About 10 years ago I tried installed Little Snitch on my laptop. I set it up to check with me every time any native app tried to connect to the internet. "Here we go" I thought. "I'm going to actually see what apps are doing!".
I think I naively thought I'd end up with 10 rules or something, blocking telemetry. Oh what a sweet naive child I was. Its constant. Everything on my computer seemed to use about 8 different telemetry and update services. The sheer number of packets of environmental waste being produced every second by modern computers is breathtaking. It never stops.
Reading this article, I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet." It would be terribly inefficient, but it'd probably be fun to try. It would definitely force a lot more rigour around releases & testing.
It’s got to the point where I turn off my WiFi now to do performance-sensitive work, because of the boost that killing all this background rubbish gives. Anything I need online I can just offload to my phone while my computer is offline.
If the computer doesn't have any online network connection, shouldn't it outright error? I understand that the timeout sucks when your network is not connected to the internet but still alive, then that's an issue, but if there is no connection at all, why would the timeouts matter?
It wouldn't be able to open a TCP connection without knowing what IP address / interface to use.
You're right--it should outright error. You should only see timeouts like that if you were dropping the packets from some middleware or middlebox, but your client still had a valid IP address.
The problem with this is some apps do incredibly stupid things. Now I'm not saying the operating system itself, but I had some ide screw off and go into long pause mode when my laptop was in airplane mode.
You're not thinking like a systemd developer. The right thing to do is to ignore all anecdotes and direct evidence that a problem exists. I am talking about systemd renaming your network interfaces because you added or removed hardware.
systemd should add and remove interfaces connected in the exact same hardware path with the same name they had before.
Default literally insane legacy behaviour is just vomiting eth${RAND} where RAND depends on racing conditions.
My educated guess is that people that insist on using the legacy eth${RAND} never had a surprise random firewall and routing rules suddenly apply to different interfaces at a inconvenient time, making production halt and catch on fire, yet.
hardware paths change when you add or remove hardware. systemd developers deny this despite it affecting half of all desktop computers in existence. Your one network jack used to be eth0, systemd now changes it each time you add or remove hardware and insist they're making it more stable instead of more variable whilst they are making it more variable.
Yep. I've experienced on several computers that the systemd-approved "predictable" network device name changes when adding or removing a SSD. The solution is to turn off the network device renaming and allow the single ethernet interface in the machine to always be known as eth0.
systemd developers like to come up with clever solutions to the problems they care about, and ignore the side effects for any use cases they don't care about. And quite often those afflicted use cases are the ones most people would consider to be the more typical use cases.
So are you willing to admit now that "the standard TCP timeout" was a misdiagnosis of your problem?
You appeared to be projecting a personal problem with some unnamed badly coded apps onto everyone, as if it were inevitable, but the original commenter who said they turned off WiFi obviously does not experience this problem, and neither do I for that matter.
It can cause problems to flip off the internet when you already have open connections, though there are also API to detect changes in network availability. But I don't see that as a significant problem for "I turn off my WiFi now to do performance-sensitive work". First turn off WiFi, then launch the app you need, in that order. Problem solved.
> I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet."
FWIW all of my Mac and iOS apps are upfront paid, with no telemetry or server-side component.
Of course I don't distribute them via snail mail though.
I'm doing pretty well. I'm certainly not rich, and probably not making as much money as corporate software engineers in the US, but I'm doing better financially than the majority of people. It's not impossible to follow the old business model.
I (and presumably the commenter you're responding to) initially read "all of my Mac and iOS apps" as "all of the Mac and iOS apps I use" instead of "all of the Mac and iOS apps I've written".
Did you and the other replier stop reading my comment after the first sentence? Because the second and following sentences make very clear—e.g., "distribute"—that I was talking about apps developed and sold by me.
This is one of the main reasons why I have mostly given up on paid software or SaaS products. You would think that by paying someone for their product, that would give you the tool without constantly getting asked for more, like some shareware program from the 90s. But no, if you give them money, they will constantly nag you, track you, nag you again, and so on. Debian on my private laptop using mostly free software (I think Obsidian is the only odd one out currently) has completely killed that annoyance. My Macbook and iPad Pro for work still keep nagging me all the time about some stupid stuff I don't want to think about.
Maybe ill have to give it another try, but each time I've tried it, it wasn't particularly intuitive. I couldn't figure out how to turn off the bullet points on all notes. I'm sure there's a setting somewhere but that's such an odd default that I never investigated further.
Logseq raised a lot of VC money and has started turning the screws. They switched from Markdown files to and database, and their sync is paid and closed source.
It has no Pro version, and I believe their plan is to monetize it through an optional Sync service, which is fair, since it actually costs money to keep it running.
Oxygen producing anaerobic bacteria gave us the atmosphere we breath but at the same time caused some of the largest, if not largest extinctions events on earth.
When talking about capitalism it seems a great many people in the US and HN have a difficult time using nuance and are unable to separate the good parts of capitalism from the parts that will kill us in the long run. Infinite growth cannot exist in a finite world. If we keep demanding capitalism grow unbound it will literally consume us and our biosphere.
Capitalism is the only economic system that has the privilege of being evaluated outside of the context of the society in which it exists. When socialism is criticized the political system is always, justly, included; so the purges of Stalin and the homophobia of Guevara are all taken into account. Apply the same thinking to capitalism and you have to count a lot more deaths and injustices: the Irish and Bengali famines, world war 1, climate change, etc.
If General Motors had developed technology like Microsoft, we would all be driving cars with the following characteristics:
For no reason whatsoever, your car would crash twice a day.
Every time they repainted the lines in the road, you would have to buy a new car.
Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason, you would simply accept this.
Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive – but would run on only five percent of the roads.
The oil, water temperature, and alternator warning lights would all be replaced by a single “General Protection Fault” warning light.
The airbag system would ask “Are you sure?” before deploying.
Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.
Every time GM introduced a new car, car buyers would have to learn to drive all over again because none of the controls would operate in the same manner as the old car.
You’d have to press the “Start” button to turn the engine off.
What is funny is how many of them are actually true now. Having your display panels crash while driving is good fun. Also I click the start/stop button to operate my vehicle. And teslas like locking people in on occasion.
In the old days, you'd take a survey on a McDonald's receipt and get a coupon for a free fry or something. These days, every product will sign you up for a newsletter without consent, ask for a review, or beg you to spend your time on a survey after the smallest interaction. Everything from the Art Institute of Chicago to Cava (a fast casual restaurant). And it's not just once, they'll send you reminders too. In-app, the prompts stack up on each other. I dread opening Jellyfish because I know I'll have to click through more than one pop up every time I want to check something quick. No, I still don't want to go to your conference, I'm trying to get work done.
