bfwebster - Slashdot User

Submission + - Use a logo, get tagged as a phishing site (and-still-i-persist.com)

Submitted by

bfwebster

on Thursday August 06, 2009 @12:57PM

bfwebster writes: "I received a startling e-mail from my ISP this morning stating that my account for a dedicated server, from which I run several blogs, was going to be suspended because it had been "reported" as a phishing site for having four HSBC logos (JPEGs) present on the server. I immediately responded by noting that these logos were there because my co-blogger on one of my blogs wrote a post about HSBC's financial woes nearly two years ago and used one of the logos to head the article. My ISP claims that I not only need to remove the offending logos (which I did) but also conduct a security audit in case they were surreptitiously placed there (which they weren't). I asked just who had "reported" us as a phishing site and what the basis of their claim was beyond the mere presence of those JPEGs. I am waiting for a reply."

Submission + - Army studying soldier intuition in combat zones (brucefwebster.com)

Submitted by

bfwebster

on Tuesday July 28, 2009 @09:07AM

bfwebster writes: "The New York Times has a lengthy article about the use of hunches or intuition by soldiers in dangerous situations (possible registration required). This phenomenon — a soldier sensing that something is wrong or out of place before determining just what the threat is — is real enough that the Army has spent two years studying it. The article cites other studies, military and non-military, that have demonstrated that "as the brain tallies cues, big and small, consciously and not, it may send out an alarm before a person fully understands why." Two interesting points that may actually be the same: troops that think of themselves as predators tend to do better than those that see themselves as prey; and elite troops (e.g., Navy Seals) tend to do better than regular troops."

Submission + - Judge, Citing Bilski, Invalidates Software Patent (bfwa.com)

Submitted by

bfwebster

on Thursday July 09, 2009 @07:41PM

bfwebster writes: "US District Court Judge Andrew Gilford (Central District of California) granted a summary judgment motion in DealerTrack v. Huber et al., finding DealerTrack's patent (US 7,181,427) — for an automated credit application processing system — invalid due to the recent In re Bilski court decision that requires a patent to either involve "transformation" or "a specific machine". According to Judge Gilford's ruling, DealerTrack "appears to concede that the claims of the '427 Patent do not meet the 'transformation' prong of the Bilski test." He then applied the "specific machine" test and noted that, post-Bilski the Board of Patent Appeals and Interferences has ruled several times that "claims reciting the use of general purpose processors or computers do not satisfy the (Bilski) test." Judge Gilford analyzes the claims of the '427 patent, notes that they state that the "machine" involved could be a "dumb terminal" and a "personal computer", and then concludes: "None of the claims of the '427 Patent require the use of a 'particular machine,' and the patent is thus invalid under Bilski." DealerTrack apparently plans to appeal the ruling. Interesting times ahead."

Submission + - Book Review: Why New Systems Fail (bfwa.com)

Submitted by

bfwebster

on Tuesday July 07, 2009 @04:50PM

bfwebster writes: "Over the last forty years, a small set of classic works on risks and pitfalls in software engineering and IT project management have been published and remained in print. The authors are well known, or should be: Gerry Weinberg, Fred Brooks, Ed Yourdon, Capers Jones, Stephen Flowers, Robert Glass, Tom DeMarco, Tim Lister, Steve McConnell, Steve Maguire, and so on. These books all focus largely on projects where actual software development is going on. A new book by Phil Simon, Why New Systems Fail, is likewise a risks-and-pitfalls book, but Simon covers largely uncharted territory for the genre: selection and implementation of enterprise-level customizable off-the-shelf (COTS) software packages, such as accounting systems, human resource systems, and enterprise resource planning (ERP) software. As such, Simon's book is not only useful, it is important.

Phil Simon has written a long-needed and long-overdue book. Most risks-and-pitfalls book in the IT category focus primarily on projects where actual software engineering is the principal activity. However, many of the large, expensive and often spectacular IT project failures over the past 20 years have little to do with software design and development. Instead, they involve a given organization selecting and implementing — or trying to implement — a commercial off-the-shelf (COTS) software package to replace existing legacy systems, either homegrown or also commercial. The reasons for such a move can be many: standardizing IT and data management across the enterprise, seeking new functionality, retiring systems that are no longer supported or supportable, and so on. By so doing, the firm (usually rightly) thinks to avoid the risks and expense of from-scratch custom software development. However, the firm (usually wrongly) thinks that such a project comprises nothing more than installing the software, training some users, converting some data, and turning a switch. A quick search on the terms "ERP" and "lawsuit" shows just how mistaken that idea can be.

