IRC user interface idea

Don’t you know this problem?

You are connected to some amount of IRC servers and you are watching a certain amount of channels.

Every IRC client I know either uses tabs or windows to separate these channels in their own context, usually providing some visual clue if there was activity in a different channel you are not currently watching.

While this metaphor probably makes a lot of sense in very busy channels, I think that consolidating every channel into one single window probably is a much better way for you to follow what’s going on and to talk back to the channels – especially when you are watching lesser populated channels.

This frees you from the burden of constantly switching channel windows (or tabs) to see what is going on.

Let’s say you are connected to irc1.example.com and irc2.example.com. On irc1, you are connected to #channel1a and #channel1b and on irc2, you are connected to #channel2a

Now, to my knowledge, every current IRC client either uses three windows or three tabs (maybe even 5 windows/tabs because the server themselves get a window too) to represent this information. In window based clients, you can arrange all of them aside of each other, but talking to a certain channel still forces you to focus different windows.

Now with my idea, you would consolidate these channels. You would only get one window which contains all the messages from all channels.

So in the simplest incarnation, you’d probably see something like this in your chat window:

1) irc1/#channel1a [user1aa]> hi there!
2) irc1/#channel1b [user1a]> hi there!
1) irc1/#channel1a [user1ab]> hi user1aa
3) irc2/#channel2a [user2aa]> hi folks!

though you would probably understand much more easily what’s going on if the server-, channel- and user names were a bit more… well… distinct.

Of course, you could add color. You assign each channel a color, like this:

1) irc1/#channel1a [user1aa]> hi there!
2) irc1/#channel1b [user1a]> hi there!
1) irc1/#channel1a [user1ab]> hi user1aa
3) irc2/#channel2a [user2aa]> hi folks!

and if you need to, you can still color nicks.

1) irc1/#channel1a [user1aa]> hi there!
2) irc1/#channel1b [user1a]> hi there!
1) irc1/#channel1a [user1ab]> hi user1aa
3) irc2/#channel2a [user2aa]> hi folks!

Now… how to talk back?

Easy. Every channel is assigned a number for quick access. Just type /[channel number] to switch to that channel and type, then hit enter. The channel you last talked to is predefined and sticks around until you hit /[another channel number].

This feels so much an easier and more intuitive way to handle multiple connections, especially in cases where the channels you are joined are not too active, as in this way, you can easily watch everything that is going on.

Also, usually, discussions happen in intervals in different channels. You will only very rarely see the color concert I’ve shown above as usually, you have a discussion going on in one channel while the others are relatively quiet.

I’ll probably have to go and implement a proof-of-concept sometime in the future, but this feels like such a nice idea when just looking at it. Why is nobody doing it? What am I missing?

Automatic language detection

If you write a website, do not use Geolocation to determine the language to display to your user.

If you write a desktop application, do not use the region setting to determine the language to display to your user.

This is incredibly annoying for some of us, especially for me which is why I’m ranting here.

The moment Google released their (awful) German translation for their RSS reader, I was served the German version just because I have a Swiss IP address.

Here in Switzerland, we actually speak one of three (or four, depending on who you ask) languages, so defaulting to German is probably not of much help for the people in the french speaking part.

Additionally, there are many users fluent in (at least reading) English. We always prefer the original language if at all possible because generally, translations never quite work. Even if you have the best translators at work, translated texts never feel fluid. Especially not when you are used to the original version.

So, Google, what were you thinking to switch me over to the German version of the reader? I have been using the English version for more than a year, so clearly, I understood enough of that language to be able to use it. More than 90% of the RSS feeds I’m subscribed to are, in fact, in English. Can you imagine how pissed I was to see the interface changed?

This is even worse on the iPhone/iPod frontend, because, there, you don’t even provide an option to change the language aside of manually hacking the URL.

Or take desktop applications. I live in the German speaking parts of Switzerland. True. So naturally I have set my locale settings to Swiss German. You know: I want to have the correct number formatting, I want my weeks to start on Mondays. I want the correct currency. I want my 24 hours clock I’m used to.

