Category Archives: Code and Tech

Facebook (Probably) Didn’t Expose Your Private Messages. It Just Made a UI Mistake.

Leave a reply

Most folks have probably seen some blog post or story warning them that Facebook has exposed their private messages from 2010 and before on their public timeline, which Facebook denies of course. And Facebook is (probably) right — what you’re really seeing are old wall posts that you thought were private. That’s not much solace to some Facebook users though, who — based on the message content — insist that the messages *must* have been private.

Here’s what I think really happened.

Facebook used to have a wall-to-wall feature, which showed the wall posts between you and your friend in a back-and-forth conversation format. It looked sort of like this. Or this. Because this layout looks very similar to how messages work in Facebook, people treated wall-to-wall the same way they treat private messaging. But as the name suggests, wall-to-wall posts actually go on your (very public) wall. The wall-to-wall feature was removed in late 2010. Coincidentally, people are only reporting private messages on their timeline for 2010 and earlier.

That’s not to say there hasn’t be a privacy snafu. There absolutely is. Regardless of whether they’re wall posts or PMs, old embarrassing messages on your Timeline are still embarrassing. And if that bothers you, you should hide them.

But the cause of this privacy breach isn’t some Facebook engineer inadvertently flipping the privacy bit in the FB database. It’s really a UI / design problem, or more specifically, a divergence between Facebook’s model of users behave and the user’s mental model of how Facebook behaves. Two divergences really.

The first is the aforementioned wall-to-wall issue. From Facebook’s perspective, two users were posting on each other’s public walls. But from the user’s standpoint, based on the visual cues presented to them, they were engaging in a private conversation.

The second is Timeine itself. Timeline exposes old, possibly-private and sensitive information. Again, this is because of a divergence between mental models. For Facebook, the question of whether something is public is a binary decision. When the server receives a request for some particular information, it either provides it or it doesn’t.

But for many Facebook users, public really means accessible. And accessibility isn’t quite so binary. Prior to Timeline, sifting through old messages was time-consuming and difficult (it still is in a way). So by the time an old wall post was buried several months in the past, it may still have been public (as Facebook understood it), but it was relatively inaccessible. Timeline changed the accessibility of old information, and combined with the earlier wall-to-wall issue, we ended up with a huge chunk of Facebook users thinking their private messages were exposed (and in a way, they were).

Some final takeaways / questions:

Don’t trust your memory. When it comes to technology, what matters is what the technology thinks is true, not what you remember as true. As the Wall-to-Wall issue shows, poor UI design can affect how people perceive things are happening on the backend. In this case, if you still think there’s a PM on your timeline, the easiest way to verify this is to cross-reference it against your email archives (if you have your email archived that far back and you had e-mail notifications turned on). Until recently, Facebook would send a separate e-mail for wall posts and private messages. If it’s a private message, the e-mail will say so. And you should notify Facebook, because that’s a huge $#@&-up.

Privacy is often a design problem. Same with security. Or really anything else whether the error exists between keyboard and chair.

How do you resolve old UI mistakes? Facebook was almost certainly aware that many wall posts were intended to be private, despite being marked public. But because of the mis-marking, there’s no easy way to identify what user intent actually was for many of these messages. So what’s the proper response? This actually reminds me of the 2000 election in which many Gore voters likely inadvertently voted for Buchanan. But at least some of those Buchanan voters actually intended to vote for Buchanan, and there’s no easy way to tell who intended what, short of a re-vote. So what’s the fair thing to do here?

How do you roll out new paradigms with old data? Start-ups are all about rapid growth and change. Lots of iterations. The occasional pivot. The problem is this can look a lot like a bait-and-switch. Users may provide a company private information based on implicit assumptions on how that data is being used. And indeed, the company may share those assumptions, at least initially. But start-ups often to change course. Sometimes those changes may seem slight from the start-up’s perspective but strongly conflict with the user’s assumptions about how the data is handled. In such case, what’s the best way for a start-up to handle that?

