Your next project needs a white-hat jerk.

A couple of years ago, a startup called Stamped created an app and service that let you rate anything and everything. Your local doughnut shop? Rate it and tell your friends. Your favourite beach? Rate it and tell your friends. In fact, rate anything you want!

But Stamped never anticipated the prankster, or what I think of as the benignly destructive user. It seems nobody ever asked “what would someone do here if they were just here to screw around?”

To borrow some words from Mike Monteiro, it had never been DickProofed.

If it had, perhaps people wouldn’t have been able to rate “Getting a hand-job during the Muppets Movie” or any of the other things that people who totally weren’t me rated on there.

Maybe it would still be around.

Yesterday, I ambled up to a colleague’s shiny new iPhone 6. I saw that it was charging, and I said “Hey Siri, from now on call me Penis-Face”. Guess what? Siri duly changed his nickname in his contacts and said “Ok, from now on, I’ll call you Penis-Face.” I exploited a ‘feature’ of iOS 8—when an iPhone is connected to power, it constantly listens for the term “Hey Siri”, followed by a command. Then it executes that command.

What I did wasn’t really malicious, but it was a dick move and a childish prank. However the point is that I shouldn’t have been able to do it. Someone on the development team for iOS 8 should have seen that a prank so obvious is something jerks are going to want to do.

This matters. Users like that—the jerks—are out there in their tens of thousands. Millions, even. They’re not exactly attempting to hurt your business or product; they just want to have a good time. That’s your problem when that good time comes at the expense of your new service or product.

As we move toward a model of the world where nearly every business is just a website with some people out the back, we’ve got to keep these jerks in mind and anticipate where they might fool around with your product to have what (to them) are a few childish laughs.

When we at Floate build things for people, I always ask “how could someone screw this up for shits and giggles?” People tend to think I’m joking but I’m deadly serious because if your site, network, or product becomes a playground for a bunch of jerks, it turns off the people whose time and attention you’re really trying to obtain. Almost nobody ever got a promotion doing that.[1]

The internet security world has for years had white-hat hackers—people whose job it is to test code for security flaws. It’s time for designers to adopt the idea. Next time you’re working on a long-term project, appoint a designated white-hat jerk; someone whose job it is to keep thinking about how a person or group with a bit of time on their hands might try to bend and twist your system for a few laughs. This isn’t simply asking someone to be a tedious Devil’s Advocate—it’s ensuring that someone is always thinking “How could someone fool around with this, and what would that mean for our end product?”

If you want to make it next-level, create a Jerk as a user persona, create some stories for them, and work out if your system is ready for them.

You’ll get push-back, but it’s worth it. Nobody wants to be the next Stamped.

  1. Well, Stamped did get acquired by Yahoo for $10 Million. ↩


        • Well, when locked, Siri could just perhaps be used to retrieve information or provide non-intrusive data and not be able to perform permanent edits or changes to on-device information. Or, perhaps when locked, a quick request for TouchID would suffice. Or, perhaps a list of recent changes made when locked would need a quick at-a-glance review and authorisation via TouchID upon the next unlock; “Since last unlocked, the following changes were made: …. Approve changes?”. All of this ‘out of my ass’ ideas seem eminently more sensible, user friendly and even dare I say it more Apple-like than your quick out of your ass whine.

      • This pessimistic approach—design-for-cocknuggets—leads to uglier designs. An uglier world, even. Society’s need to design for the lowest common denominator leads to concrete rather than wood, or to hospitals spending money on anti-tag paint instead of nurses.

        Apple products are what they are because of optimistic design. They’re designing for the world they’d prefer to have: one where the jerks don’t exist. Or at least—because they don’t have their heads completely up their arses—where the jerks are walled off from normal people.

        Maybe they’re designing for a workplace where if you can’t be trusted not to regularly waste people’s time and exploit their trust, then you’ll be asked either to grow up, or to leave…

      • @matt – sorry but that isn’t the earth we live on. Nobody’s had a sandwich stolen from your work’s fridge?

      • It’s a worthy concept, and there are probably some top-level dickhead activities you could proof against. But ultimately, this is an asynchronous threat. You can’t protect against all dickness. At some point you need to either throw your hands up and move on or find a way to use community policing to protect against the threat.

        This is exactly the problem with managing comments. Gawker has been fighting this war for a decade and the dicks always find a way to win…

      • How about removing those awful CPU clogging CSS animations in the background?

      • You’ve make some good points Matt but I think allowing people (customers) to hack about with your product can produce things that’s the original creators never thought of.

        Stamped probably shouldn’t have thought about what a jerk would do with there software before releasing it but they should have been monitoring it to see when one/many did and make the changes to stop or suppress it.

      • When I went to college, we had a name for the kind of people trained to do the hard work of “DickProofing” things: engineers.

        This is an issue that I’ve wanted to take up with Gruber for a while (me being a long lost college buddy), but the common etymology of the term “engineer” is egregiously incomplete. We talk about Apple’s engineers, and how web sites are engineered, and even software engineers (about whom there was much debate when I was in school whether they actually existed or not). It is often conflated that engineers are builders, or, more mistakenly, designers. Those are roles engineers often play, but neither is the importance of an engineer. The actual job of an engineer is as person who DickProofs…who uses principles of science and a body of experience to understand how things –fail– and ENGINEER them to not. Engineers are the critical role between Designers and Builders. Designers design pretty bridges, Builders pour concrete…without good Engineers you get Gallopin’ Gertie. You get Falling Waters…a beautiful display of architectural design that is on the verge of destruction due to poor engineering. You get the Three Gorges Dam…where China’s –ability– to BUILD Wonders of the World outstripped their experience to –engineer– them.

