
Checkboxes that kill your product - robin_reala
http://limi.net/checkboxes-that-kill
======
agwa
> Shouldn’t you be able to restrict how much disk space is being used? It
> turns out, we know that you are low on disk space, and will reduce our usage
> accordingly. It’s pretty likely that Firefox keeps better track of this than
> humans do.

No. Here's a case where Firefox will definitely _not_ do a better job: an NFS-
based computer lab environment where users have individual quotas - the
statfs() syscall (i.e. what the `df` command uses) returns you the amount of
disk space available to _everyone_ , which is enormous. Firefox then attempts
to use that space, and quickly exhausts the user's quota. This is a real-life
scenario and the current solution among users is to set the cache size to 0 -
the Internet connection is damn fast anyways and they'd rather use their space
to store actual files.

For the love of god, what is wrong with having an Advanced options panel? The
author's stated goal is "to design software that can be used by everyone " but
when you remove options like this, you make your product not usable by some
people unless they do additional research to find the hidden about:config
option or install some add-on.

The bug for this is <https://bugzilla.mozilla.org/show_bug.cgi?id=851698> \-
if you think this is a bad idea I encourage you to leave a comment there (but
be nice). Mozilla may otherwise not realize that this is such a bad, unpopular
idea.

~~~
krschultz
The setting is vitally important for an extremely small number of people.

That sounds to me like it should be moved into an add-on. The users affected
still can get the capability while the rest of the world is spared another
setting that clutters the UI.

~~~
agwa
What's wrong with clutter in an advanced tab? The only clutter exposed to the
"rest of the world" is a tab that says "advanced" which is not really clutter
at all.

If you remove options from your product that are vitally important to even a
small number of users your product can no longer "be used by anyone."

~~~
notahacker
The problem here isn't that the unusual options exist in a hidden away tab.
The problem is that _the options to revert to the defaults are in the same
hidden away tab._

Users with images turned off by someone else _wouldn't_ be confused if there
was a yellow stripe across the top of the screen with a "you're viewing this
website with images turned off [turn images on]" type message. Same goes for a
"this page may display better with javascript enabled. [turn javascript on] if
you trust this site" message for those browsing with javascript turned off.

Similarly, as the original post points out, the big issue with SSL is that you
get a scary (and inaccurate and incomplete) message telling them to email the
website owners because their site is broken, and not a simple message they'll
need to "click here to turn SSL secure access back on" to view the web page.

~~~
kevb
But for a user that legitimately wants to turn off images or javascript
(why?), they won't want to see that message on every page. If the message only
shows once then the problem the message was trying to avoid returns. If the
message shows on every page legitimate users of the option are inconvenienced.
Of course you could create yet another setting saying "Warn when I have
obscure settings enabled"...

If the developers/designers of Firefox don't have a reasonably answer as to
why a large enough amount of users would disable these settings, then they
should be removed (or to avoid upsetting existing power user moved to
about:config).

------
roel_v
I've resigned to the fact that I'm probably going to get fucked over by people
removing options from existing software (software that self-updates, by the
way, and that needs in some aspects to be updated in order to stay useful, but
you get _all_ updates whether you like them or not). I understand, you're all
busy people, and I'm not paying so I shouldn't complain, and who wants to work
on backward compatible cruft when you could be building the next 'awesome
bar'. I get all of that and people need to make trade offs - heck, I do it
myself in my own software.

But then please for the love of god make about:config something that can be
used without trawling mozilla.org discussion threads or random about.com
'articles'. There are hundreds and hundreds of about:config options, most of
them more useless than the next, except for maybe 25 or so of them. If mozilla
is already tracking so much, why don't they track the most-often changed
settings through about:config and put them in their own section at the top of
the list? Or, here's a radical idea, why don't they put the options in a tree
rather than a flat list? Maybe ordered in a way that makes a bit of sense, but
I may be pushing it there, I know. Why are we punched in the face with an
'options' dialog that (it seems) should have, in the eyes of most 'designers',
only a very few options to the point where it becomes useless for 'advanced
users', or kicked in the behind with an about:config page that could,
functionally, just have well displayed 50 kb of output from /dev/urandom?

This : [http://www.npr.org/blogs/money/2012/07/13/156737801/the-
cost...](http://www.npr.org/blogs/money/2012/07/13/156737801/the-cost-of-free-
doughnuts-70-years-of-regret) applies not to just Google Reader, guys... I've
been using Firefox since the milestone builds of what back them was still just
called 'Mozilla', if I'm remembering correctly, and I have yet to find
something better (at least if you count in all the addins) but damn, if I were
religious I'd do a prayer every time I see it 'installing updates', out of
fear of what it's going to screw me over with in 'interface innovation' this
time.

(done ranting now)

~~~
cfinke
But then please for the love of god make about:config something that can be
used without trawling mozilla.org discussion threads or random about.com
'articles'.

I think one of the reasons that about:config is not easy to use is because it
shouldn't be easy to use.

If it was a nice window with checkboxes and dropdowns and tabs for groups of
related options, then it would become a de facto settings dialog a thousand
times more problematic than the legitimate settings dialog.

~~~
nitrogen
When did warnings indicating that "this option will destroy your computer if
set carelessly" become verboten? Why waste the expensive time of advanced
users for no real benefit to the masses?

~~~
czr80
What a fascinating comment: "expensive time of advanced users"? As if knowing
what, say, SSL 3.0 means is somehow a marker of a more valuable person, more
worthy of not having their time wasted.

It might be good for you to remember that those "masses" are just people with
other things to do with their lives - they're doctors, lawyers, concert
violinists, nuclear physicists, biologists, teachers, ... and they just want
their damned browser to work without having to mess around, and preferably not
break with cryptic error messages they don't care about, because, frankly,
they have better things to do.

~~~
singleuse
I think you missed the point here, doctor, lawyers and otherwise supposedly
busy non-advanced users will not delve in about:config at all, hence cannot
waste any of their time there.

It's only the advanced users who are willing go through this path because they
want to tweak a settings. And the question would be, is it really worth making
such an impractical tool out of about:config and thus wasting time of advanced
users when it was designed for their own use, for the sake of keeping non-
advanced users out this setting panel.

------
mcherm
Be careful taking this advice. "Get rid of all the options" can actually be
quite powerful... it makes software that "just works". But it also makes
software that "just doesn't work". The reason that these suggestions make
sense is that Firefox allows plugins and extensions which CAN allow for these
things.

Perhaps the moral of the story is to build your software with layers of
configurability. In layer one, there are hardly any choices, but there is an
"advanced" button to allow further configuration. In layer 2, there are many
more options, but still only "frequently-used" features... however, there is a
plug-in or scripting system that allows adding additional features if a
developer makes them. The ecosystem of plug-ins would be layer 3 (note that
this only works if you provide a common place to DISTRIBUTE the plug-ins and
you make an effort to filter out malware). Finally, layer 4 would be the
ability to build one's own plug-ins, but this layer would only be available to
developers.

I have some software (like browsers, IDEs, and even older things like Emacs)
that works like this today... but maybe all software should be built with
layers of configurability.

~~~
Silhouette
_Be careful taking this advice. "Get rid of all the options" can actually be
quite powerful... it makes software that "just works". But it also makes
software that "just doesn't work"._

To be fair, the post didn't advocate getting rid of "all the options". It
advocated getting rid of options that _almost never make sense to use_. For
many of the examples given, that would continue to apply even for power users.

~~~
colinshark
The option to enable/disable the nav bar seems ridiculous until a website
disables it for you. The option is there to re-enable it.

~~~
Silhouette
_until a website disables it for you_

I'm fairly sure there is an alternative solution to this problem that does not
involve adding an extra option in the UI...

------
negativity
What total bullshit. JavaScript should not be mandatory. It SHOULD ALWAYS
remain controllable, and killable. That should stay in the hands of the users.
The idea that "disabling JavaScript" is a bug and not a feature is repugnant
to me.

And images? Most people are too naive to understand that the <img> tag
represents an HTTP GET for every occurrence. Being able to lock down GETS and
limit them is a safety measure, not a bug. Just because users are naive, and
that such naivety is encouraged by greedy parties, does not mean that the
feature should not exist.

Certificate Authorities? SSL? Destroying the ability to control your cache?

Alex Limi should take note that the browser exists for the user, not the
faceless "product" locked away in remote internet server land. Not all
websites are "product" designed with the intent to extract cash from people's
pockets. The browser is the last gateway of control a user has over what the
internet is allowed to do to their machines. Taking these settings away
represents a set of handcuffs.

Is it not clear that JavaScript can be used as a weapon against the user, to
obfuscate, and limit the user's understanding of the actual behavior of any
given HTML document?

Privacy Engineer Monica Chew should take note that people will fork or abandon
their open-source browser if it doesn't represent their interests. People with
the technical awareness to know better will advise people to avoid Firefox, if
decisions like this are on the horizon.

Blame people like Alex Limi and Monica Chew if Firefox becomes the next
Internet Explorer.

Design-by-committee indeed. Design by Steve Ballmer is one possible
alternative, is it not? Does that sound better? I think we know what
authoritarian decision making can look like.

Wow! No respect for this troll-bait article under any circumstances. I don't
care what their pedigrees are.

~~~
coldpie
Your nick is apt. Calm down a bit, yeah? He's talking about removing useless
configuration options from a prominent dialog, not placing you in a "set of
handcuffs."

Except maybe for the cache control, the settings the author talks about are
basically useless. Third-party plugins like NoScript are a much better
solution. Be honest, do you use the "Disable JS" checkbox, or do you use
NoScript?

"Disable Images" can be handy in certain, very specific settings, but it
doesn't really deserve a slot in the main preferences dialog.

I don't think the author is advocating the complete removal of these options.
I think he's objecting to how prominent they are in Firefox's UI. about:config
is the perfect repository for all of these tweaks, and I expect the dialog is
already just a frontend to about:config.

His point is they can make better use of that prominence than they currently
are.

~~~
josephlord
> "Disable Images" can be handy in certain, very specific settings, but it
> doesn't really deserve a slot in the main preferences dialog.

When I have a highly limited connection is just the time I wouldn't want to
download a plugin OR be searching for instructions about how to disable
images. It is also fairly good plain language that even non-experts could
understand. I think it probably does deserve a place somewhere in the
settings.

------
yk
On the risk of being snarky:

    
    
        Personally, I feel pretty confident that the number of 
        people that know how any of this [certificates] works 
        can be narrowed down to the people that work in these 
        companies in the list. At least not too far off.
    
    

If you believe that this is true, then you should probably start reading a
bit. I would suggest you start at the Wikipedia article for a company called
Diginotar [1]. And try to understand the relevance of certificate management.
In fact, checking the default Firefox CAs [2], the very first entry is
TurkTrust, a CA were some people have probably very good reasons to manage
that certificate [3].

[1]<https://en.wikipedia.org/wiki/Diginotar>

[2]<https://wiki.mozilla.org/CA:Overview> actual list is apparently
[https://docs.google.com/spreadsheet/pub?key=0Ah-
tHXMAwqU3dGx...](https://docs.google.com/spreadsheet/pub?key=0Ah-
tHXMAwqU3dGx0cGFObG9QM192NFM4UWNBMlBaekE&single=true&gid=1&output=html)

[3][http://arstechnica.com/security/2013/01/turkish-
government-a...](http://arstechnica.com/security/2013/01/turkish-government-
agency-spoofed-google-certificate-accidentally/)

~~~
samastur
Or <https://bugzilla.mozilla.org/show_bug.cgi?id=435013> for another example
why managing certificates might be necessary if you are a Linksys router
owner.

My 2 major problems with moving things to add-ons: \- they might not exist yet
so I get buggered \- I need to trust 3rd party where previously I didn't have
to

I often wish that developers would more often travel around the world so they
would notice there are a bit more than 2% of people using crappy connections
where disabling images is one of the first things to do.

------
bhauer
I plead with anyone reading this to not be overly dogmatic with streamlining
away all options and configuration. I find this irksome on my mobile devices
and as the religion of simplification leaks into the desktop space, I find it
outright frustrating.

