Don Marti

Sat 22 Nov 2008 09:52:33 AM PST

An old HIG mistake

(Just catching up on links that the Perl script dragged in, and found one of those "my web framework is better than your web framework" blog posts. Total spam URLs in the comments: 519. If I were a black-hat SEO, I'd have something like my "find the stuff that people are making new links to" script, too. Are the black-hat SEOs and I reading the same stuff?)

Apple's ambitious Macintosh project gets a lot of credit for bringing a whole bunch of new ideas to a lot of people in one affordable package, but one of the most important ideas, and one without which it wouldn't have worked, was a book called Macintosh Human Interface Guidelines.

Different keyboard shortcuts in different applications are bad enough. If you used WordPerfect and Lotus 1-2-3 you wasted a bunch of your muscle memory on different commands to do the same thing. But imagine a GUI system with as much inconsistency as the old MS-DOS applications scene, where not only do you need different key combinations to do the same thing, but the mouse button behavior changes as the pointer rolls from appllication to application. (Actually, if you've used pre-KDE/GNOME Unix or Linux desktops you don't have to imagine it.) Apple couldn't have introduced a Macintosh where every application developer did his or her own thing—people's heads would have exploded and their next of kin would have taken the machine back to the store.

The idea of Human Interface Guidelines changes all that. Don't go to disk for something that's in RAM, and don't make the user go to the manual or the menus for something that's already in muscle memory. Like a lot of Macintosh ideas, the rest of the industry has followed, and today something isn't really a "platform" until it has an HIG document of its own. (hey, maybe KDE and GNOME could use their upcoming lovefest to combine their HIG projects.)

But all the HIG stuff out there is more or less based on the original Macintosh version. Which is mostly a very good thing, except for feature that today looks like a mistake. The action to start a new program is the same as the action to open a file.

There might have been a good reason to do this back in the days of "Please insert the disk: Untitled". But today we have safer, more useful ways to install software: package management and click-to-license facilities such as Lindows/Linspire's Click-n-Run Warehouse and Apple's later CNR-like App Store. (Yes, inspiration flows both ways.)

Just clicking on an executable to run it leads to stuff like sneaky attachments and tricks to make executables look like data files. Now we have wack-ass "security vendor" stuff like white listing to cover up what's really an industry-wide interface design problem.

Unfortunately, some platforms are going to have trouble fixing the click-to-run problem. Microsoft has to do all its security design under the vulture eyes of antitrust ambulance-chasers working for the so-called security vendors. Even something as unhelpful as "hey, Rocky, let's pattern-match for known naughty programs!" is a minefield. Imagine if they tried something like an RPM-like installer for signed packages, or Apple's App Store.

If I get the Pirate Czar job in Washington, DC, we'll offer the IT industry a deal: we won't micromanage your product or service design decisions with antitrust law, but in exchange you'll have to live without "pro-trust" policies, such as anticircumvention enforcement against non-infringers and patents that apply to independent clean-room implementations of wire protocols or data file formats. This kind of thing is why we need someone for the Pirate Czar job who isn't stuck deep in the silo of Intellectual Property Law.