Why I Don’t Like Infinite Scrolling

May 31, 2014 Comments off

Infinite scrolling, a somewhat recent trend in Web design, is a technique in which long lists of items, rather than being broken into separate pages, are loaded a few at a time via AJAX and appended to the current page. If you’re not familiar with it, you can find more information in a Smashing Magazine article by Yogev Ahuvia: “Infinite Scrolling: Let’s Get To The Bottom Of This.” Ahuvia tries to present a balanced look at the strengths and weaknesses of the technique, but it seems that there are more cons than pros. The comments are overwhelmingly negative.

In addition to Ahuvia’s piece, Hoa Langer’s “Infinite Scrolling is Not for Every Website” says that infinite scrolling “plays a nasty trick” because it “breaks the scrollbar,” and concludes that the technique is “not the answer for most websites.” Dan Nguyen and Dmitry Fadeyev both write about how infinite scrolling didn’t work when Etsy tried using it for search results. There’s even an xkcd cartoon. 

I’ll admit to being a bit biased in my selections, but I haven’t seen nearly as much praise for the technique as I have criticism of it. This doesn’t surprise me. Personally, I don’t like infinite scrolling at all. It doesn’t seem to be solving a real problem, at least as far as I can tell, but it certainly causes problems.

The problem that most often affects me personally is the jerking effect that occurs when I try to scroll by clicking-and-dragging the scrollbar. When there’s not a lot of content loaded, the sliding portion (called the “thumb” if the Wikipedia article is to be believed) is fairly tall. As more content loads, not only does the thumb shrink, but the point on the scrollbar representing where I was also moves out from under the pointer. As soon as I move the mouse again, the thumb jumps toward the pointer and the viewport winds up somewhere I didn’t expect. It’s very disorienting.

I’ve noticed that this isn’t exactly the behavior I’ve been encountering lately. Instead, on occasion, I find that my mouse pointer is below the scrollbar’s slider, but it still moves with the mouse, not unlike the way it continues to move even when the mouse slides off it to the left or right. Unfortunately, in my experience, this doesn’t stop the page from jumping around a bit when the new content first loads. Consequently, I still lose my place even if the viewport does end up in more or less the same spot. I’m not sure if there’s a script that fixes it, or if browser vendors have made efforts to accommodate infinite scrolling; Benjamin Milde mentions in a comment on Ahuvia’s article that he sees the above behavior in Firefox but not Chrome, so maybe that’s it.

One especially annoying situation occurs when infinite scrolling is implemented on a page that has a footer. There is something at the bottom of the page, but the user can’t actually read it, because as soon as it’s scrolled into view, it gets pushed back off-screen by the newly-loaded content. Making sure there’s nothing under the infinitely-scrollable column might seem obvious enough, but it does get overlooked every now and then. MorgueFile, for instance, has this problem.

In fact, according to Ahuvia, even Facebook did this (at least at the time that article was written). As I look at Facebook now, it seems like there’s a quasi-footer at the bottom of the right-hand column, but it doesn’t have nearly as many links as the footer in Ahuvia’s screen shot. As far as I can tell, Facebook doesn’t have the footer at all anymore; after several minutes, I gave up on trying to reach the point when Facebook refuses to load any more posts on the news feed, so I can’t say that for sure.

Another issue is that infinite scrolling automatically loads content in response to an action, namely scrolling, that normally doesn’t prompt that action. It’s bad enough that the page is taking action without the user’s permission, but downloading additional content in such a fashion can a problem for people who have slow connections or data caps. Whether this is a serious problem depends on what’s being loaded. Another handful of DuckDuckGo search results won’t hurt much, but another couple dozen Google Image Search results may be a problem. Anyway, I think users would like to decide for themselves how much whittling away at their data allowances is acceptable.

Finally, infinite scrolling tends to create a continuous stream of content with no end in sight. This problem is not unique to infinite scrolling: Some pages on deviantArt (but not others) have back/next buttons but no way to jump to specific pages and no indication of how many pages there are in total or which page is the current one. Neither is it impossible for an infinitely scrolling page to avoid this problem: Discourse, an open-source forum project that uses infinite scrolling, solves it with a floating box indicating the post currently being viewed and the total number of posts in the thread.

