Localization rant

I’ve been living outside the Netherlands for a while and have noticed that quite many web sites are handling localization and internationalization pretty damn poorly. In general I hate the poor translations unleashed on Dutch users and generally prefer the US English version of UIs whenever available.

I just visited Youtube. I’ve had an account there for over two years. I’ve always had it set to English. So, surprise, surprise, it asked me for the second time in a few weeks, in German, whether I would like to keep my now fully Germanified Youtube set to German. Eehhhhh?!?!?! nein (no). Abrechen (cancel)! At least they ask, even though in the wrong language. Most websites don’t do even bother with this.

But stop and think about this. You’ve detected that somebody who has always had his profile set to English is apparently in Germany. Shit happens, so now what? Do you think it is a bright idea to ask this person in German whether he/she no longer wants the website presented in whatever it was set to earlier? Eh, no of course not. Chances are good people won’t even understand the question. Luckily I speak enough German to know Abrechen is the right choice for me. When I was living in Finland, convincing websites I don’t speak Finnish was way more challenging. I recall fighting with Blogger (another Google owned site) on several occasions. It defaulted to Finnish despite the fact that I was signed in to Google in and have every possible setting Google provides for this set to English. Additionally, the link for switching to English was three clicks away from the main page. Impossible to do unless you know the Finnish word for preferences, language, and OK (in which case you might pass for a native speaker). I guess I’m lucky to not live in e.g. China where I would stand no chance whatsoever to guess the meaning of buttons and links.

The point here is that most websites seem to be drawing the wrong conclusions based on a few stupid IP checks. My German colleagues are constantly complaining about Google defaulting to Dutch (i.e. my native language, which is quite different from Deutsch). Reason: the nearest Nokia proxy is in Amsterdam so Google assumes we all speak Dutch.

So, cool you can guesstimate where I am (roughly) in the world but don’t jump to conclusions. People travel and move around all the time. Mostly they don’t change their preferred language until after a lot of hard work. I mean, how hard can it be? I’m already signed in, right? Cookies set and everything. In short, you know who I am (or you bloody well should given the information I’ve been sharing with you for several years). Somewhere in my profile, it says that my preferred language is English, right? I’ve had that profile for over four years, right? So why the hell would I suddenly want to switch language to something that I might not even speak? A: I wouldn’t. No fucking way that this is even likely to occur.

It’s of course unfair to single out Google here. Other examples are iTunes which has a full English UI in Finland but made me accept the terms of use in Finnish (my knowledge of Finnish is extremely limited, to put it mildly). Finland is of course bilingual and 10 percent of its population are Swedish speaking Finns, most of which probably don’t handle Finnish that well. Additionally there are tens of thousands of immigrants, tourists and travelers, like me. Now that I live in Germany, I’m stuck with the Finnish itunes version, because I happened to sign up while I was in Finland. Switching to the German store is impossible. I.e. I can’t access the German TV shows for sale on iTunes Germany. Never mind the US English ones I’m actually interested in accessing and spending real $$$/€€€ on. Similarly, I’ve had encounters with Facebook asking me to help localize Facebook to Finnish (eh, definitely talking to the wrong guy here) and recently to German (still wrong).

So, this is madness. A series of broken assumptions leads to Apple losing revenue and Google and others annoying the hell out of people.

So here’s a localization guideline for dummies:

  • Offer a way out. Likely a large percentage of your guesses as to what the language of your users is, is going to be wrong. The smaller the amount of native speakers the more likely you will get it wrong. Languages like Finnish or Chinese are notoriously hard to learn. So, design your localized sites such that a non native speaker of such languages can get your fully localized sites set to something more reasonable.
  • Respect people’s preferences. Profiles override anything you might detect. People move around so your assumptions are likely broken if they deviate from the profile settings.
  • Language is not location. People travel around and generally don’t unlearn the language they used to speak. Additionally, most countries have sizable populations of non native speakers as well as hordes of tourists and travelers.
  • If people managed to sign up, that’s a strong clue that whatever the language of the UI was at the time is probably a language that the user has mastered well enough to understand the UI (or otherwise you’d have blind monkeys signing up all the time). So there’s no valid use case for suggesting an alternative language here. Never mind defaulting to one.

Anyway, end of rant.

OpenID study at Google

Google and Yahoo have both posted a usability study for federated and openid logins. Basically both of them hint at keeping things simple and as easy to use for the user. Google has a quite nice suggestion about the UI but they all but stop at going all the way.

We’ve done a lot of thinking on this topic regarding the demo and youtube movie I linked last week. We have a similar problem that our users have to login, somehow and then login again for OAuth like authentication with e.g. Facebook for extra features.

I really like Google’s UI but would like to suggest a few simplifications:

Basically the site should ask:

With what openid identity, email address or username do you wish to login (excuse ascii art)?

-------------------------------- ------
| http://www.jillesvangurp.com | | OK |
-------------------------------- ------

The user will enter whatever seems right and the server will make a best effort to authenticate with whatever the user provides. Then the server checks the following rules (using AJAX of course) against the address/username

  • address/username known, not an IDP -> ask for the password
  • address//username known & an IDP -> redirect to IDP. Let user choose username optionally when returning to the site so the user can login with either short login name or IDP identifier.
  • not known & an IDP -> redirect to IDP, on return create an account on the fly with info IDP provides
  • not known, not an IDP -> show create account form, let user pick a username if email address was entered. Optionally, point out how to sign up with an OpenID provider and of course allow login with a different ID.

This is as simple as it gets. Basically, the only problem is the user entering a username that is in use by somebody else. A password field will show and login will fail.

The failure should look like this.
Login failed because the user and password are incorrect. You can either:

  • try another password
  • try another openidurl, email address or username
  • sign up with us or one of these Identity providers: XXX, YYY, ZZZ

This is as simple as it gets and it still supports a wide variety of login mechanisms.

Advantages:

  • Only one question that the user should be able to answer: who am I?
  • Using OpenID is rewarded by easy login
  • Worst case, user still has to provide a password.
  • Can support any kind of authentication, including non password based ones.

Failing power supply

In April 2007, I replaced a broken power supply in my PC with a Antec SmartPower 2.0 500W Power Supply. Check my review here. A few days ago, my pc has started producing a high pitched noise. Really annoying. So, I Google a little and what do I find: Antec SmartPower 2.0 500W Power Supplies apparently have 21% failure rate. Tell tale signs include the damn thing making high pitched noise.

I have to investigate a little further but probably this means the power supply is failing after less than one and a half year. Out of warranty of course. Damn it, really annoying to have to open that case again to replace the same part. Basically, the PC is now nearly three years old and maybe I should just replace it altogether. Something quiet, fast and reliable would be nice.

In a few weeks my new Macbook Pro should arrive at work (ordered yesterday). I was planning to wait and see if I like that and if so, just upgrade to a nice Mac at home as well. Not fully convinced yet.

Feel free to recommend a decent PSU. Has to power a Nvidia 7800, 2 drives, lots of USB hardware and a amd 4400+ dualcore CPU.

Update. I ended up installing a ZALMAN ZM600-HP. Seems to have a few good reviews http://www.tweaknews.net/reviews/zm600hp/. It’s expensive, over qualified for the job and supposedly really good and quiet. Sadly the rest of my machine is still rather noisy.

Google Chrome – First Impressions

First impression: Google delivered, I’ve never used a browser this fast. It’s great.

Yesterday, a cartoon was prematurely leaked detailing Google’s vision for what a browser could look like. Now, 24 hours later I’m reviewing what until yesterday was a well kept secret.

So here’s my first impressions.

