My OperaHammering Screws with Wrenches
Sunday, July 13, 2008 12:45:00 AM
The development of information technologies sometimes looks like the eternal fight between Good and Reason. Whatever great technical solutions people invent, others always come up with creative ways to abuse them. I tried to compile a list of ten things surrounding today's regular computer user that are often misused, often to the harm of the user. The criterion was that the misuse should be so widespread that the very usefulness of the particular technology is questioned, and software authors develop technical means to restrict or disable its use. As it's a hit parade, I'll start from the end.
10. <meta name="keywords">. This HTML element was intended to list the keywords for the web page to help search engines find pages relevant to given keywords. Of course, some webmasters were so eager to advertise their sites, “helped” so much that a search for a popular keyword would bring you anything but what you were looking for. Since 1998, search engines started ignoring <meta name="keywords">. The last search engine still honoring the keywords finally gave up on them in 2002.
9. Quoting in e-mail. Quoting fragments of an e-mail when replying to it helps the reader match particular statements in the original message with replies to them. Because an e-mail application doesn't know which parts of the message the user is going to reply, it has no other choice but to begin with quoting the entire message and let the user remove unwanted parts. Those users who don't adhere to selective quoting as means of providing context, as well as those who don't know how to use it, leave the entire quotation intact. As a result, correspondence between two such users is an ever-growing chain containing all the messages they've previously sent each other. Some modern e-mail applications implement automatic hiding of quotations.
8. Windows desktop. The desktop was conceived as a place where the user can temporarily store documents and other files being worked on, shortcuts to often-used applications and other frequently used items. And that's what happens, but every other application somehow thinks it will (or should) be used often, and therefore it deserves a shortcut on the user's desktop. This kind of rubbish gets mixed with the really useful items, turning the desktop into a mess. One version of Windows introduced a new feature: Desktop cleanup wizard that tries to guess what on the desktop the user needs and what is actually rubbish.
7. Notification area of Windows taskbar. This area, often incorrectly referred to as system tray, is a good place for running programs to display their realtime status because it's always visible. Today's typical Windows user has about ten icons there and doesn't know what most of them are for. Those small applets do anything (their author wants): preload “their” application for quick launch, notify about updates, show ads — except for actually showing any kind of realtime status. In Windows XP, Microsoft implemented a solution as brilliant as treating appendicitis with painkillers: they hide the icons the user doesn't want to see instead of providing an easy way to identify and remove the offending rubbishware.
6. Automatic startup on Windows logon. Some programs, such as a keyboard layout switcher, really make sense to start automatically, but the possibility for a program to put itself into the automatic startup list is really appreciated by authors of adware, spyware and other evil programs. To make it worse, there are several such lists, and a typical user doesn't even know about most of them. Plenty of programs exist for cleaning those up. Surprising is the inaction of Microsoft who, despite their increased attention to security in Windows Vista, still allow programs to get comfortable in a startup list without the user knowing.
5. Word processing software. These applications were invented to make preparation of documents with prevailing text and no special requirements for typography easier than it is with desktop publishing programs. For many modern users, “word processor” has become synonymous with “text editor”, and the complex, heavy formats of word processors are now widely used to store, and, even worse, transfer any text at all. An extreme case is an empty e-mail message with a Microsoft Word file attached. Many mailing list servers automatically delete such messages or strip these attachments to avoid annoying the subscribers and wasting bandwidth. Here one can also mention using spreadsheets to keep and transfer simple lists without any calculations.
4. HTML e-mail. Emphasizing important parts of a message, marking up headers and creating hyperlinks are really useful features. I'd love to have them if only they didn't come bundled with the usability disaster of HTML in e-mail. Authors of e-mail software who implement HTML message composition seem to think that the point of HTML is that the user can specify the color, font and background for his e-mail. Instead of logical markup describing the structure of a message we got means of decoration so much loved by teenagers and advertisers but so much annoying for everyone else. To make it worse, images loaded by HTML messages from remove servers are often used by spammers to track who actually opens their e-mails. Though the idea was that the plaintext alternative would only be used by old e-mail clients that don't support HTML, all those clients which do still have an option to use the plaintext version instead of HTML.
