Half-Elf on Tech

Thoughts From a Professional Lesbian

Category: How It Is

Making philosophy about the why behind technical things.

  • Defaults Matter

    Defaults Matter

    We tout decicions and not options. We laud people who make it work, simply and efficiently. So how do we decide what the default decisions should be?

    I was looking at a new plugin for an affiliate program, and it set up the links based on region. The way this plugin worked, if you don’t have an account specifically for that country, the plugin author had it set to use his ID if the user didn’t enter one. This is a small issue, in that the user may, unwittingly, be letting the dev earn money of their site. It’s also just not permitted. You don’t put up links or ads on someone else’s site without them checking a box to allow it, it’s gauche and against the .ORG guidelines.

    Timer settingsWithout knowing the issues of the affiliate app, I pushed back, and was surprised that the plugin dev was doing this because if he didn’t, the code would break. The affiliate program didn’t have a fallback to show a default location if you didn’t have an ID for that area, it just errored out. Thankfully, this developer and I worked out a solution. If there was no ID for the region, the plugin wouldn’t display the affiliate links. There was also a checkbox “Use the developer’s affiliate code in regions where you don’t have one!” that explained this would help feed and clothe the dev.

    Another example. A plugin made a shortcode to play MP3s, and by default if you don’t have an MP3, it played one of him from his domain. Besides the fact that you’ll crash your server if you get popular enough, the fallback for that should be for the shortcode to output “Oh noes! No MP3 picked!”

    This got me thinking about how we determine the defaults for anything. We pick what we want to support most, we guess at what people will use most, and we test what we can think of. But that isn’t easy at all. Start factoring in upgrades. You add a new feature and you want people to use it, so you turn it on to aid discovery (Jetpack does this). Not everyone likes that and gets mad that the first thing they have to do is disable it! So you think about alert boxes “Hey, you upgraded and there’s a new thing!” but then people hate dismissing those alerts.

    Picking the right defaults for your intended audience matters. The affiliate code guy knew about an error if he didn’t do that, and compensated in a way that would be seamless for the users, but a little unethical (I felt) because it took advantage of their ignorance to make money for him. I’m kind of hip on educating the masses. The shortcode guy just didn’t think about the long-term ramifications. Neither actually meant to be harmful, but both were thinking about their users and their familiarity with things. Both were cognizant of the fact that a product not working because of incomplete settings should not break.

    Firetruck SettingsDetermining your default settings is a race between education and simplification. It should be as simple and straightforward as possible to make things easier for the new users. At the same time, it should be made totally obvious in straightforward ways what the defaults can be changed to. This can be done with help screens in your plugins, but also in the welcome pages and the in-line explanations of setup. You can hide aspects of the code from users until they’ve finished pre-requisites.

    Defaults are the one place where you have to actually try to know what the users will be thinking, so don’t worry if you get it wrong. You can always iterate.

  • Bad Browser Complacency

    Bad Browser Complacency

    Back in the day, you may have seen notices on browsers like “This site best viewed in Internet Explorer v4.” Since then, we’ve moved into the belief that a website should work on as many browsers as possible, and degrade nicely when it can’t. So imagine my surprise when I’m looking at photos online and I get a message saying I’m using an unsupported browser.

    I happened to be using Chrome on my iPad, so I clicked the link which took me to http://www.corbisimages.com/BadBrowser and I saw this:

    Bad Browser

    I was taken aback. Not that they say ‘IE 7 and up’ as it’s something I try to support as well. Frankly making sites look awesome on IE is about as easy and fun as a dental student doing your root canal. You’ll get there in the end, but it may hurt like hell.

    Now, Corbis has certainly one of the more out of date designs for a photo sites I regularly visit (there are 10), but it’s not the most egregious. Yes, there are worse ones. Still for a site to have an alert like this in 2014 and to omit Chrome is rather shocking. Someone remarked it looked like that site was designed circa 2003 and Chrome, if you didn’t know, only came out in 2008. So while I remember this new design for Corbis being rather recent (2012 or 2013, but that may have just been some tweaks), it’s clear they’ve not visited that page in at least six years.

