Recent Articles

Daniel Jalkut, responding to Michael Lopp (today's quote of the day), about moving from Things to something else (Asana for right now):

But what really frustrates me in this case is the software has served him perfectly, and he thanks it with a slap to the face. It’s one thing to denigrate a product for failing to meet your expectations, or for exhibiting a clear lack of craftsmanship, but Lopp admits that those problems do not apply: […]

I would argue that Lopp thanked Cultured Code with his money, but I see the larger point here too. There's a fine line between moving for the sake of moving, and getting fed up that there hasn't been major updates. Anyone that follows this site knows I am quick to make fun of Cultured Code for their slower-than-snails-pace that they develop at.

There's no doubt their software is solid, but it is hard to argue for it being the best. OmniFocus isn't much better as 2.0 looks not great, the new iPhone app is just ok, and the once stellar iPad apps are lagging behind. Things and OmniFocus are in need of attention, but while the attention is coming, it is coming too slow for most users. They are still great tools, but you can't blame a user for getting annoyed that their tools (while good) look and operate old.

Lopp's post drove me to think a bit more about my setup — which currently is Begin and OmniFocus. ((Remember, I am financially tied to Begin.)) Looking at OF it looked like a dog, so I looked around and tried Asana for the day. It's not for me, but I can see the appeal. I'll be trying some more web-based solutions over the next week or two.

My goal isn't to try and leave OmniFocus, but to make sure OF still is the best solution for me. OF has gotten so ugly on the Mac and iPad I almost refuse to use it in those places. Which means I am essentially using the iPhone app, and even the new iPhone app isn't the best looking app. ((Totally subjective.))

I understand where Jalkut is coming from, but it is easy to forget that users have other options, options that they can and should always be looking at. Leaving for the sake of leaving isn't smart, but leaving because you have little faith in the future development is smart — to do otherwise is often just delaying the inevitable.

Yes, the software served him perfectly, but what about the future. I'd be hard pressed to recommend OmniFocus to a new user right now, let alone Things. Both were made in a pre-mobile, pre-teams-everywhere, world and that shows every time I use them. I don't see this as ditching great software as much as I see this move as a forward thinking move to embrace something that fits the current workplace needs now, instead of waiting for those needs to maybe be implemented in your current tools.

It's moving not because expectations have failed to have been met, but because of doubt over expectations being met — at least in a reasonable (for the individual user) amount of time. And that I find perfectly logical.

[Jeff John Roberts on one of the more interesting decisions in the Google book scanning case](http://gigaom.com/2013/11/14/google-wins-book-scanning-case-judge-finds-fair-use-cites-many-benefits/):

> The latter idea — that Google is profiting off the books at the expense of authors — has been a rallying cry for opponents of the book scanning. Chin’s ruling, however, takes care to reject the notion in detail, and states that Google “does not engage in the direct commercialization of copyrighted works.”

If this sets the precedent that ads are indirect commercialization, then it opens the door wide for Google to ape more copyrighted work. I can’t see how this would be good in the long term.

[Danny Sullivan on Google’s broken promises](http://marketingland.com/google-broken-promises-65121):

> For two years in a row now, Google has gone back on major promises it made about search. The about-faces are easy fodder for anyone who wants to poke fun at Google for not keeping to its word. However, the bigger picture is that as Google has entered its fifteenth year, it faces new challenges on how to deliver search products that are radically different from when it started. In the past, Google might have explained such shifts in an attempt to maintain user trust. Now, Google either assumes it has so much user trust that explanations aren’t necessary. Or, the lack of accountability might be due to its “fuzzy management” structure where no one seems in charge of the search engine.

Interesting post, centering around this idea:

> Reversals aren’t bad; it’s the failing to explain why you changed your mind that is.

Reeks of arrogance. Imagine the coverage in The New York Times, or WSJ, if Apple made these reversals. ((That’s not to say Apple doesn’t make reversals — they do, and do so frequently.))

You’ve likely heard about [Coin][1] (that’s an affiliate link), a new credit card / iPhone pairing that seeks to eliminate you having to carry multiple cards. It even has its own Sandwich video. The product itself looks fantastic, and easy to use too.

And, as surprising as this might be, I pre-ordered one.

