Archive for the ‘Software’ category

« Tom Comeau, Geek Dad home page
« Older Entries

Another book review: “Better”

April 1, 2008

I read Atul Gawande’s Better: A Surgeon’s Notes On Performance last night. It’s written from a medical perspective, and talks about many of the things that are wrong with medical delivery today, but it is really about performance. I recommend it for anybody who cares about their own performance.

The book started as a series of essays, some of which I’ve read before. There are three sections, and each has a theme around improved performance.

Diligence is about how to do something well, and it boils down to just that: be diligent. Planning things, making sure the plan is complete, and executing the plan; washing your hands every time; tracking your own performance and being honest about failures.

Doing Right is about understanding what will improve your performance, and then actually doing it. The Right Thing isn’t always obvious, and deciding on right conduct can require serious soul searching. Having decided on the right thing, however, means accepting the obligation to do right.

Ingenuity is about metrics, of all things, and about finding good metrics and applying them to your work, and about finding innovative ways to improve performance.

In an afterword Gawande makes five Suggestions for Becoming a Positive Deviant.
1. “Ask an unscripted question.” Ask about things that matter to the other person, and actually listen to the answer. This may make other people seem more like real people, and less like machines.

2. “Don’t complain. … It’s boring, it doesn’t solve anything, and it will get you down.”

3. “Count something. …be a scientist in the world.” Some metrics are better than others, but some metric is better than no metrics.

4. “Write something.” This is the same advice Cliff Stoll gives everybody. Publish something, somewhere, in the hope of contributing to a larger world.

5. “Change.” This doesn’t mean chasing every fad, it means recognizing that you are not doing everything you might as well as you might, and you need to try new solutions.

Despite being 250+ pages, I found it a very fast read. It is at times inspiring, at times disheartening and occasionally terrifying, but Better is well worth the read.

tc>

Categories: Metrics, Process Change

Comments: Be the first to comment

The Big Switch

March 17, 2008

Nicholas Carr’s The Big Switch: Rewiring the World, From Edison To Google is a look at two major changes in how business behaved. It is part success story, and part warning, and it does a great job of both.

The first fifth of the book is about the process of moving from a world powered largely by muscles or water, and lit only by fire, to industry powered and lit by electrical utilities. No single invention — the electric generator, electric motors, electric lights or power transmission lines — was the key to this second industrial revolution. Rather, it was the construction of systems of generating, delivering and using electricity that led to a complete transformation of industrial production, and laid the foundation (with Hollerith and Watson) for the next great change: digital computing.

(more…)

Categories: Process Change, Software

Comments: 1 Comment

Is Junk E-mail Impeding Postal Mail?

June 17, 2007

I get 200-300 email messages a day in my three accounts, about two-thirds of them in my STScI (work) account.

On a recent day, the Institute junk mail filters caught just 21 messages, one of which was a false-positive. 39 other obvious spam, including several with a charming oversize image of a flayed penis, were not caught. Since the filters catch only a quarter to a third of my spam, and flags things that I thought were on my allowed senders list, I have to check them all.

The false positive is a puzzle: Bruce Schneier’s Crypto-Gram. *.SCHNEIER.COM was on my whitelist, but it seems Bruce switched the return address from MAIL.SCHNEIER.COM to simply SCHNEIER.COM at some point. Still, the message is long, but is all text with some embedded URLs. I don’t know why it’s marked as spam. I get a very similar daily summary from Northrop-Grumman of new JWST documents, but ngc.com has not (yet) been flagged as spam.

The effect, though, is that I have to scan the envelope information of all the spam messages, 60 to 80 a day, looking for false-positives. That’s almost half of my STScI mail, due to the combination of poor rules and a clunky, unreliable whitelist interface. Gmail is a completely different experience, with less total spam, and very rarely do I get a false positive. Better yet, telling Gmail that it guessed wrong (either way) is quick and easy.