It’s worth noting that infinite scrolling (without an indicator like Discourse’s) is often used for things like social network posts and search results for which people frequently don’t care about being able to keep their place; indeed, keeping “a place” in such contexts is often meaningless, because what’s on “page 5" of 10,123” today might be on “page 120 of 11,050” tomorrow as new content is posted and sort algorithms are adjusted. On the other hand, even if the association of a certain page number to certain results is ephemeral, it can still be useful for users returning to the result list using the Back button. Besides, I prefer to be able to decide for myself whether I need pagination.

One thing that would solve most of my complaints would be the solution that deviantArt uses (in addition to optionally switching to back/next buttons): Instead of loading more content as soon as the bottom of the page is scrolled into view, the page displays a “Show more” button. This adds a bit of friction to the process of loading more content, but it also puts control back in the user’s hands. It still has the potential to break the things that AJAX in general breaks, such as the back button and the ability to bookmark or share URLs (especially when sharing with non-Javascript users), but so does infinite scrolling, and in either case these problems already have solutions in widespread use.

For that matter, simply using AJAX to implement pagination would solve the problems as well, not add much more friction than the “Show more” button, and not lack much of anything that infinite scrolling offers except the ability to return to previous pages just by scrolling up. A hybrid design could potentially address even that issue, if the feature turns out to be really necessary to some application.

To be honest, I just don’t see an advantage to infinite scrolling. There may be a few minor benefits, but there are other ways to get them, and they don’t justify the high cost of usability. As far as I’m concerned, infinite scrolling is a bad idea and it should probably be avoided.

Advertisements

“It Just Works” vs. Security

May 1, 2014 Comments off

I have written before about the “it just works” problem: Training people to expect not to need to think about their technology gives rise to the self-fulfilling prophecy that most people can’t think about technologyThe usual problem with the “it just works” attitude, namely the users being completely lost as soon as something doesn’t work, is at least something that people recognize as a problem once it occurs. When something doesn’t work, they know it doesn’t work, and they know that they don’t know why it doesn’t work or how to fix it. However, the same attitude creates another problem that’s more difficult to recognize: A lack of security. Non-tech-savvy users not only do, but are encouraged to do, some rather unsafe things in the name of having everything just work.

To be a bit more specific, the problem is that people end up being compromised because they don’t know to take simple precautions or treat things they find online with an appropriate amount of suspicion. As a normal part of browsing the Web, people allow—without even realizing it—dozens of JavaScript scripts, Java applets, and Flash (and occasionally Silverlight) objects to run without their knowledge or consent. A large portion of these pieces of software are not even hosted directly on the sites users are trying to view, but pulled in from somewhere else, whether to add functionality (like blog comments, social media widgets, or embedded videos), to show ads, or just to track users (which, of course, pretty much all of them do). Users have no way of knowing whether some kind of malware has been inserted into the chain, something that has been known to happen even to perfectly legitimate Web sites.

A related issue is that people click without reading or thinking, don’t know enough to understand that it’s a problem that their homepage has suddenly switched to some search engine they’ve never heard of, and can’t figure out why their computers are so slow. Between deceptive “ads” that look like download buttons and installers for legitimate programs also installing “legitimate” (or at least nominally legal) adware and spyware if you’re not extremely careful, it’s easy to get tricked into installing something unwanted.

Of course, it’s a long-standing piece of security advice that if you let others run arbitrary software on your computer, it’s not your computer anymore. It’s just that most people don’t realize this and often don’t even realize that they’re letting people run arbitrary software on their computers. After all, it tends to happen completely transparently in the course of normal Web surfing.

What gets me is that people do know better. Technology is the only area of life I can think of where we let people get away with this.

Think about this: Just about everybody knows to lock the doors to their houses. They may not always do it, but they know they’re supposed to do it. It’ the same with cars: People know to turn them off, take the keys out, and lock the doors. Most people know better than to leave the car unlocked and running in the parking lot while they go shopping, because if they do, it probably won’t be there when they get back. And they certainly wouldn’t hand over their keys to anyone and everyone who asked for them. Yet pretty much any site on the Web can ask for something very nearly equivalent to that, and by default, the browser will allow it.

Admittedly, I may be making the problem sound worse than it is. Most of the software that is run in this manner is perfectly harmless, or at least not doing anything more harmful than tracking users to show them targeted advertisements. Moreover, at least in theory, there are limitations in place to keep these kinds of software from being able to do too much damage. However, I strongly recommend against depending on this. Most people probably wouldn’t let just anyone do just anything to their cars, even if they trusted the one doing the tinkering not to do anything deliberately harmful and trusted the car to limit the damage.

