Hacker News new | past | comments | ask | show | jobs | submit login
Checkboxes that kill your product (limi.net)
370 points by robin_reala on Mar 18, 2013 | hide | past | web | favorite | 244 comments

> Shouldn’t you be able to restrict how much disk space is being used? It turns out, we know that you are low on disk space, and will reduce our usage accordingly. It’s pretty likely that Firefox keeps better track of this than humans do.

No. Here's a case where Firefox will definitely not do a better job: an NFS-based computer lab environment where users have individual quotas - the statfs() syscall (i.e. what the `df` command uses) returns you the amount of disk space available to everyone, which is enormous. Firefox then attempts to use that space, and quickly exhausts the user's quota. This is a real-life scenario and the current solution among users is to set the cache size to 0 - the Internet connection is damn fast anyways and they'd rather use their space to store actual files.

For the love of god, what is wrong with having an Advanced options panel? The author's stated goal is "to design software that can be used by everyone " but when you remove options like this, you make your product not usable by some people unless they do additional research to find the hidden about:config option or install some add-on.

The bug for this is https://bugzilla.mozilla.org/show_bug.cgi?id=851698 - if you think this is a bad idea I encourage you to leave a comment there (but be nice). Mozilla may otherwise not realize that this is such a bad, unpopular idea.

I think you're dragging the article to a conclusion it didn't try to make. For the love of god, he didn't say that software can't have "Advanced" options panels. He pointed out a series of specific options that were either ill-advised, overly accessible, or so unusable as to be hardly better than a properties file.

Firefox really does have an easily-reached config panel with "Use SSL 3.0" and "Use TLS 1.0" on it. What is the situation in which any user at your lab would know which of those options is sensible? Neither of them are the current version of TLS. Both of them have cryptographic flaws. And both are extremely widespread.

Firefox really does have a top-level config panel with a checkbox that disables automatic image loading. It's not even an "advanced" option.

I don't think your comment really engages with the article. What should the top-level options for a browser be?

Several of the options (cache, TLS, certificate manager) he cited are already in the advanced panel and he wants to kill them.

And in several places he explicitly says that these killed options (whether they're currently in the advanced panel or not) should be replaced by add-ons, not by an advanced option or even by about:config.

So I don't think I dragged the article to a conclusion it didn't try to make. The article is clearly about killing options which I contend people need, and I think should be placed in an advanced section rather than killed.

He wants to kill those options. Not all the options. I don't think that was a good-faith response.

Can you defend the SSL 3.0 and TLS 1.0 checkboxes?

But he does want to kill plenty of these options. Thats why he constantly remarks about Addons, as if a Firefox addon should be able to globally disable JavaScript. It's the fault of this article: he constantly implicates that because something is an overly niche option, it should be done away with completely, instead of just removing it from the UI.

Certificate manager in an addon? What?!

The certificate management interfaces of every mainstream browser are so bad that they actually harm Internet security. They all need to be replaced. Add-on cert management interfaces sound peachy to me.

The point here being that you should not delegate cert management to an addon. Addons have no business being exposed to any of that, they need to be sandboxed in and restricted.

And yes, they are so bad to the point they are harmful, but the only reason they are in there is because Firefox has it's own certificate store, more of a portability quirk than anything.

The certificate UX for other browsers is no better.

Okay, but he didn't comment on the possibility of putting it in a hidden preference screen available by URL only. He hasn't explicitly commented on the middle ground between preference screens available from the menu and add-ons, so it's not fair to say that he's claiming it should be done away with completely.

His point was, and I agree with it, that a mass browser does not need to expose cert management in a way that the 99.9% can access it because it's likely to cause more harm than good for anyone who is not capable of jumping through a few extra hoops to get to it.

I'm sorry, but the answer isn't to remove options that often make sense. You don't want to be like the Gnome guys, who in the guise of making things "user friendly" removed often extremely useful functionality.

Like removing the certificates manager. Or cache control. Or the ability to restrict cookies. Or JavaScript. Or the ability to turn off menubars, should you so desire to do so (kiosk mode). All of these things are used by people. Just because he doesn't like it, doesn't mean others don't want it.

For what it's worth, some versions of the web interface for VMWare Server 2.0 will not work without disabling SSL 3.0.

File a bug in Bugzilla in the Evangelism component asking Mozilla to chat with the VMWare folks, and file another bug against the browser requesting a fix for whatever autodetection prevents it from falling back to some other protocol.


"The people that need to do these things should use add-ons, or at the very least an about:config tweak."

I think people get nervous about talk like this because the "make everything muppet-proof" movement has gotten so much traction in the wake of Android and iOS.

UI designers are empowered, and "power" technical and business users suffer for it. My iPad is easy for my two-year old to use... But it is horrific for more many types of tasks that computer users do every day.

Firefox definitely carries a lot of config legacy... But going too far the other way is dangerous too.

Remove TLS version UI (Options > Advanced > Encryption > Protocols) https://bugzilla.mozilla.org/show_bug.cgi?id=733632

The setting is vitally important for an extremely small number of people.

That sounds to me like it should be moved into an add-on. The users affected still can get the capability while the rest of the world is spared another setting that clutters the UI.

What's wrong with clutter in an advanced tab? The only clutter exposed to the "rest of the world" is a tab that says "advanced" which is not really clutter at all.

If you remove options from your product that are vitally important to even a small number of users your product can no longer "be used by anyone."

The problem here isn't that the unusual options exist in a hidden away tab. The problem is that the options to revert to the defaults are in the same hidden away tab.

Users with images turned off by someone else wouldn't be confused if there was a yellow stripe across the top of the screen with a "you're viewing this website with images turned off [turn images on]" type message. Same goes for a "this page may display better with javascript enabled. [turn javascript on] if you trust this site" message for those browsing with javascript turned off.

Similarly, as the original post points out, the big issue with SSL is that you get a scary (and inaccurate and incomplete) message telling them to email the website owners because their site is broken, and not a simple message they'll need to "click here to turn SSL secure access back on" to view the web page.

But for a user that legitimately wants to turn off images or javascript (why?), they won't want to see that message on every page. If the message only shows once then the problem the message was trying to avoid returns. If the message shows on every page legitimate users of the option are inconvenienced. Of course you could create yet another setting saying "Warn when I have obscure settings enabled"...

If the developers/designers of Firefox don't have a reasonably answer as to why a large enough amount of users would disable these settings, then they should be removed (or to avoid upsetting existing power user moved to about:config).

This is easily the most sensible solution I've seen proposed here so far. Make it easy to fix broken stuff, rather than hard to break stuff.

One problem is that browser vendors don't do a good job of sorting features into "Advanced" tabs and "important" options, so that some options that would be valuable to lots of people are buried alongside options that are valuable mostly to lab admins.

> options that are valuable mostly to lab admins

If I recall, there are some Chrome options that you can't modify from Chrome itself, but which you can configure using Group Policy Objects. That (or whatever the equivalent is on *nix--files in /etc?) should be where the settings for "lab admins" go.

Isn't the logical conclusion of this kind of reasoning that everyone should become a programmer and browsers should be supplied in source form only, so everyone can customise any tiny detail they want to? That's not exactly a realistic prospect for most non-geeks.

User interface development for mainstream software is invariably a balance between presenting something accessible to novice/occasional users and presenting something powerful to expert/frequent users. You can go a long way to helping both groups with a thoughtful design, but there's always going to be someone who wants something slightly (or completely) different.

For mainstream software, trying to please everyone all the time is a fool's game. That's what bespoke development is for.

No. It's just a matter of having advanced options or not. Each level of customization should be progressively more hidden but more powerful.

But where do you draw the line? What constitutes an "advanced option" worthy of dedicated UI rather than a customised build? What proportion or minimum number of users have to find it valuable for the effort and lost simplicity to be justified? When there are too many advanced options to manage sensibly, do we move to "advanced", "really advanced" and "actually quite scary you even thought of this" options?

Love to know how numbers of users affected is measured. One of the arguments is that with a large enough number of users (millions) an option can cause significant numbers of people grief if they misuse it.

Same argument can be said for removing a feature 2% of the population of users rely on. 2% of 450 million users is 9 million users. Not what I'd call a tiny number of users.

I'll claim it's more likely users affected will not see any way to prevent it, not find the add-on, write off Firefox as bloated, and use something else.

The geekier side of the affected users may find the add-on, sure. But they're not the only ones affected.

Small number of people overall does not take into account where those users are concentrated. A lot of the options he uses as examples are extremely useful in third world countries where Firefox actually dominates the competition precisely because of how easy it is to configure it to be a low bandwidth browser. Africa probably being the best example of where Firefox dominates. So while it may be 2% overall, it could be something huge like 50% of the userbase in specific demographics/regions.

2% of 450 million users is 9 million users.

Clutter is not bad in and of itself.

Clutter is bad by definition:


In UIs, it imposes cognitive load for little or no benefit.

I'm immensely grateful that I did some tech support in college. It taught me how much seemingly trivial, ignorable UI clutter caused real problems for people who aren't programmers. That is, the vast bulk of the population. Cognitive loads that are small for me can be giant for others. Letting me design a UI based on my own preferences is like letting NBA basketball players decide how to organize my kitchen cupboards.

about:config is a great place for this kind of tweak. In fact, most of these check boxes the author talked about would fit in right at home in about:config.

Even more so if about:config included a one-liner explaining what the option is for. Sprinkle search/hierarchization on top of the about:config and suddenly the rule can be "if 99% of the users don't need the option, it goes into about:config only".

