social-network-anti-patterns

(Difference between revisions)

Jump to: navigation, search
(noted general apology for social network invite spamming)
(added posts section heading with more posts, and new excuses + responses section)
Line 72: Line 72:
Don't ask users for their login and password to another site like gMail etc.
Don't ask users for their login and password to another site like gMail etc.
-
Solution: support [[social-network-portability]].
+
Solution:  
 +
* drop import support for the sites that don't offer hCard+XFN friends lists and/or [[OAuth]].
 +
** Note that last.fm dropped support for their password anti-pattern support in the recent (2008 June) redesign!
 +
* support [[social-network-portability]].
 +
* and if you must, support site-specific proprietary APIs which depend on OAuth, e.g. Google Address Book API, Yahoo Address Book API.
 +
=== Posts ===
Read more about why this is an anti-pattern:
Read more about why this is an anti-pattern:
* 2007-08-14 [http://www.brianoberkirch.com/2007/08/14/two-social-system-design-trends-that-should-really-really-stop-like-now/ Brian Oberkirch: Two social system design trends that should really, really stop. like now.]
* 2007-08-14 [http://www.brianoberkirch.com/2007/08/14/two-social-system-design-trends-that-should-really-really-stop-like-now/ Brian Oberkirch: Two social system design trends that should really, really stop. like now.]
* 2007-10-11 [http://adactio.com/journal/1357 Jeremy Keith: The password anti-pattern]
* 2007-10-11 [http://adactio.com/journal/1357 Jeremy Keith: The password anti-pattern]
* 2008-01-04 [http://www.brianoberkirch.com/2008/01/04/this-antipattern-is-kryptonite-to-the-open-social-web/ Brian Oberkirch: this antipattern is kryptonite to the open social web]
* 2008-01-04 [http://www.brianoberkirch.com/2008/01/04/this-antipattern-is-kryptonite-to-the-open-social-web/ Brian Oberkirch: this antipattern is kryptonite to the open social web]
 +
* 2008-03-15 [http://adactio.com/journal/1421/ Jeremy Keith: Anti-pattern begone] (mentions Google announcement of their Contacts Data API)
 +
* 2008-06-04 [http://adactio.com/journal/1475/ Jeremy Keith: Making contact] (mentions the Yahoo announcement of the release of their Address Book API).
 +
* 2008-07-15 [http://getsatisfaction.com/pownce/topics/why_does_pownce_keep_killing_kittens_with_the_password_anti_pattern Jeremy Keith: Why does Pownce keep killing kittens with the password anti-pattern?]
 +
* 2008-09-23 [http://pownce.com/adactio/notes/3571554/ Jeremy Keith pownces Either the password anti-pattern goes or I do.]
 +
* 2008-09-25 [http://adactio.com/journal/1513/ Jeremy Keith: Anti-pattern recognition]
 +
 +
=== Excuses and responses===
 +
* Some major players are not helping the cause.
 +
** Just because someone/something else big is misbehaving, that is no excuse for you to do so.
 +
* We are following pretty common practice.
 +
** Just because many other folks are misbehaving, that is no excuse for you to.
 +
* We aren't in a terribly strong position to drop support.
 +
** Of course you are! Precisely because you *are* small. You have less to lose.
 +
** If you pick a public fight with a misbehaving big player over this, guess who wins? If the press covers it as little guy vs the big guy etc. narrative.
 +
* Our growth is flat!
 +
** Exactly - this won't affect it.  But maybe a little positive publicity will help.
 +
* We could implement the OAuth-based proprietary address book APIs, but we'd have to invest the development time to do Facebook, Yahoo, and Google.
 +
** Disable the the password anti-pattern code in the meantime.
 +
* The pragmatic downside is that our growth is stagnant, we need to do features that'll benefit us, and this isn't at the top of the list of features that can do that for us.
 +
** This is the opportunity cost argument.  It is the same problem with fixing polluting factories vs. building new factories.
 +
* Why are people threatening to leave us or worse?
 +
** Without community pressure/embarrassment, companies don't change.
 +
* I think we've earned a little benefit of the doubt that we're not 'the industry'.
 +
** Having a "polluting" interface that is on every day means no benefit of the doubt.
 +
 +
==== Pollution analogy ====
 +
The password anti-pattern = teaching people to pollute themselves.
 +
*  Just because everyone else pollutes, doesn't mean it makes it right for you to do so.
 +
* Polluting factories need to be fixed just as much as new factories need to be built.
 +
* Without environmentalist pressure/embarrassment, polluting companies don't change.
 +
* Why not focus your efforts on the huuuuuuge polluters like instead of my small company?
 +
** Because easier to apply enough pressure to get smaller guys to change first. Same tactics worked for environmentalists.  Then they would use smaller victories to earn bigger victories, until they had racked up enough victories to make the big guys look *really* bad.
Here are some sites that are currently doing this:
Here are some sites that are currently doing this:

Revision as of 11:56, 6 October 2008

Contents

Social Network Anti-patterns

While social-network-portability documents what to do to put your site on the open social web and be a good user-centric service in general, it's been noted that not everyone follows such advice and instead opts for a bunch of alternative either one-off (wasteful) or downright user-unfriendly tactics. This page documents such anti-patterns of social network design and implementation and provides (unfortunately) real world examples of such badly designed sites.