What I find interesting is that I use the same technique for junk postal mail. I get 5 to 10 pieces of mail per day about 75% of it junk mail. I scan the envelopes, looking for obvious ads, but also for credit card, refinancing, and home equity loan offers. I discard (shred, actually) most envelopes without opening them. It would only be slightly more efficient to shred them directly into a recycle bin at the mailbox.

But I also get false positives. My mortgage company needed my signature on some paperwork to clarify the agency relationship for tax purposes. From my perspective, the envelope information on the tax-related documents looked the same as the envelope information for the refinance-offer-of-the-month. So I shredded it. Twice.

The first bit of good news is that I get very little porn (or near-porn, “male enhancement”) junk paper mail.

The second bit of good news is that there are things we can do (but don’t) to improve email filtering, like domain keys, authenticated from addresses, and improved blacklist and whitelist user interfaces. We don’t do those things, but we could.

I wonder if the overwhelming load of crap in electronic mail is causing me to look differently at paper mail, or if the overwhelming success of electronic direct mail advertising has increased the volume and sophistication of paper-based direct mail ads. Is my experience unusual? Have others thrown away non-junk paper mail because they are simply tired of plowing through junk mail?

Or is this just the reverse of the Al Gore thinking model: New ways of thinking about old technologies. That, at least, would be amusing.

tc>

Categories: Process Change, Software, STScI

Comments: 1 Comment

Sixteen more digits

June 1, 2007

Heh. The AACS revoked the previous “master key” but it didn’t take long for the new key to show up in blog posts:

It looks like somebody is working on the appropriate website, but in the meantime you’ll have to settle for a description of the story.

tc>

Categories: Software

Comments: Be the first to comment

Women like the work, but not the workplace.

June 1, 2007

A while back I expressed surprise about girls being more effective than boys at a particular programming task. The more I learn, the less I’m surprised.

The problem, it seems, is not the conventional wisdom that girls don’t like math and science, and they just need to be encouraged to be interested in those things. The problem is that while girls and women do like those subjects, they don’t like the behaviors of people who work in those areas.

Debra Perlman, in eWeek a couple weeks ago, writes:

The vast majority of women working in the field of technology enjoy their jobs, finds the “Women in Technology 2007″ report published by WITI (Women in Technology International), a trade association, and Compel, a management consulting and research firm. Of the survey’s nearly 2,000 female respondents, 75 percent said that they would encourage other women to pursue similar interests.

Yet, female tech workers have mixed feelings about their companies’ climates, with only 52 percent believing that their organizations offer a favorable one for women.

So women do like the work, but they don’t like the workplace they see around them. Some of these behaviors are policy decisions. (Follow the link in the article for a couple of examples.)

Some are the result of discrimination, as I previously discussed, and as we saw from a couple of court cases this week. An important point, missed in some of the coverage of the Supreme Court case, is that a jury found salary discrimination did exist at Goodyear, but The Court found the claim was barred by the plain language of the law. The GE Transportation case will not suffer from that defect.

Next week at the Institute we’ll also have some discussions around behavior, which we’ve known since the 2000 employee survey is a problem. Women get ignored, their input is not solicited, and their achievements are not recognized.

That shouldn’t happen either.

tc>

Categories: GeekDad, Software

Comments: 1 Comment

It’s not what the software does, it’s what the user does.

May 30, 2007

hugh macleod at Gaping Void does these great little cartoons, “drawn on the back of business cards.”   First, that’s a cool idea.  It’s a great size, and it lets you express just one idea in a little tiny format with which people are familiar.

This cartoon in particular says something very insightful, both about PowerPoint and about software in general.  I agree with the sentiment, though I have a quibble.

The problem Tufte and others point out is not that PowerPoint is abused, it is that the particular cognitive style of PowerPoint encourages lazy thinking, and poor communication.

When we’re building software, in my view, we should be concerned about the correctness of algorithms, using appropriate design patterns, and building designs that are sustainable and maintainable.  It is also essential that we build systems that users readily understand, and that encourage users to build correct results.

Because technology matters, but people matter most.

tc>

Categories: SEB, Software, STScI

Comments: Be the first to comment

Single signon, but not what you wanted.

May 30, 2007

I previously discussed user-level security. This morning, I ran across this story about system administrators, and how they manage security.

It seems that system administrators are pretty careless with root-level security, and that the key to getting root may be finding the right Post-It notes. I keep the root passwords for all my systems (and a few passphrases for rarely-used encrypted volumes) on paper, but the paper is in my home safe. In fairness, I should add that they are in the safe not for security reasons, but to protect against fire.

I believe that the Institute uses a single password for all the Windows systems admin accounts. (Because I’ve seen sysadmin’s go looking for the password, which at least does get changed occasionally.) I’ll let you google methods for recovering passwords from a laptop you’ve managed to capture, and point out what this means: Once you have admin access to one Institute Windows system, you have them all. I don’t know for sure that the Macs use the same scheme, but I bet they do. I’ll be they have (one) different password, though.

Carl and I touched on this in a discussion yesterday: We rather doubt that the Institute has a current, accurate list of the computing assets we own, and that we permit to have access to our domain. In addition to being a problem from the standpoint of property management and effective use of resources, this is also a security problem.

Addressing this requires devoting time and attention, and people to work on it, all of which are in somewhat short supply right now. Hopefully it won’t take an actual catastrophe to up the priority.

tc>

Categories: Process Change, Security, Software, STScI

Comments: Be the first to comment

Security’s weak link: Us.

May 15, 2007

This week in Wired there is an article on the real problem with security: People. Even if you tell people you’re going to infect their system, they’ll go download it. The original article goes into more detail about the process, and the results.

This is not a new problem. A substantial percentage of the clueless will give you their password in exchange for candy or a pen. Kevin Mitnick, in this month’s Playboy, describes getting passwords to secure phone company sites just by being nice.

I guess I’m amused.

tc>

Categories: Communication, Software

Comments: 2 Comments

Does JavaOne Connect work?

May 3, 2007

Here’s an experiment:

Join Me at the 2007 JavaOne Conference Event Connect Tool!

They need a category “Java One Noob” for people like me.

tc>

Categories: GeekDad, Software, STScI

Comments: 1 Comment

Digg, and sixteen hexadecimal digits.

May 2, 2007

When I got home last night I checked digg, just to see if there was anything interesting. If you’re a digg follower, you already know what’s going on.

If you don’t follow digg, digg is “a community-based popularity website with an emphasis on technology and science articles, recently expanding to a broader range of categories such as politics and entertainment. It combines social bookmarking, blogging, and syndication with a form of non-hierarchical, democratic editorial control.” (Wikipedia)

Basically, anything interesting in tech, software, and some science, shows up on digg. Like any firehose, you have to drink carefully.

The HD DVD “master key” has been discovered, and was posted several times over the last week on the web. Digg users found and “dugg” those stories. The people who run the HD DVD copy protection scheme sent digg (among others) DMCA takedown notices. Until last night, digg was complying. Digg users rebelled, and at one point last night it seemed like every story on digg was about sixteen hexadecimal digits.

At 9:00 last night, the guys who run digg gave up. So those 16 hexadecimal digits are now running free on digg, and the result is that lots of geeks have the digits, and it seems unlikely that the mushroom cloud will fit back in the bomb case.

I don’t know what’s more interesting, the digg effect on digg itself, the cluelessness of the copy protection scheme, the idea that DMCA could protect some numbers, or the social implications of organized anarchy on the Internet. In some ways, it’s like the old days of the Internet, before Al Gore invented it.

One thing is clear – security through obscurity, relying on a secret code that anybody knows – will not work. We’ve relied on that for years, and in my view we need to stop.

tc>

Update:  This has hit the mainstream media – BBC article.

Categories: Process Change, Software

Comments: Be the first to comment

« Older Entries
Follow

Get every new post delivered to your Inbox.