Sounds like opera:config - which doesn’t render the ‘Advanced’ tab in its Preferences menu useless.

The about:config window has a giant search box right at the top of it. It's not hierarchical, but its sorted alphabetically, so, for instance, all accessibility.* options are grouped together.

A short description would be nice, though.

    A short description would be nice, though.

about:config is horrible because it's not hierarchically organized. A big fat list of items is much more difficult to use than multiple tabs or pages of related options with widgets appropriate to their data types. "Advanced" shouldn't automatically mean "difficult by design."

But how many people just browse the about:config window looking for settings to change? I go in there looking for a specific setting because I've searched google first, and found a website that explains what setting I need to change. Use the search bar and it filters the list for you.

You shouldn't have to search Google first. If you know what you want to do, the setting to do it should be discoverable through a well-crafted hierarchy of settings. Searchable configuration lists are a symptom of the UI designer outsourcing his or her job to the end user.

You're right. In a well designed program, the user should have to search Google. Like user sergiosgc said, a well-written one line explanation plus better organization would go far in improving the about:config screen.

And you're right that just because something is deep in advanced settings doesn't mean that the design has to be shit. But in this case, and in other browsers, 99.99% of users don't even know it exists, so Mozilla likely feels justified in leaving it as is.

The reason I get worked up about discoverability in user interfaces is because that is how I learned nearly everything I know about computers up until I was in highschool. I was lightyears ahead of my parents, relatives, and most adults I came into contact with ever since I bought my parents' old IBM PC-XT for $75 when I was around eight years old. The only way I could keep learning was by exploring and discovering (and library books).

Have a look at opera:config.

No, don't solicit spam for the bug that wants to remove the options; instead, go file a bug saying that Firefox should check the user's quota in addition to statfs. Easily added, and then Firefox becomes that much more automatic.

> No, don't solicit spam for the bug that wants to remove the options

It's not spam to discuss the merits of implementing a feature request.

> instead, go file a bug saying that Firefox should check the user's quota in addition to statfs. Easily added, and then Firefox becomes that much more automatic.

Not possible - the quota information is not made available in any standard way, but rather by a non-standard dot file in the user's home directory. I know the quota information should be exported by rquotad but things aren't always that neat in the real world.

Even if it were possible users may still prefer not to sacrifice any of their quota-limited home directory to Firefox cache. Who's Mozilla to presume they know what users want?

> It's not spam to discuss the merits of implementing a feature request.

First of all, note that the tracking bug you linked to doesn't even track or discuss any bug about removing the cache options, making it pointless to bring up there.

It wouldn't be spam for you file a bug requesting a fix for quota handling. It also wouldn't be spam for you to post a note to the bug about removing the cache options to point at the quota bug, and to make sure it'll stick around as an about:config option. However, canvassing for other people to go post to a bugzilla tracking bug just leads to noise like the current pile of comments in bug 851698; the vast majority of the comments in that bug, especially the ones by users labeled "(New to Bugzilla)", do indeed constitute spam, and those same comments show up in just about every bug trying to clean up the UI.

See also https://www.xkcd.com/1172/ .

> Not possible - the quota information is not made available in any standard way, but rather by a non-standard dot file in the user's home directory. I know the quota information should be exported by rquotad but things aren't always that neat in the real world.

So, we've started from "bug only seen by people running Firefox over NFS", already a very small fraction of users, and then shrunk the audience further to people who don't even use the standard quota mechanisms. An option to serve that vanishingly small fraction of users seems like precisely the domain of about:config.

> Even if it were possible users may still prefer not to sacrifice any of their quota-limited home directory to Firefox cache.

And those users can go tweak the setting in about:config, or you could tweak it for them by changing the system-wide default. That doesn't make it appropriate to put in the main configuration UI; not enough people use it, and its very existence in the UI hurts more people than it helps.

> Who's Mozilla to presume they know what users want?

Makers of a browser used by hundreds of millions of users, with extensive data from actual user testing, tons of statistical data telling them which settings and UI options people actually touch, and most importantly an understanding that just because an option has users doesn't mean it should continue to exist, and that the noisiest people on Bugzilla frequently don't represent a significant fraction of users.

about:config exists to satisfy use cases like yours. Tone down the rhetoric and understand that when your software has hundreds of millions of users, every single change represents a tradeoff between who it might help and who it might hurt. This one seems far easier than most.

about:config seems like another way of saying the advanced preferences tab. Which I believe is what the above poster is arguing for.

You're arguing for the same thing.

They're not the same, really. The advanced preferences tab is an easily-accessible pane in the preferences GUI, right next to things like setting-the-homepage, syncing-your-bookmarks, and other features that are broadly useful. about:config is a page that almost no one knows about, except people who really know what they're doing.

Edit: and the about:config page shows a giant warning that "This might void your warranty" before allowing you to proceed. It's pretty different from a generic "Advanced" tab in a preferences window.

> Who's Mozilla to presume they know what users want?

The developer and designers of the product.

They might not always be right, but they need to be able to make decisions for users in order to move forward. Apps need a champion to lead them and guide them, and sometimes even to upset some users to improve the product for other users.

> For the love of god, what is wrong with having an Advanced options panel?

The OP seems to think about the average user and decides that a lot of stuff is not needed in Firefox options. But the average user does NOT click on Advances Options in any case. To be fare, the average user do not click on Preferences at all.

Is not bad idea to have some of this options as plugins, though. But we must remember that if the "average user" clicks on "Full screen" button (or even worse, F11), he/she'll probably have to reboot the computer in order to "fix" de computer.

The "average user" is also not a real user. There aren't actual average users - they're a conceptual aggregate of a broad-range of users who may use entirely different sets of features, which share only a few common overlaps.

You can not damage the "average user" at all, but manage to break the workflow of most of your real users but eliminating parts of the set of features they depend on.

i.e. remove 100 different features only used by 1% of your users, and it's actually quite likely you've removed features 100% of your users use.

However the workflow issues you break are sometimes something like this: http://xkcd.com/1172/ -- that may be a problem with software you paid $1 for 3 years ago and expected forever to work exactly as you need it.

Why shouldn't one expect to have one's purchased goods remain available indefinitely, no matter the price?

This comic is not meant to be a justification for removing actual features.

How did you mentally go from "expected forever to work exactly as you need it." to "Why shouldn't one expect to have one's purchased goods remain available indefinitely"?

There's a huge difference between being available and not ever changing. You're arguing against a point never made.

If I paid for a piece of software three years ago, I expect that piece of software that I obtained three years ago to work forever.

> i.e. remove 100 different features only used by 1% of your users, and it's actually quite likely you've removed features 100% of your users use.

Perhaps true, but your estimates are off by many orders of magnitude. Wikipedia puts the Firefox userbase at 450 million. How many people do you think need to turn off SSL? Hundreds? Thousands? That's about 0.0002%. How many need to turn off or manually tweak the size of disk cache? Over 9000? That's still only 0.002%. And oddly enough, it'll overlap heavily with the last 0.002%, and the next 0.002%.

Quantity of users is a really bad metrics.

People really disliked being treated as numbers, they'd rather be treated as human beings.

It gives the impression that it's about finding a justification to an arbitrary already made decision.

IMHO a more sensible way to tackle the issue is to make usage cases and find a way to address what ever arise from this scenario wisely. From the nfs case exposed earlier, a "I'm on nfs with quota" checkbox would make more sense than forcing cache manually to 0.

Instead of removing features and hiding options, wouldn't it be preferable to provide options that make sense and make them usable ?

I think it's easy for early adopters to feel like developers owe us because we're the ones whose advocacy got them those 450mil users.

Advocacy is fine, but in the end it was the product itself that got the 450M users. You can't grassroots something that's not actually good.

Right, the developers and the early adopters deserve deference; I'm saying that it's easy for an early adopter to believe that the other 450mil users do not. After all, they're using it anyway despite it being friendly to the early adopters.

It doesn't mean the product was actually good, it simply means it lacked a better alternative.

If a product manages to be better than all the alternatives, it's hard to argue it's not a good product. At the very least it had to be better than "whatever everyone was using before" and "not using anything."

For the first few years, there were lots of sites that were designed for IE that broke in Firefox. Thus, at first, it was actually worse for many people. Yet, because the early adopters kept pushing it on everyone of their malware-ridden friends and relatives, it grew in usage anyway, allowing Mozilla to afford to make it better.

I was one of those folks who contributed to the Firefox announcement ads, but I don't really believe that it succeeded because folks pushed it rather than it simply being a better product. Yes, some sites at the time worked better in IE, but on the whole, the experience on Firefox was better and that's why folks supported it, not because they disliked Microsoft or something. (And yes, because we support proper web standards.)

Firefox was a spinoff of Mozilla and was a pretty good browser from v1, and within a year of release was considered the best browser available.

That's a really good way of putting it.

The number of times I've had to fix someone's "broken" browser because they accidentally pressed F11 is depressingly large.

The problem here is the lack of communication. How hard is it to show a brief popup telling the user what is happening and how to reverse it? At lot of applications with a fullscreen mode already do this. For example, Parallels and VMWare Workstation do it[1]. Options that can be confusing or dangerous should come with warnings instead of just taking them away.

[1]I think there is a way to stop showing the message, though.

Opera does it and offers an opera:config checkbox to turn the warning off.

Firefox is one the few who does not offer this feature.