Firefox has about:config as a saving grace, so if options were removed from
its user interface, I would be able to make do. In fact, I'd pay money to see
about:config or similar in every application. For example, I set
slider.snapMultiplier to zero to remove that annoying snap-back on the
scrollbar thumb when you drift too far in the perpendicular. Good luck
describing that one in a dialog box.

But unfortunately, in other products, hiding options is often just straight-up
removing options.

While I appreciate reducing confusion by hiding options that are difficult to
describe, I would prefer an "advanced settings" section. Perhaps consider
three tiers, as with Firefox (options, advanced, and about:config).

~~~
davidroberts
I was really upset at all the options I lost in applications on my phone when
it updated from Ginderbread to ICS. I wanted a more powerful phone. But now
many of the features I typically used are gone. Note to developers: beating
iOS doesn't necessarily mean becoming more like it.

~~~
mindcrime
_Note to developers: beating iOS doesn't necessarily mean becoming more like
it._

That is SO very well said... I wish I'd thought of that myself. In particular,
I wish I'd thought to say - about 10 years ago - "Note to developers: beating
Internet Explorer doesn't necessarily mean becoming more like it."

I still remember so may discussions about Firefox (and Mozilla the browser
before that) where somebody proposed something and it was shot down because
"That's not the way Internet Explorer does it" or "IE doesn't have that".
_sigh_

------
kragen
This is a lot like "citizens shouldn't be allowed to vote for a candidate
opposing their current Senator, because incumbent Senators get re-elected 99%
of the time anyway, and when they don't, it's usually a disaster for their
constituents." Well, yes, those facts are true, but they don't justify the
conclusion. In fact, they justify a rather opposite conclusion: if incumbent
Senators almost never lose elections, and web sites are unusable with images
and JavaScript turned off, maybe we should consider changing the system to
force those things.

One fundamental premise of free software is that users are responsible for the
software running on their computer, and therefore have the right to make that
software do what they want. They have the right to accept SSL certificates
from who they want, to use the amount of disk space they want, and so on. And
the fact that only a tiny minority of users understand the security
implications of having China's root certificate installed in their browser is
not an argument for taking away their option to uninstall it. It's an argument
that SSL's trust model is severely broken.

~~~
maxerickson
Usually, it's the incumbent senator that is no longer allowed to run for
office.

(My point vaguely being that the rulemaking behavior you seek to lampoon
actually has leaked that far into real life)

~~~
Retric
It's vary rare for senator's to be unable to run for office. Because the
things that prevent winning are much wider than the list of things that
prevent someone from running.

The most obvious being you can still run while in the middle of a murder trial
up to the point where your convicted. But, good luck getting elected.

~~~
maxerickson
Yeah, I used senator there, but I was euphemistically referring to term
limits, not trying to imply that U.S. senators are subject to them.

------
bpatrianakos
The author has good intentions here but I have to disagree. I don't think that
functionality that the browser handles should be moved from the browser's own
options panel to addons, third-party or otherwise. Even if Mozilla themselves
offered addons to manage enabling/disabling JavaScript, SSL, certificate
management, etc., that gives the impression that they somehow believe that the
functionality being moved over to addons is secondary, unimportant, or less of
a priority than more simple options which I think is just not true.

I'm totally on board with the idea that if less than 2% of users need
functionality it shouldn't be placed front and center and maybe it doesn't
need to be in the options panel at all but most of his examples aren't the
sort of thing I would want removed or outsourced to an addon whether I was a
technical user or not.

I think the real answer is to prioritize, organize, and simplify. Make the
most important, general, and broad options the first ones a user sees.
Organize them from most general to more specific (which probably includes an
increasing level of complexity as well). Go ahead and hide some of the more
fine-grained controls in a panel somewhere that all but those who really know
what they're looking for will find it (but make sure to document it, too).
Finally, remove anything that simply doesn't need to be there. Those things, I
believe, will be very few and far between. The author makes it sound like
there are tons of options they could get away with just cutting from the
options without anyone noticing but I'm not convinced. Despite the fact that
some options are very rarely used, when that rare case of them actually being
needed comes up having them available, albeit in some hidden away panel, can
make all the difference between a happy and a frustrated user - a user who
won't have to go out and search for yet another addon to manage something they
thought the browser itself should be able to control.

The solution isn't to reduce the number of options, at least not in the way
the author promotes. Instead I think it's really just about better organizing
and presenting what's already there. Mozilla is all about freedom and their
customizability is something a large segment of their userbase loves them for.
Why ruin that?

~~~
tomkarlo
The issue at root is determining what "functionality that the browser handles"
should be.

Every less-used option and feature that a browser can offload to an extension
or plugin is less code everyone has to download, and less code the browser
team has to maintain. Also, those extensions can live or die based on actual
usage and demand - a more fair "market economy" than the central browser team
making those kinds of decisions about what's important or not.

The alternative is tremendous browser bloat - supporting every feature wanted
by 1% of users can lead to hundreds of extra features, and thousands more
configurations that have to be regression tested.

------
leejoramo
In recent versions, Apple as moved many of these options (such as Disable
Images) into the Develop menu which has to be explicitly enabled via
Preferences -> Advanced -> Show Develop Menu.

I agree with many of the others on this thread that FireFox's about:config is
not the place for these things. It is nice that FF has such low level access
to such settings, but it is not much more friendly than editing an Apache
config file.

I am also a little concerned about moving these into Add-On which have their
own set of issues for most people. How often have you sat at someone else's
web browser to see it filled with all sorts of extra menu bars and
enhancements that make the browsing experience even more confusing and slows
every thing down (not to mention the potential privacy issues).

------
derefr
> The entire certificate manager

Get rid of the rest of it, but please, _please_ make installing and using
_client certificates_ as easy as "installing and using" cookies. Make them
sync with your profile, even! Client certs are the most wonderful security
feature nobody has ever heard of, and it's 100% because the UX is horrible.
Make them happen transparently and the web will take a permanent step up in
security.

