In my ninth grade class, the teacher on the first day announced that we could resubmit any paper as many times as we wanted and only the final grade would count. Literally we could keep improving the paper until we got the grade we wanted - but, in exchange, he was going to be incredibly hard grader.
From my own experience, I learned far more from his comments on my revisions than from the comments on my initial submissions. I remember working through four revisions on a story - going from a C- to a B+ and progressing from revising grammar to revising paragraph structure to tackling cohesiveness and story arc. It was a stunning experience to realize how many things were flawed within my story.
The most important lesson came when I submitted the final version. My teacher's comment was " A- Technically well-written and I think you've done as much as you can with this story but ultimately the topic is too weak for an 'A'. " It really opened my eyes that not every story is worthy of an A and I wasn't simply going to get a good grade because I had followed good grammar and writing rules - I really needed to write an interesting story in order to get an A.
I probably learned more from his revision process than I did in any other class.
Okay, let's see a show of hands of all those people who read this article just to see if their employer was listed. I'm a little disappointed that my company wasn't quite bad enough to be listed as an all-time worst.
My favorite memory is keeping a list of what a single share of our stock was worth. At one point, it was worth a decent bottle of wine... then a good glass of wine at a bar... then a cheap beer... then a Big Mac... and finally 10 of them could buy something off the Dollar menu.:)
From the article: The cloaking device relies on recently discovered materials used to make superlenses that make light behave in a highly unusual way. Instead of having a positive refractive index - the property which makes light bend as it passes through a prism or water - the materials have a negative refractive index, which effectively makes light travel backwards.
Trust scientists to come up with a complicated term for "mirror"...:)
WARNING! If you're using Knock-Secure, please be sure to choose an orginal knock sequence. We strongly recommend against "Shave and a Haircut, Two Bits!".
It would be like the master password for all doors.:)
Talk to a fireman sometime. If they want to get in to a place, they usually totally avoid the door and go through the wall next to the door. It's usually just a piece of 1/2" plywood and 1/2" drywall with some pine studs and siding.
That has to be the loosest interpretation of knocking that I've ever heard...
According the press release, the lawsuit is over disclosure of trade secrets. I am not a lawyer, but my understanding about "trade secrets" is that you have actively protect your secrets or they cease to become secrets. From a free legal advice website :
Courts generally require active steps to protect the secrecy of valuable information. However, if there's a stated "don't tell" policy, then that can represent sufficient activity to preserve secrecy. Here too, the nature of the secret will dictate the type of effort and action required to preserve secrecy.
So it's possible that WotC is actually forced to sue if they want to pursue the status of "trade secrets" on the information that was revealed.
Well, the story definitely fits Slashdot's "News For Nerds" slogan but I'm not so sure this is "stuff that matters".:)
Still, a few warnings for those few people unfamiliar with D&D:
1) It's sure to generate a run on snacks, candy and sodas. Stock up before Saturday! 2) If you see people in costume on Nov. 5th, it's not just because they missed Halloween. Also, you don't need to offer them candy (they should have their own, see #1) 3) Really, there's only a small chance that Cthulu will actually be summoned. Still, we recommend that you avoid people in tentacled demon costumes - it might just be an all-powerful demon about to enslave the human race.
-Peter "Once upon a time, I had a dice bag signed by Gary Gygax" Hamlen
In both programming and FRPs, you can make things happen so long as you can imagine it correctly. As someone once told me, "Programming is like building with pure thought-stuff." Everything happens in an alternate realm from the physical world (the computer's memory or the group's imagination) and isn't limited by what you can do in the physical world.
I think people who are attracted by programming's allure of creating programs just by thinking are also attracted by a FRP that lets you create a world with your own imagination.
I think that adding a power supply to the purse is an excellent sales move - just imagine the new "geek-purse" - it's got blue lights around the edges, some hydraulic jacks to make it rock, maybe an X-Box installed, a GPS so you don't have to ask directions...
Well, speaking from my experience at a fairly successful consultancy business, I think there are a couple of strategies. First, there are some key skills you all need:
1) Distinguish yourself as a group that provides "practical, effective" security. Never leave any of your first customers wondering why they paid you.
2) Solve the problems they want solved rather than the problems you think should be solved. Don't go tell the customer what they need you to do; instead, listen to what they say are the problems and solve them.
