Guru Alert!

Malware Perception Risk Assessment Checklist: Before Its Time

by Paul Sherman on March 25, 2010 · 6 comments

in Experience Strategy, Organizational, Privacy, Research

Back about two years ago I was working on a product line that took a number of potentially objectionable actions with customers’ systems. I pushed back against the product teams, saying that these actions put our products at risk of being perceived as malware.

They in turn pushed back on me, essentially telling me to prove my allegations.

So I went away for a few days, did some research, and returned with my (fanfare) Malware Perception Risk Assessment Tool. Ta-da!

Uh, sorry, I meant “thud”. It went over like a lead ballon. No takers. So I wrote it up in an article at UXmatters, hoping it’d become adopted. More deafening silence. Dejection.

But here’s the thing: systems are becoming more and more interconnected, and more than ever, applications are utilizing aspects of your personal, semi-public, and public data to derive value (presumably for you as well as themselves). Thus the risk of an application being perceived as malware has only increased.

I strongly believe that our field needs to provide the wider world with a tool that can help assess the risk that a particular product or service might be tagged as malware in the minds of users or the market at large.

So I again submit to the UX, dev, and product management communities the Malware Risk Assessment Checklist.

To measure the probability of people perceiving a product as malware, I created a checklist representing a set of attributes that typically characterize malware. I grouped these attributes into these five categories, each containing two or more representative attributes:

  • personal information gathering and usage
  • modification of data or system configuration
  • stealth and resistance to removal or modification
  • resource utilization
  • transparency and disclosure of third-party relationships

This time, I’m explicitly calling out the fact that the checklist is light on data propagation via social networking applications. And I’m asking for help in rounding out that aspect of the checklist. So help a guy out and suggest some social media items. I am releasing this checklist under a “Creative Commons non-commercial share alike-derivative works permitted” license, so you can remix this, add to it, etc. When I receive some good item suggestions, I’ll re-roll the list and publish again.

Here’s the checklist as it stood in 2008. Peeps, have at it.

Personal Information Gathering and Usage
The product or Web site…
Gathers and transmits users’ personal data or information about users’ behavior to the organization providing the product
____Yes
____No
Gathers and transmits users’ personal data or information about users’ behavior to a third party.
____Yes
____No
Uses personal data and data the product developer obtained from third parties to assemble profiles of users that are more complete and comprehensive than users expect.
____Yes
____No
Exposes more of users’ personal information to their contacts or a community than users expected or wanted.
____Yes
____No
Does any of the above without user notification and consent.
____Yes
____No
Does any of the above and does not allow users to opt out.
____Yes
____No

Modification of Data or System Configuration
The product or Web site…
Overwrites, modifies, or destroys users’ data without their knowledge or consent.
____Yes
____No
Modifies other applications on users’ computers or their operating system settings or computing environment.
____Yes
____No
Fails to restore modifications to other applications, operating system settings, or the computing environment when the user uninstalls the product.
____Yes
____No
Damages or renders inoperative other software or hardware on users’ computing systems.
____Yes
____No

Stealth and Resistance to Removal or Modification
The product or Web site…
Hides or renders its files and resources inaccessible to the user through normal means—that is, using standard file managers and viewers.
____Yes
____No
Resists attempts at removal.
____Yes
____No
Modifies antivirus, antispyware, and other computing hygiene applications or application settings, to make itself appear harmless or less harmful than it actually is.
____Yes
____No

Resource Utilization
The product or Web site…
Overuses computing resources—CPU, GPU, memory, and so on—to a noticeable extent.
____Yes
____No
Utilizes computing resources for purposes not directly related to the tasks users typically perform with the software.
____Yes
____No

Transparency and Disclosure of Third-Party Relationships
The product or Web site…
Installs third-party applications that demonstrate any of the above behaviors.
____Yes
____No
Installs third-party applications without user notification and consent.
____Yes
____No

C’mon people, let’s make this checklist useful, and maybe even a de facto standard.