Chrome does that when you hit F11.

in fact if you mouse to the top of the screen you can move away from full screen also

They don't need to remove the ability to override - they just need to remove it from the preference panel. As long as it is still available as a configuration change though an about:config screen or equivalent - admins in specialized environments can set it appropriately. In fact - they are more likely to set it through a registry setting or a domain policy and would never go to the preference panel at all.

I made an account to try and leave a comment but seems like I don't have permission to do so. If you can, I'd be grateful if you left this comment for me:

> Before moving forward with this suggestion, please do a usage analysis for each of these options (or any future suggested options) based on regions in the world. Several of these options (images - which doesn't break Google for me, javascript, cache) are all things that appear on the surface to be very useful in third world countries where bandwidth & hardware is very limited. The ease of finding and configuring these options might be precisely why Firefox has a healthy lead over competing browser in Africa. So while the overall percent of users is 2%, this number possibly shoots up to a majority of the user base when looking at specific regions or demographics.

Specifically, image & javascript would help with bandwidth. Cache override/disable would be useful on devices like the Raspberry Pi that run off of flash media (or for use cases like running Firefox off a flash drive ala PortableApps); the type of hardware I would expect to be more widely used in 3rd world countries.

Most prefs live on in about:config, and can be set in peers.js. This is probably easier to automate anyway.

Also, because no one uses SSDs and those definitely don't have a limited number of writes. That said, they could make it smarter ("We see that you're using an SSD but you have some free space on this other disk. Should we use that for cache instead? Click here to read more about SSD write cycles...") or just cache in RAM only.

Even with a page file on an SSD I haven't had a problem over years of operation. Granted, this is anecdotal, but wear levelling wouldn't exist if it made no discernable difference. Windows disables defragmenting on SSDs, but from what I gathered that's not so much because of write cycles but rather because it makes no performance difference and thus is time unnecessarily spent.

That being said, making the algorithms smarter should probably help, e.g. only caching in memory if there is an SSD and just store frequently-used sites' resources on disk which might be a viable compromise.

Oh you are one of the 5 people who use an NFS-based setup?

Many computer lab like environments use NFS... While there may not be a lot of these, they can have hundreds of machines...

This was a problem at my university too, not a massive one though. Certainly an add-on could fix it rather than an option (really what would be ideal would be better group policy-style management of FireFox across workstations).

In this instance I have to wonder if FireFox couldn't look for a quota - it can be detected.

He said 'pretty likely' didn't he?

I think disabling cache could improve SSD lifespan. I would leave that option to the users.

I've resigned to the fact that I'm probably going to get fucked over by people removing options from existing software (software that self-updates, by the way, and that needs in some aspects to be updated in order to stay useful, but you get all updates whether you like them or not). I understand, you're all busy people, and I'm not paying so I shouldn't complain, and who wants to work on backward compatible cruft when you could be building the next 'awesome bar'. I get all of that and people need to make trade offs - heck, I do it myself in my own software.

But then please for the love of god make about:config something that can be used without trawling mozilla.org discussion threads or random about.com 'articles'. There are hundreds and hundreds of about:config options, most of them more useless than the next, except for maybe 25 or so of them. If mozilla is already tracking so much, why don't they track the most-often changed settings through about:config and put them in their own section at the top of the list? Or, here's a radical idea, why don't they put the options in a tree rather than a flat list? Maybe ordered in a way that makes a bit of sense, but I may be pushing it there, I know. Why are we punched in the face with an 'options' dialog that (it seems) should have, in the eyes of most 'designers', only a very few options to the point where it becomes useless for 'advanced users', or kicked in the behind with an about:config page that could, functionally, just have well displayed 50 kb of output from /dev/urandom?

This : http://www.npr.org/blogs/money/2012/07/13/156737801/the-cost... applies not to just Google Reader, guys... I've been using Firefox since the milestone builds of what back them was still just called 'Mozilla', if I'm remembering correctly, and I have yet to find something better (at least if you count in all the addins) but damn, if I were religious I'd do a prayer every time I see it 'installing updates', out of fear of what it's going to screw me over with in 'interface innovation' this time.

(done ranting now)

But then please for the love of god make about:config something that can be used without trawling mozilla.org discussion threads or random about.com 'articles'.

I think one of the reasons that about:config is not easy to use is because it shouldn't be easy to use.

If it was a nice window with checkboxes and dropdowns and tabs for groups of related options, then it would become a de facto settings dialog a thousand times more problematic than the legitimate settings dialog.

making it hard to use doesn't really stop people from using it[1], it just means they will use it badly

1) search Google about something, read blog, follow instructions is an amazing pattern people have learned and apply regardless of wisdom or skill

If options are removed from the preferences panels, something easier to use than about:config should exist, or about:config should become less useless.

When did warnings indicating that "this option will destroy your computer if set carelessly" become verboten? Why waste the expensive time of advanced users for no real benefit to the masses?

What a fascinating comment: "expensive time of advanced users"? As if knowing what, say, SSL 3.0 means is somehow a marker of a more valuable person, more worthy of not having their time wasted.

It might be good for you to remember that those "masses" are just people with other things to do with their lives - they're doctors, lawyers, concert violinists, nuclear physicists, biologists, teachers, ... and they just want their damned browser to work without having to mess around, and preferably not break with cryptic error messages they don't care about, because, frankly, they have better things to do.

I think you missed the point here, doctor, lawyers and otherwise supposedly busy non-advanced users will not delve in about:config at all, hence cannot waste any of their time there.

It's only the advanced users who are willing go through this path because they want to tweak a settings. And the question would be, is it really worth making such an impractical tool out of about:config and thus wasting time of advanced users when it was designed for their own use, for the sake of keeping non-advanced users out this setting panel.

Advanced users are the only ones who will be "mess[ing] around" in the advanced settings dialogs. Sane defaults and easy-to-customize advanced options are not mutually exclusive.

I take it you don't have friends or family who call you when they completely fuck up their system by means of some innocuously named preference.

Be careful taking this advice. "Get rid of all the options" can actually be quite powerful... it makes software that "just works". But it also makes software that "just doesn't work". The reason that these suggestions make sense is that Firefox allows plugins and extensions which CAN allow for these things.

Perhaps the moral of the story is to build your software with layers of configurability. In layer one, there are hardly any choices, but there is an "advanced" button to allow further configuration. In layer 2, there are many more options, but still only "frequently-used" features... however, there is a plug-in or scripting system that allows adding additional features if a developer makes them. The ecosystem of plug-ins would be layer 3 (note that this only works if you provide a common place to DISTRIBUTE the plug-ins and you make an effort to filter out malware). Finally, layer 4 would be the ability to build one's own plug-ins, but this layer would only be available to developers.

I have some software (like browsers, IDEs, and even older things like Emacs) that works like this today... but maybe all software should be built with layers of configurability.

Over the years I've gradually concluded that extension mechanisms are actively harmful. Firefox leaves features that should be integrated (tab management, developer tools) down to extensions; in Opera these features were always more usable and better integrated. Emacs defers to extensions for things that Vim does natively - and again, the result is those features are more usable and better integrated. Eclipse makes everything a plugin, and often this leaks up to the user; it frequently happens two features will either not integrate nicely with each other or even be impossible to install at the same time; contrast with IntelliJ IDEA where all the features are built in, with the result that it "just works".

It seems to me that your criticism is of software that leaves too much to extensions, rather than that "extension mechanisms are actively harmful".

My impression is that simply having an extension mechanism inevitably leads to this problem.

ok, but when you say:

> Emacs defers to extensions for things that Vim does natively - and again, the result is those features are more usable and better integrated.

Vim has an extension mechanism too. It may not be quite as flexible as Emacs, but it is much more flexible than most programs.

I agree.

While disabling Javascript is something sure to break a lot of websites, it is something that I use regularly to test the websites that I am building so that I can confidently assert that disabling Javascript won't break MY website.

Same thing with disabling images. I have built web applications for the browser constrained (think remote science stations in Antarctica), and we often wish to test rendering without images (or with massively deferred image loading) or with only partial page renders to ensure that the first content loaded is the first content displayed for those situations where they are needed.

Sure, I'm a fringe case, but for some people, "breaking the internet" is a job requirement.

FYI, both of those switches are available in easy-to-use fashion in various web developer addons :


So I think removing those from the config UI is an excellent choice.

I'm not a UI guy, so my point wasn't whether or not the checkboxes should or shouldn't exist, but to clarify that all the use cases he asserted "broke the entire internet" had valid uses and represented the desired behavior.

That it happens to break a few popular websites doesn't mean that the entire internet is broken, or that that wasn't the desired effect.

For most users, breaking Google is actually breaking the entire internet. How will they ever find the Facebook login page again?

Funnily enough, the Internet was never broken by turning off JavaScript.

Be careful taking this advice. "Get rid of all the options" can actually be quite powerful... it makes software that "just works". But it also makes software that "just doesn't work".

To be fair, the post didn't advocate getting rid of "all the options". It advocated getting rid of options that almost never make sense to use. For many of the examples given, that would continue to apply even for power users.

The option to enable/disable the nav bar seems ridiculous until a website disables it for you. The option is there to re-enable it.

until a website disables it for you

I'm fairly sure there is an alternative solution to this problem that does not involve adding an extra option in the UI...

Indeed, I am in full agreement with the original post -- which proposed this policy for Firefox, a tool that HAS multiple layers of configuration. My only point was for others not to blindly apply "remove options", but to consider what Firefox REALLY has, which is different layers of configurability.

There is also about:config

Agreed, I would move a lot of these things to about:config so that power users can play with them while hiding them from average-Joes.

Actually, that's the "advanced" settings (level 2) for Firefox, isn't it?

What total bullshit. JavaScript should not be mandatory. It SHOULD ALWAYS remain controllable, and killable. That should stay in the hands of the users. The idea that "disabling JavaScript" is a bug and not a feature is repugnant to me.

And images? Most people are too naive to understand that the <img> tag represents an HTTP GET for every occurrence. Being able to lock down GETS and limit them is a safety measure, not a bug. Just because users are naive, and that such naivety is encouraged by greedy parties, does not mean that the feature should not exist.

Certificate Authorities? SSL? Destroying the ability to control your cache?

Alex Limi should take note that the browser exists for the user, not the faceless "product" locked away in remote internet server land. Not all websites are "product" designed with the intent to extract cash from people's pockets. The browser is the last gateway of control a user has over what the internet is allowed to do to their machines. Taking these settings away represents a set of handcuffs.

Is it not clear that JavaScript can be used as a weapon against the user, to obfuscate, and limit the user's understanding of the actual behavior of any given HTML document?

Privacy Engineer Monica Chew should take note that people will fork or abandon their open-source browser if it doesn't represent their interests. People with the technical awareness to know better will advise people to avoid Firefox, if decisions like this are on the horizon.

Blame people like Alex Limi and Monica Chew if Firefox becomes the next Internet Explorer.

Design-by-committee indeed. Design by Steve Ballmer is one possible alternative, is it not? Does that sound better? I think we know what authoritarian decision making can look like.

Wow! No respect for this troll-bait article under any circumstances. I don't care what their pedigrees are.

Your nick is apt. Calm down a bit, yeah? He's talking about removing useless configuration options from a prominent dialog, not placing you in a "set of handcuffs."

Except maybe for the cache control, the settings the author talks about are basically useless. Third-party plugins like NoScript are a much better solution. Be honest, do you use the "Disable JS" checkbox, or do you use NoScript?

"Disable Images" can be handy in certain, very specific settings, but it doesn't really deserve a slot in the main preferences dialog.

I don't think the author is advocating the complete removal of these options. I think he's objecting to how prominent they are in Firefox's UI. about:config is the perfect repository for all of these tweaks, and I expect the dialog is already just a frontend to about:config.

His point is they can make better use of that prominence than they currently are.

> "Disable Images" can be handy in certain, very specific settings, but it doesn't really deserve a slot in the main preferences dialog.

When I have a highly limited connection is just the time I wouldn't want to download a plugin OR be searching for instructions about how to disable images. It is also fairly good plain language that even non-experts could understand. I think it probably does deserve a place somewhere in the settings.

Disable Images are handy when your internet is slow (lagging public wifi, heavy packet loss) and you need to get job done.

I like the disable images in my toolbar. Each to their own.

I don't think I've ever heard my parents ever want to shut off Javascript or disable GET requests from <img> tags.

I think you're forgetting that Firefox is not used exclusively by developers who may find those options useful. They're simply one /portion/ of Firefox users, and in my opinion, developers should be considered power users. In which case, moving some of the more "advanced" options off to about:config, where power users would be more than comfortable.

I don't think the article is advocating for disabling these options completely. Rather simply hiding them from the average Firefox user who doesn't need to mess with them.

I think you are forgetting that whether your website works without images and JS is up to you as a developer. Disabling those things should not completely break normal websites. The immediacy of those checkboxes is a good reminder.

I have some bad news about what constitutes a "normal" website these days.

I think in the last three weeks I have needed javascript for three things:

1. feed/email app sites

2. trying out stacksort

3. loading flash embeds on youtube because youtube is set up annoyingly

So tell me your bad news. What sites are you talking about here that apparently make up a majority of the internet and need javascript?

Also I just turned off images and tried a few pages, nothing broke. Google's homepage had a perfectly visible text box, I'm not sure what the problem in the article was.

How about facebook (specifically messaging and paging also no likes and comments for users without JS)? I know, you probably don't use it but I know quite a few people who do.

Yeah, but that's why it's a switch, and these features are defaulted to "enabled".

Nothing wrong there. We need these switches. Taking them away is a bad, BAD idea.

If the discussion were about how to provide access to these settings in a cleaner manner, so that people understand why they exist, and how to properly use them, I'm all for that. Increasing awareness and informing people about what the internet does, how it all works, and why they should care is a good idea.

This article doesn't take that tone. It just says "Ew, yucky! Hide all these settings because they're ugly, or better yet, don't make them settings. Don't even let people change them. It doesn't matter how practical they are. They keep us from making money. The ivory tower, where all the developers live, will be able to figure out a way around the road blocks we put up as they usually do."

Messaging is more of an 'app' thing than a website thing. Comments not working just makes me call it one of the minority of badly-coded sites. There is absolutely no need for scripting just to have comments.

Is it worth alienating web developer and power users because they represent a small fraction of your user base ?

Try alienating your power users and wonder your product suddenly start bleeding regular users along with power users.

Start alienating web developer and wonder why suddenly websites start breaking in your browser.

This article is advocating total removal or rendering as impractical as possible as a mean of protecting ignorant people from their ignorance all in the sake of brand image.

In Opera you can have a set of options for each site.

Then you can disable JS for most sites and enable it for some.

The same for proxy server, cookies, etc.

On the risk of being snarky:

    Personally, I feel pretty confident that the number of 
    people that know how any of this [certificates] works 
    can be narrowed down to the people that work in these 
    companies in the list. At least not too far off.

If you believe that this is true, then you should probably start reading a bit. I would suggest you start at the Wikipedia article for a company called Diginotar [1]. And try to understand the relevance of certificate management. In fact, checking the default Firefox CAs [2], the very first entry is TurkTrust, a CA were some people have probably very good reasons to manage that certificate [3].


[2]https://wiki.mozilla.org/CA:Overview actual list is apparently https://docs.google.com/spreadsheet/pub?key=0Ah-tHXMAwqU3dGx...


Or https://bugzilla.mozilla.org/show_bug.cgi?id=435013 for another example why managing certificates might be necessary if you are a Linksys router owner.

My 2 major problems with moving things to add-ons: - they might not exist yet so I get buggered - I need to trust 3rd party where previously I didn't have to

I often wish that developers would more often travel around the world so they would notice there are a bit more than 2% of people using crappy connections where disabling images is one of the first things to do.

I plead with anyone reading this to not be overly dogmatic with streamlining away all options and configuration. I find this irksome on my mobile devices and as the religion of simplification leaks into the desktop space, I find it outright frustrating.

Firefox has about:config as a saving grace, so if options were removed from its user interface, I would be able to make do. In fact, I'd pay money to see about:config or similar in every application. For example, I set slider.snapMultiplier to zero to remove that annoying snap-back on the scrollbar thumb when you drift too far in the perpendicular. Good luck describing that one in a dialog box.

But unfortunately, in other products, hiding options is often just straight-up removing options.

While I appreciate reducing confusion by hiding options that are difficult to describe, I would prefer an "advanced settings" section. Perhaps consider three tiers, as with Firefox (options, advanced, and about:config).

I was really upset at all the options I lost in applications on my phone when it updated from Ginderbread to ICS. I wanted a more powerful phone. But now many of the features I typically used are gone. Note to developers: beating iOS doesn't necessarily mean becoming more like it.

Note to developers: beating iOS doesn't necessarily mean becoming more like it.

That is SO very well said... I wish I'd thought of that myself. In particular, I wish I'd thought to say - about 10 years ago - "Note to developers: beating Internet Explorer doesn't necessarily mean becoming more like it."

I still remember so may discussions about Firefox (and Mozilla the browser before that) where somebody proposed something and it was shot down because "That's not the way Internet Explorer does it" or "IE doesn't have that". sigh

This is a lot like "citizens shouldn't be allowed to vote for a candidate opposing their current Senator, because incumbent Senators get re-elected 99% of the time anyway, and when they don't, it's usually a disaster for their constituents." Well, yes, those facts are true, but they don't justify the conclusion. In fact, they justify a rather opposite conclusion: if incumbent Senators almost never lose elections, and web sites are unusable with images and JavaScript turned off, maybe we should consider changing the system to force those things.

One fundamental premise of free software is that users are responsible for the software running on their computer, and therefore have the right to make that software do what they want. They have the right to accept SSL certificates from who they want, to use the amount of disk space they want, and so on. And the fact that only a tiny minority of users understand the security implications of having China's root certificate installed in their browser is not an argument for taking away their option to uninstall it. It's an argument that SSL's trust model is severely broken.

What is the benefit you imagine from trying to force everybody to build websites that are usable without JS and images?

Because as far as I can tell, that battle was lost about 10 years ago.

Just as one example, accessibility for blind users. Also, pages that work without images and JavaScript are more likely to be machine readable; I still want to see one of the the early visions of the web come to pass, where "User-Agent" doesn't have to be a web browser.

Accessibility is important, but it's not a reason for stopping progress. If it were, we never would have had computers at all. The solution there is more investment in making new technologies accessible, not preventing new approaches altogether.

That latter thing isn't really a benefit. Or if it is, it's satisfying your personal aesthetic sense. I too happen to think that past version of the future was awesome. But I also liked the future where we all used jetpacks to fly up to our long-haul zeppelins. That's no reason to ban airplanes.

