This morning, I noticed that we got some feedback from an unhappy Entourage user that says:
How DARE you prevent, by DEFAULT, the ability to see images in my email program!?!?!?! I just forked out good money for Office 2004 thinking that there would be improvements - and instead I find some LUDITE has made a decision that should be left up to the user - I do not NEED to have my email "secured" from images - I LIKE the images appearing automatically - LIKE THEY DID BEFORE in the previous version of Entourage - in fact I'm switching back.
THANKS FOR NOTHING!! Use your brains to improve a product - not diminish it.
Usability doesn't exist in a vacuum. My life would certainly be easier, but a lot less interesting, if it did. When I study usability and try to make improvements, I have to deal with the real world, which means that we don't get to provide you with the perfect user experience. We have to make trade-offs. We don't have unlimited resources. We don't have a perfect technological solution to everything. And we have to deal with security concerns.
Entourage 2004 has a couple of security features that has a detrimental effect on the short-term user experience. By default, Entourage doesn't automatically download any image that is sent to you via email. You can change that through the Preferences menu (Entourage -> Preferences -> Security -> Automatically download ...), but that doesn't get you every image that is sent to you. That only gets you images that is sent to you by people who are listed in your Entourage address book. If you get email with pictures from someone who isn't in your Entourage address book, you have to manually click that 'Download images...' link in the email message.
This feature makes some of our users quite upset, as you can see from the above feedback. And I've already admitted that it has a detrimental effect on the short-term user experience. So why haven't I shouted at anyone who will listen until we change it? This is one of the more difficult trade-offs that we have to make: security versus usability. For Entourage users, the most usable thing to do would be to automatically download every image, so that you see the email that you expect to see and don't have to notice that there are missing images and then move your hand to the mouse (if it's not already there) and click the link.
The problem is one of security. Think about the spam that you get, or those spoofed messages from banks (real or not) that want you to enter lots of your personal details on some random faked website. If Entourage automatically downloaded images from those messages, their servers would get a lot of information about you. For example, their server will record your IP address, which gives them a fair amount of information about your physical location. There's a lot of other information that they'll get automatically, which gives them lots of information to use to spam or phish you in the future.
We made the decision to relinquish some of our short-term usability to enhance security. We tried to mitigate the usability effects of this decision. You can set the pref to automatically download images from people in your address book. This isn't a perfect solution, either: my address book has entries for Alaska Airlines, Hyatt Hotels, and my father. (Dad doesn't need to be in my address book. His is one of the few telephone numbers that I can actually recite at will, unlike (for example) my own home number.) I don't like having extra entries in my address book, but it's the best solution that we have to the problem of spam, phishing, and maintaining security.
Making software is a series of trade-offs. This is just one example of one type of trade-off. Creating solutions to these problems is what makes my job interesting.
The Wall Street Journal published an article last week titled At Apple, Secrecy Complicates Life but Maintains Buzz. Here's a quote from the article:
While many tech companies assign internal code names to products, Apple goes a step further. It often gives different departments dissimilar code names for the same product, current and former employees say. If a code name leaks, Apple can more easily track down the department from which the leak originated.
In the interests of being more transparent, I'm going to share a secret with you, my dear readers. Microsoft is one of those tech companies that assign internal code names to products . The code name for our next version of Office:Mac is (drumroll) ... Office 12.
I hope I didn't just kill any of our buzz by revealing that secret.
 My favourite code name that was used by MacBU was Taco Cat. I'll leave it as an exercise for the reader to figure out which product had that for a code name and why. (We don't make that many products, so guesses don't count.)
I've been quite the road warrior for the past few months. The biggest question in my travels is my rental car. I never seem to get the same type of rental car twice in a row. I've run the gamut from a Ford Mustang convertible (and I hated every second of driving that car, which is unfortunate, since I drove it from Portland to Seattle) to a Chevy Trailblazer (which I also hated, because it felt like I was driving a schoolbus).
Aside from complaints about specific vehicles, I've learned a bit about what I want out of my rental car:
These have turned out to be the things that are really important to me when I drive a rental car, and I realised that they're all usability issues. It's just me and my luggage when I travel, so I don't care about making sure I get a big enough car. Assuming that the car has four wheels and air conditioning, I really don't care about the particular car. It's been kinda nifty to drive cars, it's kinda like an extended test drive for cars that I'd never consider buying.