  • Fast and responsive. What can I say? Firefox 3 was an improvement over Firefox 2 but this is in a different league. There’s still lots of issues with having many tabs open in Firefox. I’ve noticed it doesn’t like handling bitmaps and switching tabs gets unusable with a few dozen tabs open. Chrome does not have this issue at all. It’s faster than anything I’ve browsed with so far (pretty much any browser you can think of probably).
  • Memory usage. Chrome starts new processes for each domain and not per tab. I opened a lot of tabs in the same domain and the number of processes did not go up. Go to a different domain and you get another chrome process. However, it does seem to use substantial amount of memory in total. Firefox 3 is definitely better. Not an issue with 2 GB like I have and the good news is that you get memory back when you close tabs. But still, 40-60MB per domain is quite a lot.
  • Javascript performance. Seems fantastic. Gmail and Google Reader load in no time at all. Easily faster than Firefox 3.
  • UI. A bit spartan if you are used to Firefox with custom bells & wistles (I have about a dozen extensions). But it works and is responsive. I like it. Some random impressions here: 
    • no status bar (good)
    • very few buttons (good)
    • no separate search field (could be confusing for users)
    • tabs on top, looks good, unlike IE7.
    • mouse & keyboard. Mostly like in Firefox. Happy to see middle click works. However, / does not work and you need to type ctrl+f to get in page search
  • URL bar. So far so good, seems to copy most of the relevant features from Firefox 3. I like Firefox 3’s behaviour better though.
  • RSS feeds. There does not seem to be any support for subscribing to, or reading feeds. Strange. If I somehow missed it, there’s a huge usability issue here. If not, I assume it will be added.
  • Bookmarks. An important feature for any browser. Google has partially duplicated Firefox 3’s behaviour with a little star icon but no tagging.
  • Extensions. none whatsoever :-(. If I end up not switching, this will be the reason. I need my extensions.
  • Import Firefox Profile. Seems pretty good, passwords, browsing history, bookmarks, etc. were all imported. Except for my cookies.
  • Home screen. Seems nicer than a blank page but nothing I’d miss. Looks a bit empty on my 1600×1200 screen.
  • Missing in action. No spelling control, no search plugins (at least no obvious way for me to use them even though all my firefox search plugins are listed in the options screen), no print preview, no bookmarks management, no menu bar (good, don’t miss it)
So Google delivers on promises they never made. Just out of the blue there is Chrome and the rest of the browser world has some catching up to do. Firefox and Safari are both working on the right things of course and have been a huge influence on Chrome (which Google gives them plenty of credit for). However, the fact is that Google is showing both of them that they can do much better. 
Technically I think the key innovation here is using multiple processes to handle tabs from different domains. This is a good idea from both a security point of view as from a performance point of view. Other browsers try to be clever here and do everything in one process with less than stellar results. I see Firefox 3 still block the entire UI regularly and that is just inherent to its architecture. This simply won’t happen with Chrome. Worst case is that one of the tabs becomes unusable and you just close it. Technically, you might wonder if they could not have done this with threads instead of processes.

So, I’m genuinely impressed here. Google is really delivering something exceptionally solid here. Download it and see for yourself.

Posting this from Chrome of course.

What Apple Knows That Facebook Doesn’t

What Apple Knows That Facebook Doesn’t.

Business week has an interesting article on the economics of platforms. Interesting, but flawed. They compare two platforms (Facebook, and Apple’s mobile platform). The argument goes roughly as follows: Apple is using it’s platform to create a new market by being open and Facebook is using traditional methods of using the market as a control point. Apple is creating an open market and Facebook is making an open market more closed. The author even goes as far as to associate the keywords good and evil here.

The article is flawed because in fact Apple is not creating an open market. They have been removing applications that don’t fit their business model (e.g. anything VOIP related) and are still keeping people from writing about the APIs because NDA has not been lifted yet. Apple is acting as a dictator here. That it is a mostly benevolent one doesn’t matter. It doesn’t sound very open to me in any case. Or very new.

Sure, their platform is pretty nice and their online shop pretty usable. That’s definitely disruptive to the mobile industry, which is not used to good quality platforms and well designed use-cases such as online shops for applications. However, there’s a pretty big market for mobile applications and most people writing for the iphone don’t do so exclusively and instead target multiple mobile platforms. You can download several VOIP applications for S60 or mobile windows and other platforms, as well as numerous games, productivity apps, etc. Then there is J2ME of course with a few billion phones in the market right now. You might say it is crappy but it has a huge reach. Incidentally, Apple also blocks components from their shop that would enable people to run J2ME applications since an open source Java platform has in fact been ported long before Apple even ‘opened’ up their platform. That’s right, a good old case of reverse engineering. Apple’s platform is quite unique in the sense that people were developing for it long before Apple decided to hand out developer kits.