3) Brutally asses all the communication skills of your team. Know who your great communicators are, and who are the people you need to hide from the customer. Face it, as a consulting firm, it matters most how you interact with the customer.
As far as strategies go: 1) I bet your primary battle will be convincing people that it's worth investing in security. Start gathering factual stories of security failures so that you can talk about specific incidents and what happened. Be prepared to explain to a non-technical user why they should spend money - and make sure it's completely relevant to them.
For instance, I worked at a web-firm that doesn't really care about security... but they also have about 12,000 social security numbers in one of their databases. When we tried to push "network security" in general, there was no traction. When we asked "what if we have to announce to all our customers that their SSN's were stolen from our database?", that allowed us to push for greater security controls.
2) Consider focusing on the "virus-protection" market. I know a lot of small businesses completely struggle with Windows viruses that can bring down the network. Since good network security can help stop the spread of viruses, it might be a reasonable fit. "Stop the havoc that viruses cause" is a strong selling point.
3) Maybe offer a "security review and emergency assistance when needed" package. Basically, you do a review of their network for a nominal fee and then you're available for emergency issues if they have a security issue. Sell it as "now you'll know who to call if you really have a problem."
Once you get in to do the review, you can even make some suggestions to improve logging/auditing so that you can respond better in an emergency.
4) Get some street cred. Publish some articles on security issues, find a security weakness in Mozilla (we just heard that it's buggier than IE, right?) and get your name out there as a "security firm".
As an alternative, answer questions on newsgroups or forums. If you're good, you can get a rep as knowing your shit by answering people's questions. Sometimes, the sysadmin who asks for help could really use a consulting group instead.
Finally, one last piece of advice:
1) Always treat your clients' problems more seriously than they treat them. If your clients are a little concerned, you need to be very concerned. If they're satisfied, you need to be slightly concerned. And don't just sound like you're taking them more seriously - take them more seriously! If the client thinks it's a little problem, treat it like a big problem and get it fixed right away. If it's a big problem, treat it like it's the end of the world.
I know it sounds silly, but it means that every time your customers contact you, they will always get the impression that you're more on top of the problem and solution than they are. And that, in the consulting world, is gold!
HAYABUSA will not only gather samples but also observe the asteroid with various scientific devices and measures. For that purpose, it is equipped with a Telescope Wide-View Cameras and Light Detection and Ranging, as well as with a Near Infrared Spectrometer. It will also employ a hopping robot, which can move around on the asteroid's surface.
A hopping robot? Sounds suspiciously like Looney Tunes. The big question is "Did they complete the programming so that it can steal the Explosive Space Modulator from Marvin when he lands on the asteroid?"
Another variation: You could try to create a game with some random rules and ask the other side to participate. For instance: "Let's play geography. I'll name a place and then you have to name a place that starts with the second letter of the place I named. I'll start with Jupiter."
For me, the most interesting part of this conversation is that it suggests that we're getting close enough that humans need to work at it in order to sound different from bots. We used to think that the Turing test was something where humans could answer normally but would still be differentiated from programs. Now we're getting to the point where humans (or at least human on AIM) have to make an effort in order to be recognized as different.
I don't disagree that the leadership can (and should) be blamed for all these problems. However...
I think that you're just pointing out who to blame rather than how to fix the problems. There are issues around * resource management (How do you get enough resources? How do you estimate how many resources you need?) * methodology (waterfall development, iterative, agile?) * project management (effective milestones, tracking, allocating resources) *customer management (requirements, probing for real needs) * software architecture (technology, platforms, 3-tier, 2 tier, etc.)
Each of these areas have different potential pitfalls and different ways to avoid them. To simply classify them all as just "leadership problems" means that you never get closer to understanding why the problems occur or how to prevent them.
Some projects fail because they don't have enough resources, or not enough time has been allotted. Sometimes, the project planners choose the wrong implementation or try to solve the wrong problem. Sometimes, projects fail because the users don't really tell you what they want.
Are all of these 'leadership problems'? Sure, you can blame the leader of the project (or his leader) for those problems - after all, they should have seen them and fixed them.
But then all you've done is group a lot of problems together under "who to blame" and not tackled the harder problem of avoiding those pitfalls. So while I agree that leaders should stop projects from failing, the root causes of the failures are far more complex than just "leadership problems".
