This is a great deep dive into a single component, a password toggle in this case. It shows how assumptions are challenged and different circumstances are considered in order to make it truly resilient.
Friday, May 7th, 2021
I enjoyed this conversation with Sophia (our chat starts around the 11 minute mark) prompted by Resilient Web Design.
Wednesday, May 5th, 2021
I’m excited to do this event with Steph! We’ll be talking about science fiction on the evening of Wednesday, June 16th.
Tickets are from just €10 so grab yours now!
Wednesday, April 28th, 2021
Beautifully restored high-resolution photographs of the Earth taken by Apollo astronauts.
Friday, April 23rd, 2021
A personal website ain’t got no wrong words.
Thursday, April 22nd, 2021
I’ve lately been trying an exercise where, when reading anything by or about tech companies, I replace uses of the word “infrastructure” with “means of production.”
Wednesday, April 21st, 2021
Get the FLoC out
I’ve always liked the way that web browsers are called “user agents” in the world of web standards. It’s such a succinct summation of what browsers are for, or more accurately who browsers are for. Users.
The term makes sense when you consider that the internet is for end users. That’s not to be taken for granted. This assertion is now enshrined in the Internet Engineering Task Force’s RFC 8890—like Magna Carta for the network age. It’s also a great example of prioritisation in a design principle:
When there is a conflict between the interests of end users of the Internet and other parties, IETF decisions should favor end users.
So when a web browser—ostensibly an agent for the user—prioritises user-hostile third parties, we get upset.
Google Chrome—ostensibly an agent for the user—is running an origin trial for Federated Learning of Cohorts (FLoC). This is not a technology that serves the end user. It is a technology that serves third parties who want to target end users. The most common use case is behavioural advertising, but targetting could be applied for more nefarious purposes.
The Electronic Frontier Foundation wrote an explainer last month: Google Is Testing Its Controversial New Ad Targeting Tech in Millions of Browsers. Here’s What We Know.
Let’s back up a minute and look at why this is happening. End users are routinely targeted today (for behavioural advertising and other use cases) through third-party cookies. Some user agents like Apple’s Safari and Mozilla’s Firefox are stamping down on this, disabling third party cookies by default.
Seeing which way the wind is blowing, Google’s Chrome browser will also disable third-party cookies at some time in the future (they’re waiting to shut that barn door until the fire is good’n’raging). But Google isn’t just in the browser business. Google is also in the ad tech business. So they still want to advertisers to be able to target end users.
Yes, this is quite the cognitive dissonance: one part of the business is building a user agent while a different part of the company is working on ways of tracking end users. It’s almost as if one company shouldn’t simultaneously be the market leader in three separate industries: search, advertising, and web browsing. (Seriously though, I honestly think Google’s search engine would get better if it were split off from the parent company, and I think that Google’s web browser would also get better if it were a separate enterprise.)
Anyway, one possible way of tracking users without technically tracking individual users is to assign them to buckets, or cohorts of interest based on their browsing habits. Does that make you feel safer? Me neither.
That’s what Google is testing with the origin trial of FLoC.
If you, as an end user, don’t wish to be experimented on like this, there are a few things you can do:
- Don’t use Chrome. No other web browser is participating in this experiment. I recommend Firefox.
- If you want to continue to use Chrome, install the Duck Duck Go Chrome extension.
- Alternatively, if you manually disable third-party cookies, your Chrome browser won’t be included in the experiment.
- Or you could move to Europe. The origin trial won’t be enabled for users in the European Union, which is coincidentally where GDPR applies.
That last decision is interesting. On the one hand, the origin trial is supposed to be on a small scale, hence the lack of European countries. On the other hand, the origin trial is “opt out” instead of “opt in” so that they can gather a big enough data set. Weird.
The plan is that if and when FLoC launches, websites would have to opt in to it. And when I say “plan”, I mean “best guess.”
I, for one, am filled with confidence that Google would never pull a bait-and-switch with their technologies.
In the meantime, if you’re a website owner, you have to opt your website out of the origin trial. You can do this by sending a server header. A
meta element won’t do the trick, I’m afraid.
I’ve done it for my sites, which are served using Apache. I’ve got this in my
<IfModule mod_headers.c> Header always set Permissions-Policy "interest-cohort=()" </IfModule>
If you don’t have access to your server, tough luck. But if your site runs on Wordpress, there’s a proposal to opt out of FLoC by default.
Interestingly, none of the Chrome devs that I follow are saying anything about FLoC. They’re usually quite chatty about proposals for potential standards, but I suspect that this one might be embarrassing for them. It was a similar situation with AMP. In that case, Google abused its monopoly position in search to blackmail publishers into using Google’s format. Now Google’s monopoly in advertising is compromising the integrity of its browser. In both cases, it makes it hard for Chrome devs claiming to have the web’s best interests at heart.
But one of the advantages of having a huge share of the browser market is that Chrome can just plough ahead and unilaterily implement whatever it wants even if there’s no consensus from other browser makers. So that’s what Google is doing with FLoC. But their justification for doing this doesn’t really work unless other browsers play along.
- Third-party cookies are on their way out so advertisers will no longer be able to use that technology to target users.
- If we don’t provide an alternative, advertisers and other third parties will use fingerprinting, which we all agree is very bad.
- So let’s implement Federated Learning of Cohorts so that advertisers won’t use fingerprinting.
The problem is with step three. The theory is that if FLoC gives third parties what they need, then they won’t reach for fingerprinting. Even if there were any validity to that hypothesis, the only chance it has of working is if every browser joins in with FLoC. Otherwise ad tech companies are leaving money on the table. Can you seriously imagine third parties deciding that they just won’t target iPhone or iPad users any more? Remember that Safari is the only real browser on iOS so unless FLoC is implemented by Apple, third parties can’t reach those people …unless those third parties use fingerprinting instead.
Google have set up a situation where it looks like FLoC is going head-to-head with fingerprinting. But if FLoC becomes a reality, it won’t be instead of fingerprinting, it will be in addition to fingerprinting.
Google is quite right to point out that fingerprinting is A Very Bad Thing. But their concerns about fingerprinting sound very hollow when you see that Chrome is pushing ahead and implementing a raft of browser APIs that other browser makers quite rightly point out enable more fingerprinting: Battery Status, Proximity Sensor, Ambient Light Sensor and so on.
When it comes to those APIs, the message from Google is that fingerprinting is a solveable problem.
But when it comes to third party tracking, the message from Google is that fingerprinting is inevitable and so we must provide an alternative.
Which one is it?
Google’s flimsy logic for why FLoC is supposedly good for end users just doesn’t hold up. If they were honest and said that it’s to maintain the status quo of the ad tech industry, it would make much more sense.
The flaw in Google’s reasoning is the fundamental idea that tracking is necessary for advertising. That’s simply not true. Sacrificing user privacy is fundamental to behavioural advertising …but behavioural advertising is not the only kind of advertising. It isn’t even a very good kind of advertising.
FLoC seems to be Google’s way of saving a dying business. They are trying to keep targeted ads going by making them more “privacy-friendly” and “anonymous”. But behavioral profiling and targeted advertisement is not compatible with a privacy-respecting web.
What’s striking is that the very monopolies that make Google and Facebook the leaders in behavioural advertising would also make them the leaders in contextual advertising. Almost everyone uses Google’s search engine. Almost everyone uses Facebook’s social network. An advertising model based on what you’re currently looking at would keep Google and Facebook in their dominant positions.
Google made their first many billions exclusively on contextual advertising. Google now prefers to push the message that behavioral advertising based on personal data collection is superior but there is simply no trustworthy evidence to that.
I sincerely hope that Chrome will align with Safari, Firefox, Vivaldi, Brave, Edge and every other web browser. Everyone already agrees that fingerprinting is the real enemy. Imagine the combined brainpower that could be brought to bear on that problem if all browsers made user privacy a priority.
Until that day, I’m not sure that Google Chrome can be considered a user agent.
The format of a Wikipedia page is used as the chilling delivery mechanism for this piece of speculative fiction. The distancing effect heightens the horror.
Monday, April 19th, 2021
I really like the idea of a shared convention for styling web components with custom properties—feels like BEM meets microformats.
Tuesday, April 13th, 2021
The idea that your job should be the primary source of meaning in your life is an elaborately made trap, propped up across industries, designed to make you a loyal worker who uses the bulk of their intellectual and creative capacity to further their own career.
Sunday, April 11th, 2021
I click the link. The page loads fast. I navigate the surprisingly sparse yet clear form inputs. And complete the whole thing in less than thirty seconds.
Oh, how I wish this experience weren’t remarkable!
Simple forms with clear labels. Little to no branding being shoved down my throat. No array of colors, big logos, or overly-customized UI components.
Thursday, April 8th, 2021
The state of UX
There is much introspection and navel-gazing in the world of user experience design. More than usual, I mean.
Jesse James Garrett recently said:
I don’t think I know anyone that’s been in UX more than a decade who’s happy with how it’s going.
Mark Hurst wrote Why I’m losing faith in UX. Too hot!
Scott Berkun wrote How To Put Faith in Design. Too cold!
Peter Merholz wrote Waking up from the dream of UX. Just right!
As an aside, does it bother anyone else that the Goldilocks story violates the laws of thermodynamics?
Anyway, this hand-wringing around the role of UX today seemed like a suitably hot topic for one of our regular roundtable chats at Clearleft. We invited Peter along too and he was kind enough to give us his time.
It was a fun discussion. Peter pointed out that whenever he hears an older designer bemoaning the current state of design, he has to wonder what’s happened in their lives to make them feel that way (it’s like when people complain about the music of today and how it’s not as good as the music of whatever time period I was a teenager). And let’s face it, the good ol’ days weren’t so good for everyone. It was overwhelmingly dominated by privileged white dudes. The more that changes, the better …and it needs to change far, far more.
There was a general agreement that the current gnashing of teeth isn’t unique to UX. It’s something that just about any discipline will inevitably go through. Peter’s epiphany was to compare it with the hand-wringing around Agile:
The frustration exhibited with the “dream of UX” is (I think) identical to the frustration the original Agile community sees with how it has been industrialized (koff-SAFe-koff).
Perhaps the industrialisation of what once a cottage industry is the price of success. But that’s not necessarily bad, as long as you industrialise the right things. If UX has become the churning out of wireframes at scale, then something has gone very wrong. If UX has become the implementation of dark patterns at scale, then something has gone very wrong.
In some organisations, perhaps that’s exactly what’s happened. In which case, I can totally understand the disillusionment. But in other places, I see the opposite happening. I see UX designers bringing questions of ethics to the forefront. I see UX designers—dare I say it?—having their proverbial seat at the table.
Chris went so far as to claim that we are in fact in a golden age of user experience design. Controversial! But think about it, he said. Over the next few days, pay attention to interactions you have with technology, and consider the thought and skill that has gone into them.
I had Chris’s provocation in mind when I wrote about booking my vaccination appointment:
I just need to get in, accomplish my task, and get out again. This is where the World Wide Web shines.
Maybe Chris is right. Maybe the golden age of UX is here. It’s just not evenly distributed. Yet.
It’s an interesting time for the discipline of user experience design. I’ve always maintained that the best way to get a temperature check for your chosen field is to go to a really good conference. If you’re a UX designer and you want to understand the state of the UX nation, you should get a ticket for the online UX Fest in June. See you there!
Tuesday, April 6th, 2021
Getting a tattoo. brb
Saturday, April 3rd, 2021
Always refreshing to see some long-term thinking applied to the web.
Tuesday, March 30th, 2021
Six years old. Still very astute. Still very true.
I don’t think I agree with Don Knuth’s argument here from a 2014 lecture, but I do like how he sets out his table:
Why do I, as a scientist, get so much out of reading the history of science? Let me count the ways:
- To understand the process of discovery—not so much what was discovered, but how it was discovered.
- To understand the process of failure.
- To celebrate the contributions of many cultures.
- Telling historical stories is the best way to teach.
- To learn how to cope with life.
- To become more familiar with the world, and to know how science fits into the overall history of mankind.
Monday, March 29th, 2021
Saturday, March 27th, 2021
A lot happened in the first few years. I was born in England but my family back moved to Ireland when I was three. Then my father died not long after that. I was young enough that I don’t really have any specific memories of that time. I have hazy impressionistic images of London in my mind but at this point I don’t know if they’re real or imagined.
Most of this time was spent being a youngster in Cobh, county Cork. All fairly uneventful. Being a teenage boy, I was probably a dickhead more than I realised at the time. It was also the 80s so there was a lot of shittiness happening in the background: The Troubles; Chernobyl; Reagan and Thatcher; the constant low-level expectation of nuclear annihilation. And most of the music was terrible—don’t let anyone tell you otherwise.
This was the period with the most new experiences. I started my twenties by dropping out of Art College in Cork and moving to Galway to be a full-time slacker. I hitch-hiked and busked around Europe. I lived in Canada for six months. Eventually I ended up in Freiburg in southern Germany where I met Jessica. The latter half of this decade was spent there, settling down a bit. I graduated from playing music on the street to selling bread in a bakery to eventually making websites. Before I turned 30, Jessica and I got married.
We move to Brighton! I continue to make websites and play music with Salter Cane. Half way through my thirties I co-found Clearleft with Andy and Rich. I also start writing books and speaking at conferences. I find that not only is this something I enjoy, but it’s something I’m actually good at. And it gives me the opportunity to travel and see more of the world.
It’s more of the same for the next ten years. More Clearleft, more writing, more speaking and travelling. Jessica and I got a mortgage on a flat at the start of the decade and exactly ten years later we’ve managed to pay it off, which feels good (I don’t like having any debt hanging over me).
That last decade certainly feels less eventful than, say, that middle decade but then, isn’t that the way with most lives? As Phil says:
If my thirties went by more quickly than my twenties, my forties just zipped by.
You’ve got the formative years in your 20s when you’re trying to figure yourself out so you’re constantly dabbling in a bit of everything (jobs, music, drugs, travel) and then things get straighter. So when it comes to memories, your brain can employ a more rigourous compression algorithm. Instead of storing each year separately, your memories are more like a single year times five or ten. And so it feels like time passes much quicker in later life than it did in those more formative experimental years.
But experimentation can be stressful too—“what if I never figure it out‽” Having more routine can be satisfying if you’re reasonably confident you’ve chosen a good path. I feel like I have (but then, so do most people).
Now it’s time for the next decade. In the short term, the outlook is for more of the same—that’s the outlook for everyone while the world is on pause for The Situation. But once that’s over, who knows? I intend to get back to travelling and seeing the world. That’s probably more to do with being stuck in one place for over a year than having mid-century itchy feet.
I don’t anticipate any sudden changes in lifestyle or career. If anything, I plan to double down on doing things I like and saying “no” to any activities I now know I don’t like. So my future will almost certainly involve more websites, more speaking, maybe more writing, and definitely more Irish traditional music.
I feel like having reached the milestone of 50, I should have at least a few well-earned pieces of advice to pass on. The kind of advice I wish I had received when I was younger. But I’ve racked my brains and this is all I’ve got:
Never eat an olive straight off the tree. You know this already but maybe part of your mind thinks “how bad can it be really?” Trust me. It’s disgusting.
Black Mirror meets Henrietta Lacks in this short story by Erik Hoel who I had not heard of until today, when I came across his name here and also in a completely unrelated blog post by Peter Watts about the nature of dreams.