3. Browser detection. All web browsers introduce themselves to servers, so that those can detect what browser the user has and serve an appropriately “optimized” version. I don't know where webmasters got that idea, but many of them decided that, since they “support” a particular set of browsers, everybody else should simply be denied access: apparently, no web page at all is better than a web page that possibly doesn't work. There is a number of ways to detect the browser, some of which are based on particular distinctive features to check for. All modern browsers can spoof themselves for more popular ones to avoid being denied service. Even the current market leader isn't an exception: during the first episode of the browser wars, they had to make Internet Explorer identify as “Mozilla 4.0 (compatible; MSIE …)”, and that's what it still does after ten years.
2. Pop-up web pages. Opening a web page in a pop-up browser window can be useful when viewing enlarged images in a photo gallery, online help on using a web service or a shopping cart. Yet the most popular use of pop-up windows is to display in-your-face advertisement. Most modern browsers either come with a built-in pop-up blocker or have an add-on for that purpose. These pop-up blockers have to be smart enough to guess which pop-ups are legitimate and which are advertising rubbish.
1. E-mail. E-mail, one of the most important today's communication means, is plagued by the most severe technology abuse problem. The volume of spam is estimated to be 85–90% of all e-mail transferred in the world. The total losses from spam, including lost productivity, wasted technical resources and measures for dealing with spam is an order of hundreds of billions of dollars per year, while the costs for spammers are laughable. Technical means for dealing with spam are diverse, but none of them is able to solve the problem completely. Spam makes the practice of publishing your e-mail address as a means of communication questionable. In fear of robots harvesting e-mail addresses from public web pages, many users avoid publishing their addresses on open message boards or mangle them, for example by replacing @ with “at”.
По-русски: Забивание шурупов гаечными ключами
10. <meta name="keywords">. This HTML element was intended to list the keywords for the web page to help search engines find pages relevant to given keywords. Of course, some webmasters were so eager to advertise their sites, “helped” so much that a search for a popular keyword would bring you anything but what you were looking for. Since 1998, search engines started ignoring <meta name="keywords">. The last search engine still honoring the keywords finally gave up on them in 2002.
9. Quoting in e-mail. Quoting fragments of an e-mail when replying to it helps the reader match particular statements in the original message with replies to them. Because an e-mail application doesn't know which parts of the message the user is going to reply, it has no other choice but to begin with quoting the entire message and let the user remove unwanted parts. Those users who don't adhere to selective quoting as means of providing context, as well as those who don't know how to use it, leave the entire quotation intact. As a result, correspondence between two such users is an ever-growing chain containing all the messages they've previously sent each other. Some modern e-mail applications implement automatic hiding of quotations.
8. Windows desktop. The desktop was conceived as a place where the user can temporarily store documents and other files being worked on, shortcuts to often-used applications and other frequently used items. And that's what happens, but every other application somehow thinks it will (or should) be used often, and therefore it deserves a shortcut on the user's desktop. This kind of rubbish gets mixed with the really useful items, turning the desktop into a mess. One version of Windows introduced a new feature: Desktop cleanup wizard that tries to guess what on the desktop the user needs and what is actually rubbish.
7. Notification area of Windows taskbar. This area, often incorrectly referred to as system tray, is a good place for running programs to display their realtime status because it's always visible. Today's typical Windows user has about ten icons there and doesn't know what most of them are for. Those small applets do anything (their author wants): preload “their” application for quick launch, notify about updates, show ads — except for actually showing any kind of realtime status. In Windows XP, Microsoft implemented a solution as brilliant as treating appendicitis with painkillers: they hide the icons the user doesn't want to see instead of providing an easy way to identify and remove the offending rubbishware.
6. Automatic startup on Windows logon. Some programs, such as a keyboard layout switcher, really make sense to start automatically, but the possibility for a program to put itself into the automatic startup list is really appreciated by authors of adware, spyware and other evil programs. To make it worse, there are several such lists, and a typical user doesn't even know about most of them. Plenty of programs exist for cleaning those up. Surprising is the inaction of Microsoft who, despite their increased attention to security in Windows Vista, still allow programs to get comfortable in a startup list without the user knowing.
5. Word processing software. These applications were invented to make preparation of documents with prevailing text and no special requirements for typography easier than it is with desktop publishing programs. For many modern users, “word processor” has become synonymous with “text editor”, and the complex, heavy formats of word processors are now widely used to store, and, even worse, transfer any text at all. An extreme case is an empty e-mail message with a Microsoft Word file attached. Many mailing list servers automatically delete such messages or strip these attachments to avoid annoying the subscribers and wasting bandwidth. Here one can also mention using spreadsheets to keep and transfer simple lists without any calculations.