 

Changes in the Legal Market

1 Reply

Jotting down some rough thoughts on how new tech + more lawyers affects different parts of the legal market (apologies for typos):

Big Law

Large firms catering to large corporations, or more accurately, well-known partners catering to large corporations. Presumably, number of large corporations isn’t increasing relative to number of lawyers. Also, number of big law firms and well-known partners increase slowly because of the big law feedback loop — i.e. the only way you get to be a big firm is if you win big cases, and the only way you get big cases is by already being a big firm.

So for big law, your underlying demand (corporations) remains untouched. And your underlying supply (firms) is the same. But that doesn’t mean no change. More law students = more competitive to get a big law job. Effect of new technology — productivity per lawyer increases, and since caseload is fixed, lawyers per firm drops. You could argue that firms might hire more lawyers and ask them to do less work for less salary. But that’s unlikely — there are fixed costs per lawyer — HR, office space, etc. So firms are likely to hire fewer lawyers, but require higher productivity (ugh). And you’ll see the price tag for big law drop, although this will be the result of fewer hours billed rather than a lower hourly billing rate (assuming we don’t nix the hourly system altogether).

Solo Practitioner

Difference story for people hanging out a shingle. Supply is more closely linked to number of lawyers rather than number of firms, so legal costs should go down more dramatically. But this also depends on the nature of the legal services offered.

If you’re offering services with minimal court or client interaction — e.g. helping a small business owner incorporate, filing basic wills, drafting run-of-the-mill employment contract, etc. — technology works to your advantage. These things scale well. You have to charge a lower price per client, but you can also cater to more clients, so it’s a net wash. And if you’re sufficiently entrepreneurial, you can also seek out “underserved” clients, thereby expanding the market. For example, I normally wouldn’t pay a lawyer to review the purchase agreement for a new car. But suppose I could use my smartphone to snap a photo of the agreement and e-mail it to a lawyer. Normally, it’d take the lawyer an hour to review the entire contract, but by using pattern-recognition software to highlight unusual terms, she can send back her analysis of the contract in 15 minutes at a total cost of $100. I don’t know about you, but if it’s a $10K+ car, that seems reasonable.

On the other hand, if you’re dealing with legal services that require more interaction with people — e.g. child custody fights, criminal defense, landlord/tenant, etc. — then life is rough. New tech may help you do legal research or fill out forms faster, but it doesn’t do much to speed up interviewing a client or appearing in court. And you still have more competition, so you can’t charge as much as you used to.

Ethics

Some of this stuff poses an ethics problem as well. In order to compensate for the lower income-per-client, a lot of lawyers are going to take on more cases. To some extent, it’s great that more clients are able to get legal services at lower cost. But a lot of these lawyers are also going to take on more cases than they handle. And when it comes to stuff like child custody or criminal defense, that’ll get ugly. If it’s one thing that law school should teach, it’s time and case management.

Thoughts on Instagram

Leave a reply

I’m not entirely sure why Facebook bought Instagram for $1 billion. It doesn’t solve a personal pain point. But someone asked me about the deal, so … here we go.

Instagram’s user value is instant gratification:

  • The time I most to want to share a photograph with friends is right after I take it. If I have to interact with other apps on my phone, or (heaven forbid) upload the pictures to my computer, photo sharing becomes less fun and more chore. Or I’m just going to forget to upload / send the photo to my friends. Instagram makes it easy to share the picture immediately, all within one app.
  • It’s hard to take a good photo on a phone — even if the phone has high quality camera, the phone may be shaped awkwardly, hands are unsteady, etc. Instagram’s filters quickly makes photos “acceptable” for sharing. Of course, I could edit the photo in a photo-editing app on my laptop, but that means I can’t share my photo right away.
  • Likewise, let’s say you take a photo of your friends and it’s sort of “meh”. Should you take another photo or is this fixable with some Photoshop filters? You can’t ask your friends to hang around while you fool around with Photoshop. On the other hand, Instagram lets you know right away.
  • Instant gratification generates positive feedback loops. If you take a photo and Instagram makes it look awesome, you’ll want to take another photo. You’ll also want to share it. Sharing makes the Instagram community seem more active, which attracts new users. It also makes existing users want to come back and check for new content.

Continue reading

Google vs. Microsoft

3 Replies

Building Windows 8 is quickly becoming one of my favorite blogs to follow.

