Forgot your password?
typodupeerror
Education Communications The Internet News

Univ. of Illinois Goes War-of-the-Worlds On Students 168

Posted by Soulskill
from the confirmation-dialog-boxes-are-for-wimps dept.
theodp writes "'Strange beings who landed in New Jersey tonight are the vanguard of an invading army from Mars.' (Orson Welles, 1938). 'Active shooter at BUILDING NAME/INTERSECTION. Escape area if safe to do so or shield/secure your location.' (Univ. of Illinois, 2011). An alert message sent out Thursday to 87,000 emails and cell phones warning recipients to escape from an 'active shooter' at the University of Illinois was an error, the Office of the Chief of Police confirmed. 'The alert sent today was caused by a person making a mistake,' explained an email. 'Rather than pushing the SAVE button to update the pre-scripted message, the person pushed the SUBMIT button. We are working with the provider of the Illini-Alert service to implement additional security features in the program to prevent this type of error.'"
This discussion has been archived. No new comments can be posted.

Univ. of Illinois Goes War-of-the-Worlds On Students

Comments Filter:
  • To turn keys that initiate the Minute Man launch sequence...

  • by GPLDAN (732269) on Friday March 25, 2011 @04:50PM (#35616512)
    It meant to say "Reactive HOOTERS at State & Main."


    It's part of a new network detection system for big, non-artificial breasts detected by a camera system. The roll out is initially for Los Angeles and Beverly Hills, the AI is being perfected by the NCSA guys.
  • Umm, 'scuse me? (Score:5, Interesting)

    by Guspaz (556486) on Friday March 25, 2011 @04:50PM (#35616518)

    But Schroyer said some students were shaken by the initial alert and criticized the university for taking about 12 minutes to send an email confirming it was false.

    "That was unacceptable in my opinion," he said.

    Really? 12 minutes is too slow? The thing sent out 87,000 e-mails (which takes a while no matter how big and distributed your mail system is), and the person who made the error probably didn't notice until either they got the e-mail or somebody who did told them.

    I think 12 minute response time for something like this is pretty impressive.

    • apparently those same students thought that the sender had their email open as well and recieved it right away. Of course you need to the proper people that this happened and compose the confirmation. At this point said person is really wanting to make sure they get it correct which takes a few minutes.

      But I guess that is not good enough for the TGIF (twitter, google, ipad, facebook) generation and their I want it now mentality

    • Re:Umm, 'scuse me? (Score:4, Informative)

      by DisKurzion (662299) on Friday March 25, 2011 @05:01PM (#35616640)

      At the school I work for, there was a major outcry when we implemented a universal SSO for the ever-increasing amount of online tools put out by our school.

      There were numerous articles in the school paper decrying the change.

      5 years later, and we could only imagine the outcry if we got rid of it: "WHAT DO YOU MEAN I'D HAVE TO MAINTAIN A SEPARATE PASSWORD FOR EVERY SYSTEM!!!???"

      Students complain for the sake of complaining.

  • by kanweg (771128) on Friday March 25, 2011 @04:50PM (#35616526)

    Do you want to cancel the alarm?
    [Cancel] [Cancel]

    Bert

  • by pak9rabid (1011935) on Friday March 25, 2011 @04:54PM (#35616570)
    How about prompting for a CONFIRMATION before spamming thousands of text messages/emails out?
    • Re: (Score:3, Insightful)

      by dkleinsc (563838)

      Anyone who does usability studies can assure you that people won't read confirmations, they'll just blindly click OK. And it's worth noting here that this was entirely an ID10T error, not a computer glitch, although I'm sure a fair number of folks will try to blame it on the computer.

      • Yes, but seeing *something* pop-up when the action you're taking doesn't usually produce a pop-up should be indication enough that something isn't right, even if the user doesn't take the time to read it.
      • by Rary (566291)

        Anyone who does usability studies can assure you that people won't read confirmations, they'll just blindly click OK.

        This is true if you're discussing confirmations that come up for frequent actions. However, if your normal action (save) just happens without any confirmation, and your non-normal action (submit— how often do they actually need to use this system?) pops up a confirmation, it tends to catch you off guard and make you take notice that something unexpected is happening. This would be precisely the correct use of a confirmation dialog.

        • Better idea: A modal dialog pops up, with a big red countdown from thirty seconds before the 'ok' and 'cancel' buttons become enabled, to make sure the user reads it. It also plays an audio clip at full volume to tell everyone else in the office to check it.
          • by pak9rabid (1011935) on Friday March 25, 2011 @06:18PM (#35617428)

            Better idea: A modal dialog pops up, with a big red countdown from thirty seconds before the 'ok' and 'cancel' buttons become enabled, to make sure the user reads it. It also plays an audio clip at full volume to tell everyone else in the office to check it.

            Michael Bolton: That is the worst idea I've ever heard in my life.
            Samir: Yes, this is horrible, this idea.

        • by adolf (21054)

          In my line of work (government public safety communications), it takes two proactive steps to send out an alert:

          First, press/click the "unlock" button.

          Second, press the "send alert" button.

          Pressing "send alert" without "unlock" first does nothing -- it's just a dead button.

          This works fine. It's not unlike a safety cover [google.com] on a toggle switch: The act of opening the cover indicates that you're serious about your next action, and the system does not question you when you throw the switch since you've already c

          • by Rary (566291)

            "Are you sure" dialogs are generally just an annoyance caused by lazy developers. They'd rather ask for verification (one line of code) than write functionality to allow the user to "undo" what they did if it turns out that they did it incorrectly. Of course, sometimes you're dealing with something that simply can't reasonably be "undone", and that's where there should always be an extra step, whether it's an extra step after the fact, such as a confirmation dialog, or an extra step before the fact, such as

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Anyone who does usability studies can assure you that it's a bad idea to have a button labeled "submit" close to one labeled "save".

        I am pretty sure this was some kind of web app. A lot of web apps use the standard "submit" button for saving form entries.

        This was neither an ID-ten-T, nor a system glitch, but a badly thought through design.

      • Re: (Score:3, Insightful)

        by blacklint (985235)

        Well, yes. Most of the time people think "Of course I want to do !" when they see a dialog, because they actually did intend to press that button at the time. But they do solve the problem of "Oh no, I didn't mean to click that!" (I've accidentally sent uncompleted emails an embarrassing number of times), and really are useful for things that cannot be undone. Such as, oh, I don't know, sending mass text messages.

        This most certainly was an interface problem. If someone is intending to update a template, if

      • Re:Easy solution (Score:5, Insightful)

        by Chuckstar (799005) on Friday March 25, 2011 @05:18PM (#35616854)

        This was not an ID10T error. This was bad human interface design.

        The user had two choices: "Save" and "Submit". My first reaction to seeing that was "what's the hell is the difference between Save and Submit?"

        Apparently:
        "Save" = update the template
        "Submit" = send out the alert

        IMHO, that's a terrible choice of verbs. You could almost reverse the two and still have them make just as much sense. How about "Update" and "Send"? Or this might even be one of those rare times when you want to use longer button names -- "Update Template" and "Send Out Alert". Much less likely for a mix-up like this if those were the button titles.

        • by aix tom (902140)

          Yep. I would probably have labelled the buttons "Save Text" ( normal grey ) and "SEND ALERT" ( Red, and in a completely different location, with a big ALERT Icon on it. )

          ( And, of course, the "SEND ALERT" shouldn't be the default action of the form that gets triggered when you hit enter. Just saying. ;-P )

        • This was not an ID10T error.

          Sure it was!

          It's just that the ID10T in this case was the interface designer and not the user (for once..).

      • by geekoid (135745)

        err, no. It depends on the user and user training. A person trained in a specific piece of software can be trained to read messages under specific instance. Many people using SCADA tools do so everyday.

      • That's why you don't make the confirmations a yes/no box on big things like that.

        You make them a text box where it says you have to type a specific message that basically requires you *think* before you send it. For example, requiring someone to type "SEND THIS MESSAGE" to actually send out a message over the warning network would probably have gotten them to think twice.

