[This discussion was split from this topic]
I concur with "beeje"'s comment.
To support PortableApps which I and colleagues use (in addition to donating), I have bought some of these Carbides to give as gifts, but it has blown up in my face and I am now scrambling to support what should have been a trouble-free gift.
1. On page https://store.customusb.com/info/ is the following:
Claim (under "shipping"): "Can I track it? Heck yeah. After your order has shipped, we will send you an electronic mail message with tracking information."
Reality: radio silence. Just an e-mail to say "Your recent order on CustomUSB Store has been completed" and repeating the delivery address. Nothing more.
If tracking only applies to certain situations, CustomUSB should be explicitly truthful instead of being extravagantly inaccurate.
2. In the document
http://worldsbestflashdrive.com/PortableApps.com_Carbide_UserGuide.pdf
on page 4 it reads (to a human reading the displayed PDF file)
"The Carbide is shipped with a default User PIN of 1-2-2-3-3-4-4"
but if you screen-scrape it, the PIN reads differently
"The Carbide is shipped with a default User PIN of 1-1-2-2-3-3-4-4"
The latter version agrees with the little plasticised card with the drive, but a user who reads the full instructions in pdf form will be misled. There is something apparently corrupt in the PDF file which causes the first "1" to be hidden. This is a bad place to have such a problem, and the user working off these instructions cannot access the drive (or erases it).
This pdf file needs fixing so that the two initial "1"s are clearly displayed.
3. A niggle, but irritating: on page
http://worldsbestflashdrive.com at the top right, a feature: "Personalized with a Laser! Pew! Pew!
Your name, company or URL laser-etched on the SIDE"
I read this as meaning that the laser etching is on the SIDE of the DRIVE as an identifier, and ordered them like this with unique identifiers.
But it is NOT etched on the side of the drive. It is etched on the side of the slide-off detachable case. This is misleading and worthless. Put two of these drives on the table and remove the cases, and the drives are immediately indistinguishable, a recipe for trouble. How can we provide multiple devices to people in the same family or workplace ? It defeats the purpose, surely.
Users will be forced to deface the individual drives bodies in some ugly way to make them unique and, given that the drives are jet black and absolutely *covered* in white text and barcode on one side and the pinpad on the other, there *IS* nowhere to write on them. How the hell can we tell them apart ? For nearly $100 a device, it has to be better than defacing them with a white marker pen, IF we can source one of those.
Fixing this would be far more valuable than supplying the drive in a metal box which will immediately end up in the recycling bin.
4. The worst experience:
There no information whatsoever provided anywhere about the ESET anti-virus, not with the device and not in the PDF file of instructions, and ESET is apparently a licenced and serial-numbered product.
In this forum and on the http://worldsbestflashdrive.com page
is the text "Support for DriveSecurity is available within the ESET knowledgebase. Note that there is NO phone, email, or online forum-based support available."
This has a feel of "rack off if you are looking for support" about it - feels like a slap in the face when you need help - and the support link supplied is
http://kb.eset.com/esetkb/index?page=content&id=SOLN2840&actp=search&vie...
which doesn't help at all. Its first paragraph is entitled
"How do I purchase DriveSecurity?"
... which reinforces the impression that we have to pay again, and which had my gift recipients asking ME "hang on, you said this came with anti-virus included ... why do we have to pay ?"
There exists a folder ESET and a sub-folder "license", and it is completely empty. Surely this is where the licence number should be ?
When the user runs ESET security off the PortableApps menu on the drive, it says "licence not found" and they are offered a trial or a purchase, and they are told they must enter their first name, last name, and e-mail address.
Reasonably, they are unwilling to do this for privacy reasons - who wants to be on some worldwide database of users of secure drives ? - and so they have no anti-virus function.
As it is obvious from CustomUSB's site that they want nothing to do with ESET, and the ESET support site has nothing about Carbide or CustomUSB, I don't know where to turn with this. It is disappointing.