    I talked to my family about web design at a recent brunch, stressing that I do not do website design per se, but I am happy to help them find people and upload their content. At that time, I pointed out that the trick to a website was to frequently update it and make it more modern. “It’s like the runway shows,” I replied. “What’s in this season was weird last season and may be out by next season. So making a site and never changing it is as smart as never updating your wardrobe.”

    Older fashion, not that good looking todayPeople judge by how things look. If someone only wears a black turtleneck and jeans (Steve Jobs), we create a specific mindview of them and it rarely changes. Someone who always wears avant-garde clothes that are nearly unwearable (Katy Perry), we create another. If that person always wears a suit jacket (Tim Gunn), we have yet another view. Neither is right or wrong, of course, and they all have their places.

    We update our wardrobes when we gain and lose weight, when we decide we want a change, when we feel different, when we have to change, when we want to. While I tease that Brian Gardner is never satisfied with a web design and is always changing, I’m often just as guilty of this as I don’t feel things fit forever. If I’m not afraid of changing my wardrobe, why would I be afraid of changing my website?

    And yet. We worry a lot more about the change of design, to the point that sites like Corbis haven’t significantly changed or adapted since 2002, when the site was born. Since then, 12 years have gone by, browsers have changed, security changed, and the viewing experience is wildly different. Corbis on a phone? Yeah not a great experience.

    When your site never changes with the times, never grows to adapt to it’s new audience, you lose respect in the world of the Internet. We have to keep up with the times, test and retest on as many browsers as humanly possible, and make sure that it all works. We can’t just say “Yes, this one design is good” and more so, we can’t say “This site works best on…” anymore.

    Unless you’re the sort to say “This jeans only work with turtlenecks.” Then, by all means, never change.

  • You Are The Weakest Link

    You Are The Weakest Link

    I sit by people who are on the phone with customers about their accounts all day. Each and every day I hear them talk to customers who are past due or need to activate a new credit card or had an account closed by not paying. In general, I marvel at how consistently nice these coworkers of mine are, considering the number of times I hear people screaming at them. But I also get to hear some fairly impressive conversations.

    Locked safeMost of the time, the conversations are mild, a reminder that you actually have to pay, here’s how you pay, off you go. But once in a while you get to hear the tale of someone who wants to cancel an account. This is only interesting because we don’t cancel your account for you. You have to log in and cancel the charges and billing. About once a day, someone asks why we can’t just accept they are who they say they are and close the account, and I hear my coworker explain over and over that it’s not secure. We can’t verify you over the phone, we called you, and… well there’s a reason you have to call your bank and not the other way around.

    Recently I had a credit card jacked, causing me to miss a payment I didn’t know I owed. I was called by a bill collector after 60 days and they asked for my account information. I balked and asked what card he was calling about, what was the amount, when was it charged, and so on. Then I hung up (I tried to tell him thank you, he kept talking) and called the card company directly. They confirmed the situation, I explained it wasn’t me, we got the bill reversed, everyone was happy… except me. I pointed out having some random number call me and claim to represent them was not safe or secure. They agreed, and also remarked that I shouldn’t have had a collection agency after me at only 60 days, so clearly they had a billing problem.

    I’m a little thoughtful about my security, if you can’t tell. So when I read my friend Gary’s story about Paypal’s lack of security, it surprised me. There’s no true Two Factor authentication on something that has access to my bank account, just a dongle I’d have to pay for (and keep handy) or SMS. And when you read more into why Gary turned on SMS (see the story about how @N lost his user name and $50k), it gets more disturbing.

    Social engineering to figure out passwords and pose as other people is easy. I do it all the time when I need to set up something for myself and my wife, and the company says she has to call too. I happen to have all of her information, down to access to her email (after all, I’m her sysadmin), and we actually made a specific joint email address for things like our bank account. If you have the information, it’s not hard to do.