------
azov
_> As Privacy Engineer Monica Chew at Mozilla asks, “Is it really worth having
a preference panel that benefits fewer than 2% of users overall?” — obvious
spoiler alert: The answer is no_

This logic is so wrong that I don't even know where to start. Every obscure
feature might be used by only 2% of the users, but it's not the _same_ 2%. If
you removed 10 of those "useless features that nobody uses" you just made your
product unusable for 20% of your users.

But it's not even that. If I'm in those 2%, I don't care what other 98% are
doing, you are breaking something I depend on. I want to use products that
won't break my workflow even if over time I cease to be in the majority. It's
a matter of trust (you hear me, Google?). There's a reason why countries that
protect their minorities win over time, and I believe the same will be true
for software products.

PS. By the way, what Monica Chew and Alex Limi think of accessibility
features? Fuck those blind people, right?

~~~
vxNsr
Sorry this made me think of this: <http://www.xkcd.com/1172/>

------
shurcooL
Please don't misunderstand this article: it's not about removing checkboxes or
functionality, it's about an opportunity to change the UI of settings to a
better one.

I was so happy reading this because it seems that some big dogs are finally
realizing the problem that I noticed some time ago [1], but I'm nowhere near
as good at elaborating my points or causing change.

The innate problem with checkboxes is that while they communicate if something
is on or off, they don't communicate what the optimized default value was (and
unless you know what you're doing and a have a good reason to override it,
it's probably better to leave it alone).

The reason extensions are mentioned has little to do with whether 3rd or 1st
parties make them, but rather that their UI has a beautiful property: by
default your extensions list is empty (ala clean slate), and everything just
works.

Fixing unwanted issues is easy because it's just a matter of removing unwanted
extensions from an explicit list of changes appled.

I think the main takeaway message here is that the UI for software settings
can be made better without crippling the customizability or flexibility. Just
present a view where it's easy to see what's been changed.

[1] [https://github.com/shurcooL/Software-
Settings/wiki/Software-...](https://github.com/shurcooL/Software-
Settings/wiki/Software-Settings)

------
CompelTechnic
The debate between power and simplicity in software continues on. Should you
make features that are scary, and only useful to a handful of your users?

My $.02: Let Firefox continue to be feature-packed. Why? The other (popular)
browsers are lacking by default (default being without plugins) in this
regard. Keeping Firefox feature-loaded out of the box reduces the hassle for
somebody that needs access to powerful web tools, when the alternative is
downloading a bunch of plugins/ extensions/ bloatstuff.

~~~
lucb1e
I fully agree. Although some buttons might be hidden away a bit better,
perhaps moved to about:config or have them trigger a warning, I love that
Firefox has these features. I've used almost all of the mentioned features
(including turning off images), so none of them are useless to me.

~~~
piyush_soni
But 'Load images automatically' and Enable Javascript should not be those that
are moved. I remember how a few years back I had to regularly uncheck the
'load images automatically' box just to get my slow like death internet load
things that mattered. I'm sure there are many places in the world where people
have to still deal with that regularly. Same goes with javascript - security,
privacy for those who know how it might affect their normal browsing.

~~~
oftenwrong
Disabling these on mobile is especially nice due to bandwidth costs and
limitations. On Firefox for Android, images can be disabled by settings the
permissions.default.image option to 2 in about:config. JavaScript can be
toggled with the javascript.enabled option.

IIRC, Chrome for Android does not allow the user to disable image loading.
Opera and Opera Mini do, and also allow the user to load images at lower
quality. "Internet" (stock browser) does on my phone. Dolphin does.

------
shanelja
I couldn't disagree more, until I moved in to my own house I was using a
£15/month wireless internet dongle for my main daily browsing. Most websites
would inundate my browser with constant AJAX requests, draining my internet at
a ridiculous rate (Facebook was a pretty nasty one for this) and the ability
to turn off my javascript at the click of a button probably saved me somewhere
in the region of £30 per month, not a major gain, but when you're homeless it
makes all the difference.

(Although, this says more about the state of wireless internet fees, 15GB for
£15, then £100 per GB after that, ridiculous!)

~~~
melvinmt
You're the 2% who needs to install add-ons.

~~~
shanelja
But why should I have to install an addon? This is something already built in
to the browser, in all honesty, if you removed a feature I used frequently
then told me to go elsewhere to re-download it, I _would_ be going elsewhere
to download some software and the software would be _Google Chrome._

~~~
wpietri
You already know why it should be in an add-on: because your use case is a
rare one, and rare features for particular audiences don't belong in the main
browser UI.

There are some fields where "But it's traditional," is a reasonable response
to a proposed change. But software isn't really one of them.

~~~
singleuse
I'd like to know on where the notion that removing features used by only a
fraction of the user base is what should be done comes from ?

It is brandished right and left as if obvious, but it is never explained.

~~~
wpietri
Consider all the possible features that 1% of the userbase wants. Are you
saying they all should be included?

------
DHowett
Singling out Firefox isn't particularly fair: Chrome has the Content Settings
panel (which allows you to disable images and javascript), Safari lets you
disable javascript, and IE certainly did both, at least historically. This
article just reads like beating up everybody's favourite browser punching bag
to me.

Every feature has its place, and when you start pandering to the lowest common
denominator of users is when you've decided that you know better than
everybody else.

~~~
Guvante
"Do not show any images" under two links is a lot better than Auto Load images
in a tab, javascript disabling is a lot more useful than he implies, IE has
been beaten enough as it is.

I felt he chose Firefox because a lot of that UI was designed after IE and
never changed. At least most other browsers seem to have thought about what to
show in easy to get to pages.

~~~
cpeterso
The author is also a Mozilla employee.

------
infogulch
While I agree that some of these options need to be hidden away better, a lot
of the complaints would be fixed by adding easy reset-to-default buttons, or
even some marker to show when something is changed from the default.

If users go messing around in the important internals of the necessarily
complex machine that is the browser then they deserve what problems they have.
In short: If you don't understand an advanced option, stay the fuck away from
it.

Also, the article suggests making certificate management an add-on, among
other things. That is the stupidest and most insecure thing I've heard the
past 2 years.

~~~
aneth4
> If users go messing around in the important internals of the necessarily
> complex machine that is the browser then they deserve what problems they
> have. In short: If you don't understand an advanced option, stay the fuck
> away from it.

