This Place is Taken

Saturday, April 28, 2012

Should I Check E-Mail ?

Why I'm Sticking With Dropbox (Over Google Drive)

Why I'm Sticking With Dropbox (Over Google Drive):
There has been a massive build-up to the release of Google Drive, and while this new offering from the search giant was always going to be a big one, I firmly believe that there’s a really convincing argument why Dropbox is a better choice for storing your stuff online: privacy, and retaining rights over your content. I’m no lawyer, but you don’t have to be to understand why the implications of Google’s privacy policy are probably something you want to avoid.

What you’re giving Google when using Drive

Take a look at Google’s Terms of Service:
"Google Drive
Notice the highlighted portion that reads:
When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.
Do you really want to sign over a worldwide license to use, modify, create derivative works, and publicly display or distribute for every document you upload to Google? My guess is your answer is no.

Dropbox FTW

Now let’s see what Dropbox’s terms say.
"The Dropbox Terms"
Their stance essentially is the complete opposite of Google’s. Notice the highlighted portion in the above image which reads:
You retain full ownership to your stuff. We don’t claim any ownership to any of it. These Terms do not grant us any rights to your stuff or intellectual property except for the limited rights that are needed to run the Services, as explained below.
Bravo, Dropbox! Well done for choosing a stance that supports my rights and privacy. That’s the kind of attitude more businesses should take.

Conclusion

Make up your mind yourself, but for me I know I’ll be sticking with Dropbox unless something radical changes.
Enjoy this post? You should totally follow me on Twitter!

RSS will never die

RSS will never die:
This was supposed to be a post about translating a URL into a [good] RSS feed. After reading The War on RSS and some of the passionate debate it kicked off on HackerNews I decided to write something else.
In short: RSS will never die.

The War on RSS part un

Propaganda
In May 2009 Steve Gillmor wrote on Techcrunch
It’s time to get completely off RSS and switch to Twitter. RSS just doesn’t cut it anymore. The River of News has become the East River of news, which means it’s not worth swimming in if you get my drift.
~ Rest in Peace RSS, Steve Gillmor on Techcrunch, May 2009
It sparked a meme. Suddenly everyone and their dog was convinced RSS was dead and we should all move on. Twitter will save us from something as horrible as a fourteen year old idea. That’s much too old for us web people.
In early 2011 RSS still wasn’t quite dead. “If RSS is dead, what’s next?“, a guy asked on Quora. This time, a very diplomatic answer came from the Robert Scoble (when I met him he said my startup idea is a fail just because it revolved around RSS):
First off, let’s define what dead means.
To me, anytime someone says a tech is dead it usually means that tech is not very interesting to discuss anymore, or isn’t seeing the most innovative companies doing new things with it
Essentially Scoble thinks RSS is dead because Google Reader stopped working out for him and nobody is innovating in the RSS space anymore.
Bummer.
Five months later he wrote about Feedly – an RSS reader for the iPad. Saying “don’t miss out and get Feedly on your iPad”. He called the idea of an RSS reader for the iPad stupid just 7 months prior.
Guess RSS isn’t that bad after all :)

The War on RSS part deux

Hogarth_Idle_Prentice_executed_at_Tyburn
This week – April 2012 – RSS still wasn’t quite dead. The War on RSS got a lot of passionate attention on HackerNews.
There’s a veritable explosion of companies removing RSS from their products … for whatever reason. Usually because it doesn’t directly benefit the bottom line – they prefer proprietary formats.
The next Mac OS – Mountain Lion – will likely ship without native RSS support. Gone from Safari (in favor of their proprietary Reader/Read Later thingy). Gone from Mail.
Somewhere in the last few versions Firefox removed the RSS icon from its usual place in the url bar.
Twitter removed public support for RSS feeds of user accounts. The feeds still exist – discovering them just takes a bit of trickery since they aren’t even mentioned in the HTML anymore.
Once upon a time even Facebook had support for profile RSS feeds. These have long been gone, so long in fact I don’t remember ever having seen them.
And there has never been native RSS support in Chrome. So much for that.
This time RSS is well and trully busted right? Took an arrow to the knee never to be heard from again.

RSS Will Never Die

Evolution of the Cylon
For a piece of tech that was declared dead and boring almost three years ago, RSS can stir up a suprisingly strong debate … mostly passionate users clinging on for dear life.
I asked Twitter whether anyone still uses RSS as a human. The replies started flying in as quickly as I pressed the submit button. 11 yes, 1 no-ish, 1 sort of no and 1 resounding no.
The data is skewed, yes. Only people passionate about enough to care replied and I am well aware that Normal Humans ™ don’t knowingly use RSS. That’s also quite a bit of responses for a random question posted to Twitter by some random guy.
It shows RSS will never die because of a simple reality: power users.
There is something called the 90-9-1 rule of online participation. At its core is the idea that 90% of  content comes from the top 1% of contributors.
Saying those top contributors are your power users is a pretty safe bet. And that’s why RSS is here to stay for at least a while longer – all those people doing most of the sharing? A lot of their stuff comes from RSS.

Why do people still use RSS anyway?

Old Desk
Ok, so the top 1% of that top 1% may have moved away from RSS and onto social media. Or at least that’s what everyone was claiming back in 2009 when Twitter was still something fresh, new and exciting. And most of all, much, much slower.
Twitter is not a replacement for RSS. Not by a long shot. It’s too busy!
My Twitter stream gets about 30 new messages every minute or two. This isn’t an environment to follow important-ish updates. Certainly not a place to look for 500+ word chunks of text that take ten minutes to read.
And god forbid anyone writes their blog only once a week, I’d miss 99% of their updates!
That’s where RSS comes in.
Not only does it take an hour for ten new posts to reach my Google Reader – when something does vanish, there is a sidebar full of subscriptions where I can see that, hey, there’s a bunch of stuff I want to read … eventually. No pressure. It’s all going to be here tomorrow, a week from now … even a month.
By the way, anything older than a week or two stops existing on Twitter.
When I want to read The Art of Manliness, I can just waltz over to Google Reader and check out the last few posts . No rush. The content is long, but it’s informative and it waits for me. There’s also no interruption or conversation. Just the curated best of what they have to say.
None of that on their Twitter though. Even though they only post every couple of hours, most of it is still reposts of old stuff and answering questions. I think there’s actually less than one new Actual Post ™ per day.
It gets worse for people, like me, who use Twitter as persons. Most of it is just random chitchat you don’t care about, sharing cool links from the web and generally everything but a RSS replacement for my personal blog.
Consequently, RSS offers bigger exposure to your content.
Looking at a recent personal post … tweeting three times creates 67 clickthroughs. Posting to RSS reached 145 readers, however Feedburner might be calculating that.
That’s a big difference!
RSS may have flopped for the regular user. It’s complex and kind of weird; but for that most important of readers – a fan - it will never really die.
And that’s before we even consider computers needing a simple and open way to follow websites’ updates.
Related articles
Enhanced by Zemanta



GMail: designer arrogance and the cult of minimalism

GMail: designer arrogance and the cult of minimalism:

Posted by jonoscript under Uncategorized | Tags: , , , , |
[5] Comments 
It looks like Google has finally pulled the plug on the old GMail UI. There’s no more “revert to the old look temporarily” button, so I guess they’re finally forcing us laggards onto the new theme. I’ve been a mostly happy GMail user since the very early days, but I strongly dislike the new UI.
As far as i can tell, this redesign is just change for the sake of change. I can’t see a single improvement! But I can spot three distinct un-provements *:

  1. The featureless white void: the old interface had colored borders and variations in background color which served to deliniate navigation from content and provide visual landmarks that helped me find my way around the page. It had visual ‘texture’. The new interface lacks that visual texture. Without borders or landmarks, everything blends together into a featureless sea of white and light grey. It requires more work for me to parse visually, to figure out what I’m looking at or to find the link I want to click.
    The old Gmail UI
    The new Gmail UI
    This is what happens when the cult of “minimalism” goes too far.
  2. The “importance” marker is now right next to the stars. I find the (algorithmically-applied) importance marker completely useless and would remove it if I could, but I use the stars quite heavily. In the old interface the importance marker was to the right, so I could ignore that column and scan the left column for stars. In the new interface, the two markers — being the same size, color, and location — blend together visually. I can no longer scan for stars; i have to look closely at each line to tell stars apart from importance markers.
  3. The new icons are inferior to the old text buttons. The text buttons were self-describing. The new icons are not. I’m not usually a fan of toolbar icons; they’re never as self-explanatory as their designers think they are, so they usually need text labels to be decipherable. At that point, why not cut out the middleman and just show the text label instead of the icon?
    Comparison of old and new Gmail toolbars
    But these icons are particularly bad. Again with the cult of minimalism: the icons are so streamlined and featureless that they all look the same: a row of meaningless, square, grey objects. When I want to mark something as spam, I used to be able to click the “spam” button. Now I have to mouse over each square grey object one at a time, looking for the one that pops up a “Report Spam” tooltip. (It’s the stop sign. Why a stop sign? I don’t know. Years of using GUIs have trained me to interpret a stop sign as an error message.)
Why were these changes made? I don’t know. According to the Gmail blog, the goals of the redesign included: to put mugshots of people into conversation view, to make the density adjustable, to make themes fancier, to make the left sidebar customizable, and to add an advanced search panel.
Assuming for the moment that these features were actually needed (which I think is arguable), the fact is that any of these features could have been added without making the interface a featureless white void or replacing helpful labels with cryptic icons.
Just today I read this blog post from a Google UX designer about “Change Aversion”, or the supposedly irrational tendency of users to fear change. The underlying attitude here is that users will like the new UI just fine once they try it, but they don’t want to give it a chance because they’re stubborn, like toddlers refusing to try an unfamiliar food.
I’ve certainly encountered this attitude before. Mozilla UX designers like to use the example of tabs-on-top: when we moved the tabs above the navigation bar in Firefox 4, many users balked at the change. But nobody could give a reason why tabs-on-top was worse — they just didn’t like it because it was unfamiliar.
The problem with this attitude is that sometimes the users may just be stubborn, but other times the users are encountering a real serious problem with the design; something they can feel is wrong, but can’t quite articulate precisely. Your users aren’t trained as designers, so they may not be able to argue their case convincingly in the language of design. If you dismiss all negative user feedback as mere stubbornness, you’ll miss important warning signs when you’re about to make a mistake. People have certainly been telling Google that they don’t like the new GMail interface, but it doesn’t seem like Google has been listening.
Change aversion might be a real thing, but designer arrogance is a real thing too.
* – “un-provements”: a word that I just made up because English lacks a word for discrete ways in which something has gotten worse. What would you say here? “three degradations”? “three backslides”? “three worsenings”?

Like this:


Be the first to like this post.


Monday, April 23, 2012

Make Your Email Hacker Proof

Make Your Email Hacker Proof:

April 17, 2012

It's only a matter of time until your email gets hacked. Don't believe me? Just read this harrowing cautionary tale.
When [my wife] came back to her desk, half an hour later, she couldn’t log into Gmail at all. By that time, I was up and looking at e‑mail, and we both quickly saw what the real problem was. In my inbox I found a message purporting to be from her, followed by a quickly proliferating stream of concerned responses from friends and acquaintances, all about the fact that she had been “mugged in Madrid.” The account had seemed sluggish earlier that morning because my wife had tried to use it at just the moment a hacker was taking it over and changing its settings—including the password, so that she couldn’t log in again.

The greatest practical fear for my wife and me was that, even if she eventually managed to retrieve her records, so much of our personal and financial data would be in someone else’s presumably hostile hands that we would spend our remaining years looking over our shoulders, wondering how and when something would be put to damaging use. At some point over the past six years, our [email] correspondence would certainly have included every number or code that was important to us – credit card numbers, bank-account information, medical info, and any other sensitive data you can imagine.
Now get everyone you know to read it, too. Please. It's for their own good.
Your email is the skeleton key to your online identity. When you lose control of your email to a hacker – not if, but when you lose control of your email to a hacker – the situation is dire. Email is a one stop shop for online identity theft. You should start thinking of security for your email as roughly equivalent to the sort of security you'd want on your bank account. It's exceedingly close to that in practice.
The good news, at least if you use GMail, is that you can make your email virtually hacker-proof today, provided you own a cell phone. The fancy geek technical term for this is two factor authentication, but that doesn't matter right now. What matters is that until you turn this on, your email is vulnerable. So let's get started. Not tomorrow. Not next week. Right. Freaking. Now.