        I mean, even World of Warcraft requires that you type "DELETE" in a text field in order to delete a character or rare item - you'd think a

        • by Ritchie70 (860516)

          On our systems the users have to type YES just to reboot.

      • by magarity (164372)

        Anyone who does usability studies can assure you that people won't read confirmations, they'll just blindly click OK. And it's worth noting here that this was entirely an ID10T error, not a computer glitch, although I'm sure a fair number of folks will try to blame it on the computer.

        To be fair though, it does say this was a mistake of choosing between 'save' and 'submit'. Those choices could have been worded a lot more clearly. Something like 'save template' and 'activate alarm' would be much clearer to an end user.

        • Easier yet would be separating the "I want to set an alarm" path from the "I want to change the scripts" path. Having both functions in the same dialog is simply asking for trouble.

          And hey, they were using custom software. It doesn't have to precisely follow the methods for creating an email template, does it?

          And... why are people fixated on just the words? Why not make the "send alarm" button have Big Red Friendly Letters, a different button shape, or perhaps have the button slide away from the mouse, r

      • How about instead of Yes and No buttons on the confirmation, you have buttons that read "I DO want to cause wide spread panic such as this organization has never seen", and "I DO NOT....."
      • by demonbug (309515)

        Anyone who does usability studies can assure you that people won't read confirmations, they'll just blindly click OK. And it's worth noting here that this was entirely an ID10T error, not a computer glitch, although I'm sure a fair number of folks will try to blame it on the computer.

        People don't read confirmations for everyday tasks that always pop up numerous times a day. If it is a task that is presumably rare, like mass-mailing tens of thousands of people over an emergency alert system, they are probably going to pay attention to what the confirmation dialog says.

        Just because I click through idiotic confirmation dialogs without reading them every time I open a document I downloaded from the internet doesn't mean that I click haphazardly through confirmations while reinstalling my OS

      • Word has it, there is this professor at UI who drinks only rain water and whiskey. He thinks fluoridation is a part of a mind control conspiracy. Could it be that he triggered the alarm?
    • Or label your buttons better than "Submit" and "Save". I honestly couldn't tell you which I would expect to activate the system.

    • by TheCarp (96830)

      Better solution: Ditch the whole system

      Little good comes from causing mass panics. Student populations have been entirely disarmed by schools generally adopting the same "Oh my god we have to do something about any danger we can IMAGINE" attitude that government suffers from. There is nothing any of them can do.

      What they really need to do is realize how many students and schools there are, and compare that to the number of "active shooter" incidents and realize that... this is an utter waste of time and mon

  • Irony (Score:5, Funny)

    by ncttrnl (773936) on Friday March 25, 2011 @04:55PM (#35616580)
    Sounds like UI needs a better UI on their emergency notification system.
    • This is how to design the perfect interface:

      1. Administrators should have guns.
      2. Offices should have sensors that detect gun shots and trigger an email alert.

      This would be double plus good:

      1. No accidental click but a meaningful action that relates to the incident that is reported.
      2. What makes people angry are false reports. Not with this system.

      • I understand your point, but those alert systems are for a wide variety of issues. Say there's a really bad chemical spill in an area where students typically walk through... are you implying that the administrators should shoot the spill to trigger the alarm?

        Although, some of the ice at Penn State (which sent out notices using their system when the weather closed down the school) might best be dealt with using a steady application of gunfire.

  • by mcmonkey (96054) on Friday March 25, 2011 @04:56PM (#35616584) Homepage

    It sounds like they have no way to test the message other than it sending it out to every address in the alert list.

    Let's say in this case after updating the message templates, the person hit 'save' rather than 'submit'. On the bright side, then no message would have been sent. On the not-so-bright side, no message would have been sent!

    Don't you want to know before there's an actual emergency that your emergency message is working? Not that this incident was an intentional test, but shouldn't they have a test after updating the message template?

    • by aztektum (170569)

      It sounds like they were adding some campus specific default messages into the system to use in a hurry.

  • Scary (Score:2, Interesting)

    by Mullen (14656)

    The really scary part is that we live in a society where the police have to pre-prepare texts and emails to warn students that someone is shooting up their school.