You've clearly never observed non-technical people using a new product.
Telling users it's there fault doesn't generate revenue. Making your product
idiot proof does.

~~~
Karunamon
>Telling users it's there fault doesn't generate revenue.

To be fair, there's only one browser right now that has "generate revenue" as
a goal, and that's Chrome.

And I, for one, am tired of being hamstrung by "idiot proofing". What ever
happened to "if something is important to you, DON'T fuck around with it if
you don't know what you're doing!"

This is _good life advice_. What happens when you go mucking about in the
internals of any sufficiently complex system without knowing what you're
doing?

~~~
aneth4
Maybe you're in the business or have a moral mission of providing life lessons
to customers. I'm in the business of helping them avoid life lessons by having
stuff behave as expected.

~~~
Karunamon
And it's considered "stuff not behaving as expected" that when you clear a box
that says "display images" that images are no longer displayed? (One of the
examples from TFA)

------
davidroberts
As a person who fielded calls from thousands of ordinary people with totally
hosed browsers because their cousin saw an article and told them to turn off
Java script or else his computer will be hacked, I totally understand this
article. However, I hate it when software I use is dumbed down to the point
where I can't configure it to be useful to me. My suggestion? Keep those
options. But bury them. Deeply. Maybe provide an Easter egg-like thing you
have to do to get at them (ie: enter "I really want to turn off javascript"
into a textbox verbatim). People with the savvy to use those options will be
able to find the process on Google. And the people who turn things off by
mistake are typically busy wrestling with the concept of drag and drop, and
won't graduate to more difficult things like that for a few more years.

~~~
Steuard
In Firefox, that Easter egg is called "about:config". (And it even comes with
a warning to scare away less technical folks who stumble into it.)

------
alexobenauer
Interesting piece in there:

"Fun historical fact: If you disabled JavaScript in Netscape 4, css would also
stop working — because css was applied to the page using… JavaScript."

~~~
robin_reala
That’s because Netscape’s original counter-proposal to CSS for a styling
language was called JSSS[1]. When it became obvious that CSS was the way the
industry was moving they hurriedly implemented the new CSS API on top of the
old JSSS engine, which required JS to run.

[1] <https://en.wikipedia.org/wiki/JavaScript_Style_Sheets>

------
nhebb
> Load images automatically

> From the Content panel in our settings, try unchecking the box:

> Here’s how Google’s front page looks like if you uncheck that box:

> _[shows image of Google home page w/o search textbox]_

I'm not seeing that problem when I try it. Why would a textbox disappear if
images aren't loaded?

~~~
ceejayoz
That seemingly simple input field is actually three divs, with a table inside,
with three table cells, one of which contains several inputs.

<http://cl.ly/image/1U2o090Q0K1i>

Background images are used to give its visual appearance. Without them, it's a
`border: none` text field - effectively invisible.

~~~
romaniv
This is what happens when there is no meaning (semantics) behind core page
markup. Small changes have seemingly arbitrary results that completely break
the page.

------
artificialidiot
Dumbing down or idiot-proofing software doesn't make it more user friendly or
easier to use. As an anectode, I had had to import my own certificates,
disable/enable js, disable/enable image loading , set up cache size manually
and other stupid crap in situations unrelated to development.

An equally valid counter argument to simplification can be made: Leave the
software as is. It is a known quantity. Create an "easy mode" add on instead
for people who really need it.

I hope we won't see firefox equivalent of iphone (just an example among many,
don't jump on me) in the future.

~~~
ajanuary
Why should your workflow be prioritised over other peoples?

Why should other people, who don't know much, have to go get an extension
while you, who does know enough to go get an extension, get to use the product
as-is?

~~~
artificialidiot
It is not prioritising my workflow but not changing already working software.

Idiot proofing is often necessary when the end user have to be spoon fed
software and it is done by someone else who is perfectly capable of finding
the said software on the internet form its official source, installing the
package, finding the "easy mode" form its official source and clicking install
button when the software prompts you to do so.

Alternatively, a version of software can be shipped by "easy mode" installed
and enabled by default, just like how you choose which OS/localisation combo
to download. Difference being that, software ships with rich configuration
options by default and you can access them when you need it just by disabling
"easy mode", not downloading something. No need to overhaul existing UI which
is familiar to millions already, and prioritise people who cannot be trusted
not to fiddle with options they don't know, just because you can.

------
IgniteTheSun
Edit: reread my post again: just to be clear, I do use a number of plug-ins,
but don't think it makes sense to require plug-ins for such basic security
related items as turning off scripting or javascript, or for turning off
functionality such as loading pics on a slow connection.

\---

So, in order to turn off features such as javascript for privacy or security
at less trusted or unknown sites, the author wants me to trust not only the
security and code quality of the browser but also the security and code
quality of a 3rd party plug-in?

I really don't like this trend toward moving toward plug-ins for everything -
although I am OK with moving things to about:config.

As it is, I really hate the fact that I have to install additional plugins in
order to turn off all scripting - seems that this - if anything! - should be a
built-in option.

This makes me trust Firefox less. I switched to Firefox back when it was
around version 0.6 or 0.7 - its greatest selling point then was that it could
not run ActiveX and that this was good from a security standpoint. As it is
now I don't see any benefit to it compared to IE from a security standpoint
and only stick with it due to the great number of options that are easily
configurable in about:config.

------
Glyptodon
The 'get rid of all the options' philosophy is probably the single biggest
reason when Gnome seems to have fragmented and was for several years a
constant source of friction and hate between devs and certain corners of the
community. However, it didn't have a robust support for plugins and behind-
the-scenes configurability was sometimes limited and often overly arcane.

That said, while it's true that many of the options you mention are likely
used be a very small % of users, and some are even dangerous for regular users
to touch, they are also options that people who do use them will find
critical, and they are options that people who do use them will be suspicious
of in 3rd party extensions -- I mean who wants to install some random
extensions named 'powerCert' or 'sslMan' with the purpose and powers of
playing with certs on your behalf?

To a certain extent I think some of the options discussed could indeed be
rolled into configure via about:config, I find the idea that it makes sense
for others to be rolled into '3rd party extensions' a little troubling.

And some I think should remain, but could use some better 'branding.'

------
3dptz
I agree that there should be an option to reset default settings or at least
start with default settings.

However removing most options (and functionality) just for those users and
situations where something might stop working, is wrong. Sure (some) settings
could be tucked away better, but doing so to the extreme will influence how
users view and use software.

This nurtures the sort of environment where users will kick and scream if a
setting they altered does influence the usability of an application. The
result: fewer and fewer options. Or options with large yellow safety warnings
a la "stabbing yourself in the eye with a fork might result in loss of
eyesight".

------
Osiris
The way Opera deals with this is to have opera:config be a searchable webpage
with hundreds of options that can be changed, nearly none of which can be
changed from within the main Preferences UI.

Firefox could have an about:config page that's a webpage with a list of every
crazy little option that could be changed and the remove all the little used
options from the Preferences UI.

I don't see a need to completely eliminate the option but put it somewhere
only advanced users will go.

(P.S. I find the web interface with a search box significantly more friendly
to use than a native listbox control as is currently used for the advanced
options).

------
alexvr
What's wrong with giving users options? I think it's an insult to peoples'
intelligence. Cars give users the _option_ to drive into a brick wall at 80
MPH, but this doesn't mean people will be inclined to do so.