5. I disagree with two default settings in the PortableApps options
Setting "check for updates on platform startup" I find is a bad idea in any circumstance, especially for new users. They are confronted with a startup delay, which can be considerable in my experience, and load of update-related technical interaction they should not have to deal with when they don't even know what PortableApps looks like yet. The updater task behaves strangely and, at least on Windows XP, usually inexplicably disappears into the background with other tasks in front. This is puzzling and causes trouble for most users, including inability to eject the drive, and this option should be set so they do not confront it first-up.
(b) Setting "update to beta platform releases" is a bad idea for what is supposed to be a secure, robust environment, and risks exposing users to unstable software.
This is disappointingly poor execution, for a premium product at a premium price.
I wanted to support PortableApps, but I regret buying these from CustomUSB. CustomUSB's site is full of wildly extravagant language, but their execution is rubbish.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
I'm sorry to hear about your experience with the drive I'll try and address your issues.
1. I'm sorry to hear about CustomUSB not providing a tracking number. I've gotten in contact with their VP of business development to ensure the tracking details they have are available to the customers. I believe most orders are shipping via USPS Priority Mail which only supplies basic tracking details. Still, those should be available to you.
UPDATE: I spoke with CustomUSB and they've had reports of people missing their tracking and ESET license emails recently. In most every case, the email wound up in their Spam/Junk Email folder, so please check there as well.
2. I fixed the PDF guide. The key image had somehow overlaid the first 1 in the final output. Not sure how that was missed and no one noticed. You can download the updated one from the WorldsBestFlashDrive.com site now and it will be on new drives going out shortly. Apologies for that mixup.
3. I've updated the webpage to say 'slide cover' instead of side. Honestly, no one ever asked about it and I thought it was clear from the pictures. But just so no one mistakes it for something else, it's now clear on the page.
4. You should have gotten an email with a license key for a 5 year subscription to ESET antivirus to the same email address you used when you placed your order. If you did not, please email CustomUSB using the email address on that page to ensure you've received it. (And please see the not about your Spam/Junk Email folder mentioned in #1) We've had this asked about before, so I think I'll look into doing a 'first run' informational popup for Carbide users with the details on how to setup ESET.
As for needing to supply your email and name, that's standard for pretty much any commercial antivirus. It's licensed to a single specific individual on a single specific drive. So, ESET requires registration as part of the activation sequence. That's not really something within our control and neither PortableApps.com nor CustomUSB have access to the information you provide to ESET.
On the support side, ESET's DriveSecurity uses the antivirus engine that ESET's standard local version uses. This normally costs $40 a year for a license, meaning that the 5 year license bundled on the Carbide would cost more than the drive itself. To keep the cost down, 2 big changes exist from a standard version. (1) ESET DriveSecurity is locked to a specific drive and can not be used to clean infections on the local PC and (2) no support is included. Rather than have this be a surprise to the user, we make it very clear on the website how this works.
As for cost, keep in mind that the same drive from the only other US carrier costs the same price as the Carbide but does not include any antivirus, laser etching, custom tin, and has a 3 year warranty instead of a 5 year. While it's unfortunate that the antivirus has no support included, we think it's still a great value for what it is. We could likely work out a deal to include support for the product with ESET but it would likely require a payment above the cost of the drive (likely $40 or more for the 5 year license at least). I doubt many people would be happy with that.
5. Checking by default is absolutely the right decision for a secure drive as the end user should know and address the fact that their browser, email client, PDF reader, etc is out of date (and insecure) and address it. The background check is a bit slow in the current release but is down to approximately 1 second in the upcoming release and should not have the issue of stealing focus any longer.
As for the beta checkbox, that's just for beta releases of the platform. No insecure or untrustworthy bits are included. It's basically so users can test out upcoming features of the platform before they are fully baked so there may be issues like some visual defects or a given option not being translated into all 57 languages. It never compromises security (it's not like a beta release of a browser, for instance). And it's completely optional.
I hope this helps address some of your issues. If you wish to discuss further or have any issues getting the serial numbers from CustomUSB, please let me know.