Actually, I also want the German week and month names, because I will be using these in most of my letters and documents, which are, in fact, German too.

But my OS installation is English. I am used to English. I prefer English. Why do so many programs insist to use the locale setting to determine the display language? Do you developers think it’s funny to have a mish-mash of languages on the screen? Don’t you think that me using an English OS version may be an indication that I do not want to read your crappy German translation alongside the English user interface of my OS?

Don’t you think that it feels really stupid to have a button in a German dialog box open another, English, dialog (the first one is from Chrome, the one that opens once you click “Zertifikate verwalten” (Manage certificates) is from Windows itself)?

In Chrome, I can at least fix the language – once I found the knob to turn. At first, it was easier for me to just delete the German localization file from the chrome installation because, due to being completely unused to German UIs, I was unable to find the right setting.

This is really annoying and I see this particular problem being neglected on an incredibly large scale. I know that I am a minority, but the problem is so terribly easy to fix:

  • All current browsers send an Accept-Language header. In contrast to the earlier times, nowadays, it is actually correctly preset in all the common browsers. Use that. Don’t use my IP-address.
  • Instead of reading the locale setting in my OS, ask the OS for its UI language and use that to determine which localization to load (actually, this is the recommended way of doing things according to Microsoft’s guidelines at least since Windows XP which was 2001).

Using these two simple tricks, you help a minority without hindering the majority in any way and without additional development overhead!

Actually, you’ll be getting away a lot cheaper than before. GeoIP is expensive if you want it to be accurate (and you do want that. Don’t you?), whereas there are ready-to-use libraries to determine the correct language even from the most complex Accept-Language-Header.

Asking the OS for the UI language isn’t harder than asking it for the locale, so no overhead there either.

Please, developers, please have mercy! Stop the annoyance! Stop it now!

Why is nobody using SSL client certificates?

Did you know that ever since the days of Netscape Navigator 3.0, there is a technology that allows you to

  • securely sign on without using passwords
  • allow for non-annoying two-factor authentication
  • uniquely identify yourself to third-party websites without giving the second party any account information

All of this can be done using SSL client certificates.

You know: Whenever you visit an SSL protected page, what usually happens is that your browser checks the identity of the remote site by checking their certificate. But what also could happen is that the remote site could check your identity using a previously issued certificate.

This is called SSL client side certificate.

Sites can make the browser generate a keypair for you. Then they’ll sign your public key using their private key and they’ll be able to securely identify you from then on.

The certificate is stored in the browser itself and your browser will send it to any (SSL protected) site requesting it. The site in turn could then identify you as the owner of the private key associated to the presented certificate (provided the key wasn’t generated on a pre-patch Debian installation *sigh*).

The keypair is bound to the machine it was generated on, though it can be exported and re-imported on a different machine.

It solves our introductory three problems like this:

  • by presenting the certificate, the origin server can identify you. No need to enter a user name or a password.
  • By asking for a password (something you know) and comparing the SSL certificate (something you have), you get cheap and easy two factor authentication that’s a lot more secure than asking for your mothers maiden name.
  • If the requesting party in a three-site scenario knows your public key and uses that to request information from a requested party, you, can revoke access by this key at any time without any of the parties knowing your username and password.

Looks very nice, doesn’t it?

So why isn’t it used more often (read: at all)?

This is why:

Picture underlining the

The screenshot shows what’s needed to actually have a look at the client side certificates installed in your browser, which currently is the only way of accessing them. Let’s say you want to copy a keypair from one machine to another. You’ll have to:

  1. Open the preferences (many people are afraid of even that)
  2. Select Advanced (scary)
  3. Click Encryption (encry… what?)
  4. Click “View Certificates” (what do the other buttons do? oops! Another dialog?)
  5. Select your certificate (which one?) and click “Export” (huh?)

Even generation of the key is done in-browser without feedback by the site requesting the key.

This is like basic authentication (nobody uses this one) vs. forms based authentication (which is what everybody uses): It’s non-themeable, scary, modal and complicated.

What we need for client side certificates to become useful is a way for sites to get more access to the functionality than they currently do: They need information on the key generation process. They should allow the user to export the key and to re-import it (just spawning two file dialogs should suffice – of course the key must not be transmitted to the site in the process). They need a way to list the keys installed in a browser. They need to be able to add and remove keys (on the user’s request).

In the current state, this excellent idea is rendered completely useless by the awful usability and the completely detached nature: This is a browser feature. It’s browser dependent without a way for the sites to control it – to guide users through steps.

For this to work, sites need more control.

Without giving them access to your keys.

<divpInteresting problem. Isn’t it?</p>

Broken by design

The concept sounds nice: To control all the various remote controllable devices you accumulate in your home cinema, why not just use one programmable remote? With enough intelligence, I would even be able to do much more than provide some way of switching personality.

I mean: Press one button and you have a remote for your receiver, press another and it’ll be for your media center, but losing its receiver functionality.

Why not put it in “Media Mode” where it controls the volume by sending commands the receiver understands while still providing full navigation support for your media center.

Logitech’s Harmony family promises to provide that functionality.

Unfortunately, it’s broken by design as

  • it tries to be intelligent while it is completely stupid. For example, I can add a “Music Player”-Functionality, with the intention of it sending commands to a Squeezebox, but as soon as you add a media center, it insists to use that to play music without a way to change that.
  • The web based programming interface is awful. It forces you through multi step assistants, each time reloading the (ugly) pages, asking questions which could easily be placed on one screen.
  • It only works on Mac and Windows (no Linux support)

Especially the first point rendered this interesting concept completely unusable for me.

Now, Engadget just had an article about project Concordance, a free software project allowing to access the functionality (the whole functionality) from any UNIX machine using a command line tool, while also providing a library (with Perl and Python bindings) for us to write a useful GUI for.

I can’t wait to try this out as this easily circumvents the awful UI and may actually provide me with means to make Harmony work for my setup.

Also, it’s a real shame to see a very interesting project be made completely unusable by bad UI design.

reddit’s commenting system

This is something I wanted to talk about for quite some time now, but I never got around to it. Maybe you know reddit. reddit basically works like digg.com – it’s one of these web2.0 mashup community social networking bubble sites. reddit is about links posted by users and voted for by users.

Unlike digg, reddit has an awful screen design and thus seems to attract  a bit more mature crowds than digg does, but lately it seems to be taken over by politics and pictures which devalues the whole site a bit.

What is really interesting though is the commenting system. In fact, it’s interesting enough for me to write about it and it works well enough for me to actually post a comment there here and then. It’s even good enough for me to be sure that whenever I will be in the situation to design a system to allow users to comment on something that I will have a look at what reddit did and I will model my solution around that base.

There are so many commenting systems out there, but all fail in some regards. Either they disturb your reading flow, making it too difficult to post something. Or they either hide comments behind a foldable tree structure or they display a flat list making it difficult to see any kind of threading going on.

And once you actually are interested in a topic enough to post a comment or a reply to a comment, you’ll quickly lose track of the discussion which gets as quickly buried by newly arriving posts.

reddit works differently.

First, messages are displayed in a threaded, but fully expanded view, thus allowing to skip over content you are not interested in while still providing all the overview you need. Then, posting is done inline via some AJAX interface. You see a comment you want to reply to, you hit the reply link, enter the text and hit "save". The page is not reloaded, you end up just where you left off.

But what good is answering to a comment if the initial commenter quickly forgets about his or her comment? Or if he or she just plain doesn’t find her comment again?

reddit puts all direct replies to any comments you made into your personal inbox folder. If you have any of these replies, the envelope to the top right will light up red allowing you to see newly arrived replies to your comments. With one click, you can show the context of the post you replied to, your reply and the reply you got. This makes it incredibly easy to be notified when someone posted something in response, thus keeping the discussion alive, no matter how deeply it may have been buried by comments arriving after yours.

So even if reddit looks awful (one gets used to the plain look though), it has one of the best, if not the best online discussion systems under its hood and so many other sites should learn from that example. It’s so easy that it even got me to post a comment here and then – and I even got replies despite not obviously trolling (which usually helps you get instant-replies, though I don’t recommend this practice).

The new iPods

<p>So we have new iPods.</p> <p>Richard sent me an email asking which model he should buy which made me begin thinking whether to upgrade myself. Especially the new touch screen model seemed compelling to me – at first.</p> <p>Still: I was unable to answer that email with a real recommendation (though honestly, I don’t think it was as much about getting a recommendation than about to letting me know that the models were released and to hear my comments about them) and still I don’t really know what to think.</p> <p>First off: This is a matter of taste, but I hate the new nano design: The screen still is too small to be useful for real video consumption, but it made the device very wide – too wide, I think, to be able to comfortably keep it in my trousers pockets while biking (I may be wrong though).</p> <p>Also, I don’t like the rounded corners very much and the new interface… really… why shrink the menu to half a screen and clutter the rest with some meaningless cover art which only the smallest minority of my files are tagged with.</p> <p>Coverflow feels tucked onto the great old interface and looses a lot of its coolness without the touch screen.</p> <p>They don’t provide any advantage in flash size compared to the older nano models and I think the scroll wheel is way too small compared to the large middle button.</p> <p>All in all, I would never ever upgrade my second generation nano to one of the third generation as they provide no advantage, look (much) worse (IMHO) and seem to have a usability problem (too small a scroll wheel)</p> <p>The iPod classic isn’t interesting for me: Old style hard drives are heavy and fragile and ever since I bought that 4GB nano a long while ago, I noticed that there is no real reason behind having all the music on the device.</p> <p>I’m using my nano way more often than I ever used my old iPod: The nano is lighter and I began listening to podcasts. Still: While I lost HD-based iPods around every year and a half due to faulty hard drives or hard drive connectors, my nano still works as well as it did on the first day.</p> <p>Additionally, the iPod classic shares the strange half-full-screen menu and it’s only available in black or white. Nope. Not interesting. At least for me.</p> <p>The iPod touch is interesting because it has a really interesting user interface. But even there I have my doubts: For one, it’s basically an iPhone without the phone. Will I buy an iPhone when (if) it becomes available in Switzerland? If yes, there’s no need to buy the iPod Touch. If no, there still remains that awful usability problem of touch-screen only devices:</p> <p>You can’t use them without taking them out of your pocket.</p> <p>On my nano, I can play and pause the music (or more often podcast) and I can adjust the volume and I can always see what’s on the screen.</p> <p>On the touch interface, I have to put the screen to standby mode, I can’t do anything without looking at the device and I think it may be a bit bulky all in all.</p> <p>The touch is the perfect bathtub surfing device. It’s the perfect device to surf the web right before or after going to sleep. But it’s not portable.</p> <p>Sure. I can take it with me, but it fails in all the aspects of portability. It’s bulky, it can’t be used without taking it out of your pocket and stopping whatever you are doing, it requires two hands to use (so no changing tracks on the bike any more) and it’s totally useless until you manually turn the display back on and unlock it (which also requires two hands to do).</p> <p>So: Which device should Richard buy? I still don’t know. What I know is that I will not be replacing my second generation Nano as long as it keeps working.</p> <p>The Nano looks awesome, works like a charm and is totally portable. Sure. It can’t play video, but next to none of my videos actually fits the requirement of the video functionality anyways and I don’t see myself recoding already compressed content. That just takes an awful lot of time, greatly degrades the quality and generally is not at all worth the effort.</p>

Vista preloaded

Today I had the dubious “pleasure” of setting up a Lenovo Thinkpad R60 with Vista Business Edition preloaded.

We just needed to have a clean Vista machine to test components of our PopScan solution on and I just didn’t have the disk space needed for yet another virtual machine.

