Monday, February 13, 2006

Apple iWeb - initial impressions

I was prepared to be "intimidated" by Apple's iWeb, since after all I left the iApps group at Apple to build network software, including web publishing and blogging, and this is right smack in my new territory.

I bought a copy of iLife '06, mostly to get the new versions of iMovie and iPhoto, but also to check out iWeb....

My biggest initial reactions:
+ the templates are visually stunning, as expected from Apple
- you're locked in to your template; you can't change it later
+ very cute to use transparent corners to produce "rotated" photos
- nice font use, but they rasterize rotated text, making it unsearchable
- they upload whole HTML pages; it takes forever to upload
- it takes forever to load/view the pages, too
- your pages are saved locally; there's no way to edit remotely

All in all, it feels like they took Pages (or maybe Keynote, judging from the Inspector) and taught it how to save in HTML, which is nice—but not at all, in my view, the right way to go about web publishing in the new millennium.

The two biggest problems are really the same problem, twice over. You can't change the template, meaning that if you get sick of your pages, you have to completely redo them. And you can't customize your template (at least not that I've found) so you live with it.

It's a lot better than, say, FrontPage. But I think everyone's pages will end up looking the same and they'll be stuck on

I feel better, now that I've seen it, and the initial awe over the clean, beautiful templates was gradually replaced by a sense that it is architecturally not the right way to go about it.

I have code lying around somewhere that I wrote that rotates photos and leaves transparent corners; may be time to dust that off and put it to use...

Sunday, February 12, 2006

TurboTax rocks

I'm doing taxes tonight, and I have to rave about TurboTax.  It is a great, great program, and it really doesn't have to be. People would use it even if it was marginal, because it's so much better to use a computer than pencil and paper to do taxes.

But Intuit, year after year, keeps making TurboTax dramatically better.  It keeps getting easier to use, faster, and simpler.  That's no small feat.  My hat is off to those guys. It's one of the few programs that actually makes me smile at all the good ideas that are lurking within it, the attention to detail. It is just plain great software.

I've you're not already completely converted to TurboTax, I recommend that you get a copy and do this year's taxes with it.  Even if you use a professional, risk the $39 to do it yourself and see how your return compares to the tax professional's. If they are within $39 of each other (or if TurboTax saves you money) you should skip the professional help next year and just use the software.  For one thing, it imports the previous year's tax return so you have less work to do than the first time you use it.

Caveat: I use the Mac version, and have since it used to be MacInTax, before Intuit acquired them. I don't actually know if the Windows version is as good, but I'm assuming that it is, since the same company is behind both versions.

Saturday, February 11, 2006

"white list" vs. "black list"

There are two basic approaches to filtering or moderating content. They are called "white list" and "black list". Each is, in a sense, the opposite of the other. A "black list" is a list of things (bad words, IP addresses, photos, etc) that you want to filter out. A "white list" is a list of things (people, IP addresses, etc) that you define ahead of time, and only things on that list can get through.

An example from the spam email industry. A black-list approach is to, say, filter all incoming messages looking for "Viagra" or "Home Loan" and act on any matches, perhaps moving them to a special mailbox for suspected spam. A white-list approach might be to only accept email from people who are in your address book. Period. If they're not on the white list, the mail doesn't get through. The "challenge/response" email filters are a white-list approach, where people can put themselves on your white list by proving they are a human being (not a robot) by typing in some characters, etc.

The white-list model is much safer (better for children, for example), but much more restrictive.

In the world of user-contributed content to web pages, it is trickier because there is no single recipient to make these decisions. Something posted to the web goes to "everybody". So this becomes an issue for the site administrator.

A white-list model requires human intervention of some sort: content can only go live if someone has approved it. A black-list model can be easily automated, but it is also easily circumvented (alternate spellings of "bad words", or substituting the digit '0' for the letter 'O' for example).

A third model that is gaining popularity in the world of online communities is the idea of site visitors reporting objectionable content. This is, on the one hand, a lazy way to do black-listing: wait until somebody is offended by it. It is also prone to abuse, in cases where the content is not truly objectionable, but someone wants to be a nuisance.

There is no clear winner in terms of approach. If what you want is to block "most" spam product advertisements posted as comments to a blog, maybe a black-list model works okay, because it greatly reduces the volume, though some legitimate content may be filtered out, and some bad content may be missed. Since this type of content is usually automated, having a human moderator going through it is time-consuming.