Simon's book is far more informative and instructive than a Google search and should be required reading for all CIOs, IT project managers, and involved business managers prior to starting any such enterprise COTS project. He covers the complete lifecycle of such projects, starting with the typical expectations by upper management ("Fantasy World") and following it through system selection, implementation, and production, along with a final section on how to maximize the chances of success. Along the way, he uses several real-word case studies (with names changed), as well as a few hypothetical ones, to demonstrate just how such efforts go wrong.

What Simon writes is spot on. For roughly 15 years now, my primary professional focus has been on why IT projects fail. I do that both as a consultant (brought in to review troubled projects to get them back on track) and as a consulting or testifying expert (brought in to review troubled or failed projects now in litigation). I have reviewed hundreds of thousands of pages of project documentation and communication; I have likewise traced or reconstructed project histories for many major IT projects, including enterprise COTS projects. It's clear that Simon knows exactly what he's talking about and knows where all the bodies are buried.

The book itself is very readable. Simon's tone is conversational and a bit humorous; he occasionally dives into technicalities that would be lost on upper management, but always comes back to basic principles. The real-world and hypothetical case studies will have those of us who have been on such projects nodding our heads even as we occasionally wince or shudder. His coverage is exhaustive (and at times a bit exhausting), but his goal appears to be to give those managing and overseeing such projects the information they need to navigate the shoals. He goes into detail about COTS pitfalls such as project estimation, vendor selection, use of consultants, group responsibility, integration with legacy systems, data conversion, and report generation.

The first section of the book covers how and why firms decide to initiate a major COTS project. Besides the "Fantasy World" section that compares management expectations to what really happens, the book also covers why firms hold onto legacy systems, why they buy new (replacement) systems, and how they can (or should) make the decision among building a custom system, buying a COTS system, and "renting" enterprise software via a web-based software-as-a-service (SaaS) vendors such as Workday and Salesforce.

The second section covers COTS system selection. The book divides current ERP and COTS vendors into four different tiers based on company size and use (e.g., SAP, Oracle and BaaN are all Tier 1) and warns of the, ah, enthusiasm of vendor salespersons. (Old-but-still-timely joke: What's the difference between a used car salesman and a software salesman? The used car salesman knows how to use his own product and knows when he's lying.) The book then raises up front an issue often left (by customers) until much later: how will business processes change as a result of the COTS system we're acquiring? It then talks about selecting, if necessary, a consulting firm to help with the installation and project management.

The third section covers the actual COTS implementation process, including the overall strategy, roles and responsibilities, providing the necessary environments, data migration, testing, reports, and documentation. This section is a bit exhausting at times, but it is critical for exactly that reason: far too many firms launch into a major COTS acquisition without fully realizing just what it will take to get the system into production.

The fourth section briefly deals with life after implementation. In theory, one of the reasons a firm buys a COTS system is to avoid doing its own maintenance and support; the reality is that the firm often doesn't like paying those large annual maintenance fees and instead goes off on its own path, which is seldom a good idea.

The fifth and final section talks about how to maximize the chance of success in a large COTS implementation. This section builds upon the rest of the book, which has provided suggestions along the way. In particularly, it talks about how to deal with a troubled project mid-course in order to get it back on track.

Throughout the book, Simon puts a significant focus on human factors in project success and failure. He identifies issues such as internal politics, kingdom-building, reluctance to learn new systems, internal project sabotage, end-user resistance, and staff allocation. Simon divides firm personnel assigned to work on the COTS project into four groups — willing and able (WAA); willing but not able (WBNA); not willing but able (NWBA); and neither willing nor able (NWNA) — and talks about how each groups helps or hurts. Similarly, he identified four dangerous type of project managers: the Yes Man, the Micromanager, the Procrastinator, and the Know-It-All. Again, those of us who have been on major IT projects, particularly those involving COTS implementations, will recognize both sets of categorization and the risks they entail.

While Simon is himself a consultant, he is also quite frank about the role consultancies can play in COTS project failures. In particularly, he notes the tendency of consulting firms to underestimate project duration and cost in order to win business, as well as the frequent unwillingness to point out risks and pitfalls to the client, particularly if they represent something the client wants to do.

