Designed for Use: Create Usable Interfaces for Applications and the Web – #bookreview

Designed for Use: Create Usable Interfaces for Applications and the Web
By Lukas Mathis
(Pragmatic Bookshelf, $35.00 paperback)

There’s no code inside this well-written book for programmers and visual designers. Instead, the focus is on usability — how people use things — and how you can make big, modest or subtle improvements to their experiences with digital interfaces.

You may be designing a software product that you think will be user friendly. Yet how good, really, is your knowledge of efficient and effective design? And what do you really know about how users will respond to what you create? Are you relying on formal focus groups to tell you what your users supposedly will want?

If you are, you are not doing nearly enough research, insists the author, Lukas Mathis, a developer and user interface designer for Numcom Software. “[P]eople often aren’t able to tell us how we can solve their problems. Worse, people may not even be able to tell us what their problems are. And worst of all, people are pretty bad at predicting whether and how they would use a product if we proposed to build it for them,” he writes.

Instead of depending on focus groups, you should spend some time doing “job shadowing” and “contextual interviews” to help you shape a better interface.

“Since people don’t know what they want, a good approach is to simply observe what they do. The idea of [job] shadowing is to visit users in our target audience at the place where they will use our product. The goal is to find out how our product will help them achieve their goals.”

He adds: “With usability testing, the goal is to find issues with the user interface. When you are shadowing someone, the goal is to figure out what kind of product to create or how to change your product on a more fundamental level.”

In contextual interviews, you interview a user after doing some job shadowing. And: “What you see is more important than what people say. Still, by asking the right questions, you can often get some useful information out of people….The kinds of things you’re looking for are areas where improvements seem possible. Don’t ask for opinions, and avoid questions that force the person to play product designer.”

Mathis has structured his 322-page book into three parts – research, design and implementation – and 36 short, nicely focused chapters that deal with everything from “[c]reating documentation as soon as possible” to “learning from video games” to doing “guerilla usability testing,” overcoming common testing mistakes and dealing with bad user feedback.

Designed for Use has numerous illustrations that highlight common interface design mistakes. The book also shows major, minor and subtle ways to improve customers’ understanding, acceptance and appreciation of what happens when they use product interfaces on their computer screens or phones.

The author also emphasizes the importance of keeping in mind “that you don’t have to own 100 percent of your market. It’s true that adding more features to your product allows you to target more users, but doing so comes at a cost. Your product becomes more desirable to the people who would not be able to use it if it didn’t offer a specific feature. However, it also makes your product less desirable to the people who have no use for that specific feature.”

In his view: “It’s OK to let some people go to your competitors to get what they need; you can’t be everything to everybody.”

– Si Dunn

Windows Sysinternals Administrator’s Reference – #bookreview #software #techsupport

Windows Sysinternals Administrator’s Reference
By Mark Russinovich and Aaron Margosis
(Microsoft Press, $49.99, paperback; $39.99, Kindle)

To the uninitiated, the title may sound a bit ultra-geeky and scary. Particularly the “Huh?” word “Sysinternals.”

But this book may benefit you “whether you manage the systems of a large enterprise, a small business, or the PCs of your family and friends,” Mark Russinovich and Aaron Margosis contend.

The Sysinternals Suite, it turns out, “is a set of over 70 advanced diagnostic and troubleshooting utilities for the Microsoft Windows platform” written by one of the book’s authors, Mark Russinovich, plus Bryce Cogswell.

The 70+  Sysinternals tools can be downloaded free from Microsoft TechNet at
http://www.sysinternals.com
.

The book’s goals are to make you more familiar with the Sysinternals Suite and learn how to use the Sysinternals to “solve real problems on Windows systems.”

Russinovich’s and Margosis’s Windows Sysinternals Administrator’s Reference is well written and has a good number of illustrations that provide amplifying “how-to” information. The book has a hefty 25-page index, as well, to  help you find your way through the Sysinternals’ maze of available features, capabilities, verifications, files, drivers, states, fixes and more.

The Sysinternal tools work with the following versions of Windows:  Windows XP (with Service Pack 3); Windows Vista; Windows 7; Windows Server 2003 (with Service Pack 2); Windows Server 2003 R2; Windows Server 2008; and Windows Server 2008 R2. The authors note: “Some tools require administrative rights to run, and others implement specific features that require administrative rights.”

Following its introduction, the book is divided into three parts, containing a total of 18 chapters:

Part I: Getting Started

• 1. Getting Started with the Sysinternals Utilities
• 2. Windows Core Concepts

Part II: Usage Guide

• 3. Process Explorer
• 4. Process Monitor
• 5. Autoruns
• 6. PsTools
• 7. Process and Diagnostic Utilities
• 8. Security Utilities
• 9. Active Directory Utilities
• 10. Desktop Utilities
• 11. File Utilities
• 12. Disk Utilities
• 13. Network and Communications Utilities
• 14. System Information Utilities
• 15. Miscellaneous Utilities

Part III: Troubleshooting – “The Case of the Unexplained”

• 16. Error Messages
• 17. Hangs and Sluggish Performance
• 18. Malware

The book is aimed mainly at “Windows IT professionals and power users who want to make the most of the Sysinternals tools.” And it includes real-world case studies to illustrate several tough problems.

If you are not yet a power user, but wrestle with Windows on a frequent basis (as many of us do) and are ready to tear into it, the Windows Sysinternals Administrator’s Reference can help you learn how to diagnose and troubleshoot your system and also optimize it.

If you work in a small business where there is little or no tech support, or if you are tech support in your small business, add this book to your library. You’ll likely put it to good use.

– Si Dunn

Build Mobile Websites and Apps for Smart Devices – #bookreview

Build Mobile Websites and Apps for Smart Devices
By Earle Castledine, Myles Eftos & Max Wheeler
(SitePoint, $39.95, paperback; $27.99, Kindle)

By 2013, in some estimates, mobile devices such as smartphones and “other browser-equipped phones” will outnumber the world’s 1.78 billion PCs.

Meanwhile, the “mobile share of overall web browsing” is now growing rapidly. And: “We’re never going to spend less time on our phones and other mobile devices than we do now,” contend the authors of Build Mobile Websites and Apps for Smart Devices.

“Inevitiably, more powerful mobile devices and ubiquitous internet access will become the norm. And the context in which those devices are used will change rapidly. The likelihood of our potential customers being on mobile devices is higher and higher. We ignore the mobile web at our peril.”

The authors’ new guidebook from SharePoint is aimed at front-end web designers and developers, with emphasis on mobile websites and apps that are accessed via touch-screen smartphones.

Their well-illustrated, 256-page book is written in a smooth, accessible style that moves quickly to the point of  each chapter and example. They recommend that you read the chapters in sequence the first time, rather than skipping around, particularly if you are new to mobile web design and web development.

The chapter line-up gives a good look at the book’s structure and coverage:

•  Preface
• Chapter 1: Introduction to Mobile Web Design
• Chapter 2: Design for Mobile
• Chapter 3: Markup for Mobile
• Chapter 4: Mobile Web Apps
• Chapter 5: Using Device Features from Web Apps
• Chapter 6: Polishing Up Our App
• Chapter 7: Introducting PhoneGap
• Chapter 8: Making Our Application Native
• Appendix A: Running a Server for Testing

The book includes a link to “a downloadable ZIP archive that contains every line of example source code printed in this book.” And the writers emphasize that readers should have “intermediate knowledge” of HTML, CSS, and JavaScript. They skip the absolute basics and move right into “what’s relevant for the mobile context.” 

They emphasize that “[t]he inevitable decision when designing for the mobile space is the choice between building a native application or a web application….A web application is one that’s accessed on the Web via the device’s browser–a website that offers app-like functionality, in other words.” Meanwhile, “[a] so-called native application is built specifically for a given platform–Android or iOS, for example–and is installed on the device much like a desktop application.”

They contend that “native apps offer a superior experience when compared to web applications,” and they note that “the difference is even more pronounced on slower devices.” However, building a native application can leave you vulnerable to market fragmentation and unsure which platforms you should target. Meanwhile,  it can be cheaper and faster to develop a Web application. So several important design and business decisions have to be made before you offer a new app to the marketplace. 

Build Mobile Websites and Apps for Smart Devices focuses first on making design decisions, selecting a feature set and using HTML, CSS and JavaScript to build a Web application. Later, it shows how to use PhoneGap to turn a web app into a native app for iOS, Android, BlackBerry and other platforms.

In the authors’ view, “mobile design is about context, but it’s also about speed. We’re aiming to give our users what they want, as fast as possible.” And, in many cases, “[p]roviding a version of our site to mobile users is going to be important regardless of whether or not we have a native application.”

In other words, be ready and able to go native and web when creating mobile websites and apps for smart devices. 

– Si Dunn

#

Metasploit: The Penetration Tester’s Guide – #bookreview

Metasploit: The Penetration Tester’s Guide
By David Kennedy, Jim O’Gorman, Devon Kearns and Mati Aharoni
(No Starch Press, $49.95, paperback; $27.99, Kindle)

Penetration testing is the process of testing enterprise networks to discover their weaknesses, so they can be made more secure, according to HD Moore, founder of The Metasploit Project.

As a penetration tester, Moore states in the foreword to this book, “[y]ou are paid to think like a criminal, to use guerilla tactics to your advantage, and to find the weakest links in a highly intricate net of defenses. The things you find can be both surprising and disturbing; penetration tests have uncovered everything from rogue pornography to large-scale fraud and criminal activity.”

Indeed, penetration testing is about probing an organization’s systems for weaknesses in their security, so better and stronger safeguards can be erected to keep hackers and data thieves at bay. And the tests may be overt or covert.

Metasploit: The Penetration Tester’s Guide is largely — but not fully — a comprehensive guide to learning ”the ins and outs of Metasploit and how to use the Framework to its fullest.” The book is “selective” and does not cover “every single flag or exploit,” the four co-authors concede, “but we give you the foundation you’ll need to understand and use Metasploit now and in future versions.” 

 The 299-page book’s 17 chapters cover “everything from the fundamentals of the Framework to advanced techniques in exploitation.” While penetration testers do not have to be programmers, the writers recommend that readers have at least some understanding of Ruby or Python, since many examples in Metasploit: The Penetration Tester’s Guide are written in those programming languages.

The Metasploit Framework is not an easy tool to learn. Nor is it easy to master the often-complex process of penetration testing. Fortunately, the four co-authors are well aware of this. They have rolled out their combined knowledge and experience in a smooth flow of chapters written in a straightforward, accessible style.

Here is the chapter line-up:

• Introduction
• Chapter 1: The Absolute Baisics of Penetration Testing
• Chapter 2: Metasploit Basics
• Chapter 3: Intelligence Gathering
• Chapter 4: Vulnerability Scanning
• Chapter 5: The Joy of Exploitation
• Chapter 6: Meterpeter
• Chapter 7: Avoiding Detection
• Chapter 8: Exploitation Using Client-Side Attacks
• Chapter 9: Metasploit Auxiliary Modules
• Chapter 10: The Social-Engineer Toolkit
• Chapter 11: Fast-Track
• Chapter 12: Karmetasploit
• Chapter 13: Building Your Own Module
• Chaper 14: Creating Your Own Exploits
• Chapter 15: Porting Exploits to the Metasploit Framework
• Chapter 16: Meterpeter Scripting
• Chapter 17: Simulated Penetration Test

The book also has two appendices. Appendix A covers “Configuring Your Target Machines.”  As the four co-authors point out: “The best way to learn to use the Metasploit Framework is by practicing–repeating a task until you fully understand how it is accomplished.” This appendix explains how to set up a test environment to use with the book’s examples. Appendix B, meanwhile, provides a “Cheat Sheet” listing frequently used commands and syntax “within Metasploit’s various interfaces and utilities.”

Once you become comfortable with the basics of penetration testing, the book then can introduce you to an array of advanced techniques. Metasploit: The Penetration Tester’s Guide is an expanded outgrowth of  an online course, “Metasploit Unleashed,” developed by Offensive-Security.

– Si Dunn

#