~~~
aneth4
I often wish software would insult my intelligence in this way more often. I
have enough choices in life. Most of Ye time I just want other people to make
the best choice for me.

~~~
Erwin
3D computer games on the PC are especially bad -- with a dozen weird graphic
options you cannot really evaluate. What will setting texture quality to "Very
High" instead of "High" really mean and how much slower will my game run?
Maybe the effect won't even be noticable until a later level. "Occular
Blimspace Remapping" is set to 2x but can go up to 16x, how much do I need?
Are the autodetected settings optimal or could my game be much better looking
if I just increased something, but what?

~~~
artificialidiot
"While you are trying to find optimal gfx settings, we also detected you are
having difficulty passing level 4. Shall we play instead of you so you can go
on with your life?"

------
peripetylabs
Sure, you can always design for the 99%. Over time, however, you will be
designing for the 50% -- after 70 iterations to be exact (that's
log(.5)/log(.99)). Companies that do this end up with a very loyal, very small
user base. Is that what a browser vendor wants?

The article points out some problems -- the options for changing how
cryptography is used should definitely be less accessible; but also points to
non-problems -- the options to disable images or Javascript should stay right
where they are.

~~~
cbr
Design for "99% of everyone", not "99% of your current users".

------
yabatopia
How about educating the user a bit more and actually tell him what the options
are for, what the consequences are, ... Give them the ability to back up their
current configuration settings, so if something goes wrong you can restore
Firefox with one click of an undo button? Design a bigger settings window,
right there's way too much crammed into one small box. Expand and educate.
Don't hide the settings, make it safer to experiment.

------
ZeroGravitas
Why does Google search break without images?

Just tried it here, and the answer is... it doesn't. Though maybe it does
sometimes for somepeople?

edit to add: I really liked the image options available in Opera Mobile for
use in low-bandwidth situations, which include replacing the image with an
appropriately sized rectangle of an average color, with the alt text in it,
but I'm guessing they require a proxy, or else I'd suggest adding them to
Android Firefox.

~~~
tmzt
I wonder if you could do that with a range request, but with modern sites
(using sprites) it probably doesn't make sense.

------
brownbat
I agree in principal, with a few nitpicks. The javascript bit irritates me the
most, especially the suggestion that only crazy people would need to disable
it.

The post is absolutely right, though, whitelisting javascript breaks the
internet.

I learned that when a family member found some new cooking blog on tumblr. The
site was compromised, and serving malware to make people join a botnet. After
cleanup, we started whitelisting javascript, leading to howls of protest over
the next week as every site loaded broken. Eventually I realized that she was
just automatically whitelisting any site she visited. (I'd laugh, but I'm
probably just doing the same thing... someone posts a new demo here... I
usually give it a pass.)

So we've decided we want to read random paragraphs or recipes from anonymous
strangers. And we somehow decided that that means the strangers get to run
code on our machines. I don't know why we thought this was smart, but fine,
that's the ecosystem, how do we let it work?

Ignoring javascript vulnerabilities doesn't work, user management of
javascript doesn't work, what's left?

Browsers should have managed, up-to-date blacklists built in. Maybe antivirus
companies could help carry the load and manage the lists, but someone should
be out there actively hunting down malicious sites so we can break them for
all users.

Users shouldn't have an "add exception" option, either, we all just prop that
door open.

It absolutely should NOT be an add on. If javascript security is saved for an
add-on, no one will bother, because it requires first knowing what
"javascript" is.

Javascript security needs to be baked in, and it needs to be better than what
we've got.

------
mariusmg
I use Firefox because of its many customization options and his powerful
addons. I i didn't knew what i was doing i would've used Chrome.

------
ceworthington
Nice post.

It's kind of odd that the consumer versions of Chrome and (especially) Firefox
are loaded with developer-oriented features. I use these every day, but
there's not a great reason for these to be in the main release.

Perhaps there is an opportunity for a developer-focused web browser with all
the complicated bells and whistles. Or, a consumer-focused browser without
them.

~~~
uribs
Do you think people are born as developers?

Or perhaps they start as "consumers" and then learn development?

What happens to that process if you hide the things they could use to
undertake it?

~~~
marcos123
> What happens to that process if you hide the things they could use to
> undertake it?

Then I, for one, would have never learned how to code.

------
ersii
I'd rather have too many options than no options.

I don't want the options in my face though.

Firefox does a great job with default settings in my opinion, even to new
features and redesigns of previous features.