Why can't they at least offer something of small value, like 10% off your next food order, or some API credits, so it's a fairer exchange? I guess because everyone's doing it, no individual product gets penalized for annoying their users.
There are exceptions of course, like Kagi. But they're far and few between.
Kagi has the world's most pleasant engagement retention email life-hack, which is that if you don't use it for a whole month, they'll email you telling you that they refunded that month's price. I don't have a specific dollar cutoff where this is acceptable, but applying the categorical imperative, if every customer retention spam or nag I received came with $14 I could retire.
Last week I got a survey following a pre-sales support ticket I raised with StarTech.
I respond to those when I’m satisfied. I was, so I clicked the link. The first question was multiple choice. The second was a free text response field asking me about my trust in the brand. It was a mandatory question (one question per page).
So I just closed the window and never completed the survey.
Even the surveys have gotten ridiculous. Don't waste my time asking me to write you vaguely prompted essays that you’re just going to use Copilot (the survey was via MS Customer Voice) to aggregate anyway. If it was a simple NPS or other multiple choice survey, or one where I could skip a prompt asking for unstructured thoughts on brand loyalty, I’d have finished it.
> ... ask for a review, or beg you to spend your time on a survey after the smallest interaction.
This one is the most confusing to me. I go to Home Depot and buy some of the most mundane items: conduit hangers and toilet paper. I then get email spammed 2-3 times to review "toilet paper" and "conduit hangers" as if people are dying to read the reviews on a friggin conduit hanger or roll of TP. So I did just that. Conduit hangers: "Hang pipe like a porn star!" Toilet paper: "Lets you dig deep with confidence! No s*it finger for this guy!"
When they send these 30-question surveys, surely they must be aware that the people who respond are not a random sample of the customer population but a sample of the subpopulation that is willing to take a 30-question survey for them?
Simple. Your mistake is assuming that these surveys used to gather actual information.
The 30 questions satisfy all of the bikeshedding smoothbrains in the survey-design-committee. The survey itself isn't used to make informed decisions to improve the product, but entirely to justify the manager's impact and thus everybody's bonuses.
Oh, sometimes they are used to change things, and when implemented it seems like everyone is mad and they act shocked because all they see from surveys is people wanted a change.
Often, they'll ask for the review before I even had the time to really use the product. Like, I've just laid my hands on this thing, how am I supposed to know anything yet?!
Yeah I probably will, when this one breaks. I had Android always before and I'm pretty unimpressed with Apple. HN'ers love to imagine that only Apple has their interests in mind unlike other BigCos, but no Android phone I had ever nudged me out of the blue, in the middle of other work, to "turn on Google Drive" with just "Ok" and "Ask me later" as the options.
I’ve used iPhones exclusively as my daily driver phone for almost 20 years now.
It’s tempting to get a phone that GrapheneOS supports at my next refresh.
I generally like Apple’s technology. I like their high level stability - they don’t launch things as experiments in the same way other technology companies do. They seem to make a serious effort at only launching things they plan to keep around and refine. I think that’s the only user-friendly way to do it.
But I’m concerned about the post-Cook era particularly because in recent years the hardware has gotten better but the software has gotten worse. It is starting to feel like Apple is unable, unwilling, or incapable of focusing on two sides of the coin at once.
The software side is more data hungry than ever, no matter what they do with that data. They are seemingly desperate for services revenue on top of premium prices for devices. It was insane that any release, let alone how many releases, automatically enabled or re-enabled (after prior user disablement) Apple Intelligence. They finally stopped disrespecting asserted user choices but it took them awhile. That in particular really soured me. They had already learned that lesson (for some reason they had to learn that lesson period) with automatic OS update settings.
I’ve been working for a few years now on extricating myself from the connected services sides of both Microsoft and Apple so that it will be far easier to make the leap to GrapheneOS (or an analogue) when and if I decide to.
Until recently (moved to GrapheneOS) I ran stock Android for years and never had an issue with turning any notifications from default apps. Maybe this is different with other manufactures and custom OS version (e.g., Samsung's)? I think the only thing that bugged me was Google Play pushing new features/ways to give them money, but that was only within the app itself when I opened it. Notifications of that sort were all easily blocked. The only notifications I got and get are ones I want (99% of it are messages from messaging apps, calendar reminders, and alarms).
My Motorola phone gives me a notification asking me to rate the audio quality after every single call. I can't turn off those notifications without rooting the phone. All I can do is uninstall updates to the phone app and disable automatic updates for that app, so at least they won't add more notification spam and can't keep rearranging the UI of the most important app on the phone.
One of the more annoying software that does this is the copilot Office 365 on the web. Every time (!) I open it, it shows a popup on how to add files to the context. That itself would be annoying, but it also steals focus! So you would be typing something and suddenly you’re not typing anymore for M$ decided it’s time for a popup.
I finally learned to just wait for the pop up and then dismiss it with esc. Ugh!
If you login to the exchange online admin center you first have to complete a short "on-rails-shooter" video game. They constantly shuffle shit around and want to give you a tour via popups about it.
I have the admin accounts for multiple companies, so I have to play the game repeatedly.
It might not have a great impact, but I've started to fight back. Interrupt me in the middle of an important task? You get a 1-star rating. Ask me for some random information you shouldn't need? Get bogus answers. And so on.
> Ask me for some random information you shouldn't need? Get bogus answers.
I've never understood software that's free but you have to fill out a form of personal information to download it. Even if I was willing to share, what possible use is my full mailing address to some random software company? It's data collection for the sake of data collection.
There's an oxygen waster whose salary is conditional on bringing this data in. Whether that covers his paycheck, let alone brings profit is irrelevant to him. He is also the one responsible for reporting the profit numbers on that, so obviously the numbers will be cooked to indicate his work greatly benefits the business.
> The drill doesn’t ask how you’re enjoying your experience drilling. It doesn’t upsell you on premium hole-making
Damn you wonder how we as a Software Industry lost the plot - hell - I have a product in e-commerce analytics one of the features I never put in was 'Retention / Cohorts' etc - coz in the real world retailers don't speak in those terms
This was the reason I switched from Windows to using Linux full time back around 2006. Windows used to be somewhat peaceful bu around then it increasingly started interrupting me instead of me generating interrupts for it. I gather Windows hasn't gotten better since then.
At least with Android it is mostly the apps that generate interruptions, so I can choose apps that do not, and control notification permissions for those I need.
> it increasingly started interrupting me instead of me generating interrupts for it.
Yep, this is it right there. When human interface guidelines were being drawn up in the 70s and 80s, they didn't need to include anything like "computers must not speak unless spoken to" because it was so damn obvious.
My software-dev persona brain "Oh, see, but these days, we now need to make sure users remember to patch to the latest security update", and I respond: REALLY? You shipped me broken software and are now interrupting me in the middle of work to make it my problem? When did this become acceptable?
Windows is unusable. I kept a long time because of "family member will wanna use Excel" but that is not a thing anymore. Alternatives are good. Very little Windows specific software I need anymore. Really just Backblaze better pricing is all I care for.
Recently I was playing a not-very-good video game that was pumped full of stop-what-you're-doing-and-read-this tutorial pop-ups. What percentage of the audience really needs the entire game to stop so we can read "use the left stick to move, press x to continue"? Even if this is literally first game you have ever played, I can't see how a flurry of messages that are not even actionable until dismissed will do anything but cause anxiety.
Thinking about other forms of media, the film industry just expects that its consumers will have some basic visual media literacy. Like, let's say you're watching your first ever movie, and there's a fade-out to represent a time jump. The movie does not stop with a dismissable pop-up explaining what it represents - the vast, vast majority of the audience already intuitively understands it, and the rest can probably figure it out from context. The only requirement to pull this off is an extremely minimal amount of respect for your audience / users!
Even with all the telemetry, there are unsolved basic problems, like icons on the desktop, when switching from just notebook and to docking station. Power user move the mouse 10 times over the whole screen until the menu is animated and shown.
A nice use of AI would be to learn what kind of interruptions I hate and suppress those as much as possible. The trick would be installing it to the level of authority to ignore stuff from the companies making the phones and OS too without having complicated jailbreak/hacking procedures.
The reality is that we just have shit consumer protections for our time and attention, because it's revenue for the companies, which lawmakers don't want to infringe upon. They can't even go after the relatively small markets of phone call/mail spam.
iOS has it to some extent, you can enable "Intelligent breakthrough and silencing" in Focus settings, and it should (supposedly) learn which notifications are important for you and which can be skipped.
Phone spam would be so so easy. If you get a contact you don't like, SMS some magic short code and legally receive $1 from the sender. If the sender is foreign and cannot be held accountable, the entry point domestic carrier is liable for the $1.
All it takes is a mild amount of accountability for the shitheads delivering these. It would be gone overnight.
In Europe, every phone number is linked to someone's passport. This really cuts down on spam. It's hard to round up enough homeless guys to use their ID to buy SIM cards to make it worthwhile to spam from.
If you received spam and you can prove in court, you can sue them, they look up whose number it is and they have to pay a fine.
It's really not complicated. All it takes is for the regulatory body to be merely grifting off of taxpayers instead of completely owned by billionaires.
Enshittification didn't start recently. It was always there. You just didn't notice it because of your age. Your youth and childhood days always have good memories, doesn't matter how shitty those days were.
Selling is just as old as money. Every business that tried sell you soaps and cosmetics had to scare you about bacteria, making you forget that bacteria was always there with you for millennia. What you call enshittfication is the change accumulation that you witnessed over decades. Ask children who hasn't seen all that change. They see everything is just fine.
Yes, nasty salesmen are as old as time and possibly predate humans, but that is not what enshittification means.
From Wikipedia[0]:
> Enshittification, also known as crapification and platform decay, is a process in which two-sided online products and services decline in quality over time. Initially, vendors create high-quality offerings to attract users, then they degrade those offerings to better serve business customers, and finally degrade their services to users and business customers to maximize short-term profits for shareholders.
Basically a middleman fucking over both sides of the deal, typically in the context of online services.
The term was popularised in 2022 [1].
Remove "online services" (anchoring the term firmly in the present) and I still can't think of wide ranging examples in the past. I will admit that this might be because I haven't been around for very long.
Large companies buying up smaller brands with high quality products is one that has become popular in the 21st century. People have a strong attraction to brand names and while the user will eventually leave the large corporation more than makes their money back on the purchase. With this increase in capital they move to the next high quality company and consume it. Companies like Coca-cola do this with countless products.
This is a nice explication of the sequence of events, but I think it's too lenient on the bad actors who've led us to where we are now. It says that "each step could be defended". Yes, but many of them can be defended only from a "fuck you, got mine" standpoint of trying to grab as much as possible while not caring about screwing anyone.
> Software could finally be updated after it shipped. Bugs could be fixed. Security holes could be closed.
They could be. Is that what this technology was used for?
> Crash reports made it easier to fix real problems, update checks were convenient, and license activation reduced some kinds of piracy.
I am skeptical that automatic sending of crash reports is worth the harm to users. A program can create crash reports and save them locally. Then if there is a crash or bug, a support team can instruct the user in how to find and send just the relevant reports. There is no reason to automatically send anything.
> “Can we understand how people actually use this?”
> Again, that’s not an evil thought. In fact, it’s useful!
Evil and useful are not mutually exclusive. Whether it's evil depends on what it's useful for.
> Before analytics, if you wanted to understand user behavior, you had to ask people, watch them, or infer patterns from support tickets. That requires time, empathy, and effort.
If you are making a choice out of a desire to avoid spending time, effort and (especially) empathy, you might be doing something evil (even if it's useful to you).
> When experimentation becomes the primary decision-making tool, a strong product vision becomes optional.
> Not because anyone argues against vision, but because you don’t strictly need it anymore, and because backing a chart is safer than backing an opinion.
This sidesteps the issue of either the vision or the chart is being backed. If you're backing it just to make your company more money, it's probably evil, whether it's a chart or a vision.
> Some categories are basically made of alerts: messaging, security, banking, calendars, delivery tracking, anything where timing actually matters.
Banking is not made of alerts. Delivery tracking is not made of alerts. Alerts may have valid uses in those contexts, but they're not the main event.
Delivery tracking I think is a good example of how notifications can be misused. People got deliveries all the time before push notifications. Most of the time you simply don't need to know what most of the notifications are telling you. What good does it do you to know that the package left Las Vegas and is now en route to San Bernardino? What good does it do you to know that the package was delivered at 3:47 if you won't be off work until 5pm anyway? When you get home, it'll either be there or it won't.
> The problem is that once a company builds the machinery to do it, that machinery becomes cheap to reuse, and the incentives gradually pull it away from “help the user succeed” toward “move the metric.”
That is evil if that metric is "help the company regardless of whether it helps the user". That is the issue here. The article consistently dances around the central issue, which is the underlying motives driving these actions. Printing words on a sheet of paper and posting it in the town square was an evil use of technology when done by a 19th-century charlatan to enrich himself by enticing saps into buying useless snake oil. Ruthlessly using any technology to pursue every possible gain regardless of the effect on others is unethical.
> Here are a few practical ways out.
Who are these directed at? Programmers? The article already says programmers hate doing this stuff. Bosses? Venture capitalists? We've already seen that they don't care. None of this is going to change unless these recommendations are aimed at the creation of normative guidelines to be enforced by law.
