Hidden State

At 30C3 , Olia Lialina talked about efforts of user interface designers to abolish explicit, visible computer user interfaces – and with it, the term user . Lialina asserts that this serves to hide the inherent imbalance in power between users and developers, making it more difficult for computer users to reason about computing systems.

Lialina further asserts that the trend towards single-purpose software (appliances, apps) tends to increase the cognitive load of computer users: Lialina's Turing Complete User has to work around deficiencies of interfaces that expose only actions envisioned by the developers.

General Purpose Users can write an article in their e-mail client, layout their business card in Excel and shave in front of a web cam. They can also find a way to publish photos online without flickr, tweet without twitter, like without facebook, make a black frame around pictures without instagram, remove a black frame from an instagram picture and even wake up at 7:00 without a “wake up at 7:00” app.

A cursory look at Lialina's list of user demands shows that almost all problems revolve around management of internal state of computer programs: The most popular item, the demand for an undo action on mobile devices expresses an explicit wish to return to an earlier state. The demand to pause media and be able to resume shows desire for fine-grained user control over state transitions.

Hidden state occurs whenever a user interface does not represent program state relevant to the user. While annoying in single-user programs, in a networked environment, hidden state represents ample opportunity for discrimination and abuse: Most Users would not suspect that they pay more for holidays or are in a filter bubble .

Looking at demands for a right to logout from a language-theoretic point of view, wanting online anonymity means wanting stateless interaction : Servers should process client requests without historical context, treating several requests originating from one client the same as if sent from multiple clients.

It is the duty of every monk to call upon master Kaimu at least once during their time at the temple. When the master opens his door the monk must bow and ask: “ What is the great joy of stateless services? ”

Without fail master Kaimu will reply: “ Ten thousand guests fed by a single grain of rice. ”

The monk must then ask: “ And what is the great sorrow? ”

Kaimu will reply: “ The great sorrow of what? ”

Readers may find it surprising that HTTP (as specified in RFC 2616 ) was introduced as a stateless protocol. They probably find it less surprising that advertisers, in conjunction with unscrupulous programmers, have worked relentlessly to make stateful interaction the default on the web. As including information in URL s would be visible , tracking identifiers are hidden through use of cookies – bits of data sent with every request, but not shown in the interface.

Professionals do not create dishonest user interfaces by accident. Web developers, for example, know that popular Firefox extensions make hidden state visible ( Ghostery ) or inhibit unwanted state changes ( Adblock Plus , NoScript ). Many developers could create interfaces without hidden state, by following REST architecture principles – they just reason that being a professional liar is more profitable.

Those having a hand in the current state of computing may say that their surveillance and deceit is not as bad as what the others do. Some may repent, asserting that they did not – could not – see it coming. Others may not even see the need to save face: Displaying neither guilt nor pride, those are the digital little Eichmanns .