Sunday, October 05, 2008

Australian history on show - on Flickr

Thank goodness that another Australian institute has taken the step to start placing a pictorial history of Australia up in Flickr.

As reported in the Sydney Morning Herald in the article, Australian history gets Flickr treatment, the State Library of NSW has begun loading its photo collection into the online image library.

It can require a great deal of hard work and organisation to get archives into a viable state to place online (as the Powerhouse museum has already done so well).

The benefit is that a priceless visual history of Australia becomes visible to all Australians, rather than requiring people to travel to the photos to see them (such an antiquated notion!).

Eventually it may be possible to aggregate all the individual collections into a national view of Australia's past in a way never before achievable. Then through user-based tagging, comments and search, different pathways through the images can be used to tell different stories, bringing the past back to live via the people who lived through it.

Read full post...

Saturday, October 04, 2008

Stop focusing on the fold

Research since 1997 has indicated that the 'fold' in webpages (the bottom of the first visible screen of a webpage) is no longer a hard barrier for people.

However the myth of the fold still persists in many web designs.

Boxes and arrows has hosted an excellent article by Milissa Tarquini, Blasting the Myth of the Fold.

In the article Milissa provides a clear call to web designers to move beyond the fold-based design of the past and recognise that, provided the site's purpose is clear in the first visible screen, placing important content below the fold does not make it unfindable for web users.

She compares the clickthrough rates of items of a number of AOL pages, finding that in many cases links below the fold receive as many, and sometimes more, clicks than items at the top of the page that are supposedly more visible.

One of the interesting findings reported is that due to different browser resolutions and rendering engines, there is little consistency in where the fold occurs in web pages anyway. The most common fold line is experienced by only 10% of web users as variations in PC screens and browsers means that the fold appears differently to different site visitors.

Milissa's advice is to instead provide visual cues and compelling content to encourage users to scroll through your page, thereby no longer forcing designers to cram in all the important content into the first screen that appears.

Read full post...

Friday, October 03, 2008

How secure is a password?

Following my security theme today, I've never seen much value in passwords as strong security measures - they need to be easy to remember for the user, and therefore rely on common letter and number patterns of relevance to the user, which inevitably become easier to break.

People need to remember passwords for many different services. I count at least 50 passwords I personally use on a monthly basis including phone, ATM and online.

This makes it tempting for people to,

  • reuse a few passwords across sites/channels,
  • use a common pattern for passwords (family birth dates for example), 
  • rely on password memory memory systems (in web browsers or centrally through services such as Microsoft Live), and/or 
  • write and store passwords in easy-to-access places.


A five second Google search threw up a large number of articles decrying the weakness of passwords as a security method.

One I found interesting was How I'd hack your weak passwords, which provides details on the mistakes people make when creating passwords, and points out that when people use the same password across multiple sites the password is only as good as the weakest site's security.

So what's the alternative?
Given that passwords are not a strong security measure as they rely on the user to select secure passwords, the only real alternatives are to,
  • Use more physiologically unique approaches to security (retina scans, fingerprints or brain waves),
  • Employ physical tokens (random number widgets, cards or similar devices),
  • Use innovative alternatives to passwords (such as join the dots)
  • Make it clearer to people what is at risk and educate and support them in creating stronger passwords.


Given that most people are unwilling to spend extra money on a PC attachment to allow biometrics scans (though, like seat belts in cars or fire alarms in houses, they could be mandated by government and rolled out with new PCs over time) and issuing physical tokens is a costly exercise (and prone to physical theft), the most viable short-term option is to improve how we communicate with our customers.

I think that we could do a better job of educating people on how to create and manage large numbers of secure passwords, and addressing this area would by itself save significant costs in terms of fraud prevention and personal loss - not to mention password reset calls to call centres.

In the longer-run, I see a strong case for mandating biometric scanners on PCs.

What do you think?

Read full post...

Recruitment in the age of Second Life

Missouri's state government is struggling to manage the need to competitively attract and hire IT professionals in the face of a wave of baby boomer retirements.

Their solution, as detailed in the NextGov article, Cat's in the Bag!, has been to explore new (and cheap) ways to reach young professionals - even when they come dressed as a cat with a red bowtie to the first job interview.

The CIO of Missouri has been holding virtual career fairs using Second Life.

As discussed in the article, it's important to seek new employees where they congregate and feel comfortable, rather than solely relying on techniques that worked in the past, but do not reflect the cultural bent of highly qualified applicants today.

Seeking technologists and trolling for employees with disabilities in virtual worlds makes sense. Techies are well represented there due to their curiosity about new computer frontiers. And the disabled, especially those with physical handicaps, often are attracted to worlds where those problems no longer hinder them.


For an investment of only a few hundred dollars per year in virtual worlds his ROI is excellent - and the little cat with the red bowtie, the avatar of a recent computer engineering graduate, now has a job at Missouri's Department of Natural Resources.

The opportunity cost for other organisations not yet using digital aid recruitment tools is only likely to grow over time.

Read full post...

Biographical secret questions weakening as security measures

Due to the rise of online social networks and informational sites, secret questions based on biographical information are losing strength as a supplementary to password-based security.

As discussed in a Time article, Those Crazy Internet Security Questions, as more information on individuals becomes easily available - either provided by them directly or via government, corporate and collaborative online databases - the secureness of personal questions diminish.

The article provides a ten second case study on how easy it is to get the biographical information of a prominent person from their wikipedia entry and online postal database.

Speech transcripts, videos, blog posts, social network profiles, news sites and genealogical websites can also provide significantly more information quickly and cheaply.

It's slightly more difficult to get information on an 'unknown' person - but many are doing hackers the favour of providing their own biographical information online - as well as adding to the available information on their family and friends.

This raises a need to steer secret questions away from purely biographical information, or seek stronger alternatives.

So what was your mother's maiden name again?

Read full post...

Bookmark and Share