Month: August 2003

core competencies or chrome

Daring Fireball: Fair and Balanced

[ excerpted ]

Two Simple Goals

Every company, big or small, should mandate two goals for its computer systems: high reliability and low maintenance. Start from there, and everything else falls into place. (E.g., CIOs should be rewarded for having small staffs, not large ones.)

Some companies already require high reliability and low maintenance, because their computers are essential components of their businesses. If the computers are down for a few days at some companies, it might be merely inconvenient. But at other companies, like, say, weekly magazines such as Time or Newsweek, computer downtime is simply unacceptable.

A long rant, but there’s a lot of good stuff in it. First of all, while the writer is a Mac advocate and not a Windows fan, the core of his argument is that putting your emphasis on core protocols, rather than chrome, will get you more reliability at a lower cost and with fewer surprises than marching in lockstep to a vendor’s agenda.

I don’t get email viruses on the Mac or FreeBSD, but I also didn’t get them in Windows: the key was using something other than Outlook. I used Mozilla and Pine, and I see a lot of Pine users around (it being a home-grown product and all), most of whom have been in the workplace longer than Outlook.

I stop short of thinking that Windows is a full-employment program for IT workers — that seems too contrived — but I do concur that many IT workers know very little about information technology beyond what the CD prompts tell them. It’s sad that MCSE is understood to stand for “must consult someone experienced.” And it’s also puzzling that no one seems to take notice of how many IT people one needs to support the modern office. Rather than rewarding CIOs for keeping headcount down — at what expense in service is not discussed — it would be more useful and fair to benchmark headcount against industry numbers. After all, costs are costs, and keeping them under control makes good business sense.

So what I take away from this is a lament for the commoditization of information technology, where earnest and energetic fellows with fannypacks of CDs are following the mantra of “format and reinstall.” But at the same time, it’s easy to read that we should expect mainstream office computing to work like our reliable home appliances or public utilities.

long bets: accountable predictions

Long Bets [ Predictions ]

“The purpose of the Long Bets Foundation is to improve long-term thinking. Long Bets is a public arena for enjoyably competitive predictions, of interest to society, with philanthropic money at stake. The foundation furnishes the continuity to see even the longest bets through to public resolution. This website provides a forum for discussion about what may be learned from the bets and their eventual outcomes.”

This is an interesting concept: smart people put their money where their mouth is.
Continue reading “long bets: accountable predictions”

the treadmill

The Dubious Rewards of Consumption, by Alan Thein Durning

Measured in constant dollars, the world’s people have consumed as many goods and services since 1950 as all previous generations put together. Since 1940, Americans alone have used up as large a share of the earth’s mineral resources as did everyone before them combined. Yet this historical epoch of titanic consumption appears to have failed to make the consumer class any happier.

[ . . . .]

Any relationship that does exist between income and happiness is relative rather than absolute. The happiness that people derive from consumption is based on whether they consume more than their neighbours and more than they did in the past. Thus, psychological data from diverse societies such as the United States, the United Kingdom, Israel, Brazil, and India show that the top income strata tend to be slightly happier than the middle strata, and the bottom group tends to be the least happy. The Upper classes in any society are more satisfied with their lives than the lower classes are, but they are no more satisfied than the upper classes of much poorer countries–nor than the upper classes were in the less affluent past. Consumption is thus a treadmill, with everyone judging their status by who is ahead and who is behind.

Food for thought when you get an attack of the “gotta haves.”

I can’t remember feeling like I had a great deal more pocket money when I made $100,000 a year versus when I made $15,000. A 6-fold increase should have felt different somehow. And now that I’m much closer to that smaller sum, I still don’t feel much, if any, different.

Interesting article.

Swiped from Rebecca.

“between the hedges”

PermaLink

Microsoft is a weird place to work. Before I joined Microsoft, I was a developer. I had a whole bunch of time to figure out what was going on out there. It was easy to be one of the first kids on the block to play with a new technology – whether that was NCSA Mosaic, early versions of Linux, the first JDK… at Microsoft, it sometimes seems like we live “inside the hedges” as we used to say in college – kind of disconnected from alot of stuff that’s going on.

