User Interface Failure, Succeeding

It’s not everyday an application interface is designed to purposefully confuse people.  It mostly just kinda happens.  There isn’t any malicious intent involved.  However, I’ve had it with Adobe and Google. 

First off, let me say that I am very disappointed in Adobe for keeping Shockwave alive.  Merge it with Flash.  Keep it down to one browser plug-in, jeez.

Second, shame on both companies for purposefully designing a confusing interface.  I visited a site recently that had a Shockwave applet.  I wanted to see it, so I installed the plug-in.  Boom, up pops this window:

shockwaveGoogle

I read it as this: “Hey, you just started the installation of a plug-in.  Click next to continue.”  Whereas it actually said “installing plug-in.  To install another plug-in you didn’t ask for, click next.”  The insidiousness is in the form of a little checkbox that asks if you want the toolbar.  The problem is that the checkbox looks like its part of the feature list, so naturally you just click next to continue installing the original plug-in.

It’s a nicely designed form.  It conveys information perfectly.  Except the information tricks you.  It’s very malware-y.  I would expect such a thing from Adobe; they are starting to really annoy me.  But Google has always had the mantra of “do no evil”.  I called phooey on that long ago, and this is a perfect example of their hypocrisy.  I realize they play a very minor role in this situation, but they really should have rules about how people agree to install their software.

I spent a good chunk of my morning yesterday listening to someone complain about how Microsoft installs the .NET remote app installer plug-in into Firefox, and how inappropriate that is.  In my opinion, this is way worse.  Microsoft just did it.  This is explicitly malicious.  They go out of their way to confuse you so they can say “hey, you agreed to install it.”  Phooey, indeed.

</rant>

Make it Right: Revisited

In the previous post Make it Right I asked the question

Why aren’t more people making it right?

I was curious why people don’t take the time to write software properly.  There are lots of jokes about bad software development:

If houses were built the same way programmers build programs, we’d all be living on the street.

Unfortunately it’s a fair statement.  Most programs out there suck*.  I used to come back with the argument that people have been building houses for thousands of years, but software for only a few decades.  There are bound to be issues.  But then it occurred to me.

Mike Holmes is all about making it right, as I said in the previous post.  His TV show was about fixing the problems that professionals made.  Professionals who have been building the same thing people have built for thousands of years.  Wait a minute.  I just flawed my own argument.

Houses are built the same way programmers build programs.

Why?

I see three very apparent reasons.

  1. Cheapness – People want software built quickly, as cheap as possible.
  2. Laziness – Why strain your mental processing or follow best practices when you can just do whatever first comes to mind?
  3. Uneducated – Sometimes (a lot of times) the person doing the building/development just doesn’t know what they are doing.

There are numerous other reasons why, but these three are by far the biggest across all aspects of building stuff.  I think they answer the basic question asked earlier, but now I have another question.

Why do we let people who are lazy or uneducated build applications for us, just so we can save a few bucks?  We will end up paying loads more in support after the fact…

*I said programs, not programmers.

Resources for Students who Hate School

I hated school.  Technically, I’m still enrolled in college.  Bachelors of Business Management.  Blech.  I figured at least with business, I would learn something useful later in life.  I chose against Comp. Sci. for a few reasons.  One being that I know a couple PhD’s that know nothing about building applications in the real world.

In Comp. Sci., you learn how to build data structures, and how to make Mandelbrot Set’s process faster.  In business, you learn why people buy stuff.  Or more appropriately, you learn how to get people to buy your stuff.

Seeing as I learned (taught myself?) about things like linked-lists and pointers while in grade 10-ish, and wrote/re-wrote/re-re-wrote Mandelbrot Set builders as a final project in grade 11, I think I can safely say I would be bored as all hell in University.  Not to mention all the theory.  Comp. Sci. is all about theory.  Maybe 10% is actually coding.  F-that.

Business is inherently hands-on.

I like hands-on.  It’s tangible.

The only problem I had was finding resources.  My programming teachers were pretty cool, and were always willing to help me on algorithms that confused me, as well as extra-curricular programs when something just wasn’t jiving.  But I had cool teachers.  Not everyone is as lucky as I was.  And with the teachers, they weren’t thinking in C# or ASP.NET everyday like I tended to do.  Trying to ask them why something trivial like

<asp:TextBox ID="txtUsername">

didn’t compile was kinda painful.  I usually got a response along the lines of “what’s the colon for?”.  I always felt funny trying to explain the quasi-xml structure of ASP.NET to teachers.  This left me in a lame position of needing to find help.  Forums are great, but separating the wheat from the chaff is a waste of time.  Enter stackoverflow.com (4 years late, mind you) and you get answers quickly.  I like it.  I use it all the time.  I’d like to think that those who are willing to look for resources will find the site fairly easily.  However, there is another site out there that not too many people know about.  It’s the Microsoft Student Experience site.  Yeah yeah, brain wash them early.  I drank the kool-aid early.

Part of the website is dedicated to the DreamSpark program.  Free, fully-licensed Microsoft products.  Nuff said.

image

The other half of the site is dedicated to students.  Good thing, given the name.  Not just students studying software development either.  All students.  It provides tangible resources for students.  Stories, tutorials, and templates look to be the main content.  It’s all surprisingly good stuff too.  It ranges from school studies to general life, to post-school life.

image 

These resources may help those students who are struggling with school – at any level.  There are students out there with lots of potential.  Let’s not see it go to waste.

Make it Right

For the last couple months I’ve had a strange fascination with the TV show Holmes on Homes.  By no means am I construction-literate.  When I want something built with wood, I buy it.  The fascination is not about the construction, or even his manly good looks (FYI: I meant it in the friendly-way, not the friendly-way), but the premise of the show.

Mike Holmes is about doing a job right.  It doesn’t matter what the job is; it HAS to be done right.  Period.  No if’s, and’s, or but’s.  We need more people like him.

This applies to Information Technology as well.  Take the Security Development Lifecycle for example:

Do it right first: securing new code helps keep down compatibility and roll-out costs.

Why aren’t more people making it right?

Reminder! Windows 7 Beta Expiration

Reposted without* permission from the Canadian IT Pro blog.

Windows 7 UltimateI just wanted to post a reminder that the Windows 7 Beta is set to expire on July 1st, 2009.  What does that mean?  Well it isn’t going to explode, eat your data or lock you out.  What is going to happen is that the PC will force you to reboot every two hours.  But have no fear there is a way to fix this, simply install the Windows 7 Release Candidate which you can still download.

While an upgrade isn’t supported, and I strongly recommend a clean install, you can find a workaround that will allow you to do an in place upgrade.

Grab the Release Candidate here!

 

* I never asked.  I doubt they will care.  Correct me if I am wrong, Rodney! 

Techdays 2009 &amp;ndash; VIP Pricing

As budgets get tighter, Tech·Days is the perfect way to get the Tech·Ed experience without the travel expense, with two days of skill-strengthening education to help you position yourself for success by:

  • Learning the technology—with a customizable agenda from over forty sessions across five technical tracks on both current technologies and new products, like Windows® 7 and Microsoft® Exchange 2010;
  • Connecting with Experts and Peers—with Birds-of-a-Feather lunches and the new Windows 7 Zone, you'll have lots of opportunities to share your ideas with those who know the products best; and
  • Apply what you learn—with a Learning Kit packed with products and resources so you can continue to grow your skills long after the event has finished.

Technologies discussed: Windows 7 Operating System, Windows Server® 2008 R2 operating system, Visual Studio® 2008 development system, Silverlight™ browser plug-in, Exchange 2010, Security/Management, and more.

If you want the VIP Discount use the promo code TD09Partner.

City Date Venue
VANCOUVER
TD09Partner
SEPTEMBER 14-15 Vancouver Convention Centre
TORONTO
TD09Partner
SEPTEMBER 29-30 Metro Toronto Convention Centre
HALIFAX
TD09Partner
NOVEMBER 2-3 World Trade & Convention Centre
CALGARY
TD09Partner
NOVEMBER 17-18 Calgary Stampede
MONTREAL
TD09Partner
DECEMBER 2-3 Mont-Royal Centre
OTTAWA
TD09Partner
DECEMBER 9-10 Hampton Inn & Convention Centre
WINNIPEG
TD09Partner
DECEMBER 15-16 Winnipeg Convention Centre

Early Bird: $299, Regular Price: $599

There is a good chance I will be presenting at one (or more) of these locations, so keep an eye out.  In the event that I don’t, I will definitely be enjoying the Toronto stop of the tour.  In either case, I will be there ready to learn, with a pocket-full of business cards.

Oh, and I’ll be leaving with a box/bag/shopping cart* of swag.

*Metaphorical shopping cart.  They are going to give away lots of awesome stuff.

Bing Search Provider

Seems it automatically updates itself in IE.

bing

Cool.

Security, Architecture, and Common Sense

Good enough is sometimes not good enough.  I’ve been doing a lot of thinking lately (well, I’m always thinking), and security has been an issue that has come up a lot.  Frankly, I’m a two-bit software developer.  I know my code isn’t the best, nor the most secure.  I use strong passwords, encrypt my sensitive data, and try to limit access to the applications for those who need to use it.

In theory this works.  Problem is, it’s a lame theory.  There are so many unknown factors that have to be taken into account.  Often times they aren’t.

When I go to build an application I spend time designing it and architecting it.  This is usually the case for most developers.  What I’ve noticed though, is that I don’t spend time securing it.  I can’t.

Imagine building a house.  You put locks on the doors, bars on the windows, and someone breaks in.  Why?  Because someone left the key in the door.  You can’t build against that.  You just can’t.

You can follow the Security Development Lifecycle, which I recommend to each every single developer I meet.  There are tons of resources available.  But it can only go so far.  It’s designed more for being part of the iterative processes, not the architecture.  Or at least, that’s how most people interpret it.

So?

My last post talked about Single Sign-On (SSO).  It’s a great sellable feature for any product.  What most people don’t realize though is the inherent security benefit to it.  With it, that means one less password to remember, one less password that could get intercepted, one less password to change every month.  This is a fundamental architectural issue.  But at the same time, it’s common sense.

What is sometimes the simplest idea, is usually the correct solution

What the hell does that mean?  It means keep it simple.  Security is simple.  Keep data from prying eyes, and keep it from getting lost.  This is common sense.

Security is not difficult to comprehend.  It becomes difficult when academics get involved.  Spouting theories and methodologies scares people into thinking security is extremely difficult to implement.  It’s not!

Follow the Data

Understanding the flow of data is crucial in properly architecting an application.  It’s crucial in properly securing an application as well.  SSO is a perfect example of this.

The SSO feature in Office SharePoint Server 2007 maps user credentials to back-end data systems. Using SSO, you can access data from server computers and services that are external to Office SharePoint Server 2007. From within Office SharePoint Server 2007 Web Parts, you can view, create, and change this data. The SSO feature ensures that:

  • User credentials are managed securely.

  • User permission levels that are configured on the external data source are enforced.

It makes perfect sense.  It’s simple when you think about, and it affects every subsystem of SharePoint.  Make security a feature.

Single Sign-On

Is it just me, or is Microsoft the only vendor out there that gives you SSO in all their products, free?  Novell requires you buy their add-on product.  Oracle has nothing relevant.  Never gonna happen on any Linux distro out of the box.  Too many variables.

The integration alone is reason enough to use Microsoft products.  Is it just me, or do people choose to go anti-Microsoft out of spite?

Just a thought.

Technet Plus Subscriptions

You know, I don’t ever get the chance to tell people how useful these subscriptions are.  They are extremely handy.  I used mine at least once a week, but two or three times a week wasn’t out of the ordinary.  The subscriptions give you direct access to Microsoft software for testing and creating proof of concepts.  They also give you access to beta software, i.e. Windows 7 and Exchange 2010, before everyone else has a chance to get it.

You can also use them to manage support tickets, and even get professional help free.  But here is my absolute favourite benefit of a Technet Plus Subscription: Free E-Learning.  It gives you access to 3 Microsoft E-Learning Courses and Workshops, free.  Stolen from the site, here’s the current offer:

With TechNet Plus, you receive ninety (90) days of access to Microsoft E-Learning with hands-on learning to help you build the skills you need to do your job. The following courses are available to TechNet Plus subscribers through June 30, 2009:

  • Course 4330: Working with Subqueries Using Microsoft SQL Server 2008 - In this 2 hour course, students are introduced to subqueries. Using common table expressions in queries to generate hierarchical result sets is also explored.
  • Course 7250: Managing Applications in a Windows Server 2008 Environment - This 2-hour course describes enhancements to the Application Server, Web Server, and Terminal Services roles in Windows Server 2008. It also provides guidelines for deploying applications on your servers. This knowledge helps you use the server roles to manage an organization’s application infrastructure.
  • Course 6321: Configuring a Virtual Environment - This two-hour online course provides IT professionals with knowledge about the tools used for configuring a virtual environment. These tools include virtual network, virtual hard disks, and virtual machines. This knowledge helps you gain the skills necessary for setting up a virtual environment.

Go get one now.  Right now.  $349 US.

ms788692_78916_071108_TNetBuy_75_20C(en-ca)