Tech Crime & Punishment

In a recent article Sophos had a poll asking what the appropriate sentence for tech related fraud — such as fake “Windows Support” call saying you have a virus and asking for $300 to fix it over the phone. I have covered what to do with any unsolicited phone calls before (The “short” answer: do not believe any claim of identity and ask for proof such as their employee ID#, the company they are representing {which they are often obligated to give you}, the case number for your issue, & a callback number and hang up. Then look up the company contact info — make sure the company is on the up and up {has a physical address, look up consumer complaints about the company, etc.} — and call the official number with your case number if it all checks out. And never be afraid to get a second opinion — if a person tells you not to bother contacting someone else for a 2nd opinion — or worse discourages contacting a 3rd party — it is a huge red flag.) 

Excuse the outlandishness of this idea — it is just an idea that needs further refinement. If you are extremely narrow-minded or think “nothing can change/nothing will help” please stop reading now, to avoid reading something that might upset you. You have been warned…

Continue reading

Email Worst Practices

I had to send this “support request” email today because of some seriously bad error in judgement when someone hit the sent button today. Seriously folks, this is 2014… have web companies and their employees learned nothing?


this morning I got an email asking me to click a link embedded in the email to verify my email address as a condition of maintaining my *********

The email is worded exactly like a phishing attack: requiring fast compliance, threatening a disconnection of service, lacking a link to verify this policy anywhere and the email is unsigned by anyone.

Someone in security who works there must be aware most phishing attacks are carried out exactly this way, and that you should NEVER encourage a user to click a link whether it is a legitimate reason or not in an unsolicited email because of the bad precedent it sets.

Instead, you should give the user a one-time unique token to enter and tell them to login into their account, and enter the token on their account page to verify the email was receive and in fact they do own the account. Not doing so would allow anyone with access to a client’s email account to potentially hijack the account with your service.

If you disagree, then I will have to look for a more competent company to *********. Please escalate this email until it gets to a policy-maker that understands the importance of why this is ““worst practice.”” If this does not happen, I might as well cancel my account because it is only a matter of time before your customers or your client-facing DBs are hacked.


Just to clarify, the raw headers show it was sent from their mail server, and the message looks legitimate, but maybe someone hijacked that through completely unrelated blunder. Anyway, the moral of the story is: do not click links in unsolicited emails. If this was a case of a password reset I requested or a two factor auth thing, or even a newsletter I opted-in for, those are totally understandable, but in this case it was probably just bad form. To allow the company time to correct their policy (or regain control of their mail server) I have not mentioned exactly which web services company this is… but this is yet another case of sloppy work in the IT sector. And, as Danny Glover once said in a movie where he co-starred with a crazy guy, “I’m too old for this shit.”*

Thanks for reading.

*luckily this last word is no longer banned from TV, and thus — in this usage — it is appropriate to describe a distinct lack of professional behavior from a commercial company.

UI Missteps: Form over Function

Don’t get me wrong. The people at MacUpdate usually do a great job of managing and taking user feedback. But even with their careful curation of Mac & iOS apps that receive updates (sometimes numbering close to 100 OS X apps alone in one day), things slip through the cracks. I wasted about 5 minutes trying to figure out why an updated app was not available via one-click update using the built in software updater nor MacUpdate’s Desktop app. After going to MacUpdate, it was only by reading the comment and then hovering above the download link that the answer was clear: the app was a beta, and using the built-in update tools both within the native app & the MacUpdate Desktop App wouldn’t work. Even though I have “show beta/pre-release” unchecked, it still showed up in the MacUpdate Desktop list.

I realized the problem when looking at the comment and the confusion about version numbers used and how Adobe doesn’t distinguish betas with “b” or “(beta).” Then I took a few minutes to write this. The focus is not what MacUpdate did — it is an edge case which reflects more poorly on Adobe. Instead it is a example of what UI designers everywhere are doing to the detriment of both advanced and novice users everywhere.

