henderson, KY, and the MedStar Georgetown University Hospital in Washington, DC were crippled by cyberattacks. These were not minor incidents; the overall MedStar 10-hospital group has 30,000 staff and 6,000 affiliated doctors. And patients in critical condition could die from the delays caused by inoperative computer systems.

Another sector is financial. On March 29 hackers breached the security at two large law firms whose giant Wall Street banks and corporate clients are constantly dealing with confidential matters, knowledge of which could net hackers millions of dollars through insider trading.

The general populace can only hope that the responsible governmental agencies are working hard to identify strategic facilities throughout the U.S. and its allies, and alert vulnerable ones so they can take steps to minimize the dangers from Google Dorking and other hacker nastiness. And also hope that “white hat hackers” (the good guys)–the modern-day equivalent of yesteryears’ vigilantes—step up their activities. It would help considerably if these strategic facilities would reward these hackers for their efforts.

Bloopers Beyond Technology: Theft of Bangladesh Funds is a Comedy of Errors and Law-Breaking By Humans

BangladeshMoneyLaunderedinPhilippines2snip 550x330
Technology does not exist in a vacuum. It is created by humans of varying degrees of ability and honesty. And technology involving the Internet is generally so complex, and created under time pressure, that it is more error-prone than more cautious and patient people would like.

According to the New York Times, slack security at the New York Fed (that’s the Federal Reserve Bank of New York), which most folks would consider a bastion of safe-keeping, allowed a bunch of money ($81 million or $100 million or some such sum) that rightfully belonged to poverty-stricken Bangladesh to be misappropriated by Chinese hackers and transferred to the Philippines, where in turn it was apparently transferred by above-the-law banks to putatively money-laundering casinos, who made it vanish beyond any chance of recovery. We’re not making this up. Mere prose and still images can’t do it justice. And no fiction writer could have imagined a more twisted tale.

The comedy continues if one reads the Zero Hedge blog, which apparently specializes in spreading misinformation of all sorts, including calling a spade a spade when it might not be. Entertaining to most of the world, but not to a few officials during whose watch this debacle occurred or to starving citizens of Bangladesh.

Stupid Password Tricks

password tricks 450x225

Even the most TV-averse person in the USA has likely heard of Late Show host David Letterman’s “Stupid Pet Tricks” which ran for 30 years. So there were probably as many people who watched at least one episode of it as have had some sort of trouble choosing and/or using passwords on the Internet. Unfortunately, the formats of passwords have recently become a lot more demanding and the organizations forcing us to have passwords have made us run a truly nasty gantlet (look it up!). The nastiness seems to be a recent phenomenon, perhaps a result of all the major hacking attacks in the last few months. One of the latest dirty tricks is to provide two boxes, one for entering the password (which blanks out your entry) and another for confirming it (which also blanks out your entry), as well as a third alternative of letting the organization create the password for you. As you make the first entry, you get nasty comments that your password is not strong enough, forcing you to make changes until you have satisfied the demand. Even if you have carefully noted the approved password, by now it is a challenge to enter it exactly in the confirmatory box. And people are now finding that, in fact, these organizations do not want you to select your own password, and you MUST let the organization chose one for you. It is not the end of the world, but (a) if you have your own system for creating passwords you will NEVER succeed in getting one, and (b) why bother to offer to let you create your own? At least David Letterman’s Stupid Pet Tricks was funny, while this latter-day password game is definitely NOT funny. Sadistic maybe. Even worse, the possibility of using a hardware “dongle” continues to be remote, in large part because there is no apparent convergence to a standard.

We Have Met the Enemy and He Is Us – Redux

Murphys Law Composite 600x472

If something can go wrong, it will. And in the millions, nay billions, nay trillions (or more) of lines of code that comprise the Internet and its many websites (the total reached 1 billion in September 2014) that  there are countless opportunities for errors or loopholes that let the bad guys (AKA hackers) wreak havoc. And that havoc can affect millions of innocent victims. The extent of the hacking during the past few years is enormous as can be seen from an interesting infograph.

In another recent episode that demonstrated the increasing ease of hacking, shady securities traders stole announcements from Business Wire, PR Newswire, and Marketwired after it was uploaded by the companies but before it was released to the public, and made millions by trading ahead of the public. (The former, harder method was to recruit company “insiders” to get advance tips.)

And there may be some recent disasters that were self-inflicted, e.g., the outages at the NYSE and United Airlines. Absent an identified villain, we would attribute those to faulty code that is so complex it is impossible to test thoroughly and to change as the environment changes.

Hacking has even become so widespread, and apparently so easy, that one of the leading anti-hacking software companies, the Italian company Hacking Team was recently hacked itself.

Even more scary is the almost certain hacking by unfriendly nations’ government-sponsored hackers (China, Russsia, etc.). Some of it is stealing commercial intellectual property, which can undermine the US’s economic strength (and directly or indirectly its military strength). Other of it can be military secrets, the loss of which can compromise the national security.

In the ultimate irony, The Wall Street Journal pointed out that while the giant tech firms like Apple, Facebook, and Google encrypt their data they don’t cooperate with the US government to searches that are legal under the Fourth Amendment of the Constitution.

The Wall Street Journal’s Readers’ Most Annoying Technology Failures

WSJ Tech Nuisances Composite Chart 761x286

Two of The Journal’s technology writers led off with their own “Dirty Dozen” of most annoying technology failures in the March 11, 2015 issue, then followed up a week later with their analysis of readers’ comments. Thanks to our long background in surveys and statistics we at Technology Bloopers are well aware of the limitations of this data, but its high-level source and its “essay” type answers (as opposed to the all-too-frequent cookie cutter “multiple choice” questionnaires that flood everyone daily) were too tempting to pass up. (Note: Some commenters provided two or more unrelated comments, and we counted them separately, so strictly speaking the data we analyzed was about comments, not commenters.) We well realize that the sample is highly biased, but it is a very useful sort of bias; these commenters should be somewhat more knowledgeable, more powerful, and more well-paid than a random sample. So their comments, thoughtfully analyzed, should be very useful. But we can even further separate the comments into above-average and below-average knowledgeability by whether or not their comment was accompanied by a “gravatar” (i.e., “global avatar”, the little picture they use as a graphical representation of their Web presence, kind of an online logo). We were surprised that only about 28% of the responses came from the below-average-knowledge group.

The charts immediately tell a lot of the story: Passwords are the #1 most annoying technology failure (and this is true whether we’re talking about the whole group or only the above-average-knowledge subgroup). The combined complaints about the Wall Street Journal itself (bad technical support, bad advertising, bad comment system, bad mobile device app, and bad website) was #2 for the group as a whole but was mainly for the below-average-knowledge subgroup. Bad documentation/(technical) support and bad logic/user interface tied for #3, but the former had numerous above-average-knowledge commenters while the latter had very few. Two other annoyances that fell just below the top 6 shown in the chart were “Too Complex” and “Facebook is Not Essential”.