Slashdot videos: Now with more Slashdot!
Oh and when I say they work great, I was kind of lying. I have a favorite example. A while back a developer I was working with wrote some Spring/Hibernate code to pull records in from the database and print a billing report. Soon as he handed it off to me, I thought "What happens if I throw 100000 records at this?" Well what happened is that it crashed. So I cut the number in half and it still crashed. Down around 30000 records, it started taking about half an hour and THEN crashing.
Turns out he was using the framework to pull all the records from a couple of different tables and doing the join in Java. The SQL join I wrote to test the code took a couple of minutes to run on a million records and returned the correct output. On a hundred thousand it was neighborhood of 10 seconds.
Now the Spring/Hibernate people will be quick to point out that you can edit some XML file or something and make the framework do a join for you, thus solving that problem. And that is true, if you know a fair bit about the framework. And you'd have to know a fair bit about all the other frameworks they used on that project, too. By the time you got done learning all the frameworks they were using to the level of detail where you could actually be that effective with them, you could have written the application they'd built 10 times over.
Fortunately this story has a happy ending. The team ended up deciding to run the original developer's code against the billing database several times a day so that it would never have so many records to process that it would crash, thus solving the problem once and for all!
I'm not saying users are completely blameless littel angels. But I'm so sick and tired of this reflex of blaming everything on stupid users.
Some comedian said it very nicely about another topic: When a house burns down, and the firefighters put out the flames, they don't just go home and write a report saying "fire destroyed the house". They go in and sift through the debris and try to figure out what caused the fire.
In IT we largely don't do that. We treat users as mystical black boxes and root causes and once we've found the user somewhere in the chain of causality, we stop. We don't ask ourselves why the user made this mistake or why the users don't seem to want security. We say "stupidity" the same way ancient map makers put "here be dragons" on their maps.
And that, I say, is stupid. We should go in there and figure out what actually is in that white spot. Why did the user make this mistake? Why do they fall for phishing? Why do they want speed over security? And a boilerplate "because they're stupid" is not an acceptable answer.
We're so smart (or so we think), but we can't figure out how to make security desirable, unobtrusive and a positive experience. Really?
You can lead a horse to water but you can't make him drink.
People are too lazy to type in a password in order to send mail.
Then make it not necessary to type in a password. Even I don't understand why I should type a password for every mail I send.
Yes I do use GPG its the best thing we have going right now for the average person to protect his data.
No, it's not. It might be technically the best tool, but if it's unusable, then in sum total, it's not. There are many factors that go into these equations, and we techies are sometimes blind to some of them.
But it's so easy to make a good estimate, takes less than 10 seconds:
Take your instinctive estimate.
Increase units by one (if you think "hours", make it days. If you think "weeks" make it months, etc.)
So if you think it'll take 2-3 days, tell your manager it'll be ready in 4-6 weeks. Don't forget that in management school, they teach these fuckers to under-promise and over-deliver. He understands.
From a human psychology standpoint he would rather know that it will be done in 3 days, barring delays, than not know when it will be done and have it in two hours. I personally think that is a dumb way of doing things, but I am the outlier, not the director.
The psychological issue is that you don't know, but you have a hunch, you have some insight. You know it's probably going to be a few hours.
But for non-techies, all this stuff is a total blackbox. When you say "I don't know" they panic, because for them that means anything from a day to a month or maybe infinity. Uncertainty is a horrible psychological state and people try to avoid it. It's an instinct. When you don't know if that shadow is a monkey or a lion, it's better to panic just in case.
By saying "three days", you give him certainty. Now he knows the shadow isn't a lion.
If that unit has been willing to work for the Good Magician Humphrey for a year to get the answer to that question, there can be only one answer.
At what point does it become unethical to consider and treat these as lab animals. How much brain complexity is enough? This probably isn't it, and our A.I. isn't good enough yet. But some year we're going to cross the line, and I'm sure that as a society we're going to be completely unaware and in denial when we do.