Making Simplicity Difficult (Form Over Function)

If you accept that the purpose of computers is to make tasks easier to accomplish than doing them without them, then what follows is logical. When the interface gets so polished the labels are rubbed off, advanced features are hidden or removed, and labels are replaced unlabeled/undocumented icons, it leads to problems using an application no matter what type of device the application runs on. Here is my brief comment on that.

I don’t mind clean, nice-looking interface (I strive to balance aesthetics with easy-to-access, powerful features), but don’t let streamlined designs actually slow productivity; whether that productivity is actually getting work done or doing administrative tasks such as updating your software.

This confusion is a clear case of form over function, which is the wrong direction (unless you’re selling soda or commodities…) for computing interfaces to head because it handicaps learning via obscuring helpful, orientating/navigating details and slows advanced users.

If the trend in UIs were to spill over in the real word, we would see street signs replaced with pictures of maps and street addresses removed from the front, and instead only inside each building. Menus boards would have descriptions and prices hidden, until a person opened a flap to read the price and description.

In houses rather than work aesthetics around function, some streamlined houses would only have one control panel that controlled all the lighting, heating, etc. but that panel would be fixed next to the circuit breaker box. If a house had individual light switches, they’d be placed at whim of a designer who never lived or had even been in a house. Some would be oriented at any angle the designer liked and on any surface — some nowhere near the door or on one or both sides of the door. Some switches would glow only when they were off, and not when they are on, and vice versa which is actually happening with electronic switches. All building layouts would depend on the whim of a designer that had no concept of architectural design patterns nor a care about the building’s function.

This current trend toward “flatness” that was a backlash against “skeuomorphic” design of last generation all dance around the real point of GUIs: to make things easier by giving feedback to users that allows them to assess both current application state and orient where they are in the system. The trend is stripping away both of these, making things harder to use, not easier. Sadly, people think simplifying the interface will help users whose learning is being retarded by confusing inconsistent and low-feedback designs. This over-simplification is in fact hurting more than helping. This is because simple is not necessarily a synonym for easy. (Easy things are simple, but simple things are not always easy oddly enough.) Product managers and designers think people want simple, when they really want easy. Making things easy should be the focus. The easier a more complex the task is, the more useful your software.

Making Complexity Easy (Form Follows Function)

Designers should look for the frustrating points and the complex points and make complex tasks as easy as possible — which means removing steps if it can be done without making the user’s knowledge have to ramp up greater than the complex steps.

This is my Menubar. This is easy:


It is very dense with information. By looking at it you can see with a glance that Bluetooth is on, I’m connected to the network with light traffic, my processor load, my sound volume, the day & date, my current battery level (full) & that I am plugged in, the time, the moon phase, the CPU temperature & CPU voltage draw. I could have the default OS X menubar, but then I wouldn’t be able to see this without opening applications, slowing me down. I often refer to network speeds and CPU load when something seems bogged down. I often check the date and time, and that calendat icon pulls down so I can see my schedule in Fantastical without opening the Calendar App. The functionality is available if I pull down my sound menu is Audio Switcher.


All these save me time each use. The march of Menu Items and GUI Enhancements I use all take a complex array of data, navigation, and bother of doing complex things and make some of them a click or less away. While this might be ugly to some, it is not distracting and works well. This is my current balance point, but with each stripping down towards “simplicity,” this ease becomes more difficult. Thankfully the developers of iStat Menus, Fantastical, Bartender, Audio Switcher, Moom, TotalFinder, Default Folder X, Alfred and PopCar (among others) see the problem that streamlined interfaces bring. But rather than strip away information, they strive to arrange information in a way that is not overwhelming and give user configurable interfaces to really harness the power of a GUI. These companies (while not all perfect — some have fallen into this hole at least slightly) have UI designers, not artists making flat colorful mystery icons with unpredictable UIs that confuse people calling themselves UX designers.

