Internet Web Development

Notifications For Better Engagement

One thing I’ve learned repeatedly over the years is that good notification systems create great engagement and encourage habitual users.

The biggest problem with any product/service is getting people to come back. “Drive by” users aren’t terribly difficult. Google will bring you those with a little work. However your business comes from users coming back repeatedly. Those are you’re true “users”. They are the ones who will bring others.

Today, I think Facebook and Twitter are the perfect example of companies who understand and utilize this strategy in a way that amazes me. Lets look at this:


They are the biggest, so I’ll go through it first. The first method of notification is the obvious alerts when logged into the site. You can keep it open and use it as a client, it works great. Facebook also has one of the best email notification systems on the net. You can reply to a comment or message by simply replying to the email. No “app” to install. Even an old Blackberry can participate. Even people where Facebook is restricted but email works can participate (stereotypical corporate office). Email is the worlds greatest API. They take full advantage of it.

On top of that Facebook apps have push notification for smart phone users. Facebook also supports SMS notifications. They additionally support XMPP (Jabber) so you can use a desktop client with their messaging service.

One thing I never understood is why they don’t officially support and continue their desktop notification service. With a trivial amount of work it would be an even better retention method. However the API’s are clearly there for client support (several use it).

Facebook doesn’t exploit this system for marketing or PR. It’s just a useful way to interact with their system. It’s an interface. It’s an API.


Twitter is another company that gets notifications. The most obvious again is their website. Secondly their apps support push notifications. Twitter is also pretty good about email notifications however they don’t accept replies over email. They also support SMS (i.e. “Text follow raccettura to 40404”).

Twitter lastly has an open API and even supports desktop apps like Twitter for Mac and TweetDeck. They encourage their users to stay on constantly and keep up. It’s part of what keeps users addicted to the service.

Again, they don’t market. They just keep users interacting.

Google+, Quora, etc.

I won’t judge Google+ just yet, they are pretty new still. Quora does a pretty good job with notifications however the balance between annoying and useful hasn’t quite been met, at least in my opinion.

It’s easy to overlook this “detail”, but for many users, this is the interface, realize it or not.
I won’t

Hardware Software

Email Alarm System

I’ve been in the mood for some hardware hacking for a while. Recently at work I thought it would be nice to have a way to know if an important (emergency) email came in that required attention. These fire-drills are just part of the job. I have multiple computers and screens so an on-screen alert isn’t always effective. Audible alerts don’t work either because speakers are only connected to one computer at a time and often headphones are plugged in. I need something more independent.

My solution was to build a USB alarm system: Two rotating LED lights to get attention visually as well as a 76 db piezo buzzer which chirps when the system is activates to help get attention. The buzzer only chirps and only when the system first invokes so it’s not an annoyance. It’s enough to get attention, but not enough to bother others. It has multiple chirps so that I can potentially setup multiple alert types.

Now we can really be on the ball!
P1 Bug Report Alarm
Obligatory goofy office signage

Google Internet

Google Wave

Google Wave is a pretty impressive demo, and the fact that they are open sourcing most of it, documenting the protocol and enabling federation is a major win, but I’m hesitant to think it will replace email anytime soon, if ever.

John Gruber has a very interesting observation:

Communication systems that succeed are usually conceptually simple: the telegraph, the telephone, fax, email, IM, Twitter. So color me skeptical regarding Wave’s prospects.

A very valid point. Popular technical communication systems solve one communications problem. Attempts to solve more than one so far have failed. A good example is the video phone we were supposed to have in every home 20 years ago. Even today with cheap web cams, video and telephony is rare to combine and is seen as somewhat of a novelty.

Wave also has other limitations such as people who use Wave interacting with people who don’t. Most of the “wow” in Wave requires interacting with other Wave users. Pretty cool if everyone you communicate with is using Wave, but no so much if many/most of your contacts aren’t using Wave. How many people only communicate with others using the same mail provider? Google users never email Yahoo and Microsoft users?

Will Wave be adopted? For one thing it will change the business model of many email providers. Wave will be significantly more resource intensive than basic webmail and POP3 access (or IMAP for the rare few). One could argue spam has made Email somewhat resource intensive, but Email has more slack regarding expected latency since it’s not “real time”. Email is often given away with internet access, web hosting, or just as a freebie because providers know that email keeps users coming back and it’s extremely low cost to provide. It also retains users. For example lots of non-AOL users keep their AOL account just for the email.

Then there’s the issue of ownership. Group editing a wave sure sounds like fun, as it’s so wiki-like. All that collaboration is also a real boost for productivity, but it does have it’s downsides. Who owns that data? Obviously companies are going to be a bit concerned about this aspect. Email has the benefit of being rather concrete. Send, receive. Those are the only two functions supported. Replies are merely a copy of a previously received email with an appended response. Ad-hoc collaboration seems to create a new twist. The courts have also seen their share of email. Wave means new precedents and interpretation in the law. How many companies you think want to test that pool?

One thing the Google team said virtually nothing about was security.

Email was never designed to be secure. SMTP servers initially had no authentication anyone could send using any SMTP server. Auth was bolted on later on, and is still problematic (receive before send anyone?). Presumably since Wave is built on top of XMPP SSL will be we the encryption mechanism. But that’s only on the transport level between federated servers. What about end to end? Is an S/MIME like method supported? SSL to the user is a secure transport layer but doesn’t protect from interception by either server. Since it’s text you could use PGP and send a message, though you loose a lot of functionality and grace.

SPF is a hack for email origin verification. It works OK where it’s supported, but not everyone supports it from a provider or user perspective making it a pretty poor solution. Will Wave be utilizing EV-SSL? How about supporting verification from the actual user? S/MIME signature? Verifying identity is critical to being a successor to email. Both verifying the organization, and the user at the organization.

Lastly spam. How does Wave attempt to mitigate the spam problem? Sounds like one of the possibilities is a whitelist which doesn’t work in email, and is unlikely to work in a Wave. Unsolicited emails are good in many non-spammy situations. For example a friend emailing from a new address or another business discussing a partnership. Sure you can prompt each time to add to whitelist, but then the process itself becomes spam. Do you wish to add “” to your whitelist? You get the picture. I’m sure there will be traditional filtering as well, but that still doesn’t solve the problem.

I think Wave has a chance, but it’s not a very high chance of success. There are a lot of barriers. Email is still the ultimate API for it’s ease of use and implementation. Email didn’t survive for so long because there was nobody willing to build something better. Email survived because it became the standard and worked in virtually all situations. It was simple enough for users and implementers alike.

I think it’s much more likely that concepts from Wave will end up elsewhere, rather than Wave replace email. Because of that, I’d call it a disruptive innovation.


How To Build A Good Order/Shipment Notification Email

I buy a decent amount of stuff online, both physical goods and services from various vendors. It amazes me how few get the order confirmation and shipment notification emails right. Most companies do a downright awful job.

Order Confirmation

Order confirmations should be sent shortly after an order has been sent and the credit card has been accepted. It should contain the following information:

  • Order # – This should be in the subject as well as the body. Obvious.
  • Sanitized payment information – The last 4 digits of your credit card should be included, or other billing information.
  • Itemized order list – Each item, description, quantity, stock status (or est. date) should be listed in a table.
  • Shipping Address – Where is my stuff going?
  • Shipping Method – USPS? UPS? FedEx? Overnight? Ground?
  • Estimated ship date – If different things have a different shipping date, it should be per item, otherwise one date specified.
  • Contact Information – Email address, link to contact form, phone number to get in touch with store

Shipment Notification

A shipment notification should be sent for each day something ships. All shipments from all warehouses should appear in 1 email. For example if I order 3 things and it ships from 3 warehouses on 1 day, I expect 1 email. If I order 3 things and it ships over 2 days from any number of warehouses I expect 2 emails, one each day. If there is more than one package, I expect each to be listed in the email.

The email should contain the following:

  • Order # – Again, obvious
  • For each package it should tell me:
    • Delivery Address – Where is this package going?
    • Shipment Method – How the item is being mail (USPS, UPS, FedEx, overnight, ground etc.).
    • Estimated Arrival – When is this package expected to arrive?
    • Tracking Number – Tracking number to track package, there should be a direct link to shipper to track package NOT a page that requires you to login first. Most stores mess this up. I shouldn’t need to login. I just want the number. (Pro Tip: search Google with your tracking number for an quick direct link to the tracking status page).
    • Inventory – What is in this package? Should be an itemized list with quantity.
  • Contact Information – Email address, link to contact form, phone number to get in touch with store

It makes things so much easier the closer companies get to following this. Most companies get about 80% of the list, only a select few get this done correctly 100% of the time. The closest I’ve seen to date is ThinkGeek who has been pretty close to perfect every time I order.

Internet Spam

Poor Website Email Practices

I got a few emails in the past 24 hours that need to be addressed. I’ve seen both of these issues before, but never has it become so common that I see two almost back to back.

Character Encoding

VideoSurf sent me an invitation to check out their product. Unfortunately I’m a somewhat busy person and just haven’t gotten around to it. They noticed this and sent me a reminder, which I thought was kind of nice. Unfortunately like many companies these days, their mail software doesn’t set a character encoding, meaning their email looks like garbage. If I change the character encoding in my mail client to UTF-8 all looks great. What’s the lesson here?

Content-Type: text/plain; charset=utf-8

That’s all it takes to make sure I see every character in your email. It’s not hard.

