Nice (and not so nice) updates to services

I use Bloglines as my RSS reader. I have a habit of checking the “Keep New” box on posts that I would like to read in more detail or post about. Checking the box would change the description display to indicate that there was a new post in the subscription.

Unfortunately, I tend to have a lot of these. Which meant that I would quite often open a feed thinking there were new posts only to find that there were only old posts I’d marked as new. Kind of a pain.

That changed a week or so ago. The Bloglines interface now gives an indication of how many truly new feeds I have as well as the number of old feeds that I’ve marked to keep as new. They’ve tried out a couple of different ways of displaying this. Here are the ones I’ve seen, they may have gone through a couple of other iterations when I wasnt’ looking:

  • 1 : 2
  • (1) (2)
  • (1) (2)

A definite improvement.

On the other hand, MSN has updated their service in a (for me) negative way. I have an MSN account that I’ve used for a while, though it mostly gets junk traffic these days. Since I prefer to not have to check numerous sites/sources for my mail, I have (had) Outlook set up to check the MSN account. While trying to clear out some old messages, I got an error dialog that basically said, “If you want to keep accessing MSN through Outlook, you need to pay us.”

Guess I’m not going to use MSN through Outlook anymore.

Blog usability: Top Ten Mistakes

Why do you blog? There are many answers to that question, ranging from “I just need a place to write down my thoughts” to “I want to change the world (and get rich doing it).” Your answer to that question should play a large part in how you blog. Or at least how you design your blog.

On that note is Jakob Nielsen‘s latest installment of his Alert Box column, Weblog Usability: The Top Ten Design Mistakes.

Weblogs are a form of website. The thousands of normal website usability guidelines therefore apply to them, as do this year’s top ten design mistakes. But weblogs are also a special genre of website; they have unique characteristics and thus distinct usability problems.

To reach new readers and respect your existing readers’ time constraints, test your weblog against the following usability problems.

  1. No author biographies
  2. No author photo
  3. Nondescript posting titles
  4. Links don’t say where they go
  5. Classic hits are buried
  6. The calendar is the only navigation
  7. Irregular publishing frequency
  8. Mixing topics
  9. Forgetting that you are writing for your future boss
  10. Having a domain name owned by a weblog service

Obviously, not all of these apply to everyone; it all depends on what you want to accomplish with your blog. Still, I think I have some work to do.

How paranoid, er, security conscious, are you?

Just as there is a fine line between genius and madness, there is a fine line between appropriate security and paranoia. On which side of that line are you?

Shred your sensitive personal documents before throwing them away? Appropriate security. Spread the shreds in the garden as mulch? Paranoia.

Passwords on your home network? Appropriate security. Issuing smart cards to your wife and kids? What do you think?

For a quick peak into a paranoid security expert’s approach to security, check out Security for the paranoid, which I found via Schneier on Security (one of the few things I make myself check every day).

I have to admit I don’t know if the author is serious or not, mainly because I don’t know him. My first thought when I read it was that he was serious, and seriously paranoid. I know people who think, and act, like this. And, in fact, some of the things he says make sense. For instance:

I frequently see people posting PGP signed e-mails to security mailing lists. It’s not that these people are afraid of someone actually spoofing fake comments from them on the latest CGI flaw; they just make it a practice to sign every e-mail, no matter how trivial it might be. Sure, these people are signing e-mails when it’s really not important, but I doubt they get caught not signing when it is important.


I also delete unused services on my servers. I block unused ports.

But a few things make me think it is just a bit over the top, including:

  • I keep my PC’s turned around so I can tell if anyone has installed a hardware keylogger.
  • I never check in luggage when I fly.
  • It takes five passwords to boot up my laptop and check my e-mail. One of those passwords is over 50 characters long.

One of the keys to establishing good, and appropriate, security is an analysis of the risk/threat, the consequences of becoming a victim, and the cost of the security measure against the cost. This is what the author of this piece misses, as evidenced by comments such as:

  • Sure, the threat might not be real. No one may ever actually want what you have on your PC. But does that really matter? Does the threat have to be real to warrant strong security?
  • There’s no need to analyze the threat of every situation. Just practice strong security always and you should be okay.
  • I don’t do it because I think someone is going to go through my trash to reassemble bits of my research notes. I do it because it’s good security.

I’ve been giving some thought lately to the challenges of enterprise solutions to problems and my belief that “one size can’t fit all”. Though there are some security best practices (for lack of a better phrase) that can be applied in many situations, blind application of these practices to unique situations will likely result in more harm (less security) than it does good.

What you get is what you see (yes, that’s what I meant to say)

From Jakob Nielsen is R.I.P. WYSIWYG – Results-Oriented UI Coming, a look at the possible (and, he argues, needed) demise of the What You See is What You Get (WYSIWYG) design for user interface.

Unfortunately, we’ve now reached the limits of the current GUI paradigm. Displaying commands in menus, toolbars, and dialog boxes works with a limited number of elements. But Microsoft Word 2003 has 1,500 commands, and users typically have no clue where to find most of them.

Another WYSIWYG downside is that it forces too much manual labor on users and requires a stretch of imagination to envision results in advance. Yes, you can gradually massage your work into the shape you desire, one modification at a time, and visually confirm progress as you go. But you have to make each modification yourself, at the cost of many a mouse click….

Direct manipulation of WYSIWYG objects thus has three primary limitations:

  • A plethora of commands, each of which you must locate (most people don’t, and thus never use most of the features they’ve paid for).
  • Lots of chopping away at the edges to shape your marble block of a blank screen into your desired goal (leading to a great loss of productivity).
  • No guidance relative to the goal; you must determine how to reach your goal from the starting state by combining multiple primitive commands. (This denies most users their expressive power; people are generally better at modifying an existing design than creating one from scratch.)

Nielsen uses the new design in the next version of Microsoft Office, based on a results-oriented user interface, to describe what he thinks this next generation of user interface will be like.

Rest assured, the current GUI will stick around for quite a while, but – as Nielsen states – as Office goes, so goes much of the rest of the software world.

Personally, I’m looking forward to giving it a try.