Go to your Google Account Settings

Google-account-settings
Make sure you're logged in. Expand the little drop-down user info panel at the top right of most Google pages. From here, click "Account" to view your account settings.
Google-enable-two-factor-auth
On the account settings page, click "edit" next to 2-step verification and turn it on.

Have Your Cell Phone Ready

GMail will walk you through the next few steps. You just need a telephone that can receive SMS text messages. Enter the numeric code sent through the text message to proceed.
Google-text-email-verification

Now Log In With Your Password and a PIN

Now your password alone is no longer enough to access your email.
Google-two-factor-login
Once this is enabled, accessing your email always requires the password, and a code delivered via your cell phone. (You can check the "remember me for 30 days on this device" checkbox so you don't have to do this every time.) With this in place, even if they discover your super sekrit email password, would-be hackers can't do anything useful with it! To access your email, they'd need to somehow gain control of your cell phone, too. I can't see that happening unless you're in some sort of hostage situation, and at that point I think email security is the least of your problems.

What If I Lose My Cell Phone?

Your cell phone isn't the only way to get the secondary PIN you need to access your email. On the account page there are multiple ways to generate verification codes, including adding a secondary backup phone number, and downloading mobile applications that can generate verification codes without a text message (but that requires a smart phone, naturally).
Google-backup-email-codes
This also includes the never-fails-always-works option: printing out the single-use backup verification codes on a piece of paper. Go do this now. Right now! And keep those backup codes with you at all times. Put them in your wallet, purse, man-purse, or whatever it is that travels with you most often when you get out of bed.
Backup-verification-codes

What About Apps That Access Email?

Applications or websites that access your email, and thus necessarily store your email address and password, are also affected. They have no idea that they now need to enter a PIN, too, so they'll all be broken. You'll need to generate app-specific passwords for your email. To do that, visit the accounts page.
Google-enabling-apps
Click on authorizing applications & sites, then enter a name for the application and click the Generate Password button.
Google-generated-app-password
Let me be clear about this, because it can be confusing: enter that specially generated password in the application, not your master email password.
This effectively creates a list of passwords specific to each application. So you can see the date each one was last used, and revoke each app's permission to touch your email individually as necessary without ever revealing your primary email password to any application, ever. See, I told you, there is a method to the apparent madness.

But I Don't Use Gmail

Either nag your email provider to provide two-factor authentication, or switch over. Email security is critically important these days, and switching is easy(ish). GMail has had fully secure connections for quite a while now, and once you add two-factor authentication to the mix, that's about as much online email safety as you can reasonably hope to achieve short of going back to snail mail.

Hey, This Sounds Like a Pain!

I know what you're thinking. Yes, this is a pain in the ass. I'll fully acknowledge that. But you know what's an even bigger pain in the ass? Having your entire online identity stolen and trashed by a hacker who happens to obtain your email password one day. Remember that article I exhorted you to read at the beginning? Oh, you didn't read it? Go freaking read it now!
Permit me to channel Jamie Zawinski one last time: "OMG, entering these email codes on every device I access email would be a lot of work! That sounds like a hassle!" Shut up. I know things. You will listen to me. Do it anyway.
I've been living with this scheme for a few months now, and I've convinced my wife to as well. I won't lie to you; it hasn't all been wine and roses for us either. But it is inconvenient in the same way that bank vaults and door locks are. The upside is that once you enable this, your email becomes extremely secure, to the point that you can (and I regularly do) email yourself highly sensitive data like passwords and logins to other sites you visit so you can easily retrieve them later.
If you choose not to do this, well, at least you've educated yourself about the risks. And I hope you're extremely careful with your email password and change it regularly to something complex. You're making life all too easy for the hackers who make a fabulous living from stealing and permanently defacing online identities just like yours.
[advertisement] Hiring developers? Post your open positions with Stack Overflow Careers and reach over 20MM awesome devs already on Stack Overflow. Create your satisfaction-guaranteed job listing today!
Posted by Jeff Atwood