So why is that people take risks with their computers they wouldn’t take with their cars? I still think that it’s mainly a desire not to have to think about technology in order to make it work. That sounds like I’m accusing people of laziness, and maybe laziness is probably a part of it, but I actually can’t blame anyone for feeling that way. For one thing, security is an intimidating topic, whether you’re talking about computer security or any other kind. Blocking potentially harmful elements isn’t exactly trivial, either. (Firefox, for instance, doesn’t even allow JavaScript to be disabled from the Options menu anymore, for fear that a user will unwittingly “break” something—another example of the self-fulfilling prophecy.)

Additionally, there’s an education problem: People can’t understand the risks involved with using the Web unless someone explains it to them. After all, just surfing the Web while not deliberately blocking anything doesn’t sound any more risky than going out in public and walking around. Yet it seems to me that the industry doesn’t make much of an effort to explain it, and they probably won’t because it’s not in tech companies’ best interests. Vendors are too invested in their mythical ease of use to admit that using things safely requires a little time and effort to be spent up-front. Moreover, they face a lot of pressure from (or, in some cases, are) advertisement companies that have a financial interest in being able to track users to show them targeted ads.

After all this, what would I have people do? First, and foremost, I urge people to take some time to get a basic understanding of how the Internet works and what kinds of dangers it presents. This burden can’t rest completely on the shoulders of non-technical end users; people who already have in-depth understanding need to be able to explain it simply and quickly. After that, I recommend sticking to the principle of not letting anything run on your computer unless you know what it is and you know you need it. Makers of Web browsers (and other software) ought to make this easier than it is, but it will still take some time and effort. Tools like AdBlock Plus, NoScript, and Ghostery can be helpful here, though even they shouldn’t be trusted implicitly.

Nothing I’m suggesting is fool-proof, of course. The vast majority of computer users aren’t going to become security experts, and it would be wrong of me to expect them to. Computer security is really hard to understand, and even harder to implement correctly. However, I would argue that the same is true of physical security, and that doesn’t stop people from taking basic precautions. After all, people haven’t given up on locking their car doors just because smash-and-grab theft is possible.

Here’s the bottom line: People should be willing to spend the time, thought, and effort to use their technology safely, and using technology safely shouldn’t be as time-consuming, confusing, and difficult as it often is.

Categories: Security, Software Tags:

Really Terrible Joke 2014

April 1, 2014 Comments off

Continuing the tradition from last year, in lieu of a prank, here’s a thoroughly awful joke in honor of April Fool’s Day.

Why couldn’t the repair tech see to upgrade the RAM in the laptop?
Because it was SODIMM.
Categories: Uncategorized

Forgetting Wireless Networks In Windows 8.1

March 30, 2014 Comments off

One of the problems with Windows 8 is that it hides important functionality. For instance, Windows 7 had a useful “Manage Wireless Networks” section of the Network and Sharing Center, but that was removed in Windows 8. The ability to delete a saved wireless connection did remain, albeit only when the connection showed up in the network list, where you could right-click it to delete it. Then Windows 8.1 came along and removed even that feature.

The good news is that the command-line utility netsh can still be used to forget the networks. You can type netsh wlan show profiles to display a list of saved networks, and netsh wlan delete profile name="profilename" (where profilename is the name of the saved network connection) to forget one. See Ciprian Adrian Rusen’s post on 7 Tutorials entitled How to Delete or Forget Wireless Network Profiles in Windows 8.1 for more details. That’s not much consolation, however, for users who aren’t comfortable using the command line.

To help mitigate this problem, I put together a batch file that acts a bit like a wizard to automate the process. It starts by displaying the list of profiles, asks the user whether to delete a profile, and prompts for the name of the profile to delete. It’s nothing fancy, but it might be easier to double-click a batch file and follow instructions than remember the netsh command.

A couple of caveats: First, I generally recommend against running just any batch file you found on the Internet unless you’ve had a chance to look it over and have at least some understanding of what it’s doing. That’s part of the reason that I’m not offering a separate download: If you copy-paste the code yourself, at least you know I didn’t slip anything in there that wasn’t in this post for everyone to see. Second, I’m offering this with absolutely no warranties whatsoever (see disclaimer below). I’m not sure what could go wrong, except maybe deleting a profile you didn’t mean to delete, but it wouldn’t be the first time I made something that failed in ways I didn’t think it could.