You seem to be saying that web pages that are unusable without JavaScript or images represent "progress". For something to be "progress", it has to be both new and better than the old things. In fact, though, it's worse and not better, and it's not even new; it's a throwback to the days before the web, where you had to download special-purpose client software and learn a new UI to access each new online information resource, and bringing together information from different online resources was difficult.

To use your metaphor, this is not the future where air travel is cheap and ubiquitous; this is the future where the Concorde no longer flies, you must submit to a strip search to board an airline, and Meigs Field has been bulldozed.

I am saying that the people making more dynamic websites believe that what they are doing is better than ye olden dayes of the webbe. Sometimes they're wrong; sometimes they're not. When people make new things that they think are better than the old things, that's called progress.

I'm fascinated that you could work in tech and still manage to seize one small moment in technological time and declare it the peak of goodness. You realize, don't you that people do that with every moment of technological time?

I'm not denying that by your criteria the web was better then. I'm just saying that seizing upon the particular set of aesthetic criteria from the age when one is most impressionable and decrying all that comes after as worse has never been an effective way of changing things back.

You are attributing points of view to me which I not only do not hold, but which I find insulting that you could think I hold. I am disappointed that the level of discourse in this forum has fallen so far.

What sort of progress will be stopped by encouraging websites to present content as content instead of as an "app"? What specifically would you do to make websites that don't work without images or JavaScript more accessible, apart from making them work without images or JavaScript?

Jetpacks aren't widespread for important safety and technical reasons. The existence of search engines demonstrates that non-browser agents are technically possible.

Zeppelins are also technical possible. They're just not economically feasible.

People are often perfectly happy to present content as content. But when their economic interests lead them to another approach, aesthetic outrage from a tiny minority won't change that.


I need to be able to alter my root certs and other things. I can even teach other people how to do this.

If this is hard to do, it should be made easy.

Resist turning your software into a tablet.

Usually, it's the incumbent senator that is no longer allowed to run for office.

(My point vaguely being that the rulemaking behavior you seek to lampoon actually has leaked that far into real life)

Oh, I'm well aware it's leaked that far into real life: it's the well-known Single Party Rule, as seen in the former Soviet Bloc, and in most dictatorships, where there's only one candidate on the ballot. And it's justified in exactly the same way: people don't know what's best for them, so the Party must decide on their behalf. It may be good in theory, but it's a corruption magnet.

It's vary rare for senator's to be unable to run for office. Because the things that prevent winning are much wider than the list of things that prevent someone from running.

The most obvious being you can still run while in the middle of a murder trial up to the point where your convicted. But, good luck getting elected.

Yeah, I used senator there, but I was euphemistically referring to term limits, not trying to imply that U.S. senators are subject to them.

Though marketing worked hard to push this idea, Firefox is not free software.

The author has good intentions here but I have to disagree. I don't think that functionality that the browser handles should be moved from the browser's own options panel to addons, third-party or otherwise. Even if Mozilla themselves offered addons to manage enabling/disabling JavaScript, SSL, certificate management, etc., that gives the impression that they somehow believe that the functionality being moved over to addons is secondary, unimportant, or less of a priority than more simple options which I think is just not true.

I'm totally on board with the idea that if less than 2% of users need functionality it shouldn't be placed front and center and maybe it doesn't need to be in the options panel at all but most of his examples aren't the sort of thing I would want removed or outsourced to an addon whether I was a technical user or not.

I think the real answer is to prioritize, organize, and simplify. Make the most important, general, and broad options the first ones a user sees. Organize them from most general to more specific (which probably includes an increasing level of complexity as well). Go ahead and hide some of the more fine-grained controls in a panel somewhere that all but those who really know what they're looking for will find it (but make sure to document it, too). Finally, remove anything that simply doesn't need to be there. Those things, I believe, will be very few and far between. The author makes it sound like there are tons of options they could get away with just cutting from the options without anyone noticing but I'm not convinced. Despite the fact that some options are very rarely used, when that rare case of them actually being needed comes up having them available, albeit in some hidden away panel, can make all the difference between a happy and a frustrated user - a user who won't have to go out and search for yet another addon to manage something they thought the browser itself should be able to control.

The solution isn't to reduce the number of options, at least not in the way the author promotes. Instead I think it's really just about better organizing and presenting what's already there. Mozilla is all about freedom and their customizability is something a large segment of their userbase loves them for. Why ruin that?

The issue at root is determining what "functionality that the browser handles" should be.

Every less-used option and feature that a browser can offload to an extension or plugin is less code everyone has to download, and less code the browser team has to maintain. Also, those extensions can live or die based on actual usage and demand - a more fair "market economy" than the central browser team making those kinds of decisions about what's important or not.

The alternative is tremendous browser bloat - supporting every feature wanted by 1% of users can lead to hundreds of extra features, and thousands more configurations that have to be regression tested.

> Why ruin that?

According to the article, it's a move to protect their brand from looking bad when kids click around.

In recent versions, Apple as moved many of these options (such as Disable Images) into the Develop menu which has to be explicitly enabled via Preferences -> Advanced -> Show Develop Menu.

I agree with many of the others on this thread that FireFox's about:config is not the place for these things. It is nice that FF has such low level access to such settings, but it is not much more friendly than editing an Apache config file.

I am also a little concerned about moving these into Add-On which have their own set of issues for most people. How often have you sat at someone else's web browser to see it filled with all sorts of extra menu bars and enhancements that make the browsing experience even more confusing and slows every thing down (not to mention the potential privacy issues).

> The entire certificate manager

Get rid of the rest of it, but please, please make installing and using client certificates as easy as "installing and using" cookies. Make them sync with your profile, even! Client certs are the most wonderful security feature nobody has ever heard of, and it's 100% because the UX is horrible. Make them happen transparently and the web will take a permanent step up in security.

> As Privacy Engineer Monica Chew at Mozilla asks, “Is it really worth having a preference panel that benefits fewer than 2% of users overall?” — obvious spoiler alert: The answer is no

This logic is so wrong that I don't even know where to start. Every obscure feature might be used by only 2% of the users, but it's not the same 2%. If you removed 10 of those "useless features that nobody uses" you just made your product unusable for 20% of your users.

But it's not even that. If I'm in those 2%, I don't care what other 98% are doing, you are breaking something I depend on. I want to use products that won't break my workflow even if over time I cease to be in the majority. It's a matter of trust (you hear me, Google?). There's a reason why countries that protect their minorities win over time, and I believe the same will be true for software products.

PS. By the way, what Monica Chew and Alex Limi think of accessibility features? Fuck those blind people, right?

Sorry this made me think of this: http://www.xkcd.com/1172/

Please don't misunderstand this article: it's not about removing checkboxes or functionality, it's about an opportunity to change the UI of settings to a better one.

I was so happy reading this because it seems that some big dogs are finally realizing the problem that I noticed some time ago [1], but I'm nowhere near as good at elaborating my points or causing change.

The innate problem with checkboxes is that while they communicate if something is on or off, they don't communicate what the optimized default value was (and unless you know what you're doing and a have a good reason to override it, it's probably better to leave it alone).

The reason extensions are mentioned has little to do with whether 3rd or 1st parties make them, but rather that their UI has a beautiful property: by default your extensions list is empty (ala clean slate), and everything just works.

Fixing unwanted issues is easy because it's just a matter of removing unwanted extensions from an explicit list of changes appled.

I think the main takeaway message here is that the UI for software settings can be made better without crippling the customizability or flexibility. Just present a view where it's easy to see what's been changed.

[1] https://github.com/shurcooL/Software-Settings/wiki/Software-...

The debate between power and simplicity in software continues on. Should you make features that are scary, and only useful to a handful of your users?

My $.02: Let Firefox continue to be feature-packed. Why? The other (popular) browsers are lacking by default (default being without plugins) in this regard. Keeping Firefox feature-loaded out of the box reduces the hassle for somebody that needs access to powerful web tools, when the alternative is downloading a bunch of plugins/ extensions/ bloatstuff.

My $.02: Let Firefox continue to be feature-packed.

IMHO, this depends on the features.

For example, I don't know what they were thinking when they decided to introduce an ad hoc, informally-specified, bug-ridden, slow implementation of half of Adobe Reader, but I wish they hadn't. I frequently use on-line services that provide PDFs for various reasons, and after the first 48 hours I had to Google the settings to make Firefox just shut up and let Adobe Reader do its job, because too much functionality was badly presented or simply didn't work at all. Now I've just got all that extra code I'm never going to use bloating my browser.

If you're viewing content that's based on HTML and comes embedded in a web page, like images or HTML5 videos, sure, make the browser handle it. But you can download many kinds of data over the Internet, and the idea that a browser should become some sort of all-inclusive operating system/distro bundle that can interpret them all itself feels very unhealthy to me. What happened to using one tool for one job, and making each tool a specialist that does its job well?

I fully agree. Although some buttons might be hidden away a bit better, perhaps moved to about:config or have them trigger a warning, I love that Firefox has these features. I've used almost all of the mentioned features (including turning off images), so none of them are useless to me.

But 'Load images automatically' and Enable Javascript should not be those that are moved. I remember how a few years back I had to regularly uncheck the 'load images automatically' box just to get my slow like death internet load things that mattered. I'm sure there are many places in the world where people have to still deal with that regularly. Same goes with javascript - security, privacy for those who know how it might affect their normal browsing.

Disabling these on mobile is especially nice due to bandwidth costs and limitations. On Firefox for Android, images can be disabled by settings the permissions.default.image option to 2 in about:config. JavaScript can be toggled with the javascript.enabled option.

IIRC, Chrome for Android does not allow the user to disable image loading. Opera and Opera Mini do, and also allow the user to load images at lower quality. "Internet" (stock browser) does on my phone. Dolphin does.

I couldn't disagree more, until I moved in to my own house I was using a £15/month wireless internet dongle for my main daily browsing. Most websites would inundate my browser with constant AJAX requests, draining my internet at a ridiculous rate (Facebook was a pretty nasty one for this) and the ability to turn off my javascript at the click of a button probably saved me somewhere in the region of £30 per month, not a major gain, but when you're homeless it makes all the difference.

(Although, this says more about the state of wireless internet fees, 15GB for £15, then £100 per GB after that, ridiculous!)

I was surprised he mentioned Javascript in the same breath as images. While turning it off should take a little bit of effort from the user (since the result is non-obvious) it is a mandatory part of a web browser, since you may not trust the websites you are going to.

How many users turn off JavaScript when visiting an untrusted site? I for one never have in over 15 years.

And if you did turn it off, and the site doesn't work, what do you do? Read the source code and look for malicious JavaScript? Your down to the 0.0001%.


I run with javascript off full-time, except for a whitelist. I use Chrome's basic settings to do this (not a plug-in). It's actually really handy, since most sites don't really need javascript to serve their purpose. It has made reading news online much more enjoyable. I find that on a majority of sites, javascript is used only to serve ads or pop up annoying "join our useless mailing list" dialogs.

Agreed. Apple AFAIK allow the user to disable JavaScript in the iOS Safari options http://osxdaily.com/2012/11/18/disable-javascript-safari-ios... and Android browsers have the option too. Maybe the browser designers know something the article writer doesn't: enough people need the option and are smart enough to understand the consequences.

You're the 2% who needs to install add-ons.

But why should I have to install an addon? This is something already built in to the browser, in all honesty, if you removed a feature I used frequently then told me to go elsewhere to re-download it, I would be going elsewhere to download some software and the software would be Google Chrome.

You already know why it should be in an add-on: because your use case is a rare one, and rare features for particular audiences don't belong in the main browser UI.

There are some fields where "But it's traditional," is a reasonable response to a proposed change. But software isn't really one of them.

I'd like to know on where the notion that removing features used by only a fraction of the user base is what should be done comes from ?

It is brandished right and left as if obvious, but it is never explained.

Consider all the possible features that 1% of the userbase wants. Are you saying they all should be included?

So the solution for someone with expensive bandwidth limitations is to download additional software on top of the software they already downloaded just to configure a setting that was already inside of the first download?

Yes and if you want to browse more securely with Javascript turned off, you should also download a 3rd party add-on from unknown developer that will do this for you ;-)

No he/she is the 2% that need to touch the advanced settings tab.

Only one person in 9 million. That's quite a lot of people.

Singling out Firefox isn't particularly fair: Chrome has the Content Settings panel (which allows you to disable images and javascript), Safari lets you disable javascript, and IE certainly did both, at least historically. This article just reads like beating up everybody's favourite browser punching bag to me.

Every feature has its place, and when you start pandering to the lowest common denominator of users is when you've decided that you know better than everybody else.

The author is "now doing Product Design Strategy at Mozilla ". What you're saying is true, and likely the author has realized it as well, but "fairness" is probably less of a priority to him than fixing the product he's responsible for.

"Do not show any images" under two links is a lot better than Auto Load images in a tab, javascript disabling is a lot more useful than he implies, IE has been beaten enough as it is.

I felt he chose Firefox because a lot of that UI was designed after IE and never changed. At least most other browsers seem to have thought about what to show in easy to get to pages.

The author is also a Mozilla employee.

While I agree that some of these options need to be hidden away better, a lot of the complaints would be fixed by adding easy reset-to-default buttons, or even some marker to show when something is changed from the default.

If users go messing around in the important internals of the necessarily complex machine that is the browser then they deserve what problems they have. In short: If you don't understand an advanced option, stay the fuck away from it.

Also, the article suggests making certificate management an add-on, among other things. That is the stupidest and most insecure thing I've heard the past 2 years.

It's interesting that you think it's "the stupidest and most insecure thing you've heard in 2 years", because I think the certificate UX we have in modern browsers is the probably the worst security misfeature on the entire Internet, responsible for not just for the battle between end users and "self-signed certificate" warnings but for the fact that there are hundreds and hundreds of random CA=YES certs that could sign a Yahoo Mail domain cert.

Could you tell me more about how important the browser certificate UX we have now is worth defending, or even keeping? I think we should just jettison it completely and let extensions take over.

> If users go messing around in the important internals of the necessarily complex machine that is the browser then they deserve what problems they have. In short: If you don't understand an advanced option, stay the fuck away from it.

You've clearly never observed non-technical people using a new product. Telling users it's there fault doesn't generate revenue. Making your product idiot proof does.

>Telling users it's there fault doesn't generate revenue.

To be fair, there's only one browser right now that has "generate revenue" as a goal, and that's Chrome.

And I, for one, am tired of being hamstrung by "idiot proofing". What ever happened to "if something is important to you, DON'T fuck around with it if you don't know what you're doing!"

This is good life advice. What happens when you go mucking about in the internals of any sufficiently complex system without knowing what you're doing?

> To be fair, there's only one browser right now that has "generate revenue" as a goal, and that's Chrome.

Completely untrue. Let's put it another way - the only browser out there not to "generate revenue", is Firefox (and even then it does generate a tidy amount from search referrals).

Chrome - pushes Google services and ChromeOS.

Safari - Apple-only. Nuff said.

IE - the original bad-apple of browsers. Once it killed off it's competition (ie, web standards), team was disbanded.

back on topic, perhaps the best answer is to provide a reset button or when erroring, provide actual locations to fix your issue (ie, the SSL disabled issue).

Maybe you're in the business or have a moral mission of providing life lessons to customers. I'm in the business of helping them avoid life lessons by having stuff behave as expected.

And it's considered "stuff not behaving as expected" that when you clear a box that says "display images" that images are no longer displayed? (One of the examples from TFA)

As a person who fielded calls from thousands of ordinary people with totally hosed browsers because their cousin saw an article and told them to turn off Java script or else his computer will be hacked, I totally understand this article. However, I hate it when software I use is dumbed down to the point where I can't configure it to be useful to me. My suggestion? Keep those options. But bury them. Deeply. Maybe provide an Easter egg-like thing you have to do to get at them (ie: enter "I really want to turn off javascript" into a textbox verbatim). People with the savvy to use those options will be able to find the process on Google. And the people who turn things off by mistake are typically busy wrestling with the concept of drag and drop, and won't graduate to more difficult things like that for a few more years.

In Firefox, that Easter egg is called "about:config". (And it even comes with a warning to scare away less technical folks who stumble into it.)

Interesting piece in there:

"Fun historical fact: If you disabled JavaScript in Netscape 4, css would also stop working — because css was applied to the page using… JavaScript."

That’s because Netscape’s original counter-proposal to CSS for a styling language was called JSSS[1]. When it became obvious that CSS was the way the industry was moving they hurriedly implemented the new CSS API on top of the old JSSS engine, which required JS to run.

[1] https://en.wikipedia.org/wiki/JavaScript_Style_Sheets

> Load images automatically

> From the Content panel in our settings, try unchecking the box:

> Here’s how Google’s front page looks like if you uncheck that box:

> [shows image of Google home page w/o search textbox]

I'm not seeing that problem when I try it. Why would a textbox disappear if images aren't loaded?

That seemingly simple input field is actually three divs, with a table inside, with three table cells, one of which contains several inputs.


Background images are used to give its visual appearance. Without them, it's a `border: none` text field - effectively invisible.

This is what happens when there is no meaning (semantics) behind core page markup. Small changes have seemingly arbitrary results that completely break the page.

I don't think he is saying the text box is gone, just that the box has no defined border to see it.

I am not seeing this issue now in Firefox or Safari. I seem to remember that this was an issue in the past (maybe 6 or more months ago when I was running with out image loading). Then as I recall, Google was using a background image for the box.

Dumbing down or idiot-proofing software doesn't make it more user friendly or easier to use. As an anectode, I had had to import my own certificates, disable/enable js, disable/enable image loading , set up cache size manually and other stupid crap in situations unrelated to development.

An equally valid counter argument to simplification can be made: Leave the software as is. It is a known quantity. Create an "easy mode" add on instead for people who really need it.

I hope we won't see firefox equivalent of iphone (just an example among many, don't jump on me) in the future.

Why should your workflow be prioritised over other peoples?

Why should other people, who don't know much, have to go get an extension while you, who does know enough to go get an extension, get to use the product as-is?

It is not prioritising my workflow but not changing already working software.

Idiot proofing is often necessary when the end user have to be spoon fed software and it is done by someone else who is perfectly capable of finding the said software on the internet form its official source, installing the package, finding the "easy mode" form its official source and clicking install button when the software prompts you to do so.

Alternatively, a version of software can be shipped by "easy mode" installed and enabled by default, just like how you choose which OS/localisation combo to download. Difference being that, software ships with rich configuration options by default and you can access them when you need it just by disabling "easy mode", not downloading something. No need to overhaul existing UI which is familiar to millions already, and prioritise people who cannot be trusted not to fiddle with options they don't know, just because you can.

So people can discover options and learn about them. It's not like anyone is magically born an expert.

Edit: reread my post again: just to be clear, I do use a number of plug-ins, but don't think it makes sense to require plug-ins for such basic security related items as turning off scripting or javascript, or for turning off functionality such as loading pics on a slow connection.


So, in order to turn off features such as javascript for privacy or security at less trusted or unknown sites, the author wants me to trust not only the security and code quality of the browser but also the security and code quality of a 3rd party plug-in?

I really don't like this trend toward moving toward plug-ins for everything - although I am OK with moving things to about:config.

As it is, I really hate the fact that I have to install additional plugins in order to turn off all scripting - seems that this - if anything! - should be a built-in option.

This makes me trust Firefox less. I switched to Firefox back when it was around version 0.6 or 0.7 - its greatest selling point then was that it could not run ActiveX and that this was good from a security standpoint. As it is now I don't see any benefit to it compared to IE from a security standpoint and only stick with it due to the great number of options that are easily configurable in about:config.

The 'get rid of all the options' philosophy is probably the single biggest reason when Gnome seems to have fragmented and was for several years a constant source of friction and hate between devs and certain corners of the community. However, it didn't have a robust support for plugins and behind-the-scenes configurability was sometimes limited and often overly arcane.

That said, while it's true that many of the options you mention are likely used be a very small % of users, and some are even dangerous for regular users to touch, they are also options that people who do use them will find critical, and they are options that people who do use them will be suspicious of in 3rd party extensions -- I mean who wants to install some random extensions named 'powerCert' or 'sslMan' with the purpose and powers of playing with certs on your behalf?

To a certain extent I think some of the options discussed could indeed be rolled into configure via about:config, I find the idea that it makes sense for others to be rolled into '3rd party extensions' a little troubling.

And some I think should remain, but could use some better 'branding.'

I agree that there should be an option to reset default settings or at least start with default settings.

However removing most options (and functionality) just for those users and situations where something might stop working, is wrong. Sure (some) settings could be tucked away better, but doing so to the extreme will influence how users view and use software.

This nurtures the sort of environment where users will kick and scream if a setting they altered does influence the usability of an application. The result: fewer and fewer options. Or options with large yellow safety warnings a la "stabbing yourself in the eye with a fork might result in loss of eyesight".

The way Opera deals with this is to have opera:config be a searchable webpage with hundreds of options that can be changed, nearly none of which can be changed from within the main Preferences UI.

Firefox could have an about:config page that's a webpage with a list of every crazy little option that could be changed and the remove all the little used options from the Preferences UI.

I don't see a need to completely eliminate the option but put it somewhere only advanced users will go.

(P.S. I find the web interface with a search box significantly more friendly to use than a native listbox control as is currently used for the advanced options).

What's wrong with giving users options? I think it's an insult to peoples' intelligence. Cars give users the option to drive into a brick wall at 80 MPH, but this doesn't mean people will be inclined to do so.

I often wish software would insult my intelligence in this way more often. I have enough choices in life. Most of Ye time I just want other people to make the best choice for me.

3D computer games on the PC are especially bad -- with a dozen weird graphic options you cannot really evaluate. What will setting texture quality to "Very High" instead of "High" really mean and how much slower will my game run? Maybe the effect won't even be noticable until a later level. "Occular Blimspace Remapping" is set to 2x but can go up to 16x, how much do I need? Are the autodetected settings optimal or could my game be much better looking if I just increased something, but what?

"While you are trying to find optimal gfx settings, we also detected you are having difficulty passing level 4. Shall we play instead of you so you can go on with your life?"

>What's wrong with giving users options?

What's wrong with it is that it adds a hidden cost to the software that makes it harder to develop. Every option splits your application into at least two possible states. If you have 1000 options, that's 2^1000 different states that you have to support.

Every feature added has to make sure it doesn't break one of these states, making it harder and harder to develop for.

Making something an option should not be the default behavior.

So developer comfort takes precedence over user choice? Or are you saying options are just way more difficult to implement than they are worth (considering the small proportion of users actually take advantage of them)?

Sure, you can always design for the 99%. Over time, however, you will be designing for the 50% -- after 70 iterations to be exact (that's log(.5)/log(.99)). Companies that do this end up with a very loyal, very small user base. Is that what a browser vendor wants?

The article points out some problems -- the options for changing how cryptography is used should definitely be less accessible; but also points to non-problems -- the options to disable images or Javascript should stay right where they are.

Design for "99% of everyone", not "99% of your current users".

How about educating the user a bit more and actually tell him what the options are for, what the consequences are, ... Give them the ability to back up their current configuration settings, so if something goes wrong you can restore Firefox with one click of an undo button? Design a bigger settings window, right there's way too much crammed into one small box. Expand and educate. Don't hide the settings, make it safer to experiment.

Why does Google search break without images?

Just tried it here, and the answer is... it doesn't. Though maybe it does sometimes for somepeople?

edit to add: I really liked the image options available in Opera Mobile for use in low-bandwidth situations, which include replacing the image with an appropriately sized rectangle of an average color, with the alt text in it, but I'm guessing they require a proxy, or else I'd suggest adding them to Android Firefox.

I wonder if you could do that with a range request, but with modern sites (using sprites) it probably doesn't make sense.

I agree in principal, with a few nitpicks. The javascript bit irritates me the most, especially the suggestion that only crazy people would need to disable it.

The post is absolutely right, though, whitelisting javascript breaks the internet.

I learned that when a family member found some new cooking blog on tumblr. The site was compromised, and serving malware to make people join a botnet. After cleanup, we started whitelisting javascript, leading to howls of protest over the next week as every site loaded broken. Eventually I realized that she was just automatically whitelisting any site she visited. (I'd laugh, but I'm probably just doing the same thing... someone posts a new demo here... I usually give it a pass.)

So we've decided we want to read random paragraphs or recipes from anonymous strangers. And we somehow decided that that means the strangers get to run code on our machines. I don't know why we thought this was smart, but fine, that's the ecosystem, how do we let it work?

Ignoring javascript vulnerabilities doesn't work, user management of javascript doesn't work, what's left?

Browsers should have managed, up-to-date blacklists built in. Maybe antivirus companies could help carry the load and manage the lists, but someone should be out there actively hunting down malicious sites so we can break them for all users.

Users shouldn't have an "add exception" option, either, we all just prop that door open.

It absolutely should NOT be an add on. If javascript security is saved for an add-on, no one will bother, because it requires first knowing what "javascript" is.

Javascript security needs to be baked in, and it needs to be better than what we've got.

I use Firefox because of its many customization options and his powerful addons. I i didn't knew what i was doing i would've used Chrome.

Nice post.

It's kind of odd that the consumer versions of Chrome and (especially) Firefox are loaded with developer-oriented features. I use these every day, but there's not a great reason for these to be in the main release.

Perhaps there is an opportunity for a developer-focused web browser with all the complicated bells and whistles. Or, a consumer-focused browser without them.

Or perhaps a hidden developer menu, visible once you have done a specific action.

For example, in the last Android version you have to tap 7 time on the "Android version" field in the "About" screen to enable the developer menu. A casual user will never go there.

Or maybe just hide developer options in a about:developer menu.

Do you think people are born as developers?

Or perhaps they start as "consumers" and then learn development?

What happens to that process if you hide the things they could use to undertake it?

> What happens to that process if you hide the things they could use to undertake it?

Then I, for one, would have never learned how to code.

I'd rather have too many options than no options.

I don't want the options in my face though.

Firefox does a great job with default settings in my opinion, even to new features and redesigns of previous features.

I think the Preference dashboard is stocked in a good way. It could be better, but it could be a lot worse. (You could have any of the five billion options from about:config I guess).

I agree with you about the default settings. However, I think the author is right in that some of the settings exposed in the preferences dialog are too advanced for the majority of users and are likely to break the internet for these users.

Maybe a good rule of thumb is that any setting that goes beyond cosmetic should be hidden away by default. On Firefox, that means that the Advanced: Network and Encryption tabs should be at least one more step away than they currently are.

I regularly browse with JS switched off, with some sites white-listed. I would say it improves my browsing experience, no ads, lightning fast page loads, no CPU consumed by browser... Also it improves security as most attacks use JS at some form.

And I find requirement to have JS switched on pretty arrogant. Especially to blind people with braille-readers.

Most of the settings complained about are behind an "Advanced" tab anyways. If you really want to keep them from users, stick a "warning: dragons" on it or document the hell out of putting the ability to enable the advanced tab in about:config.

I'm really, really uncomfortable with the idea of an add on being the only way to configure certificates.

Poor examples for the article.

> Load images automatically

I tried this and I see the text box for Google Search perfectly fine (Google.co.jp where I am) so this did not break the internet in any way. The text box even highlights blue still so it is definitely visible. Also, he is not considering the entire 3rd world country market where Firefox tends to dominate precisely because it is so flexible in it's bandwidth friendly options. So perhaps 2% in the world as a sum but it is probably a MUCH larger percentage when looking at specific regions of the world.

> Enable JavaScript

I use noscript on Firefox but have disable Javascript via the browser before (specifically when I use Chrome). I just remember to enable Javascript when I use websites that I know require Javascript (ex: online banking). Again, this is a huge plus in third world countries since it greatly reduces bandwidth consumption (which is also why I use it because my connection is pretty poor).

> Turning off navigation

Agree with this one. Makes no sense. Especially when you can go into full screen mode if you want to maximize screen real estate.

> Turning off SSL & TLS

Agree here but it is listed under the advanced options, which to normal users means, "don't touch this stuff." If you actually change anything here, I would expect the person to know what they are doing. If you want to call for streamlining "Advanced Options", then that is a very different argument that has to be made.

> The entire certificate manager

Again, advanced options.

> Override automatic cache management

Extremely useful. His argument here completely ignores use cases such as:

* Running Firefox as a portable app (USB drives have a write limit so turning this off is crucial). * Operating systems that run off flash media. Who here owns a Raspberry Pi or any of the numerous embedded PCs?

Firefox might be good at determining how much cache to use on low storage systems, but it is probably not a good judge of when to turn off cache completely to prolong the life of certain hardware. Also, my experience is anecdotal but I do remember my Firefox cache eating up a huge amount of disk space before which prevented me from installing new programs on my OS (until I went and manually cleared the cache). Why? Because at the time that space was free. Firefox had no way of knowing when I would want to use that free space in the future.

Just as I was thinking about switching back to FF because Chrome's memory hogginess was getting to me.

Seriously, not letting me have javascript off by default is a deal breaker. Nobody with basic internet savvy should have that on except through a whitelist.

1. If you want to turn JavaScript off, it's just one quick visit to about:config and the `javascript:enabled` key.

2. NoScript does a much better job than poking at the Firefox preferences every time you want to toggle JavaScript.

Are you seriously going to fall on your sword and stick with Chrome over this?

1. This is so impractical that I switched to opera as my main browser where it is a press on F12 and a click to enable/disable js

2. When your product does such a bad job that it has to rely on a third party extension to provide functionality to users, maybe you should consider the possibility that you should include these features in your product.

I think hiding options is bad but the examples he shows are still valid. It's too easy to completely break the product. I could accidentally "destroy the internet" in three steps by just hitting a few hotkeys (perfect for office pranks).

I advocate a special page in the settings dialog that contain "dangerous settings not set to their default". If any of these are not set to their default value it should be very easy to spot them and set them back but there shouldn't be any restrictions on setting them in the first place. Almost like the bugging little thing windows shows when your antivirus or firewall isn't enabled, but maybe not pushing it that far.

Here's a good and relevant essay from one of GNOME's key developers 10 years ago: http://www106.pair.com/rhp/free-software-ui.html

> Of course, there are legitimate uses for this, from low-bandwidth situations to web development testing, but that’s where our excellent add-ons ecosystem comes to the rescue.

Well, not really. In low-bandwidth situations you won't be able to find and download the add-on you need because it will take infinity to load Google. I've been down this road many times (think crappy mobile Internet with low transfer quotas). No, add-ons are not an option if you can't access them in the first place because someone took the setting you need away from you.

Here's a situation where a car analogy might actually be helpful. There's the kind of setting where you have to open the hood to mess with it. Then there's the settings available to the driver on the dashboard. Make the difference between these types of settings really, really obvious and you're good.

about:config is like opening the hood. Put those serious changes there. Put everything else, that does not muck with the expected, fundamental operation of the product in preferences.

V interesting. I am runng FF19 on windows and some sites just do not work for me, e.g www.mixlr.com, or even the button to download Chrome https://www.google.com/intl/en_uk/chrome/browser/ (a failed attempt to give up on FF!)

Yes JS is "on", I disabled all addins, but no joy. Wed Dev Toolbar gives a number of js errors. I shall take a close look at my options....

Huh. Is this an opening shot at "Unity for Firefox?" because really, I'm not too upset at software not being modeled on Microsoft Bob and Metro.

Ironically, it's the lack of options that keep me from using Mozilla's other product, Firefox for android. Things like not being able to set a home page, not being able to choose between thumbnail dropdown tabs and regular, always-visible tabs, and most notably not being able to turn off history have resulted in me using different browsers on Android. It's very frustrating.

I don't even bother developing something on a base that "user might not have JS". It's not worth the hassle to work hard for 1% of users.

I often pondered this myself. Having the option to render a browser useless is an anti-pattern. These should be flags in about:config. The checkboxes are dangerously close to Common-or-Garden Web Surfer Joe

Great that somewhat at Mozilla finally asks this obvious question. "Designing by committee" is a nice phrase to describe the problem. Having a BDFL would help.

Speaking of usability nightmares: if you're going to put a min-scale viewport tag on your web page, it had damn well better be a responsive page.

Actually, that looks more like Firefox is finding bugs in those websites. Google should be using a standard text box.

It's exactly this sort of "our users are morons" mentality that drove me away from the Gnome desktop environment.

i agree with a lot of these, but there should be some middle ground between a options-for-everyone dialog and about:config. many of those options should be in a power user menu, along with many about:config settings.

i still cannot believe they removed "homepage in new tabs" setting...you now need an addon for this. wtf?

Firefox 19.0.2 on Win8 here.

Google looks totally reasonable without images. The field is visible, even when out of focus.

To paraphrase Reddit's developers, the web doesn't work particularly well with HTML turned off either.

I was thinking about something like that. Why don't they also include settings to turn off HTML and CSS (you can through extensions) then? Javascript (and images, for that matter) is as inherent to the Web as HTML, stop with that already.

A lot of people will try to argue on the JavaScript part because of accessibility, but even in that case, WebAIM's screen reader results seem to indicate that 98% have JS turned on http://webaim.org/projects/screenreadersurvey4/#javascript

nice comment from a lead developer of ayttm (im client) on this post here...



Perhaps it's missing a 'reset' or 'return defaults' button.

Unlike what's shown in the article, if I disable the 'Load images automatically' in my Firefox (Windows 7), I still see the search box on Google. Perhaps an Apple bug?

Even though what I've written here is correct about 'load images automatically', I think I got downvoted by Apple fanatics? That's fine :).

addlepate, you are shadow-banned.

A good point, but I think it's brought across a little clumsily.

What is the point of all software?

Well, in a computer science sense it is to "solve problems", but that doesn't help us, it's too abstract. So what is the point of all software used by humans? Ah, this is getting a bit closer to the matter. It is to bridge the gap between the user and "solving problems" in a computer science sense. Put a different way, the point of software is to render the machinery of computation human usable.

We can imagine doing this at a simplistic level by just exposing the guts and internals of whatever "problem solving" program we are concerned with and allowing the user to fiddle with them directly. This is the checkboxes problem. It's a control panel with a bunch of levers or toggle switches. This is certainly an interface but it is typically not a very good one. It's the Altair 8800 of interfaces, it's really only a few steps removed from toggling in boot code directly and mucking about with machine code, calling such a thing an interface at all is generous.

But consider not only the problems brought up in the article, that of levers accessible to the user which the vast majority of time you don't want to change. This reminds me of a utility program in one of the Windows NT tool kits, fragment.exe. Which does exactly what you think it does to a hard drive, obviously for testing purposes. It's not something any sane person would ever use normally, but imagine if there were a common command-line tool that had been designed to both fragment or defragment a drive, call it fragtool.exe perhaps, and it would take either --increase or --decrease options. That sort of interface skews your perception of things and it can quite easily lead people into believing that fragmenting a hard drive is not as exceptional an activity as others understand it to be.

As this example should illustrate, this is a problem that many command-line tools suffer from (I'm looking at you, git).

The goal of good software creators should be to translate their domain experience not just into a problem solving toolkit, it should also be to guide the user towards patterns of use that make sense, are more common, or are more beneficial.

Getting back to the example of poor lever-based interfaces. Imagine something not just with unnecessarily exposed likely to be detrimental "advanced options" but merely something with several options that interact with each other. This can easily create a fundamentally intractable problem for a user. Remember that toggles are like bits, so if you have, say, 4 toggles that means you have 16 different combinations, and if you have 10 toggles you have over a thousand combinations. Again, here is where the value of good software design comes in. As a coder you should be translating your knowledge of the problem space and the underlying capabilities of the software into configuration options that make more sense to the user. For example, if you have 10 toggles are there actually a thousand different equally useful configurations or are there options that tend to fall into certain patterns relative to each other or maybe there are only a small number of specific configurations which tend to be popular. So consider using an interface that abstracts the options behind a different set of higher level configurations that make sense to the user.

I forget who invented the term, but a great concept is the "pit of success". It's generally the idea that in a good design the easiest and most natural way to do something will tend to be the most beneficial. Software that guides you towards using it in the most effective way, rather than software which requires a steep learning curve just to avoid using it incorrectly, let alone to its maximum potential.

Yet my 90 year old grandma manages with FireFox. How does she do it? I worked helpdesk for many years and never saw people screwing up their browsers with any of these options.

It comes down to this. Most users DON'T want to mess anything up so they don't go clicking a bunch of buttons. Others are tinkerers and experiment, but they keep track of what they did so they can undo it. Still others can read plain english and know what "Download Images Automatically" must mean.

Even the Safari in the iDiot proof Mac OS X has many of these options. All major browsers have them. Don't you think that if this were really a problem that at least somebody would have re/designed their browser without them? or at least put them further out of reach.

The first two examples are examples of incompetence on the part of web developers, not Firefox developers.

A website breaks with images turned off? It's a broken website. Websites are supposed to work with images turned off. That's one of the first things a web developer learns.

A website breaks without Javascript? It's a broken website. Websites are supposed to work without Javascript.

We sorted all this out when the hot technologies were ActiveX, VBScript, Java, and Flash. If a web site requires anything more than plain HTML+CGI for its core functionality, it is either broken or it is not a website.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact