writing design documents

Although professional graphics make a really nice impression, I think it's a mistake to invest a lot of time into getting professional mockups made for the basic specification phase.

Having some basic icons is good for maintaining an acceptable level of aesthetic appeal. However, having a single designer create realistic mockups for all of the pages is inefficient when when the design is still moderately fluid.

The page layout is still changing significantly, which means trashing entire pages of work. Also, we've only got one designer assigned to this part time, so I think it's unreasonable to have her do all the mockups. Also, any design changes have to be communicated to her so that she can adjust the mockups accordingly. We have six people writing specification documents and only one designer. It doesn't scale at all.

Social networking suggestions

There's so much interesting content out there.

Christopher Allen's advice on social networking is pretty interesting. Implementing his suggestions would make a pretty cool site, but take a lot of effort to create.

I also read part of his thoughts on Orkut.

I am part of Ryze and Orkut.

Orkut has gotten really annoying, especially with the recent tie-in to Google Mail. I never use it anyway.

Ryze is ok. Half the people seem to be random opportunists and the other half have really interesting things to say. I personally find it annoying that free account holders (i.e. me) can't use most search functionality.

enterprise application security

An interesting article on writing secure applications.

social networking sites and privacy

While doing some research for work I came across this interesting piece by Roger Clarke via corante.

Through the 1990s, there was a recurring piece of pop-anthropology verging on an urban myth, referred to as 'six degrees of separation' (e.g. Matthews 2000). During 2003, apparently inspired by this idea, a number of companies released services to assist people to 'network'.

Many of these services encourage or even require that users provide information not only about themselves, but also about their friends or contacts. In some cases, users' address-books may be stored on the company's server, which is accessible over the Internet, and therefore from any Internet-connected device.

This paper provides a brief privacy impact assessment of such services. Its primary concern is not the privacy of the users who sign up for such schemes. That is a legitimate topic for an article as well; but those users are providing data about themselves consensually, and the risks and (lack of) protections are reasonably well-understood. This article instead focusses on a matter that is new, and of great concern: the privacy of other individuals whose data is volunteered to such services by its users.

I've only skimmed a portion of the paper but I found this statement very interesting:

Several of the sites display the Trust-e 'meta-brand'. Meta-brands were examined in an earlier article in this series (Clarke 2001), and their value was shown to be very close to zero.

I've always wondered if stuff like the Trust-e 'meta-brand' was any use. I shall have to go read this meta-brand paper.

good programmers

Paradoxical but interesting essay on Why Good Programmers Are Lazy and Dumb.

In the endless battle between a programmer and the compiler, it’s best for the programmer to give up early and admit that it’s always him and never the compiler who’s at fault (unless it’s about character encoding issues, which is the part even the compiler gets wrong).