Here’s the code:

@echo off

:BEGIN

echo Listing saved wireless network profiles...
netsh wlan show profiles
set /p deleteconf="Delete a profile (Y/N)? > " %=%
IF %deleteconf%==Y ( goto DELETEPROMPT ) ELSE (
    IF %deleteconf%==y ( goto DELETEPROMPT ) ELSE ( goto END )
)

:DELETEPROMPT

set /p ssid="Delete which network? > "
netsh wlan delete profile name="%ssid%"

GOTO BEGIN

:END
echo Exiting.
pause

Just copy the above code and paste it into a text editor such as Notepad, then save it as something with the .bat extension. (When saving, make sure you set the “Save as type” field to “All files (*.*)” or else you’ll end up with a plain text file.) Double-click the batch file to run it. It will start by showing you a list of saved wireless network profiles. It will then ask whether you want to delete one. Type Y and hit enter, then type the name of the profile you want to delete and hit enter again. Repeat until you’re finished deleting networks, then type N at the prompt to exit.

Screenshot of the batch file running

Feel free to use and distribute this however you please. I’m not going to bother formally open-sourcing it because I don’t think there’s enough to it to warrant including a license longer than the actual code. However, I am going to borrow the disclaimer from the BSD license (which, according to Wikipedia, is public domain, so copy-pasting it here shouldn’t be a copyright issue).

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Lest there be any confusion, “This software” means only the batch file itself, since of course I don’t own netsh itself, and “the copyright holders and contributors” just means me in this case.

I hope someone out there finds this useful.

Online and Offline Communication: Emphasizing the Positives

February 27, 2014 Comments off

Today’s technology offers a wealth of new ways for people to communicate. It’s possible to interact with others in places or circumstances that would otherwise have prevented it. On the other hand, being with other people in person is still just as possible as before, and it has benefits of its own. This is all good news, but it seems to me that people often (and perhaps unintentionally) pose a false dichotomy between online and offline forms of social interaction.

I think it’s clear that both online communication and real-world presence are important. I don’t think that’s even a new insight; it’s just common sense. It seems obvious to me that it’s a good thing that people who are separated by geographical or other barriers, and probably wouldn’t otherwise know about each other’s existence, can communicate with each other, exchange ideas, and form relationships. It seems equally obvious that it’s a good thing to be physically present with one’s fellow human beings. In fact, I would go so far as to say that in today’s world, both are necessary.

Consequently, it is important not to pit the two against each other. It’s true that online communication has advantages that cover the limitations of in-person communication, and vice-versa. However, we need to be able to articulate what’s good about one without using the other as a contrast. That sort of explanation isn’t inherently wrong, but highlighting the pros of one thing and the cons of the other can lend itself to an “X is good and Y is bad” sort of simplification. If both online and offline forms of social interaction are important, we don’t want our discussion of one to make the other one look bad.

Bishop Jeffrey Monforton provided a good example of how to do this right. Last month, he celebrated Mass at St. Mary’s while visiting Ironton as part of Catholic Schools Week. Part of his homily was about his travels through the diocese and the importance of meeting people in person. He stressed how good and necessary it was to be present with other people, and in particular, for him to be present to the people of the diocese. What he did not do was tear down online social networking, to admonish us to put down the phones, step away from the computers, and go interact with people for real. I don’t remember if he even mentioned online communication at all. In fact, I had the chance to chat with him for a couple of minutes after Mass, and he made some comments to the effect that computers and the Internet were very good things, useful for evangelization, and so on. Clearly he sees the value of both kinds of interaction, and I was impressed by his ability to stay focused on the positive.

This is the attitude that we need to have when talking about how we communicate. Both online and offline interactions have their drawbacks, but we shouldn’t need to use those drawbacks in order to discuss the positives. We should focus our attention on the good, instead.

The Problems With “Agreeing” Without Agreeing

January 30, 2014 Comments off

Contracts are a part of everyday life in the digital age. We agree to something or other just about any time we download music, install software, and use social networks or other Web services, just to name a few. Few people actually read these agreements, and fewer still understand them. I think we reached the point a long time ago when people stopped caring what these agreements said and decided to do as they please, especially when they’ve paid good money to “buy” some piece of software or media. In my allegedly-humble opinion, this is a huge problem.

