Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: But where is the SECRET-level physical security? (Score 5, Interesting) 315

by bfwebster (#49226665) Attached to: Clinton's Private Email System Gets a Security "F" Rating

I had someone who did SECRET-grade e-mails setup in the military write the following to me:

So, if for example Clinton only dealt with SECRET materials and they were sent or received in her email, all of the equipment (routers, switches, etc.) would have to be rated for that SIPRNet connection. Also, the space in which the equipment and servers and client computers resided in would also have to meet the specifications for SECRET material. This would include various forms of physical access to the space in the form of secure cards, biometrics, etc. No space rated for SECRET opens with a key from the local hardware store. . . .

The biggest issue I see here would be is if the server was connected to the public Internet and it resided in a non-DoD-approved space.

Not sure there are biometrics installed in the Clinton home in Chappaqua. ..bruce..

Comment: I have some standard playlists for coding, writing (Score 3, Informative) 181

by bfwebster (#49194003) Attached to: Musician Releases Album of Music To Code By

My best coding/writing playlist is...the entire set of Moody Blues albums, in chronological order. (I've been listening to them for nearly 50 years. Crap I'm old.) The albums have to play in correct order, and the cuts on each album have to play in standard order. It just pretty much becomes a musical cocoon. I've found that if I'm avoiding doing some necessary writing or coding, I can put the playlist on, and I start working almost immediately.

I do much the same thing with the collected Star Wars soundtracks (played in film sequence, i.e., Eps I through VI; and the soundtracks for the prequels are much better than the movies themselves) and the three LOTR soundtracks (again, played in film sequence).

If I'm getting sleepy, I'll put on "Wireless Barenaked Giants", a playlist containing all my Thomas Dolby, Barenaked Ladies, and TMBG songs, played on shuffle.

Ambient electronic would probably put me to sleep.

Comment: Oh, please (Score 1) 145

by bfwebster (#49118917) Attached to: Attention, Rockstar Developers: Get a Talent Agent

I can't thing of a quicker way to terminate an interview with me were I looking to hire developers.

I actually had something a bit like this happen back in 1990 or 1991 when I was building the engineering team for a software startup. I had two developers who were local to the area (San Diego) come in together for interviews. They actually had great resumes and relevant experience -- but when it came to talking compensation, then wanted (a) six-figure salaries (more than I was making as CTO/chief architect), (b) signing bonuses (did I mention that we were a startup and we're still about a year away from closing on venture funding?), and (c) broached the idea of company cars.

I thanked them for coming in and sent them on their way.

Comment: "In a place you might not expect it" -- srsly? (Score 3, Insightful) 580

by bfwebster (#49042701) Attached to: Low Vaccination Rates At Silicon Valley Daycare Facilities

The anti-vaxx movement has been almost entirely among liberals and environmentalist, who view Big Pharma and anything "unnatural" with deep suspicion. I've been highly amused at recent efforts to cast it as a conservative cause; there are some anti-vaxxers among the hard right, but the vast majority are on the left.

Comment: TEPES (Score 1) 214

by bfwebster (#48920297) Attached to: Ask Slashdot: What Makes a Great Software Developer?

Having built a long-term development team from scratch, and having screened a lot of consulting software engineers, I eventually came up with an acronym that describes what I look for: Talent, Experience, Professionalism, Education, Skill (TEPES). I wrote a post on the subject back in 2008 -- you can read it here. ..bruce..

Comment: Yes. Next question? (Score 2, Informative) 127

by bfwebster (#48470829) Attached to: Voting Machines Malfunction: 5,000 Votes Not Counted In Kansas County

Seriously, the rush to electronic voting after the 2000 Presidential election was just a bad idea all the way around -- and, frankly, most IT people with any experience were saying so. It is vastly, vastly harder to change physical media than to change electronics.

Comment: We use the wrong model for IT hiring and retention (Score 4, Interesting) 574

by bfwebster (#48306973) Attached to: The Great IT Hiring He-Said / She-Said

Eight years ago, Ruby Raley and I published (in Cutter IT Journal) an article entitled "The Longest Yard: Reorganizing IT for Success" (you can read it here). Our basic premise is that the current "industrial" model of IT hiring/management -- treating IT engineers like cogs or components -- is fundamentally flawed, and that a model based on professional sports teams would likely work much better. Having spent 20 years analyzing troubled or failed software projects, I believe we need a significantly different approach on hiring and retaining the right IT engineers. ..bruce..

Comment: Removing my palms from my face... (Score 5, Insightful) 104

by bfwebster (#48197243) Attached to: Ask Slashdot: Event Sign-Up Software Options For a Non-Profit?

I am convinced it's a mistake for this non-profit to create a software development team from a rotating pool of volunteers to write software upon which it is critically dependent.

Yes, it is, for a whole host of reasons that I'm sure will be expanded upon here shortly. I've spent 20 years dealing with troubled and failed IT projects, and one of the biggest mistakes I see time and again is an organization trying to create a mission-critical project, often in a compressed time frame, using developers who are not an experienced, functioning team. You can usually throw into that first-time adoption of some silver-bullet technology and/or methodology. So, what you get it, "OK, let's get 10 random programmers who have never delivered a working system together as a team, and they're going to develop this mission-critical system from scratch in 4 months using Swift and Agile, even though none of the programmers have ever used either. And we can add more programmers if we start to fall behind."

Having the programmers be volunteers is even worse, since they are now self-selecting based on their own interest, instead of being chosen for, you know, actual skills, talent, experience, and so on.

Sigh. ..bruce..

Comment: Re:Seriously? This is a post? (Score 1) 232

by bfwebster (#47929089) Attached to: Ask Slashdot: Have You Experienced Fear Driven Development?

Yep.. Many years ago, I said in testimony before a Congressional committee (yeah, I went there):

"Humanity has been developing information technology for half a century. That experience has taught us this unpleasant truth: virtually every information technology project above a certain size or complexity is significantly late and over budget or fails altogether; those that don't fail are often riddled with defects and difficult to enhance. Fred Brooks explored many of the root causes over twenty years ago in The Mythical Man-Month, a classic book that could be regarded as the Bible of information technology because it is universally known, often quoted, occasionally read, and rarely heeded."

Software is hard, and it gets harder the larger the project. Stupid human behavior just compounds the problem. ..bruce..

Comment: Seriously? This is a post? (Score 5, Insightful) 232

by bfwebster (#47925807) Attached to: Ask Slashdot: Have You Experienced Fear Driven Development?

Not to pile on here, but there is nothing new or recent about fear-driven projects of any kind, much less fear-driven IT projects. All you need to do is read some of the classic books on IT project management, including The Psychology of Computer Programming by Jerry Weinberg (1971), The Mythical Man-Month by Fred Brooks (1975), and Death March by Ed Yourdon (1997).

Back in the early 90s, I was chief software architect for a start-up developing a large, complex and novel commercial software product. After working long hours for years, we had missed our original release date and were struggling to come up with a new date that we could be sure of making. Top management (CEO, CFO) was considering carrot/stick "incentives" to "motivate" the engineering team to make a certain date; one of the senior developers stopped me in a hallway by the engineering offices and asked, "Don't they realize they're dealing with grown-ups back here?"

P.S. At the risk of sounding like an old fart, I remain appalled at the profound lack of familiarity among far too many IT industry practitioners of the essential books on software engineering and IT project management. As I have said ad infinitum and ad nauseum, not only do they keep re-inventing the wheel, they keep reinventing the flat tire.

Comment: I wrote about this in 1996 in BYTE (Score 5, Interesting) 608

by bfwebster (#47414679) Attached to: Normal Humans Effectively Excluded From Developing Software

The article was called "The Real Software Crisis" (BYTE, January, 1996); you can read the original text here. (BYTE's archives are no longer online). I wrote a more extended discussion on the subject back in 2008; you can read it here. One might was well write that "normal humans are effectively excluded from composing and performing music"; if you've ever known a music major in college, you'll know just how true that is (I believe Music to be a harder major than Computer Science, having dated a Music major while getting my own degree in CS). ..bruce..

+ - Copyright ruling on calculated results

Submitted by bfwebster
bfwebster writes: During the past few years, I served as an IT expert witness in BanxCorp v. Costco et al., in which BanxCorp sued Costco and Capital One for citing (with credit) its web-published national averages for CD and money market rates in their advertising. Judge Kenneth M. Karas issued his summary judgment opinion last fall, finding that BanxCorp's published averages are "uncopyrightable facts" due to the simple calculation involved and the lack of ongoing human judgment in what banks were involved. Here is my summary of his findings, along with a link to the actual ruling.

Comment: Been a problem for decades (Score 2) 118

by bfwebster (#45778727) Attached to: How Healthcare.gov Changed the Software Testing Conversation

SQA as a red-headed stepchild has been an issue for many, many years. It's just that most troubles/failed software systems don't have the widespread public exposure that Healthcare.gov has; even the most brain-dead corporation would not have launched such an incomplete and bug-ridden system to a vast end-user bases.

Some years ago, I led a review of a late (4 yrs vs 2 yrs estimated) and very over-budget ($500M vs. $180M estimated) corporate software project. The core problems had everything to do with SQA, starting with the fact that there was no SQA organization; all testing was done on an ad hoc basis by individual teams and organizations. Adding to that problem was the fact that there was no coherent architecture. After 4 years and $500M, there were no systems that were ready to go into production. Far too common in industry and especially in government. ..bruce..

+ - 30-40% of Healthcare.gov (backed systems) yet to be finished

Submitted by bfwebster
bfwebster writes: In testimony today before Congress, Deputy CIO Henry Chao indicated that 30 to 40 percent of the overall Healthcare.gov systems — primarily the payment, accounting, and back-office systems — are not yet complete. Note that payments must be made by December 15th in order for insurance coverage to start on January 1st. (Note: Chao seems to say at first that 60-70% still needs to be completed, but later clarifies himself that 30-40% needs to be completed.)

The young lady had an unusual list, Linked in part to a structural weakness. She set no preconditions.

Working...