Another big issue is that no repository managers (urpmi, yum, apt, emerge) make any distinction between installing a core system library (like glibc, kernel, etc) and a userland app (gimp, openoffice, etc). IMO we'd be better served by a 'system library' repository, and a userland repository. Userland apps could more easily target a specific 'system library' set, rather than somewhat arbitrarily requiring a specific system library version, which often kicks off a whole chain of installations to satisfy that dependancy. It's harder to write and package for 'linux' because there's so many targets. It's gotten better over the last few years, but there's still room for improvement.
This sounds like a sunk cost issue. You're not willing to invest in migrating to a new system which would likely get you a larger pool of more qualified developers. Why not? You'll have to bite the bullet at some point - the number of 'qualified' (per whatever your definition is) Perl developers isn't going to go up any time soon (or ever).
"We like the Open source technologies we use, and believe using Perl gives us an advantage to rapidly develop our software."
Obviously it's not much of an advantage if you can't find enough people to do the 'rapid' development.
Maybe you're not advertising in the right places. Or not using the right incentives. Are you advertising that this is a $100k+ position? Cause that's what I think you'd need to offer to get someone to move to Boston (add relo costs as well) and do Perl full time. Long term, Perl is a dead-end career move for most people interested in keeping up with the current trends in software development.
Feel free to post your position on http://webdevjobs.com and I'll promote it on my next podcast.:)
You'd probably want to design the triangle to be able to move out of the way of the asteroid via some 'hyper space' mechanism as well, in case you were too close to thrust out of the way manually.
I'm just a satisfied reader of the book. Many of the comments here are good and useful as they stand, but as your community grows, this book will be a handy resource and perhaps help you avoid some other problems before they happen.
FWIW, I had many of the same problems with a community I ran about 10 years, but there wasn't as much of a standard way of dealing with these sort of problems, both technically and culturally. Books like the one above (and no doubt others) help condense years of experiences down in to a manageable amount of info.
But someone still has to write those sorts of triggers, for every database, every time the create one. Why isn't this sort of audit logging (changing, data changing, etc.) built in to the database engine automatically, with a few configuration options available?
Data and table change logging 'by default' would be immensely useful, and if it's done optimally by the db authors, you're going to avoid issues of poorly written useland triggers and stored procedures by people who aren't as intimately familiar with the core engine.
MS takes security seriously? Perhaps nowadays, but that's a relatively recent trend (last few years), and they've got a lot of mindshare to win back on that score.
If you're going to adopt a policy re: mail, blocking all webmail accounts would make more sense than *just* gmail, especially making that policy months ago. There was more evidence to point to spam originating from compromised Windows boxes than from Gmail.
What the heck does Google Docs have to do with this conversation? But I'll bite anyway... You really think *security* has anything to do with why Google Docs hasn't taken off in the corporate world? Nothing to do with requiring people to be connected (increasing bandwidth costs) and having to use browsers to do work they weren't meant to do (document editing)? No, Google Docs simply can't replicate the functionality corporate workers need right now. Maybe some day it will, but I'd say it's far more likely functionality is keeping it out of business rather than security.
Re:One thing Google could do about incoming spam..
on
Spammers Choose GMail
·
· Score: 1
No, actually I've found them on the first couple pages. There might be a few more that get through, but I don't normally go back but a day or so (3-4 pages maybe).
If I see a false positive, I'll do searches in the spam folder for mail from people I was corresponding with lately, just to make sure nothing's in there. It's a rarity, but does happen.
I guess that was supposed to be a joke, but it's not just one way. He can't send to me either. But he can send to other email services just fine (and receive from them).
This isn't an issue of blocking personal emails at work, it's a specific policy they enacted against gmail.com. Digging further it seems it's happening in other companies as well.
Re:It's a big problem for gmail users!
on
Spammers Choose GMail
·
· Score: 2, Interesting
Not sure how much of an issue filtering for outgoing spam would be, except perhaps an extra delivery delay. Charge for that feature as 'authorized' accounts, or something like that. I'd pay a nominal fee, tied to a credit card, to 'authenticate' my outgoing mail.
I've never sent anything that's *remotely* spammy, and people I correspond with generally don't.
What problems do you see with outgoing mail being filtered?
Re:One thing Google could do about incoming spam..
on
Spammers Choose GMail
·
· Score: 1
That option shouldn't be on by default though. I review my spam folder about once every month, and I *occasionally* find something from someone that is truly real email. Granted, we're talking about 1-2 emails per 10,000 or more, but I'd still prefer the default of just labelling them 'spam', not deleting.