Since I didn't see anyone else post these tips, I thought I would add some practical suggestions for implementing this sort of thing.
I think the keys are:
1) Structure things so that people get positive feedback on their side projects.
2) Create "deadlines" to encourage people to complete their side projects rather than fiddle around but never bring things to demonstratable state.
3) Encourage stimulating technical discussions beyond just the problems that people are working on. These discussions usually encourage people to tackle new things. 4) Encourage collaboration - two people on a project can maintain motivation more easily than just one person.
In practice, these can usually be combined into just one or two things. For instance: a) A previous employer had occasional "Monday technical challenge" emails that would go out. It usually covered some interesting problem (usually unrelated to work) and asked people to solve it. On Wednesdays, there would be a lunch discussion of the problem. Many of these discussions led into side projects.
b) In a similar vein, you could have monthly lunches in which people show what they've built. It helps with the deadline issue (people are now aiming for a particular meeting) and the feedback issue (people get pride of showing off).
If it really is a novel invention, you might think about patenting it. Generally speaking, patents take less money (tens o' thousands instead of millions) and that gives you some new options: 1) VC's get excited about patents - it ensures that there's a strong barrier to entry. It may make it easier to raise money. 2) You can sell your patent to another company, so you can get profit from your idea while someone else spends the capital to make it big.
If you did want to pursue this approach, I recommend hiring a lawyer. While you can patent something yourself, it's better to have an expert help craft the patent application.
I found I made the best progress when I practiced Go problems. While it's also really important to play games with humans, Go problems are a great way to gain skills.
My favorite is actually a series of books: "Graded Go Problems For Beginners" by Kano Yoshinori. It's in English, there are 4 volumes moving from 30 kyu to 10 kyu. About 400 problems a book, with reasonable explanations of both the correct and incorrect answers. Seriously, complete the four volumes and you'll get to 20-15 kyu almost painlessly.
You can also try www.goproblems.com - but I don't like those problems as much as the book series. If you can afford it, there's The Many Faces Of Go software which has good Go problems in it. It has one great advantage over a book - you actually play out the moves and the program doesn't tell you whether you're correct until the end of the sequence.
In the end, practicing problems will help you with a lot of tactical issues: is a group alive or dead, what's the best way to kill a group, how can you connect, etc. Then you can start tackling strategy which is so much harder...
But, as we learned this morning, that would be plagiarism!
You know, if Slashdot keeps this up, there will be a market for reselling old posts. "Need karma but don't have the time? No problem! For only $4.95, you can buy a quality, 5-point post - just perfect for when Slashdot posts the article again!"
If you want real smoke and mirrors, you need to come to Brooklyn (NYC).
There, the EDC commissioned a study on the best use of some Brooklyn piers. They spent $400,000 on the study (given to some well-connected consultants) and:
* the EDC uses the study for their decision, but refuses to release it.
* when pressed by city council members, they promise to publish "an executive summary" or some "highlights" from the study but don't.
* when finally hit with a Freedom of Information act, they state that the report is "worthless" and "outdated" (it is 30 days old) and still refuse to release it.
So there you go! In Brooklyn, they don't even bother to write the transparently corrupt report - they just give the money away AND make the decision in a backroom.
However, better user education and stronger security from online retailers, banks, and financial institutions is also needed to protect technically unsophisticated consumers from complex online cons like phishing attacks, Schmidt says. "You can't put somebody in a car and tell them to drive, but not tell them what the brake and gas pedal are for," he says.
Let's hear it for poor metaphors! Let's see... in this context, the gas pedal is entering your credit card onto a fake website? No, wait - maybe using your brain is the gas pedal, and entering your credit card numbers is the brake? Oh, I know - he's referring to the difference between dialup and DSL! No...maybe he's suggesting everyone has to get a license before browsing the web! Or...
You know, this reminds me of a company I used to work for. We had 30 employees, and management decided that everyone needed to have their own code for the alarm - so they could determine who comes into the office.
They even enforced making sure that each alarm code was different (I specifically heard "you can't have 1234 because Jane is already using it.")
The best part of this is that the alarm now had literally 30 different turn-off codes. If any burglar came around, it was virtually guaranteed that any code they guessed would work!
Slashdot Mirror
Or, better yet, use your boss's name!