I really do appreciate the article and have saved it because it does a great job of laying out how the choices were made. But I am so tired of people making excuses for evil behavior on the basis that "it's just technology" or "well they were just trying to improve their product". Every company that did these evil things could have just settled for 2% growth instead of 2.5% and our world would be the better for it; and our world will be the better in another 30 years if we now enact punitive measures against those who continue to do these things.
We can all play victims here of course but we also have our own responsibility when creating software. I've been on many projects where people got sucked into "this just is the way this ought to be done" kind of thinking without questioning any of it.
I suspect many cookie consent dialogs come into existence this way. All the mindless onboarding nonsense, notifications, etc. come from a rather dogmatic application of growth hacking type advice. You get startups hiring people that specialize in that out of a belief that they have to do that that then start doing stuff. And once you have those people they start justifying their presence by imposing a lot of that stuff.
If you ask a lawyer for advice on legalese, they'll give you plenty of terms and conditions, consent forms, etc. Mandatory scroll to the end thingies are a good example of an anti pattern here. The thing is that laws don't specify much in terms of UI/UX. Some lawyer once upon a time decided that "we have to twist user's nipples and make sure they read my 20 pages of legalese before they are allowed in the app". This is completely stupid if you think about it for more than 4 seconds. But it's being copied over and over again by world + dog. Convoluted cookie consent screens are another good example. Corporate lawyers invented those because they are being paid to justify their existence. They come up with implausible scenarios and then protect their clients from those. A lawyer will never tell you to skip an optional/redundant step but they'll come up with reasons to add more of those. Removing complexity is not their job.
If nobody applies any critical thinking and fact checks these things you end up with a lot of ass coverage, legalese, "better safe than sorry" type features and shit that is not needed that adds up to a lot of user hostile behavior, onboarding friction, and application complexity.
Authentication is a thing that many product owners just blindly imitate from others. Including all the negative patterns around it. I've had this discussion with more than a few product owners. "We have to 'own' the user relation ship and therefore we must have a email/password thing and can't do openid, sso, email links, etc.". This is nonsense but if nobody challenges that, you go down the path of repeating decades of mistakes on this front. But it's OK because everybody else does it too.
People don't even question this any more. As soon as you go down this path it leads to a lot of fairly standard and boring stuff that you just have to do, apparently. Over and over again. If you have a password, you got to have a reset my password. Is "secret" an acceptable password? No, so we got to have a password complexity thingy. Do we add 2FA? Notification preference screens, Push notifications, and all the rest.
Modern logins should be simple. "send me a login link" "login with X, Y, or Z", passkeys, etc. Make sure the process is password manager friendly if you have passwords (why?!). Bias towards enabling your users to getting started with your thing ASAP. Get them in and then consent; not the other way around.
Get a good product person that understands these things rather than one that does things because he heard about a person that knows a person that is totally legit that told them that you gotta do X because reasons that are too complicated for you to worry your petty head about. Most bad decision making boils down to BS, urban myths, and bad advice like that. Ask the "why" questions. Make sure you understand and fact check the answers. Do what you actually have to do. But nothing more.
As someone who does use a password manager, there's nothing more annoying than a service that doesn't accept email/password logins. I don't want to cede my auth to a 3rd party, clutter up my inbox with magic links, or have to keep careful track of passkeys that are tied to a device and can be easily lost!
Sure there is! Websites that disable pasting into password fields “for your security” are even more annoying.
(Pro tip: lapcat referred to his Stop The Madness software here. It fixes this and other dumb website anti-features. Don’t leave your home page without it.)
>And yet, this is how a lot of modern software behaves.
Not in my experience. Typically all of the "news" happens either during startup, or as part of some other flow. It doesn't happen in the middle of using software. Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
>The analytics didn’t prove the feature was unwanted. The analytics proved that we buried it.
If I actually wanted a feature I would go through 10 menus to flip the switch. If the analytics says no one is uses it that is proof that no one wants it. It is possible that the user is unaware of it though.
>the product stops being a finished artifact
When you are doing constant software updates it is not a finished artifact anyways.
> Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
I rarely use the G Suite, but when I do I get bombarded with a queue of popups and alerts about this feature, this Gemini integration and whatever else gets someone promoted.
> If I actually wanted a feature I would go through 10 menus to flip the switch.
That is if you know of this feature or are predisposed to rummage around software to look for a solution. Neither is common amongst common people.
> When you are doing constant software updates it is not a finished artefact anyways.
That I mostly agree with. Then you have teams who are assigned a sliver of the software and continually fuck with it to justify their existence.
About 10 years ago I tried installed Little Snitch on my laptop. I set it up to check with me every time any native app tried to connect to the internet. "Here we go" I thought. "I'm going to actually see what apps are doing!".
I think I naively thought I'd end up with 10 rules or something, blocking telemetry. Oh what a sweet naive child I was. Its constant. Everything on my computer seemed to use about 8 different telemetry and update services. The sheer number of packets of environmental waste being produced every second by modern computers is breathtaking. It never stops.
Reading this article, I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet." It would be terribly inefficient, but it'd probably be fun to try. It would definitely force a lot more rigour around releases & testing.
It’s got to the point where I turn off my WiFi now to do performance-sensitive work, because of the boost that killing all this background rubbish gives. Anything I need online I can just offload to my phone while my computer is offline.
The problem with doing that, is that the standard TCP timeout is 60 seconds.
All of a sudden, you are beset with 60-second hangs.
If the computer doesn't have any online network connection, shouldn't it outright error? I understand that the timeout sucks when your network is not connected to the internet but still alive, then that's an issue, but if there is no connection at all, why would the timeouts matter?
It wouldn't be able to open a TCP connection without knowing what IP address / interface to use.
You're right--it should outright error. You should only see timeouts like that if you were dropping the packets from some middleware or middlebox, but your client still had a valid IP address.
You just gave me flashbacks of mistyping a folder share name on windows and having the whole PC lock up for a minute or two.
> All of a sudden, you are beset with 60-second hangs.
No, that's not how it works. Frankly, I'm astonished to see this claim here.
The problem with this is some apps do incredibly stupid things. Now I'm not saying the operating system itself, but I had some ide screw off and go into long pause mode when my laptop was in airplane mode.
I'm sure there are stupid apps out there, but "the standard TCP timeout" was a misdiagnosis of the problem.
Depends.
I have a couple of apps on my computer that do exactly that.
I am looking forward to learning how it does work...
You're not thinking like a systemd developer. The right thing to do is to ignore all anecdotes and direct evidence that a problem exists. I am talking about systemd renaming your network interfaces because you added or removed hardware.
systemd should add and remove interfaces connected in the exact same hardware path with the same name they had before.
Default literally insane legacy behaviour is just vomiting eth${RAND} where RAND depends on racing conditions.