Spam your contacts

Many social networking sites ask you to upload your address book, or "Find Your Friends", when what the feature really does is Spam your contacts.

These sites seem to use your uploading of an address book as tacit/implied permission to spam all your friends with invites, which will annoy your friends, and make you look foolish.

Making users annoy, look dumb to their friends, and feel compelled to apologize is not good design.

This spamming behavior is now so bad, that users are creating new email accounts to knowingly avoid the problem:

Solution: support social-network-portability instead, not address book spamming.

Read more about why this is an anti-pattern:

Here are some sites that are currently doing this:

Bebo invites

Bebo appears to have a user interface that makes it too easy for users to unintentionally spam everyone in their address book.

Evidence that users have unintentionally sending invite spam to their contacts:

As noted by user Valerie Noble on 2008-03-13:

"What the hell, I stupidly sent bebo invites to eveyone in my address book. Boo!"

and user C.K. Sample III on 2008-03-18:

"signed up for bebo. sorry to everyone in my address book who got spammed by the sign up. I thought it would work more like twitter"

Evidence that users are receiving Bebo invite spam:

Brian Alvey notes on 2008-03-19:

"Considering deleting the duplicate Bebo invitations I'm getting. Everyone has 3+ addresses for me. Another address book spam engine. Hurray!"

Still a problem as of May 2008:

Cameron Payne was unpleasantly surprised on 2008-05-15:

"goddamn Bebo just invited *everyone* in my Yahoo address book. I don't think I told it to do that. WTF!? Beware!"

Goodreads are your friends already on

Goodreads also has a user interface that misleads even very web-savvy users into unintentionally spamming everyone in their address book.

2619408018_25c0147054.jpg

Micki Krimmell wrote both a blog post and a post on GetSatisfaction describing her experience with being tricked into spamming all her friends.

A representative from Goodreads has followed up on both Micki's blog post and Getsatisfaction post, however, as far as is known, Goodreads' user interface has not been changed/improved accordingly to be less misleading.

Quechup find your friends on

1302362704_63d97a8930.jpg

Quechup has a feature to "find your friends" which, even if it says "no contact present" will spam all your contacts in your address book and thus annoy all your friends and embarrass you. Clearly it is not just finding your friends from your address book, it is inviting everyone in your address book.

Spock scan my address book

Enter your other site login and password

Also known as:

Giving any site your login credentials/permissions for another site or service is a very bad idea. You cannot trust that the site will treat your login credentials with proper care (e.g. Quechup uses this antipattern to implement the spam everyone your the address book antipattern above).

It is also very bad user interface design. These sites that ask for your login (whether gmail or other services) are teaching users a very bad habit, a habit that is akin to what phishing sites depend on.

Don't ask users for their login and password to another site like gMail etc.

Solution:

Posts

Read more about why this is an anti-pattern:

Excuses and responses

Pollution analogy

The password anti-pattern = teaching people to pollute themselves.

Here are some sites that are currently doing this:

Facebook see if more friends have joined

2110461562_e624ab4175.jpg

Facebook - Their "see if more friends have joined Facebook" feature provides you with a popup menu to enter passwords for numerous sites.

Nsyght import your profile and friends

2254537667_d831c1fb3a.jpg

Nsyght - Register for an account to import from Digg, Pownce, Last.fm, and Twitter (site is in public alpha)

Quechup which friends already use

quechupsignup.PNG

ShareThis import your contact lists

1344414673_8e306e265d_o.png 1345315346_8eb2cf4d7c_o.png

ShareThis asks for your username and password to email services and social network sites.

Twitpic login to twitter

2368324013_0a15d337c0.jpg

Twitpic asks you to enter your Twitter username and password. They are not the same site, nor are they run by the same people or company.

Twitter are your friends on

2110909518_fde956c2ee.jpg

Twitter is a service that many users (including many of us active with microformats) love and adore and use constantly. Plus they implement microformats (e.g. hcard supporting user profiles and hcard xfn supporting friends lists)!

However, we still need to call them out for supporting the third-party password anti-pattern.

As co-authors of Oauth, please Twitter, implement and evangelize that path (perhaps even on that "are your friends on" page), rather than this anti-pattern.

TwitterNotes

2138354357_0c566fd62e.jpg

TwitterNotes asks you to "login with your Twitter account" username and password. They are not the same site, nor are they run by the same people or company.

Join to fix your profile

Some social network sites create public profiles for you without you having any contact with them. If there are any mistakes, they make you join in order to fix them. This sounds like blackmail: Join our service or else we'll continue to publish inaccurate information about you and therefore spam websearch results about you with misinformation.

Spock join to fix

One Unified Social Network

Several companies are trying to build the "one unified social network" (to rule them all) where they own/control the social network, and you're "allowed to" build applications on top of their proprietary platform. The most recent example of this is perhaps Facebook.

This is a bad idea for the same reason you don't see "one universal blogging service".

Other examples of folks walking down this path:

The hope is that these services will see the potential upside of providing open user profiles and social networks through social network portability and thus enable syndication of such data, as popular blogging services do.

related

social-network-anti-patterns was last modified: Wednesday, December 31st, 1969

Views