{ 6 comments }

That’s Hot. ;-p

by Paul Sherman on March 21, 2010 · 11 comments

in Web

Just found out that my presentation about web usability and conversion is on Slideshare’s “Hot on Twitter” front page module. Or was, on Sunday 21 March. (Slow news day?)

Hey, you take it where you can get it, right?

I'm Hot On Slideshare. 21 Mar 2010. W00t.

Oh, the preso is here: http://bit.ly/d6NO0l

{ 11 comments }

My Usability Marathon Preso

by Paul Sherman on October 14, 2009 · 0 comments

in Experience Strategy

I just posted my Usability Marathon presentation to Slideshare. (I love Slideshare btw…no surprise; Rashmi Sinha started out as a UX person.)

I’m getting good feedback and nice retweets on Twitter; which is a good sign.

Normally, I’d pull some choice quotes to whet your appetite. But I’ve got a pile of storyboarding and wireframing to do this week, so it’s back to the UX grind (but what a satisfying fun grind!).

Enjoy.

Usability…Or Strategic User Experience? ::? Usability Marathon 2

{ 0 comments }

New UXMatters Article: 8 Things You Should Be Doing In Your UX Practice, But Probably Aren’t

by Paul Sherman on July 20, 2009 · 1 comment

in Experience Strategy

So I’m seeing a nice little Twitter spike about my latest UXmatters article “8 Things You Should Be Doing In Your UX Practice, But Probably Aren’t.”

It was a column borne of equal parts desperation and writers’ block. Then I remembered how much mileage Cracked.com gets out of the “X Things” format, and decided to try a UX-specific version. You take your inspiration where you can get it, right? Honest truth, I had low expectations for myself.

The funny thing was when I finished it, I realized that the article didn’t actively suck. In fact it was kinda decent. Of course, it helped that I had some good advice and suggestions from Susan Hura, John Rhodes, and Dan Szuc. But no one said I couldn’t turn to friends/colleagues/wife for a little inspiration.

So here’s a little taste of the article; for more go to the site and check it out yourself. Quoting me:

…here are 8 things you should be doing to improve and grow in your professional practice, but that you’re probably not doing—or not doing enough:

  • Communicate simply
  • Read, read, read
  • Pick a new UX tool and experiment with it
  • Hold a UX stand-down and operational review
  • Stretch yourself outside of user experience
  • Think about your UX career path
  • Repurpose your UX assets
  • Depart from script on user research visits

I hope you enjoy the article, and feel free to comment either here or at UXmatters if you have more things to suggest.

8 Things You Should Be Doing In Your Personal UX Practice… :: ? Paul Sherman

{ 1 comment }

My “Usability Or User Experience” Presentation From Big (D)esign 09

by Paul Sherman on June 14, 2009 · 1 comment

in Experience Strategy

I had a really good time presenting and watching others present at Big (D)esign 09 in Dallas two weeks ago. One highlight was getting to hear Norm Cox‘s keynote. My presentation was well-received from what I can tell. But I got so busy prepping for UPA2009 that I completely forgot to post my Big (D) presentation.

So, my presentation from Big (D)esign “Usability Or User Experience?” is now available here at my business site (ShermanUX, which I clearly don’t plug enough…). My co-presenter Kaaren Hanson is still working on getting her slides in shape for general consumption.

Tomorrow I’ll follow up with a post linking to my UPA 2009 presentation.

{ 1 comment }

Interviewed By Useful Usability

by Paul Sherman on April 28, 2009 · 1 comment

in Everything Else

Craig Tomlin of Useful Usability interviewed me and has posted the interview. Read on for his questions and my answers.

Interview With User Experience Expert Paul J. Sherman :: Useful Usability

{ 1 comment }

The User Experience Of Enterprise Software Matters, Part 2

by Paul Sherman on March 24, 2009 · 0 comments

My latest column at UXmatters was just posted. It’s part 2 of my December article “The User Experience of Enterprise Software Matters.” Again, my main points are:

Organizations making enterprise-level technology selections often do an incomplete job of assessing the real-world effects of the new applications they impose on their staffs’ workflows and processes.

and:

The technology selection process typically neglects methods of evaluating the goodness of fit between the enterprise users’ processes, workflow, and needs, and the vendors’ solutions. Organizations could avoid many a rollout disaster simply by testing the usability of vendors’ solutions with employees during a trial phase.

In this part 2, I pick up where part 1′s “j’accuse” leaves off, and actually provide a framework for enterprise user experience practitioners to employ when trying to get involved in the assessment of enterprise software under consideration by their organization. Rather than recap it all here, I’ll just point you to the article.

The User Experience of Enterprise Software Matters ::? Paul Sherman

{ 0 comments }

Latest Preso: Usability For Strategic User Experience

by Paul Sherman on February 9, 2009 · 7 comments

in Everything Else

I just got back from the Online Marketing Summit in San Diego CA, where I was asked to do a talk on advanced topics in user experience.

My presentation covered strategic user experience, the barriers to a unified user experience and how to create the organizational conditions that facilitate a unified user experience across modalities and channels. I think the talk was received well. My standard measure for whether a talk goes over is whether people who have no stake in telling me I did well in fact tell me that I did well. A number of people did.

Enjoy and feel free to comment back to me on the presentation.

Usability For Strategic User Experience ::? Paul Sherman

{ 7 comments }

More Usable Design Hashtags: #gooddesign & #baddesign

by Paul Sherman on January 14, 2009 · 2 comments

My colleague Kate Caldwell pointed out that my design-related Twitter hashtags were, well, kinda lame. She suggested using #gooddesign and #baddesign instead.

I agree. Hive mind, please adjust your neural circuitry appropriately.

{ 2 comments }

Should Users Be “Shielded” From The Linux Command Line?

by Paul Sherman on January 9, 2009 · 10 comments

in Everything Else

Just noted this article in ArsTechnica about an HP netbook that ships with a Linux distro…and no access to the command line.

Now as loyal readers (all four of you) know, I’ve slagged on Linux in the past as being not ready for the masses. But I do acknowledge that many people are doing a lot of hard work to improve it. And I explicitly acknowledge that one of Linux’s major advantages is the incredible power and flexibility available from the command line.

So it just seems silly to ship a Linux PC with no access to the command line. What was the thinking here? That allowing access to the command line would give n00bs too much rope with which to hang themselves?

I’ve never thought that users have to be protected from themselves at all costs. Yes, it makes sense to constrain certain operations and guide users along well-defined paths for certain tasks. But exploring from the command line is one of the elemental experiences of using Linux, and is *the* way that motivated users learn more about the capabilities of that particular operating system.

Readers? What are your thoughts on this? Should netbook customers be shielded from the Linux command line?

{ 10 comments }

Samsung’s Unified UI and Krushchev’s Shoe

by Paul Sherman on January 8, 2009 · 4 comments

in Everything Else

Hat tip to @hannusalonen on Twitter for pointing me to this Engadget article about Samsung’s “Unified UI” initiative.

My take: similar to Tog’s in that consistency with user expectations is most important. I’ve been part of several x-product consistency and commonality efforts in my career, and all were misguided to varying degrees. The biggest danger I’ve seen in these initiatives is the wrong-headed effort to impose metaphor, terminology and workflow “consistency” on products that support different operations.

Here’s some clear warning signs that you’re trying too hard for consistency: are you and your team sitting for hours in meeting rooms, churning on whether to name a navigation element “Home” or “Top”? Is someone pounding the table with their shoe in a Krushchev-like fit, angrily denouncing the labeling of a button?

{ 4 comments }

I Got Paid

by Paul Sherman on January 4, 2009 · 0 comments

in Everything Else

I feel like Steve Martin in “The Jerk“, when he gets his first royalty check. (Only mine is really more like 250, not 250K…) I just received the first royalty payment on Usability Success Stories, the book I put out in early 2007. Total: $437 USD.

I’m actually not disappointed. Quite frankly I’m surprised the book earns anything. Hey, it’s the first one. And if it did suddenly start selling like hotcakes (do those actually sell well?), I’d want some formal mechanism to share with the chapter contributors, as it was an edited volume (with three of the chapters by me).

{ 0 comments }

My Latest UXmatters Article

by Paul Sherman on December 17, 2008 · 0 comments

in Everything Else

So I’m pleasantly surprised to learn that my latest column in Uxmatters is getting good notices.

The title is “Why Enterprise Software Usability Matters” and in it I talk about why enterprise application usability lags behind consumer software and web site usability.

To summarize and quote myself:

Over the past twenty years, the field of user experience has been fortunate. Software and hardware product organizations increasingly have adopted user-centered design methods such as contextual user research, usability testing, and iterative interaction design. In large part, this has occurred because the market has demanded it. More than ever, good interaction design and high usability are part of the price of entry to markets.

However, there’s one area that I believe has lagged behind: the enterprise software space. I can’t tell you how many frustratingly unusable enterprise Web applications I’ve encountered during my 12 plus years in corporate America. As important as the user experience of enterprise software is to a business’s success, why isn’t its assessment usually a factor in technology selection?

Nice to learn that something I have to say resonates. After my last UXmatters article was met with the sound of chirping crickets, I was starting to worry…and I thought people would really groove to the idea that you can evaluate and measure the risk that your product will be perceived as malware by the market.

Just goes to show, you never can tell which one of your album tracks will be the hit single.

The Usability of Enterprise Software Matters :: Paul Sherman

{ 0 comments }

Good UX Site, But Bummer…Broken in Firefox

by Paul Sherman on December 6, 2008 · 1 comment

in Web

I’m not sure exactly how but I ended up at uselog.com, which bills itself as “The Product Usability Weblog.” It’s run by a guy named Jasper van Kuijk, whose posts I think I’ve read on the UX-related lists.

I was in Windows at the time working on a redesign of an enterprise web app that only runs on IE, so I initially perused Uselog in IE. I really liked the posts, particularly the one about how one designer is solving the problem of used teabags.

Then I went over to the Mac side of my machine to view it in Firefox (actually Flock, the Firefox derivative that I love dearly) and save it using my bookmark manager/propagator/sync’er. Unfortunately, Uselog is busted in Firefox. Or at least the homepage is.

Still, recommended for the thoughtful analyses and topical gadget coverage.

{ 1 comment }

My User Friendly 2008 Kick-Off Presentation

by Paul Sherman on November 3, 2008 · 9 comments

Long time no post. Sorry. Been too busy obsessively following the U.S. election at www.FiveThirtyEight.com. If you’re a hardcore stats junkie, this is – or was, after Tuesday – the site for you.

Anyway, since my last post I traveled to Hong Kong and Shenzhen to take part in the User Friendly 2008 conference, put on by UPA China, a group of China-based UPA chapters.

As current UPA President I was asked to give the kick-off talk. I took the invitation as an opportunity to focus the audience on how far our discipline has come, and how far it has to go to be truly strategic in scope and reach.

You can download the presentation from this link or the one below.

User Experience: Drive Change, Become Strategic ::? Paul Sherman

{ 9 comments }

Gruber on Thomas

by Paul Sherman on August 5, 2008 · 3 comments

in Everything Else

A few colleagues have pointed me to the article by movie director-sounding blogger Matthew Paul Thomas entitled “Why Free Software Has Poor Usability, and How to Improve It.”

I’ve given you the link to the original Thomas article, but I’m more interested in discussing Johnathan Gruber’s take on it. Says Gruber in this post:

I posit that the usability and elegance of any product, software or hardware, tends to reach and seldom surpasses the level that satisfies the taste of whoever is in charge of the product. This applies universally, not just to free and open source software. For example, it explains why Microsoft produces such crummy software even though the company employees [sic] thousands of talented programmers and even designers — Microsoft’s decision makers have no taste. But the problem is endemic to open source.