Found this weblog through meta douglasp. This posting seemed to point out a couple of things . . . . in a way it amplified some other postings that demonstrated some hesitance, akin to fear, about working with non-MSFT tools. I mean, MovableType? Despite my self-inflicted problems with it, it’s not that hard. And you leverage a community, something he also opines about Radio Userland not having much of.

But the idea that the World’s Largest Software company doesn’t spend a lot of time looking at what’s going on in the world, coming from the inside, seemed odd. I suppose it could be interpreted that when you’re inventing the future, you don’t worry about the present. Not that I think that’s a sensible strategy . . . .

Given the recent security issues, largely attributed to sloppiness and bad judgment, perhaps taking a look at the wider world would be healthy.

mod_perl 1, me 2

Finally, after considerable largely redundant and repetitive effort, mod_perl is installed and running.

The biggest problem was in my initial installation of MovableType:I installed *everything* in /www/movabletype and ScriptAliased that directory so the cgi processes would be able to run. That was the beginning of a slow and inexorable ass kicking . . . . all self-inflicted.

What I *should* have done was installed the executables somewhere else (like /www/mt and the html, images and css stuff in /www/movabletype. Of course the documentation doesn’t spell out the the lib, extlib, and tmpl directories also have to live where the executables live.

mod_perl and movabletype

Sometimes there are advantages to letting someone else do the machine monkeywork. I finally got mod_perl working on this system, some months after I thought I had done it and after three days of hairpulling and muttered profanity.

At some point I may write down my experience and send it on to whoever wrote the documentation I have been reading. In hindsight, it makes sense, but there were some assumptions made that didn’t help me very much. There’s not a lot of attention paid to migrating existing CGI-based instances of Apache to mod_perl not is there any really comprehensive “when the following step works, you’ve done it” kind of diagnostic, nor is there any “if this is happening, it’s not working.”

And this still isn’t working, apparently. The perl stuff is faster, true, but access to all the static html is blocked. So the httpd.conf file is wrong but I have no idea right now how to fix that.

I really really hate these bland “one simple command and you’re done” instruction pages.

don’t read this where laughter is discouraged

The All-Natural Prank: Eating All-Natural Soap, Cat Food, Deodorant, and Aphrodisiacs

While visiting my local health food store, I noticed how many non-food products are labeled “All-Natural.” Toothpaste. Dog biscuits. Deodorants. Some of them, like those Carrot-Honey-Ginger soaps, sound good enough to eat. Is it a soap, I found myself asking, or a salad? Recently, I decided to find out, by eating a wide variety of “All-Natural” products, and reporting on their delicate flavors and aromas.

I just about woke the household while reading this.

security as a process or philosophy, not a product

The Atlantic | September 2002 | Homeland Insecurity | Mann

Unhappily, biometric measures are often implemented poorly. This past spring three reporters at c’t, a German digital-culture magazine, tested a face-recognition system, an iris scanner, and nine fingerprint readers. All proved easy to outsmart. Even at the highest security setting, Cognitec’s FaceVACS-Logon could be fooled by showing the sensor a short digital movie of someone known to the system—the president of a company, say—on a laptop screen. To beat Panasonic’s Authenticam iris scanner, the German journalists photographed an authorized user, took the photo and created a detailed, life-size image of his eyes, cut out the pupils, and held the image up before their faces like a mask. The scanner read the iris, detected the presence of a human pupil—and accepted the imposture. Many of the fingerprint readers could be tricked simply by breathing on them, reactivating the last user’s fingerprint. Beating the more sophisticated Identix Bio-Touch fingerprint reader required a trip to a hobby shop. The journalists used graphite powder to dust the latent fingerprint—the kind left on glass—of a previous, authorized user; picked up the image on adhesive tape; and pressed the tape on the reader. The Identix reader, too, was fooled. Not all biometric devices are so poorly put together, of course. But all of them fail badly.

This is a great article that shows how easy it is to do security badly. It’s not that hard to do it properly, but you have to understand that the job is never done, and that hard to sell. In these fallen times, we want results, not responsibilities.

In the end, people, paying even a modicum of attention, are what make a difference: people who will call the police if they see someone break into your car, who will notice a suspicious person at the ATM, who can override the inherently flawed system with his own judgment as needed.

See the link here for more.