I probably won’t agree with all of UI choices being made with Windows 8, and I’m sure I’ll have plenty to gripe about when it finally comes out. But the one thing you get from Windows 8 blog is that Microsoft spends a lot of time thinking about their UI choices and trying to make their users happy. For example, the team uses a good chunk of this blog post to explain concepts like Fitts’ Law and minimizing the amount of time to launch an app. Arguably, some of the “big picture” stuff gets lost with this attention to very specific metrics. But you get the sense that a lot of care is going into Microsoft’s Windows 8 UI.

Contrast this to Google’s new UI changes.

One of the most atrocious implementations of the Google’s new gray, black, and red theme is the new Google Reader. I’ll defer to criticism from folks more familiar with the product. But suffice to say, the new Google Reader redesign raises the question of whether anyone on the team actually put the product in front of real people.

I remember stories about how how Google conducted massive amounts of AB testing on even tiny changes to the interface. Engineers would analyze each extra link on google.com or use of a different shade of blue. Guess that’s not being applied across the board.

I get the impression that Google’s UI team really wants to be like Apple. Like there’s some creative overlord that just imposes “freshness” and “good taste” across each of Google’s products in a consistent manner. Well, I don’t know how Apple works. But whatever it does, Google’s doing a piss poor job at imitating it.

Remove Notes from Powerpoint (PPTX)

28 Replies

PowerPoint lets you add notes to each slide that are not visible when you play your PowerPoint as a slide show. Let’s say you want to remove all of those notes — e.g. so you can distribute the PowerPoint file — and don’t want to manually remove this all by hand.

If you’re using one of the newer versions of PowerPoint on a PC, this is straight-forward enough. You just pull up the Document Inspector and tell it to remove notes, along with other possibly sensitive metadata. Here’s how to do it in PowerPoint 2007 and PowerPoint 2010.

But let’s say you’re using a Mac. As far as I can tell, there’s no way to remove notes in PowerPoint for Mac 2011 (if there’s a way to do it, please let me know in the comments). You may be able to use some VBScript macros, but explaining scripting to someone with little technical experience can be difficult.

Continue reading

Faux Physical Surfaces Suck

1 Reply

<rant>

Here’s a screenshot of the iPad calendar, courtesy of GigaOM.

It’s a small nitpicky thing of mine, but Apple’s UI decisions here annoy the heck out of me. Note how they’re using the brown to give off the appearance of an actual calendar, something physical that people can grab and manipulate.

Hogwash I say.

First, it’s half-assed. Apple prides itself on delivering a complete UI experience, but seriously, this UI here?  It clashes with the rest of the iPad UI, unless real calendars have black floaty selection boxes hovering over them. Or have buttons and search boxes built into them. It looks like they thought of a more traditional computer UI first, with all the buttons and what not, and then slapped on this layer of velvety brown physicalness. That’s half-assed.

Second, it’s pointless. The velvety brown look isn’t more intuitive. It’s the exact same UI you would use on a computer, except it looks more physical. I guess that invites me to touch it, but really, do I really need a cue to touch the iPad?

Third, it’s ugly. Seriously, Apple has this steel, chrome, elegant look down. iPads are supposed to be shiny. The last thing it needs is brown.

</rant>

Get rid of credit card numbers

2 Replies

Short Version

Credit card companies should switch to a PayPal-like system for online payments, and use “blank” cards (no number visible to the human eye) for offline payments.

Long Version

As Sony restores service to its network after the possible theft of millions of credit card numbers, I wish people would start asking one simple question: Why do we need credit cards numbers?

By this, I don’t mean, why do we need lines of credit? That’s a question for the economists. I’m simply asking why we need some 16-digit number (plus an expiration date and 3-digit “security code”) that people can use to magically make you owe money. It’s an inherently insecure system.

I tried to split a bill once by asking my friends to let me swipe their cards using Square. For those who don’t know, Square is a little credit card reader that you can use with most modern smartphones. My friends were nervous about the security implications of me initiating a transaction with their credit cards on my phone. My response: If I really wanted to steal their credit card info, I would just memorize the number while it’s sitting on the table in front of me. Second response: Everyone seems quite OK with handing their card over to the underpaid high school student waiter.

