November « 2008 « Planet Ubiquity

Ugly Ubiquity

Abimanyu Raja

November 23, 2008

8:50 pm

If you’re looking for a list of Ubiquity skins that you can install, check this out.

Every time I look at a screenshot of Ubiquity on the web, I flinch. UBIQUITY IS UGLY (just like that all caps text). Or rather, Ubiquity was ugly. I just finished up the basic infrastructure to enable skinning for Ubiquity. And already, we have one gorgeous new skin (thanks to Yatrik Solanki) that complements the ugly old one.

Unfortunately, this awesome skin only works properly on Windows. There are minor glitches on OS X and worse, transparency is not at all supported on Linux. But, instead of having a non-transparent default and depriving everyone of the eye candy, we’ll have different skins for different platforms. Here’s what the proposed Linux skin (credits to Yatrik again) looks like:

Although there will be minor changes before the 0.1.3 release, you can get started with skinning immediately. It’s really easy to create your own skins (just a single CSS file). Check out the skinning tutorial here.

Once you write the skins, you will be able to share them just like commands (without any scary warning page, though). And as soon as you install any skin, your Ubiquity will immediately be updated to the newest one. To switch back or to other skins, there’s the “Your Skins” page.

So, go create some Ubiquity skins! You can help make the Linux skin a reality.

Updates to Ubiquity and More…

admin

8:29 pm

Skinning in Ubiquity is now supported.

Check out the wiki on skinning, and look at the awesomeness of Abi’s additions.

So, if you haven’t already, check out Abi’s post about Ubiquity’s UGLINESS here.

Currently, I’ve been working on some updates to Simpliquity, making it look more interesting, here is a screenshot of me messing around:

Soon, you’ll be able to have this nice-ness all for yourself. By default!

I’m also doing some font research to see if I can port the skin for Mac…for Linux, that is something else.

I’ve also been thinking about what others want in general as far as skins, so here are your limits:

Think top left. That is where the command line currently is.
Think transparent. It looks cooler, IMO.
Think efficient. The above giant font might not be the best example, but give it a shot.

I’ve been brainstorming about center-based UIs for Ubiquity as well, and I’ll be uploading some mockups soon.

So, tell me, what do you want? Something lite? Something color-based? Anything that resembles anything else?

On the note of the blog, I’m trying to get everything back up/managed…bear with me.

Community Building and UI

Zach

November 22, 2008

1:31 pm

There is a lot of talk about community building for the Ub command developers. My main concern is UI engineering; how can we help command developers create Humane commands? Earlier I blogged about the translate command, offering some suggestions, hoping it would help future command developers. Sadly, we can’t expect trained Usability professionals to review every 3rd party command.

One of the things that I find interesting is how Apple has evolved their 3rd party developer ecosystem. While John Gruber has railed against the inconsistency of click-through in the Human Interface Guidelines for OS X, I doubt users ever notice a difference, nor cause usability issues.

While Apple’s Human Interface Guidelines are good, it’s Apple’s Interface Builder that is the driving force behind the high quality 3rd party interfaces OS X users enjoy. Not to say HIG’s don’t have their place- they help us define and create countermeasures to problems. But auto-spacing/alignment, excellent 1st party UI’s, and good design patterns are demonstratively more effective at helping developers than a list of guidelines and ratios for the distance between buttons.

It is this spirit of providing solutions and value to developers that I hope the Ubiquity community embraces.

Browsing and Searching in China

Atul

November 20, 2008

9:42 am

Mike Beltzner recently wrote an excellent blog post that puts the newly-released Firefox China Edition in a cultural context:

I’m used to a very search-based culture, and was shocked to discover that search - while still important - was a secondary task for all of my Chinese colleagues. Their normal pattern would be to first visit an authoritative source (a portal of some form, either a media hub, a news site, or a topic-oriented site like one for music) and then drill into the information presented. For example, if I’m interested in going to the movies, I would search for “showtimes toronto” and then navigate from there. My colleagues, on the other hand, would more likely navigate to a place where they knew they could find reliable data, follow links to showtimes, and only then perhaps invoke search on the individual movies to find out more about them.

Beltzner goes on to say that “the ways in which people like to interact with that information is likely to be heavily influenced by their cultural contexts”, implying that there’s something about Chinese culture that promotes a browsing-based approach rather than a search-based one. As a result, Firefox China Edition takes on some new features to make it more amenable to browsing.

At the risk of sounding culturally insensitive, I’d like to play the devil’s advocate here. The browsing, drill-down approach that Beltzner describes above actually sounds like the way I used the internet ten years ago. Or, in the context of Silicon Valley, it’s about the Yahoo world-view vs. the Google world-view.

Over the past decade, Google has done a lot to “convert” me to using search rather than browsing and drilling-down; one of the best examples has been Gmail, where they transformed a traditionally hierarchical and sorting-based paradigm into a search-based one, thereby making it much easier for me to find the information I’m looking for. So I guess that a part of me wonders if this isn’t so much “cultural” as it is the case that the “search meme” hasn’t arrived in China yet. If that’s the case, then it’s possible that promoting the use of search could be useful in gaining early adopters.

At the same time, I’m not saying that browsing or drilling-down is useless outside of Chinese culture, either: to that extent, the Chinese edition has some really awesome features that would be useful to me personally, such as the built-in Juice addon (which has some functionality that we’d like to get into Ubiquity).

I could be totally off-base here—if I am, I’m very interested in finding out what it is about Chinese culture that results in different browsing habits. And regardless, the Chinese edition is definitely a very interesting experiment.

A Security Model for Ubiquity

Atul

November 19, 2008

12:41 pm

We discussed at the first Ubiquity planning meeting that we need to come up with and implement a security model for the next release, so I thought I’d write down a few thoughts I’ve been having about it. I don’t consider myself a security expert by any stretch of the imagination, though, so any suggestions or corrections are more than welcome.

Firstly, as noted in the meeting notes, the notion of a security model being discussed here is separate from, but supporting of, the kind of social “web of trust” based model that I’ve written about before. Being able to easily communicate to someone with technical expertise that a piece of functionality will only be able to have a certain level of access to their system can be an excellent aid in determining whether they want to risk trying it out, and this in turn can affect whether they ultimately recommend it to other less technical members of their trust network.

Looking at the current state of mechanisms that allow people to “remix the web”, there appear to be a number of security models out there:

Bookmarklets are run in the context of the web page that they’re activated on; they can’t do anything that the web page they’re running on can’t. While this means that they won’t be able to access the filesystem or anything, it does mean that they can potentially abuse any sensitive information contained on the webpage itself. In Firefox security parlance, a script with this kind of limited access is referred to as “running with content privileges.”
Greasemonkey Scripts, to my understanding, run in a sandboxed environment that has full access to the web page they operate on via XPCNativeWrappers, as well as special access to more limited functionality via GM_* functions. Consequently, a malicious GreaseMonkey script could do more than a malicious Bookmarklet, but not nearly as much damage as a malicious client-side executable.
Firefox Extensions are not sandboxed in any way; as such, they have the same privileges as the Firefox process that contains them, which usually means that they can do whatever they want to your computer. In Firefox security parlance, this is referred to as “running with chrome privileges.”

At present, while Ubiquity command feeds are technically sandboxed via Components.utils.Sandbox instances, the sandboxes are currently initialized using a security principal that gives them chrome privileges. On top of that, even if they were initialized with a more limited principal providing only content privileges, they’re currently accessed insecurely. Both of these aren’t very hard to change, though; the primary challenge will be determining a security model that’s best for Ubiquity’s needs.

One solution may be to have each command feed choose from one of many security model selections. For instance, a command feed’s metadata could specify one of the following security levels:

Greater Chrome command feeds execute with full chrome privileges (i.e., how command feeds are currently executed).
Lesser Chrome command feeds execute with Greasemonkey-like privileges, whereby they have secure access to untrusted content and limited access to chrome functionality, such as cross-site XHR’s. It’s possible that extra metadata could specify exactly what subset of chrome features the command feed has; for instance, one command feed might request only that it have the additional access to make XHR requests to two particular domains. Care, however, must be taken to ensure that this “security manifest” isn’t so complex that it makes understanding the security implications of a command script difficult and error-prone.
Greater Content command feeds execute with Bookmarklet-like privileges.
Lesser Content command feeds only have the ability to examine the current selection and replace it. This could be useful for commands like “uppercase.”

For the sake of experimentation and exploration, it may even be useful to make security models “pluggable”, so that anyone can write their own security model, which can then be used to limit the privileges of any command feed that runs under it.

As a place to start, I’ve created a new safebox.js JS module in the Ubiquity repository that provides a safe interface to communicate with a Components.utils.Sandbox running untrusted code in xpcshell or an XULRunner application (e.g., Firefox or Thunderbird). All data going into and out of the sandbox is marshalled using JSON, and all communication is synchronous. Sample unit test code can currently be found in safebox_tests.js. I’d also like to thank Blake Kaplan for explaining some of the underpinnings of the Spidermonkey and XPConnect security models to me, as well as assisting in the debugging of some strange XPCSafeJSObjectWrapper behavior under xpcshell.

If anyone has any feedback on what’s been described here, I’d love to read it.

IT’S A SECRET TO EVERYBODY.

Jono DiCarlo

November 17, 2008

6:10 pm

Halloween weekend, I was at my family’s home in Illinois, playing with my sister Aleksa. She’s eight years old and crazy about video games. I’ve been teaching her to play the old classics from when I was her age.

Some of the most innovative user-interfaces are found in video games. Why is that? I have a theory.

Users of business/productivity software complain loudly when an interface differs from what they’re used to. Rightly so — time spent learning an unfamiliar UI is time not getting work done. Business software is rightfully cautious of UI experimentation.

Gamers, in contrast, are willing to invest time and effort in learning a new, unfamiliar game. Novelty is part of the value. Gamers will learn a specialized interface, if it’s efficient and well-suited to the tasks the game requires.

So I like to analyze the UI of games to see what lessons they have to teach. Even a very old game may hide a great idea that has been forgotten — or never learned — by the wider world of software design.

(Image used without permission)

The Legend of Zelda plays a distinctive eight-note melody when you discover a secret — e.g., finding the one loose block that can be pushed to open a path. (If you’ve played a Zelda game, you’re probably hearing the melody in your head right now.)

This “discovery fanfare” is interesting from a UI perspective because of how much it manages to communicate. Most video game sound effects are stimulus-response: whack something with your sword and it makes one noise; pick up a coin and it makes another. But the discovery fanfare is semantic. Not a response to an elementary action, but an indication of what that action means to the ongoing story. It’s like the game is winking at you, to say “Yup, you got me — that’s the answer.” It means not just “You found a secret”, but also, “I understand what you just did.” “This thing you found? It’s important.”

Hearing the discovery fanfare makes you feel smart. It’s about the strongest positive feedback that it’s possible to get from a video game. Such reinforcement is a big part of what makes The Legend of Zelda so addictive.

But how is that relevant to non-game UI design and/or web design?

Positive feedback is important. It lets the user know that the system “understands” what they’re trying to do. Lack of feedback creates pure frustration.

Watch any first-time user of the Unix command line. They type a command, hit enter, and nothing visibly happens. At that point, many people get confused or worried. What happened to the command? In fact, silence means that the command executed successfully. But this is a hard idea to grok, because it’s contrary to all our instincts.

On the Web, how many times have you seen a message like this one?

“Please do not click more than once - it may take some time for the form to be processed.”

Why are users clicking more than once?

Maybe because the first time we click, nothing happens. Nothing visible or audible, anyway. In fact, an upload is being processed, but silently and invisibly. Since there’s no feedback, our instincts tell us, “You didn’t click it hard enough. Better do it again”.

The “Don’t click more than once” warning in text is ineffective. It’s just not strong enough to overcome human nature.

I bet we’d send many fewer duplicate POSTs if some kind of visible or audible congratulations happened in response to clicking the “submit” button. Not for every form — just the large multi-page ones. After all, completing those forms is at least as difficult as solving a Legend of Zelda puzzle, and a lot less fun. Don’t we deserve some celebration afterwards?

The SF Green Festival and >play

Atul

11:30 am

This weekend I represented Mozilla at the >play Expo at the Haas School of Business at UC Berkeley and the San Francisco Green Festival. This was the first time I’d ever represented Mozilla at a public event, so it was quite a learning experience. It was also fun trying to get an idea of what an individual was interested in and connecting it with something relevant about Mozilla.

The >play Expo

At the >play Expo, Myk Melez, Jay Patel and I were specifically representing Mozilla Labs, and most of the people we spoke to were MBA students or industry professionals. As such, when asked what Labs was, I tended to focus on the concept of innovation—something relevant both to business and Mozilla. In particular, I focused on Labs as a solution to what Clayton Christensen called The Innovator’s Dilemma. I also made sure to bring up the Mozilla community, explaining that all Labs projects were community experiments that anyone could contribute to, and that some of them, such as the Concept Series, were actually experiments in figuring out how to “scale” disruptive innovation within the context of a global community. I also explained that a big part of facilitating community-wide innovation was fostering an attitude that failure is OK—that in fact, it could be said that if none of our experiments failed, we may not be pushing hard enough. (As a side note: despite the fact that all of this has been told to me by other Labs folks, I don’t think that it’s actually been blogged about much, so I’ll probably write more about it soon.)

Almost all of my conversations ultimately resulted in the question of how Mozilla makes money, to which I gave them the standard profit-sharing response. Sometimes this segued into an interesting conversation about what the Mozilla Foundation was, since many people didn’t know that Mozilla was a non-profit at its core.

Aside from that, I also explained what some of the Labs projects were and demoed them. Virtually everyone we met had heard of Firefox, and many of them already used it, but few of them knew about the Foundation or Labs, so it felt good to educate people on these topics.

The San Francisco Green Festival

This was the more fun of the two, largely because it seemed rife with idealists who either hadn’t heard of Firefox or didn’t know that it was backed by a non-profit foundation (and that its for-profit subsidiaries were wholly-owned and had no investors). I wasn’t there for very long—only an hour and a half at the tail end of the festival—but I’m pretty sure that I turned at least two people on to Firefox who had never heard of it, and that felt really good.

Most of my conversations with people included some sort of abbreviated form of my What Mozilla Means to Me blog post, which was very well received. In particular, given the context of the Green Festival, I tried relating the Mozilla Manifesto’s view of the Internet to the way that many environmentalists viewed the environment: as a public asset and a public benefit, and—in the words of one person I talked to—”something that needs to be saved”.

One frequent question asked of me was “how is Mozilla green?”, to which I had to respond honestly that I didn’t know, mostly because I didn’t actually know what the word “green” meant. I told them that I did read Michael Pollan’s The Omnivore’s Dilemma, though, and that the history of the word “organic” did resonate with me. The origin of the organic movement from the 1940’s to the 1960’s, as explained by Pollan, was something that featured a heavy focus on community and genuine social relationships between producer and consumer—concepts that Mozilla shares, but that have since been excised from the word’s meaning since it was embraced by capitalism over the past few decades. While the word has recently been used for marketing Firefox, it’s a term that I’ve heard used informally to describe the bottom-up, participatory approach that we try to foster when developing experiments in Labs.

After explaining these things, the people I talked to—at the very least—seemed to walk away with a much better impression of Mozilla. It was particularly exciting to talk to folks who hadn’t heard of Firefox, because when I talked about how all of these “organic” ideals fostered more secure, more responsive, and more user-respecting software like Firefox and its addons, they really seemed to get it.

The First Ubiquity Planning Meeting

Atul

November 14, 2008

10:39 am

Yesterday we had our first public Ubiquity planning meeting. What made this meeting particularly interesting for me was the fact that we were trying something a little different from most standard Mozilla project meetings I’ve attended.

Generally, project meetings consist of one group of people who are in the same room together and can communicate very efficiently while all the folks calling-in can barely hear them, dramatically increasing their barrier to participation. Jono, Aza, and I experienced this first-hand when we were still in Chicago at the beginning of this year and had to call-in to meetings in Mountain View; as Jono eloquently put it, “some people were huddled around the fire while others were cast into the outer darkness.”

So this time, we all tried calling in to the conference so that everyone was on a level playing field: despite the fact that Jono and I were in the same building, we actually were in separate rooms during the conference call. The result was something that I felt was much more egalitarian and didn’t confer any special advantages to people who happened to be geographically local.

That said, though, the sound quality still left something to be desired. Skyping-in to Mozilla’s Asterisk system resulted in horrible audio quality, and my call was unceremoniously dropped less than five minutes in. I then used my cell phone, which had slightly better audio quality. It was still a far cry from the crystal clarity of Ventrilo using GSM—a VOIP solution traditionally used in the context of multiplayer gaming yet perfect for these kinds of meetings—but unfortunately the GSM codec is only available on Windows, and apparently the proprietary software isn’t yet available at all on Linux. Perhaps I’ll just try SJPhone next time, though I’d love to hear of any better solutions.

Aside from that, we also encouraged everyone to simultaneously gather on the #ubiquity channel on IRC to provide an additional channel of communication. This was particularly useful when someone wanted to provide supporting information while another person was speaking, and for providing information that’s better communicated through a textual medium such as URLs and phone numbers.

I’ve written up some meeting notes on the wiki detailing what we agreed upon as a road-map for Ubiquity 0.2, which we’re aiming to release in December. Those who attended are welcome to add anything I missed. If you have any questions about what was discussed or would like to help out, you’re welcome to join us in the ubiquity-core Google group and #ubiquity on irc.mozilla.org.

November Labs Night, Thunderbird Awesomeness

Atul

November 13, 2008

7:59 pm

Last night we held a really fun Labs Night at Mozilla’s Building K in Mountain View, California. The Thunderbird team was here for their work week, some folks from Seedcamp dropped in, and Dion and Ben of the Ajaxian and the new Mozilla Developer Tools Lab were all here, which made for a night of innovative presentations that got lots of interesting conversations started.

The evening started out with Jono presenting a quick overview of all the currently active Labs projects while wearing a large sombrero. This was followed by Ben and Dion presenting an incredibly cool demo of something they worked on before they joined Mozilla, which wowed everyone in the audience. Personally, I was equally impressed by the way that they were able to literally finish each other’s sentences as a buzzer went off at random intervals, signaling them to switch speakers.

After that, Dave Ascher stepped up to present some really terrific new prototypes of Thunderbird user interface experiments. One of them, currently in the form of an extension called the ThunderBar, is essentially a Thunderbird translation of Firefox’s touted AwesomeBar: instead of showing you items from your browsing history and bookmarks, it shows you contacts and mail messages that match your search criteria in real-time, using Thunderbird’s brand-new global database extension dubbed “Gloda”.

Ascher also showed off a very cool prototype of a Gmail-style conversation view, along with a mashup of email data with the MIT SIMILE widget that presented a timeline of the user’s messaging activity.

He then explained that they were doing a lot of this new work using standard HTML rather than XUL, the XML UI language that comprises the UI of most Mozilla-powered applications. Among other things, this allowed the Thunderbird team to easily and quickly leverage the work of an incredible number of people working on the open web—an extremely well-documented and flexible platform used by designers and coders alike—rather than using what ultimately amounts to a user interface platform with few consumers and little documentation, tailored specifically for the functionality needed by Firefox and little else.

Coincidentally, this is the exact same reason that Ubiquity features as little XUL as possible; the command prompt is done entirely in HTML, and everything that might normally be a XUL window in an ordinary extension is done as an HTML page loaded in a browser tab. Aside from its many other benefits, using open web technologies in Mozilla client-side code also drastically lowers the barrier to entry for anyone to contribute to such projects, since it allows contributors to reuse skills that they’re likely to already have.

The Thunderbird presentation got me really excited about Thunderbird and its many possibilities; over the past few days that the Thunderbird team has been here, I’ve switched from Mail.app to nightly builds of “Shredder”, the codename for the upcoming Thunderbird 3, and I’m looking forward to seeing this project progress. I’m currently quite addicted to Gmail, but I think that Thunderbird has the potential to far surpass its awesomeness while being extremely respectful of my privacy.

After some lively discussion about all this, we took a quick break and came back to a bevy of 5-minute lightning talks, powered by Myk Melez’s egg timer to ensure that no one went past the time limit.

Jono kicked off the lightning talks by presenting his explorations in the land of pie menus. This was followed by a presentation by Alex Peake on his new world-bettering startup, EmpowerThyself.com. Vladimir Oane then presented his Seedcamp startup uberVU, a cool aggregator for conversations that span websites and web services. I did a quick talk on Ambient News, which was followed by an intriguing static HTML mock-up Bryan Clark made for conversation views in Thunderbird. Last to talk was Christopher Clay, who gave a presentation of soup.io, an interesting new service that lets people express themselves in a lot of different ways through the use of what appears to be an elegant, humane UI with plenty of support for undo.

All in all, I thought this Labs Night went really well, and I was particularly impressed with all the cool ideas that non-Mozilla folks brought to the table. Labs itself is meant to be a community of innovators, and in this respect I thought that last evening’s gathering brought us closer to what we’d ideally like to have: a place where everyone participates and contributes to the ongoing dialogue of figuring out how to make technology less frustrating and more empowering.

We just need to take pictures next time.

Labs Update - November 2008

Atul

November 12, 2008

5:28 pm

Welcome to the first issue of about:labs, a new weekly newsletter that showcases innovation across the Mozilla community. In the coming weeks we’ll adopt the same infrastructure as the popular about:mozilla newsletter.

Concepts of the Week

Here’s some ideas we’ve found that have sparked thoughts in our minds from the Concept Series and across the Web; we hope they inspire you, too.

Please do join us and contribute your own thoughts, mock-ups, or prototypes. We’ll be highlighting new concepts each week.

Herdict Web is an upcoming project that aims to make diagnosing network accessibility problems a lot easier.
Web of Trust is a Firefox extension that aims to warn you before you enter a risky website through a social web-of-trust model.
Maxview of Browser History is an interesting mock-up of visual browser history.
Adaptive HTML Rendering Lens is a fascinating proposal for new Firefox functionality.

Ubiquity Update

The Ubiquity team is currently working on Ubiquity 0.2 Roadmap Proposals to determine the feature set of Ubiquity 0.2 and figure out how to get there from here. Feel free to contribute to this wiki page or the ongoing discussion in the mailing list.

Weave Update

The Weave team is currently working on version 0.3 and has recently released a proposed Server 0.3 API, along with a new server prototype.

Additionally, Jono DiCarlo just posted an awesome new UI proposal for Weave on Fennec. Check it out and let us know what you think!

Snowl Progress

The Snowl team is working on the next version of Snowl, with more and better views, the ability to send messages, and a bunch of bug fixes.

Monthly Labs Meetup - November 2008

It’s time for another Monthly Meetup. This month’s Labs Night will be next Wednesday, November 12th, 6pm at Mozilla’s office - 1981 Landings Drive, bldg K in Mountain View, California.

We are super excited about this session. The teams from Seedcamp are spending the week in Silicon Valley and will be joining us on Wednesday evening. Several Mozilla folks will be giving lightning talks - Dion Almaer will be discussing the Ajax revolution and how it dovetails with UX; Jono DiCarlo will give an update on Mozilla Labs projects; and David Ascher and the Thunderbird team will discuss their latest UI experiments. We’ll also have time for discussion, hacking, and of course, pizza. :)

If you are in the Bay Area we’d love to see you next week! Please RSVP in the comments of this blog post so we know how many to expect. Thanks!

Older Posts »