Tag Archives: Apps

Trend Micro apps fiasco generates even more questions

The saga surrounding Trend Micro apps being removed from the Mac App Store for gathering data inappropriately drags on, but the company’s latest admission raises even more questions.

In the latest update to its response to allegations that its Mac apps were stealing user data, Trend Micro admitted that it published another banned app — Open Any Files: RAR Support.

Thomas Reed, director of Mac and mobile at Malwarebytes Labs, had previously found the Open Any Files app — listed as being developed by Hao Wu — to be gathering the same data as the Trend Micro apps, transmitting that data to Trend Micro servers and promoting Trend Micro’s Dr. Antivirus app, which was one of the six Trend Micro apps banned initially by Apple. 

While the cybersecurity company based in Japan did not explain why it did not take ownership of the Open Any Files app before, Trend Micro admitted the app used “the same module” to collect browser history data as the other Trend Micro apps. As such, the company said it would “no longer publish or support this product.”

Reed found the admission interesting because Trend Micro had previously described Open Any Files as an affiliate app.

“I’m not sure who Hao Wu is. I had assumed it was someone who was abusing the Trend affiliate program to get paid for referrals to their apps. It’s very odd that Trend is now saying that they own that app,” Reed said via Twitter direct message. “Why would their own app use App Store affiliate links when linking to other apps they own?”

Reed added that Malwarebytes had found the Open Any Files app to be “very shady” and so he had been tracking it since December.

“[Promoting other Trend Micro apps] was its sole purpose. The other functionality it provided was extremely minimal, and it used [a] trick to get triggered any time the user opened an unfamiliar document type,” Reed said. “I’m not entirely sure what the point is. These are all junk apps that are a dime a dozen on the App Store. They really don’t provide much — if any — value to the user, in my opinion. I suspect the data collection was a primary goal, but that’s just a theory.”

When questioned about Open Any Files and the other Trend Micro apps, the company refused to answer and instead linked to the updated blog post, noting that it now has an FAQ and “will continue to be updated with other questions and answers.”

Reed said the company didn’t seem ready to talk about the issues with the Trend Micro apps for Mac, but they should have been because changes to the apps indicated they expected the controversy.

“One thing that is striking is their claim about displaying [an end-user license agreement] that the user has to agree to. That was not the case in any of our testing, which actually started back in December, and was repeated several times right up to just before publication of our article,” Reed said. “Someone on Twitter posted a couple screenshots… before September 7 and after September 7. Before, no EULA. After, the EULA appeared. They knew this was coming, and their response was to add a EULA rather than remove the data exfiltration code.”

Trend Micro apps on Mac accused of stealing data

Researchers charged that multiple apps in the Mac App Store were stealing data and Apple removed the offending apps from the store, but now Trend Micro is refuting the claims against its apps.

At least eight apps — six Trend Micro apps and two published by a developer who goes by the name “Yongming Zhang” — were found to be gathering data, including web browsing history, App Store browsing history and a list of installed apps, from user systems. Reports about the apps potentially stealing data first appeared on the Malwarebytes forum in late 2017, but the issues were confirmed recently by at least three individuals: Patrick Wardle, CEO and founder of Digita Security, a security researcher based in Germany who goes by the Twitter handle @privacyis1st, and Thomas Reed, director of Mac and mobile at Malwarebytes Labs.

Wardle dug into claims by @privacyis1st that the number four ranked paid app, published by “Yongming Zhang” in the Mac App Store — Adware Doctor — was stealing data. At first Wardle saw the app was behaving normally until it came time to “clean” the user system, when he observed the app stealing browser history data and a list of installed apps.

“From a security and privacy point of view, one of the main benefits of installing applications from the official Mac App Store is that such applications are sandboxed. (The other benefit is that Apple supposedly vets all submitted applications – but as we’ve clearly shown here, they (sometimes?) do a miserable job),” Wardle wrote in a blog post. “When an application runs inside a sandbox it is constrained by what files or user information it can access. For example, a sandboxed application from the Mac App Store should not be able to access a user’s sensitive browser history. But Adware Doctor clearly found [a way].”

Trend Micro apps and company response

Adware Doctor and another app — Open Any Files: RAR Support — were developed by an unknown developer whose identity is based on the name of a notorious Chinese serial killer, Zhang Yongming, who was executed in 2013 after being convicted on killing 11 boys and young men. In addition to these apps stealing data, Reed noted in his analysis that at least two Trend Micro apps appeared to be acting improperly.

