- Ever more users enjoy their browsing experience with Firefox (check out Firefox 3, it’s great). Moreover, being aware of information security issues many Firefox users protect themselves better against script-side attacks, they take advtange of the Java noScript add-on for Firefox.Unfortunately, ever more often blogs require one to give temporary permission for certain scripts to run on one’s PC in order to enjoy the site.
For the visitor it is inconvenient and risky. So why does your blog or web site require scripts to run on my machine. Are you asking me to lower my security guard?
Quite a while back we pointed out that we must watch for cultural (e.g., religion, language), commercial (e.g., no credit cards used here) and technical factors that could result in different usability or interface requirements across countries.
b – browser usage varies enormously – ignore Firefox at your peril
a – Alexa.com continues to fail businesses with inaccurate usage numbers
Here we focus on more technical matters. Usability and interface perceptions can differ greatly across countries due to, for instance, security awareness and prevention.
Technical features
Focusing on technical differences or peculiarities is important because these are the most likely ones to trip up your site.
If need be, get a nicer looking screenshot showing how many scripts you have to temporarily allow to make full use of Ian Fernando’s great website.
Too many scripts are a pain for your visitors. Users want your web page or blog to load quickly without having to watch out for scripts (see above screenshot). In the above screenshot, the right-side rectangle shows that the site requires your okay to run numerous scripts on your machine. Only then are you getting access to the various features the site offers.
The page loads faster without scripts. Full enjoyment of the above web page requires the activation of too many scripts (at least temporarily). Scripts make a web site more cumbersome for the surfer. Moreover, even a regular visitor may find it a hassle to have to activate scripts each time when coming to the site.
Scripts make it less secure for your visitors. Not requiring scripts to read your text or view your site makes it more secure for the visitor or surfer. So avoid requiring the user having to activate some scripts when he or she just wants to read content.
However, for security purposes one cannot give all these sites, such as feedburner.com, unlimited rights to use script beyond one’s current visit to this web site. That would be dangerous. Therefore, the user clicks on the ‘allow scripts temporarily’ option. In turn, this requires that one has to go through this tedious exercise each time one visits the above site and others of its kind.
KISS – Keep it simple, stupid
The screenshot below shows, no scripts must be run to view and search the site’s content. In fact, not even posting a comment to a story requires you to allow ComMetrics to be able to run script on your machine, simply not needed.
If you need a nicer looking image of the above see here – no script activated to view and enjoy siteThe screenshot above illustrates that ComMetrics offers a nice surfing experience without making use of scripts. The user does not have to activate scripts at all.
My take on this issue
We expect users to protect their privacy. Minimize the risk for a possible infection by malicious code. Not requiring visitors to give permission for JavaScript to run on their PC in order to get access to all the features is the easiest and fastest way. Web sites that require visitors to lower their security guard by having to activate scripts seem inconsiderate.
A web site should neither require one to activate scripts to enjoy the site, nor having to install a program update to view a document or a video.
Let us remember, many organizations still use Windows 2000. In addition, let us not forget, millions of PCs run on Windows 98. Can we afford to ignore these surfers?
Tips
Ever more often websites use audio or video. However, please consider the following:
1. pick the right music to reach your intended audience and convey your intended message carefully (PS. this is not always the same as the preferred choice of marketing directors or their children!),
2. make it very easy to opt in or out of audio, lest your choice of audio branding is not music to every customer’s ears AND
3. make it unnecessary to have to install a special plug-in to be able to listen to an audio file or view your site
Bottom line
Does my web site or blog follow the KISS principle – Keep It Simple, Stupid
============>
– why Firefox helps your security efforts, while Microsoft Internet Explorer 7 fails you terribly