My few complaints with Why New Systems Fail are mostly production-related. Simon self-published the book; as such, the book's internal layout and graphic design leaves something to be desired. Likewise, his organization and prose could use a bit of editing in spots; he has a propensity for throwing in terms and abbreviations without clarification, and the technical level can vary within a given chapter. Almost all of his footnote references come from Wikipedia; his bibliography is small (just four books) and cites only Brooks from the cadre of authors listed above. None of this makes the book's content any less important or useful, but some of the very people who should be reading this book might well skip or skim it for those reasons. My understanding is that Simon is working on finding a publisher for the book, which will likely solve all those problems.

In the meantime, if you or someone you love is about to embark on an enterprise-level COTS project, get this book; I've added it to my own short-list of recommended readings in software engineering. ..bruce.."

Submission + - Supreme Court to review Bilski patent decision (bfwa.com)

Submitted by

bfwebster

on Monday June 01, 2009 @04:50PM

bfwebster writes: "The US Federal Court of Appeals sent some shockwaves through the patent world last year with its decision in In re Bilski, establishing a "machine-or-[physical]-transformation" standard for patents. The losing party appealed to the US Supreme Court, and word came today that the Supreme Court will indeed review the Bilski decision. Here is a set of links to the various filings in the matter, most of which are 'friend of the court' filings by various parties in favor of overturning the Bilski decision; by contrast, here is the filing by the USDOJ and USPTO (PDF) in favor of keeping the current ruling in place."

Submission + - Are you ready for road tolls anywhere? (and-still-i-persist.com)

Submitted by

bfwebster

on Saturday February 14, 2009 @11:24AM

bfwebster writes: "Here in Denver, we have E-470, a toll section of the 470 beltway that uses the usual transponder attached to your windshield. Fair enough, and I make use of it, particularly in driving to the airport. But they've just implemented new technology on E-470 that allows anyone to drive through the automated toll gates. If you don't have a transponder, it takes a photo of your license plate and sends a monthly bill to your house. As a result, the company that runs E-470 plans to close all human-staffed toll booths by mid-summer. And as an article in this morning's Rocky Mountain News notes, "Such a system could be deployed on other roads, including some that motorists now use free. The result: a new source of money for highways and bridges badly in need of repair." You can bet that legislators, mayors, and city councilpersons everywhere will see this as an even-better source of income than red-light cameras. You've been warned.""

Submission + - Did the Zipingpu Dam trigger the Sichuan 'quake? (and-still-i-persist.com)

Submitted by

bfwebster

on Tuesday February 03, 2009 @04:48PM

bfwebster writes: "An article in the Telegraph (UK) raises an interesting question: was the massive (7.9) Sichuan earthquake that wracked China last year and left millions homeless caused by ground stresses following the completion of the Zipingpu dam? As the article reports (emphasis added), 'The 511ft-high Zipingpu dam holds 315 million tonnes of water and lies just 550 yards from the fault line, and three miles from the epicentre, of the Sichuan earthquake. Now scientists in China and the United States believe the weight of water, and the effect of it penetrating into the rock, could have affected the pressure on the fault line underneath, possibly unleashing a chain of ruptures that led to the quake.' Oops."

Submission + - The post-Bilski era gets underway (bfwa.com)

Submitted by

bfwebster

on Friday December 19, 2008 @05:08PM

bfwebster writes: "A set of pharmaceutical process patents for "evaluating and improving the safety of immunization schedules" (Classen v. Biogen et al.; see US Patents 6,420,139; 6,638,379; 5,728,385; 5,723,283) were held to be invalid due to unpatentability. The decision was appealed to the US Court of Appeals for the Federal Circuit, but was upheld with a terse citation to In re Bilksi. Here's the entire text of the appeals decision:
In light of our decision in In re Bilski, 545 F.3d 943 (Fed. Cir. 2008) (en banc), we affirm the district court's grant of summary judgment that these claims are invalid under 35 U.S.C. 101. Dr. Classen's claims are neither "tied to a particular machine or apparatus" nor do they "transform[] a particular article into a different state or thing." Bilski, 545 F.3d at 954. Therefore we affirm.

It will be interesting to see what happens when these same standards are applied to software-related patents."