I think the Preference dashboard is stocked in a good way. It could be better,
but it could be a lot worse. (You could have any of the five billion options
from about:config I guess).

~~~
jdechko
I agree with you about the default settings. However, I think the author is
right in that some of the settings exposed in the preferences dialog _are_ too
advanced for the majority of users and are likely to break the internet for
these users.

Maybe a good rule of thumb is that any setting that goes beyond cosmetic
should be hidden away by default. On Firefox, that means that the Advanced:
Network and Encryption tabs should be at least one more step away than they
currently are.

------
qwerta
I regularly browse with JS switched off, with some sites white-listed. I would
say it improves my browsing experience, no ads, lightning fast page loads, no
CPU consumed by browser... Also it improves security as most attacks use JS at
some form.

And I find requirement to have JS switched on pretty arrogant. Especially to
blind people with braille-readers.

------
fournm
Most of the settings complained about are behind an "Advanced" tab anyways. If
you really want to keep them from users, stick a "warning: dragons" on it or
document the hell out of putting the ability to enable the advanced tab in
about:config.

I'm really, really uncomfortable with the idea of an add on being the only way
to configure certificates.

------
hysan
Poor examples for the article.

> Load images automatically

I tried this and I see the text box for Google Search perfectly fine
(Google.co.jp where I am) so this did not break the internet in any way. The
text box even highlights blue still so it is definitely visible. Also, he is
not considering the entire 3rd world country market where Firefox tends to
dominate precisely because it is so flexible in it's bandwidth friendly
options. So perhaps 2% in the world as a sum but it is probably a MUCH larger
percentage when looking at specific regions of the world.

> Enable JavaScript

I use noscript on Firefox but have disable Javascript via the browser before
(specifically when I use Chrome). I just remember to enable Javascript when I
use websites that I know require Javascript (ex: online banking). Again, this
is a huge plus in third world countries since it greatly reduces bandwidth
consumption (which is also why I use it because my connection is pretty poor).

> Turning off navigation

Agree with this one. Makes no sense. Especially when you can go into full
screen mode if you want to maximize screen real estate.

> Turning off SSL & TLS

Agree here but it is listed under the advanced options, which to normal users
means, "don't touch this stuff." If you actually change anything here, I would
expect the person to know what they are doing. If you want to call for
streamlining "Advanced Options", then that is a very different argument that
has to be made.

> The entire certificate manager

Again, advanced options.

> Override automatic cache management

Extremely useful. His argument here completely ignores use cases such as:

* Running Firefox as a portable app (USB drives have a write limit so turning this off is crucial). * Operating systems that run off flash media. Who here owns a Raspberry Pi or any of the numerous embedded PCs?

Firefox might be good at determining how much cache to use on low storage
systems, but it is probably not a good judge of when to turn off cache
completely to prolong the life of certain hardware. Also, my experience is
anecdotal but I do remember my Firefox cache eating up a huge amount of disk
space before which prevented me from installing new programs on my OS (until I
went and manually cleared the cache). Why? Because at the time that space was
free. Firefox had no way of knowing when I would want to use that free space
in the future.

------
ratherbefuddled
Just as I was thinking about switching back to FF because Chrome's memory
hogginess was getting to me.

Seriously, not letting me have javascript off by default is a deal breaker.
Nobody with basic internet savvy should have that on except through a
whitelist.

~~~
callahad
1\. If you want to turn JavaScript off, it's just one quick visit to
about:config and the `javascript:enabled` key.

2\. NoScript does a much better job than poking at the Firefox preferences
every time you want to toggle JavaScript.

Are you seriously going to fall on your sword and stick with Chrome over
_this_?

~~~
singleuse
1\. This is so impractical that I switched to opera as my main browser where
it is a press on F12 and a click to enable/disable js

2\. When your product does such a bad job that it has to rely on a third party
extension to provide functionality to users, maybe you should consider the
possibility that you should include these features in your product.

------
Too
I think hiding options is bad but the examples he shows are still valid. It's
too easy to completely break the product. I could accidentally "destroy the
internet" in three steps by just hitting a few hotkeys (perfect for office
pranks).

I advocate a special page in the settings dialog that contain _"dangerous
settings not set to their default"._ If any of these are not set to their
default value it should be very easy to spot them and set them back but there
shouldn't be any restrictions on setting them in the first place. Almost like
the bugging little thing windows shows when your antivirus or firewall isn't
enabled, but maybe not pushing it that far.

------
streptomycin
Here's a good and relevant essay from one of GNOME's key developers 10 years
ago: <http://www106.pair.com/rhp/free-software-ui.html>

------
TeMPOraL
> _Of course, there are legitimate uses for this, from low-bandwidth
> situations to web development testing, but that’s where our excellent add-
> ons ecosystem comes to the rescue._

Well, not really. In low-bandwidth situations you won't be able to find and
download the add-on you need because it will take infinity to load Google.
I've been down this road many times (think crappy mobile Internet with low
transfer quotas). No, add-ons are not an option if you can't access them in
the first place because someone took the setting you need away from you.

------
rsl7
Here's a situation where a car analogy might actually be helpful. There's the
kind of setting where you have to open the hood to mess with it. Then there's
the settings available to the driver on the dashboard. Make the difference
between these types of settings really, really obvious and you're good.

about:config is like opening the hood. Put those serious changes there. Put
everything else, that does not muck with the expected, fundamental operation
of the product in preferences.

------
retube
V interesting. I am runng FF19 on windows and some sites just do not work for
me, e.g www.mixlr.com, or even the button to download Chrome
<https://www.google.com/intl/en_uk/chrome/browser/> (a failed attempt to give
up on FF!)

Yes JS is "on", I disabled all addins, but no joy. Wed Dev Toolbar gives a
number of js errors. I shall take a close look at my options....

------
fencepost
Huh. Is this an opening shot at "Unity for Firefox?" because really, I'm not
too upset at software _not_ being modeled on Microsoft Bob and Metro.

------
asdfs
Ironically, it's the lack of options that keep me from using Mozilla's other
product, Firefox for android. Things like not being able to set a home page,
not being able to choose between thumbnail dropdown tabs and regular, always-
visible tabs, and most notably not being able to turn off history have
resulted in me using different browsers on Android. It's very frustrating.

------
2321sdadas
I don't even bother developing something on a base that "user might not have
JS". It's not worth the hassle to work hard for 1% of users.

------
getdavidhiggins
I often pondered this myself. Having the option to render a browser useless is
an anti-pattern. These should be flags in about:config. The checkboxes are
dangerously close to Common-or-Garden Web Surfer Joe

------
yaix
Great that somewhat at Mozilla finally asks this obvious question. "Designing
by committee" is a nice phrase to describe the problem. Having a BDFL would
help.

------
notatoad
Speaking of usability nightmares: if you're going to put a min-scale viewport
tag on your web page, it had damn well better be a responsive page.

------
J_Darnley
Actually, that looks more like Firefox is finding bugs in those websites.
Google should be using a standard text box.

------
charonn0
It's exactly this sort of "our users are morons" mentality that drove me away
from the Gnome desktop environment.

------
leeoniya
i agree with a lot of these, but there should be some middle ground between a
options-for-everyone dialog and about:config. many of those options should be
in a power user menu, along with many about:config settings.

i still cannot believe they removed "homepage in new tabs" setting...you now
need an addon for this. wtf?

------
JBiserkov
Firefox 19.0.2 on Win8 here.

Google looks totally reasonable without images. The field is visible, even
when out of focus.

------
27182818284
To paraphrase Reddit's developers, the web doesn't work particularly well with
HTML turned off either.