I must say that I didn’t look forward to the process. Mainly because I hated the OEM installation process under XP. Basically, you got an installation cluttered with “free” “feature enhancments” which usually were really bad-looking if provided from the hardware manufacturer or nagged the hell out of you if it were trial releases of some anti virus program or something else.

Ever since I’m setting up windows machines for personal use, my policy has been to wipe the things clean and install a clean windows copy on them.

With this background and the knowledge that just for testing purposes the out-of-the-box installation would do the trick, I turned on that R60 machine.

The whole initial setup process was very pleasant: It was just the usual Windows Setup minus the whole copying of files process – the installation started with asking me what language and what regional settings to use and it actually guessed the keyboard settings right after setting the location (a first! Not even apple can do that *sigh*).

Then came the performance testing process as we know it from non-oem-preinstalled installations.

Then it asked me for username and provided a selection of background images.

I really, really liked that because usually the vendor provided images are just crap.

The selection list even contained some Vista-native images and some Lenovo images – clearly separated.

The last question was a small list of “additional value-add products” with “No thank you” preselected.

You can’t imagine how pleased I was.

up until what came after.

The system rebooted and presented me with a login screen to which I gave the credentials I provided during the setup process.

Then the screen turned black and a DOS command prompt opened. And a second, though minimized.

The first two lines in that DOS prompt were

echo "Please wait"
Please wait

I can understand that Lenovo wanted to get their machines out and that they may be willing to sacrifice a bit of Vista’s shinyness. But they obviously even lack the basic batch-knowledge of using “@echo off” as the first command in their setup script thus ruining the unpleasantness of the installation even more.

But wait… it’s getting worse…

The script ran and due to echo being on displayed the horrors to me: ZIP-File after ZIP-File was unpacked into the Application Data folder of the new user. MSI-File after MSI-File was installed. All without meaningful progress report (to a non-techie that is).

Then some Lenovo registration assistant popped up asking me all kinds of personal questions with no way to skip it, but the worst thing about it was the font it used: MS Sans Serif – without any font smoothing. This looked like Windows 98, removing the last bit of WOW from Vista ( :-) ).

Then it nagged me about buying Norton Internet Security.

And finally it let me to the desktop.

And… oh the horror:

  • My earlier choice of background image was ignored. I was seeing a Lenovo-Logo all over the place.
  • On the screen was a Vista-Builtin-Assistant telling me to update the Windows Defender signatures. It looked awful. Jaggyness all over the place: Clear Type was clearly off and the default font of windows looks aful without ClearType.
  • It’s impossible for a non-techie to fix that ClearType thing as it’s buried deep in the Control Panel – it’s supposed to be on and never to be touched by normal users.
  • On the Notification Area were three icons telling me about WLAN connectivity: Windows’ own, the Think Pad driver’s and the one of the ThinkVantage Network Access tool (the last one has a bug, btw, it constantly keeps popping up a balloon telling me that it’s connected. If I close it, it reopens 30 seconds later).

I didn’t do anything to fix this, but quickly joined the machine to the domain in the hope that logging in to that would give me the Vista default profile.

But no: Another MSI-installer and still no ClearType

It’s a shame to see how the OEMs completely destroy everything Microsoft puts into making their OSes look and feel “polished”. Whatever they do, the OEMs succeed at screwing up the installations.

This is precisely where Apple outshines Windows by far. If you buy a computer by apple, you will have software on it that was put there by Apple, made by Apple, running on an OS made by Apple. Everything is shiny and works out of the box.

Microsoft will never be able to provide that experience to their users as long as OEMs think they can just throw in some crappy made installation tools that destroy all the good experience a new user could have with the system. From scary DOS prompts over crappy (and no longer needed) third party applications to completely crappy preconfiguration (I could *maybe* let that ClearType thingie pass IF they’d chosen a system font that was actually readable with ClearType off – this looked worse than a Linux distribution with an unpatched Freetype).

PC OEMs put no love at all into their products.

Just sticking a Windows Vista sticker on it isn’t brining that “WOW” to the customers at all.

Microsoft should go after the OEMs and force them to provide clean installations with only a minimal amount of customization done.