My educated guess is that people that insist on using the legacy eth${RAND} never had a surprise random firewall and routing rules suddenly apply to different interfaces at a inconvenient time, making production halt and catch on fire, yet.
hardware paths change when you add or remove hardware. systemd developers deny this despite it affecting half of all desktop computers in existence. Your one network jack used to be eth0, systemd now changes it each time you add or remove hardware and insist they're making it more stable instead of more variable whilst they are making it more variable.
Yep. I've experienced on several computers that the systemd-approved "predictable" network device name changes when adding or removing a SSD. The solution is to turn off the network device renaming and allow the single ethernet interface in the machine to always be known as eth0.
systemd developers like to come up with clever solutions to the problems they care about, and ignore the side effects for any use cases they don't care about. And quite often those afflicted use cases are the ones most people would consider to be the more typical use cases.
> I am looking forward to learning how it does work...
It's basic sockets. If you call connect() when the internet is disabled, the errno is ENETUNREACH.
The higher-level API are built on sockets. If any apps are misbehaving, they're simply badly coded.
> It's basic sockets.
Yup. I've done a bit of that stuff, in my time.
> If any apps are misbehaving, they're simply badly coded.
Plenty of that stuff, going around.
Might want to ease back on the "instant insult" thing. Not a good look.
> Yup. I've done a bit of that stuff, in my time.
So are you willing to admit now that "the standard TCP timeout" was a misdiagnosis of your problem?
You appeared to be projecting a personal problem with some unnamed badly coded apps onto everyone, as if it were inevitable, but the original commenter who said they turned off WiFi obviously does not experience this problem, and neither do I for that matter.
[flagged]
I don't think you can get ENETUNREACH from recv though. If the request was sent, it'll time out.
It can cause problems to flip off the internet when you already have open connections, though there are also API to detect changes in network availability. But I don't see that as a significant problem for "I turn off my WiFi now to do performance-sensitive work". First turn off WiFi, then launch the app you need, in that order. Problem solved.
And then Minecraft writes to a log 18,000 times a second, moaning about being unable to contact the telemetry provider until your disk fills up.
I don’t know if they ever fix that bug, because I uninstalled the thing. The third-party launchers didn’t have that problem.
Have you tried using Linux?
> I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet."
FWIW all of my Mac and iOS apps are upfront paid, with no telemetry or server-side component.
Of course I don't distribute them via snail mail though.
I'm doing pretty well. I'm certainly not rich, and probably not making as much money as corporate software engineers in the US, but I'm doing better financially than the majority of people. It's not impossible to follow the old business model.
I preferentially select for this software model. What applications to you make and where might I find them?
I eagerly and quickly pay for major version upgrades to the independent software I buy. I’d like that model to stick around.
> What applications to you make and where might I find them?
https://underpassapp.com
Thank you. Just bought StopTheMadness Pro and StopTheScript.
How do you know they don't have telemetry?
I wrote them. I'm baffled by your question.
I (and presumably the commenter you're responding to) initially read "all of my Mac and iOS apps" as "all of the Mac and iOS apps I use" instead of "all of the Mac and iOS apps I've written".
Did you and the other replier stop reading my comment after the first sentence? Because the second and following sentences make very clear—e.g., "distribute"—that I was talking about apps developed and sold by me.
This is one of the main reasons why I have mostly given up on paid software or SaaS products. You would think that by paying someone for their product, that would give you the tool without constantly getting asked for more, like some shareware program from the 90s. But no, if you give them money, they will constantly nag you, track you, nag you again, and so on. Debian on my private laptop using mostly free software (I think Obsidian is the only odd one out currently) has completely killed that annoyance. My Macbook and iPad Pro for work still keep nagging me all the time about some stupid stuff I don't want to think about.
Check Logseq for an open source alternative to Obsidian: https://github.com/logseq/logseq
Maybe ill have to give it another try, but each time I've tried it, it wasn't particularly intuitive. I couldn't figure out how to turn off the bullet points on all notes. I'm sure there's a setting somewhere but that's such an odd default that I never investigated further.
Logseq raised a lot of VC money and has started turning the screws. They switched from Markdown files to and database, and their sync is paid and closed source.
Hm, it looks nice too, but that's another "freemium open source" app with a pro version that will eventually be enshittified, I would bet.
It has no Pro version, and I believe their plan is to monetize it through an optional Sync service, which is fair, since it actually costs money to keep it running.
> TLDR: Logseq is free but Logseq Pro (coming soon) is not. https://docs.logseq.com/#/page/faq
My original point was that I don't want this kind of software that has an incentive to nag you into an upsell.
Late stage capitalism, the numbers must always go up.
That's why everything is turning into rent seeking models and enshittification.
Capitalism has caused more economic growth than any other system, and without a high death toll.
Oxygen producing anaerobic bacteria gave us the atmosphere we breath but at the same time caused some of the largest, if not largest extinctions events on earth.
When talking about capitalism it seems a great many people in the US and HN have a difficult time using nuance and are unable to separate the good parts of capitalism from the parts that will kill us in the long run. Infinite growth cannot exist in a finite world. If we keep demanding capitalism grow unbound it will literally consume us and our biosphere.
Capitalism is the only economic system that has the privilege of being evaluated outside of the context of the society in which it exists. When socialism is criticized the political system is always, justly, included; so the purges of Stalin and the homophobia of Guevara are all taken into account. Apply the same thinking to capitalism and you have to count a lot more deaths and injustices: the Irish and Bengali famines, world war 1, climate change, etc.
Add the East India Company's rule in India to the list, 40 million deaths on a conservative estimation.
Are you including the wars and operations that we supported in the shadows to shore up that capitalism?
Old joke:
If General Motors had developed technology like Microsoft, we would all be driving cars with the following characteristics:
For no reason whatsoever, your car would crash twice a day.
Every time they repainted the lines in the road, you would have to buy a new car.
Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason, you would simply accept this.
Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive – but would run on only five percent of the roads.
The oil, water temperature, and alternator warning lights would all be replaced by a single “General Protection Fault” warning light.
The airbag system would ask “Are you sure?” before deploying.
Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.
Every time GM introduced a new car, car buyers would have to learn to drive all over again because none of the controls would operate in the same manner as the old car.
You’d have to press the “Start” button to turn the engine off.
Ya, I remember reading these decades ago.
What is funny is how many of them are actually true now. Having your display panels crash while driving is good fun. Also I click the start/stop button to operate my vehicle. And teslas like locking people in on occasion.
The Tesla FSD subscription flip flop almost fits learning to drive all over again.
Half of these did happen to cars.
