Forgot your password?

Comment: Ask these questions first (Score 1) 146

by dskoll (#48442411) Attached to: Ask Slashdot: Best Practices For Starting and Running a Software Shop?

Before you think about how to run your shop, ask these questions:

Do you have a product?

Is there a market for that product? How do you know?

Do you have a business plan including a marketing plan?

Once you get past those questions, the rest is easy. Outsource anything that doesn't make sense (HR, accounting, payroll) and keep your core expertise in-house. Don't obsess about coding standards, etc. until you have cash flow. It's far more important to do your utmost to get the business making money thatn to worry about programming minutiae.

I did start a software product business back in 2000 and it's going strong. The very first person I hired was our VP of Sales and Marketing. I didn't hire another technical person until employee #5, so didn't have to worry about imposing coding standards on others. :)

Comment: DMARC and Mail User Agents conspire to FAIL (Score 1) 139

by dskoll (#48297267) Attached to: Ask Slashdot: How Useful Are DMARC and DKIM?

I was involved in some quite heated discussions on the DMARC list about one problem. DMARC is supposed to prevent someone from forging the From: header sender (and to a lesser extent if used with SPF, the envelope sender.)

The problem is that most MUAs (mail clients) do not show the full email address of the sender. They only show the full name. For example, a header that looks like this:

From: American Express Fraud Dept <>

will be displayed in a typical mail client as just American Express Fraud Dept with not a single complaint from DMARC.

Even worse, a scammer can use a header like this:

From: "American Express Fraud Dept -" <>

and the mail client will display the fake address with nary a DMARC complaint.

Mail sucks. User-interfaces suck. People suck. Bah.

Comment: We use DKIM and SPF (Score 1) 139

by dskoll (#48297215) Attached to: Ask Slashdot: How Useful Are DMARC and DKIM?

My company (Roaring Penguin) uses SPF for outbound mail and we DKIM-sign our mail too. Our antispam software also supports SPF and DKIM. We don't yet support DMARC, but probably will at some point. The problem with fully supporting DMARC is the reporting component. It's a real bear to send DMARC reports, but obeying DMARC policies is much easier. We'll start by doing DMARC-policy-obeying first and then think about reporting.

Comment: Re:Possiblities (Score 1) 529

by dskoll (#48204809) Attached to: Shooting At Canadian Parliament

It is not time to panic. It is time to get serious about taking on and defeating the terrorists. That doesn't mean curtailing our civil liberties, but it does mean taking sensible precautions and not spouting Trudeau-esque bullshit about finding the "root causes" of terrorism.

There's a war on against Western democracies. We have to win it.

Comment: Re:Dear Canada.... (Score 2) 529

by dskoll (#48204761) Attached to: Shooting At Canadian Parliament

I don't think this was a rare incident by an insane person. There have been shootings at at least three different locations in Ottawa and there apparently are multiple shooters. This is a planned terrorist attack.

I live in Ottawa and I'm aware of the security of Parliament Hill. The security there was completely inadequate to deal with this kind of threat; it really needs to be increased.

Comment: Geometry-based layout (Score 2) 180

by dskoll (#48113373) Attached to: CSS Proposed 20 Years Ago Today

The wonderful Tcl/Tk toolkit solved the layout problem in the 1990's with its excellent constraint-based geometry managers: The grid engine, the packer and the placer. I'm sure it would have been possible to express each of those layout engine's rules in something analogous to CSS.

That would have made page layout so simple it'd almost be fun.

Comment: Some things are beyond the pale (Score 2) 993

by dskoll (#48077219) Attached to: Lennart Poettering: Open Source Community "Quite a Sick Place To Be In"

I am not a big fan of systemd and I find Poettering pretty abrasive. But if what he wrote is correct: Recently, people started collecting Bitcoins to hire a hitman for me (this really happened!). Just the other day, some idiot posted a "song" on youtube, a creepy work, filled with expletives about me and suggestions of violence. then that's beyond the pale. IMO, threats of death and violence should be reported to the authorities and the culprits, if found, should be prosecuted to the fullest extent of the law.

The Open Source development community is not a friendly place. You do need a thick skin. But threats of violence or death go way beyond just "unfriendly".

"Well, social relevance is a schtick, like mysteries, social relevance, science fiction..." -- Art Spiegelman