Eight years ago I spoke at a TEDx conference where I vented my frustration at the app and app store model. I specifically called out that Apps are to me the biggest step back in software and content distribution we could do. Instead of an on-demand platform like the web where we could get the weather by typing “weather berlin” or even talk to our phone, we got asked to download, install and most likely sign up for an app instead. It doesn’t scale, it puts the publisher before the user and it isn’t technically necessary with the web platform having evolved immensely in the last years.

Fast forward to now. Twitter just announced that it will turn off SMS two factor authentication for its users, and people should use an authentication app instead. This is an extra hassle, but authentication apps are safer than text messages. And as only a small percentage of free Twitter users have 2FA enabled anyways, this makes sense for Twitter financially.

So I went to the Google App store to get the Microsoft Authenticator App. I have this one on my company phone before and I am used to it. Going to the store and searching for “Microsoft Authenticator App” without any typos does not give me the official app as the first result. Instead I get the “Authenticator App 2FA” by Pixster Studio.

I discovered this and didn’t install the wrong app. But most users would probably go for it despite the tiny “sponsored” above the listing. I’m not judging the quality of the app, but looking at the portfolio of the company on the app store you get the feeling that they are very quick in offering similar apps to currently hot topics. There’s a ChatGPT clone, a Wordle clone and my favourite “hashtags for insta”…

I don’t know – maybe the app is amazing and bullet proof secure. But I for one am not too happy about an authenticator app with ads or asking for in-app payments. Security should never be something I have to pay extra for.

This is exactly what App stores were advertised as to prevent. The web was a wild, untamed and terribly unsafe place full of software you can’t trust. App stores, instead, are curated and safe havens of only tested and tried, genuine software. Until someone pays enough to get their app listed with the right keywords. I’d even wager to guess that listing a web site as “Authenticator App 2FA – Secure Microsoft Authenticator” as it is in the App store would get you a call from Microsoft’s lawyers as there is no affiliation. But in the store, that’s just good marketing. Or is it?

I have quite a few more things to say. Maybe it is time to revisit this talk and give it somewhere else?

The race to implement the functionality of ChatGPT into the traditional search interface is on with Microsoft barging ahead taking advantage of their OpenAI partnership and Google trying to fast follow with Bard. And the hype is turned up to 11 where Google’s demo giving a wrong answer leading to a 7% drop in their share price. It is messy all around, especially when you look into the ethics of showing content without citation or having an interface too fast and immediate to moderate.

ChatGPT was a great example of how you can gain a lot of users by giving them a simple interface that does one thing well. Google used to do the same when it came about and replaced portals like Altavista and Yahoo and their bloated interfaces with thousands of links with a simple search box.

The problem with incredibly small and simple interfaces is that you also get a limited set of results. We had this with search bots in chat systems, we have this with audio interfaces like Siri, Alexa and Cortana. If all the system can do is give one answer as there is no space for more it better be the best there is. Or you get backlash like Google just encountered.

The difference that ChatGPT made compared to dumb bots or “virtual assistants” (remember the IKEA one?) is that it sounds eloquent, well researched and sensible, even when it gives the wrong result. People compared it to “mansplaining as a service”, or “CEO at a keynote” speak. This is and will remain an issue unless we find a way to fact-check the results at the same time, which might be an arms race that is hard to win.

In comparison to that, search engine results have become advertising in disguise, with the first 10 results either being flat out ads or those who spent a lot of money on advertising or shifty SEO tricks to show up first. It’s like a run-down shopping mall, with no local products or employees and chain stores selling knock-off products rather than the high quality ones.

Quite some folk on the end of the long tail have given up on search engines and stick to the reddits, stackoverflows and other specialist forums instead. No surprise that there are specialist meta search engines like crowdview.ai coming up with a filtered experience.

This is sad, as there was a time in between where search engines started to be a lot more contextual. Their makers realised that people don’t always want a website to go to, but immediately get the result of their query. That’s why Bing and Google show a calculator interface when you enter an equation, or a weather interface when you look for “weather in x”. These quick results were excellent for the user and are a joy to encounter. The problem with them is that they cut into the view and click numbers and mean that people use your product for a shorter amount of time and don’t dwell on it so you can show more refreshing ads. Daily active user numbers don’t fill themselves, you know?

Now, how will we be able to mix the traditional search results and the low-level ChatGPT approach? Bing tries it by showing the chat interface in a sidebar and giving it much more recent, sometimes brand new content and context.

Smaller players try the same thing, for example You.com being a search engine that offers a normal search or a chat interface side-by-side.

This looks amazing, as it shows the answer next to the traditional search results. It still is a UX challenge to make the two compete with another, and it will be interesting to see what the usage numbers show. Will the chat interface prevail, or is it a new and cool thing people will try until it fails for them and then move back to the tried and true approach?

In any case, I love that the heat is on in the search market, as it was ripe for disruption once more. When Google showed that you don’t need to give people thousands of options but spend more time on analysing their query and give them what they need instead. Now we can analyse more deeply and give people not only what they are looking for but what may be interesting in context. But we need to get it right and this is where I am worried. When I buy a toilet lid on Amazon, I get lots of offers for buying more and ads for toilet lids in Instagram. I wasn’t planning on starting a collection, even if that would be great for the consumer platforms.

Copying and pasting from Console is annoying but there is a better way. The Console variable $_ contains the last result. You can use this with the copy() command to copy the data to the clipboard without having to highlight it.

Today I learned that MacOS can remove backgrounds from images, much like remove.bg does.

All you need to do is right-click an image and select Quick Actions > Remove Background.

For example, it turned this image

into this one:

One of the things I always loved about the web is its immediacy. You write a piece of code, publish it somewhere and people can access it. No compilation step, no packaging and distribution, no listing on marketplaces or app stores – just a push of the button.

This gives people a wrong impression that this way of working should scale to products and large companies as well. Often it feels like fast and nimble startups that can “fail fast and often” are the ones that do it right whereas larger, older corporations feel like slow moving dinosaurs in comparison. It gets interesting when you look at the maturity of the products released. Products in “preview” or perpetual “beta” are quick to turn around, whereas full versions need to do a lot more than just provide the functionality.

The main difference is that full version releases in large companies have compliance to consider. Internal quality compliance, and – to a much larger degree – external legal compliance. When I started working in Microsoft and transitioned from developer to product manager I realised that a lot of work and effort go into things that need to be done before we could release a product.

• Security – is the product safe from attacks?
• Performance
  • Does the product run fast and smooth?
  • How much does it impact the overall byte size and speed of the possible parent product (browser, OS…)
• Maintainability
  • Does the product rely on third party code that may be unavailable in the future or poses a licensing problem?
  • Does the product require a platform or language that might not be supported in the nearer future?
• Privacy
  • Does the product record information that could make its users identifiable?
  • Where does the information go?
  • Are you using third party software packages that could also get that information?
• Compliance
  • Are users aware of their information that is being recorded?
  • Is the information retained for only a short amount of time or long term?
  • Can people opt out?
  • Is the product available in different markets in different languages?
  • Does the product adhere to local legislation?
  • Is the product accessible to all?

Each of these have a process you need to go through, dependent on expert departments in the company, review cycles and bug reports that need fixing. So whilst your product may work already, this normally adds at least a few weeks to the release. Worse even, every change to the product restarts this cycle.

Frustrating, yes – but incredibly important

This can be incredibly annoying to encounter and seeing a product that is code complete move from sprint to sprint because of unavailability of reviewers or bugs that are an issue but can’t be fixed is frustrating. I had to deal with a lot of accessibility issues that only appeared in third party software, for example Voiceover on Mac or Orca on Linux systems. And whilst my team did everything right, our products didn’t work with those. Filing reports didn’t make much of a difference, so often we had to make functionality of a product opt-in with it being turned off by default to work around these problems.

This was frustrating for all involved, as some of this functionality was a differentiator that could have resulted in lots of new users. But as it became an opt-in, this is already a surefire way to not get many users of this feature.

But the fact of the matter remains that everything we do as software developers has a direct impact on end users out there. It might be a shortcut for us to not cover all edge cases, but it may mean that our product can leak information of our users which can lead to their identities being stolen.

We could block users as we didn’t think that any person who can’t use a mouse would ever use our product. I spent quite some time making a colour picker tool available to screen readers. This feels not necessary, but the point is that not every screenreader user is unable to see at all. By making it easier to use and adding more labels, the tool became more convenient for all users.

In the end, what counts is the end user experience. And whilst iterating fast and trying out a lot of cool new ways to interact with information is exciting, it may mean that we lock out a lot of potential users who can’t change their setup, or – worse – what their bodies can do. And whilst some of the legal requirements like GDPR feel like overkill, they may be a good way for us to reflect on how much information we need from our users and what we do with it.

How can we move faster?

The great thing about compliance is that it is predictable. We will have to do it in large corporations and certain areas of publication. So we might as well plan for it as soon as we can – even in the design and planning phase of the project. The biggest non-news about accessibility, for example, is that the earlier to take care of it, the fewer work you have to do. Making an already existing product accessible is playing whack-a-mole with assistive technology support, cross-platform issues and framework support. Planning it to be as accessible as needed from the get-go, or using already tested, accessible components means compliance can be a matter of hours, not weeks.

The same goes for data we record and want to retain. It is not often that we come up with something brand new – often we just add a feature to an existing product. So the question is if it really is necessary to add telemetry to every interface element, or maybe dig into what we already get from the parent product.

I’ll dig more into this in another post, as there are ways to cater to compliance needs and still move fast. But for now, it is important to remember that developers in large corporations aren’t slower or less switched on than those in the wild. They just have to care about a lot more than just writing the code. And that – to me – is a good thing, as what we write can make or break the online experience of our users.

Photo by Glenn Carstens-Peters on Unsplash