In the old days, you'd take a survey on a McDonald's receipt and get a coupon for a free fry or something. These days, every product will sign you up for a newsletter without consent, ask for a review, or beg you to spend your time on a survey after the smallest interaction. Everything from the Art Institute of Chicago to Cava (a fast casual restaurant). And it's not just once, they'll send you reminders too. In-app, the prompts stack up on each other. I dread opening Jellyfish because I know I'll have to click through more than one pop up every time I want to check something quick. No, I still don't want to go to your conference, I'm trying to get work done.
Why can't they at least offer something of small value, like 10% off your next food order, or some API credits, so it's a fairer exchange? I guess because everyone's doing it, no individual product gets penalized for annoying their users.
There are exceptions of course, like Kagi. But they're far and few between.
Kagi has the world's most pleasant engagement retention email life-hack, which is that if you don't use it for a whole month, they'll email you telling you that they refunded that month's price. I don't have a specific dollar cutoff where this is acceptable, but applying the categorical imperative, if every customer retention spam or nag I received came with $14 I could retire.
Last week I got a survey following a pre-sales support ticket I raised with StarTech.
I respond to those when I’m satisfied. I was, so I clicked the link. The first question was multiple choice. The second was a free text response field asking me about my trust in the brand. It was a mandatory question (one question per page).
So I just closed the window and never completed the survey.
Even the surveys have gotten ridiculous. Don't waste my time asking me to write you vaguely prompted essays that you’re just going to use Copilot (the survey was via MS Customer Voice) to aggregate anyway. If it was a simple NPS or other multiple choice survey, or one where I could skip a prompt asking for unstructured thoughts on brand loyalty, I’d have finished it.
> ... ask for a review, or beg you to spend your time on a survey after the smallest interaction.
This one is the most confusing to me. I go to Home Depot and buy some of the most mundane items: conduit hangers and toilet paper. I then get email spammed 2-3 times to review "toilet paper" and "conduit hangers" as if people are dying to read the reviews on a friggin conduit hanger or roll of TP. So I did just that. Conduit hangers: "Hang pipe like a porn star!" Toilet paper: "Lets you dig deep with confidence! No s*it finger for this guy!"
When they send these 30-question surveys, surely they must be aware that the people who respond are not a random sample of the customer population but a sample of the subpopulation that is willing to take a 30-question survey for them?
Simple. Your mistake is assuming that these surveys used to gather actual information.
The 30 questions satisfy all of the bikeshedding smoothbrains in the survey-design-committee. The survey itself isn't used to make informed decisions to improve the product, but entirely to justify the manager's impact and thus everybody's bonuses.
Oh, sometimes they are used to change things, and when implemented it seems like everyone is mad and they act shocked because all they see from surveys is people wanted a change.
Often, they'll ask for the review before I even had the time to really use the product. Like, I've just laid my hands on this thing, how am I supposed to know anything yet?!
I have trash mail box that I don’t really open besides clicking confirmation links.
I also use Firefox relay just to vary stuff a bit to throw wrench into tracking.
As the joke goes,
Do you think [big tech company] understands consent?
> Yes
> Ask me later
Related to this, does anyone here know how to stop my iPhone asking me to turn on iCloud?
Buy a different phone?
Yeah I probably will, when this one breaks. I had Android always before and I'm pretty unimpressed with Apple. HN'ers love to imagine that only Apple has their interests in mind unlike other BigCos, but no Android phone I had ever nudged me out of the blue, in the middle of other work, to "turn on Google Drive" with just "Ok" and "Ask me later" as the options.
I’ve used iPhones exclusively as my daily driver phone for almost 20 years now.
It’s tempting to get a phone that GrapheneOS supports at my next refresh.
I generally like Apple’s technology. I like their high level stability - they don’t launch things as experiments in the same way other technology companies do. They seem to make a serious effort at only launching things they plan to keep around and refine. I think that’s the only user-friendly way to do it.
But I’m concerned about the post-Cook era particularly because in recent years the hardware has gotten better but the software has gotten worse. It is starting to feel like Apple is unable, unwilling, or incapable of focusing on two sides of the coin at once.
The software side is more data hungry than ever, no matter what they do with that data. They are seemingly desperate for services revenue on top of premium prices for devices. It was insane that any release, let alone how many releases, automatically enabled or re-enabled (after prior user disablement) Apple Intelligence. They finally stopped disrespecting asserted user choices but it took them awhile. That in particular really soured me. They had already learned that lesson (for some reason they had to learn that lesson period) with automatic OS update settings.
I’ve been working for a few years now on extricating myself from the connected services sides of both Microsoft and Apple so that it will be far easier to make the leap to GrapheneOS (or an analogue) when and if I decide to.
I have an android phone and it hates me almost as much as apple, but it has better hardware for a lower price, and I can technically use f–droid
On Android, it is really easy to turn notifications off by default, and only selectively allow the ones you need, e.g. from the calendar.
Oh yeah, it's super easy to turn off notifications from any app except the built–in adware.
Until recently (moved to GrapheneOS) I ran stock Android for years and never had an issue with turning any notifications from default apps. Maybe this is different with other manufactures and custom OS version (e.g., Samsung's)? I think the only thing that bugged me was Google Play pushing new features/ways to give them money, but that was only within the app itself when I opened it. Notifications of that sort were all easily blocked. The only notifications I got and get are ones I want (99% of it are messages from messaging apps, calendar reminders, and alarms).
My Motorola phone gives me a notification asking me to rate the audio quality after every single call. I can't turn off those notifications without rooting the phone. All I can do is uninstall updates to the phone app and disable automatic updates for that app, so at least they won't add more notification spam and can't keep rearranging the UI of the most important app on the phone.
Eh, I get AI enablement pop-ups all the time on android
Hah, thanks for the heads-up.
> Yes
> I am sinful and will go to hell
One of the more annoying software that does this is the copilot Office 365 on the web. Every time (!) I open it, it shows a popup on how to add files to the context. That itself would be annoying, but it also steals focus! So you would be typing something and suddenly you’re not typing anymore for M$ decided it’s time for a popup. I finally learned to just wait for the pop up and then dismiss it with esc. Ugh!
If you login to the exchange online admin center you first have to complete a short "on-rails-shooter" video game. They constantly shuffle shit around and want to give you a tour via popups about it.
I have the admin accounts for multiple companies, so I have to play the game repeatedly.
MS has never learned to not interrupt the user. This has been a dark pattern for them since their very first window manager.
It might not have a great impact, but I've started to fight back. Interrupt me in the middle of an important task? You get a 1-star rating. Ask me for some random information you shouldn't need? Get bogus answers. And so on.
> Ask me for some random information you shouldn't need? Get bogus answers.
I've never understood software that's free but you have to fill out a form of personal information to download it. Even if I was willing to share, what possible use is my full mailing address to some random software company? It's data collection for the sake of data collection.