The people in charge of most free and open source software products tend to have poor taste in user interfaces; people with good taste in user interface design are seldom in charge of open source software projects.

Put another way, if you have to ask for better design, you will lose. You need to be in a position to demand it.

Yes. (Adding some more later in the day…) Aside from the comment about Microsoft’s decision makers having “no taste” – undoubtedly a reference to Steve Job’s comment about Microsoft – I have personally seen what can happen when leaders demand better design…and what can happen when they don’t.

Design leadership *has* to come from the top. It can’t be, as Cooper said in February at IxDA 2008 – an “insurgency” driven from below.

Matthew Paul Thomas :: Why Free Software Has Poor Usability, and How to Improve It

{ 3 comments }

Guy Kawasaki Likes Me

by Paul Sherman on May 21, 2008 · 0 comments

<Blowing own horn>

Check UBlog out at http://ui.alltop.com/.

</Blowing own horn>

{ 0 comments }

Latest UXmatters Column: Where’s My Stuff?

by Paul Sherman on March 13, 2008 · 1 comment

A few days ago in this post I mentioned that I was writing my UXmatters Magazine column on the drawbacks of the file/folder metaphor. I just completed that article and you can find it at this URL. Or click the title below.

Where’s My Stuff? Beyond the Nested Folder Metaphor :: UXmatters

Blogged with Flock

{ 1 comment }

The Case Against Software Patents

by Paul Sherman on February 28, 2008 · 0 comments

in Design

Ars Technica is reporting that several patent reform advocacy groups have banded together to collaborate on the effort to abolish software patents.

Says Ars:

Supported by the Free Software Foundation, the Public Patent Foundation, and the Software Freedom Law Center, the End Software Patents (ESP) project aims to challenge the legal validity of patents that do not specify a physically innovative step. In addition to helping companies challenge software patents in the courts and in the patent office, the ESP project will also work to educate the public and encourage grass-roots patent reform activism in order to promote effective legislative solutions to the software patent problem.

This is an important effort, and one that UX professionals should support. As I described in my article a few months back in UXmatters, software patents do more harm than good. They stifle innovation rather than protect and nurture it. As I wrote in UXmatters:

The sad fact is that companies often file for and the US government actually grants patents for user interface and interaction design “innovations” that are either strikingly obvious or have appeared before in other systems—that is, when prior art exists, as someone in the field of intellectual property would say. This means, as user experience practitioners, we are at risk of litigation every time we design an application. Each time we fire up Visio or Photoshop, create a new design, then put it out into the world, there’s a good chance we’re infringing on someone’s patent.

I hope that those of you who are active in the user experience field will learn more about this issue and choose to stand with the ESP project. Even if you don’t agree with me (and them), it behooves you to learn more about the issue. It’s quite easy to ignore – until you find yourself staring down the barrel of an injunction or subpoena.

Patent Reform Coalition Aims to Abolish Software Patents

Blogged with Flock

Tags: , ,

{ 0 comments }

UXmatters: The Perpetual Super-Novice

by Paul Sherman on December 4, 2007 · 2 comments

in Design

Just thought I’d point to my latest UXmatters article. My idea for this article is that people get stuck at a certain point of understanding a system, and fail to progress beyond a few areas of a rich application.

? After initially becoming somewhat familiar with a system, people often continue using the same inefficient, time-consuming styles of interaction they first learned. For example, they fail to discover shortcuts and accelerators in the applications they use. Other people learn only a small portion of a product’s capabilities and, as a result, don’t realize the full benefits the product offers. Why? What can operating systems, applications, Web sites, and devices do to better facilitate a person’s progression from novice to expert usage?

It’s an idea I’ve been kicking around for a while. Since I owed UXmatters a column, I thought I’d explore it a bit. I’m still working it out.

{ 2 comments }

← Previous Entries