Why not apply spam filters on outgoing messages?
on
Spammers Choose GMail
·
· Score: 5, Insightful
Gmail used to be touted as the best spam filtering service. Certainly it's good, but apparently they only feel the need to filtering incoming messages. Why not filter outgoing messages as well? Can't quite be a CPU problem, because outgoing has be be just a small fraction of incoming, right?
Is it just tradition? People never expect anything they send to ever have anything done to it? Google could set another precedent in webmail by introducing outgoing filters which would block or slow down mail appearing to be 'spammy'.
The IT staff at my dad's company blocked all communication with Gmail servers a few months ago, on the grounds that it was 'insecure'. Locking down an MS shop (XP/Exchange/etc) from the 'insecurity' of Google (while still accepting hotmail.com emails) still strikes me as a bit odd, but I've been hearing more reports of lax Google security with respect to spam/spammers. Perhaps they (dad's company) were on to something?
Anyone else having issues with people blocking Gmail?
I thought there was a US law passed in 2000 that gave legal status to 'e-signatures'. That's the assumption I believe echosign.com (I think that's it) operates from.
Yes, in 2006. They weren't as big in to the corporate party scene back in 1995. Nowadays they'll play just about anywhere for money, but it wasn't always so. I think the MS gig was one of the things that lead them to take a more "play anywhere for money" approach, instead of focusing primarily on the mega tours.
What amenities are you talking about? I'd gladly pay an extra $20-$40 per flight for a bit of extra leg room, but paying 5-10X the amount of an economy ticket for biz class is something which most people (including me) can't justify for every trip. And if we *all* would be willing to pay that new price, then biz would go up accordingly and that new higher price would be the low bar for pricing, based on peoples' willingness to pay it.
Are we talking Coke v Pepsi? No amount of extra $$ for 'amenities' makes that much of a difference on a 3-5 ride in US domestic economy today. So why pay extra? Of course it's a race to the bottom because 'the bottom' is all that's on offer.
I flew RDU to SJC last month. I paid $230 (maybe a bit less) I had my choice of 'economy' tickets up to $600 or so (actually, I think a couple were close to $1000). Most were aounrd $200-$450. The only things that made much of a diff to me were schedules and price. On domestic routes, what other 'amenities' are there I should consider that would make me choose one carrier over another?
What are these magic amenities that will make a 4 hours flight with no leg room more bearable for an extra $5?
People will save $5 on a flight choosing a cheaper one because in economy there's basically no difference. What are the amenities? Coke v Pepsi products? Seats without tears in them? New sickbag in every seat pocket?
I'd *gladly* pay a smaller amount more for a bit more leg room. I'm not a big person (5'9") but am cramped in economy seats. But the only choice is biz and/or first class, often at 5-10x the price of the economy price. There's no middle ground, so people choose the cheapest economy they can.
I went from RDU to SJC for about $230 last month. I could have paid up to $500 for the same trip on a different carrier, but still 'economy'. I've flown economy on all the major carriers at one point or another, and they all have the same size seats and basic service, so why pay double for the same thing?
I almost tried JetBlue, but the scheduling wasn't even close to what I needed, so I'd have had to go the day before and get a hotel for another $200. Plus the JB ticket was $650 or so - close to 3x the price I paid. I've heard good things about JB, but not good enough to pay an extra $620 for my trip.
If an airline would promote their 'amenities' for the extra few dollars, maybe I'd give it a try, but there's few amenities save legroom that can make a 5 hour trip worth any extra amount of money.
So why were people building "IE only" sites back in 1997 when IE had a 15% marketshare, if that? Cause MS bribed people to do so with 'free' access to their 'site builder tools' and such. It had nothing to do with being a 'better' browser or better experience for the end user. I worked at a company that did this, and I believe it explained many of the 'best viewed in IE' buttons way back when.
Thanks - that's the best concise explanation of the default authentication I've read. It explains some of the frustration I've had with postgresql over the years, and imo is one of the major reasons why mysql was able to take off years ago: having an easy default way of handling independant user/pass for local apps.
Because it's often still more cost effective than having to deal with hundreds of way-off-base applications submitted from people who are not even remotely qualified for the position as listed. Determining where to advertise (though many people just post @ monster.com and are done with it), networking with the community (some recruiters do it) and all the other screening that goes on before candidate X talks to decision maker Y can be very time consuming. Small companies often try it themselves, and large companies have HR departments to help that screening process. Mid-sized companies will outsource that work to a recruiting company.
For a $80k job, it still may be more cost effective to pay a recruiter $8-$12k to narrow the field down to a manageable few candidates than to take up the time of multiple people in a company to review dozens or hundreds of applications and manage that whole process. If you're routinely hiring many people per year (>10?), having that process be partially or fully in-house makes financial sense.