4. HTML e-mail. Emphasizing important parts of a message, marking up headers and creating hyperlinks are really useful features. I'd love to have them if only they didn't come bundled with the usability disaster of HTML in e-mail. Authors of e-mail software who implement HTML message composition seem to think that the point of HTML is that the user can specify the color, font and background for his e-mail. Instead of logical markup describing the structure of a message we got means of decoration so much loved by teenagers and advertisers but so much annoying for everyone else. To make it worse, images loaded by HTML messages from remove servers are often used by spammers to track who actually opens their e-mails. Though the idea was that the plaintext alternative would only be used by old e-mail clients that don't support HTML, all those clients which do still have an option to use the plaintext version instead of HTML.
3. Browser detection. All web browsers introduce themselves to servers, so that those can detect what browser the user has and serve an appropriately “optimized” version. I don't know where webmasters got that idea, but many of them decided that, since they “support” a particular set of browsers, everybody else should simply be denied access: apparently, no web page at all is better than a web page that possibly doesn't work. There is a number of ways to detect the browser, some of which are based on particular distinctive features to check for. All modern browsers can spoof themselves for more popular ones to avoid being denied service. Even the current market leader isn't an exception: during the first episode of the browser wars, they had to make Internet Explorer identify as “Mozilla 4.0 (compatible; MSIE …)”, and that's what it still does after ten years.
2. Pop-up web pages. Opening a web page in a pop-up browser window can be useful when viewing enlarged images in a photo gallery, online help on using a web service or a shopping cart. Yet the most popular use of pop-up windows is to display in-your-face advertisement. Most modern browsers either come with a built-in pop-up blocker or have an add-on for that purpose. These pop-up blockers have to be smart enough to guess which pop-ups are legitimate and which are advertising rubbish.
1. E-mail. E-mail, one of the most important today's communication means, is plagued by the most severe technology abuse problem. The volume of spam is estimated to be 85–90% of all e-mail transferred in the world. The total losses from spam, including lost productivity, wasted technical resources and measures for dealing with spam is an order of hundreds of billions of dollars per year, while the costs for spammers are laughable. Technical means for dealing with spam are diverse, but none of them is able to solve the problem completely. Spam makes the practice of publishing your e-mail address as a means of communication questionable. In fear of robots harvesting e-mail addresses from public web pages, many users avoid publishing their addresses on open message boards or mangle them, for example by replacing @ with “at”.
По-русски: Забивание шурупов гаечными ключами
Julien Picalausajulienp # Monday, July 14, 2008 8:03:54 AM
I do not think that Microsoft has an easy solution out of that one, if they do not want to break compatibility (usually, they do not)
After all, a lot of applications make a genuinely good use of those three functionalities (and also ask the user about what they want) and giving them a penalty because of the ones that just force themselves upon the user.
Perhaps what Microsoft should do is have some kind of certification that, once acquired, would allow softwares to use those functionalities.
Ideally, that certification should be available for free and should rely on a simple inspection of whether or not what the application does is correct.
I doubt they would ever do such a thing, though.
Alexey Feldgendlerfeldgendler # Monday, July 14, 2008 9:25:48 AM
> After all, a lot of applications make a genuinely good use of those three functionalities
I could agree about the notification area, but definitely not about desktop. The desktop is for your favorite items. There's no way anyone but the user can decide whether a program is favorite, by definition of “favorite”. Especially at the time a new program is being installed and the user doesn't even know if they're going to like it.
A checkbox on one of the steps in the installation wizard, enabled by default, just isn't enough. Those checkboxes look more like a legal workaround, even though there's no applicable law, so that the author cannot be later accused of smuggling something in without user consent. (I remember the case of RealPlayer which had a list of such checkboxes on one of the steps, and that list required scrolling to get to the last couple of checkboxes, of course enabled by default.) The user can be tricked into agreeing to anything, so the only choice left is to make it impossible to install stuff on the desktop. Microsoft got it right at the third attempt, when the favorite program area in the new-style Start menu was finally made inaccessible programmatically. The same radical approach should apply to the root folder of the Start menu, Quick Launch, Desktop, browser favorites and homepage, and whatever other locations they usually abuse. You just can't trust applications to judge themselves which one is the most important and deserves a shortcut in e.g. Quick Launch because every application would nominate itself.
And please, no more certification racket. SSL certificates and driver signing are already enough of a trouble for anyone besides the big players. And I still don't get it how having bought a certificate would make someone eligible to put their application on the Desktop.
Julien Picalausajulienp # Monday, July 14, 2008 10:51:46 AM
It wouldn't be a problem if they were disabled by default. Applications with such options enabled by default should not be allowed to use the quick-launch/desktop/notification area or automatic startup, IMO.
>And please, no more certification racket.
Certification in itself isn't a bad thing, if it is done for free and based on objective criteria and entirely fair. The problem is that this is never the case in practice, which is why I said I doubt MS would do such a thing
Alexey Feldgendlerfeldgendler # Monday, July 14, 2008 11:02:45 AM
Except that you can never check whether the installer has asked any question at all, let alone what the default was.
> Certification in itself isn't a bad thing, if it is done for free and based on objective criteria and entirely fair.
Certification for *this* is a bad thing, because installing yourself on the desktop is always a bad thing. There's just no way that any application is eligible for doing this, regardless of whether the author has bothered to obtain a certificate. Only the user can decide that he likes the program and uses it often enough to have it on the desktop. It doesn't help if you ask because the user doesn't know that at the time of installation.
Julien Picalausajulienp # Monday, July 14, 2008 11:10:32 AM
Yes, but certifying an application in such a way that it is -allowed- to install itself on the desktop because you have ensured that it won't do it unless the user explicitly asked for it.
What it means is: "The application is trusted to set up its own shortcut on the desktop because we know that the installer has a checkbox for it that is disabled by default and it won't otherwise create a shortcut in any condition."
>Except that you can never check whether the installer has asked any question at all, let alone what the default was.
You can always run the installer in repair/customize mode. It can then prompt about whether you want to remove/add shortcuts.
The same functionality can also be provided from inside the application.
>It doesn't help if you ask because the user doesn't know that at the time of installation.
I often (Re)Install programs that I know already
Alexey Feldgendlerfeldgendler # Monday, July 14, 2008 11:28:26 AM
Microsoft could even encourage a common practice of displaying a draggable application icon, with a short hint explaining what it is, in the final (“congratulations”) step of the installation wizard. That icon could be dragged to the desktop, quick launch and wherever the user wants it.
Julien Picalausajulienp # Monday, July 14, 2008 11:57:06 AM
Then, you will always have some programs that should have the right to write shortcut files on the desktop. The obvious exemple is windows explorer itself, but probably not only. There are surely other applications out there that can be used in a legitimate way to manage the content of the desktop. So, since the infrastructure would be there anyway, why not use it?
As for displaying a draggable application icon, it would work for me, but depending on how it's implemented, it might still require to give the installer the right to write to the desktop (and the only way I can think of avoiding this right now would be overly complicated).
Alexey Feldgendlerfeldgendler # Monday, July 14, 2008 12:09:03 PM
BTW, here is where I could accept some kind of certification to be eligible for writing to the desktop. Just wanting to put yourself there wouldn't be enough; you'd be given that certificate if you're a backup, syncronization program, etc. However, I agree that a fair certification scheme wouldn't be feasible in practice.
AFAIK, in case of dragging a file object, actual writing to the desktop directory is the responsibility of the drop recipient (i.e. Windows Explorer).
Also, the icon solution on the last step would remove the need for a separate checkbox “run the application after installation” because that would be achieved by double-clicking the icon, the same familiar action the user normally performs on application icons.
Julien Picalausajulienp # Monday, July 14, 2008 1:24:22 PM
>The desktop was conceived as a place where the user can temporarily store documents and other files being worked on
>Yes, programs other than Windows components should be completely denied writing to the desktop directory.
I want my favorite text editor to be able to write to the desktop, when I save a file with it...
Alexey Feldgendlerfeldgendler # Monday, July 14, 2008 1:45:59 PM
BTW, the certification approach wouldn't work here, too, because every editor without a certificate would be unable to save a file to the desktop when told so by the user.
Julien Picalausajulienp # Tuesday, July 15, 2008 7:59:53 AM
The question is now: for those window managers (or however you call them), on Unix systems, that do provide a desktop, is there a mechanism to prevent applications to put themselves there at all?
Alexey Feldgendlerfeldgendler # Tuesday, July 15, 2008 8:20:36 AM
Theoretically, you could use SELinux rules to let only some programs write there (probably your desktop environment's file manager), but it doesn't really make much sense. The UNIX philosophy treats applications the user runs as extensions of his or her will. If you don't trust a program to do what you want, you'd better not run it (or run in a sandbox) because cluttering your desktop is the least evil an untrusted program can do.