November 17, 2003
So Paul Thurrot has decided that the next generation of Windows will introduce a “task-based interface” that will just blow away Mac OS X. On his site, Paul Thurrot's SuperSite For Windows, specifically says this:
Apple has implemented some basic desktop composition features in Mac OS X “Panther.” But the basic problem with Mac OS X isn't going away: It's a classic desktop operating system that doesn't offer anything in the way of usability advancements over previous desktop operating systems. Today, Windows XP and its task-based interface are far superior to anything in Mac OS X. In the future, Longhorn will further distance Windows from OS X. From a graphical standpoint, there won't be any comparison. As Microsoft revealed at thePDC 2003 conference, Longhorn is far more impressive technically than Panther.
Now, I'm not going to get into another round of the Mac v. Windows war. But I do have an opinion on his “Windows' Task - based interface is better” theory: I think that this is yet another example of Microsoft being very inventive in covering up complexity to avoid actually making the OS easier to use.
The task - based interface is something Microsoft has wanted for a while. Wizards, paperclips, Bob, all of these things attempt to make the computer conform to what we use it for. In other words, the user should think less of the computer, and more of what they wish to do with the computer.
This is not a bad thing. In fact, you use task based interfaces every day. Your ATM. Your DVD player. Your microwave oven. Your car. They work very well. But notice the one thing they all have in common. The devices they are interfaces for are single, or limited - task devices. This is an important thing to consider. Devices centered around a task become very good at that task, and very bad at anything else. Because of this narrowness of purpose, it is relatively easy to make their interfaces simple to learn and use.
Unfortunately, things like Macs, Windows boxes, Linux boxes, etc., are not single purpose tools. They are, quite literally, general purpose computers. They are designed to handle any task thrown at them by the user as best they can. By and large they do this well. The same G5 that is part of a super-computing cluster can also do a spiffy job with your taxes, designing posters, etc. Now, all of these functions are tasks. And the applications you use to accomplish these functions have task - based interfaces.
iTunes is a great example. It has a task based interface. It also has a rather small number of functions, like a car. The OS on your computer also has a small number of tasks. Run the hardware, and let you use the hardware. Two things, that include everything. So how do you create discrete tasks for something whose primary purpose has an essentially infinite scope?
Well, if you're Microsoft, you make everything a wizard. Everything becomes a task that the computer helps you with. “Would you like to write a letter? I see your letter appears to be a business letter, would you like to see a list of business letter templates...” Windows is becoming like a Boy Scout on speed. In its attempt to make things simpler, Microsoft has crossed the line from helping, to getting in the way.
All the time.
The problem is, what if you want to do something that the annoying helpful thing on your screen isn't designed for? Well then, you have to kill the annoying thing, and use the “real” interface. And that's where Windows always falls down. As long as all you want to do is what the wizards can help you with, Windows is great. But the first time you let go of the wizard's hand to cross the street on your own, oh, it's a hard world.
Windows still has not figured out simplicity. Not in applications, not in UI design, nothing. It doesn't want to limit your options, so they give you so many choices, that it becomes harder to use. To make these options less confusing, they hide them under layers of tabs labeled “Advanced”. But what's advanced? Who decides? This approach tends to cause as many problems as it solves. For example, the Start Menu settings. There are three settings for My Documents in the Start Menu under Windows XP:
Display as link
Display as a menu
Don't display this item
One doesn't show you what's inside, one does, one removes it from the Start Menu entirely. The last option, the
Don't display this item is the only clear one. Why is a link different than a menu? What's the difference? Sure, there's a little question mark in the settings panel, that, in theory, lets you activate help for an item in the panel, but Microsoft chose not to create any help text when you use the only obvious help method for this panel.
Now, that's nice. You have settings that could be confusing to the new user, and the only obvious help link does nothing. What you have to do is right click, and then click on the “What's This?” menu that pops up. For that, in our example, you are told that this settings panel: “Lets you choose the items you want to display on the Start menu. You can choose to display items in submenus, or as links you can click to open the program directly.”
Well, if you use Windows regularly, then this makes some sense. But for the newbie, there's no indication of how to figure out what is going on here. The use of “application” instead of “folder” is confusing, because I'm asking about a folder, not an application. But it's classic Windows: “We'll make it easy to do things the way MS wants you to.”
The non-functional help control is another one. “Oh, you wanted the HELP item to display HELP on anything you click it on. No, it doesn't do that. It only does it for SOME things. No, we won't make it obvious which ones.” It's like someone sold the Windows team some sort of bizarro “Make it easier” paintball gun, and they just fire away until they run out of paint or blank space. You can't make anything simpler by making it really complex and then attempting to hide the complexity behind a legion of happy little assistants and wizards.
Because at some point, someone wants to do something the wizard can't do, and then they have to deal with the complexity that you're trying to hide. That's what the task-based interface is. An ever-growing number of assistants and wizards. It looks like the thought process at Microsoft is “If we include enough wizards, eventually, we'll have one for every single thing you'll ever do on the computer.”
It's a nice idea, but it's going to fail. You can't idiot - proof anything, the idiots get more inventive. The only way to make things simpler is to remove complexity. You have to make simplicity and ease of use a part of every aspect of the OS, not just the specific tasks you want the user to accomplish. You have to accept that no matter how large the usability testing group, at some point, someone is going to figure out something you didn't think of.
Those people always have a lot of friends.
Instead of trying to anticipate my every need, and creating gigabytes of assistants, how about just making the damned OS simpler? How about paring things down? Sure, you're going to piss off the “I want every option ever imagined at my fingertips” crowd, but so what? They'll find about 300 workarounds five minutes after you ship, and by the end of the day, have ten utilities written to allow you to complicate your computer as much as you want. That's all good, and it can often show you things that should be a part of the OS that aren't, and that you wouldn't have thought of on your own.
But the OS needs to be simple. It needs to present you with a simple interface, and get out of the way. I don't want dialogs telling me I just attached a mouse. I was there when I attached the thing, really, I remember. I don't need to be bugged about drivers. If I want to install a custom driver, I'll do it. Just let me use the basic functions of the mouse and get out of my way. I don't need to be bothered about everything I do. Nor does anyone else. We just want to use the thing.
Instead of the annoying boy scout, be the experienced butler that is always there when you need him with exactly what you need him for, but isn't in your face all the time. If I plug a printer to a USB port, and I already have the driver, great. Leave me alone, and just let me print to it. If I disconnect said printer, the why do I need to see its icon anymore, even if it has a big red X through it? It's not there anymore, remove it from my sight. Putting a tarp over a corpse doesn't mean the corpse is gone. it just means it's not as unsightly.
Be consistent too. Don't let me have expanding submenus in the Start Menu for my pictures and MP3s but then make me open up Printers and Faxes to see what printers I have. Even if I only have one let me see it. If you're going to try to automagically find network printers for me, don't show me a list of servers in a single signon environment. I'm already signed in and authenticated, so there's no reason to make me manually find the printers I can print to.
The authentication and authorization mechanisms should already know that. I don't need to see the servers they're attached to. I don't care, I just want to kill a tree today. If I'm not allowed to use that printer, don't show it to me. I still don't care about the server. Why would I? I'm in the IT business, I still don't care about the server. I just want to print. That's why we have single signon right? Now, if I'm not in a single signon environment, that's different. But if I am, authentication is done. The system knows what I have access to. Show me the printers. Make my computer experience simpler for once.
But that kind of simplification is hard. It's mind-numbingly tedious. It's far easier to prop up a bad system, and fling assistants at the user like you were testing pasta. That way, you eventually get enough assistants to cover the complaints, and you don't have to do any real UI redesign work. So in the end, Microsoft's “Task-based” interface isn't some great new way to make the UI simpler and easier. It's a way to cover up the fact that they either cannot, or will not take on the work of truly making Windows easier to use.
Sorry Paul, but I want an OS that's easier to use by design, not by clever fascia.| Comments ()
November 8, 2003
Networking with Panther: User - Level Impressions
First, some of you may be wondering why this isn't in the Mac section of the site. Well, to be honest, I'm not sure either, but I want it here, which is probably as good a reason as any. As well, this is less a review of Panther, and Panther's networking, (that's a lot of writing, and I have outlets that pay me for that kind of work. Yes, I do love money. I adore it. It pays my rent and buys me food. Besides, anyone who thinks money can't buy happiness never owned a puppy), and more of a look at some of the things Apple is attempting to do, and how it seems to be working, or not working.
Panther has some rather significant networking changes at the user and lower levels. The biggest change at the user level is what is probably best called "browser - based" networking. The idea here is that instead of using a separate interface such as the Chooser, or Connect To Server, you simply click on Networks, click on the network structure, click on the servers, authenticate to the server, then use the shares you have access to. If you use Windows, this is rather familiar, it's how Windows has done networking since Windows 95, and it's almost the same interface. It finally makes the Network domain useful outside of Netinfo / Mac OS X - based networks. The idea here is that you don't have to treat a network drive or share any different from a local one. You simply go to it, do your work, and that's it.
However, the only thing that's really changed is the interface. Let's take a look. With both, you have to go to a specific starting point, either Connect To Server, or the Network icon in the Finder. With both, you have to find the server you want to connect to, which may be right in the root of Network, or in a structure such as an AppleTalk zone, Windows Domain or Novell Directory tree. Once you find that server, you have to log into that server, and select the share you want. This is the same for both methods. The only real difference is that with Panther, you don't have the share virtualized on the Desktop, or at the root of your Computer. Instead, you navigate through the Network path.