Unnecessary Backscatter

Yahoo’s Flickr service sent me an email that my “upload has failed”. I know that’s not true since I don’t use Flickr to host my images. Viewing the email it’s obvious a spammer trying to abuse their service forged the From: header with my email address. This failed for the spammer, and the fail notification went to me. I host SPF records so that recipients mail servers can verify if an email originated from a system that’s authorized to send emails from my domain. Why doesn’t Yahoo check to see if this email they received forged headers? This would obviously be a good way to tell if someone is trying to spam their system, and would stop other innocent victims from getting backscatter.

Mozilla Software

Zimbra Desktop

Yahoo owned Zimbra released the latest Zimbra Desktop today. At a glance it seems pretty nice. Essentially Yahoo Mail running on Mozilla Prism. It does seem somewhat of a large download for what it is. But maybe they still have some fat to trim. What is now Firefox was pretty hefty when it first split from Mozilla App Suite. It takes time. The installer is also very slow. I see it has jetty, so looks like there’s a Java backend.

It supports any POP3 or IMAP account similar to Thunderbird, with options for Gmail and Yahoo Plus in the wizard (for those who don’t know what type of email account those are).

My general impression is pretty neat, but the UI needs work. It often has scroll bars to view the contents of a window (just like a webpage). This is normal in a browser, but just feels strange in what is designed to be like a client side application. Even setup has this problem.

So far I still think Thunderbird and Apple Mail provide a better desktop experience. But Zimbra’s the new kid on the block, so I wouldn’t underestimate it. It is Open Source. It will be interesting to see who contributes to it.

If anyone else tried it, I’m curious to know what you thought of it.

Google Security

Gmail’s Remote Signout And Logging

Google has recently upped their profile in regards to security and privacy. Last week Google made the subtle change of adding a privacy link to the homepage. This is common on most sites, but avoided by Google because they are very strict about cluttering their homepage. Privacy groups have wanted this for years, so this is a pretty large win.

Today Google announced it’s rolling out the ability to remotely sign out other computers from your Gmail account. You’ll also be able to view the IP address, interface (web, mobile, IMAP, POP3), and time that anyone has logged into your account. This is a groundbreaking change in regards to email security.

Now it’s possible for email users to review the logs and see if and when anyone else has accessed their personal email.

I suspect Yahoo, and Microsoft will be working to copy this feature, perhaps with their own enhancements (invalid password logging maybe?). I can also see Facebook and MySpace rolling out a similar feature in the near future. It’s an easy enough enhancement that provides a lot more comfort and security to the product.

Employers going through employees personal email has been hostile waters for a long time including a recent high profile case. This is certain to agitate that. I suspect there are a few companies who will be updating their policies in the next few weeks to try and protect themselves. There will even be a few who will sue Google claiming libel or that Google’s privacy policy should cover you when you log into someone else’s account provided you have one of your own. This is guaranteed to happen.

It’s a good move by Google. This feature greatly enhances the security of Gmail and puts it in a class well beyond what Yahoo or Hotmail currently provide. This is likely the biggest threat to email other than viruses which they all scan pretty well, and phishing, which they also do a decent job with.


iPhone SDK & Enterprise Offering

Apple announced it’s Enterprise offering as well as the long awaited SDK for the iPhone today. A few thoughts:

Enterprise Offering

Pretty impressive, at least the way it sounds. I have a feeling they are dead serious on this one. Exchange support, and the administrative stuff will be very big wins. I also wouldn’t be surprised if the line ends up splitting so there’s an enterprise line of iPhones with a more business set of features, and a “personal” line. That will help them compete more on both sides by being able to focus more. Software likely will be identical among them.

The one thing I can’t figure out is cost. I have a strong feeling a price drop for the current EDGE based iPhones will come in June, as the new 3G models are revealed. It’s still a hard pitch for enterprises to buy iPhones when Blackberry’s are getting cheaper and cheaper. Not to mention they can shop for prices among wireless providers. Because of this, I think there’s a price drop in the works to bring the iPhone to where it can really compete.


I can has SDK? Still can’t download it. Apple’s on Akamai, but their developer stuff is generally not. That really sucks. I’ve been trying all afternoon.

I wonder if the $99 one time fee (setup fee) applies to open source projects? I’d hope they provide an avenue for them to signup at no charge. Especially considering Apple’s involvement in open source.

Other Thoughts

Still no Apple SSH client? I really hope is available for download when this thing actually ships.

More when I actually get my hands on some SDK bits.

Internet Networking

Phone 2.0: DNS Dialing Anyone?

I’m going to make a giant proposal to the web. Identifiers suck. Email, IM, Phone, etc. Most people have more than one of each. Lets fix that. Step by step.

Apple Software

Mac OS X 10.5 Leopard

I got my copy of Mac OS X 10.5 earlier this week. Bought it from J&R (via Amazon) since it was $99 + shipping, less than Amazon itself was selling it for. For some reason both of them are able to undercut Apple (even with a corporate discount) which seemed odd. Here’s my rundown of the new OS during the first 24 hours.