Sometimes, the impossible can become possible, if you're awesome!
John,
Thanks for your reply. Referring to your point numbers ...
1. "...CustomUSB and they've had reports of people missing their tracking and ESET license emails recently. In most every case, the email wound up in their Spam/Junk Email folder"
I simply do not believe this. It is a very widely-used excuse, and is simply insulting to any technically competent customer to be implicitly labelled someone who doesn't know how to manage basic e-mail.
Modern e-mail systems have a low false positive rate. I check the spam bin daily, the false positive rate is less than one per month, and there were no e-mails from CustomUSB apart from the "order complete" one.
I think this is their excuse to cover unreliable processes. I believe that the missing e-mails were not sent.
2. "I fixed the PDF guide."
Thanks. I have recovered the USB keys from the gift recipients, and one is disabled in some way I haven't yet figured out from too many attempts to enter the password specified in that PDF file.
3. "... 'slide cover' instead of side ... I thought it was clear from the pictures"
I read the words and did not look too hard at the pictures. I assume the pictures are promotional and don't accurately and completely represent the product. Not one of the photos actually shows the non-PINpad side of the drive, so I couldn't know how that side looks.
What *is* your suggested solution to tell these drives apart in a workplace or a family, given that they are almost impossible to mark or write upon ?
4. "You should have gotten an email with a license key for a 5 year subscription to ESET antivirus"
I did not, and it appears to be the major problem.
How would a purchaser know to expect such an e-mail ? A purchaser is *not* told anywhere to expect an activation e-mail. I thoroughly read the CustomUSB pages, and your entire PDF file, prior to ordering, and all are specifically totally silent about anything that needs to be done to activate the ESET product.
There is nothing in the ordering process on the CustomUSB site to say to expect an activation e-mail. Why this total silence about something so important ?
And why would CustomUSB send an "order complete" e-mail without including these activation details in that e-mail ? CustomUSB's e-mail does refer to any activation code or to any other e-mail.
CustomUSB are supposed to be "manufacturers" and are installing software on each drive. Why can't they populate the ESET/license folder with the licence number ?
And why is the activation code not included on a piece of paper with the drive as dispatched ? I see "gadget" web sites with recommendations to give these drives as gifts, presumably as a result of your PR efforts. I suggest that these drives, as currently supplied, are unsuitable as gifts specifically because the activation key is not provided WITH each drive. Even if CustomUSB did bother to send out the activation key e-mail, this goes to the purchaser. The purchaser gives the drive to the goift recipient; how is the recipient supposed to get the activation key ? Why is it not simply included with the drive so that the gift is self-contained like any other device ?
This is a mess and, for me, has turned a gift-giving exercise into an embarrassment. You should consider that these problems of CustomUSB failing to send activation keys is probably under-reported because gift receipients are generally too embarrassed to complain about a non-functional gift.
5. "Checking by default is absolutely the right decision"
OK. I don't agree. It might work better in future releases; my experience with PortableApps update since it was released is not so good - slow and too much interaction for users. I always switch it off, and check manually.
.
.
I have now taken these drives back and replaced them with other gifts. People consider me technically knowledgeable and now I look like a fool for giving technology that doesn't work. I am now stuck with them myself.
The first thing I did with a working drive was back up the factory-loaded contents using the PortableApps backup function. This took over 1/2 an hour, maybe 3/4 hr; I didn't actually time it. That produced a backup archive of 0.5GB. With 8GB of files on board, a backup of one of these is going to take all day long.
From this experience, drives of this size in USB2 are not going to be manageable. When I provide drives for PortableApps use I always use the smallest possible drive; we have a stock of 1GB and 4GB drives for this purpose. With USB2, the PortableApps backup still takes ages on a small drive.
It is essential to back up PortableApps drives frequently for potential total restore (we have experienced sudden and total USB drive failures, apparently as a result of a high rate of wear from Thunderbird operation). When backup takes hours, it is a pain. The only way to make this manageable is to use small drives. If you give people big drives, they will fill them with stuff and make backup impossible.
