Apple Business captcha comment-spam crash Gadgets How To Music MySQL PHP plugins Programming The Internet usability-testing user-experience Web Design WordPress

iTunes 7 Crashes and Freezes, or How to Ruin the User Experience

Apple gets a lot of credit for putting effort into the user experience. Many attribute the success of the original Mac, iPods, the iTunes Music Store, iBooks, and their other products to ease of use. But building a brand based on user experience can be much harder than, say, a brand based on low prices (like Dell) or ubiquity (like Microsoft). Because it doesn't take too much to go from "it just works" to "it doesn't work," which has been my experience with iTunes 7. The worst problem: it freezes up whenever I don't have an internet connection. For a long time, I used WinAmp as my MP3 player. As a nerdy web developer, I'm stuck at my computer for inordinate amounts of time, so I tend to listen to a lot of music through my SoundBlaster. By long time, I mean 1997 through a few years ago. I didn't have much of my collection ripped, so a static list of the 100-or-so songs I did have converted was fine. After ripping the majority of my CD library, and getting my wife an iPod, I started using iTunes. WinAmp has media library features, but I just liked iTunes better. Fast forward to 2006, when iTunes version 7 appears. It added some cool features, like album covers. It also was pretty buggy. Apple has released a few fixes so far, but now with even the latest version - iTunes 7.0.2 on Windows 2000 - I run into issues whenever my Internet connection goes down, or I have VPN up and running, blocking all traffic. It will start up and play like normal, but then after a few songs, the audio cuts off. Sometimes the track looks like it is continuing to play, others the time stops ticking off as well. Skipping to the next track results in more silence. When I finally close iTunes, it doesn't really close - I have to go into the Task Manager and manually end the process. I've done some Googling to see if there was a solution, but so far no luck. I found a blog post by Don Loper talking about freezing, but disabling automatic checking for podcasts did not resolve my issue. I tried disabling Audioscrobbler, a great plugin that uploads what you've been listening to to last.fm, and anything else that looked like it might be trying to send or receive data. Still no dice. Now, this is obviously not a huge problem, but when I'm dialing in to work from home, it would be nice to be able to listen to music. I can always dig up WinAmp, but I don't want to bother importing or recreating playlists. My solution so far has been to listen to NPR on my headphones. The risk that Apple runs with each release of iTunes is that bugs, even if they are fairly uncommon, can put the breaks on the flow of the user experience like Fred Flinstone jamming his feet through the floor of his stony, Neanderthal car. Which is why all the hype (and the 6 month lead time) around the iPhone could still blow up in their faces. My advice: test, test, test, and do it with actual users. Oh, and anyone have any ideas to fix my freezes that I haven't tried yet?

Comment Spam Deluge – Did our Captcha get Hacked?

Have you been having trouble reading Unsought Input lately? You're in good company – I've been having trouble writing for it.

We've been having issues with MySQL to the point of hanging connections and pleasant, but not very helpful WordPress error messages. It's nice that user-friendly errors are built-in to WordPress, since you never want to give users cryptic, blue-screen-of-death style errors. But I needed to get to the root of the problem.

I quickly put on my detective cap and tried to log in with phpMyAdmin – no luck, but this time the error message was a little more useful:

#1040 - Too many connections

Normally you encounter this error for one of two reasons: either you are being Slashdotted, or you are opening up persistent connections (with PHP's mysql_pconnect(), for example) and they are not being closed properly. In the first case, there are just too many queries at once and it fills up the connection limit, and in the second case they build up over time.

I didn't think possibility number 1 was very likely, since we don't write anything cool and geeky enough to get on Slashdot. The story about the Canadian geologist was probably our best bet. I knew I hadn't written any code to use persistent connections, but what about the rest of WordPress?

No such luck. Not a single pconnect in any of the WordPress or plugin code. Back to the first possibility – is it possible we were being hit but a distributed denial of service attack (DDoS)? More specifically (and more likely), we were being effectively DDoS'ed by comment spammers.

How did I figure it out? The connection limit for MySQL is set in the config file, my.cnf in Apache (or possibly my.ini in Windows/IIS):

[mysqld] set-variable=max_connections=100

The default is 100 and that should be enough for most sites. I needed to see what was actually being run, so I connected as a user with administrative rights and sent MySQL this command:

SHOW FULL PROCESSLIST

I got back a list of 200 locked queries, all dealing with selecting or deleting comments!

We have two measures in place to combat comment spam. One is Askimet, which is a standard plugin for WordPress. I have no hard data but I would guess almost everyone uses it. The other is a captcha plugin called Did You Pass Math?

The idea behind captchas is to give visitors a small task that is easy for humans but harder for machines. That's where those fancy images with the wavy letters and numbers come from. I wanted to use something a little simpler, so I went with Did You Pass Math. From what I've read, a big part of the power of captchas is just having something there at all to make your submit form non-standard and break the really naïve spamming scripts (see Jeff Atwood's story about his captcha in Coding Horror). It worked really well for a while.

But not any more. Askimet now reports an order of magnitude more spam blocked than ever before.

Is Did You Pass Math officially broken? It seems like I'll need to upgrade or find something different. Maybe I can hack it a bit to ask about more than just addition.

Jess B was kind enough to look through our logs and she found a ton of hits from the same IP range, and the IPs all went to spammy sites filled with more spam. Ugh.

Has anyone else noticed this with Did You Pass Math, or any other captcha plugin?