I'm in the middle of reading Technopoly by Neil Postman right now. So far (70 pages in), it's an interesting book about the rise of technology and the attendant spread of information, and the consequences of this. Here is a quote:
We are a culture consuming itself with information, and many of us do not even wonder how to control the process.
Postman published this in 1992. Think back to 1992. The Internet was still only for academics, researchers, college students, and some enthusaists who were coming over from the BBS world. Cable television hadn't exploded to 500+ channels. Satellite radio hadn't made its entrance with its 500+ stations. If he thought we had an information glut in 1992, I hesitate to consider what he would think of the information available in 2006. The human genome is being mapped, we're working on cloning, many newspapers have an online presence. I don't read a newspaper anymore, I read through several online news sources (the Beeb, CNN, the Sydney Morning-Herald) for my news.
And here, right now, I am creating more information. And you're reading it. Blogging is all about creating and spreading information. This isn't a judgement, but merely an observation. I'll have to think more about information and my own place in its creation and consumption as I continue to read this book.
A couple of amusing things related to Steve Jobs hit my radar today:
This makes me want to hear Steve say sizzle fo shizzle during the WWDC keynote.
There's a new update available today for Office 2004 and Office X. For Office 2004, version 11.2.5 fixes vulnerabilities that could be used by a malicious attacker, as well as addresses some Entourage issues. For Office X, version 10.1.7 has updates related to stability and security.
If you use Microsoft AutoUpdate, it will automatically get this update when it next runs. You can manually run Microsoft AutoUpdate by opening any Office:Mac application, selecting the Help menu, then clicking on "Check for Updates". You can also download the update from Mactopia (on the main Mactopia page, look in the right column for the Quick Downlaods).
Tomorrow is the last day that I'm accepting applications for student volunteers for OOPSLA 2006. To be a student volunteer, you must be a full-time student in an accredited university anywhere in the world in October 2006. To apply, fill out the application form. I will notify all applicants of their status by 08 August.
Student volunteers are my minions. Together, we're responsible for keeping the conference running smoothly. Student volunteers work at registration, man the information booth to point conference attendees in the right direction, provide assistance at the tutorials, and do a bunch of other jobs. In return for their work, student volunteers receive a free full conference registration, free admission to tutorials (on a space-available basis), and whatever other goodies I can come up with between now and October. Some student volunteers will also be eligible for reimbursement for some of their travel expenses associated with attending the conference, to a maximum of US$500.
If you're not a student (or you are, but you're afraid of working for me) and are interested in OOPSLA, registration is now open. The advance program shows you what we've got confirmed so far. Our confirmed invited speakers include Brenda Laurel, Guy Steele, Philip Wadler, and Joshua Bloch. The keynote for the educator's symposium is Willy Farrell of IBM. We have a grand total of 57 tutorials this year, covering topics in Java, C++, Python, Ruby on Rails, Eclipse, UML, agile design, design patterns, test-driven development, and more.
If you have questions about OOPSLA, you can leave a comment here or email me via that 'contact' link over on the right side of the page.
Today is a Spare the Air day in the Bay Area. Public transit on most (all?) of the local public transit providers is free. Even though we've got a bunch of solar panels providing some of our electricity, we've also turned off the lights in most common areas and turned up the temperature. (Don't worry, I'm not going to get hurt in the dark. We've got lots of windows, so it's not that dark.)
I like that Microsoft seems to be doing a lot to be a more environmentally-friendly company. Aside from the solar panels here, we do a massive amount of recycling. Microsoft gives me commuter cheques to encourage me to take the bus. There's carpool incentives. Thanks, guys, for being a good corporate citizen.
In a previous post, I revealed that my favourite MacBU code name was Taco Cat. None of you guys rose to the bait to make any guesses about what it could be! Oh, readers, how disappointed I am in you! Le sigh. I've been let down by the nameless faceless Internet.
Taco Cat was the code name for Virtual PC 7. Why? Astute readers might have noticed that this code name is a palindrome. The geek joke here is that VPC is itself a palindrome because it has to go between big endian and little endian.
For an amusing couple of minutes, you can read this list of palindromes. Some of them aren't appropriate for code names, especially that one about Tulsa.
And while I'm making with the linky today, here's another one: the fake Leopard screenshot contest.
My favourite fake so far is the Leopard on a touchscreen iPod (good choreography with a video on a current iPod).