And the only reasonable way to back up a FIPS drive with confidential data will be to a Truecrypt volume. I have yet to try this but suspect it will be dealthy slow. It would help if the PortableApps backup function had an "exclude" function so non-PortableApps files could be placed in, say, an excluded folder and ignored by the backup.
I'll try CustomUSB for the activation codes. I have now spent a lot of wasted time on this exercise and copped a lot of grief. The way it is going, these Carbide drives are probably going to end up in the bottom drawer.
Thanks again for your reply.
First off, I split this off into its own thread as before it was replies to an 8 month old news story (not the best place to handle support questions). This way, you can also subscribe to this topic to be notified of replies without getting any others to the large thread. Plus, it's far easier to read through without losing our place. A link from there to here and from here back to there has been included for context as well.
Next, let's get back to addressing your points.
1. I spoke with CustomUSB's VP of Business Development directly on this and he had at least three of his support staff who walked users through finding the emails in their spam/junk folders. They don't do this to prove that they are right, they do this to determine what happened to the emails themselves to see if the issue is on their end or the customer's.
CustomUSB has had increased issues of transactional emails going missing as they've been sending out more marketing emails towards the end of the year. Even though CustomUSB are confirmed opt-in, many users simply start hitting the 'spam' button rather than unsubscribe. And, since both marketing and transactional emails go out from the same server, we wind up with issues around people not getting order confirmations, tracking, etc.
I've been an anti-spam advocate and an email marketing adviser for over a decade and I can definitely say that spam issues are far from handled these days. I'm running Rackspace's hosted email service, one of the larger ones, and I get at least a couple false positives every day. Granted, my personal account gets a TON of spam (lots of 'noise' for the bayesian algorithm to handle) due to being the same email address that's been posted online since 1998. Still, it definitely affects some transactional emails for me.
I didn't suggest looking in your spam folder to suggest it was definitively what happened to you, I was simply trying to be thorough. While it may not be the case with your system that you have false positives on transactional emails, it still is for much of the world.
2. There is a reset procedure in the PDF guide if they reset their. It's on page 9 bullet point 9.
3. The pictures are accurate, as they should be in any advertising. I'm unsure why you would assume they were not.
As for how to accurately distinguish multiple drives, I'd suggest keeping the slide covers with the drives. When using a drive in a given PC, keeping the slide cover on top of or next to the PC while it's in use. And immediately when finished returning the drive to the slide cover. To do otherwise wouldn't really make any sense since the drives are unprotected when out of their slide cover and susceptible to dirt, water, etc just like any other drive. As a drive will generally only be used by a single person (since they know the PIN) there's not much reason to share them or mix them up.
If in a less controlled environment where people are leaving the drives outside of the slide covers and mixing them up, I'm not sure offhand. We have no control over the backs of the drives themselves unless we order a much larger number of pieces (which is beyond our financial abilities at present). The soft-touch rubber isn't really the best surface to engrave. You could try having an engraver do one of the sides of the drive itself, but that might be a bit small. I'm sorry I don't have a definitive solution on marking the drive itself, but it's not something we offer (or claim to) nor something we'd considered much until now. As we begin pursuing the corporate market, perhaps we can come up with a better way to offer a mark-able or engrave-able area on the drive itself.
4. Again, I'm unsure why you didn't get the ESET antivirus code. Please contact CustomUSB for a code.
I've already spoken with CustomUSB about updating the insert to include mention of getting the code (as well as support, a better getting started guide, etc).
Pre-loading it on the drive is not an option as it would require customization of the software on a per-drive basis which would be cost-prohibitive. Including it as a paper insert might be a possibility, though.
As for the codes going to the purchaser, in nearly all cases, the purchaser is the user. While the drives make an excellent gift, we haven't really done any marketing to that effect. We've literally done a single basic press release back in May for the drive, that's it. If we can bundle the codes in as a paper insert, perhaps we can eliminate this issue. I'll speak with CustomUSB more on this.
5. Most users will NEVER manually check for updates. Sure, you and I will since we're technically minded and either remember or setup a given day of the week to do such things with a reminder in our calendar. But general users will never ever check. Not having an update by default setup would be hugely risky for that reason.
As for backing up, most folks will back up to their local PC. If they're FIPS-level worried about their data, they should have their PC set with full drive encryption, meaning they can safely back up their data from their flash drive to their local drive. The PortableApps.com backup built in is a basic backup to be able to backup your Documents+App Data or the whole drive. For folks who regularly back up, using a backup app with incremental support would be preferable (Toucan, FreeFileSync, etc).
I realize its slower over USB2. Sadly, there are no USB3 FIPS drives at present. We're looking into remedying this, but it is an expensive proposition for such a niche product.
Again, I'm sorry you're having issues with your drives. I am attempting to assist as best I can.
Sometimes, the impossible can become possible, if you're awesome!
John,
Thank you again for your comprehensive replies. You have covered all the issues.
I'll persue the missing activation e-mail with CustomUSB.
John,
In this reply, you said that the vast majority of the purchasers are the users so that is determined to be the primary contact in the process for codes and such. That makes sense.
I have recently purchased airplane tickets for my son to visit me. As you know, ticket purchasers are usually the users. In that ordering process, there was a tick-box so that the flight and registration info could be sent to a specific secondary email address. It strikes me that "is this a gift?" may be a good solution to the OP's issue and could be designed to separate tracking notices (might not be desired) from registration info.
neutron1132 (at) usa (dot) com
J Neutron,
My point was that any device to be gifted should simply be physically self-contained. You hand over a package, and everything (activation codes in this case) is inside the package.
Your suggestion sounds like complex workflow, and I'd have objections.
Firstly, I might give some random supplier my own e-mail address, but giving some random supplier other people's e-mails addresses is just going to produce angry people when they get spammed by a supplier of whom they have never heard and with whom they have no relationship. I never assume I have the right to disclose someone's e-mail address. Also, in my case, there was more than one recipient, so more than one person who needed an activation code each. The right code has to go to the right person. (I still haven't seen any codes, so don't know fully how this works yet.)
Your case of airline travel is different. The recipient needs the e-mail and possible subsequent e-mails from the airline, and they necessarily know who the supplier is. My gift recipients have never heard of and don't need to know CustomUSB, PortableApps, or anyone else in the chain.
This is all totally solved if the activation code is in the box with the device. All the problems go away, and no further interactions are required amongst the parties by e-mail or by anything other means.
So, when was the last time you gave a toaster as a gift? Didn't the recipient have to "register" the warranty with the manufacturer?
neutron1132 (at) usa (dot) com
Odd question, J Neutron.
1. In my country, everyone has warranty rights and there is no obligation for the gift recipient or indeed anyone to register anything for statutory warranty. Sometimes manufacturers offer a bonus extended warranty in return for registration for marketing follow-up, but this is rare and does not affect statutory rights. Short answer to your question is "No, they don't. Never."
2. Following my previous theme, I would never make the choice for the recipients as to what details they disclosed to a supplier, and I hope that you yourself reflect before volunteering other people's details to suppliers. It is entirely the business of the recipient of the product as to whether they register, and as to what private details they disclose in registering. Many people have different e-mail addresses for different purposes; I certainly do, and I want to make that choice.
You give the impression that you make decisions for others and consider disclosure of others' details something you routinely do.
No thanks; I prefer people to be more privacy-aware.
Here in the US, a blank warranty card is included in the package for most electronic products. It *might* have the serial number pre-filled for expensive purchases, but it will be blank otherwise. While we may be able to "claim" warranty service when armed with the purchase receipt, many manufacturers try to find reasons to avoid responsibility. Filling in the form (either manually and mailing it or completing it online) will establish credentials.