Reed said he “saw the same data being collected and also uploaded in a file named file.zip to the same URL used by Open Any Files” in the app Dr. Antivirus. Reed said Open Any Files and the Trend Micro apps were uploading the zip file to Trend Micro servers.

“Unfortunately, other apps by the same developer are also collecting this data. We observed the same data being collected by Dr. Cleaner, minus the list of installed applications,” Reed wrote in his analysis. “There is really no good reason for a ‘cleaning’ app to be collecting this kind of user data, even if the users were informed, which was not the case.”

Trend Micro admitted that its apps — Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder — were removed from the Mac App Store, but denied that the apps were “stealing” data and sending that data to Chinese servers.

The company said in its response that the Trend Micro apps were collecting and uploading “a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation,” but claimed this functionality was “for security purposes” and that the actions were permitted by users as part of the EULA agreed to on installation.

Trend Micro linked to a support page for Dr. Cleaner that showed browser history as one of the types of data collected with user permission, but Reed said on Twitter that he kept archived copies of the apps and he did not find any in-app notifications about data collection.

Despite denying any wrongdoing, Trend Micro said it was taking steps to “reassure” users that their data was safe.

“First, we have completed the removal of browser collection features across our consumer products in question. Second, we have permanently dumped all legacy logs, which were stored on US-based AWS servers. This includes the one-time 24 hour log of browser history held for three months and permitted by users upon install,” Trend Micro wrote. “Third, we believe we identified a core issue which is humbly the result of the use of common code libraries. We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. This has been corrected.”

It is unclear why Open Any Files was uploading data to Trend Micro servers or if Trend Micro was the only company with access to the data uploaded by any of the Trend Micro apps.

Trend Micro did not respond to questions at the time of this post.

Apple’s responsibility in the Mac App Store

Despite being a central figure in the story of the Trend Micro apps being removed from the Mac App Store, the one company that has kept quiet has been Apple. Apple has not made a public statement and did not respond to requests for comment at the time of this post.

Apple claims, “The safest place to download apps for your Mac is the Mac App Store. Apple reviews each app before it’s accepted by the store, and if there’s ever a problem with an app, Apple can quickly remove it from the store.” But, Wardle said “it’s questionable whether these statements actually hold true,” given the number of apps found to be stealing data and Wardle pointed out that the Mac App Store has known issues with fake reviews propping up bad apps.

Stefan Esser, CEO of Antid0te UG, a security audit firm based in Cologne, Germany, also criticized Apple’s response to the claims apps in its store were stealing data.

“The fact that Apple was informed about this weeks ago and [chose] to ignore and that they finally reacted after bad press like two days before their announcement of new products for you to buy is for sure just coincidence,” Esser wrote on Twitter.

And Reed said it’s best to not trust certain apps in the Mac App Store.

Algolia partners with integrators, digital agencies

Algolia, which offers search technology for websites and mobile apps, has launched a partner program targeting systems integrators, consultants, digital agencies and e-commerce platforms. Algolia partners include Accenture Interactive’s Altima business unit, digital agency Wunderman and e-commerce platforms Magento and Shopify.

At launch, the Algolia Partner Program has 20 certified partners. The program aims to create an ecosystem of Algolia partners that can help enterprises customize Algolia search technology, according to the company.

The program’s launch follows rising interest among customers in working with partners, said Alexandre Popp, director of channels and alliances at Algolia.

“Over the past year, we saw increasing demand from enterprises to leverage the support of partners like systems integrators, consultants and agencies,” Popp said. “So we made the decision to dedicate resources to building out partner engineering, account management, and marketing teams to support our partners in the field and meet customer demand.”

The partner program is part of the company’s enterprise customer initiative.

Alexandre Popp, director of channels and alliances at AlgoliaAlexandre Popp

“Our motion to move upmarket comes with partners and multinational brands purchasing our product in tandem with partner solutions, and deployed with consulting firms’ team[s],” Popp said. He noted the program’s objective is to support partners as they “build or sell digital products” that embed Algolia.

Algolia’s partner program offers technical enablement and certification; go-to-market and sales enablement; and marketing support, including co-marketing events, webinars and campaigns. The company, founded in 2012, said it has more than 5,700 customers.

Cloud service providers launch offerings

Cloud service providers Faction and 2nd Watch rolled out new services this week.

Over the past year, we saw increasing demand from enterprises to leverage the support of partners like systems integrators, consultants and agencies.
Alexandre Poppdirector of channels and alliances, Algolia

Faction, a Denver company that focuses on multi-cloud services, said it is working with VMware to provide cloud-attached storage for VMware Cloud on AWS deployments. Faction said its Cloud Control Volumes offering provides a scalable storage platform for VMware Cloud on AWS customers who need more storage capacity.

Meanwhile, 2nd Watch, a managed service provider based in Seattle, said its Cloud Migration Cost Assessment service aims to help large and midmarket firms get a handle on the cost benefits of moving on-premises IT infrastructure to the cloud. The cloud migration assessment involves a six-week engagement in which 2nd Watch cloud personnel evaluate a customer’s IT estate and “map current resources to the most cost-effective cloud solution,” according to the company.

Other news

  • Silver Peak launched its Authorized Deployment Partner (ADP) Program, which will train, certify and authorize a group of services partners. Partners receiving authorization are deemed capable of managing the design, deployment and management of the Silver Peak Unity EdgeConnect SD-WAN offering. Program participants include Cavell Group, FireOwls Corp., Geode Networks, Traversa Solutions and Velociti.
  • Arcserve, a data backup and availability vendor based in Minneapolis, unveiled a new channel program dubbed Arcserve Accelerate. The program targets North American MSPs, value-added resellers, large-account resellers and original equipment manufacturers. Program features include re-developed e-learning courses, partner certification, individual and corporate SPIFs, marketing development funds and access to cloud-native products with support for private and public clouds such as AWS and Microsoft Azure, according to Arcserve.
  • Matrix Integration, an IT infrastructure company in Kentucky and Indiana, has opened its new Louisville regional office. The company said the expansion provides a hub for modernizing the IT infrastructure of public and private sector entities in the Louisville area.

Market Share is a news roundup published every Friday.

Insurer accelerates DevOps test data refreshes with Actifio

Large enterprises lug data-heavy legacy apps with them to DevOps. To keep rapid development on track, teams must take fresh approaches to IT operations at the deepest levels of infrastructure.

For ActiveHealth Management Inc., a New-York-based subsidiary of Aetna International, a large health insurer in Hartford, Conn., that problematic app was a 150 TB Oracle database deployed on a six-node Oracle Real Application Cluster, to produce analytics reports on member data. The amount of data on such a complex server infrastructure presented a major obstacle to the company’s planned implementation of a continuous DevOps test process in early 2017. A manual refresh of database test data through a traditional backup copy of the cluster would require an estimated minimum of 350 hours of work, over 30 days.

“Our QA team wanted live real-time data in our lower test/dev environments,” said Conrad Meneide, then the vice president of infrastructure at ActiveHealth, now executive director of affiliate infrastructure services at Aetna. “But a 150 terabyte production database takes an insurmountable amount of time to copy, and importing a full copy of that data to a test environment would require a costly storage footprint.”

Even if ActiveHealth could spare the disk space and time to generate DevOps test data, the performance requirements for the production database cluster prohibited such a backup during business hours.

Actifio CDS UI
Actifio CDS UI shows DevOps test copy process

DevOps test data copy bake-off favored Actifio

Parent company Aetna already had a relationship with a DevOps test data management vendor, but the ActiveHealth team wasn’t convinced that product could make on-demand clones of its large, performance-sensitive database. The team conducted a five-week bake-off in early 2017 between that incumbent tool and a product called Copy Data Storage (CDS) from Actifio Inc.

“The incumbent product produced some improvement over the manual process, but Actifio gave us five times the performance gain of that competitor’s product,” Meneide said. He declined to name the incumbent vendor, as its software remains in use at Aetna.

Our QA team wanted live real-time data in our lower test/dev environments.
Conrad Meneideexecutive director of affiliate infrastructure services, Aetna

Competitors to Actifio in copy data management include Catalogic Software, Cohesity Inc., Commvault Systems Inc., Delphix Corp. and Rubrik Inc. These vendors are able to make fast copies of data stores with a small footprint. Another set of vendors specializes in test data management, which generates test reports and includes data masking and encryption features out of the box in addition to fast-copy mechanisms. Test data management vendors include CA, Delphix, HP and Informatica.

