Blog

Does Usability Really Matter?

Posted by Eric on November 12, 2010  |   1 Comment »

One of the “buzz” words that those of us who are into web design often throw around is this whole idea of Web Usability.  Simply put, web usability is an approach to web site development that makes it easy for the end user.  It means that it is easy to use a web site.

Seems simple enough right?  Who wouldn’t want a web site to be easy to use?  Who would ever dream of making a web site hard to use?  Well the answer is a lot of people.  I’ll give just one example – my home town city – Fort Wayne.

Recently, Fort Wayne started a new recycling initiative – One Cart Recycling.  The program, true to its name, provides just one recycling cart.  No more sorting of products.  Simply put all recyclables into the same container.  Sounds like a great idea, right?  The problem is that you have to sign up for this service.

Now, there’s nothing wrong with a sign-up.  The problem is that the city forgot to ask the developer about usability.

Here’s what I get when I try to sign-up:

fort wayne web deisgn Screen shot 2010 11 10 at 7.29.43 PM Does Usability Really Matter?

Can you tell what’s wrong here?  Apparently Fort Wayne really wants me to sign up.  But, only if I have the correct plug-in installed, only if I am running the correct operating system, only if I am not handicapped in certain ways, etc.

I received this message because I have a Apple computer.  And, as a result, don’t have silverlight installed.  And, this tells the 10% or so of people who browse with an Apple computer that you don’t care about them.  But, this is just the start.  Silverlight is estimated to be installed on about 50% – 55% of all computers.  So the city is telling the other 50% that they don’t want them to sign up.  And, this doesn’t even include iPhone or Android users.  Those also wouldn’t be able to sign up.  And, typically (thought not always) silverlight is very difficult for those with disabilities (i.e. vision problems).  So, the city is saying that it has this great One Cart Recycling program that it wants all the residents to sign up for, but not those who use Apples, iPhones, or Android phones, nor the 50% who don’t have silverlight installed, nor those with certain disabilities.

You see, this is the critical part of web usability.  And, it is something any good developer should care about.  To simply sign up for something, I should NEVER force you to download a plug-in, change your browser, switch computers or do anything except just sign-up.  Forcing people to do something extra tells them that you really aren’t that concerned about them.  It says that you would rather make them jump through hoops than get your product.  It says that you clearly didn’t have “ME” in mind when you thought about this.

So, what should you do?  Well, here are a few simple steps to take when developing a site:

  • Ask The RIGHT Questions – if you are hiring a developer / designer ask questions like: Will this site work on ALL browsers?  Which browsers will you test it on?  Will it work on both Apple and PC computers and will you test it on both?  Will this work on a mobile phone?  Are any plugins (downloads) needed to make this site work?  If so, what can we do to avoid them?  Will this site be accessible to handicapped people (i.e the blind who might use a screen reader or color blind people who struggle with certain colors)?  Do you follow MODERN web standards – which ones (you might not know what all the modern standards are, but asking your designer to list them will force them to tell the truth)?
  • Care About The RIGHT Things - no one would ever deny that the “look” of a site is unimportant.  Of course it matters.  But, other things matter just as much (and sometimes more).  Studies continue to show that people will tolerate a well layed-out site, with clear navigation that is NOT visually compelling.  However, a visually compelling site that is slow to load or hard to navigate will not be tolerated.  Granted people will visit it ONCE because it is cool.  But the cool factor wears off very quickly.  After that, they are left with a confusing, hard to navigate, slow to load site.  While I would never encourage you not to care about the look of a site, I would encourage you to care about more than just the look.  Care about the speed of the load.  Care about the simplicity of finding what you want (how many clicks does it take to get to your answer?).  Care about providing answers.  Care about meeting your customer’s need.
  • Think Like the RIGHT Person –  usually site owners think like the owners of the companies.  That makes sense – they are the owners.  But the owners perspective doesn’t matter nearly as much as the customers perspective.  So, while those in your business might know what TERM X means, the customer who visits your site for the first time probably doesn’t know what it means.  Also, what is it like for someone with a small monitor on a really old computer to visit your site?  Does it still work, does it take a long time to load?  Have you tried browsing your site from a coffee shop, from home, from other places?  All this helps you to see what your customers see.  Good websites work for the new person, for the uninitiated.   I shouldn’t have to think to use your site!
  • Look at the RIGHT information – Do you know how many people visit your site?  Which page is the most visited?  Which page is the least visited?  How often a person comes to your site and leaves without clicking on anything?  The average amount of time someone spends on your site?  How they arrived at your site – by a search engine or by typing in your URL?  All this is the right information to look at .  And, all of it is available for free, right now.  If your site isn’t giving you this kind of information, then you aren’t looking at the right information.

The list could go on and on.  Web Usability is really a big deal.  Books (lots of books) have been written on the subject!

For now, maybe we can all learn a few things NOT to do from my home city!

What do you think?  Do you have examples of bad usability?  Do you have other suggestions?  Let me know.  Leave a comment below!

Stealing Passwords at Starbucks?

Posted by Eric on November 11, 2010  |   14 Comments »

As a web development company, we got asked quite a few technical questions (obviously).  Some of those questions fall outside the scope of what we do – we design and develop great websitea, we don’t fix your brother’s Windows XP machine.

But, one typical question that we get a lot of relates to security.  Specifically, how can I (or my company) be safe online.

Well, this really is a complicated questions.  But recently, I was at a local Starbucks and just had to try out a new firefox plugin.

Recently a firefox plugin was released called FIRESHEEP.  This simple little plugin takes just seconds to install, is incredibly simple to use, but can wreak amazing havoc!

Just what exactly does FIRESHEEP do?  After installation, it adds a sidebar to your Firefox browser.  This sidebar has one simple button labeled “Start Capturing”.  When enabled (meaning you click the button) it captures anyone’s (yes, anyone) login credentials!  What does this mean?  Well, take a look at what I grabbed in just a few minutes at Starbucks:

fort wayne web deisgn firesheep Stealing Passwords at Starbucks?

I’ve blurred out all the names and replaced all the images with the blank people.  But, in just 5 – 10 minutes at a local Starbucks, I was able to log into 3 different facebook accounts, 1 twitter account, 1 wordpress web site, 1 amazon account, and 1 GitHub account (it’s a code storage service for programmers).  Amazing.  Or Terrifying…  All this without ANY special knowledge on my part.  All I had to do was start the plugin.  Then when I clicked on the top Facebook icon, I was instantly logged into facebook AS THAT USER.  I can change things, update things, delete things – do anything I wanted.

So, how does this work?  Well, first of all, I did not ever have access to the users password.  We’ll use Facebook for our example here.  I never had the user’s facebook password.  When you log into facebook, typing in your username and password, you are on a secured web site – your browser has HTTPS at the start of the web address.  What this means is that all the communications between you and the server (Facebook) are totally encrypted and can’t be read by anyone who happens to “capture” them.  So, this is good.  But, once you are logged into Facebook, the pages go back to HTTP – meaning the communication is NOT encrypted and if someone just happens to capture the communication, they can read it.  Now, it gets a bit complicated, but the next step in the process involves how Facebook knows you are already logged in.  Obviously, as you navigate your way around Facebook, you don’t want to type your password in every single time.  So, how does Facebook know you are indeed you?  Well the answer is your cookie.  Websites you visit regularly stores bits of information on your computer called cookies.  These cookies contain various bits of information.  One bit of information is typically a session id.  This session id is a unique number or ID that proves to Facebook that you are who you say you are.  So, when you click on a link on Facebook, the web site asks for this Session ID to verify it is you who really did this.  Without the Session ID, you would have to log in again.  But, the problem is that this Session ID is sent unencrypted to the server.  So, anyone who is listening can get this session ID.  And, once someone has your Session ID, they can “pretend” to be you until you log out (which essentially kills your session id).

Sound scary?  It should.  This means anyone at a public wi-fi hotspot (like Starbucks) anyone can log into your facebook, twitter, google, amazon and other accounts (by the way – firesheep only works on 30 or so sites – but it includes all the big ones).   They could post updates, send tweets, send messages, and more.  All without your knowledge.

So, what can we do to prevent this?  Well, here’s a few simple (and a couple not so simple) solutions:

  1. Avoid unsecured wireless – the simplest solution is to have use wi-fi security.  If the coffee house would simply turn on WPA encryption, most of the problems would be solved.  The could freely advertise the password, or just make the password password.  Just by simply using WPA, they would fix most issues.
  2. Realize that this is limited to certain sites.  Sites such as you bank always use HTTPS.  And, by it’s very nature HTTPS isn’t vulnerable to this problem. But, it’s still not a good idea to do banking on unsecured wi-fi networks (for many reason).
  3. If you use Firefox, consider using HTTPS EVERYWHERE plugin (http://www.eff.org/https-everywhere).  This plugin will attempt to convert HTTP connections to HTTPS connections.  Again, this would solve the problem.  The best solution is just to make Facebook, Google, et. al. use HTTPS.  But, realizing that they probably won’t change soon, this plugin does it for them.  It works on Amazon, Facebook, Twitter, Google Search, Paypal and others.  This is a good solution requiring very little work.
  4. Use a VPN solution – a VPN is a Virtual Private Network.  Basically, a VPN creates a private and secure line from your computer to another server.  Then the connection goes out to the internet.  This method virtually guarantees that you are secure.  It definitely solves the Firesheep problem.  However, VPN’s can be a bit complicated and sometimes cost money.  A decent free solution is provided by HotSpot Shield.  This free option does have advertisements and is limited to approx. 2 GB a month.  But, it is a really good solution when at a public wi-fi access point.

What about you?  Any ideas?  What do you do to be secure when out in public?

Social Media Talk on WBOI Radio

Posted by Eric on October 26, 2010  |   1 Comment »

Recently I had the chance to appear on the local Public Radio station for a show about Social Media.

Together with my friend and business associate, Craig Crook, we spent the hour talking and taking calls about social media.

You can learn more about WBOI here.

And now, for your listening enjoyments, here’s the show (just click on the play button to get started):

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

What about you?  Do you have thoughts, questions, comments.  Let us know.  Leave your comments below!

« Older Entries
Newer Entries »