Ghost in the Pixel

Some profoundly wise thoughts from design scholar Dick Buchanan, as quoted from his essay “Branzi’s Dilemma”, now almost 15 years old but still firmly relevant:

The ultimate purpose or function of design in society is to conceive products which express and reconcile human values concerning what is good, useful, just, and pleasurable. However, these terms no longer possess fixed and generally accepted meanings. Their meanings are the subject of our deliberations. They are essentially contested in society at large as well as in the complex processes of design and product development, although we seldom recognize the significance of the shift and are not well prepared to deal with it
productively.

And continuing further…

Despite the continuing role of mass-production in many societies, the task is to design for the individual placed in his or her immediate context. Our products should support the individual in the effort to become an active participant in culture, searching for locally significant coherence and connection. Products should be personal pathways in the otherwise confusing ecology of culture.

And finally…

There is no reason to be unhappy with the pluralism of design explorations in the contemporary world, so long as these explorations are not entrapped in ideology and each of us may pursue our own paths in design within the reasonable bounds of responsibility, based on informed discussions of what is good, just, useful, and pleasurable. We may be distressed by some of the work that we see in graphic and industrial design today and delighted by a wide range of other work. Design is very young and has far to go in the exploration of its role in culture. For many of us, this means better understanding of the disciplines of design thinking, not merely changes in style and surface treatment.

As I conclude almost three years of posting on Ghost in the Pixel, here’s wishing all my readers a happy, safe, warm holiday season and best wishes for the new year!

Fresh off my unfortunate experience of having my GMail and Facebook accounts hacked–resulting in an overwhelming task of simultaneously allaying fears, changing passwords, and canceling credit cards–I’ve lately been wondering how to design for panic. In the sense of, how does one design a software interface (especially web-based UI accessed by literally millions per day, say like…Facebook or GMail :-) towards supporting that once-in-a-lifetime, super rare but incredibly urgent use case of “oh crap! i’ve been hacked! now what??”. I grant it’s not a common use case, but it’s perhaps the most urgent one when it does happen.

When you’re panicked, your body and mind start to shut down, fueled by surging adrenaline and so forth, focusing like a laser beam on your immediate survival and defense goals. No patience for dancing clowns across my screen or banner Flash movie ads, or survey pop-ups. Nor any patience to “figure out a UI”–I just want that damn “emergency button”–whatever that may be, RIGHT NOW!! In that powerful, all-consuming time of panic, I want a gigantic red loud Staples Easy button, screw aesthetics and elegance and all that. Because when you’ve been hacked, speed and timing are of the essence to get things back under your control. To relieve anxiety and stress. To regain that comforting normalcy of just everyday clicking links and scanning pages. To know that everything is OK.

How can a design (and the designer) address such a hopefully rare yet urgent case? In my situation, I had to go through every site’s navigational structure (menus, tabs, links) to ascertain where I could quickly a) change my password and b) report a hack/phish attack on my account. Or if there’s a search field, I just used that to short-circuit the confusing navigational paths, and hopefully get “the right link” that i desperately needed!

A few quick, easy fixes come to mind for making all this smoother:

** On the login screen below the usual credentials fields, have explicit links for “change password” and “been hacked?” (in addition to “forgot my password”…b/c when you’ve realized you’ve been hacked the first thing you feel you ought to do–out of fear– is try to change your password and get access back in.)

** Standardized universal location in upper left/right a link for “change password” and “been hacked? click here”

** Duplicate those links in the page footer as well

** Robust search field where typing in “change password” or “i’ve been hacked” calls up the correct links. That really should be use case number one, IMHO.

Of course, there should be multiple levels of security for changing your password, or reporting suspected hack/phish attack on your account. The form for filling out a phish/hack attack should be extremely short and sweet, with all required fields at the very top, boldly labeled, in large field type size (again, physiological affects of panic, pupils shrink, small type harder to parse, with your heart racing 100 mph, simply got “no time to think”, you just want to get it done ASAP!) and any optional fields below the fold, or in a separate collapsible section.

I found the Google hack/phish report form way too long, with required fields all over the page which I had to scroll down, etc. asking things like “last 5 email addresses used” and “when I started using GMail”–huh? who remembers that when you’re freaking out??

Also of great help would be some friendly, empathetic “counseling tips”, about what to do if you think you’ve been hacked/phished and how to protect yourself RIGHT NOW. It’s a traumatic crisis situation. So what are the top actions you should do RIGHT NOW? Call the FBI? Call your credit card companies? Call home and let mom/dad know you’re not really mugged and stranded in London? All three? Whew!

Another idea: How about helping the hapless victim by sharing the burden of notifying key people via SMS or email from a temporary “emergency account” or sending out a voice recorded message (your voice) to your friends’ phones? Of course all of this will require multiple security levels to prove it’s you and not someone monkeying around creating more chaos. I’m just brainstorming on the fly, but there must be ways to handle these situations, simply, efficiently, and creatively.

Being hacked/phished may sound like a minor annoyance that only happens to Internet newbies with hillbilly accents, but if and when it happens to you (and it will), it’s an incredibly serious violation of trust, confidence, security, etc. (And more on that soon…) It can be an emotionally traumatic moment of dire panic as you realize potentially EVERYTHING is now in the hands of someone who could be highly sophisticated and malicious or just a bored teenager. But at that moment, you don’t care. You just want to fix things NOW. So as designers we should leverage our empathic and imaginative abilities to help shape a smooth handling of those moments of online panic whenever they occur.