BrainFuel

I liked this new design for the H&M web site (a clothing company). Nice, simple, and understated.

I’m excited to hear about the upcoming Amazon.com redesign that some customers are seeing. It looks really good, and I can’t wait to see what they’ve improved. I already think the Amazon site is superb, with amazing design and UI. So, for posterity sake here is a screenshot of the current design.

Saw this 3D animation example today and it blew my mind. My favorite was at the 2:58 second mark.

If you have upgraded to Firefox 6.0 recently, you might have noticed a change in your URL address bar.

Now, instead of the web address being in all black like you might have grown accustomed to over the past 10 years, the powers that be have decided it would be better to color all of the URL gray (except for the primary domain name, which still appears in black).

I can see how this could be helpful to the ignorant masses who get scammed by phishing emails, but I’m a relatively intelligent internet user, and I have been browsing the net long enough to know what the primary domain name is in the URL without needing to have it colored different.

If you are like me and wish to set the address bar colors back to the way they used to be in prior versions of Firefox, simply follow these easy steps:

1. In your Firefox address bar, type “about:config” (sans quotes), and press enter.
2. In the filter search box, enter “browser.urlbar.formatting.enabled“
3. Right-click on the “browser.urlbar.formatting.enabled” line item in the listing and select “Toggle” to switch it to false

The idea of a “universal login” is not new by any means. Since the early days of the internet, many people have longed for the ease of having to only remember one login and password to access all of their favorite member-based sites.

Over the years, there have been a number of companies/organizations that have tackled this problem, and recently a couple of solutions have bubbled to the top in popularity. OpenID, Google Friend Connect, MySpaceID, and even the Twitter Login API have all been used as “universal login” methods which can be integrated with a web site.

None of these solutions, however, have even come close to the adoption rate boasted by the Facebook Authentication system. Practically everyone has a Facebook account these days, regardless of age, gender, education level, location, favorite web browser, email address, or internet provider! Facebook embraced this fact and built a nicely packaged authentication system which enables developers to integrate Facebook Authentication into pretty much any app or web site they can imagine. You can now find the Facebook universal login method in everything from iphone apps and desktop applications, to normal run-of-the-mill web sites.

This brings me to my point: Potential Security Risks

While logging into my Facebook account via all the different web sites and various applications which I use on a daily basis, I became acutely aware of a glaring security risk with the Facebook Authentication system. Basically, the way how Facebook instills a sense of security is via a recognizable blue bar which has a gray bar and diagonal stripes underneath it. This familiar imagery is displayed whenever you are asked to provide your Facebook login information. The idea that is consequently trained and reinforced in end-users’ minds is that the familiar imagery represents a genuine Facebook login screen. As such, if you are being asked for your Facebook information in a login popup, but the unique blue and gray bar is missing, you would immediately suspect that something was wrong.

Notice, however, that the Facebook URL is nowhere to be seen in the login popup. There is literally no easy way to verify where the contents of the login form are actually going. This is especially true in the countless iphone applications and computer programs which are making use of the Facebook Authentication system. A rogue developer could easily create a form which displayed the blue and gray bar, but that actually transmitted the login information somewhere else entirely (such as a database on their own server) before it sent the information to Facebook.

The exact same thing could be easily accomplished by any semi-competent web developer with 15 minutes worth of spare time. All they would have to do is make a mock-up copy of the legitimate Facebook login popup, but have it submit somewhere else entirely. The end user wouldn’t know the difference.

In summary: Facebook’s way of instilling a *false* sense of security via their blue/gray bar is totally flawed and easily exploited. They need to come up with some sort of method which enables end-users to verify the form’s authenticity before they enter their login information.

Formatting table rows is something very interesting to me, and my friend Kent recently showed me this useful link, which showcase some really great inline editing designs: Ultimate guide to table UI patterns.

After reading that, jump over and read a response to that post, which contains 3 more examples.

I love this kind of post — it’s chalk full of great ideas in user interface design. Speaking of UI patterns, here are some useful sites and examples:

• UI Patterns – Table Filter
• Patternry – Data Table Patterns

Lastly, you should become a fan of BrainFuel on Facebook! Where we frequently post links to cool resources we find.

Of all of the sites I’ve seen, the folks at Pei Wei do it best with red. The red of course is from their branding, but they carry it into the stores with bright red floors (they must wax them).

I just love their site layout – the typography and bright colors from the photography contrast very well with the white content, and black boxes. Nice job! Related: Screenshot from 2008.

Okay, so the other night I visited a Seattle’s Best that was inside a Borders Bookstore here in Phoenix. I ordered a small mocha and thought about their recent rebranding.

Over at Brand New, 46% in a poll agree that the new logo is a “dumb move.” Which is interesting to me, considering how much I liked it when I saw it in-person the other night. I suppose it’s the old-world charm of their old logo that people miss the most. The new branding however probably frees up their design team to explore a lot of new directions they could not have gone before.

I must say though, that their new web site is rather cool looking. The colors they chose are new and modern, and have a pastel quality. I like the interactive components, and their “coffee level” concept. That’s new, and I haven’t seen that before.

The funny thing is they’re owned by Starbucks, which also recently redid their logo.

I’d say the one thing I don’t really care for, is the rounded font they chose for their logo. And why did they rotate their logo on their web site? It’s a good logo that didn’t need to be rotated.

Other problems I see, are the curious lack of a clean URL structure for sub pages (no URLs at all, actually on most), and a frankly mysterious structure to the sub pages, apparently all designed but with little text.

According to Seattle’s Best, this is their first rebranding in 40 years.