    Chains around a railingWe can blame GoDaddy and Paypal all we want for this. Should they accept the last four digits of my credit card as identification? Should they accept my social security number? What about my password (which means they can read it, by the way), or what about a special password used only for verification? Now I have to remember more, carry more, and know more all the time. It’s information overload. And because of that, because we’ve complained, they do less.

    People see our credit cards all the time. You handed your debit card to someone to pay your eye-doctor’s co-pay, or for that latte. We tweet about our first pets and mother’s maiden names, and we Facebook everything. It’s pretty obvious that the weakest link in security, and the reason social engineering can easily exploit them with companies, is us.

    There isn’t a perfect way to protect ourselves, though. Last year my phone got wiped and I lost my Google Authenicator settings. I had secondary login codes for Google itself, but not WordPress.com (I’d never set them up) so I was unable to log in. After skyping and emailing two of my good friends who work there, I was able to get back in, but had they not been able to know it was me, what could have happened?

    Every time someone asks me what I do to be safer online, I tell them this “I am working to eradicate my ability to be stupid.”

  • It’s Better to Extend

    It’s Better to Extend

    If you’ve heard me answer the question “Why is this a plugin and not in core?” then you’ve probably heard me say “It’s better for WordPress to be extendable than to include everything.” And you’ve certainly heard me tell folks that the concept of Open Source development is different than many of you think.

    One of the many reasons I liked WordPress was that, unlike other apps, I didn’t have to spend the first week after install turning off a great number of features that I didn’t want, just to have the core application that I did want. WordPress stood apart by assuming very little. You want to publish content. That’s pretty much it in the beginning. As things changed with the times, comments and media uploading were added, but at it’s heart, WordPress has remained pretty on point.

    Simplicity.

    ExtendWordPress doesn’t want to get in the way of your content. It would rather make decisions, not options, to keep it simple. We constantly argue about better ways to simplify, how we can remove options to improve usability, how we can make things easier and faster.

    Earlier this month, my friend George ruminated on decisions and specifically talked about how to make his code serve two masters:

    To each according to their needs. Typical users need a simple, smooth, classy interface. Power users need to get under the hood. Why try to make something that doesn’t work well for either by trying to serve both?

    This is the route WordPress tries to take, and it has some pretty incredible payoffs. If you don’t need to get under that hood, your site is lean, fast, and perfect. If you do, you can totally monkey with your engine all you want to make changes. But that user who has no idea what we mean when we say “add a filter to the output…” doesn’t have to learn anything new. They can just install a plugin and go.

    By being extendable, WordPress is able to keep itself small and let you make the decision of what you need. It also lets you pick out what’s important to you, and this is a hard choice. We want a lot of bells and whistles on our sites, but we know they’ll possibly make things slow. We have to decide what we care about more, what can we sacrifice, and what must we keep.

    So when I tell people “It’s better that WordPress is extendable.” I do so understanding that I put the work on you, and not core. I’m making you do the hard part, the part of weighing options and features. The part of telling a client “No” because that awesome slider will make their page slow. I’m putting you on the spot.

    I think that may be why people get made about this whole thing, more so than the trials and tribulations of finding the right plugin. Of course finding a good plugin that won’t break is hard. You should be circumspect about plugins and themes, test them well, don’t just use them because they’re super pretty. But here I am saying that we’re lazy, over in WordPress land, and we want you to decide what you need.

    Man touching his iphoneMany of you use smartphones. Many of you buy in-app purchases. Many of you, like me, think that in-app purchases are kind of a terrible thing. Thomas Baekdal goes a step further and argues they are destroying the gaming industry. Many people argue WordPress does the same thing. The core is free and the add-ons may be free or they may cost money. Heck, I paid for this theme, it’s parent theme, and some plugins!