Meneide attributed the difference between Actifio and the incumbent vendor his team evaluated to the products’ architectures. The incumbent product was installed on a VM and addressed back-end storage through the company’s IP network via the Network File System (NFS) protocol, while Actifio CDS was packaged with Fibre Channel storage area network hardware on an appliance.

“This meant we didn’t have to reinvest in a faster Ethernet network for NFS, or worry about security concerns around NFS over the main network,” Meneide said.

DevOps test performance removes release roadblocks

Actifio CDS integrates with ActiveHealth’s Jenkins CI/CD pipeline through a RESTful API, and developers generate clones of the data for DevOps tests on-demand through the Jenkins interface. The API meant ActiveHealth could also connect a homegrown data masking and encryption utility, while the incumbent vendor’s software would have required a separately licensed encryption engine.

With on-demand DevOps test data, ActiveHealth established a continuous integration and delivery workflow in its dev/test environments, which resulted in releases to production every two weeks.

“This was possible before Actifio, but not with fresh test data — everything almost had to stop for a data refresh, and data refresh requests came in ad hoc,” Meneide said.

Actifio clones the database data using pointers to a deduplicated golden image, which means the DevOps test data environment also takes up only a fraction — some 20% to 30% — of the storage space compared to the production environment.

In his new position as an executive director at Aetna, Meneide said he will evaluate wider use of Actifio CDS in other subsidiaries at the company, such as its Medicaid claims business, as well as with other database types, such as Microsoft SQL Server. As the insurer moves some workloads to public cloud service providers, it will explore whether Actifio CDS can help quickly clone data to send with apps into those new environments.

However, as in any large enterprise, a number of DevOps and IT initiatives compete for attention and a share of the budget. At Aetna, a broader Actifio rollout must compete with an IT to-do list that includes a DevSecOps transformation, and the adoption of containers and Kubernetes container orchestration in the company’s private cloud.

“We’re still exploring and understanding the use cases, and where compliance dictates we retain systems of record,” Meneide said. “Actifio also has potential uses for disaster recovery for us.”

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

To entice developers to create more apps on their environments, major cloud platform companies will meet them where they live.

Microsoft and Google both released tools to help ease app development on their respective platforms, Microsoft Azure and the Google Cloud Platform. Microsoft’s Azure Dev Spaces and Google Jib help developers build applications for the Kubernetes container orchestrator and Java environments and represent a means to deliver simpler, developer-friendly technology.

Microsoft’s Azure Dev Spaces, now in public preview, is a cloud-native development environment for the company’s Azure Kubernetes Service (AKS), where developers can work on applications while connected with the cloud and their team. These users can build cloud applications with containers and microservices on AKS and do not deal with any infrastructure management or orchestration, according to Microsoft.

As Kubernetes further commoditizes deployment and orchestration, cloud platform vendors and public cloud providers must focus on how to simplify customers’ implementation of cloud-native development methods — namely DevOps, CI/CD and microservices, said Rhett Dillingham, an analyst at Moor Insights & Strategy in Austin, Texas.

“Azure Dev Spaces has the potential to be one of Microsoft’s most valuable recent developer tooling innovations, because it addresses the complexity of integration testing and debugging in microservices environments,” he said.

Edwin Yuen, analyst, Enterprise Strategy GroupEdwin Yuen

With the correct supporting services, developers can fully test and deploy in Microsoft Azure, added Edwin Yuen, an analyst at Enterprise Strategy Group in Milford, Mass.

“This would benefit the developer, as it eases the process of container development by allowing them to see the results of their app without having to set up a Docker or Kubernetes environment,” he said.

Meanwhile, Google’s Jib containerizer tool enables developers to package a Java application into a container image with the Java tools they already know to create container-based advanced applications. And like Azure Dev Spaces, it handles a lot of the underlying infrastructure and orchestration tasks.

It’s about simplifying the experience … the developer is eased into the process by using existing tools and eliminating the need to set up Docker or Kubernetes.
Edwin Yuenanalyst, Enterprise Strategy Group

Integration with Java development tools Maven and Gradle means Java developers can skip the step to create JAR, or Java ARchive, files and then containerize them, Yuen said.

“Like Azure Dev Spaces, it’s about simplifying the experience — this time, not the laptop jump, but the jump from JAR to container,” he said. “But, again, the developer is eased into the process by using existing tools and eliminating the need to set up Docker or Kubernetes.”

Jib also extends Google’s association with the open source community to provide Java developers an easy path to containerize their apps while using the Google Cloud Platform, Yuen added.

Electron framework flaw puts popular desktop apps at risk

A new vulnerability found in an app development tool has caused popular desktop apps made with the tool to inherit a risky flaw.

The Electron framework uses node.js and Chromium to build desktop apps for popular web services — including Slack, Skype, WordPress.com, Twitch, GitHub, and many more — while using web code like JavaScript, HTML and CSS. Electron announced that a remote code execution vulnerability in the Electron framework (CVE-

2018-1000006
) was inherited by an unknown number of apps.

Zeke Sikelianos, a designer and developer who works at Electron, wrote in a blog post that only apps built for “Windows that register themselves as the default handler for a protocol … are vulnerable,” while apps for macOS and Linux are not at risk.

Amit Serper, principal security researcher at Cybereason, said a flaw like the one found in the Electron framework “is pretty dangerous since it allows arbitrary command execution by a simple social engineering trick.”

A flaw like this is pretty dangerous since it allows arbitrary command execution by a simple social engineering trick.
Amit Serperprincipal security researcher at Cybereason

“Electron apps have the ability to register a protocol handler to make it easier to automate processes for the Electron apps themselves (for example, if you’ll click a link that starts with slack:// then Slack will launch. It makes it easier to automate the process of joining a Slack group,” Serper told SearchSecurity by email. “The vulnerability is in the way that the protocol handler is being processed by the Electron app, which allows an attacker to create a malicious link to an Electron app which will execute whatever command that the attacker wanted to run.”

Sikelianos urged developers to update apps to the most recent version of Electron as soon as possible.

There are more than 460 apps that have been built using the flawed Electron framework, but it is unclear how many of those apps are at risk and experts noted that code reviews could take a while.  

Security audits

Lane Thames, senior security researcher at Tripwire, said mechanisms for code reuse like software libraries, open source code, and the Electron framework “are some of the best things going for modern software development. However, they are also some of its worst enemies in terms of security.”

“Anytime a code base is in use across many products, havoc will ensue when (not if) a vulnerability is discovered. This is inevitable. Therefore, developers should ensure that mechanisms are in place for updating downstream applications that are impacted by the vulnerabilities in the upstream components,” Thames told SearchSecurity. “This is not an easy task and requires lots of coordination between various stakeholders. In a perfect world, code that gets used by many other projects should undergo security assessments with every release. Implementing a secure coding practice where every commit is evaluated at least with a security-focused code review would be even better.”

Serper said developers need to “always audit their code and be mindful to security.”

“However, in today’s software engineering ecosystem, where there is a lot of use of third party libraries it is very hard to audit the code that you are using since many developers today use modules and code that was written by other people, completely unrelated to their own project,” Serper said. “These are vast amounts of code and auditing third party code in addition to auditing your own code could take a lot of time.”

Justin Jett, director of audit and compliance at Plixer International Inc., a network analysis company based in Kennebunk, Maine, said the Electron framework flaw was significant, given that “affected applications like Skype, Slack, and WordPress are used by organizations to host and share their most critical information”

“If these applications were to be compromised, the impact could be devastating. Developers that use third-party frameworks, like Electron, should audit their code on a regular basis, ideally quarterly, to ensure they are using an up-to-date version of the framework that works with their application and has resolved any security issues from previous releases,” Jett told SearchSecurity. “Additionally, platform developers, like Electron, should complete routine audits on their software to ensure that the developers taking advantage of their platform don’t expose users to security vulnerabilities — vulnerabilities which, left unresolved, could cause profound damage to businesses that rely on these applications.”

Digital Design is Never Done – Microsoft Design – Medium


Digital Design is Never Done

How our team made Windows 10 Mail and Calendar apps more Fluent

Before and after animation of the redesigned app

Two years ago we introduced completely rewritten and redesigned Mail and Calendar apps in Windows 10. (Not the screens pictured above.) While the apps were functional and modern looking, they still lacked a more refined and delightful look and feel. In the “software as a service” era, we’re able to improve our features and designs with a cadence that customers have come to expect. Even before the 2015 release, we began thinking about the next app iterations.

Our early redesign set the goals to visually align with Windows, reduce chrome, give the app a fresh, more refined, and beautiful look, while raising the bar of “craftsmanship” (the internal name for our efforts). The team established design guidelines grounded in a purposeful use of typography, color, and motion, to convey a delightful and highly functional app.

Timing plays a part in every story

It wasn’t until early 2017, engineering resources became available to work on our redesign. About the same time, the Fluent team (code named NEON) was launching, and actively driving adoption of the new Fluent Design System into Microsoft apps. That meant we had a refreshed design challenge; (Thank you Satya) rethinking what we kept, what we left behind, and how we became more Fluent going forward.

While the Fluent launch was exciting, our team remained mindful that we were redesigning apps that had millions of users and fans. Altering things they were used to—like title bar, ribbon, and key functionality—had to be carefully considered. Obviously, we didn’t want to alienate our users, and we were not interested in any backwards steps in usability.

One insight we gained early on in user testing was that “different” did not necessarily mean “problem.”

Integrating fresh cues from early Fluent Design mail work with the aforementioned redesign ideas turned out to be fairly straightforward — as some of the overarching principles were already aligned. Even some of the Fluent design elements, namely “acrylic” with its translucent surface treatment, were already present in some form in our existing app (semi-transparent navigation pane).

Early “Craftsmanship” refresh for mail (never shipped)
Early “Craftsmanship” refresh for calendar (never shipped)

Fluent Mail & Calendar explorations

The design explorations coming from the recently launched Fluent team didn’t meet all of the requirements we had for our apps in terms of workflow, personalization, localization, accessibility, etc. Our team examined each of those requirements, applying aspects of the Fluent Design System into our own explorations.

The first Fluent design elements we looked to implement were “acrylic” which is the translucent, glassy surface treatment for panels and “reveal”, the light effect that appears on hover to reveal actionable elements. Each of them presented their own set of challenges and we remained in close communication with Fluent and the other Office teams, learning what worked and what didn’t.

Early exploration for Fluent Mail in light theme
Early Fluent exploration for Calendar
Experimenting with a blue top bar, aligning more to the Outlook brand

Acrylic — Background or no background, that is the question

Acrylic is a Fluent Design System component that allows incorporation of light, depth, motion, material, and scale into the UI. It adds a partially transparent texture (material) to certain UI elements like panes. With its introduction one natural question that arose was: “If I can see through it, what do I see? What is in the background?” Having already established a background picture as a default within our app we asked ourselves “Does our background clash with the desktop background? Are we going to get rid of our background picture in favor of the user’s desktop picture? What about other app windows in the background that might not look pretty? How does it work with (brand) colors?” This lead to an array of explorations.

Early “empty state”-explorations (when no email is selected) with the user’s desktop showing through the acrylic and wide panel margins
Later “empty state”-exploration with less translucency and another window showing through
Later “empty state”-exploration with in-app background picture

Ultimately, we decided in favor of the in-app background photo because we knew it delighted our users. It also reduced visual background clutter in the empty state when no email is selected. (However, our users have the options of changing the picture or turning it off in personalization settings.)

Reveal on white with “brickwork”-effect between panes did not work for us

To Reveal — or not to reveal?

Reveal is a lighting effect that brings depth and focus to interactive elements. By showing borders of controls and buttons on hover it reveals actionable elements and helps understanding the UI. While the concept of reveal is great- the devil is always in the details. In the first iteration reveal not only exposed interactive elements, but also exposed the borders of controls in neighboring panels and brought attention to previously invisible different alignments of controls. For example, elements in the left navigation pane didn’t necessarily align to elements in the message list because they scroll differently. That, in turn, created sort of a brickwork-effect visible with reveal that added more visual noise to the app, something we actually wanted to get rid of. So in order to avoid all that we decided to turn off reveal in the message list- only apply it on the navigation pane and also turn off reveal on vertical lines in the folder list.

“How do I move my window?”

A key part of the redesign was giving the user a clear information hierarchy and reducing visual clutter by removing the app window’s title bar. While not only aesthetically pleasing, it reduced the calls to action present on the screen and let the user focus on their content.

An obvious concern was that this change might cause confusion by removing users’ visual affordance for how to move the app window. Our design still allowed users to move the app by clicking and dragging the top 32 pixels, but we were worried that users might be confused if the visual affordance wasn’t present. We debated running a user study to determine the consequences of this change but realized that since other apps in Windows 10 had previously made similar changes, we could reach out to them and see if their users had experienced difficulty when their app’s title bar was removed.

What we discovered was very encouraging. The Edge team shared the experience they had using their app’s title bar exclusively to organize webpage tabs. They told us that initial user feedback was mixed, and while some users did initially have reservations, that feedback had dissipated quickly and overall opinion of the design choice was positive.

When Mail and Calendar instituted the change we saw virtually no feedback about the removal of the title bar. To the contrary, feedback referred to the app as ‘modern’ and ‘fresh’. It turned out that dragging the top of an app window was such a common pattern that our app remained completely usable without that legacy UI element.

Exploration with folder flyout

Moments of truth in code

After we designed everything and handed off specifications and comps to our partner in engineering there came the critical “moments of truth in code.” There are often deltas when it comes to fonts, colors, transparency values etc. between designing in a design program and building in code. Applying and tweaking in the real thing becomes an essential part of the process working directly with the engineers to iron out all the little kinks.

Through the testing phase (called dogfood at Microsoft), we went through multiple iterations, either to address things we had obviously missed, or things that were accessibility related based on feedback. These issues included font color contrast on acrylic, selection color with actual acrylic in code, as well as testing with different background images.

(The background colors for selected items in the navigation pane were important as fallback solution in scenarios where Fluent is not supported due to hardware or software restrictions or if it is turned off by the user.)

Reminder: Designers are not the customers

A constant point of discussion had been the selected state for accounts and folder in the left navigation pane. Fluent Design controls use a small vertical selection indicator to the left of the selected item which appears not unlike the proven unread mail bar in the message list. Despite initial concerns that the similar appearances but different meanings might confuse users, and after multiple design iterations for the unread marker and the selected state, we went ahead and implemented and tested it in dogfood. Interestingly enough, there was very little feedback about this. Users did not have problems distinguishing the two.

User testing is always a good reminder that the things we designers perceive as inconsistencies might not be perceived as such by users. In one of the discussions with a user I heard “It’s a thing that is marked because it’s important.” We learned that when seen in use context, what we perceive as inconsistencies become less important and users quickly adapt.

Details: Lines in message list

A good example where we tried to adhere to Fluent Design principles by celebrating just the content and remove as much chrome as possible from the UI are the horizontal lines in the message list. Users found it difficult to distinguish between individual messages and, based on feedback, we had to gradually bring lines back to increase usability. It turned out that just using the spacing to separate messages from each other wasn’t clear enough, especially since we had introduced a new feature of small previews of attachments (photos) in the message list and messages with varying heights started to bleed into each other. Similarly, we reintroduced the line between message list and reading pane. Sometimes the eye needs those subtle visual cues not to stumble.

Evolving story

The design of the apps today is a snapshot in time. The design will constantly improve and evolve. We’re already working on fine-tuning with information density settings, Fluent connected animations and a light theme. Expect to see more evolution from Fluent Design and the Windows Mail and Calendar apps in the months and years to come!

These apps are just two chapters in a much larger story—where the Fluent Design provides intelligence and consistency across apps and devices from 0D to 4D. The cool thing to consider as a designer is this: whether you are chatting with Cortana on Invoke, using launcher on your Android phone, inking with Edge on your Surface, or creating with Paint 3D in your Cliff House with a head mounted display, Fluent Design ensures that you (and your users) will have consistently delightful experiences.


Fluent is a collaborative effort

Find out more about Fluent Design and join the diverse community of creators!

Check out #FluentFridays on twitter @MicrosoftDesign

Follow Microsoft Design on Dribbble, twitter, and Medium

Follow me on twitter

Thanks to the team

This story reflects the effort and dedication of a great number of teams and teammates. I took on adoption for Mail and the overall communication with the Fluent and Office teams for the framework and shared components while Hiroshi Tsukahara looked at it from the Calendar perspective. Chris Bimm drove the effort from the PM side. Andrew Falk helped with the motion design and Barry Li was a great dev collaborator with more patience than you can imagine! Last but not least, a special shout-out to March Rogers and Jason Blackheart, former colleagues who laid a lot of the groundwork for this.

At Dreamforce, Salesforce applications take center stage

Apps, Einstein and Quip are expected to be the focus at Dreamforce, with Salesforce keeping any new clouds it may be building under wraps.

For its first 18 years, Salesforce focused inward, building its clouds and the infrastructure to support them. This year, with many business processes covered by one cloud product or another, Salesforce is turning its attention outward — to the applications side of the aisle — hoping that building out its community of developers will help propel new growth.

Salesforce applications will be a big focus at the start of Dreamforce, the company’s annual conference, which is expected to draw more than 170,000 attendees, according to a recently published report by USA Today. In its initial announcements ahead of Dreamforce, Salesforce focused on existing products and how to improve the user experience, including a bevy of app-building tools.

Einstein apps and bots

The company’s apps can now be embedded into Einstein with the release of myEinstein, which allows users to create custom AI models. Salesforce Einstein AI bots can also employ artificial intelligence to assist with customer service workflows. Einstein Prediction Builder enables admins to craft AI models that predict business outcomes.

Salesforce Einstein AI was the big reveal at last year’s Dreamforce — the accumulation spending more than $1 billion on AI-centric companies. And while no new clouds or platform-wide products were unveiled this year, some analysts see this year’s Dreamforce as a Part Two to last year’s Part One.

“It’s an evolution from what [Salesforce] talked about last year,” said John Bruno, principal analyst at Forrester Research. “Right now, Einstein is still in the early adopter phase. That being said, the stuff Salesforce has done has matured [Einstein] over the past year.”

Apps extend to Apple, Google stores

One key example of that, according to Bruno, is the availability of Einstein Prediction Builder, which allows companies to embed AI functionality into its own business processes.

“Prediction Builder is Salesforce stepping out and saying, ‘Everything you’ve known Salesforce to be as a platform is in the past,'” Bruno said. “Prediction Builder is the next generation of that. Salesforce placed its bets on AI being the future, and, if that’s the case, you can’t rely on the first-party capabilities you put out there.”

Beyond improving and building out Einstein, Salesforce released several other upgrades, many of which focused on building Salesforce applications and company branding.

The Salesforce mobile application will go from Salesforce1 to mySalesforce — allowing for employees at all levels to build custom Salesforce applications. App builders can also publish Salesforce applications to the App Store or Google Play with a Listing Wizard capability. Lightning received the app upgrade with myLightning, including better branding capabilities and an improved App Builder.

Quip makes collaboration push

Quip also received an application-centric upgrade, with Live Apps embedding real-time collaboration and document viewing, a calendar app that can be used to track projects, and workflow templates for quick document and spreadsheet use for specific industries and projects.

The added collaboration features for Quip can lead to the question of whether this is Salesforce positioning itself to challenge the Slacks and Microsoft Teams of the world. Salesforce denies any posturing, saying that Slack remains a partner.

Salesforce wants to be the one place where employees conduct all of their work-related activities.
Bill Quinn, director of customer experience solutions, Tata Consultancy Services

“Slack and Quip are allies in changing the way people work, and Slack continues to be a great partner of ours,” said Rafael Alenda, vice president of marketing at Quip. “Slack has seen success in communication, while the Quip Collaboration Platform is focused on document, collaboration and, in the end, transforming the enterprise culture into something much more modern, less reliant on emails and less reliant on meetings.”

Alenda added that with an open API, Quip could be embedded into other document-based tools that customers use.

While Salesforce continues to play nice with Slack, others see it as the company subtly positioning itself into the growing collaboration market.

“I think they’re essentially working to make Salesforce the ‘hub’ for all the work you do as an employee,” said Bill Quinn, director of customer experience solutions at Tata Consultancy Services, based in Mumbai, India. “Salesforce wants to be the one place where employees conduct all of their work-related activities. It started with Chatter but has grown with Quip.”

To help companies with development of Salesforce applications, Trailhead has also been expanded into myTrailhead. The move allows customers to create custom learning pages with their own content and branding to assist with onboarding and company-specific skills.

More information regarding these features and other future features will be released throughout the week at Dreamforce. Be sure to check back to SearchSalesforce for updates.