Facebook indeed is also not very open but they were first to a market that they created, which is pretty big by now. As a viral way of spreading new services to users it is pretty much unrivaled so far. It is Google that has created a competition for more openness with their Open Social platform, which is in many ways similar but has open specifications and may be implemented freely by other social networks. Both Google and Facebook have a very similar centralized identity model that is designed to lock users into their mutual platforms (Google Friends Connect & Facebook Connect). Google is maybe being somewhat more smart about it but they are after the same things here: making sure trafic flows through their services so that they can sell ads.

So, Facebook’s model is advertisement driven and Apple’s business is operator driven. Apple makes most of their money from deals with operators who subsidize iphones and give Apple a share of the subscription revenue. That’s brilliant business and Apple protects it by removing any application from their shop that has conflicting interests with this revenue stream.

However, the key point of the article that the platform serves as a market creation tool is interesting. Apple managed to create an impressive amount of revenue (relative to their tiny market share of the overall mobile market) and Facebook has managed to create a huge market for Facebook applications. Both are being challenged by competitors who have no choice to be more open.

Interestingly, Google is competing on both fronts and can be seen as the primary threat to both Apple and Facebook’s platforms. Google could end up opening up the mobile market for real because it is not protecting any financial interests there but instead are trying to spawn a mobile internet market. Android is designed from the ground up to do just that. It needs to be good enough for developers, users and operators and Google has worked hard to balance interests enough so as to not alienate any of these.

All three are fighting for the favours of developers. Developers, developers, developers! (throws chair across the room & jumps like a monkey). That too is not new although Microsoft seems to have forgotten about them lately.

Songbird Beta (0.7)

Songbird Blog » Songbird Beta is Released!.

Having played with several milestone builds of songbird, I was keen to try this one. This is a big milestone for this music player & browser hybrid. Since I’ve blogged on this before, I will keep it short.

The good:

  • New feathers (songbird lingo for UI theme) looks great. Only criticism is that it seems to be a bit of an iTunes rip off.
  • Album art has landed
  • Stability and memory usage is now acceptable for actually using the application
  • Unlike iTunes, it actually supports the media buttons on my logitech keyboard.

The bad (or not so good since I have no big gripes):

  • Still no support for the iTunes invented but highly useful compilation flag (bug 9090). This means that my well organized library is now filled with all sorts of obscure artists that I barely know but apparently have one or two songs from. iTunes sorts these into compilation corner and I use this feature to keep a nice overview of artists and complete albums.
  • Despite being a media player with extension support, there appears to be no features related to sound quality. Not even an equalizer. Not even as an extension. This is a bit puzzling because this used to be a key strength of winamp, the AOL product that the songbird founders used to be involved with.
  • Despite being a browser, common browser features are missing. So no bookmarks, no apparent RSS feed, no Google preconfigured in the search bar, etc. Some of these things are easily fixed with extensions.

Verdict: much closer than previous builds but still no cigar. Key issue for me is compilation flag support. Also I’d really like to see some options for affecting audio playback quality. I can see how having a browser in my media player could be useful but this is not a good browser nor a good media player yet.

Indie Social Networking

I have this page elsewhere on this site where I try to keep track of various accounts I have with social networks and other sites.  I updated it earlier today with some interesting additions.

It seems finally decentralized social networking is starting to happen. It’s all very low profile now but promising. It all started somewhere last week when I noticed that one of my colleagues, John Kemp was now micro blogging via something called identi.ca. I noticed this because his status in skype was telling me. Since we share similar interests in things like OpenID and a few other things, I decided to check it out. I never really bought into this twitter stuff and gave up on updating my Facebook status regularly long time ago. But this identi.ca looks rather cool, so I signed up.

It’s basically twitter minus some features (not yet implemented) with a few interesting twists:

  • You can sign in using OpenID
  • It’s open source. The software identi.ca is based on is called laconi.ca.
  • It’s completely open. It has all the hooks and obvious protocols implemented. For example, I microblog using a identi.ca contact in my jabber client (pidgin) over XMPP. There’s RSS and probably some more stuff.
  • Your friends info is available as FOAF, thus enabling Google’s Social Graph search to work with the data there and in other places (like e.g. your wordpress linkdump).
  • It’s decentralized, you can have laconi.ca friends on different servers. Like email, there is no need for everybody to be on the same server.
  • It’s written in PHP -> you can probably install it on any decent hosting provider you can now run your own microblog just like you can run your own blog.