While I don't enjoy introducing buzzwords in to conversations just to do so, I'm not sure there's a better term than 'social media'. I'm not sure that you necessarily have to go 100% democratic, though in publicly traded companies perhaps this is more plausible.
Consider 'traditional' companies' approach to information dispersal - very limited, 'need to know' basis, and so on. The introduction of intranets has made it easier to move information around, but it tends to be buried in silos - still a 'need to know' basis. And the information is still mostly 'one way' publishing.
The introduction of 'social media' type principles to information in companies would be very un-military like, but not really be 100% democratic either. Giving people more tools to see what's going on at multiple levels of the company and to talk amongst themselves at multiple levels would ideally foster a more collaborative spirit between departments. Being able to track the relationships between people also gives a 'Big Brother' flavor to the whole affair.:)
I'm still not sure why Sun lets GCJ enthusiasts get away with calling it 'java'. Whether it's the default packaging, or the distros that do it (redhat/fedora/etc) having a program on your system called 'java' which is so half-assed compatible like the GCJ stuff is just gives Java a bad name. It's far *less* compatible than the MS Java of years ago was with 'mainstream' Java at that time, yet Sun throws a fit over MS, but leaves GCJ enthusiasts alone. I don't get it.
The answer to that and similar situations is documentation. Processes and documentation are required for a system of any size, whether it's free software or not. If the commercial/payfor software *comes* with documentation, that's an argument for it, but it still needs to be findable, and people need to have read it and understand it *before* an emergency happens.
Why does scale matter? I've gone from Dapper to Edgy to Feisty, and every time something didn't work. The wireless network card *never* worked without having to futz with ndiswrapper. And guess what? When you do that, the next upgrade breaks the working config you've got and you have to start over. And just because other people say it doesn't happen to them doesn't mean it didn't happen to me (or others I know). The only scale I care about is something working for me, and it *never* goes 100% smoothly.
Isn't this the same Comcast which runs cable service in markets which usually has a local government-granted monopoly for cable service in those regions? Funny that now they want to say "let the market decide" when cable companies generally won't invest in the infrastructure unless granted a monopoly on providing cable service. I'm remembering back a long time - perhaps this isn't the case any more. If broadband options were available everywhere, I'd certainly say "let the market decide" - many people (myself included) only have one option for broadband, and it's often cable.
Slashdot Mirror
Another big issue is that no repository managers (urpmi, yum, apt, emerge) make any distinction between installing a core system library (like glibc, kernel, etc) and a userland app (gimp, openoffice, etc). IMO we'd be better served by a 'system library' repository, and a userland repository. Userland apps could more easily target a specific 'system library' set, rather than somewhat arbitrarily requiring a specific system library version, which often kicks off a whole chain of installations to satisfy that dependancy. It's harder to write and package for 'linux' because there's so many targets. It's gotten better over the last few years, but there's still room for improvement.
This sounds like a sunk cost issue. You're not willing to invest in migrating to a new system which would likely get you a larger pool of more qualified developers. Why not? You'll have to bite the bullet at some point - the number of 'qualified' (per whatever your definition is) Perl developers isn't going to go up any time soon (or ever).
"We like the Open source technologies we use, and believe using Perl gives us an advantage to rapidly develop our software."
Obviously it's not much of an advantage if you can't find enough people to do the 'rapid' development.
Maybe you're not advertising in the right places. Or not using the right incentives. Are you advertising that this is a $100k+ position? Cause that's what I think you'd need to offer to get someone to move to Boston (add relo costs as well) and do Perl full time. Long term, Perl is a dead-end career move for most people interested in keeping up with the current trends in software development.
Feel free to post your position on http://webdevjobs.com and I'll promote it on my next podcast. :)
You'd probably want to design the triangle to be able to move out of the way of the asteroid via some 'hyper space' mechanism as well, in case you were too close to thrust out of the way manually.
Slight commercial plug for a local NC author Patrick O'Keefe. He addresses this sort of thing in his book "Managing Online Forums".
http://www.managingonlineforums.com/buy-the-book/
I'm just a satisfied reader of the book. Many of the comments here are good and useful as they stand, but as your community grows, this book will be a handy resource and perhaps help you avoid some other problems before they happen.
FWIW, I had many of the same problems with a community I ran about 10 years, but there wasn't as much of a standard way of dealing with these sort of problems, both technically and culturally. Books like the one above (and no doubt others) help condense years of experiences down in to a manageable amount of info.
Good luck with your community!
But someone still has to write those sorts of triggers, for every database, every time the create one. Why isn't this sort of audit logging (changing, data changing, etc.) built in to the database engine automatically, with a few configuration options available?
Data and table change logging 'by default' would be immensely useful, and if it's done optimally by the db authors, you're going to avoid issues of poorly written useland triggers and stored procedures by people who aren't as intimately familiar with the core engine.
MS takes security seriously? Perhaps nowadays, but that's a relatively recent trend (last few years), and they've got a lot of mindshare to win back on that score.
If you're going to adopt a policy re: mail, blocking all webmail accounts would make more sense than *just* gmail, especially making that policy months ago. There was more evidence to point to spam originating from compromised Windows boxes than from Gmail.
What the heck does Google Docs have to do with this conversation? But I'll bite anyway... You really think *security* has anything to do with why Google Docs hasn't taken off in the corporate world? Nothing to do with requiring people to be connected (increasing bandwidth costs) and having to use browsers to do work they weren't meant to do (document editing)? No, Google Docs simply can't replicate the functionality corporate workers need right now. Maybe some day it will, but I'd say it's far more likely functionality is keeping it out of business rather than security.
No, actually I've found them on the first couple pages. There might be a few more that get through, but I don't normally go back but a day or so (3-4 pages maybe).
If I see a false positive, I'll do searches in the spam folder for mail from people I was corresponding with lately, just to make sure nothing's in there. It's a rarity, but does happen.
I guess that was supposed to be a joke, but it's not just one way. He can't send to me either. But he can send to other email services just fine (and receive from them).
This isn't an issue of blocking personal emails at work, it's a specific policy they enacted against gmail.com. Digging further it seems it's happening in other companies as well.
Not sure how much of an issue filtering for outgoing spam would be, except perhaps an extra delivery delay. Charge for that feature as 'authorized' accounts, or something like that. I'd pay a nominal fee, tied to a credit card, to 'authenticate' my outgoing mail.
I've never sent anything that's *remotely* spammy, and people I correspond with generally don't.
What problems do you see with outgoing mail being filtered?
That option shouldn't be on by default though. I review my spam folder about once every month, and I *occasionally* find something from someone that is truly real email. Granted, we're talking about 1-2 emails per 10,000 or more, but I'd still prefer the default of just labelling them 'spam', not deleting.
Gmail used to be touted as the best spam filtering service. Certainly it's good, but apparently they only feel the need to filtering incoming messages. Why not filter outgoing messages as well? Can't quite be a CPU problem, because outgoing has be be just a small fraction of incoming, right?
Is it just tradition? People never expect anything they send to ever have anything done to it? Google could set another precedent in webmail by introducing outgoing filters which would block or slow down mail appearing to be 'spammy'.
The IT staff at my dad's company blocked all communication with Gmail servers a few months ago, on the grounds that it was 'insecure'. Locking down an MS shop (XP/Exchange/etc) from the 'insecurity' of Google (while still accepting hotmail.com emails) still strikes me as a bit odd, but I've been hearing more reports of lax Google security with respect to spam/spammers. Perhaps they (dad's company) were on to something?
Anyone else having issues with people blocking Gmail?
I thought there was a US law passed in 2000 that gave legal status to 'e-signatures'. That's the assumption I believe echosign.com (I think that's it) operates from.
Yes, in 2006. They weren't as big in to the corporate party scene back in 1995. Nowadays they'll play just about anywhere for money, but it wasn't always so. I think the MS gig was one of the things that lead them to take a more "play anywhere for money" approach, instead of focusing primarily on the mega tours.
What amenities are you talking about? I'd gladly pay an extra $20-$40 per flight for a bit of extra leg room, but paying 5-10X the amount of an economy ticket for biz class is something which most people (including me) can't justify for every trip. And if we *all* would be willing to pay that new price, then biz would go up accordingly and that new higher price would be the low bar for pricing, based on peoples' willingness to pay it.
Are we talking Coke v Pepsi? No amount of extra $$ for 'amenities' makes that much of a difference on a 3-5 ride in US domestic economy today. So why pay extra? Of course it's a race to the bottom because 'the bottom' is all that's on offer.
I flew RDU to SJC last month. I paid $230 (maybe a bit less) I had my choice of 'economy' tickets up to $600 or so (actually, I think a couple were close to $1000). Most were aounrd $200-$450. The only things that made much of a diff to me were schedules and price. On domestic routes, what other 'amenities' are there I should consider that would make me choose one carrier over another?
What are these magic amenities that will make a 4 hours flight with no leg room more bearable for an extra $5?
People will save $5 on a flight choosing a cheaper one because in economy there's basically no difference. What are the amenities? Coke v Pepsi products? Seats without tears in them? New sickbag in every seat pocket?
