Developers Don’t Read Stories, So Talk To Them Instead

In Jakob Neilsen’s How Little Do Users Read? he sites an ACM study that has found that people typically only read about 20% of content on a page on average, with a max of around 28%.

This just confirms my suspicion that developers fully don’t read the stories that I write for them, even though they are highly focused and relevant to what they are looking for. Instead of reading, they skim and look at the screenshots I provide.

What can we take away from this? Treat stories as a conversation point, rather than a full design spec. If your devs have to read thousands of words in your stories, they are too big. Talk to your team and make sure people understand what you are trying to do.

At 130 words above, most people have read only 26 words in this article, meaning they’ve barely read the first paragraph. Scary.

AntiSamy – HTML In Web Apps

A big problem right now in web application development is allowing users to add in HTML and then protecting them from malicious javascript. Fortunately, someone is working on this problem and giving the rest of us the results for free.

The “AntiSamy”:http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project library is named after the samy “worm” that hit MySpace and infected many thousands of pages before it was contained.

The page mentions that there is very little interest from the Rails community on this. I know there are plugins like the “whitelist plugin”:http://agilewebdevelopment.com/plugins/whitelist, but AntiSamy looks at least to be a nice compliment to something like whitelist.

Old Software Never Really Dies

I just got a support request from someone today for a web application that I helped to write in college. It was my first Rails project and it was made as a senior class project. We had a client who was a professor from another department. We had to write our own version of backgrounDRb, used an early version of Rails, and wrote Flash as the front-end to an annotating engine for documents.

It was a great success for us using Rails and Ruby for the first time. We easily exceeded all expectations set in the beginning of the 10 week class. We had demo screencasts, a professional looking site, a great code/test ratio (first time ever for me), and a very happy customer. Some departments in our school were seriously considering using it for their document collaboration needs, and apparently, the software found its way around the world entirely by word of mouth.

I haven’t touched the code in several years and the machine that housed the subversion repo is long gone. It got me thinking about how software never really dies. I had no idea these people were using it to this day, but it still lives out there. I don’t even have the original site up anymore, so there’s no place to download the code.

It’s sort of cool and strange knowing that something that I wrote as a class project is being used by people to actually get work done. Maybe I’ll pick it back up and polish off the old code and breathe some new life into it someday. It’s just weird to think of a Flash/Rails app I wrote a few years ago as “old.” There’s going to be more of that in the future and it’s a refreshing reminder that everything old is new again and software never truly dies.

Less Junk Mail – Now With Less Privacy

I was going through a backlog of feeds today and noticed a number that I could call that would allow me to opt-out of getting credit card junk mail from the big credit bureaus. I thought to myself, “Great, I really hate those things and they go directly to the trash. Let’s see if I can stop it for a while.”

For those outside the US that don’t know, we Americans get a ton of junk mail from a bunch of credit card companies and other companies we could care less about because these credit bureaus keep a mailing list with our names on them and then they sell the list to direct marketers. It’s a great business for them and they can even qualify you as a good lead because they know your credit score. What turns out to be good business for them is really annoying to those of us who have to receive this mail.

So, I call the number and I get a computerized greeting. The nice computerized voice tells me that there are no operators to take my call, but that I can still opt-out. She asks me if my phone number is the one that I’m calling from (I’m assuming they have caller ID, but that can be blocked or I could call from a pay-phone) and I say no. The computer then asks me to say the phone number for the residence I want to opt-out for. I give them the number to my house and the computer starts reading back my home address to ask me if it is correct. _Wait, what?_ A little concerned, I say yes because it was my address. It then proceeds to say my full name and asks me to confirm. I say yes because that’s correct too.

Thankfully, that’s all the information that it decided to give to me without asking for any sort of verification, only a phone number which I could have picked out randomly, or worse yet, given to someone who now wants to find out where I live.

The rest of the call asked me to enter in my social security number and date of birth to confirm that I was who I said I was.

This seems backwards to me. Shouldn’t I have to tell you who I am with some information that I don’t just readily give away? I don’t go around printing my social security number on business cards, but I do print my phone number on business cards. My information is in their systems if they are using what I enter to verify the transaction. Ask me this information first before you disclose my name and home address to anyone I’ve given my phone number to.

Here’s the number for those interested: 1-888-5-OPTOUT

For those who are going to say that this number was fake and that I just got my identity stolen, I used the web browser on my phone and checked this number out before I called. That is also where my feed reader is. The number is listed on the Federal Trade Commission’s website along with a link to a free website where you can enter in your information to opt out. I was going to use the form, but typing in a whole bunch of data using your phone is not ideal with a simple 12 button keypad, so I decided to use the number. The website gets things right. I have to enter in tons of information about myself including my address. The phone number just gives it up willingly.

Crucial.com Gets Customers

I bought some RAM today for my laptop and had a great experience with crucial.com.

First, there was a program that they allowed me to download (if you use IE, it just runs right in the browser) that showed me exactly how much RAM I had and more importantly, _where_ it was installed. It showed me that I had 1GB of RAM in a single slot.

Then I got a recommendation for which RAM I needed based on Crucial knowing exactly what computer I had. Their suggestion was exactly what I needed.

Purchasing the RAM was my favorite part of the experience. In my opinion, this is where Crucial gets things _really_ right. I didn’t have to log in, sign up, or otherwise register for anything on their site. I just put in my shipping and billing information and I was done.

The last nice touch was this little gem that appeared in the middle of my order confirmation.

Nothing to fill out if I didn’t want to, but a genuine attempt at making my life easier if I was going to have multiple orders.

Thanks Crucial, it was a great buying experience.

Protect Users From Themselves

Often, when designing a system for users, we look at what they could do wrong and either try and prevent it or tell them what’s going wrong. I prefer to take as much of a proactive approach as I can by having the system fix the problem and not even bother the user with an error message if it’s not absolutely necessary.

This same mentality holds true for the way users expect a system to work. I found an example from bloglines today, which is a great service that I use every day.

Bloglines has the nice feature of letting you use keyboard shortcuts to navigate around your feeds and the posts within them. It’s a tremendous time saver not having to scroll all the time. However, this morning, I discovered an oversight that is easy to fix: if I have caps lock enabled, the navigation doesn’t work. It is something that only comes up in a blue moon, but it took me a minute to figure out what was going on today to correct the problem.

The problem is with the javascript that bloglines uses to capture the key events and perform an action. Here’s a (snipped) example.

var g_hotkey_scrolldown = 106; // j

else if( whichCode == g_hotkey_scrolldown ) {
    // j - scroll down pane
    cancelEvent(e);
    if(main.basefrm && main.basefrm.gotoNextItem) main.basefrm.gotoNextItem(nav4);
    else if(main.gotoNextItem) {
        main.gotoNextItem(nav4);
    }

This only captures the lowercase j, but if you wanted to capture the uppercase J (because someone might have the caps lock enabled by accident), then it would be simple to change the whichCode line to add in the case for uppercase J.

var g_hotkey_scrolldown = 106; // j
var g_hotkey_scrolldown_upper = 74; // J (uppercase)

else if( whichCode == g_hotkey_scrolldown || whichCode == g_hotkey_scrolldown_upper) {
    // j (upper and lower) - scroll down pane
    cancelEvent(e);
    if(main.basefrm && main.basefrm.gotoNextItem) main.basefrm.gotoNextItem(nav4);
    else if(main.gotoNextItem) {
        main.gotoNextItem(nav4);
    }

A simple one line change for this example, but it prevents users from getting behavior in the system that they don’t expect.

Update: I had sent this issue directly to Bloglines before making this post with essentially the same information. I received a reply from them saying that they would forward on the report to the appropriate department. Hopefully, they will fix this issue and get back to me. A commenter noted this issue happens with similar sites that use access keys in this way. My lazyweb question then: is this not technically possible? I didn’t actually run the code I wrote, but I could if I really wanted to test it out since I believe Firebug will allow me to do that. It just wasn’t that pressing.

Update: I still haven’t seen this work and have moved on to another blog reader. I just couldn’t deal with the lack of progress and missing out on better options. So long Bloglines, you’ll be missed. I’m happy to be lured back someday.

Google CSE – Why It May be the NBT

One of my favorite bloggers, Tom Evslin, wrote Google CSE – Why It May be the NBT. Go read the article first, because I refer to it a lot here. I agree with what Tom says about CSE (Custom Search Engine) being a big deal because Google is doing it. Rollyo, a product that I was an early beta tester in, came before, but as with the misnomer of first-mover advantage, it doesn’t matter if you’re first, it matters who has more users.

Now that I’ve had a chance to play with CSE, I can say that it is a nice tool, but I think that we will see more improvements.

Here’s something I think that Tom didn’t get to though. Google has always said that they want to organize the world’s information. CSE smells a lot like the dmoz.org project that started years ago, except that Google found a way to get people to *want* to create a human-edited search engine. _(What a novel idea huh? I guess those MBAs are still teaching us techies a few things)._ If you think that CSE is just a dumb tool to put sites into, you’re way off base. Google is giving you a great service by letting you limit search querying to some specific sites, but what you are giving them is much more valuable. You are telling them what sites to group with what categories. I would have to bet that Google is paying attention to what you put in your little search network and getting even more context out of that to help their main search engine too. So when you create a network about VCs or Entrepreneurs, Google looks at that and probably gives them a little more Google Juice for certain things.

The goal of a search engine is to bring back the most relevant data to you that you are searching on. What made Google a better search engine is that it went beyond simple keyword searching with their PageRank algorithm and other secret sauce. You are getting more valuable information because they made a bet that things that are linked to the most _by humans_ are the most relevant _to humans_. And since a human is going to be able to tell you much better than a computer (at least for now) what content is best for a particular subject, they are leveraging that “vote of confidence” from someone who links to something. Well, CSE is just an extension of that idea. You are building mini networks for them and they will leverage that knowledge too.

I’ll keep watching this one. It will be interesting to see what happens.

New Homepage

I decided I needed a new front page to this place, so I went to work on something new. I didn’t exactly know what I wanted until I started putting something down on paper and forming some ideas. I finally came up with the design you see “here”:http://www.bitshaker.com and I am pretty happy with it. Read on after the jump on how I did it.

On NTFS Performance Hacks and Design

An article came across my news reader today and happened to click on it. I think a lot about design and where the user comes into play in a system, so this article intrigued me in a way it probably wasn’t meant to do. It is an article called NTFS Performance Hacks. I discuss the good, the bad, and the ugly after the jump.

Technorati Tags: