Why Single Sign-On is Stabby

On By Aaron DouglasIn Uncategorized3 Comments

Want to know why I really don’t care for single sign-on? Let’s pretend I want to sign into StackOverflow.com.

The Flow

Oooh! I want to check my reputation on StackOverflow! Oh crap, this is a new computer. Let me log in!

2016-12-01_14-21-26.png

2016-12-01_14-22-05.png

Huh. Well, let’s check 1Password.

2016-12-01_14-22-42.png

Shit. I didn’t save my password. Oh wait, maybe it was Google?

2016-12-01_14-24-33.png

FFFFFFFFFFFF

Okay I think it’s the second one.

2016-12-01_14-29-49.png

Um. Okay? Allow.

2016-12-01_14-30-06.png

FFFFFFFFFFFF

That wasn’t it. Let me click Back and see if it was Facebook.

2016-12-01_14-28-48.png

I guess I’d like to continue as Aaron since that’s me?

2016-12-01_14-32-50.png

Yay!

The Reality

I originally signed up with my first Google account listed. I did NOT sign up with Facebook. After logging in with Facebook it automatically matched my account based upon e-mail address and let me in. StackOverflow is assuming that e-mail address changes on the trusted third party system are verified. I can imagine at least one of the “more login options” services would let me change the e-mail address to another user and ghost in as them using this.

In any case StackOverflow handles account creation decently. I’ve tried this SSO login on other services I didn’t have in 1Password with more stabbyness. Sometimes a new account is created every single time I choose a different SSO account.

I know I’m in the minority of most users having multiple Google accounts but I do know plenty of Facebook users with more than one. I’d rather have a known set of credentials than play the guessing game of which account was it.

Preventing Spam iCloud Calendar Invites

On By Aaron DouglasIn Uncategorized34 Comments

IMG_1224.PNG

I woke up this morning seeing two notifications of calendar appointments I just couldn’t miss. [sarcasm]

IMG_1225.PNG

Annoying, right? Here’s the best part. No matter what I do – Accept, Maybe, Decline – the sender of the spam appointment receives the notification of my action. There’s no way to just simply delete the damn invitation from your calendar without sending the reply! Well I guess that means 章兴言 & 历昭 are going to get a sad decline from me.

How do I prevent this from happening in the future? How the hell did it happen? Turns out it’s Apple again – thinking they know better for how you want to use e-mail and calendars. Thankfully there is an option to prevent the forced invites.

The Answer Lies in iCloud.com

These calendar invites aren’t coming from some magic hacked portal in your phone. The invites are coming as e-mails into your iCloud.com e-mail account and then being automatically converted into in-app push notifications to both iOS and macOS. Once that’s done the original e-mail is deleted. Gone. Poof. Magical, yet stabby.

Let’s turn off this magical conversion so we have the ability to spam the incoming e-mails and never have them hit your calendar.

  1. First, open iCloud.com up in a web browser.
  2. Log into using the account you use on your phone (where your calendars are stored).
  3. Click on Calendar.
  4. Click on the settings gear 2016-11-25_08-50-07.png in the lower left of the screen.
  5. Click on Preferences.
  6. Click the Advanced tab.
  7. Under Invitations set the option for Receive event notifications as to the second option, as an Email to rather than an in-app notification.
    2016-11-25_08-39-11

Going forward then all of the invites you receive to your iCloud e-mail account will be received as e-mails.

Damn you, spammers!

~A

[update]

Deleting Spam Invites Without Sending Notifications

Taken from the Apple Discussion Forums, here’s a workaround to delete invites without sending the response to the spammer using macOS:

  1. Create a new iCloud calendar (not “On My Mac”).
  2. Move the spam event to the new iCloud calendar.
  3. Delete the new iCloud calendar.
  4. Calendar will now prompt you with “Delete and Don’t Notify” and “Delete and Notify”.
  5. Select “Delete and Don’t Notify”.

Original post: https://discussions.apple.com/thread/3705591?tstart=0

Summarizing Text in macOS

On By Aaron DouglasIn Uncategorized1 Comment

There’s a cool service in macOS called “Summarization” that takes a block of text and figures out the most important sentences or paragraphs in it. I’ve used this service before to help reduce the amount to read on longer posts and conversations. It is definitely not perfect but it can help provide some clarity where our TL;DR brains need it.

Verbosity.png

In this example screenshot you can see I’m looking at a Wikipedia article. The summarize service gives you the option to summarize by paragraph or by sentence. There is a slider to indicate how much detail you want to retain. While less seems better, I’ve found the algorithm loses accuracy roughly around 40%.

Summarize Animation.gif

Using the Summarize Service

It’s really easy to use the service. First you have to turn it on.

