Matthew's Weblog

Management Tips: Gen X vs. Gen Y

Ten Ways to Use LinkedIn | Guy Kawasaki

Bye-Bye, BPA
BPA/Phthalate-Free Shopping List
Now that we’re reading lots more about BPA and its low-level bad effects, we’re figuring out how to get our plastics to be non-BPA

sslstrip – transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links

How do you learn to be a Program Manager?

Mostly, becoming a program manager is about learning: learning about technology, learning about people, and learning how to be effective in a political organization. A good program manager combines an engineer’s approach to designing technology with a politician’s ability to build consensus and bring people together.

Cringely has a great article about bowling that has given me something deep to ponder about my work life…

I learned an important lesson that day; success in a large organization, whether it’s a university or IBM, is generally based on appearance, not reality. It is understanding the system and then working within it that really counts, not bowling scores or body bags.

In the world of high-tech start-ups, there is no system, there are no hard and fast rules, and all that counts is the end product.

The high-tech start-up bowling league would allow genetically-engineered bowlers, superconducting bowling balls, tactical nuclear weapons—anything to help your score or hurt the other guy’s.

Anything goes, and that’s what makes the start-up so much fun.

And now for the navel-gazing.

A friend of mine, Bill, found out that his password had been mailed to him in plaintext from his ’shiny, new 401k’ and he wrote about the disconcerting experience of a financial services company being careless with security. Having worked in a financial services company, I can only say that the troubles he encountered are not that bad… you should have seen some of the sausage in the factory I worked in.

That said, Bill violated a crucial rule of security and he needs to learn it as much as the Schwab folks need to learn their own lessons:

Never, never, never depend on someone else to provide your security.

Bill “used one of his common passwords”… and you shouldn’t have any of those. A common password is a common vulnerability, especially because you can’t know how companies will protect your passwords or your data — as he unfortunately learned. To avoid this, you can use a desktop application (such as the free Password Safe, originating from Bruce Schneier’s Counterpane Labs) or a browser plug-in (such as Password Hasher or Secure Login or any of the other 48 listed on the addons site) or the Mac’s built-in Keychain app so you can generate random passwords and never, never reuse them. Personally, I’ve been using Password Safe for years.

He also offers great tips for websites to make their applications more secure, like not asking for really constant, common, data like mother’s maiden name. The other option is to not answer with an expected response. Mother’s maiden name? Istanbul. Honeymoon location? Jones. And so on…

Never trust someone else’s security.

Technorati Tags: security, password, firefox

Apple’s design strikes again – five words that evoke so much.  I’m surprised (and yet not so much) that Microsoft had to try and emulate them, and that the emulation is laughable.  Why even try?

Thanks to JoelOnSoftware for the writeup…

from a tech reference article…

• once connected open the file:

• /var/ipcop/ovpn/server.conf

Add a line for each XXX subnet you want:

• push “route 192.168.XXX.0 255.255.255.0?

So an interesting contrast in articles yesterday… one column on how Windows Is Free, due to the widespread sharing and ineffectiveness of the registration process, and another column on Software Copyright and Role Models – the impact of software sharing on ethics, morals, and society. The intertwining thread is the Law of Unintended Consequences, where people’s actions have far wider ripples than they anticipate. It really stopped me in my tracks.

I have, in the past, observed unlicensed software being installed. Sometimes, because my own hands were acting on the copied CD. I’ve found it much easier to be in compliance recently because of MSDN access, but now I have kids. I want them to have a computer to use and to play on, and many of their games are Windows-only. Now I have to consider how to move forward.

I’ve purchased computers in the past with Windows installed on them, then blitzed it in order to install Linux. Now I feel like I should have a floating license for that Windows OS, but is that actually fair? I know it’s not legal according to the contracts, but what is really fair? And what do I do to show the kids that I really believe in doing what is right? I work in software development, for goodness sake… you’d think I wouldn’t be conflicted at all.

But all I have are questions right now… no answers.

(At least my Macs are legal, with no questionmarks!

Technorati Tags: Windows, Mac, Linux, ethics

How do you identify troubled projects, and then fix them when you do?  CIO magazine ran a series of articles that give good perspectives into avoiding issues, investigating troubles, and repairing the effort.

Some favorite quotes…

Regarding CXOs who ask for and then ignore feedback:

But don’t pretend to listen if you aren’t going to take action.
Richardson says, “Don’t ignore our feedback if you ask for it. That’s
not empowering. It’s pretending to include us before yanking the carpet
out from under our feet.”

Regarding project issues:

Lack of communication, both formal and informal, is another early
warning sign. If the stakeholders, from team members to users, aren’t
talking to each other, you’ve got a problem.

and

“This is a really tricky cultural thing,” says Raj Kapur, executive vice president of the Center for Project Management,
a software project management consultancy and education firm in San
Ramon, Calif. “Everyone is allergic to bad news.” As a result, it’s all
too easy to develop a culture where bad news is slow to percolate
upward—which deprives management of vital, if unpleasant, information.
“You have to provide an environment where bad news is
accepted,” says Kapur. “That’s critical, and it’s not the job of the
team members. It’s the job of the leader.” And by extension, the CIO.

Deathmarches begin…

One early sign a project is slipping its schedule is teams working a
lot of overtime. This is a particularly important indicator because
assigning or encouraging overtime is the fastest fix the project
manager has, as well as the one that attracts the least attention.

Now, if fixing the issues were as easy as writing about them…

Technorati Tags: development, software, projects, problems

Here’s a great writeup on some of the enterprise management options for Mac environments… if you thought only Windows could be centrally coordinated, this is a very interesting insight into the tools available.

Technorati Tags: mac, enterprise, configuration

a very cool idea that could make life easier… customized OSs, automatically built, that ensure simplification and supportability.  Now if it were just cheaper/easier…

Technorati Tags: rpath, custom+os

A great article on why enterprises should utilize Macs and how they are more cost-effective.

Technorati Tags: apple, mac, TCO