December 14, 2001

Roll your own nightmare
Do-it-yourself works for minor home repairs, but not for ecommerce security. Even if you have a huge brand, lots of money, cool software, and hire some "smart people" you're still likely to make the same stupid-as-heck mistakes everyone else makes.
Tip 1: Good hackers know way more about security than all your "smart people".
Tip 2: SSL is not security.
Tip 3: Your systems have tons of holes in them.

Security audits, usability tests, heuristic evaluations, and eXtreme Programming (XP) are all based on the principle that a second set of eyes sees many things. Sometimes you need experts or hired guns to sleep comfortably at night. My own experience with security audits of transactional systems is that they help you find all kinds of potential problems. Just the process of walking someone through the application architecture and design is very valuable.
Whither (or wither) the WaSP?
Looks like the sting has gone out of WaSP. The pro-standards group has conceded that even if browser makers provide bullet-proof support for standards like HTML, CSS and the DOM the problem of a broken web is a much bigger nut to crack.

The argument used to be that the software companies provided broken browsers and hence developers couldn't build sites that work for most users. Now that we have better (but not ideal) browsers, the reality has hit that leading development tools (can you say Dreamweaver, Frontpage and Go Live) are generating horrible code. Designers and developers also don't know, don't test, and don't care. Validation? That's what you do for free parking, right?

Hopefully WaSP will be reincarnated in the future or some other group with a nasty sounding name wielding a sword of virtue will rise from the ashes and starting kicking some sense into development tool makers. I have great faith in market pressure, and I think WaSP focused a lot of the frustration that key customers of browsers were experiencing. They championed ideas for the causes of usability, accessibility and compatibility. Thanks made a difference.
Pen vs. Paper...Which will win?
In this corner wearing blue ink and expensive refills...the wireless pen! And in this corner weighing in at 12 ounces, 8 and one-half by 11 paper!

Why should people be excited about this? A wireless pen needs a network...tell me how that will work on an airplane. It's easy to lose and there's no system feedback to show what was stored on the network. Sure I can see what I wrote on paper, but I don't know what was captured electronically.

A good typist can type up to 90 words per minute. I can't read my own writing and write much slower than I type: about 35 wpm last time I checked which is nothing to write home about (pun intended).

IBM's "Smart paper" looks more promising than a really expensive pen with no on-board storage. It captures sketches and other scribblings so all those doodles created in droning lecture classes or committee meetings can some day be recognized for the works of art they really are. It also could more easily accomplish more functionality like cut and paste that become accelerators for application users. I could see this type of device being useful to designers developing paper prototypes and capturing diagrams and ideas from brainstorming meetings.

The tech industry is obviously streching out with research to try and find the next great user input technology. For example, much hope has also been put in speech recognition in the past, but the main competition, the keyboard, still offers a lot in terms of efficiency, feedback and simplicity. One pen or one voice just doesn't offer the output capacity of ten highly trained fingers...
Style Guides, Schmyle Guides?
A new book called "Language and the Internet sounds pretty interesting. Pooh-Poohing the Purists, a Scholar Revels in Netspeak from the New York Times says the author thinks a lack of conformity to guidelines is okay. I don't know anyone who, in college or elsewhere, really ever wrote reports or papers that strictly conformed to any style guides -- unless we're talking about English 101.

His point is that Internet writers and communicators modify their style for the medium, urgency, immediacy, synchronicity and audience. Wow! What a discovery -- I guess the days of leaving Mom notes on the table in APA style doesn't translate to todays hurried world of email.

Okay, even so, it could be an interesting book for anyone who has to write for online medium. Just a good survey of styles with some analysis could be very useful for helping us select a style in the future.
Sick health care sites
The "cranky user" cranks it up by going after health care and insurance sites.

"Users come to a site looking for a doctor because they are in need of medical attention; they want to find out if they have a serious condition, not watch your logo spin for five minutes."

"The end result of this is that I don't use the company Web page -- I call in." "I don't know how much that costs, but it's probably a lot; it seems like the company would get a better return on investment by doing a simpler site."

The cranky user is always right...

December 13, 2001

Patterns becoming more vogue
Patterns and Pathways: New Ways of Approaching Web Design proves once again that the guys at Adaptive Path rock! Great presentation on patterns and how they apply to web design.

More info on patterns in UI design:
Quit running around like a...
I heard via the rumor mill Monday that was going belly up. Checked out the site Tuesday AM and noticed that the content was days old (unusual in good times). As I was poking around on the site, they pulled the there's just a home page with a virtual epitaph.

I worked on the incubation project before it had a name. We only had four people on the project and a lot of ideas that evolved about 50 different ways. I never thought a "business plan" could change so much in such a short time. In the end, it was a brutal, fast-paced 12 months of hard work that taught me a lot. Now I feel I've gained a new membership to a community of people that defined the dawn of the millenium -- those who slaved away on failed dot-coms.

I guess I can say I was there to witness the very beginning and the very end.
My, Oh My, and Why (not)
Reading an article by Peter Merholz, I was reminded of familiar debates on past projects about the use of "My" in web sites a la My Yahoo!, myIntranet, etc. Peter does a good job of presenting his case that using "My" is confusing and even somewhat juvenile...answering the question of Whose "My" Is It Anyway?

"Think about it. What products, in the real world, use the possessive "My" in their names? Products for small children, like "My First Sony." How foolish would it sound, say, to buy something called "My Telephone" or "My VCR". Obviously, they're yours--you own it! Using "My" on a Web site encourages this childish sense of propriety"