Scaled Agile Framework or Unified Process?! Some people might call it Scrum-fall.

Working in a big org on a big product I can see why somebody would suggest mixing both. The problem is - taking the "good" things from both rather than the bad things.

For example, If you want telemetry data sent back to a repository (to track feature usage) - you might want the architecture of that figured out "up front" rather than retrofit. I say "you might." In Agile it might be an important spike to get closed up front. You have to think beyond code design and think about the whole business - when you have 200+ people working on code there are some things to take care of earlier rather than have them happen organically. Agile says that the architecture can morph and be refactored - true. But I've seen projects go into extra innings because the architecture needed to be refactored for a must-have feature. Why? Because the feature is structural across the tiers and the organic architecture didn't have this in mind.

Agile trainers would say that in Scrum you do more planning than waterfall. Waterfall you control the plan, in Agile you're always making a new one up. It is finding the time to breathe in Agile - you can't just have 200 people start coding next week. Esp if there are "big" architectural questions that haven't even made it to the drawing board - somehow you need to turn "hey - that's a good idea would should do it" into something that people can understand.

Best advice - define what "always shippable code" means to you. And do it. Every feature needs to track usage? Or be scalable? or be secure? or....? This is your Definition of Done for a story and your "control."

Of course not every good idea gets done. There's always next time.

Looks like the NSA has published an app to the appStore.

Who would have thought that such an innocuous "secret" app would be non-secret. The fools! The government will find you, and track you - there is no way around it. It's a conspiracy, man!.

And what better way than to appeal to one's vanity and build an app to let you complain. Social Engineering at its best.

Yes, Thank you!!

I was looking for the /. angle - being all techie and what not. That was going to be my post today but you beat me to it.

Secure data centers. Lock'em up and throw away the key.

>> But I'm pretty sure that "gopher banana rim plunger" would be fairly immune to attack, although perhaps unpleasant to visualize.

Not anymore.

You are assuming the Dictionary is from Webster. It isn't in this case - it is a rainbow table containing all possible combinations of 7,8,9+ characters. Kind of the million monkey Shakespeare scenario - sooner or later they'll get to that combination. I remember a password cracker that used to put 2 & 3 word combinations from the Unix dictionary together to build up its guessing-dictionary.

Now - 7 words vs 7 letters, the dictionary is smaller for 7 letters and can be broken in "seconds." 7 Words (about 56 letters) - I don't think rainbow tables are that large yet.

A co-worker used to monitor the size of rainbow tables and always make sure his password was 1 character longer. That may have also been his versioning mechanism. "1" "11" "111" "1111" .... easy to remember and "harder" to guess. I knew another guy who used the password "za" - his reasoning: yeah lots of people might try "a" but who tries "z" ? and people might try all 1 character passwords and then move onto longer ones like length "8"... figuring they'd skip length "2" because only dumb people have length 1 - everyone else has at least 6 or 8. He was probably good at the Battle Ship game.

I use 2-factor with Google and have yet to receive a text message indicating that somebody has guessed my relatively short password. Living on the edge :-)

I sent Google a "feedback" on this last year. The spam filter threshold seems to change - some months I have 1 or 2 messages, and the next 50-60. Of course during Christmas the number surges to 100's / week. I understand that the spammers are getting smarter. But I don't get this kind of email at work - and I don't even see it in the external filter. Although I don't sign up for as many online accounts using my corp email. Makes me wonder which forums are leaking my email address.

All of them are either "call me sometime", online pharma Grow your schlong guaranteed, or Buy Watches *Cheap*. And all 50 are the same email with varying number of * between the letters of the subject line. I just don't want these emails.

Sometimes mixed in between are what I'll call legit email, falsely-detected, legit sales offers or UCE. But it's hard to find when 95% is true junk. It would be helpful if the signal to noise ratio was a bit higher.

Yeah exactly! I feel PETA is saying, blah blah blah - use petrol and kill off the animals.

Wait - the "slow food" movement would say "go local."

I'm so confused. Is global warming coming or not?!