There's an oxygen waster whose salary is conditional on bringing this data in. Whether that covers his paycheck, let alone brings profit is irrelevant to him. He is also the one responsible for reporting the profit numbers on that, so obviously the numbers will be cooked to indicate his work greatly benefits the business.
Oh, that's valuable, they definitely can sell that on. Especially if they have a big list.
But what percentage of the physical bricks-and-mortar addresses are actually disused telephone exchanges or retired public toilets?
(whistles innocently)
It's used to generate cold call lists
> The drill doesn’t ask how you’re enjoying your experience drilling. It doesn’t upsell you on premium hole-making
Damn you wonder how we as a Software Industry lost the plot - hell - I have a product in e-commerce analytics one of the features I never put in was 'Retention / Cohorts' etc - coz in the real world retailers don't speak in those terms
This was the reason I switched from Windows to using Linux full time back around 2006. Windows used to be somewhat peaceful bu around then it increasingly started interrupting me instead of me generating interrupts for it. I gather Windows hasn't gotten better since then.
At least with Android it is mostly the apps that generate interruptions, so I can choose apps that do not, and control notification permissions for those I need.
> it increasingly started interrupting me instead of me generating interrupts for it.
Yep, this is it right there. When human interface guidelines were being drawn up in the 70s and 80s, they didn't need to include anything like "computers must not speak unless spoken to" because it was so damn obvious.
My software-dev persona brain "Oh, see, but these days, we now need to make sure users remember to patch to the latest security update", and I respond: REALLY? You shipped me broken software and are now interrupting me in the middle of work to make it my problem? When did this become acceptable?
Windows is unusable. I kept a long time because of "family member will wanna use Excel" but that is not a thing anymore. Alternatives are good. Very little Windows specific software I need anymore. Really just Backblaze better pricing is all I care for.
Even actual from-Microsoft Excel now runs in the browser, not even any need to find an alternative.
And Wine has gotten really good, too.
Recently I was playing a not-very-good video game that was pumped full of stop-what-you're-doing-and-read-this tutorial pop-ups. What percentage of the audience really needs the entire game to stop so we can read "use the left stick to move, press x to continue"? Even if this is literally first game you have ever played, I can't see how a flurry of messages that are not even actionable until dismissed will do anything but cause anxiety.
Thinking about other forms of media, the film industry just expects that its consumers will have some basic visual media literacy. Like, let's say you're watching your first ever movie, and there's a fade-out to represent a time jump. The movie does not stop with a dismissable pop-up explaining what it represents - the vast, vast majority of the audience already intuitively understands it, and the rest can probably figure it out from context. The only requirement to pull this off is an extremely minimal amount of respect for your audience / users!
i tend to uninstall/not use things that say "not right now" or "maybe later" instead of no. such a terrible and telling trend
Even with all the telemetry, there are unsolved basic problems, like icons on the desktop, when switching from just notebook and to docking station. Power user move the mouse 10 times over the whole screen until the menu is animated and shown.
A nice use of AI would be to learn what kind of interruptions I hate and suppress those as much as possible. The trick would be installing it to the level of authority to ignore stuff from the companies making the phones and OS too without having complicated jailbreak/hacking procedures.
The reality is that we just have shit consumer protections for our time and attention, because it's revenue for the companies, which lawmakers don't want to infringe upon. They can't even go after the relatively small markets of phone call/mail spam.
iOS has it to some extent, you can enable "Intelligent breakthrough and silencing" in Focus settings, and it should (supposedly) learn which notifications are important for you and which can be skipped.
In practice it doesn't do it very well.
Phone spam would be so so easy. If you get a contact you don't like, SMS some magic short code and legally receive $1 from the sender. If the sender is foreign and cannot be held accountable, the entry point domestic carrier is liable for the $1.
All it takes is a mild amount of accountability for the shitheads delivering these. It would be gone overnight.
In Europe, every phone number is linked to someone's passport. This really cuts down on spam. It's hard to round up enough homeless guys to use their ID to buy SIM cards to make it worthwhile to spam from.
If you received spam and you can prove in court, you can sue them, they look up whose number it is and they have to pay a fine.
It's really not complicated. All it takes is for the regulatory body to be merely grifting off of taxpayers instead of completely owned by billionaires.
Enshittification didn't start recently. It was always there. You just didn't notice it because of your age. Your youth and childhood days always have good memories, doesn't matter how shitty those days were.
Selling is just as old as money. Every business that tried sell you soaps and cosmetics had to scare you about bacteria, making you forget that bacteria was always there with you for millennia. What you call enshittfication is the change accumulation that you witnessed over decades. Ask children who hasn't seen all that change. They see everything is just fine.
Yes, nasty salesmen are as old as time and possibly predate humans, but that is not what enshittification means.
From Wikipedia[0]:
> Enshittification, also known as crapification and platform decay, is a process in which two-sided online products and services decline in quality over time. Initially, vendors create high-quality offerings to attract users, then they degrade those offerings to better serve business customers, and finally degrade their services to users and business customers to maximize short-term profits for shareholders.
Basically a middleman fucking over both sides of the deal, typically in the context of online services. The term was popularised in 2022 [1].
Remove "online services" (anchoring the term firmly in the present) and I still can't think of wide ranging examples in the past. I will admit that this might be because I haven't been around for very long.
0 - https://en.wikipedia.org/wiki/Enshittification
1 - https://pluralistic.net/2022/11/28/enshittification/
Large companies buying up smaller brands with high quality products is one that has become popular in the 21st century. People have a strong attraction to brand names and while the user will eventually leave the large corporation more than makes their money back on the purchase. With this increase in capital they move to the next high quality company and consume it. Companies like Coca-cola do this with countless products.
No company in the days of yore could pop up stuff on a screen that was always in my pocket.
This is a trite thought terminating cliche that provides no value to any discussion.
Thank you for calling it out.
congrats on actually mentioning capitalism in this article
Another good article and discussion on this topic
https://news.ycombinator.com/item?id=45920307
This is a nice explication of the sequence of events, but I think it's too lenient on the bad actors who've led us to where we are now. It says that "each step could be defended". Yes, but many of them can be defended only from a "fuck you, got mine" standpoint of trying to grab as much as possible while not caring about screwing anyone.
> Software could finally be updated after it shipped. Bugs could be fixed. Security holes could be closed.
They could be. Is that what this technology was used for?
> Crash reports made it easier to fix real problems, update checks were convenient, and license activation reduced some kinds of piracy.
I am skeptical that automatic sending of crash reports is worth the harm to users. A program can create crash reports and save them locally. Then if there is a crash or bug, a support team can instruct the user in how to find and send just the relevant reports. There is no reason to automatically send anything.