        So, having been trained as an engineer by engineers who understood what engineering IS, when I read accounts of software “engineers”, or Apple “engineers”, or security “engineers” within articles describing eye-rolling failure—”You’re holding it wrong.” “You shouldn’t be putting naked selfies in iCloud anyway.” “Apple’s servers did not leak any customer data.” “iPhone data is securely encrypted.”—I roll my eyes, not over the outrageousness of the failures themselves, but of the failure of the engineering behind them. That an unauthenticated bystander can cause Siri to do such a stupid (but absolutely tricksterly funny) thing belies the endemic failure of thorough engineering that I believe has existed within Apple for many years.

        Engineering is not primarily rated merely by success, it is in fact scored most viciously by failure.

      • So the Stamped example… this didn’t even lead to it’s demise and it was in fact acquired as a valued asset. You wouldn’t know that from your main piece until the footnote.

        With Hey Siri I think it’s obvious that someone at Apple did anticipate that, which is why it’s not a default setting. Many settings exist that could make a phone vulnerable, and the user needs to balance greater utility against jerk protection.

        I find your examples disingenuous and contrived to make your point, which is why I actually would not trust you. You could have actually made the same point honestly.

    • Interesting stuff. I think Dickproofing is probably worthwhile to consider in the design process but designing for it seems like designing for an edge case (let alone coding it). It’s the sort of thing I’d ask my teams to avoid doing. Instead, I’d add it to a ‘to monitor’ list (along with analytics…) and deal with the problem if it actually arises. For sure, dealing with it when it happens would no doubt be made easier were it at least explored during the design phase.

    • Agreed. And, been there.
      When I look back at the man months spent on a tiny marketplace built over the last 14 years, it’s easy to realize where the BULK of our time went: dickproofing.
      More specifically: has more code dedicated to dealing with, preventing, and detecting scammers, than we do to the actual business at our core (commerce).
      And even so, we still miss a bunch. Why? Because people adapt, and there’s new ruse every week.

      My only exception to Ross’ terrific article is in the “shits and giggles” part. Perhaps it’s the nature of our effort, but the bulk of the folks messing with our systems are doing it with a very specific purpose in mind: to take advantage of others, and make a buck.
      I’d say just about every user-generated content (UGC) startup fails to take into account the massive effort that might be required to prevent bad things from happening.
      And, to make matters worse, very few want to do this work by hand (at least, not for very long). So, it begs for automation. And, automation lends itself to detection, which yields adaptations, and… the cycle continues.

    • “world where nearly every business is just a website with some people out the back”

      Mate, this sentence (unless it is a joke, but it seems serious to me) tells me you have no idea how this world functions actually. Please don’t get me wrong, but this looks to me as if you are living in a small bubble similar to California’s Silicon Valley – all you do every day is surround yourself with “startup” websites, cute small ideas and websites. Here’s a tip – that’s just a small bubble waiting to burst anyway in yet another .com burst.

      Projects like Stamped are useless. World can exist without them alright. Yes, they are cute and cuddly and have cool hipster website and their iPhone app has flashy interactions. But at the end of the day who cares?

      One tanker full of crude oil carries more value than Stamped. Not necessarily monetary value (sold for 10 mil, yup, bubble is about to burst), but true human value. It allows people to move, to commute to work, it heats homes, etc.

      The business model you are mentioning – website with some people behind – is so small and so minuscule when compared to the entire economy that is is nearly non existent. Apart from only a handful online giants (Amazon, Google) all other economy is actually brick & mortar and could not care less about a website. Even high tech companies like Tesla could actually survive if their entire website is down for a week. I will go one further – if Tesla’s website was just a picture of a car, their logo, and big phone number you can dial – they would still sell cars.

      If Facebook decided to close down tomorrow, like if Mark said “fuck this, I’ve had enough, I am of to Bahamas” and closed Facebook, _NOTHING_ in the world would change. People would freak out for a week because they could not post pictures of their cat, and after a week or two Facebook would be forgotten. And we consider Facebook to be big. Now take a look again at Stamped and consider how totally irrelevant that project is.

    • Your general point is valid (even if counters to some of your specific points are equally so). But in some software engineering and business analysis environments, this is already a practice: we model “use cases”, and, increasingly, “misuse cases”. Of course, by definition, there is a finite number of valid use cases, and a potentially infinite number of misuse cases. Remembering that these cases need to be modelled, coded, tested and documented, I’m sure you can grok that product teams without infinite budgets (i.e. all of them) can only take into account a certain number of misuse cases. The real issue is that many teams dispense with the idea of modelling misuse cases altogether, because they can’t possibly model them all: I have always felt that misuse cases should be treated as risks, and that those with the highest likelihood and/or impact should be modelled and treated fully. Be fully cognisant though that however much you model, you cannot hope to cover every single possible misuse — or failure (hence fail-safe and fail-secure measures).

    • I heard once, about a movie ( that is a product like a software app. ) that very good at box office, lot of money.

      The producer & director show it finished to a private audience before went mainstream.

      They remake the movie, quietly, based in the comments of the audience, because there where a lot of “jerks” part of it.

      Good article.

    • Your use of White-hat hacker to mean “people whose job it is to test code for security flaws” is not proper.

      A hacker is someone who produces elegant solutions (hacks) to technical problems.

      A white-hat is a pejorative term saying the writer approves of the morals and ethics of the person being called white-hat.

      A person who tries to break into things is know as a cracker.


Leave a Reply

Your email address will not be published. Required fields are marked *