Remosi’s Rants

Some notes from my experiences with ordering online.

Provide accurate links to manufacturer products

I want to know what I’m buying dammit. Not providing links is mildly irritating, providing broken links, or links to dealer logins or such like is just down right annoying.

Send me email!

TELL ME WHATS HAPPENING. Getting one email when I submit the product which says “We got your order” is important, but so is the email saying “We’ve confirmed we got your money”, “We’ve shipped your item”, and “Oops! We ran out of stock!” and the various other things that can happen. If something is on backorder gimme an update every so often (weekly? monthly?). Try and avoid your email being picked up by spam scanners, do try and put valid headers on them (eg Message-ID: X-Mailer: Mime: etc). do put text and html varients into your email. Do make sure my order number is somewhere obvious (subject?). Do try and batch emails to send to me so you don’t send them more often than once every 2->4 hours. Getting a flurry of emails is mildly annoying. Don’t spam me with promotional updates, I don’t care. An RSS feed maybe.

Do make sure that the reply-to: address of the email is a real human. Do make sure that the From: address is something sane looking that I can pick out of an inbox (eg “ACME Order Update “). Don’t change the From: address, I want to filter it into a box that never gets spammed scanned. Never have your email come from a different domain than your website!

Let me see updates through your website

Either give me a login, or a url that refers to an order that shows me the current state of all the items in my order. I don’t want to have to email you twice a day for my information fix. You probably don’t want to recieve those emails either. This is even more important the less emails you send me. Remind me in your emails how to check the status through the website

Tell me the damn track and trace numbers

For every item I want to know which courier it was sent with, and what their track and trace number is. Bonus points if you make this a hyperlink that takes me to the courier companies website with information about that code. Courier companies are notoriously bad at delivering things properly, so make sure you place the blame on them when blame is due, let the end user see that the product has shipped and that the couriers are stuffing around.

Make your order numbers short

Don’t make them so long they don’t fit in fields! In particular if you want me to do a bank transfer into your account with your order number as a reference, make sure the order number *fits* in the reference area of a bank statement!

I have written a tool for answering ARP’s out of DHCP, as well as logging suspicious ARP behaviour. The program works by connecting to an isc-dhcp server using the omapi protocol, by sniffing arp requests via libpcap (I skipped on the libtrace requirement just this once — theres no point in sending arp replies from a trace anyway), and generates arp replies with libnet.

Some issues with this system is that you need some way to filter ARP replies on your network, you need a switching fabric smart enough to firewall arp replies from, and arp requests to access ports. We are doing this by firewalling traffic through a softmac 802.11 network. This is complicated at best, and downright impossible almost all the other times.

Another issue is that the daemon currently forges the source MAC for the reply packet to come from the destination device which keeps things as similar as possible from the protocol layer, however this may confuse a switch that sees a packet originating from a different port. This could be fixed by having it not forge the source MAC, but that has potential issues with client machines not accepting the arp. This is, however, untested.

The third issue is that the entire program is untested, so use at your own risk. It’s available under the GPL, from svn. My libconfig is required to build. Comments solicited.