    Let’s take Easy Digital Downloads, a plugin I use. It’s free. I have six specific add-on plugins for it, though to do things I want. One I wrote, three are free, and two I paid more for. Why is that okay? Because unlike the model of paying to speed things up, EDD lets me pay to add what I NEED. I needed a PayPal alternative (PayPal is free by the way), so I bought Stripe for my users who can’t use PayPal. I wanted (not needed) a way to let people pick prices in some places, so I decided to buy that as well. But everything else has been free. That’s nothing like the In-App payments, that’s what they wanted to be but didn’t manage.

    So it’s better to extend because I decide what I want, and I decide where to spend money, and I decide what to do. WordPress without those extensions? Still works. There are hundreds of options to do what I did totally for free, legally and morally free of implications too. I paid for the speed and connivence, but I didn’t have to worry about things I didn’t want or need because I didn’t add them.

    I like the place where I decide what I need.

  • The Person of WordPress

    The Person of WordPress

    I read Manga, pretty much like every comic book nerd from the 1980s. I got hooked on some fairly grown up stuff as a tween, and today I read the stuff with entertaining and semi realistic stories. One of them I read is called “Space Brothers” about, get this, two brothers who decide to become astronauts. When the story starts, the younger brother, Nanba Hibito, is poised to make his first trip to the moon, while the older brother, Nanba Mutta, is fired for head-butting his boss. As the story goes on, Mutta overcomes obstacles and is accepted into JAXA, Japan’s version of NASA.

    It’s during his first lecture as a newbie wanna-be astronaut that the lead of the support staff draws the Japanese character of Person on the white board:

    Kanji for

    And he tells them a famous person said this:

    The character of person shows that people are living by supporting each other.

    I was unable to verify the quote, but it sounds somewhat reasonable to me. Still, in looking at it, I thought that the stroke on the right seemed to be supporting a bit more than the one on the left. So did the character in the manga, who went on to explain that some people support more than others, but they do so with the intent of boosting the others higher. That’s why the leftmost stroke is taller.

    Now, Japanese has three written languages: hiragana, katakana, and kanji. For those unfamiliar, you can read a brief explanation from Ancient Scripts, but the person character I used above is from kanji. There’s a historical basis in kanji that look like their meanings, so this interpretation isn’t outside the realm of possibility.

    When I look at WordPress, I see that leftmost character as being the path taken by the people who manage to write amazing code. And I see myself as the rightmost character, who tests and debugs and supports them. I feed information into them as I find it, I help others to do the same and solve their problems. I am, indeed, a support guru.

    There’s nothing wrong with this. If it wasn’t for me, and people like me, WordPress would fall over. I said this at WordCamp SF in 2012: If there weren’t users, there would be no WordPress. All of us, the users and the support people and the random one-plugin developer and that person who edited a theme once, we’re all the reason WordPress is still being used as well as it is. The app was made useful and deemed useful.

    But consider the modern version of the character.

    Modern Kanji for Person

    This may seem strange if you’ve never read about kanji before (I was once deeply into a manga about caligraphy), but it has it’s own version of print and cursive. Here are all the various ways one might write ‘person’ in kanji:

    Variations on 'Person' in Kanji

    Now you may notice that’s a Chines Kanji exemplar. It’s the same thing for around 70% of the characters. And in this case, it happens to be the same.

    If I was to extend my previous thought, that the support arm of WordPress helps it reach new heights, I would look at the modern character and say that the two arms keep each other from falling over and, only when combined, can they reach the future of marvelousness.

    That’s a bit cheesy, I know, but the point is that we’re not alone. We don’t work on open source in a vacuum, we work together, relying on each other, to make everything better for everyone. We’re equal partners in the work of creation, even if we don’t see it as such all the time.

    I don’t know what the kanji is for Open Source, or if there even is one, but I hope it represents people for being the crux of it all, always helping people.

  • So You Just Have One Small Question….

    So You Just Have One Small Question….

    Every single developer, tech supporter, manager, project planner, tester, parent, teacher, and quality checker knows that question. And we all know that absolute feeling of dread that comes with it.

