Hacker Newsnew | comments | ask | jobs | submitlogin
vlasta2 294 days ago | link | parent

This was true 10 years ago. These days, every additional setting the application has is a liability. There is a growing group of people, who are scared to have conversation with their browser and make any informed decisions. They ignore such messages. Other people will change any setting they can find and then forget about it. Then they will be surprised and angry at the application that it is not working.

My experience shows that the more options an application has, the lazier the author was. What do you do as a software developer when there are two ways how to solve a problem? Ask the user which way to use? That is the wrong approach these days. The computer should not ask the user stupid questions. "Do you want to enable JavaScript?" is a stupid question for more than 98% of browser users. Instead of asking questions, software developers should invest the work to come with answers and "read the user's mind". Successful apps can do just that.



millstone 294 days ago | link

"Do you want to disable JavaScript?" is a stupid question, as you say. "Do you want your browser to tell Google, Facebook, Twitter, Omniture, DoubleClick, and six other companies you have never heard of, that you visited this site?" is not a dumb question. Given that option, 98% of users would say "hell no."

You are absolutely right that configurability is a sign of laziness, the opposite of hard work. But removing configurability is _not_ the sign of hard work. Hard work means addressing the interests of all parties, and Mozilla did not do that.

Why do those 2% of users disable JavaScript? It's in reaction to how JavaScript is used: it enables popups, enables distracting advertisements, lets all sorts of companies track me, makes sites load more slowly, etc. For this 2%, these uses are so odious as to outweigh the beneficial uses of JavaScript. So the hard work would be finding a way to distinguish between the user-friendly and user-hostile uses of JavaScript, and just disable the user-hostile ones, so that the interests of both classes of users would be satisfied.

This would not be new: Firefox's popup blocker is enabled by default, which demonstrates that JavaScript is already disabled for a particular use case, because it proved to be annoying to users. Why not take that a step further? If Mozilla wants to force JavaScript on, they should also address the reasons why that 2% of users go out of their way to disable it today. If those 2% say "I used to disable JavaScript, but now I don't have to" then Mozilla will have done their job.

-----

kelnos 294 days ago | link

"Do you want to disable JavaScript?" is a stupid question, as you say. "Do you want your browser to tell Google, Facebook, Twitter, Omniture, DoubleClick, and six other companies you have never heard of, that you visited this site?" is not a dumb question. Given that option, 98% of users would say "hell no."

Assuming you're correct (which I'm not convinced you are), when you then continue, "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".

Firefox's popup blocker is enabled by default, which demonstrates that JavaScript is already disabled for a particular use case, because it proved to be annoying to users. Why not take that a step further?

Right, because you can easily say that a non-user-triggered window.open() is almost always unwanted. I can't think of any other cases where it's so clear-cut and related to JS, or that disabling a particular facet of JS always would be a net win.

If you're going to claim that there's something like that, provide examples. How do you know people at Mozilla haven't already thought hard about this problem and decided there isn't much more they can do? I bet they have.

-----

dthunt 294 days ago | link

> "Do you want to disable JavaScript?" is a stupid question, as you say. "Do you want your browser to tell Google, Facebook, Twitter, Omniture, DoubleClick, and six other companies you have never heard of, that you visited this site?" is not a dumb question. Given that option, 98% of users would say "hell no." -> This overstates the case, because you'd still presumably load the 1x1 tracking png with ?resid=<X>&uid=<Y>.

> "I have a checkbox that will make it so they don't track you, but it will also break those sites. Is that ok?" They will also respond "hello no".

This overstates the case most of the time because doing this generally breaks relatively little for those domains listed, and to the extent it doesn't, making that decision on a domain-by-domain basis seems to work pretty well (ask any Noscript user)

-----

Kequc 294 days ago | link

Sending browsing statistics to something like Google is already happening regardless of if you have Javascript enabled. When you are on Google search and you click on a link it's tracked that you went to that link.

But besides that and besides that your usage statistics are being logged on the server itself regardless of what you do. Expecting Mozilla or any company to figure out how to block a javascript put request sent to Facebook, but not other put requests which are there by design of the site will only result in Facebook finding a workaround.

It's unfortunate that some people use Javascript in ways that slow down their site. For example with horrendous 'sharing' widgets. You can use plugins to disable those items from loading but it wouldn't be Mozilla's place to decide that on everyone's behalf.

These days Javascript is as much a part of websites as the HTML itself.

-----

millstone 293 days ago | link

> When you are on Google search and you click on a link it's tracked that you went to that link.

Google also tracks the links I click when I am on CNN, ABC News, Fox News, MSN, LinkedIn, and the majority of sites I visit (with the important exceptions of Wikipedia and BBC News - thanks guys!). Advertisers track me when I am not even on their properties! That is what is objectionable, and what is defeated by disabling JavaScript.

> Expecting Mozilla or any company to figure out how to block a javascript put request sent to Facebook, but not other put requests which are there by design of the site will only result in Facebook finding a workaround.

Perhaps, but Mozilla should do it anyways.

Remember the ruckus over IE 10 enabling Do Not Track by default? Advertisers and ad brokers were “very concerned”[1] by even the whiff of a browser maker acting in the interest of users over advertisers. Do Not Track is only tolerable if it is off by default, wholly unenforceable, and just as buried as the “Enable JavaScript” option.

Make no mistake: advertisers believe that they have a right to know what links you click and sites you visit across the whole web, and even a right to enlist your browser to aid in informing them. And Mozilla is complicit!

(And why not? Recall who pays Mozilla’s bills.)

> These days Javascript is as much a part of websites as the HTML itself.

Yes, which means that those few who disable JavaScript pay a significant price for that decision. Nobody disables JavaScript because they hate the language. They do it to escape user-hostile JavaScript programs.

[1] http://www.businesswire.com/news/home/20120531006914/en/Digi...

-----

nollidge 294 days ago | link

Disabling Javascript for privacy reasons is like blowing off your leg to prevent tennis elbow: it's overkill, and it's rather ineffective at best.

-----

dthunt 294 days ago | link

It's ineffective in the sense that it doesn't stop all of the evil. It IS effective in the sense that running no javascript really limits the amount of information people can learn about your system. Like, why should a website be able to learn about the size of my screen, the complete enumeration of all of my plugins and fonts, etc?

As far as blowing off your leg, sometimes you just really hate tennis elbow, you know?

-----

kbenson 294 days ago | link

Is that sarcasm? You should know, that doesn't really work here unless explicitly noted as such. See Poe's law.

-----

dthunt 294 days ago | link

If you arrived faster at a citation of Poe's Law than actually reading and considering the things I said, you are doing Internet wrong.

-----

kbenson 294 days ago | link

I did read them, and I did consider them. After thinking up a reply as why you think basic client display capability querying mechanisms are inappropriate, I decided you were most likely being sarcastic.

On (multiple) repeated readings, I'm not really sure you were intending to make a point one way or the other. If I attribute the second sentence of It IS effective in the sense that running no javascript really limits the amount of information people can learn about your system. Like, why should a website be able to learn about the size of my screen, the complete enumeration of all of my plugins and fonts, etc? to your voice, then it seems you are. If that's to be taken as the user's voice as rationale as to why JS doesn't need to be enabled, then it's fairly neutral.

At this point, with your reply taken into consideration, I'm confused. Feel free to elaborate.

> If ... you are doing Internet wrong

Well, my first sentence was actually asking you, since I wasn't sure.

-----

dthunt 293 days ago | link

Correct. I'm being completely serious, with the exception of the remark about exploding limbs (obviously).

Broad enumeration capabilities of this sort don't make sense. You don't need me to tell you why, because the moment you considered these features not existing, you immediately thought up alternatives that didn't involve running javascript, some of which require changes in the way people think about building web-pages, some of which may require changes in various specifications.

JS has more features than it deserves for learning about and (critically) sharing information about the host platform. Yes, you can still learn some things as a website operator by watching what browsers load/don't load, and what they put in their requests.

That does not mean that disabling javascript doesn't have value w/r to privacy concerns. Compare panopticlick.eff.org w/, w/o javascript enabled.

Edit: I should hasten to add that there are other concerns beyond privacy, like accessibility and the fact that a web page has no bloody business deciding that I'm likely running an iPad and therefor I shouldn't have access to X or Y. This is dumb, and contrary to the idea of the open internet. It's the same thing that's wrong with this EME nonsense.

-----

kbenson 293 days ago | link

Ah, I took your position as being able to determine screen size (or have it determined automatically through CSS or some other hands-off mechanism) itself was also unneeded, not just that JS should not have this capability.

I can get behind most of what you say - as long as we are talking about simple, presentation based websites.

