💾 Archived View for yujiri.xyz › software › dont-negotiate.gmi captured on 2023-01-29 at 03:08:33. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-06-03)
-=-=-=-=-=-=-
Sometimes we're forced to interact with bad software, or at least feel forced to. To use it temporarily, or to implement compatibility with it - to negotiate with bad software. But that is what bad software wants, and bad software rarely holds up its own end of the deal.
I used to work for a web service that provides customer relations management features. Our clients wanted the ability to email a customer from within our app. We discussed a few ways to do this and ended up biting the bullet and making our web service act as a rudimentary SMTP client. I hated this, of course. But I thought we would just implement basic SMTP functionality and be done with it. If we had've known the slippery slope of negotiating with additional bad software we'd end up on, we wouldn't have done this.
The first price we paid was the need to know the SMTP settings for each provider. There are protocols for discovering this called autoconfig and autodiscover, but many providers implement neither, so we had to manually find out the settings for the providers used by each of our clients. Also, some providers don't allow SMTP access with your actual login password; you have to use a separate "application password", and we usually found this out when a client complained to us that it didn't work for them. This was an ongoing price.
The second price we paid was to Microsoft, for Outlook dropped support for SMTP AUTH PLAIN in 2017 in favor of AUTH LOGIN:
Yes, this thing:
https://www.ietf.org/archive/id/draft-murchison-sasl-login-00.txt
Documented as obsolete in fucking 2003, in favor of AUTH PLAIN. Yes. Far as I can tell, Microsoft dropped existing support for a modern replacement in favor of a system that was deprecated 14 years earlier. MICROSOFT DROPPED EXISTING SUPPORT FOR A MODERN REPLACEMENT IN FAVOR OF A SYSTEM THAT WAS DEPRECATED 14 YEARS EARLIER.
And naturally since AUTH LOGIN is obsolete, the Go stdlib doesn't support it. I had to copy some unexported code from net/smtp to implement support for AUTH LOGIN.
The third price we paid was that as soon as the feature was released, our clients demanded *HTML* emails, sending me in search of a Javascript rich text editor library to pollute our app with. It proved much more difficult than expected to find a library that suited our use case. We settled on Quill as the least bad option, using a hack to make it work in shadow DOM, but discovered too late that it has a serious problem: the way it represents its content as HTML relies on having a lot of Quill-specific CSS, so it would show up wrong if you pasted Quill's output into an email. But at this point the customers had become very impatient, so my orders were to parse and fix Quill's HTML server-side - which I could only do a partial job of because fixing the way it represents nested lists was too complicated to be practical.
But at that point we couldn't back out. Our clients had already got half the feature and we couldn't not finish it for them. What looked like an acceptable sacrifice at first - implementing basic SMTP client functionality - roped us into an endless quest of increasing sunk costs and customer frustration and new pieces of bad software we had to negotiate with.
I once accepted a freelance gig that involved working with Wix. I was well aware that these cookie cutter website platforms are nasty, but I'd never worked with Wix before so I did a quick google search and found out that you could write Javascript, and thought "no problem, I'll be using custom Javascript for all of this job so I won't have to deal with Wix itself too much". I was wrong. Wix features and limitations crippled my efforts at every turn, turning what should've been a one-week job into a one-month job that made me miserable every minute I worked on it.
I had a Twitter account for about 1 year before one of my Twitter friends informed me of the existence of Pleroma, a decentralized version of Twitter. I jumped at the thought and made a Pleroma account (this discovery was what started my radicalization against centralized platforms). I intended to stay on Twitter for a short time to inform all my other friends and convince them to join Pleroma or Mastodon, and then I'd leave Twitter.
But what really happened was I couldn't get most of my friends to switch. Many of them made accounts on the same Pleroma server as me but never touched it, even if I reminded them on Twitter. I kept opening Twitter every day because it was my only way to interact with these people, but after several months of letting them keep me under corporate control, I gave up on getting them to follow me and left Twitter for good.
But guess what happened after that? A bunch of them followed me! It ended up being onto Matrix instead of Pleroma, but firmly boycotting Twitter was what it took to get them to embrace a decentralized platform.
Burn Eclipse Che to the ground
When a boss of mine decided to use this software, I thought it would be some trouble to set up but we'd get it done and everything would be fine. I knew it was disgusting software but I didn't know all the things in that article would happen. We ran into them gradually, constantly thinking "we just need to hack our way around this one more obstacle and then we'll be done", but the tunnel kept extending and by the time we understood just what we'd signed on for, we'd already invested 2 weeks into getting it to work.
(Update: 2 weeks turned into 4 months, our development efforts are still being constantly crippled by Che.)
---
Bad software has a vision for this world entirely incompatible with ours. Do not negotiate. Do not compromise. We must expel it from our lives, even if that makes them harder in the short term. Bad software is your enemy, and this means war.