> “Can we understand how people actually use this?”
> Again, that’s not an evil thought. In fact, it’s useful!
Evil and useful are not mutually exclusive. Whether it's evil depends on what it's useful for.
> Before analytics, if you wanted to understand user behavior, you had to ask people, watch them, or infer patterns from support tickets. That requires time, empathy, and effort.
If you are making a choice out of a desire to avoid spending time, effort and (especially) empathy, you might be doing something evil (even if it's useful to you).
> When experimentation becomes the primary decision-making tool, a strong product vision becomes optional.
> Not because anyone argues against vision, but because you don’t strictly need it anymore, and because backing a chart is safer than backing an opinion.
This sidesteps the issue of either the vision or the chart is being backed. If you're backing it just to make your company more money, it's probably evil, whether it's a chart or a vision.
> Some categories are basically made of alerts: messaging, security, banking, calendars, delivery tracking, anything where timing actually matters.
Banking is not made of alerts. Delivery tracking is not made of alerts. Alerts may have valid uses in those contexts, but they're not the main event.
Delivery tracking I think is a good example of how notifications can be misused. People got deliveries all the time before push notifications. Most of the time you simply don't need to know what most of the notifications are telling you. What good does it do you to know that the package left Las Vegas and is now en route to San Bernardino? What good does it do you to know that the package was delivered at 3:47 if you won't be off work until 5pm anyway? When you get home, it'll either be there or it won't.
> The problem is that once a company builds the machinery to do it, that machinery becomes cheap to reuse, and the incentives gradually pull it away from “help the user succeed” toward “move the metric.”
That is evil if that metric is "help the company regardless of whether it helps the user". That is the issue here. The article consistently dances around the central issue, which is the underlying motives driving these actions. Printing words on a sheet of paper and posting it in the town square was an evil use of technology when done by a 19th-century charlatan to enrich himself by enticing saps into buying useless snake oil. Ruthlessly using any technology to pursue every possible gain regardless of the effect on others is unethical.
> Here are a few practical ways out.
Who are these directed at? Programmers? The article already says programmers hate doing this stuff. Bosses? Venture capitalists? We've already seen that they don't care. None of this is going to change unless these recommendations are aimed at the creation of normative guidelines to be enforced by law.
I really do appreciate the article and have saved it because it does a great job of laying out how the choices were made. But I am so tired of people making excuses for evil behavior on the basis that "it's just technology" or "well they were just trying to improve their product". Every company that did these evil things could have just settled for 2% growth instead of 2.5% and our world would be the better for it; and our world will be the better in another 30 years if we now enact punitive measures against those who continue to do these things.
We can all play victims here of course but we also have our own responsibility when creating software. I've been on many projects where people got sucked into "this just is the way this ought to be done" kind of thinking without questioning any of it.
I suspect many cookie consent dialogs come into existence this way. All the mindless onboarding nonsense, notifications, etc. come from a rather dogmatic application of growth hacking type advice. You get startups hiring people that specialize in that out of a belief that they have to do that that then start doing stuff. And once you have those people they start justifying their presence by imposing a lot of that stuff.
If you ask a lawyer for advice on legalese, they'll give you plenty of terms and conditions, consent forms, etc. Mandatory scroll to the end thingies are a good example of an anti pattern here. The thing is that laws don't specify much in terms of UI/UX. Some lawyer once upon a time decided that "we have to twist user's nipples and make sure they read my 20 pages of legalese before they are allowed in the app". This is completely stupid if you think about it for more than 4 seconds. But it's being copied over and over again by world + dog. Convoluted cookie consent screens are another good example. Corporate lawyers invented those because they are being paid to justify their existence. They come up with implausible scenarios and then protect their clients from those. A lawyer will never tell you to skip an optional/redundant step but they'll come up with reasons to add more of those. Removing complexity is not their job.
If nobody applies any critical thinking and fact checks these things you end up with a lot of ass coverage, legalese, "better safe than sorry" type features and shit that is not needed that adds up to a lot of user hostile behavior, onboarding friction, and application complexity.
Authentication is a thing that many product owners just blindly imitate from others. Including all the negative patterns around it. I've had this discussion with more than a few product owners. "We have to 'own' the user relation ship and therefore we must have a email/password thing and can't do openid, sso, email links, etc.". This is nonsense but if nobody challenges that, you go down the path of repeating decades of mistakes on this front. But it's OK because everybody else does it too.
People don't even question this any more. As soon as you go down this path it leads to a lot of fairly standard and boring stuff that you just have to do, apparently. Over and over again. If you have a password, you got to have a reset my password. Is "secret" an acceptable password? No, so we got to have a password complexity thingy. Do we add 2FA? Notification preference screens, Push notifications, and all the rest.
Modern logins should be simple. "send me a login link" "login with X, Y, or Z", passkeys, etc. Make sure the process is password manager friendly if you have passwords (why?!). Bias towards enabling your users to getting started with your thing ASAP. Get them in and then consent; not the other way around.
Get a good product person that understands these things rather than one that does things because he heard about a person that knows a person that is totally legit that told them that you gotta do X because reasons that are too complicated for you to worry your petty head about. Most bad decision making boils down to BS, urban myths, and bad advice like that. Ask the "why" questions. Make sure you understand and fact check the answers. Do what you actually have to do. But nothing more.
As someone who does use a password manager, there's nothing more annoying than a service that doesn't accept email/password logins. I don't want to cede my auth to a 3rd party, clutter up my inbox with magic links, or have to keep careful track of passkeys that are tied to a device and can be easily lost!
Sure there is! Websites that disable pasting into password fields “for your security” are even more annoying.
(Pro tip: lapcat referred to his Stop The Madness software here. It fixes this and other dumb website anti-features. Don’t leave your home page without it.)
I love you.
>And yet, this is how a lot of modern software behaves.
Not in my experience. Typically all of the "news" happens either during startup, or as part of some other flow. It doesn't happen in the middle of using software. Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
>The analytics didn’t prove the feature was unwanted. The analytics proved that we buried it.
If I actually wanted a feature I would go through 10 menus to flip the switch. If the analytics says no one is uses it that is proof that no one wants it. It is possible that the user is unaware of it though.
>the product stops being a finished artifact
When you are doing constant software updates it is not a finished artifact anyways.
> Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
I rarely use the G Suite, but when I do I get bombarded with a queue of popups and alerts about this feature, this Gemini integration and whatever else gets someone promoted.
> If I actually wanted a feature I would go through 10 menus to flip the switch.
That is if you know of this feature or are predisposed to rummage around software to look for a solution. Neither is common amongst common people.
> When you are doing constant software updates it is not a finished artefact anyways.
That I mostly agree with. Then you have teams who are assigned a sliver of the software and continually fuck with it to justify their existence.