So what has changed? The start and the end points. Unfortunately, from what I've seen, the changes fall more under the category of "different" as opposed to "better". The old system, while maybe a step or two longer, and not as well integrated into the Finder at the start, provided some useful user feedback. and behaved more like you expect a drive to behave. Having the share mounted on the Desktop shows that you have made a connection, and mounted the network share, and can now use it. If you need to get back to it at some point, it's right there in the root of the Finder, or on your Desktop. So you can get to it fairly quickly. You have a clear indication that this is not a local hard drive, so you have feedback that this is not a local drive, and that its availability may change as your network status changes.
The new system leaves the share buried in Network/organizational structure/server/sharename. So if you close the window, you have to navigate back to that location. To open a document from within an application requires the same amount of navigation to do. So any time you save with this method on the front end, is gone rather quickly. This may seem like a minor complaint, but in a work situation, where you may deal with many servers and shares, this gets very tedious, and one thing that the Mac should be about is reducing, not increasing, tedium.
There is the argument that this method is more transparent to the user, but I fail to see how. You still have to navigate to an external server, authenticate, (Unless you have single-signon working), pick the share, etc. The share is in a different structure, Network, in the Finder, so you are navigating a different path. Unless Apple changes Mac OS X so that AFP and SMB shares mount to local directories, ala NFS, the transparency is not that different from the pre - Panther methods of mounting shares, it's just hidden in a more convoluted path. But there is another side to working with network resources, and that is how they behave when you are not connected to the network.
With the old system, it was pretty simple. The shares weren't there. You either voluntarily unmounted them, or the OS did. So there was a clear behavior there. If you aren't connected to the network, it doesn't exist. You can't see it, you can't use it. This is clear feedback. If you had an alias of the network drive on your system, trying to open it forced you to re-authenticate in some fashion, or if you weren't able to connect to the network, you got a failure message. Clear, unambiguous, easy to learn and remember. In the new system, things get a bit muddy.
Apple is trying to make things a bit smoother during the transitions between networks and network configurations, and that's good, but the Panther implementation leaves a lot to be desired. The first problem is that network structures are visible, even when you have no connection to them. The OS will make aliases of the structures in /var/automount/Network/. This way, when you reconnect, the network structures are available faster. When you look in Network in the Finder, these aliases aren't available. But they are in /var/automount. So, if you decide to be a little clever, and put /var/automount in your Dock, you get an inaccurate view of things. Now, this can be covered by "Don't do that". However, I get really tired of the constant navigation through the new, longer directory structure. Do this 30 - 40 times, and you'll see what I mean. So there's now an inspiration to get clever.
The system doesn't just alias shares, it also can create local copies of network files under the right situation. If you do as I did, and put /var/automount in your Dock, and you access the files this way, you can end up creating a local copy of the file, and using that, not the network copy. But when you are connected to the network, there's no synchronization going on. So now you have multiple copies of a file, but no clear indication that this local file is not the network file, or that there is no synchronization going on. Arguably, going at the network in this manner circumvents the way the OS intends you to go at the file, and you shouldn't do this. But Mac users are known for doing things differently, and finding shortcuts. The problem, in this case, is permissions - related. While /var/automount is only writable by root, and /var/automount/Network is only writable by root, and even the SMB Domain, AppleTalk Zone aliases within /var/automount/Network are only writable by root, the aliases to the shares are writable and owned by the user who mounted them. This is not how the permissions should be set.
The aliases in /var/automount should all be set unwritable except by root unless you are connected to the network. Even better, the contents of /var/automount/Network should be set to no access except by root, unless you are connected to the network that the aliases are a part of. The best solution of course would be to simply disallow direct access to these aliases except by root. That is one of the ideas of permissions, the prevention of unauthorized access. Besides, it's not as if I hacked anything to get /var/automount in my Dock. Open a Finder window, hit shift - cmd - g for go to folder, enter in /var/automount/, hit enter, drag the folder into the Dock. You can use that to put your pictures directory into the Dock too. So this isn't a silly thing that some undocumented hack pulled off. I didn't need to be root, or use sudo for this. It's just an example of what a little creative exploration can do. The OS using permissions correctly here would fix this.
