On Wednesday 09 December 2009 15:21:44 cvollet at gmail.com wrote: > Hello, > > I saw this article today : > http://developerart.com/publications/9/interface-design-and-usability-for-hardcore-programmers > > It's short, and it presents common mistakes in UI, so I think it can be of > interest.
Great stuff. We're not going to do any significant work on UI until pupok reports back but it's worth considering anyway. Some of it is difficult for us ... Most of these we could reasonably go over on the current UI, although many we do try to deal with; I will point out those that are particularly problematic - which really means another rant on the first time wizard. :) LANGUAGE: 1. Don't talk to users in geek language We always need to be careful about this. Some places, e.g. when node.db4o is corrrupt, it is important to provide easy (if unsatisfactory!) solutions via buttons, not just tell the user that this file is missing. WIZARD AND CHOICES: 2. Don't write long texts 14. Don't ask users to make choices He has a point, but unfortunately we *do* have to ask the user to make some difficult choices up front. And some of them they will get wrong. And a line and a half may not be enough space to tell them what they need to know to not get it wrong, but they won't read any more than that, so letting them choose maximum only to be told that's not a good idea on the next screen may be the best compromise? Some questions we can maybe get rid of. The welcome screen can be gotten rid of, with a small configure manually link somewhere on the other pages, although I'm not sure we need one. The separate browser warning can be downscaled once we have reliable working incognito mode - but right now we don't. The bug on Google says Chrome does work reliably in incognito from the command line if it has a separate profile dir for incognito, I'm not sure if this is immediately fixable? Auto-update I'm not sure about, should it be on by default? We should probably only ask about UPnP and JSTUN if the user sets a high security level, although we could probably improve the questions. E.g.: How are you connected to the Internet? [ ] Dial up modem -> warning about speed likely being poor, enable JSTUN [ ] Cable or DSL router/modem (Most people should choose this) -> enable UPnP, JSTUN [ ] Untrusted network e.g. student accomodation, building-level internet (Choose this if you have people you don't trust on your local network, even if you have a router as well) -> enable JSTUN but not UPnP The following should only be shown if the user chooses a network security level above LOW: Can Freenet use central servers to detect your IP address? These servers are also used by internet phone systems and some other peer to peer software. [x] yes // SELECTED BY DEFAULT -> enable JSTUN [ ] no -> disable JSTUN This is still too jargony, anyone able to rephrase in English? :| Network security level page: IMHO the text is pretty good now. However, a lot of people are going to hit HIGH or MAXIMUM, and we do not tell them not to on this page. They then get a big bad warning page. This may well be demotivating, as the article mentioned. Maybe we need to reintroduce the opennet selection? === Protection against those you don't know attacking you over the Internet How much security do you need against people and organisations trying to trace what you are doing on Freenet? If you don't know anyone using Freenet, choose one of these two: LOW: I do not care about monitoring and want maximum performance. NORMAL: I live in a relatively free country, but I would like to make it more difficult for others to monitor my communications. If you have at least 5 friends already using Freenet (1 if you are desperate), you can enable high security mode: HIGH: I would like to make it much more difficult for others to monitor my communications, or I am worried about ISPs and/or governments trying to block Freenet. MAXIMUM: I intend to access information that could get me arrested, imprisoned, or worse. I understand that Freenet is experimental and cannot ensure security against certain known attacks, but I accept the risks compared to the alternatives. === Friends security level page: Do we still need the HIGH friends security level warning? How likely are newbies to add "friends" they don't know just to boost performance at this point? Also maybe the wording could be improved. Generally we assume you are much more likely to be attacked by strangers trying to silence a critic than by your friends. Physical security level page: The NORMAL level explanation refers to the panic button, but the panic button does not show the panic button! **We must show the panic button in NORMAL mode!** The text at the beginning is too long, users won't read it. We can move some of it down. IMHO it is acceptable as on the network seclevel page for the MAXIMUM explanation to be a bit longer than the others. I do think we need to mention master.keys here for the more concerned users. === Freenet can encrypt its temporary files so that if your computer is seized or stolen it will be harder to find out what you have been doing with it. How concerned are you about this? LOW: I am not concerned. Don't encrypt anything. (This improves speed slightly) NORMAL: I am concerned. Encrypt all important data, so that I can erase it easily by using the panic button on the downloads/uploads page, or securely deleting the file master.keys. HIGH: I am very concerned. Encrypt all important data with a password. Do not allow access to it until I have entered the password. Set the password: [ password box ] MAXIMUM: I am extremely worried. Encrypt everything and do not store the key. Wipe everything whenever the node is restarted: Persistent downloads will disappear when I restart the node. === We should probably also move the download-to-disk warning to the download page?? === Your options are: [Download] the file and store in [PATH]. This is outside of Freenet: If your computer is seized the file will still be there, even if you click the panic button and uninstall Freenet first. [Fetch] the file to encrypted temporary space. It will be lost if you uninstall Freenet, click the panic button, or lose the master password. ... === (IMHO we don't have to mention the downloads page since we are redirecting to it after queueing anyway). Bandwidth limits page: If UPnP works (which requires that it be started before we get here), this is just a click through. The text afterwards is a bit long, and rather covering our behinds with regards to users who get cross when we use up all their bandwidth. Ideally we'd have options for a monthly limit and for connecting to Freenet only at certain times of day. Also, we might get an estimate from the connection type the user chose earlier? If we move the choice of connection type to after the security levels, we need to put the datastore size before this so we have a chance of picking up the connection speed via UPnP before we get here. Also Cancel vs Back? Back is better surely? We should estimate monthly usage via javascript depending on the active option. == Bandwidth limits Maximum bandwidth usage per second: [ Auto-detected: 27kB/sec ] [ No monthly limit ] [ Continue ] [ Back ] Estimated monthly usage: 148GB (74GB download) Freenet will run constantly while your computer is turned on, unless you disable this using the system tray icon. This greatly improves security. Freenet can throttle itself during peak times if this is cheaper: [ 9 AM ] to [ Midnight ]: [ Same as overall limit ] [ No monthly limit ] Estimated peak monthly usage: 92GB (46GB download) == Datastore size page: The text is a bit long. Any ideas on shortening it? > > Regards, > > Dieppe > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 835 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20100120/222cb1f6/attachment.pgp>