Of course being low profile, there’s only the usual suspects active: i.e. people like me.

A second interesting site I bumped into is whoisi.com. It’s basically friendfeed or similar sites with a few interesting twists:

  • You don’t have to sign in or register. You just start using it.
  • In fact you can’t sign in and there’s little need because whoisi creates a nice account for you on the fly that you can access using the cookie it sets automatically or a url you can bookmark.
  • You can follow any person on the web and associate feeds with that person.
  • There’s no concept of your profile on whoisi. It’s simply a tool for following people, anonymously. They don’t even have to use whoisi in order for you to follow them.

It’s run by Christopher Blizzard who works at Mozilla. I’m not sure if he is doing this in his spare time or if this has a bigger Mozilla labs plan behind it. Either way, he’s a cool guy with good ideas obviously. Since whoisi didn’t know about me yet, I ended up following myself, which feels slightly hedonistic, and added most of the interesting feeds. Including of course my identi.ca feed.

It occurs to me that using identi.ca’s FOAF and Google’s Social Graph search, whoisi should be able to automatically find websites related to a person from a single url by just following the rel=me links that Google can produce and then any friends from the rel=friend links. Check out what Google finds out about me from providing www.jillesvangurp.com here.

This hooking up of simple building blocks is exactly the point of the decentralized social network. It’s nice to see some useful building blocks emerge that work towards making this happen. Basically, all the necessary building blocks are there already. From a single link it is possible to construct a very detailed view of what your friends are doing all over the web fully automatically. True all this is still a bit too difficult for the average user right now but I imagine that a bit of search and discovery magic would go a long way to making this just work on a lot of sites.

My former house

GeenStijl : ANP doet Google Earth na.

Ten years ago, I was a computer science student in Utrecht who was about to leave the Netherlands to live in Sweden. At the time, I had been living for about a year in a very spacious (50m2) attic room on a top location: Domplein, complete with nice view over the square.

A Dutch reporter took some photos from a balloon which gives a nice perspective on how nice this room was. I’ve highlighted which building was I lived in. The house, a four story monumental building was owned by a lawyer. The bottom floor was an apartment he rented out and he had converted the attic into two student apartments. The front apartment, which was the largest, was mine. The front two windows were both mine, as well as the little window on the side. Total rent was 675 guilders per month. Try find an apartment with that price in euros these days (at the moment of introduction, 1 euro was slightly overvalued at 2.2 Guilders). Anyway, at the time it seemed like a lot of money.

As you can see right next to my left there is a pretty big tower and half a cathedral. In fact this is the largest church tower in the Netherlands and you can read all about the missing half of the cathedral on wikipedia. It was noisy too, especially at night. But you stop noticing after some time.

Off to Spain

Next few weeks I’m going to get some sun light and heat in Spain. I’m first going to stay for a few days at Christian del Rosso’s place in Madrid. Christian’s my neighbour here in Helsinki and he is currently in Madrid together with his wife and little son Emilio doing an MBA. Last time I was in Madrid, I didn’t have much time for sightseeing so this time I will take some time to do that.

From Saturday, I’m renting a car and will be doing my usual neurotic routine of driving too much and seeing too little. The record still stands at around 4000 km in 3 weeks. That was on a trip to Spain where I visited Castilla y Leon and Extremadura. The goal of this trip is to go there again and this time visit all the stuff I somehow missed the last time, which is quite a lot.

I’ve spent the morning packing and (mostly) doing a bit of reconnaisance on Google. A few weeks ago I was considering to buy a travel guide when it occured to me that the lonely planet I have for Spain is mostly fluffy text and really thin on things like what are good places to see and stay. Sure it will cover the big attractions but the interesting stuff where I’m going is small villages and towns. I actually prefer staying in medium sized towns where parking is doable. My requirements are very simple: decent place to sleep, stuff to see, and lots of places to eat & drink. The average Spanish town has a plaza mayor, with a few bars and hotels around it and usually a parking garage nearby.

So that’s easy. So the algorithm is roughly: select town, drive to it, park on or near Plaza Mayor and try a few hostels/hotels. Never takes more than two or three attempts to find a decent place to sleep. Anyway, Google is good to that stuff so I spend the morning copy pasting together my own travelguide. I’ve a top five list of towns I’m probably going to stay in: Zamora, Segovia, Trujillo, Badajoz, Salamanca and maybe Leon again (depending on weather). I also have a few backup options and a long list of stuff to see and do. In the unlikely event I get bored with the area, I have Portugal and Andalucia within a few hours drive.

Security

Knowing slightly more than average about computers, I am regularly assumed to be an expert by family or friends. A returning question is which virus scanner to use. This one always causes me some trouble because I know the right answer is to spend some money on e.g. Norton or McAfee or to experiment with one of the free solutions.

However, I don’t really know anything about the subject because I don’t use virus scanners at all. I don’t need them. But this is hardly something to recommend to somebody who has no clue what to do here. At work we have Norton Antivirus wasting a lot of my time on my slow laptop disk. Each time it boots, it insists on re-examining the same crap it hasn’t found a virus in before, ever. It so happens that this is a particularly bad time to access the disk since a dozen processes are trying to start. So, I usually kill the process to make my laptop boot in a reasonable time frame (< 10 minutes). I think over the past few years, Norton easily wasted several working days of my time by making me wait. Arguably the economic damage of such products is worse than the problems they supposedly prevent.

Installing virus scanners is not a security measure but merely a form of deniability for system administrators. If the shit hits the fan, they can point to Norton and Norton can point to the fine print in their license (which says good luck if the shit hits the fan). Norton’s businessmodel is to provide deniability to companies. The price is in dollars and productivity lost. Norton will easily transform any laptop in a dead slow machine, especially if configured for maximum deniability (scan everything, always, every time, all the time).

I know I’m OK because I know how not to get infected, which is why I don’t run any security products at home. A little bit of hygiene goes a long way. Most virus infections are ignorant users clicking on stuff they shouldn’t be clicking. Drive by infections are also common with risky things such as active x and internet explorer exposed and not updated. That’s no concern for me because I A)  use firefox, B) don’t visit suspicious sites and only use up to date, mainstream plugins, C) have adaware filter out a lot of crap, and D) keep my shit up to date. Sure, that still leaves some room for something to slip by but I’ve never been infected by anything since I stopped accepting floppy’s from strangers (long time ago).

A few days ago, some download included Norton Security Scan which is a free scanning tool designed to make you buy the full version. Since this computer has been exposed to the nasty internet for a few years now, I thought lets see what it comes up with.

Well:

  • A tracking cookie in my browser of some ad site. Tedious but not really a risk. Also shows how crappy this tool is because I have way more advertisment related cookies that I probably should remove. However, I’m too lazy to keep track of all my cookies. Once in a while I clean them up by deleting cookies for any domain I don’t know or care about.
  • Two infected mails in thunderbird’s trashcan (w32.netsky.p@mm!enc worm). That’s risky, if you open the attachment. Using Thunderbird prevents that from happening automatically. Besides, all my mail is handled by Google these days which uses serverside malware and virus filters. So no reason for me to install a virus scanner. These two mails probably predate me starting to use gmail. This was in 2005.

So two old and obvious malware mails I deleted (or thunderbird filtered them) and a tracking cookie. No worms, no rootkits, no spyware, no adware. Just a failed attempt to make me open some shitty attachment and a cookie. Thanks for confirming what I already knew Norton. I uninstalled it.

This doesn’t prove anything of course. There’s no perfect security. But so far so good. I don’t have a firewall since I have a NAT router which stops any incoming request except the ones that it shouldn’t be stopping because I told it to. I know everything outgoing is OK because I know what software I install. My router doesn’t do UPNP configuration so I control everything manually. I don’t have a virus scanner active since all my mail goes to google which already scans my mails. All my downloads are of course a risk, so I take care to only download from respectable sources. I actually have clamwin antivirus installed to manually scan files if I don’t trust the source but I rarely have a need for it and it has never found anything. Firefox 3 should warn me against malware sites in so far they are able to keep their filters up to date. Arguably if they screw up, Norton isn’t doing much better probably.

So in short, I’m keeping my money and will take my chances. If something goes wrong, I’ll only have myself to blame and will be back online in no time because I do have backups of all my important files. The last time this happened was when a particularly nasty piece of malware struck me: windows activation failed on a fully legal version of windows XP pro after installing a new usb hard disk.