    No, you don’t have one ‘small’ question, we think to ourselves, wishing we had a drink in hand, or maybe pondering how much money we’d have if we got a penny (yes, one cent) for every single time someone asked a ‘small’ question that worked out to be larger than the initial topic. It’s right next to one more small change, which is always inconvenient.

    The questions are nearly never ‘small’ and they’re nearly never ‘quick.’ They’re born of a lack of understanding (hence question), which in and of itself is alright, but they seem to always come at the end, when we think we’re done. As a developer, I often feel these last minute ‘one more’ questions are because I didn’t ask all the right questions in the beginning of a project (which is why I’m not answering ‘Should I use multisite?’ anymore, too many questions). If I had a simple checklist to go down for my projects, it would be a lot easier.

    But…

    DandelionTherein lies the bane of most development setups. We don’t know what questions to ask much of the time, because we can’t know. We ask everything we can think up, and suffer from the failures of imagination later on. Or we end up in design hell (this is an Oatmeal link!).

    And what if we’re not developing? Tech support is a nightmare when people have ‘one more question’ because it means they’ve asked for help before they’ve actually thought through everything. Hey, I’m guilty of this too, there’s a reason me and my friends will sometimes tweet a question with a tag of #lazyweb – Sometimes it is faster to ask a question of the masses (or one person) than it is to think hard about the context.

    Here’s my challenge to everyone. Stop asking one small question, and try to ask one smart, simple, question.

    Boy that probably sounds weird to a lot of people. A smart, simple, question, is a page shy of being asked by Captain Obvious. It may net you a reply of “Ask that again, would you?” so you slow down and think about what you just asked, clearly. Other times, the smart and simple is a clarification of something confusing in documentation (or missing from documentation entirely). Maybe it’s a link you can’t find. Maybe it’s that thing you know your wife will remember, like an actor’s name (“Honey, who was the guy who wasn’t a guy in the movie with the weird clothes? Tilda Swinton! Thank you!”)

    They sound like they’re stupid questions, don’t they? The ones you ask and think “I was dumb.” They’re not. They’re really smart because you know the one thing, and the one person, who can help you pull an answer out of your own head.

    The other great smart and simple questions are the one-offs. They’re short. “How do I start this car?” That’s generally smart and simple. But moreover, they’re specific! That’s the trick to a simple question, it’s to the point and direct. It means you’re not sending a novel to the CEO of the company, but a carefully thought out explanation of what you expected to happen and what actually happened. A good bug report is always simple, even when it’s complicated.

    What it’s not is needlessly complex.

    Any DirectionThere are a lot of smart, complex, questions. You know the ones where it’s “How do I thread my new sewing machine?” Sounds relatively simple and easy, but it’s deceptive. I say this having had to read poor documentation, from 1920, on how you thread a sewing machine. I realized I was smart, but I was inexperienced, so I googled how to thread that specific machine. It was a smart question, but it wasn’t simple. In fact, it was insanely complex, and at a certain point someone in the house wailed “I just want to sew!”

    A smart, complex, question is a great question, but it’s not one you should ask frivolously. What you really just asked is not ‘How do you…’ but ‘Teach me how to…’ And if you think teaching is quick and simple, you have a lot to learn. The complex questions are made worse when they’re asked with that novel. Oh, the novel. This is a novel, and if I saw a forum post or a ticket at work with all this in it from someone, I’d wince.

    Smart and simple. Smart and short. My wife can teach someone to make cheese in five tweets. But I can’t debug (most) WordPress problems in that many. This is in part because tweeting code sucks, but it’s also because this isn’t a math question. I can probably explain Common Core in five tweets, but I can’t teach it in the same number. When you ask me a complex question, you don’t want me to explain, you want me to teach.

    I know that easy is hard. The easy answers are hard, and they take a long time, which is why sometimes I tell people “Maybe” or “You can, but it will be complex.” I’m not brushing you off, I’m giving you the biggest hint in the world.

    Your question is complex and complicated. But it sure ain’t simple.