If you read this site you are likely to be surprised by that statement because I am a pretty privacy conscious guy. Before I talk about my thoughts on the security of this system, I want to share some non-security — more practical — concerns that I have with this card.

## You Can Change Cards Easily

The first thing I thought when I watched the video was: that’s way to easy to change cards. The Coin shows that, with a push of a button, you can toggle between cards. This is great for the *user* when they are the one in possession of the Coin, but what about when you hand the card to someone else? Sure if you don’t lose sight of the card you can be sure they haven’t changed your card, but what about at a restaurant?

I’m not even assuming anything malicious — just heavy handed use of the Coin seems like it could cycle between cards and potentially net you with a personal charge on a business card.

I really hope this concern is unfounded, and that there is a mechanism in place to prevent accidental changing of your card, but I remain skeptical.

This is all that is said about this concern on the FAQ:

> We’ve designed the button to toggle cards in a way that makes it difficult to trigger a “press” unintentionally. Dropping a Coin, holding a Coin, sitting on a Coin, or putting the Coin in a check presenter at a restaurant will not inadvertently toggle the card that is selected.

That doesn’t instill confidence of any kind in me.

## What’s That?

That’s the question I expect to get when I try to use the card. Maybe you won’t get that in San Francisco, but I know I will get asked that. No matter what I say, I suspect that the cashier will assume something shady is going on.

I can imagine a couple conversations that might prevent me from using the card:

1. “Sir, you can’t use this because we only accept American Express, Visa, and Mastercard. This is neither.” “No, it *is* an AMEX, trust me.” “Sir, this doesn’t look like any AMEX I have seen. Where’s the logo?” “Ugh.”
2. “Ummm, I need the three numbers from the back of the card.” “Sure they are right here (points).” “No, I need the ones on the **back** of the card, there is nothing on the back of *this* card.” “Ugh.”

I think *people* are likely to be the biggest usability obstacles.

## Security

The Coin FAQ has an entire section on security, but it’s not all that reassuring. There are some features of the Coin that makes it a lot better than a normal card:

– Push notification if you leave the Coin behind.
– Card disables if it is out of contact from your phone for too long.

There are two primary security concerns that I see with this product:

1. That you have to give a lot of credit card info to Coin and it is then stored (from the sound of it) on *thier* servers. Now, they will be in compliance with required security standards, but how can we trust them? I don’t know, but I don’t see this aspect as any more risky than storing, or using, a credit card with any *other* company on the web. Be that Amazon, or *this* site. ((For the record I can’t see your full card number — not even if I tried. I verified that with my own account before launching the paywall.))

This is why I don’t see Coin being a big issue — it just doesn’t strike me as any bigger security risk than using your card anywhere else. In addition to that, credit card companies are actually very *good* at fraud prevention and removing fraudulent charges. I wouldn’t link a debit card to the Coin — and I don’t ever use a debit card as I don’t want people to have that direct of access to my cash — but I don’t see any reason to *not* use a credit card with it.

2. I think the next major concern is not with the security of *you* using a Coin, but with others having access to this technology. In other words, Coin sounds like a credit card skimmers dream tool. I have no doubt this presents a security risk, but why should that stop *you* from using the Coin, or any other new technology for that matter. All new technology has inherent security risks that are only figured out through wide usage.

Already waiters have been known to skim credit cards — and the rule of thumb is to not let your card out of your site — but uhh… really?

Coin, for their part, says specifically on this topic:

> The Coin app requires that you take a picture of the front and back of the card, type in card details, and then swipe the card (using a reader we provide) to ensure the card’s encoded magnetic stripe data matches the card details provided. It is not possible to complete these steps unless you are in physical possession of a card. As an additional safeguard, the Coin app will only allow you to add cards you own.

Everything but that last line is moot. My assumption is that I am out to dinner and hand my card over for payment — now the skimmer has physical possession of my card. If that’s the case, what the hell does the last line of that answer mean? How do they verify ownership? Zip codes?

My best guess is that if your card is already registered with a Coin account, it then cannot be registered with *another* Coin account. And if that is the case you are probably *more* secure owning a Coin then you would be if you didn’t own a Coin.

That’s the main flaws I see with the card. The benefit, though, seems to outweigh the risks associated with using the Coin.

If I could truly just carry around a Coin and my ID — well that would be fantastic.

[1]: https://onlycoin.com/?referral=h23SNfFb