In times gone by (which I’m sure were horrible, but that’s beside the point) intellectual property was simple: You bought something like a book or a record, and you were basically fine as long as you didn’t violate copyright law. These days, however, most things come with some kind of license agreement attached, which (being legally binding contracts) can obligate you to to do (or not do) things beyond the requirements of the law. A common example is the First Sale doctrine: Ordinarily, a copyright holder’s right to control distribution does not extend to control of what someone does with a copyrighted work once it’s been lawfully sold/transferred for the first time. However, it’s extremely common for license agreements and terms of use (like those for Google Play, Amazon’s MP3 store, and probably iTunes) to make the license non-transferable. My student-licensed copy of Adobe Creative suite and a copy of AutoCAD that led to an infamous district court decision had similar restrictions, so don’t think this applies only to downloads.

Another common restriction is that the software or other digital goods be used only for personal, non-commercial use. This comes up a lot in relation to anti-virus programs and other software that has both free and paid versions. One particularly bizarre instance is Google Play, which actually goes so far as to say that copy-paste functionality in any text-based apps is for non-commercial use only. I suppose if you use an Android device for work, you’re not allowed to copy and paste. Or you could do what I suspect most people will do and ignore that restriction, because it is ridiculous.

That brings me to the main issue: Most people don’t actually agree to any of the license terms they “agree” to on a daily basis. Generally, when it comes to EULAs and Terms of Service, people just click “Agree” without reading to get through the process as quickly as possible. I admit I don’t have statistics on this, but I have plenty of anecdotal evidence. Off the top of my head, I can’t think of anyone I know personally who bothers to read them. I’ve even heard lawyers (in various episodes of This Week In Law) confess to not usually reading the terms.

I also have at least some anecdotal evidence of people knowing what’s in the terms and not caring. I’ve had people tell me that they have no intention of abiding by license terms that they describe as stupid or unfair. In fact, it’s hard not to do that in many cases, when license terms are so unclear or so broad that it’s hard to tell what is a breach, and easy to breach the terms unintentionally.

The reason I think this is a big deal, when it would be so easy to ignore it and go about my day like everyone else, is that whether people read these agreements or not, they are still binding contracts! Indicating that you agree to terms you have no intention of actually fulfilling is basically fraud. (I say “basically” because I’m not sure that it meets the strict legal definition of fraud; I’m not really the best person to ask about that, as I’m not a lawyer and have not studied contract law in any rigorous fashion.) Even if it’s not technically fraud, it’s still a breach of the terms, which usually results in loss of any rights granted to you under the terms. That probably means you’re on the hook for whatever you’d be on the hook for if you didn’t agree to the terms in the first place, which could be anything from copyright infringement to violations of the Computer Fraud and Abuse Act, depending on what terms you violated.

One thing that worries me is the potential for selective enforcement. Agreements frequently include language indicating that just because a company doesn’t pursue all its rights under a contract doesn’t mean they waive those rights. In other words, “You didn’t say anything when everyone else did it” is not a valid excuse. It’s entirely possible, albeit unlikely, that some company will decide to make an example out of you.

Let’s assume you’ll never get in trouble for violating TOS or a EULA. Even then, I still think ignoring the agreement is a bad idea, because I think it’s a bad idea in general to become desensitized to contracts.  Sooner or later, you’re going to get into a situation where you need to agree to something and will be expected to hold up your end of the bargain. Besides, getting into the habit of lying about whether you agree to something or not is ethically problematic, to say the least.

Finally, willful breaches of contract being a social norm makes life difficult for people who do want to try to abide by terms they agree to. In many cases, the terms impose inordinate obligations on people, but the alternative to accepting them (or willfully breaking them) is to do without the product or service they govern, which can be a big deal in the information age. However, companies can get away with imposing essentially any restriction they want, because they can always argue that the restrictions aren’t hurting anyone: After all, look how many people have no problem agreeing to the terms every day!

I admit I probably get bent out of shape about this sort of thing a bit too easily. I still think that, in principle, this is a serious problem.

Categories: Uncategorized Tags:

Kids (and Everyone Else) Can’t Use Computers

January 19, 2014 Comments off

A common pet peeve of mine is that people just can’t use computers very well. They can get done whatever task it is they need to accomplish using the computer, as long as everything goes perfectly smoothly (which, as I’ve discussed before, manufacturers seem promise that it will). If any little thing goes wrong, they’re lost. Worse yet, they usually refer the problem to friends or relatives who are supposedly “good with computers.”

I won’t be going into any more detail here, because I’ve whined enough about this already, and anyway it would be redundant after Marc Scott’s excellent post on Coding 2 Learn entitled “Kids can’t use computers.”

Hat tip: Nikolay’s comment on the Server Fault question “People think a ‘hidden’ save file dialog box means the computer is frozen.”

Categories: Uncategorized