Recently, I hit a serious issue with the phone. My phone now crashes and reboots continuously when I’m at home. Well, it eventually shuts off. The interesting bit is that I see this issue only at home. Turning 3G off does solve the problem. But where’s the fun in that? It turns out that AT&T is upgrading its network and is deploying a third WCDMA channel in certain markets. The e71 and other symbian s60 3G phones have a software bug that makes them reboot continuously in such areas.

Thats still okay, it seems to be a rarely used configuration and Nokia should probably be able to fix it soon enough right? Not so soon! I’ve found instances of people from other regions complaining about this issue since August 2009 and Nokia still does not have a software update with the fix. Here comes the kicker, the last available update for the U.S. e71 version is 200.21.118 (built 27th November 2008). Some versions seem to blessed with a more recent firmware upate though.

I do not think Nokia gets it! The days of releasing a new phone every couple of weeks is gone. Its all in the software now. A great phone like the e71 would have been far more successful with a company who understood the new realities.

PS: AT&T apparently stopped selling the e71x and other s60 in some regions.

Update – 5th May 2010

Nokia finally responded to all the 0569371 complaints and released firmware version 410.21.010 for this e71 product code yesterday. This update seems to have fixed the issue with the 3rd WCDMA channel.

Its not lack of real estate, most of them find space for elaborate sign-up forms. All I ask for is a simple one line login form which shouldn’t take more than 24×240 pixels. While we’re at it can we all agree to set tabindex=1 on the username field so that I don’t have to tab over a gazillion times?

[14:45:27 jaidev@~]$ host -t mx yahoogroups.com
yahoogroups.com mail is handled by 10 mta2.grp.vip.scd.yahoo.com.
yahoogroups.com mail is handled by 20 mta1.grp.vip.re1.yahoo.com.
yahoogroups.com mail is handled by 30 mta12.grp.scd.yahoo.com.
yahoogroups.com mail is handled by 30 mta13.grp.scd.yahoo.com.
yahoogroups.com mail is handled by 30 mta14.grp.scd.yahoo.com.
[14:45:31 jaidev@~]$ telnet mta2.grp.vip.scd.yahoo.com 25
Trying 66.218.67.194...
Connected to mta2.grp.vip.scd.yahoo.com.
Escape character is '^]'.
220 yahoogroups.com ESMTP
helo <censored>
250 yahoogroups.com
mail from: <censored>
250 ok
rcpt to: <censored>@yahoogroups.com
250 ok
data
354 go ahead
Subject: Photos
.
554 we cannot accept this message because it appears to contain virus (#5.7.1)
quit
221 yahoogroups.com
Connection closed by foreign host.


Yahoogroups just refuses to accept emails with a subject line containing just Photos. Wow, my spamassassin setup is better than that.

My evil mind already has a game to spook the users. Hang around these ATMs, the moment somebody uses it, follow them back and note down their seat numbers. On a 48 hour train, its bound to give them a couple of sleepless nights!

Jaidev:

There is some custom setting on your email client which is adding “|” characters and makes it pretty hard to follow the history of email. See below. Would appreciate if we can do something there.

Thanks
~~~~~~

I spent a good amount of time thinking what my response should be –

• google.com/search?q=email+quoting
• Don’t ****in read it, you inconsequential CC recipient

Eventually I chose discretion over valour and decided to post it here instead. Somebody in this industry has got to figure out what to do with pointy haireds‘ time.

switch ($input) {
        case x:
                /* User wants what we want him to want. Ooooh baby!
                  * We love him. Lets give him what he wants. */
                $email = lookup_email ($user);
                send_email_address_to_spammers ($email);
                handle_user_request();
                break;
        default:
                /* Uh, oh! I don't think we'd ever be here. */
                $email = lookup_email ($user);
                send_email_address_to_spammers ($email);
                do_logout ($user);
                break;
}

So every time I select something that they didn’t expect, I get logged off. This, of course, is browser dependent which makes it all the more stupid. Is this paranoid programming?

Wait, there’s more stupidity. RBI introduced real time fund transfer between banks called RTGS. Citibank, of course, has to screw up this simple facility. They decided to make a cool drop down box to help us choose the bank and the branch. Now I know that there are strong emotions regarding the change in Bangalore’s name to Bengalooru, but Citibank takes it to an entirely new level. If you don’t find your bank / branch under one version of the city’s name, you’re expected to try another variant. Thats not all, they even list suburbs like BANNERGHATTA and JAYANAGAR. Citibank somehow managed to screw up the presentation of a simple simple list published by the RBI. I don’t know if Bangalore is known by another mysterious name, but I didn’t find HSBC Bangalore in that list!

Case in study, my favourite spammer and email address vendor bank citibank.

The Citi, of course, never sleeps. Sometime last year they introduced a javascript based virtual keyboard for logins. This was designed to ensure that key-logging trojans don’t log passwords, but it only lulls the user into a false sense of security.

Security that never sleeps

Firstly, it makes passwords themselves less secure by making them case-insensitive and shorter. Moreover, since evil hax0rs have already broken into your box to install key-loggers, whats stopping them from installing a screen capturing program to record your clicks? Better still, why not redirect the poor user to the hax0r’s own version of the virtual keyboard and log the password? Oh yeah, and its already been compromised.

That’s not all. Enter a wrong password and it takes you to a page with a message that reads “For your protection you’ve been logged off. Please close all your active windows and try login again“. Theres more. The window itself self-destructs in a few seconds. Cool ain’t it? Wait there’s more. You’ll not be able to login without closing all your browser windows.

In fact, this fantastic security measure is more annoying than useful. All it does is maps the failed login to a cookie on your machine which expires with the browser session. As long as the browser sends the cookie (citibank.co.in, JSESSIONID), you’ll not be able to login. If it was indeed an illegal attempt, this is akin to catching a thief red-handed and subsequently asking him to carry a tag branding him a robber. Delete the cookie and you’ll be able to login again. In fact, they offer the solution themselves. Close all the browser windows, and you’ll be able to login again. If you’re a wannabe hacker, why wouldn’t you try again this way?

All this “security measure” does is annoy the legitimate user when he inadvertently enters the wrong password. Absolutely nothing else. Most other banks deal better with this. They offer you 3 tries and lock you out until you contact them offline.

These are just two fancy toys masquerading as “security measures” designed to make the user feel comfortable. I believe that the real measures should be transparent to the user. If their in-your-face security features are so useless, I for one, would begin to wonder if any of their security measures are any good.