Submission + - Entrapment by emoticon? (bfwa.com)

Submitted by

bfwebster

on Friday December 05, 2008 @10:27AM

bfwebster writes: "The lawyers for a Nebraska man accused of soliciting what he thought was a 15-year-old girl (actually a police officer) for sex over the internet have offered a novel defense: the (fake) girl's use of emoticons (including an 'angry face' and a 'kiss') induced the defendant into changing his mind and agreeing to meet with the (fake) girl for sex, where he was arrested. The prosecutors argue that emoticons are merely another form of punctuation, like an exclamation point. Thoughts?"

Submission + - Is custom software "goods" or "service (bfwa.com)

Submitted by

bfwebster

on Monday November 03, 2008 @07:50PM

bfwebster writes: "Let's say that your firm is doing custom IT systems development for a client. There are disputes over what you are delivering, and you end up in litigation. Will your work product be treated as services for the client or as goods sold to the client (and thus subject to the Uniform Commercial Code)? The answer could have serious implications as far as the burden of proof and your liability. Susan Nassar of the Texas law firm Elrod PLLC has published a brief legal note on this issue (PDF, 743KB) that should be read by any firm doing custom IT systems development (and passed along to your in-house or outside counsel).

Said firms should note in particular that in Texas and certain other states, a "goods/UCC" interpretation could end up subjecting your work product to the "perfect tender" rule, which says that the client can reject your delivery and ask for its money back "if the goods or the tender of delivery fail in any respect to conform to the contract" (emphasis in article). Something to keep in mind when you're negotiating that next custom development contract.

(Full disclosure: a few years back, I did work for Elrod on an IT systems failure litigation, but I had nothing to do with this legal note.)"

Submission + - Court ruling: calculating a hash value == search (bfwa.com)

Submitted by

bfwebster

on Tuesday October 28, 2008 @12:32AM

bfwebster writes: "Orin Kerr over at The Volokh Conspiracy (a great legal blog, BTW) reports on a U.S. District Court ruling issued just last week that finds that doing hash calculations on a hard drive is a form of search and thus subject to 4th Amendment limitations. In this particular case, the U.S. District Court suppressed evidence of child pornography on a hard drive because proper warrants were not obtained before imaging the hard drive and calculating MD5 hash values for the individual files on the drive, some of which ended up matching known MD5 hash values for known child pornography image and video files. More details at Kerr's posting."

Submission + - Car navigation system -- from the 1920s (brucefwebster.com) 1

Submitted by

bfwebster

on Monday September 29, 2008 @12:04PM

bfwebster writes: "Strange Maps — one of my daily browsing stops — has a wonderful photo of a 1920's-era, pre-satellite "GPS" that fits on your wrist, no less! In essence, when you started a trip from City A to City B, you picked out the appropriate scroll — a strip map showing your route — and put it into the wristwatch-like holder. You then, well, scrolled the scroll as you drove along to see what was coming up and how far you had to go. So...who wants to build an electronic version of this that really uses GPS technology?"

Submission + - Police secretly planting GPS devices on cars (brucefwebster.com)

Submitted by

bfwebster

on Wednesday August 13, 2008 @07:43AM

bfwebster writes: "The Washington Post has a long investigative article on how more and more police departments are secretly planting GPS tracking devices on the cars of people they are investigating — usually without a warrant. After-the-fact court challenges on this technique have largely upheld such use of a GPS device, though the Washington State Supreme Court has ruled that a warrant is required."

Submission + - "Fairness Doctrine" could impact Web conte (brucefwebster.com)

Submitted by

bfwebster

on Tuesday August 12, 2008 @10:48PM

bfwebster writes: "Democrats in Congress, unhappy with Fox News and Rush Limbaugh, have made noises about reinstating the "Fairness Doctrine" to set limits on political speech on broadcast media. FCC Commissioner Robert McDowell has cautioned that such an effort might well have implications for web content as well. Something to keep in mind."

Submission + - California Supreme Court bans most non-competes (bfwa.com)

Submitted by

bfwebster

on Tuesday August 12, 2008 @04:02PM

bfwebster writes: "The California Supreme Court has issued a decision that bans most non-compete agreements within the state. This is not a new development per se, but it is a rather sweeping affirmation of existing California law and upholds the reversal on appeal of a lower court decision enforcing a particular non-compete agreement. The bottom line: if you're doing business in California, you should be very proactive on intellectual property protection (trade secret, copyright, patent) if you don't want key information — business or technical — walking out the door with your ex-employees."

Slashdot Top Deals