Now, what happens when you aren't on the network? With the old system, any mounted drives would be unavailable. You'd have to eject them, or they'd go away on their own, depending on which release of Mac OS X you had, (there were several bug fixes related to this.) This is, again, clear feedback. The drive is gone. You cannot see it. Buh-bye. The new system, well, you don't know. There's nothing to visibly show you that you no longer have access to the network. The only feedback you might get is a dialog, informing you that you have disconnected from the network. That's good, it works, but it's hardly better
than the old system, and it's hard to say that this is more seamless than the old system. There's also a really annoying bug with the new system and Windows networks. If I disconnect from a network, where I've been working on a server with say fifty shares, and I've only used one, I'm going to get a disconnect dialog for every share on that server. Hitting disconnect requires me to verify it with a second dialog. There's no checkbox for "Yes, disconnect from EVERYTHING". That's beyond tedious, especially if you are a laptop user. Oddly enough, laptop users occasionally go where there's no network. Shocking, but true. I myself have done so on a number of occasions. This bug is really annoying. REALLY ANNOYING. Trust me.
Another problem with the new network behaviors is how you voluntarily disconnect from the network. Pre-Panther, it was easy. Drag drives to trash, just like you did for every other drive, local or not. Leaving arguments as to how intuitive dragging a drive to the trash to unmount / eject it is, it was very consistent with the expected behavior any non - boot drive. It was easily taught. It behaved consistently. The new behavior is not that consistent.
For example, I have a G4 tower named "downstairsG4". I connect to it in Panther, authenticate, and I see all the shares I have access to. Cool. Now, I want to manually eject one. No can do. I have to eject the server. But I want to get back to another share. I have to re-authenticate. Mahvelous. It's now all or nothing. But if you connect the old way, then the disconnect behavior is more clear. You eject only that which you want to eject by explicit action. The new behavior assumes that if you want to eject one share from a server, you obviously want to eject them all, for you must be done with that server to eject one share. Assumptions are so very bad when applied to over a million people. I fully admit that this new behavior is more convenient when attaching to a server. But that convenience is lost if you don't work exactly how Panther expects you to when it comes to unmounting things.
However, it's not like you can't mount shares the old way in Panther. You can still use Connect To Server to get desktop mounts. Unfortunately, you now have to know the smb/afp/http/nfs URL of the server and the share to use Connect To Server. Hitting "Browse" brings up a Finder window, forcing you into the new methodology. I really fail to see the advantage here, or the reason for removing features from Connect To Server. If you use an AppleScript, with the "mount volume" command, then you get the pre - Panther behavior.
But what happens when you use both methods? Well then gentle reader, things get interesting. If you mount a share the old way first, then mount the same server the new way, the share you mounted the old way doesn't show up in the Finder with the shares you mounted the new way. That's good, no double - double mounts, unambiguous feedback to say, "Hey, you already mounted this". However, if you unmount the share you mounted the old way, it still doesn't show up when you look at the server you mounted the new way. But I have the server mounted in the new way, so shouldn't it still be there, since you can't unmount anything below the server level with the new mount behavior? You have to unmount that server, then reconnect to it to see the shares.
Now, what happens if you mount a server the new way, and try to connect to it the old way? Under the old way, you couldn't double-mount a share. If you mounted a share, and reconnected to a server, then the share you had mounted was greyed out, so you couldn't mount it twice. Under the new system, it's easy to double - mount the share. Mount the server the new way, then connect with the old way, and mount the same shares. They aren't greyed out, nor is there anything to indicate that these shares are already mounted. Because they technically aren't. The server is mounted, right? You can verify that they're double - mounted with three lines of AppleScript:
tell application "System Events"
set theList to every disk
In my case, if I do this with all the shares on my G4 tower, I get the following as a result: disk "Aurora:", (my boot disk) disk "Network:", (The "Network" drive you see in the Finder) disk "Groups:", (these are all the same shares, mounted differently, all via AFP) disk "Public:", disk "Users:", disk "Groups:", disk "Public:", disk "Users:" This is not good.
Each mount type is the same endpoint, but with different properties. The POSIX and URL paths are different. The eject behavior is different. If you are using AppleScript workflows that rely on network volumes being mounted in a consistent way, there is a HUGE potential for trouble here. This is so obviously a bad behavior, I'm amazed Panther was released with it.
Unmounting in this case is just as inconsistent. If the drives are double mounted, and you unmount the server you connected to in the new way, the desktop shares are still there. If you unmount the desktop shares, the shares you connected to in the new way are still there. So potentially, you can have a situation where you think you have unmounted network connections, but you really haven't. That has the potential for a security problem. Oh, and if there's a way to use AppleScript to connect to a server in the new method, I haven't found it yet. So AppleScript forces you to use the old method.
Very "not good". This needs to be cleaned up now. The Mac web is already getting a lot of email from people who are very unhappy with this inconsistency. While making things smoother is always good, this new network connection behavior reeks of not yet done. But when Steve announces a date, then even things that don't work right get shipped. It does make me wish he would have waited until closer to the "before the end of 2003" deadline he had announced for Panther. A little fit and finish work would have gone a long way.| Comments ()