I'd *gladly* pay a smaller amount more for a bit more leg room. I'm not a big person (5'9") but am cramped in economy seats. But the only choice is biz and/or first class, often at 5-10x the price of the economy price. There's no middle ground, so people choose the cheapest economy they can.
I went from RDU to SJC for about $230 last month. I could have paid up to $500 for the same trip on a different carrier, but still 'economy'. I've flown economy on all the major carriers at one point or another, and they all have the same size seats and basic service, so why pay double for the same thing?
I almost tried JetBlue, but the scheduling wasn't even close to what I needed, so I'd have had to go the day before and get a hotel for another $200. Plus the JB ticket was $650 or so - close to 3x the price I paid. I've heard good things about JB, but not good enough to pay an extra $620 for my trip.
If an airline would promote their 'amenities' for the extra few dollars, maybe I'd give it a try, but there's few amenities save legroom that can make a 5 hour trip worth any extra amount of money.
that didn't go over well when our VP found out...
I imagine the kids didn't care for hanging in the tree either.
So why were people building "IE only" sites back in 1997 when IE had a 15% marketshare, if that? Cause MS bribed people to do so with 'free' access to their 'site builder tools' and such. It had nothing to do with being a 'better' browser or better experience for the end user. I worked at a company that did this, and I believe it explained many of the 'best viewed in IE' buttons way back when.
Thanks - that's the best concise explanation of the default authentication I've read. It explains some of the frustration I've had with postgresql over the years, and imo is one of the major reasons why mysql was able to take off years ago: having an easy default way of handling independant user/pass for local apps.
Because it's often still more cost effective than having to deal with hundreds of way-off-base applications submitted from people who are not even remotely qualified for the position as listed. Determining where to advertise (though many people just post @ monster.com and are done with it), networking with the community (some recruiters do it) and all the other screening that goes on before candidate X talks to decision maker Y can be very time consuming. Small companies often try it themselves, and large companies have HR departments to help that screening process. Mid-sized companies will outsource that work to a recruiting company.
For a $80k job, it still may be more cost effective to pay a recruiter $8-$12k to narrow the field down to a manageable few candidates than to take up the time of multiple people in a company to review dozens or hundreds of applications and manage that whole process. If you're routinely hiring many people per year (>10?), having that process be partially or fully in-house makes financial sense.
While I don't enjoy introducing buzzwords in to conversations just to do so, I'm not sure there's a better term than 'social media'. I'm not sure that you necessarily have to go 100% democratic, though in publicly traded companies perhaps this is more plausible.
:)
Consider 'traditional' companies' approach to information dispersal - very limited, 'need to know' basis, and so on. The introduction of intranets has made it easier to move information around, but it tends to be buried in silos - still a 'need to know' basis. And the information is still mostly 'one way' publishing.
The introduction of 'social media' type principles to information in companies would be very un-military like, but not really be 100% democratic either. Giving people more tools to see what's going on at multiple levels of the company and to talk amongst themselves at multiple levels would ideally foster a more collaborative spirit between departments. Being able to track the relationships between people also gives a 'Big Brother' flavor to the whole affair.
I'm still not sure why Sun lets GCJ enthusiasts get away with calling it 'java'. Whether it's the default packaging, or the distros that do it (redhat/fedora/etc) having a program on your system called 'java' which is so half-assed compatible like the GCJ stuff is just gives Java a bad name. It's far *less* compatible than the MS Java of years ago was with 'mainstream' Java at that time, yet Sun throws a fit over MS, but leaves GCJ enthusiasts alone. I don't get it.
The answer to that and similar situations is documentation. Processes and documentation are required for a system of any size, whether it's free software or not. If the commercial/payfor software *comes* with documentation, that's an argument for it, but it still needs to be findable, and people need to have read it and understand it *before* an emergency happens.
Why does scale matter? I've gone from Dapper to Edgy to Feisty, and every time something didn't work. The wireless network card *never* worked without having to futz with ndiswrapper. And guess what? When you do that, the next upgrade breaks the working config you've got and you have to start over. And just because other people say it doesn't happen to them doesn't mean it didn't happen to me (or others I know). The only scale I care about is something working for me, and it *never* goes 100% smoothly.
Isn't this the same Comcast which runs cable service in markets which usually has a local government-granted monopoly for cable service in those regions? Funny that now they want to say "let the market decide" when cable companies generally won't invest in the infrastructure unless granted a monopoly on providing cable service. I'm remembering back a long time - perhaps this isn't the case any more. If broadband options were available everywhere, I'd certainly say "let the market decide" - many people (myself included) only have one option for broadband, and it's often cable.