In my ninth grade class, the teacher on the first day announced that we could resubmit any paper as many times as we wanted and only the final grade would count. Literally we could keep improving the paper until we got the grade we wanted - but, in exchange, he was going to be incredibly hard grader.
From my own experience, I learned far more from his comments on my revisions than from the comments on my initial submissions. I remember working through four revisions on a story - going from a C- to a B+ and progressing from revising grammar to revising paragraph structure to tackling cohesiveness and story arc. It was a stunning experience to realize how many things were flawed within my story.
The most important lesson came when I submitted the final version. My teacher's comment was " A- Technically well-written and I think you've done as much as you can with this story but ultimately the topic is too weak for an 'A'. " It really opened my eyes that not every story is worthy of an A and I wasn't simply going to get a good grade because I had followed good grammar and writing rules - I really needed to write an interesting story in order to get an A.
I probably learned more from his revision process than I did in any other class.
-Peter
Okay, let's see a show of hands of all those people who read this article just to see if their employer was listed. I'm a little disappointed that my company wasn't quite bad enough to be listed as an all-time worst.
... then a good glass of wine at a bar ... then a cheap beer ... then a Big Mac... and finally 10 of them could buy something off the Dollar menu. :)
My favorite memory is keeping a list of what a single share of our stock was worth. At one point, it was worth a decent bottle of wine
-Peter
From the article:
... :)
The cloaking device relies on recently discovered materials used to make superlenses that make light behave in a highly unusual way. Instead of having a positive refractive index - the property which makes light bend as it passes through a prism or water - the materials have a negative refractive index, which effectively makes light travel backwards.
Trust scientists to come up with a complicated term for "mirror"
I can just see the warnings on the package now:
:)
WARNING! If you're using Knock-Secure, please be sure to choose an orginal knock sequence. We strongly recommend against "Shave and a Haircut, Two Bits!".
It would be like the master password for all doors.
-Peter
Talk to a fireman sometime. If they want to get in to a place, they usually totally avoid the door and go through the wall next to the door. It's usually just a piece of 1/2" plywood and 1/2" drywall with some pine studs and siding.
That has to be the loosest interpretation of knocking that I've ever heard...
So it's possible that WotC is actually forced to sue if they want to pursue the status of "trade secrets" on the information that was revealed.
Well, the story definitely fits Slashdot's "News For Nerds" slogan but I'm not so sure this is "stuff that matters". :)
Still, a few warnings for those few people unfamiliar with D&D:
1) It's sure to generate a run on snacks, candy and sodas. Stock up before Saturday!
2) If you see people in costume on Nov. 5th, it's not just because they missed Halloween. Also, you don't need to offer them candy (they should have their own, see #1)
3) Really, there's only a small chance that Cthulu will actually be summoned. Still, we recommend that you avoid people in tentacled demon costumes - it might just be an all-powerful demon about to enslave the human race.
-Peter "Once upon a time, I had a dice bag signed by Gary Gygax" Hamlen
In both programming and FRPs, you can make things happen so long as you can imagine it correctly. As someone once told me, "Programming is like building with pure thought-stuff." Everything happens in an alternate realm from the physical world (the computer's memory or the group's imagination) and isn't limited by what you can do in the physical world.
I think people who are attracted by programming's allure of creating programs just by thinking are also attracted by a FRP that lets you create a world with your own imagination.
-Peter
I think that adding a power supply to the purse is an excellent sales move - just imagine the new "geek-purse" - it's got blue lights around the edges, some hydraulic jacks to make it rock, maybe an X-Box installed, a GPS so you don't have to ask directions...
:)
Go ahead - pimp your purse!
Well, speaking from my experience at a fairly successful consultancy business, I think there are a couple of strategies. First, there are some key skills you all need:
1) Distinguish yourself as a group that provides "practical, effective" security. Never leave any of your first customers wondering why they paid you.
2) Solve the problems they want solved rather than the problems you think should be solved. Don't go tell the customer what they need you to do; instead, listen to what they say are the problems and solve them.
3) Brutally asses all the communication skills of your team. Know who your great communicators are, and who are the people you need to hide from the customer. Face it, as a consulting firm, it matters most how you interact with the customer.
As far as strategies go:
1) I bet your primary battle will be convincing people that it's worth investing in security. Start gathering factual stories of security failures so that you can talk about specific incidents and what happened. Be prepared to explain to a non-technical user why they should spend money - and make sure it's completely relevant to them.
For instance, I worked at a web-firm that doesn't really care about security... but they also have about 12,000 social security numbers in one of their databases. When we tried to push "network security" in general, there was no traction. When we asked "what if we have to announce to all our customers that their SSN's were stolen from our database?", that allowed us to push for greater security controls.
2) Consider focusing on the "virus-protection" market. I know a lot of small businesses completely struggle with Windows viruses that can bring down the network. Since good network security can help stop the spread of viruses, it might be a reasonable fit. "Stop the havoc that viruses cause" is a strong selling point.
3) Maybe offer a "security review and emergency assistance when needed" package. Basically, you do a review of their network for a nominal fee and then you're available for emergency issues if they have a security issue. Sell it as "now you'll know who to call if you really have a problem."
Once you get in to do the review, you can even make some suggestions to improve logging/auditing so that you can respond better in an emergency.
4) Get some street cred. Publish some articles on security issues, find a security weakness in Mozilla (we just heard that it's buggier than IE, right?) and get your name out there as a "security firm".
As an alternative, answer questions on newsgroups or forums. If you're good, you can get a rep as knowing your shit by answering people's questions. Sometimes, the sysadmin who asks for help could really use a consulting group instead.
Finally, one last piece of advice:
1) Always treat your clients' problems more seriously than they treat them. If your clients are a little concerned, you need to be very concerned. If they're satisfied, you need to be slightly concerned. And don't just sound like you're taking them more seriously - take them more seriously! If the client thinks it's a little problem, treat it like a big problem and get it fixed right away. If it's a big problem, treat it like it's the end of the world.
I know it sounds silly, but it means that every time your customers contact you, they will always get the impression that you're more on top of the problem and solution than they are. And that, in the consulting world, is gold!
Good luck.
-Peter
HAYABUSA will not only gather samples but also observe the asteroid with various scientific devices and measures. For that purpose, it is equipped with a Telescope Wide-View Cameras and Light Detection and Ranging, as well as with a Near Infrared Spectrometer. It will also employ a hopping robot, which can move around on the asteroid's surface.
A hopping robot? Sounds suspiciously like Looney Tunes. The big question is "Did they complete the programming so that it can steal the Explosive Space Modulator from Marvin when he lands on the asteroid?"
Another variation: You could try to create a game with some random rules and ask the other side to participate. For instance: "Let's play geography. I'll name a place and then you have to name a place that starts with the second letter of the place I named. I'll start with Jupiter."
For me, the most interesting part of this conversation is that it suggests that we're getting close enough that humans need to work at it in order to sound different from bots. We used to think that the Turing test was something where humans could answer normally but would still be differentiated from programs. Now we're getting to the point where humans (or at least human on AIM) have to make an effort in order to be recognized as different.
-Peter
At the risk of beating a dead horse...
I don't disagree that the leadership can (and should) be blamed for all these problems.
However...
I think that you're just pointing out who to blame rather than how to fix the problems. There are issues around
* resource management (How do you get enough resources? How do you estimate how many resources you need?)
* methodology (waterfall development, iterative, agile?)
* project management (effective milestones, tracking, allocating resources)
*customer management (requirements, probing for real needs)
* software architecture (technology, platforms, 3-tier, 2 tier, etc.)
Each of these areas have different potential pitfalls and different ways to avoid them. To simply classify them all as just "leadership problems" means that you never get closer to understanding why the problems occur or how to prevent them.
-Peter
Shamelessly picking on the innocent typo:
They are trying to make all the solutions work in one fail swoop.
Well, no wonder it isn't working! Maybe the Fed should try the much more effective 'success swoops'...
-Peter "One swell foop" Hamlen
Some projects fail because they don't have enough resources, or not enough time has been allotted. Sometimes, the project planners choose the wrong implementation or try to solve the wrong problem. Sometimes, projects fail because the users don't really tell you what they want.
Are all of these 'leadership problems'? Sure, you can blame the leader of the project (or his leader) for those problems - after all, they should have seen them and fixed them.