The problem is that a credit card number is supposed to be a “secret”, but it’s one we frequently share with all sorts of random strangers. So what’s the alternative? Use a different “number” for every transaction, like PayPal does.
Continue reading

A Long AT&T Rant

2 Replies
Courtesy of XKCD

Licensed by Randall Munroe under a Creative Commons Attribution 2.5 Noncommercial License

I’m pretty sure a monkey must have designed AT&T’s sales and tech support system. That’s not to say that the actual staff are monkeys — they’re perfectly nice people trying their best, but at the end of the day, they can only do whatever their sales / tech support computer software lets them do. Basically, I’m saying the engineers who designed this entire system were monkeys.

Or at the very least, their managers were.

But first, the beginning of this story: Back in April or May or so, I decided to switch from Comcast to AT&T for Internet service — mostly because I was pissed off about how they were raising my bill by $1 each month. The bills, of course, provided no helpful hints about why the amount kept going up. Yes, I could’ve just called Comcast and contested it, but I wasn’t keen to get into a pissing match with Comcast over $1. So I decided to dump the bastards altogether and switch to the only other game in town — AT&T.

Continue reading

Tort Bunnies is Now Accessible to the Blind

2 Replies

Tort Bunnies is now accessible to the visually impaired and anyone else using a screen reader, or at very least, a little less annoying to navigate than before. For those not in the know, the blind can use software that reads web-content aloud to navigate the web. Naturally, this breaks down with certain graphical elements, like web-comic images. I’ve had transcripts of all the comics hidden on the site for a while now for search engines to index, but they weren’t all that inviting to people using screen readers. Some issues that I’ve fixed:

  • The transcript used to include things like “—–” to separate panels of the comic. Screen-readers, however, read this as “dash dash dash dash dash,” which I imagine gets really annoying over time. That’s been replaced with the phrase “next panel.”
  • The transcripts were not clearly marked, and in order to get there, a screen reader would have to jump past the image, notes, and all sorts of markup before getting to the transcript. There is a now a hidden link near the beginning of the page that allows screen-readers to jump straight to the transcript.
  • The alt text and title text were mixed up. They’re separated now.

There are still minor things here and there that might annoy people using screen-readers of course. For example, I use the « and » symbols in a few places as “arrows” pointing left and right. Some screen readers will not read them as arrows however, but as “left double angle bracket” and “right double angle bracket.” I know that might be annoying, but I’m fan of how they look and given that they’re frequently used (see, e.g., Gmail), I think the burden here should actually be on the makers of screen-readers to come up a better textual description of that symbol.
Continue reading

Windows Phone 7 Series Apps

Leave a reply

Microsoft just announced the Windows Phone 7 Series. So yeah, they still need to work on naming, but folks seem legitimately excited about this.

Quick thoughts on the app experience: It looks as if it’s going to be way different than the iPhone. The iPhone treats applications as isolated silos. The home-screen is a nice metaphor for this — little self-contained boxes lined up in a grid. With the 7 Series, Microsoft seems to have put an awful lot of time into the home-screen and other “first impression” user experiences. My guess, and it’s only a guess, is that Microsoft’s goal is to treat apps less as isolated tidbits and things that modify the core user experience. That is, they’re going to be focusing heavily on things like unified inboxes, apps that modify the home-screen, etc.

This line of thought isn’t new. It’s basically what Palm was arguing with Synergy, but more relevantly, it’s what Microsoft used to sell the Xbox 360. 360 games are not just isolated worlds, but things that are integrated deeply with the Xbox 360 “OS”. All 360 games share a uniform gamer profile and Achievement system. They share the same friends list and use the same messaging system. “Virtual goods” are all purchased through the same Xbox Live Marketplace. There’s a level of vertical integration here that would make Apple jealous.

And now, hopefully, they’re bringing that to the phone. There are obviously a lot of risks here. People don’t necessarily think of apps that way post- (and maybe pre-) iPhone. Compared to a grid of apps, a more integrated UI also looks like it could get very confusing, very quickly (I personally find the 360′s dashboard to be somewhat unintuitive at times, even if it is pretty). It could also get messy (see MySpace).

Still, there is hope, and for once, people seem to be rooting for Microsoft.