    • by Reapman (740286)

      No, we live in a society that THINKS they have to pre-prepare texts and emails to warn students of this. To be honest considering the time it takes to fire off an email saying "get the hell away from here" having prepared messages for this is kinda dumb in my not so humble opinion.

      I wonder what the odds are in fact of getting shot at school...

      • Re:Scary (Score:5, Insightful)

        by causality (777677) on Friday March 25, 2011 @05:14PM (#35616792)

        No, we live in a society that THINKS they have to pre-prepare texts and emails to warn students of this. To be honest considering the time it takes to fire off an email saying "get the hell away from here" having prepared messages for this is kinda dumb in my not so humble opinion.

        I wonder what the odds are in fact of getting shot at school...

        But schools are gun-free zones. No murderer would ever carry a gun into a gun-free zone and start shooting! It's not allowed.

      • No, we live in a society that THINKS they have to pre-prepare texts and emails to warn students of this.

        Ten to one the set of various emergency messages has been vetted by the school lawyers in an attempt to reduce liability.

        I wonder what the odds are in fact of getting shot at school...

        For all practical purposes, zero.

        • I suspect the chances of getting shot on the way to or from school are higher - and the chances of getting hit by a car on the same journey a lot higher still.
    • Re:Scary (Score:4, Insightful)

      by VolciMaster (821873) on Friday March 25, 2011 @05:05PM (#35616682) Homepage

      The really scary part is that we live in a society where the police have to pre-prepare texts and emails to warn students that someone is shooting up their school.

      "pre-prepare"?!?

    • Yeah. It really goes to show that correspondence writing skills are being sorely neglected throughout the education system.

    • No, we don't have to do this at all. Our society today is no more dangerous than society 10, 20, 50, or 100 years ago. The only difference is that we hear about every violent act that takes place across the country and across the world. There is less violent crime today than there was during the '40s and '50s, but in the '40s and '50s you didn't have the 24 hour news channels or constant internet access telling you about it, and telling you that you should be worried, and telling you that there were 2 mo

    • by geekoid (135745)

      Why is it scary to be prepared? we live in a world where many ecenrios are prepared for, even if their use is unlikely. It's about risk mitigation. WHat is the effort and risk of adding a text message like that? low risk, low effort. You would be foolish not to put it in their.
      I am sure there are many other alerts this is used for. school closures, and what not.

    • Re: (Score:2, Troll)

      by guruevi (827432)

      It's a University, people in the administration of those institutions waste massive amounts of taxpayer money doing other random stuff that nobody asks for and nobody wants. At least they did something somewhat productive with their time. When you can explain to me why a 15,000 University where individual departments take charge of their own IT need ~1,500 heads in the Central IT department to keep a network, a datacenter and some phones running, let me know.

    • by Chuckstar (799005)

      You don't think it makes sense to sit down ahead of time and think of appropriate wording for an emergency email before an actual emergency occurs? Quick... where should we tell them to go? or should we tell them to stay put? What's the best way to word this to get their attention, but without creating too much panic?

      In an actual emergency, you wouldn't want to take even 5 seconds to think of those answers.

    • by UBfusion (1303959)

      The really scary part is that both the authorities think they are properly protecting citizens by sending electronic messages and the the citizens think they are properly protected by receiving said warnings. To the point that if authorities don't send any they are considered accountable or accomplices and if citizens don't receive any they are feeling safe.

  • I was passing BUILDING NAME/INTERSECTION just when I got the text and really panicked.

  • Poor GUI bite another person in the ass.

  • by hoggoth (414195) on Friday March 25, 2011 @05:23PM (#35616912) Journal

    And this is why "[SAVE MESSAGE TEMPLATE FOR LATER USE] [SEND MESSAGE IMMEDIATELY]"

    is better than "[OK] [CANCEL] [ABORT] [ERROR] [RETRY]"

    • by Mr 44 (180750)

      This is actually one of the improvements in Windows Vista:

      The TaskDialog [microsoft.com] is the OS functionality for easily showing a dialog with descriptive button labels instead of just old school MessageBox with OK/Cancel/etc.

      • by cras (91254)

        Look at the first "Look and feel" dialog. What the hell is that "cancel" button doing in there? There are two choices. One of them is already selected, but the OK button is greyed out. I think, since I've never used Vista.. Even if that greying out means it's simply not focused, what is the purpose of the OK/Cancel there? Does the cancel mean the same as the second option? Does it mean it's going to ask you again the next time? It should be clearly said there, not left to user's guesstimation. I guess it's

  • The solution is a lot more simple then everyone is making it. "Update" should be a button you click with a mouse. Actually sending the message shouldn't be a button, rather it should be a multi-key sequence/shortcut that either sends the message or better yet, produces the actual send button. The shortcut can be listed on the dialog box where it currently exists, and a properly composed paragraph can encourage reading of the short warning about sending, since the operator is reading for the shortcut alread
    • Or as an alternative, display both buttons, but require the send button to be accompanied by a few held down keys. Directions can be in the same dialog box, but the unexpected behavior of the button that can't simply be clicked will prompt comprehensive reading, at which point the operator can make an informed choice about what button to push. Both of these are elements that I've seen integrated somewhere else, and though I can't remember where, I do remember how they broke me of my point click repeat monot
    • That was the most convoluted fix I saw presented.

      My opinion was that the screen for editing the templates shouldn't have a "SEND" button on it at all.

      • Convoluted breaks the pattern. Although I agree that the screen for editing templates shouldn't have a SEND button, it depends on how the software was designed in the first place. Requiring simple, but abnormal keyboard input should be a relatively simple change to the software, no matter how it was designed.
    • by Belial6 (794905)
      Or, have the templates edited using a completely different UI than the one used to send actual messages. A system with proper workflow would have the decision to send the message or not made BEFORE the message is even typed, not after.
  • To the rescue... (Score:4, Informative)

    by fahrbot-bot (874524) on Friday March 25, 2011 @05:57PM (#35617258)

    We are working with the provider of the Illini-Alert service to implement additional security features in the program to prevent this type of error.

    Clippy: [wikipedia.org]

    "It looks like you're about to panic thousands of people. Would you like help?

    • Get help panicking people.
    • Just panic people without help.
    • Don't show this tip again.
  • by dlapine (131282) <dlapine @ n c s a .uiuc.edu> on Friday March 25, 2011 @06:07PM (#35617342) Homepage

    I'm an alumni of the U of I, and I work here as well. I get these notifications. I thought I'd bring up 2 points:

    1. Fortunately, given the spring break, the actual number of people on campus able to read this was was quite low.
    2. Unfortunately, we just had a fire on Green street [chicagotribune.com] 2 days ago, and we got an alert from the same system informing us about it. So this warning was probably taken very seriously for those 12 minutes.

    Overall, I'm satisfied with the system and I was impressed by the very explicit letter from the chief both explaining the error and accepting the blame for the mistake. She also detailed the upcoming efforts to address the error. I'd like to see the same level of accountability from my ISP or phone company.

    • by Hartree (191324)

      When I saw the "active shooter at BUILDING NAME/INTERSECTION", my first thought was that I'd prefer comatose, asleep or just plain lethargic shooters.

      It really was pretty quick between the mistake and the correction especially with that many emails going out for each. I check email fairly often, but the correction was already there when I saw the message. They mentioned that the updating was being done in response to comments from those getting alerts previously. I assumed that was from the Green St. fire n

  • by Darinbob (1142669) on Friday March 25, 2011 @06:25PM (#35617494)

    This has nothing to do with War-of-the-Worlds, except that there was false panic. The Orson Welles broadcast was done as a fictional story, this incident was an accidental broadcast of an alert.

    Next up, a headline saying "Oncologist Pretends to be Orson Welles with Wrong Diagnosis!"

  • ...it was an INSIDE job?

  • We are working with the provider of the Illini-Alert service to implement additional security features in the program to prevent this type of error.

    most likely means: The same contractors who messed up basic usability in the original implementation will now get paid again to "fix" it. BTW what is with people using wrong words? Additional "security" features, my ass, this is HMI 101, nothing to do with security.

What this country needs is a good five cent microcomputer.

Working...