But then all you've done is group a lot of problems together under "who to blame" and not tackled the harder problem of avoiding those pitfalls. So while I agree that leaders should stop projects from failing, the root causes of the failures are far more complex than just "leadership problems".
-Peter
Since I didn't see anyone else post these tips, I thought I would add some practical suggestions for implementing this sort of thing.
I think the keys are:
1) Structure things so that people get positive feedback on their side projects.
2) Create "deadlines" to encourage people to complete their side projects rather than fiddle around but never bring things to demonstratable state.
3) Encourage stimulating technical discussions beyond just the problems that people are working on. These discussions usually encourage people to tackle new things.
4) Encourage collaboration - two people on a project can maintain motivation more easily than just one person.
In practice, these can usually be combined into just one or two things. For instance:
a) A previous employer had occasional "Monday technical challenge" emails that would go out. It usually covered some interesting problem (usually unrelated to work) and asked people to solve it. On Wednesdays, there would be a lunch discussion of the problem. Many of these discussions led into side projects.
b) In a similar vein, you could have monthly lunches in which people show what they've built. It helps with the deadline issue (people are now aiming for a particular meeting) and the feedback issue (people get pride of showing off).
-Peter
If it really is a novel invention, you might think about patenting it. Generally speaking, patents take less money (tens o' thousands instead of millions) and that gives you some new options:
1) VC's get excited about patents - it ensures that there's a strong barrier to entry. It may make it easier to raise money.
2) You can sell your patent to another company, so you can get profit from your idea while someone else spends the capital to make it big.
If you did want to pursue this approach, I recommend hiring a lawyer. While you can patent something yourself, it's better to have an expert help craft the patent application.
Good luck.
-Peter
I found I made the best progress when I practiced Go problems. While it's also really important to play games with humans, Go problems are a great way to gain skills.
My favorite is actually a series of books: "Graded Go Problems For Beginners" by Kano Yoshinori. It's in English, there are 4 volumes moving from 30 kyu to 10 kyu. About 400 problems a book, with reasonable explanations of both the correct and incorrect answers. Seriously, complete the four volumes and you'll get to 20-15 kyu almost painlessly.
You can also try www.goproblems.com - but I don't like those problems as much as the book series. If you can afford it, there's The Many Faces Of Go software which has good Go problems in it. It has one great advantage over a book - you actually play out the moves and the program doesn't tell you whether you're correct until the end of the sequence.
In the end, practicing problems will help you with a lot of tactical issues: is a group alive or dead, what's the best way to kill a group, how can you connect, etc. Then you can start tackling strategy which is so much harder...
Good luck!
-Peter
But, as we learned this morning, that would be plagiarism!
You know, if Slashdot keeps this up, there will be a market for reselling old posts. "Need karma but don't have the time? No problem! For only $4.95, you can buy a quality, 5-point post - just perfect for when Slashdot posts the article again!"
If you want real smoke and mirrors, you need to come to Brooklyn (NYC).
:
There, the EDC commissioned a study on the best use of some Brooklyn piers. They spent $400,000 on the study (given to some well-connected consultants) and
* the EDC uses the study for their decision, but refuses to release it.
* when pressed by city council members, they promise to publish "an executive summary" or some "highlights" from the study but don't.
* when finally hit with a Freedom of Information act, they state that the report is "worthless" and "outdated" (it is 30 days old) and still refuse to release it.
So there you go! In Brooklyn, they don't even bother to write the transparently corrupt report - they just give the money away AND make the decision in a backroom.
Let's hear it for poor metaphors! Let's see... in this context, the gas pedal is entering your credit card onto a fake website? No, wait - maybe using your brain is the gas pedal, and entering your credit card numbers is the brake? Oh, I know - he's referring to the difference between dialup and DSL! No...maybe he's suggesting everyone has to get a license before browsing the web! Or...
I'm stumped!
You know, this reminds me of a company I used to work for. We had 30 employees, and management decided that everyone needed to have their own code for the alarm - so they could determine who comes into the office.
They even enforced making sure that each alarm code was different (I specifically heard "you can't have 1234 because Jane is already using it.")
The best part of this is that the alarm now had literally 30 different turn-off codes. If any burglar came around, it was virtually guaranteed that any code they guessed would work!
-Peter
Alright, fess up!
How many of us read the article just to see the pictures of the booth babes?
Only on Slashdot would this be called "productive"...