~~~
daninfpj
I was thinking about something like that. Why don't they also include settings
to turn off HTML and CSS (you can through extensions) then? Javascript (and
images, for that matter) is as inherent to the Web as HTML, stop with that
already.

~~~
27182818284
A lot of people will try to argue on the JavaScript part because of
accessibility, but even in that case, WebAIM's screen reader results seem to
indicate that 98% have JS turned on
<http://webaim.org/projects/screenreadersurvey4/#javascript>

------
bosky101
nice comment from a lead developer of ayttm (im client) on this post here...

<http://tech.bluesmoon.info/2013/03/reducing-checkboxes.html>

~B

------
progrock
Perhaps it's missing a 'reset' or 'return defaults' button.

------
piyush_soni
Unlike what's shown in the article, if I disable the 'Load images
automatically' in my Firefox (Windows 7), I still see the search box on
Google. Perhaps an Apple bug?

~~~
piyush_soni
Even though what I've written here is correct about 'load images
automatically', I think I got downvoted by Apple fanatics? That's fine :).

------
huhtenberg
addlepate, you are shadow-banned.

------
InclinedPlane
A good point, but I think it's brought across a little clumsily.

What is the point of all software?

Well, in a computer science sense it is to "solve problems", but that doesn't
help us, it's too abstract. So what is the point of all software used by
humans? Ah, this is getting a bit closer to the matter. It is to bridge the
gap between the user and "solving problems" in a computer science sense. Put a
different way, the point of software is to render the machinery of computation
human usable.

We can imagine doing this at a simplistic level by just exposing the guts and
internals of whatever "problem solving" program we are concerned with and
allowing the user to fiddle with them directly. This is the checkboxes
problem. It's a control panel with a bunch of levers or toggle switches. This
is certainly _an_ interface but it is typically not a very good one. It's the
Altair 8800 of interfaces, it's really only a few steps removed from toggling
in boot code directly and mucking about with machine code, calling such a
thing an interface at all is generous.

But consider not only the problems brought up in the article, that of levers
accessible to the user which the vast majority of time you don't want to
change. This reminds me of a utility program in one of the Windows NT tool
kits, fragment.exe. Which does exactly what you think it does to a hard drive,
obviously for testing purposes. It's not something any sane person would ever
use normally, but imagine if there were a common command-line tool that had
been designed to both fragment or defragment a drive, call it fragtool.exe
perhaps, and it would take either --increase or --decrease options. That sort
of interface skews your perception of things and it can quite easily lead
people into believing that fragmenting a hard drive is not as exceptional an
activity as others understand it to be.

As this example should illustrate, this is a problem that many command-line
tools suffer from (I'm looking at you, git).

The goal of good software creators should be to translate their domain
experience not just into a problem solving toolkit, it should also be to guide
the user towards patterns of use that make sense, are more common, or are more
beneficial.

Getting back to the example of poor lever-based interfaces. Imagine something
not just with unnecessarily exposed likely to be detrimental "advanced
options" but merely something with several options that interact with each
other. This can easily create a fundamentally intractable problem for a user.
Remember that toggles are like bits, so if you have, say, 4 toggles that means
you have 16 different combinations, and if you have 10 toggles you have over a
_thousand_ combinations. Again, here is where the value of good software
design comes in. As a coder you should be translating your knowledge of the
problem space and the underlying capabilities of the software into
configuration options that make more sense to the user. For example, if you
have 10 toggles are there actually a thousand different equally useful
configurations or are there options that tend to fall into certain patterns
relative to each other or maybe there are only a small number of specific
configurations which tend to be popular. So consider using an interface that
abstracts the options behind a different set of higher level configurations
that make sense to the user.

I forget who invented the term, but a great concept is the "pit of success".
It's generally the idea that in a good design the easiest and most natural way
to do something will tend to be the most beneficial. Software that guides you
towards using it in the most effective way, rather than software which
requires a steep learning curve just to avoid using it incorrectly, let alone
to its maximum potential.

------
goggles99
Yet my 90 year old grandma manages with FireFox. How does she do it? I worked
helpdesk for many years and never saw people screwing up their browsers with
any of these options.

It comes down to this. Most users DON'T want to mess anything up so they don't
go clicking a bunch of buttons. Others are tinkerers and experiment, but they
keep track of what they did so they can undo it. Still others can read plain
english and know what "Download Images Automatically" must mean.

Even the Safari in the iDiot proof Mac OS X has many of these options. All
major browsers have them. Don't you think that if this were really a problem
that at least somebody would have re/designed their browser without them? or
at least put them further out of reach.

------
Tangaroa
The first two examples are examples of incompetence on the part of web
developers, not Firefox developers.

A website breaks with images turned off? It's a broken website. Websites are
supposed to work with images turned off. That's one of the first things a web
developer learns.

A website breaks without Javascript? It's a broken website. Websites are
supposed to work without Javascript.

We sorted all this out when the hot technologies were ActiveX, VBScript, Java,
and Flash. If a web site requires anything more than plain HTML+CGI for its
core functionality, it is either broken or it is not a website.

