radiant.matrix

You know, I like Jeff Atwood — at least based on what I read on his Coding Horror blog — but I get really irritated at him when he tries to dissect the differences between Mac and Windows. The latest example of this is his post What’s Wrong with Setup.exe?. It’s not that his comments are wrong, per se — more that it’s fairly obvious that Jeff isn’t a Mac user.

Now, I’m far from a zealot. I use Windows both at home and at work, and also use a Mac notebook and an array of Linux machines. I like all of them, and all have their little frustrations. So what bothers me about Jeff’s Mac-related posts isn’t that he’s a Windows user, but rather that because he appears not to be a Mac user, he makes conclusions that are based entirely on supposition. As a result, his criticisms come off as anti-Mac attitude; I think this detracts from legitimate criticism of the Mac.

Let me focus primarily on the article in question. The process of installation Jeff quotes involves downloading a zipped disk image, mounting it, agreeing to a license, then dragging the application to the Applications folder. Irritatingly, Jeff makes it sound like this is the typical path for installing applications on the Mac, then proceeds to criticize it.

In reality, that’s pretty much the worst-case scenario of installation. Installation on the Mac does indeed have its share of problems — but they’re largely the same problems as Windows has. By far, the two most common installation methods on the Mac are:

1. Download a disk image (.dmg), mount it, drag the app to the Applications folder. Often, the .dmg contains a shortcut to the Applications folder so that one doesn’t have to go hunt it down.
2. Download an installer package (.pkg) and run it. Sometimes that package is inside a .dmg or .zip file. The .pkg system is analogous to the .msi packages on Windows.

The first method is a little bit annoying, but ends up being fewer steps (usually) than running an installer. It also means that you can “uninstall” by simply dragging the app to the trash. Windows users may find that system annoying, but it’s a subjective call — I personally like it, but it isn’t objectively better or worse than the installer-package approach.

The second method is basically identical to installation on Windows.

All that said, I do agree with Jeff that installation processes on all platforms deserve more attention than they usually get. After all, the install process is the first exposure one’s customer has with a piece of software. It seems sensible, therefore, to put some effort into making it a pleasant experience.

Still, I wish Jeff would refrain from focusing how the Mac seems to do things, since he doesn’t seem to have any significant experience with it. It’d have been better if he’d just focused on the general problem that software developers often don’t make installation simple, and not implied that somehow it was the Mac OS that caused the problem.

I understand — and, in fact, completely support — requiring a minimum password strength for things like online access to credit-card accounts. Far too many companies, though, are enforcing specific complexity requirements rather than minimum password strength. This hurts those of us who use randomly-generated passwords.

For example, imagine I want to use the password d1Z!v^Z+?=. Both the SecurityStats.com password strength check and the [Microsoft password checker] tell me this is a strong password.

However, some sites, such as Citibank’s Universal Card site, reject that password, requiring that passwords contain at least 2 letters and 2 numbers.

I don’t understand this: password strength is a function of password entropy, not the result of following a formula. In fact, restricting the passwords that can be used by applying those formulaic rules actually reduces security, since it narrows the set of potential passwords. Password-strength calculations aren’t hard: the above-mentioned one on the Microsoft website is perfectly simple and usable.

I can only chalk it up to lazy and last-minute consideration of security.

Found via VideoSift

Today’s Starslip Crisis strip reminds me so much of a few places I’ve worked that I just had to share. I don’t know what it is about the IT industry that brings out that kind of stupidity. I’ll just share one quick story:

I was working on contract at a small catalog company, and had written some software to merge various supplier data feeds into a database (this had been done by hand previously). I’d also supplied a small web-based app so that the results could be adjusted when necessary: say, in the event of incorrect data from a supplier.

All in all, the project had gone smoothly, except for one particular manager. This guy insisted on very thorough documentation, which I was glad to provide. He was constantly asking questions about the project; but, every question he asked was either covered explicitly in the documentation. Every. Single. Question.

I finally asked if he was reading the documentation we provided him. His answer? “I don’t have time to read documentation.” Apparently, though, we had time to answer his constant questions.

The message is a little bit trite, but the video is very well put-together. Whoever their marketing folks are, they know how to appeal to the high-school and college-age vocal crowds without destroying the message for everyone else.

Very nicely done.