(I think of myself more as a User/Communication Efficiency type of person, so while the “UX Designer” title sounds fancy, I’d rather be a “User Interface Communication Efficiency Designer” to put the emphasis not of the “experience” of using a product, but on the efficient use of communications media available. Plus, UICED sounds like a term that could be played with. But titles are kind of limiting in a way… so I’ll just be myself. When people ask me my title, I just sum it up to say “IT Consultant” since whenever I actually start to talk tech I notice most people’s eyes glaze over.)

I try to focus on what matters to get work done, so I can get work done with less effort and faster. Anything that gets hinders more than helps my efforts falls out of use. BTW, if you are not familiar with these products, many are mentioned and linked on my Recommended Apps page. You can also check out and see the trove of software — most at least decent — that they list. They are good guys, so if you see errors, write them and be nice please. They will get back to you if needed with a personally written reply, which is always worth a star in my book. “When I was a kid several days of Mac SW updates could fit on one page… now several pages might span one day.”

Thanks for reading.

Almost Everything I learned about Teamwork and Leadership, I Learned in Clan Lord

I’ve been threatening to write this post for about a year. I had this sitting on the back-burner for a month and asked for comments from another player also in the IT Admin field. So, without further ado…

Despite the Graphics, CL has real team-building potential

Despite the Graphics, CL has real team-building potential

For the unwashed, Clan Lord is an archaic, sorely out-of-date Multi-player Online Role-playing Game  (MORPG) that has been running since the late 90s. The single world (server) and small population make it feel like a small town, thus all of the current players have the same goal (job). Thus, like any small group with common goals, it is a bit like a company: You have your people in it who are on the ball because they work well in teams and independently, those that only work in teams because they need direction, those that lead group of people in a direction, those that specialize in a subset of knowledge about the terrain (market or technology) all of whom trade their time and risk profit (experience) to advance, and finally those that just show up to have fun. These flyby ‘fun’ people are equivalent to the people who just show up for a paycheck. In the game, one seemingly minor mistake can lead to the death of the entire group.  This necessitates departing (experience and time loss) which is a bit like working on a project  and having it fail miserable because Joe Paycheck didn’t know or care that you shouldn’t have done X.

Considering the parallels I noticed about the in game group and the group of people you work with  day-to-day, I have found several commonalities that I have taken from work to game and from game to work that have helped me navigate real life teamwork, leadership and relationships.

Continue reading

Product Feedback: Sometimes the Customer Does Know Best

If I like an application or see one with potential, I usually write the author or company that made it with a feature suggestion explaining why I want to do it, and how it would add value to an application — sometimes a great amount of value. Occasionally, I’ll receive a human written response that explains upcoming features along those line, says they’ll consider it, or explains some technical limitation. Either way, I will have to wait months if not years to see a feature added if it is ever added at all. I appreciate the feedback to my feedback. It lets me know the company or individual is receptive to comments.

One of the things I cannot stand is when a company sends me is an automated reply thanking me for the feedback. Big companies, I forgive slightly more, but small shops should probably take a minute to let users know their breath wasn’t wasted if they want to foster a good relationship with their customers.

After a programmer makes a great app, their next challenge is getting the word out. Unfortunately engineers tend to think differently than mere mortals: in general, the more brilliant an engineer the less likely they are to have the social skills to market their great apps, I have found.

Continue reading

Always Room for Improvement…

Well 2013 is here and either we are just the holographic debris on an event horizon of a black hole, or reality is relative. I wouldn’t have minded being the Mayan Calendar maker who made the last calendar, because then when finished, and asked …

King: “What happens when we reach the end of thew calendar? This think will not work after that.”

Mayan Calendar Maker: “By then I hope we are using a better system.”

King:“But you said your system was great?”

Mayan Calendar Maker: “There is always room for improvement.”

With that said, (as I actually said when someone asked me about databases I created in the mid 1990s about Mac OS’s Unix calendar running out in 2038) I wanted to write about a few things, but a project has been eating time like the Cookie Monster with a box of chocolate chip cookies. (Cookie & Count were always my favorite.)

So, I will mash up a few things, left and right… Read of to find out about a new Bluetooth audio headset, a product warning, and whatever else comes out in this unedited memory dump:

Continue reading