On the other hand, if the problem you're addressing is a malicious user uploading extremely objectionable content to an unwelcoming audience, a black-list approach may not work at all, because of the repercussions if bad content is missed by the automatic filtering.

Friday, February 10, 2006

No Escape from Spam

I'm irritated at Microsoft. I try to be neutral on platform issues, despite preferring a Macintosh myself, but I'm totally irritated with Microsoft. Here's why...

It used to be that if you were careful with your email address, you wouldn't get any spam. If you didn't put your email address on a web page, or didn't fill out forms on questionable web sites, you could go years without getting any spam. I am careful about email addresses, and for years I didn't get any spam on some addresses that I keep very private, and share only with, say, my extended family.

But that's all changed now. All you need is to email someone who is running Windows (which is, of course, most of the world), and if they add you to their address book, you are a sitting duck. Sooner or later, if that person gets a virus, or even some other "legitimate" program gets hold of their address book, you are now on a spam list -- forever.

So your email experience can be ruined simply by having friends or business associates who use Windows, and who are perhaps not savvy enough to keep their computers completely clean of viruses FOREVER.

This bothers me because Microsoft could easily fix this. They could easily fix a lot of the problems that plague Windows, but they choose not to. Why, I don't know. But they could make the address book encrypted or otherwise unavailable to viruses and trojan horses. They could make mouse movements and keystrokes unavailable to programs other than the frontmost app, thereby preventing spyware from being able to function. They're not doing these things, despite years of abuse and fairly obvious solutions.

All of my previously sacrosanct email addresses have been compromised. I don't have any left that don't get spam. This really irritates me, because it isn't my fault. It's Microsoft's fault, actually. They are directly responsible for my receiving spam, and I don't like it.

Friends don't let friends run Windows, I guess. Or at least they don't email their friends who run Windows.

Here is a signature file that you might use in your email program:


If you are running Microsoft Windows, please do NOT add me to your address book. Thanks.

Fear of "bad content"

Almost every customer we talk to has a similar fear of "bad content" appearing on their site, if users are allowed to participate and upload things.

There is no inherently easy answer to this paradox. If you want, and allow, user participation, there's no guarantee that it won't be abused in some way. One can imagine all sorts of things that "might happen".

The answer boils down to two things, in my mind: pragmatism, in dealing with real problems, rather than imaginary ones, and tools, that give the site owner some control over the process through which users can participate and upload content.

These two things balance each other: tools can be put in place before "something bad" happens, but you can't know if they prevented abuse or if there just wasn't any impetus to abuse the system. And there's always the possibility that the perpetrators will find some way around the safeguards.

So the balance is in anticipating as many problems as you can, and being poised to deal swiftly with anything that comes up. And, of course, the tools to be able to detect and address any kind of "bad content" that might be feared.

In my experience, abuse is rare, and the benefits of participatory media far outweigh the potential negatives. Even dissenting voices are to be encouraged. It's just those misguided "hackers" that present a real challenge, not unlike the challenge of terrorism: it's almost impossible to prevent terrorist attacks, and perhaps the best way to avoid them is simply to avoid creating a world in which a terrorist feels the need to attack.

The addictive quality of Browsing

Browsing can be addictive, let's face it. Whether it's shopping (online or brick-and-mortar), "surfing the web" from the old days, or traversing a social network site, the temptation of clicking just once more to see what might be there can be almost irresistible.

This is a good thing.

Addiction, in a lesser, slightly diluted form, is simply motivation. If someone is motivated to traverse a site and learn what's there, and to truly participate and add value (posting comments, buying products, rating photos), the value of the site increases exponentially.

This is why web-based, hyper-linked, visual, experiential web sites are the perfect way to deliver a community experience; it can truly draw everyone in, even those who just want to browse...

Should I Stay?

A key ingredient in forming a community is to provide a reason to stick around, or a reason to come back. This is true of a backyard barbecue as well as a web-based community site.

If the premise of a site is clear, and the benefits can be seen or even just imagined, it might be enough to create a sense of wanting to stick around.

Sheer activity is another way to accomplish this: if people are showing up to a party, you're tempted not to leave just yet. If you can see a community growing on-line, you're curious to come back to see how much it has grown, and what interesting people might have joined. Or if the site itself is changing and growing, offering more functionality, that can keep people around too.