Since it is clear that we are looking at this from different points of view, I will just wander away. Sorry for the interruption.
neutron1132 (at) usa (dot) com
While I like that you're coming up with a new suggestion/idea, I think that would be less efficient that including it in the packaging. While including it on the drive itself would make for a more complex workflow (we currently have one image that is copies to all drives), including it in the box would likely be do-able within the current workflow. We could also keep a record of the order and the license for that order in the off chance the end user loses the slip and has to reinstall, etc, for end user convenience. Adding a 'gift' selection usually only means leave out pricing details in the packaging and sometimes add gift wrapping. Adding another email address would not be the norm and would likely be unsupported by CustomUSB's ecommerce system. Plus, as Oz pointed out, you may not have the email address of the person you are gifting it to. Or you may just want to buy it yourself and wrap it. Including the license would save you having to print it out and include a printed email in the gift package.
Sometimes, the impossible can become possible, if you're awesome!
John,
Just a comment now I am working on one of these drives myself. The initial automatic PortableApps update, which I just let run, took a full hour, maybe more. I notice that the sub-folder dates under PortableApps were 06/06/2013. I think that every single app updated. This is almost to the point where you could include nothing and have the drive download an image the first time it boots - the time involved could not be much more.
It might ease the user initial experience to provide CustomUSB with images that are fresher for burning on the drives.
The ESET software is even older, April 2013.
When I get some codes I'll see what updating ESET involves.
I'm working on an automatic builder for CustomUSB so they can refresh the builds every week. I've been otherwise occupied as of late, though. The ESET software within the PortableApps directory is just a connector to the main install in the root. The connector doesn't get updated. The ESET software in the root self-updates.
Sometimes, the impossible can become possible, if you're awesome!
OzPortableLongTerm,
If you are going to work on each of the drives yourself you could tweak their autorun.inf files to include a unique identifier for each drive. It could be a number or the recipient's name.
An example from one of my USB drives:
[autorun]
label=Ed's USB drive
It won't help identify the drive from the outside but it will once you plug it in.
Ed
This would apply to the Companion. But with the Carbide, you can't see anything until the PIN is input.
Sometimes, the impossible can become possible, if you're awesome!
That's right.
I'm trying to relieve the situation where, in a workplace or a family, these drives end up being used in proximity and then someone walks off with the wrong drive, possibly with someone else's drive case and ID on the outside of it. They don't realise until they enter the PIN, and the risk is they may erase someone else's drive by trying what they think is their PIN in "their" drive.
One possibility until we're able to customize would be to use a labeler and stick it on the backside of the drive. IIRC there isn't anything there that should interfere with adhesion. And one of the smaller width ones should be about the right size. You can label it per person and cut the labels square to ensure that they'll stay on there a while. When they do fall off eventually, they will be easily replaceable. I got the idea as, back in corporate, this is essentially what we used to do, albeit with permanent stick-on labels, for both portable and non-portable devices with barcodes and serial numbers on them.
Again, not a permanent solution (nor advertised as one) but it could be a nice stopgap. I still think it unlikely that a drive will be separated from the slip cover (mine are always together), but on the offchance it happens, this solution may help alleviate confusion. It'll look nicer than writing on it. And it won't be seen much anyway since it's on the underside of the drive (notwithstanding laptops with upside down USB ports).
Sometimes, the impossible can become possible, if you're awesome!
A label would be good. Included in the package, the user could even stick it on themselves.
As these drives are quite large, a narrow label could easily fit on the edge of the drive; the edges have no writing, whereas the back has a lot of writing, some of it informative.
On either the side or the edge, the label is going to have to be very thin, because the drive fits snugly with a small clearance in the case. Too thick, and the label will quickly tear.
I wasn't thinking of adding them to the package. I meant the end user could add them if they were so inclined for now. I'd wager every business has a labeler already. I have one for home use as do most homes I know of with kids. So that could be a solution for the folks that are worried about multiple drives being separated from their covers and mixed up for now. if that were enough demand we could look into including them in the package, but no one else has inquired.
Sometimes, the impossible can become possible, if you're awesome!