The glib attitude that many web developers have to online security is worrying. In a discussion about the merits of using SSL on e-commerce sites, one designer said it wasn't worth it if payments are processed by a third-party using a secure certificate (such as WorldPay), and that
At best any potential hacker would get a list of names and addresses - big deal, I've got a whole book of them downstairs - it's called a telephone directory.
Difference is that a telephone directory lists those who have explicitly chosen to make their contact details, including name, address, and telephone number, freely available to the public (or at the very least, have chosen not to 'opt-out' of inclusion).
Customer databases are completely different. They include personal details including those which may not otherwise be publically available such as email addresses, mobile telephone numbers, delivery addresses (work addresses are often used for delivery), spending habits, and much more.
As a customer I expect companies I buy from to be good custodians of my personal data - i.e. limit access to it, store it only for as long as is needed and only use it for the purposes I sanction them for.
It is not acceptable to have such a glib attitude as to think hackers won't bother as they may as well just harvest yell.com or a telephone directory, either from the point of view of a customer or from a commercial point of view - customer lists are worth thousands, sometimes hundreds of thousands of pounds, an asset worth protecting.
A secure site is likely to instill confidence in a web site, especially when e-commerce transactions are taking place.
Of course there are risks involved with any CC transaction such as over the phone or handing your card to a waiter whilst he takes it away. However, online fraud (both ID and monetary) is an increasingly well-documented problem. Just because other channels have issues it shouldn't mean a store owner - assisted by the web professionals he hires - can neglect the some of the more preventable ways of data theft.
During a discussion on web standards, I cited an article on Mike Davidson's blog. Someone disagreeing with the points I raised retorted with:
You can't really refer to a 4 year old article on this.
Ha! What does the age of an article have to do with things? Are books written by Zeldman and Meyer irrelevant after a couple of years? Does all good practice change after a few years? Of course not - marquee and blink tags were a bad idea even back when popular, and anyone with a modicum of understanding about the web knew that. Table layouts and font tags were a good idea in the abscence of the more structured CSS model, and are only now bad practice because there is something far superior to replace them.
So the specific details of web design can evolve with time, as can design philosophies. However, it does not mean that every thought a designer (or anyone else, for that matter) had pre-2004 is invalid. To suggest otherwise is, quite frankly, idiotic and ignores the knowledge and wisdom gained through sticking with and evolving a craft over time.
Mike's post still raises some very valid points. By all means disagree with him (and me!) and put up a reasoned counter argument, but simply dismissing the views out of hand because of the age of a blog post is closed minded and will limit your understanding of the subject.
Review of http://life.eop.org.uk/
I wouldn't expect a web site aimed at giving people a platform to vent their feelings (presumably especially if depressed, given the helpful links section) to look into the dark abyss of space. I wouldn't expect sunshine and bunnies either but it's a bit, well, depressing.
You've explained the advantages of being a contributor. However, there is no mechanism to become a contributor - no register link, no contact page. That's a pretty fundamental mistake if you want people to contribute.
The 'Latest Articles' list is redundant as the very same posts are on the front page. All it does is take up screen space and push down the content you want people to read. Is the 'Contributors' list so important that it is right above the rest of the content?
Are you really so confident that visitors will read right to the bottom of the page - past the far-too-tall top navigation, six blog entries and the 'Thought Vault' - and then click the mouse just to find out what the site is about? If the site is going to be different from the average self indulgent ramblings that blogs tend to be, you're going to have to explain what it's about sooner, otherwise visitors won't read on.
Don't get me wrong - you've styled it all nicely enough. However, I think the whole architecture of the site needs a complete overhaul and you've given it an inappropriate style.
I'm sold on the idea of web standards. The continual tirade of rhetoric coming from standards evangelists doesn't help with the business case, though.
Do web sites which don't validate make less money, or inherently make them less usable or accessible? Not necessarily. A few examples:
These are some of the biggest web sites in the world, and are all worth millions, if not billions (with the exception of .net, of course). At some point they've taken a pragmatic look and decided that it was worth sacrificing the holy grail of fully validating code for something else - better support across browsers (CSS is unfortunatly flaky in many browsers, adding a development and testing overhead), ease of maintenance, integration with existing systems and so on.
The assumption that none-validating code is automatically "bad" is as short-sighted as the assumption that standards don't matter at all. As with most things, there's a middle ground and a good web professional will use discretion.
More Reading...
People are stupid. They need guidance. I can give it to them, provided they aren't to pig-headed to take constructive criticism.
I give constructive criticism on a handful of sites. One of them in particular has a stupid forum cropping policy, with posts just a couple of months old vanishing into a gaping hole in the t'interweb.
Thus this is primarily an archive of my genius and advice given, for the less fortunate to be referred to and to learn from.
We all know that as with any other gathering, forums tend to form a hierarchy amongst the members. Regular members often inadvertently form almost impenetrable cliques, and it is only after a period of induction that a new member is 'allowed' to feel welcome.
You can usually easily recognise clique members. They have far more posts than seems healthy, and tend to keep those 30-page threads going. They often develop a sub-culture and language, full of in-jokes like a bad middle class BBC comedy that a casual browser would not understand. Wannabe clique members - those on the periphery of the group - tend to gravitate around the main participants and post inanities, desperately hoping for and hanging onto a reply or even acknowledgment of existence.
With the possible exception of two forums in the past, I've never been one to join the cliques. Maybe it's my inner punk, but I just can't stomach the relentless arse-licking and dumbing down of free thought required to be an active member of such a clique. It's far more fun posting freely and honestly about what I feel than agreeing with the main protagonists for the sake of social harmony.
And so this brings me to a new member on a forum I frequent. She joined and asked for feedback on a variety of aspects of a couple of web sites she commissioned. She didn't join in any other discussions, although did respond to some of the issues raised about her sites.
Different people visit forums for different reasons. Some visit to post in "What are you listening to" and "Word Association" threads, whereas others visit once or twice for coding or design advice. Not sticking around does not in itself make someone a spammer
Of course, the poster in question may well have joined in the hope of garnering new members. However, as she actually engaged in conversation rather than the usual post-a-press-releas-and-go approach of spammers, I would give her the benefit of the doubt.
Site:
http://miloszorica.info/.
I like this a lot; the clean canvas and centred portfolio works perfectly to draw attention to the quality of your work. The splatter of paint branding works well.
I also like that you've had the balls to see through the stark simplicity rather than clutter the site with unnecessary crap. To embellish the design too much would be to take away from the showcase. As a showcase to highlight your work it does the job incredibly well.
I would work on your hover underlines; perhaps use margins on your nav rather than forcing it with an extended block of #FFFFC7 on web.gif. I'd also add a simple contact page, if for no other reason but to comply with the Companies Act.
Critique of a site for Ronald J Treitner
Has anyone actually given you an honest critique of his work? I'd hate to come over like Simon Cowell, but you just isn't up to being a web designer. (more...)
http://www.griffinwebdesign.co.uk/
OK, so not a favourite design-wise, but Andy Shaw keeps coming back for more... this is a reply to the 3rd time he posted his site asking for feedback:
Did you save the replies on your previous thread? If you did, most of my comments apply to this redesign.
- The stock imagery used is lazy; the images chosen don't add any value to the page.
- Too many font faces used. Lack of cohesion.
- From a personal POV, I dislike the "web 2.0" trend of size 36 text, graphics that make anyone on a 1024x768 display or lower have to scroll down to read what a page is about and in.
- Still confusion about whether you are a freelancer or an agency/company, which carries on through with your "beta" design (oh purlease!). Trust is vital in business - there's nothing wrong with being a freelancer, but be honest about it and embrace it. Congrats on getting rid of that ridiculous pricing guide, though.
- Your copy is still atrocious. "medium size business's"? Oops. Get a dictionary, get hold of a style guide and get your copy in order.
- There's some serious problems with trust. Your "beta" site claims you were "recently tasked with re-branding Griffin Web Design". Bullshit. YOU decided to rebrand - no-one 'tasked' you with it. The only sites in your portfolio are your own and one for your brother/other male relative. That's fine as examples of what you can do, but don't pretend you've got experience of working with clients or that you've got any on-going professional relationships. Be honest - at the moment, anyone will be able to see straight through you.
As a general note, I actually prefer your previous design. I said in your previous thread that I'd be surprised if you were still around in 12 months time, and I stand by that - you don't seem to have the business acumen required to go it alone. That your portfolio hasn't grown, your Plumber "client" doesn't even seem to have a domain name and that you've got the time to go through a rebranding suggests two things - that you've not had any clients and that your priorities are completely wrong.
If you're serious about going it alone, go out and make connections and get clients in. It takes a helluva lot more than to put a portfolio site up and hope that people visit and buy your services.
E-commerce has never been easier. There are many cheap and even free e-commerce packages (such as the dreadful OSCommerce and its many forks, Magento - the new darling of free e-commerce, and CubeCart), hosted solutions such as EKM Powershop and even the major hosting players sell bundled e-commerce solutions cheaply. The entry point has become extremely low.
Having such as low entry means anyone with a net connection and perhaps a fiver a month can set up an e-commerce site. Indeed, many hosting packages now come complete with a one-click installer called Fantastico, which enables a handful of e-commerce applications to be installed easily. Sounds great? It's not.
Aside from choices being too easy to make (one-click installations and a play-around hardly constitutes the sort of research someone serious about online retailing should take; one should at the very least create a written brief, even if only to be used internally, and then look at the various solutions both free and paid, off-the-shelf and bespoke to fit around their requirements), versions are very often out of date on Fantastico packages.
Risking your entire reputation and fledgling business on a potentially insecure shopping cart just because you don't have the technical know-how of how to install and secure a shopping cart script or willingness to pay somebody who does have it is foolhardy.
If you can't figure out how to install a cart, especially given the simple setup scripts and instructions most have, you've no place running an online store. There's a helluva lot more to setting up a secure shopping cart than a one-click-install and uploading a skin.
For hobbyists looking to test the waters of e-commerce, they shouldn't be looking into setting up their own application. They should use a hosted service (EKM, etc) or even Ebay or Amazon's marketplace and let them worry about security, backups etc. Lack of knowledge (technical, business, legal) is a disaster waiting to happen.
