A complex part of programming doesn’t even involve writing code. I am referring to the interaction between computer programs and people. User interaction is a complex subject that has been the subject of many books.
I can relate to what Raymond has to say. My experience from working in a software support position confirms that people will do whatever it takes to get their job done. Here are a couple examples.
We write software for distributors. One of our customers is ISO 9002 certified. With their previous software, which was a text-based system running on the UNIX platform, the software filled in defaults for certain fields, but forced the user to tab through those fields to confirm that they were reviewed. The “required date” field on the order entry screen is an example of one of these fields. The order entry screen actually has about 5 different fields which require this functionality for the customer.
This customer required the same functionality in our software in order to remain certified. We discussed options with their management and they chose to go with a similar functionality. We detect if focus has gone into the field and don’t allow saving of the record until the focus has been placed into all of these fields that require review.
Management likes it. The inside sales people hate it. One of our trainers observed the inside sales people working with this new feature. After the defaults were filled in, the user would hold down the tab key to start repeat mode. The cursor would cycle through all the fields, setting focus on the “review” fields. Then they would save the record, without having really reviewed the data in those fields.
Another “feature” requested by management is “popup” messages for customers and items in order entry. The message might say “This customer won’t pay for overnight delivery. Check with the sales manager before sending anything by overnight delivery.”
What happens when the inside sales rep takes an order from this customer? They enter the customer on the order, dismiss the “popup” message without reading it, then take the order. The person on the other end, who has nothing to do with paying for the product that he buys, tells the inside sales person that he has to have it overnight. The order is entered that way, the product is shipped by FedEx, and then the customer’s accounts payable manager won’t pay the freight charges on the bill.
Who is at fault in this scenario? The blame could be placed in lots of places, and probably everybody shares in it a little bit. However, it often comes back to the people who provide the software. If this scenario occurs frequently enough, the user comes back to the software developers and insists that something is wrong because we allow this scenario. Solutions are offered, but the user may not be willing to pay for these solutions.
I know from reading Microsoft-based blogs that there is consideration to have “forced” updates in the upcoming operating systems. You won’t have a choice about whether to install a security fix. It will just be done.
For the average user, I think this is a good idea. However, many corporate and power users are not going to like it. Either they will have a problem with the “principle” of Microsoft automatically updating their software, or they will have logistical problems. Trying to provide a solution that balances everyone’s needs will probably be impossible, and we’ll continue to have people using insecure software when secure updates are available.