System Preferences.png

  1. Open System Preferences.
  2. Click on Keyboard.
  3. Select the Shortcuts tab and then select Services.
  4. Scroll down to Text and check the Summarize service.

Now find text in any app, right click it and choose Summarize from the list of services.

Summarize Clicks.png

Enjoy!

6732863457_4175ebea30_b

Conferences & My ADD Brain

On By Aaron DouglasIn Uncategorized2 Comments

I drafted this post with an idea that I wanted to apologize to all the people I’ve met at conferences and I do not recognize them the next time we meet. It’s especially embarrassing when I’ve had conversations online with them and didn’t connect to two realities. The problem lies with how my brain works and how Attention Deficit Disorder can skew memories and how I process things.

crap-i-forgot-your-name3

Frequently when I meet people I’ve forgotten their names within seconds. I try to say their name over again and to reinforce the memory of meeting them with some facial features or bits about what they work on. This process works well in the beginning of most events but within a few hours to a second day or more, I’m toast.

Conferences are a unique challenge to me when coping with how to process information. I can combat the issues of focus & attention in my home office with tools. Using my treadmill / standing desk with exercise mid-day helps reset whatever brain chemistry is fucked up. Note-taking apps, reminders in Slack, and other apps help with reminders and not losing information that doesn’t make it to long-term memory. I lack most if not all of these tools at conferences.

I do try to exercise at a conference but it usually ends up being in the morning or later at night. This past summer at 360iDev I snuck out before lunch to go for a run on the hotel roof’s track. It was an absolutely brilliant idea and it helped recharge me for the afternoon. At my company’s annual meeting last month I did a similar thing and found it kept me going.

I try to help people with their own recall of who I am by being emotive and a bit more of an extrovert than I normally am. I also try to connect on Twitter or LinkedIn and add add them to a list with the conference as a title. Within a week or so after I try to interact. I also make sure my business cards have the same avatar that I use on Twitter and LinkedIn. I really find that makes the biggest difference!

So if you meet me at a conference or a work event, please do not be offended if I have to look at your name badge or ask your name. I have to entangle facts in my head with other reinforcements like your voice, stories from your life, and your general personality before I start to cement those memories for recall later.

E-mail Notifications Aren’t Always Useful

On By Aaron DouglasIn UncategorizedLeave a comment

Mr Popular

Notifications are an essential part of most computer systems. Operations happen asynchronously and users who care about the completion of them need to be notified somehow. In most cases e-mail is the primary way someone is notified. E-mail has been around forever and it’s easy to address a message to a specific user or a group of users. Most programming frameworks also include the ability to e-mail.

I hate e-mail notifications. Okay; so hate is a powerful word. I severely dislike e-mail notifications.

E-mail is fundamentally broken.

E-mail has been around since the beginning of Internet time – even before it. Internet e-mail protocols have remained rather unchanged since 1982 when SMTP was introduced. This means e-mail is a reliable protocol but also it partially means it hasn’t held up well to the rapidly changing ways of how we communicate. E-mail usage has been eclipsed dramatically by things like SMS, iMessage, WhatsApp, Facebook Messenger and so on. This feels very much like how the postal service’s letter carrying service has evolved into only the mechanism in which bills and advertisements arrive to your house.

E-mail can be hard to set up. We all have problems remembering usernames and passwords. E-mail is even worse with mixing in POP/IMAP/SMTP server addresses, port numbers, authentication methods, and SSL settings. Thankfully the major players like Gmail have wizards in most modern operating systems making the configuration process somewhat easier. Work e-mail can be confounded even more with VPN and proxy requirements.

We live in a world of data caps on cellular networks and home Internet connections. E-mail is not a super efficient player in this world. While most messages are a small number of bytes e-mail clients can add a ton of bloat. HTML formatting, attached images, and protocol inefficiencies can silently suck up your data. I’ve had many e-mail clients get stuck sending a message in a loop wiping out my remaining data for the month.

Rich content in e-mail clients is vastly difficult to pull off. Ask any web developer whom has been asked to create a slick marketing message or pretty template. Life becomes painful when you have to test your HTML against many e-mail clients. Rendering is randomly broken, JavaScript doesn’t always work, and localizing isn’t really possible.

In the end there’s no guarantee that your message was delivered to the recipient. You also don’t reliably have a way to determine if your message was read either. There are tricks for read notifications and newer optional protocols for delivery reliability. None of these really do much more than add more uncertainty to the process.

We use e-mail for everything. Notifications are lost in the noise.

How many of you have thousands of unread (and read) messages in your inbox right now? I’d guess a lot of you. E-mail clearly isn’t working for how we’re using it.

There are classes given at a corporate level to teach e-mail etiquette. Don’t carbon-copy your entire team, don’t include the body of the message you’re replying to, don’t put pictures in your e-mail signature, save the environment don’t print this e-mail, and so on. It’s a system that’s easy to abuse.

An automated notification e-mail from your production system monitor comes in to tell you something is wrong. How long does it take for you to see it? Do you have rules set up to bubble “important” things to the top or in another bucket? I bet some of those monitoring systems are false alerts or not super serious so they sit in your inbox, unread. You’ll eventually get to them and the problem will be fixed. You better leave those messages there “for the reminder’s sake.” Sound familiar?

The important stuff gets lost. We can’t easily mute the things that aren’t important. There’s no simple way to move a bar up and down for the severity of your notifications. You get all or nothing and that adds to information fatigue.

Changes aren’t transmitted well.

I subscribe to a number of internal WordPress blogs at Automattic using the O2 theme. This theme gives us nested comments and a super lightweight way of communicating in an asynchronous manner. However, we do have so many of these blogs and you can only subscribe to so many before your brain asplodes. I use the WordPress.com Reader to subscribe to new posts. A lot of my colleagues use e-mail notifications for this.

Blog posts aren’t static. Once they’ve been posted they can still be edited. By subscribing to new posts via e-mail you’re missing any edits done after the initial post. Imagine sending out a piece of code for your coworkers to test and right after you publish it you realize you made a mistake. You quickly edit the post, wipe your brow, and then hope nobody saw it. Anyone who got the e-mail notification won’t see your update and will comment on the error. Chances are the other person won’t read the edited post when the link to the post is clicked to comment on it. Subscribing to edits on posts as a solution is terribly taxing on the brain.

So what’s the solution?

There are a lot of ways to communicate to users that isn’t e-mail. Push notifications are the cleanest solution but they typically require a mobile or desktop app to be the receiver/displayer of the notifications. The WordPress mobile and desktop apps provide a contextually-relevant place to queue the notifications and read when appropriate. Badge icons, banner notifications and sounds all are configurable by the user to reduce fatigue. Use do not disturb on your device  when you’re opting out of everything for a period of time.

Push notifications aren’t without their failings either. Most providers don’t offer 100% guarantee of delivery. Users can also feel bombarded by every app sending notifications and end up turning the feature off. There are ways to handle these situations in a series of escalation steps.

In normal circumstances users view/respond to a push notification in an allowable amount of time. Urgent notifications requiring action should be allotted less time. Notification read receipts may be a feature available by the platform. At least if the app is launched you can generally determine that the notification has been seen. Then the app silently indicates such through to your servers.

Notifications that don’t get read can get pushed again, sent as an e-mail with a high priority, or end up turning into a phone call. You may choose to “dial down” the number sent if a user isn’t reading less  important notifications. Instead choose to notify your user less but with more content to prevent them from feeling fatigue and uninstalling your app.

E-mail isn’t always the best option for communicating things to your users. Know how your users want to use your systems and come up with a method that prevents both missed messages and fatigue. Notify people when it’s contextually relevant and give them options to turn things off when it bothers them. Users who ignore your notifications are one step away from not finding value in your product or service.

Bicycler’s Quiet

On By Aaron DouglasIn UncategorizedLeave a comment

Bicycling is my meditation. I use it as part of my toolset to calm my brain and to train my mind to take in a lot of input and focus on important things. I recently realized that there’s a moment that doesn’t happen very often when biking. It sometimes takes an entire summer for me to have it occur. I call it the Bicycler’s Quiet.

IMG_0178

Bicycler’s Quiet is the sudden loss of wind noise in your ears when you’re cycling with the wind. It doesn’t happen very often because you need to be cycling at roughly the same speed and direction of the wind. Biking on days with very little to no wind doesn’t do it because your movement creates wind across your ears.

I love when it happens. Everything specific to the bike becomes quiet and you hear the world around you like it’s the first time. Super surreal and it’s a moment I live for. 🙃

Another Year Around the Sun

On By Aaron DouglasIn Uncategorized4 Comments

37th Birthday

I turn 37 today. It’s been an amazing journey through life so far and I can’t wait to see where the next 37+ years lead me.

In the past five years alone things have changed so much. I finished my master’s degree, we got a place “up north” for the weekends and met so many fun people, I’ve had amazing jobs doing what I love – software development, and I’ve had the opportunity to speak at a number of conferences about the things I’ve done. I’ve also learned a lot about myself listening to my brain and figuring out this thing called ADD/ADHD.

My goals for the next five years? Meet more awesome people. Do more awesome things. Be an even better human and husband.