Where I think there's a breakdown in this view is when you consider complex web applications, including games. At that point, I believe some level of inspection capabilities are required, if we desire to have complex web apps delivered through the internet. I'm by no means sold that on-demand web delivered code is necessarily a good thing though. There's far too large a surface area to adequately secure while still making it useful, IMHO.

-----

sp332 294 days ago | link

Ghostery is a much better option for blocking trackers without breaking websites. If you're really paranoid, RequestPolicy lets you specify a whitelist of OK domains, and disable everything else. Both of those still allow javascript and do a 8better* job protecting your privacy, from tracking pixels etc.

-----

keithpeter 294 days ago | link

"These days, every additional setting the application has is a liability."

If we follow this thinking too far, we end up with a closed console like device, or Gnome 4 as parodied last April [1].

Surely there is a case for progressive revealing/enabling of advanced functions?

In the UK, the Blackberry phones are very popular with teenagers because of BBM. This desire to access BBM even extends to students carrying two phones, one an old blackberry handset on wifi and the other an iPhone or whatever. You will find small groups in corners at lunchtime exploring the features of the handsets. Experts will coach those who know less. If I could get that level of peer tutoring going in Maths, I'd have my OBE in the bag quite soon! Users can increase their knowledge provided the unfolding of extra features is managed.

[1] http://distrowatch.com/weekly.php?issue=20120402

-----

sp332 294 days ago | link

I don't think Gnome is a relevant example. They don't support adding functionality back that they've taken out, whereas Firefox users are encouraged to add all the functions they want via extensions.

The downside of progressive functions in the base install is that the core Firefox team would have to support all the functions.

-----

Aardwolf 294 days ago | link

Removing options is NOT the way to go. If anything, there should be more options, until computers understand natural language.

To be most intuitive to use, computers should converse like a human. Humans have LOTS of options, and everyone understands that. E.g. if I ask a human to make a sandwich, I can specify all the ingredients I want, how and when I want it, and so on.

The ideal computer, too, would adjust its software to my preference. E.g. if I can, using natural language, explain the computer that I want JavaScript disabled, it can figure out what that means and what in the source code or flags of Firefox it has to change for me to have that disabled. Or if I tell it I want a big refresh button in the center of the screen, it can improvise and render one for me.

Far future of course, but that is the most intuitive end goal of computers: you ask them what you want in natural language, they understand and provide it.

For now, because the above does not yet work, please provide options. Fortunately Firefox provides many options for those who need them: about:config. I find it really awesome if you can adjust an application to your needs at such fine grained level.

-----

jclos 294 days ago | link

I think your sandwich analogy is spot on in the sense that I can also just ask a human "please make me a sandwich" without specifying anything, and (most) humans could proceed to do so without more details. There should be more options, and a good "default" mode for people who don't want to fiddle with them. To my knowledge this is why most wizards have basic configuration options and a "advanced" button to click for the detailed configuration, and I don't see why Firefox can't just have the same thing.

-----

jasonlotito 294 days ago | link

The wizards can use about:config or download the addons that do this already.

Adding more in the way you prescribe isn't just adding more, but officially supporting more at the code level and user level.

-----

ywyrd 294 days ago | link

<i> can also just ask a human "please make me a sandwich" without specifying anything, and (most) humans could proceed to do so without more details</i>

Depends who you ask. My mate and a few close friends would know to make me a sandwich without bread, but hardly anyone else would get that right.

-----

Aardwolf 293 days ago | link

I would give you a plate with ham, cheese, salad, egg, tomato and mayonnaise. Does that sound about right?

-----

perlgeek 294 days ago | link

> There is a growing group of people, who are scared to have conversation with their browser and make any informed decisions.

Why would scared people even open the settings dialog?

-----

crucialfelix 293 days ago | link

Because some help desk told them to. The other day chase manhattan was down with a full on 500 server fucked up. Their twitter account responded to me telling me to clear my cache and delete my cookies. Classic.

A naive user would then open settings in an emotional and annoyed state and would turn off anything that caused an emotional response of fear. JavaScript, Ive heard of that and I don't like it so kill it stupid thing computers are so frustrating they never work. Click

And now your browser is broken.

-----




Lists | RSS | Bookmarklet | Guidelines | FAQ | DMCA | News News | Feature Requests | Bugs | Y Combinator | Apply | Library

Search: