Frankly, I'm not surprised that a script kiddie (which is all Mafia boy was) could take Yahoo! down back in 2000. I worked there in 1999 for four or five months, and left in disgust at how poor their engineering was. On my first day I fixed a bug where user input was being used as a format string. This in C code that was written by a "veteran" coder, who clearly couldn't write anything maintainable. There was no documentation (I'm not exaggerating), designs were communicate verbally, hacked together and then forgotten. There was not project management as such, and no middle management - seniority was based simply on who had been there the longest. While this "hacker ethos", of which Yahoo! employees were inordinately proud, may have worked when it was two guys working from a trailer but it was disastrous in a large, international development team.
It was the ActiveState port, which was funded at least in part by MicroSoft. It included a number of modules for accessing Windows specific features, bu the problem was that they were poorly documented and the API changed between releases. The reason I know is because I had to write a few scripts for NT 4.0 when the company I worked at was transitioning from SunOS. It was this experience that made me decide to stick with Unix, even if it seemed to be a declining technology (circa 1997 IIRC). Thankfully Linux took off in a big way, and NT never really lived up to MicroSoft's hype.
You CAN pass a fundamental type by reference in C#
That I didn't know. The designers of Java took a conscious decision not to allow pointers or references to fundamental types, and the only time I've ever found this to be problematic is in CORBA code, where modifiable arguments of fundamental type have to be wrapped in an object. Outside of CORBA code, I can't think of a single occasion where I've wanted to be able to pass a fundamental type by reference.
You may be a master of C#, but you clearly know very little about Java - all objects are passed by reference in Java. Fundamental types like int, long, etc. are passed by value, and I understand this is the same in C#.
You have a blender at work? Wow, and I thought people who talk on the phone all day were annoying!
It's for protein shakes - I work out at lunch time, and I'm only allowed to use the blender during the lunch hour. As for annoying, those sat around me are all managers so the only thing the noise would distract them from is Facebook, regardless of the time of day.
Associating MAC addresses with specific switches and addresses on the DHCP server is precisely how my place does things. It means that even if someone does sneak in their laptop, plugging it into a network socket is going to result in no connection. Compare that to when I was on site as a consultant at a very large investment bank last year - they had personal wireless access points and laptops all over company network. Some of the company access points were unsecured while the personal ones were brought in by people wanting to subvert various inter-departmental firewalls. Infrastructure was outsourced, which meant getting things like ports opened for trading systems to communicate with each other was an extremely slow, bureaucratic process. Instead, it was much easier to plonk a wireless access point on each network.
... tropical fish *tank*...
Oh yes, and it's probably worth pointing out that our sys support people would have an issue with personal kit that runs Windows.
Looking around my desk I see the following electronic widgets that are mine rather than the companies:
A pair of DEC Shark computers. A Sparc based luggable. Coffee percolator. Blender.
As long as I got them checked out for electrical safety the system support people here were fine with it, and this is nothing as compared to some of the stuff I saw at a big dot.com that likes exclamation marks. One guy had a pinball machine in his cube, and another had a large tropical fish bubbling away while percolators were everywhere.
Really? The core GNOME developers may not develop on, or principally for, the BSDs but they are pretty receptive to patches from the ports and package maintainers. Since the release of GNOME 2.0, the code has certainly got more portable across different Unix like operating systems, which is quite remarkable as there's far more features that rely on OS specific implementations of things like Bluetooth. (Freedesktop initiatives have certainly helped).
The FreeBSD 5.x series is a good example of a not very stable or thoroughly inspected environment, as is NetBSD on some so-called "supported" platforms (I'm talking about Mac-PPC here).
while I agree that FreeBSD 5.x was effectively a beta release at best, I disagree with your opinion on NetBSD. Speaking as someone who runs NetBSD and Linux on a PowerPC Mac (G4 Powerbook), I can assure you that while installing NetBSD was painful, it runs faster than Linux as well as being just as stable. I also run NetBSD on sgi-mips, sparc, vax and alpha. The only one that has stability problems is my Alpha when I tried to use an IDE hard drive (SCSI works fine). In comparison, I've never managed to successfully install Linux on the SGI or Vax, although on Sparc and Alpha it installs and runs fine.
I would suggest you consult with a qualified lawyer before you find yourself in the same situation.
The closest I've been to this is when I worked for a dot.com that had one of their servers compromised. I was accused of hacking my own system by the boss (a particularly nasty piece of work who had basically fucked her way to the top of a media company), which amused me no end as I had the root password and therefore no need to hack my way in. I also had a paper trail that showed I was aware of the server being insecure, but that management all the way up to the boss would not allow me to take it off line in order to rebuild and secure it. I walked out of the office and they received my resignation by courier that afternoon. Subsequently the boss refused to pay my last months salary, and said she would take me to an industrial tribunal if I pursued the matter. I pursued it to the small claims court, where the dot.com didn't even bother sending a solicitor on the day. I won, and received a cheque several days before I would have been able to instruct baillifs to seize the company assets if they didn't pay up.
Based on that experience, I can't help feeling that Childs' only mistake was to be working for a political rather than a commercial entity. If there really was a dispute over the passwords, then it should have been a disciplinary matter. In the UK at least, it could have been taken further by instituting proceedings at an industrial tribunal, but I've never heard of a firm getting someone locked up on the grounds that the SF authorities have. I even know of people who have stolen large quantities of hardware and simply walked with nothing more from the employer than a refusal to supply a reference.
I suggest you read Paul Venezia's articles and blog entries concerning the Terry Childs case. The SF authorities have changed their account a number of times, and it is no longer clear what Childs employment status was at the time he refused to handover the password(s). As for passwords being the companies property, they should have instituted the procedures that Childs suggested, and would have avoided this issue. What if he'd been incapacitated (by the classic running over by a bus for example)? As for documentation at home, well if that's a crime then most of the conscientious and hard working IT people I've ever worked with would be guilty of it.
http://weblog.infoworld.com/venezia/
If this really boils down to Childs refusing to hand over the password(s) after being fired, then SF are going to have one hell of a fight on their hands to not be laughed out court by arguing that the passwords are "company assets".
Your boss is your boss. Unless there's the chance that somebody could be physically hurt, your employer's passwords are NOT yours, no matter how stupid you think your boss is.
By the time his boss thought to ask for the password(s), he had already been fired. Any obligation he had to his boss had disappeared. The same goes for documentation and written procedures - I'm not going to document anything after I've been sacked. In this case the guy had been arguing for written procedures to be put in place, but no one in authority would sign them off as any failures would then be their ultimate responsibility. It should be the managers that are taking flack for this, as so often with IT cock ups.
That's not really fair. At my current job I've seen former Perl programmers write Java code that's just as illegible, unpredictable and slow as anything they used to do in Perl. Classic "former Perl programmer traits" include:
Using untyped Maps instead of "bean" classes to store data.
Inappropriate use of reflection. Everywhere.
Making everything public.
Use of massive anonymous classes to simulate closures.
I strongly agree with your critique of Hibernate. It requires you to design your database with Hibernate in mind, rather than using the natural idioms of relational database design. It's also produced performance bottlenecks when I've used it, which require as much work to resolve as I would spend hand coding a data access layer. All you need is a decent abstraction for the JDBC API, such as the one bundled with the Spring framework, then writing your own data access layer is far less onerous.
Yeah this excuse comes up every time someone dares to go against the Slashdot orthodoxy and criticise Perl, along with "it's possible to write unmaintainable code in any language". The truth is that Perl code is generally a hack, because it's so easy to do something that just about works with it. Look at the CPAN modules for example - so much unmaintained, unfinished code (for example, has Perl/Tk stopped crashing and leaking memory like a sieve yet?). For systems where "just about works" isn't good enough, I'll choose a language and libraries that allow me to use decent profiling and debugging tools. One where there is also extensive literature on designing systems (programming in the large, not just the language details or programming in the small). Where OO and threading are an intrinsic part of the language, not another weird joke from Larry Wall or eternally marked as experimental.
Finnish basically doesn't have monosyllablic words except for common particles; two syllables is the minimum.
Wrong. There's "pää" (head) and "tie" (road) for starters. The agglutinative nature of Finnish does mean that these words often occur as part of a longer word, rauta|tie|asema (railway station, literally "iron|road|station") for example, but they are freestanding words in their own right.
Which would have been pretty rich coming from someone with a surname that's strongly believed to a corruption of a Czech one, and who was also unable to trace his lineage back more than a couple of generations. If I remember rightly, his father Alois was born illegitimately and only had the name of his purported father added to his birth record much later, in order to make it easier for someone (Alois, his father or mother - can't remember) to get married.
I wasn't aware of significant, if any, influx of North Africans or Arabs into Italy (the really recent immigration from North Africa hasn't had time to impact the genetic makeup of the population as a whole). The only part of Italy that I'm aware has had a North African or Arab influence is Sicily, where the Sicilian language at least has Arab influences (as well as Latin, Spanish, Norman French and some German influences). There's also a dialect in Sicily that is strongly Albanian influenced, and unintelligible to other Sicilian language speakers, the result of a significant migration of Albanians a long time ago who then remained pretty much in one small region.
Slashdot Mirror
"Are you awake dear? I feel the need to bury my muffins".
Frankly, I'm not surprised that a script kiddie (which is all Mafia boy was) could take Yahoo! down back in 2000. I worked there in 1999 for four or five months, and left in disgust at how poor their engineering was. On my first day I fixed a bug where user input was being used as a format string. This in C code that was written by a "veteran" coder, who clearly couldn't write anything maintainable. There was no documentation (I'm not exaggerating), designs were communicate verbally, hacked together and then forgotten. There was not project management as such, and no middle management - seniority was based simply on who had been there the longest. While this "hacker ethos", of which Yahoo! employees were inordinately proud, may have worked when it was two guys working from a trailer but it was disastrous in a large, international development team.
Talk about touching you in that "special place" ...
It was the ActiveState port, which was funded at least in part by MicroSoft. It included a number of modules for accessing Windows specific features, bu the problem was that they were poorly documented and the API changed between releases. The reason I know is because I had to write a few scripts for NT 4.0 when the company I worked at was transitioning from SunOS. It was this experience that made me decide to stick with Unix, even if it seemed to be a declining technology (circa 1997 IIRC). Thankfully Linux took off in a big way, and NT never really lived up to MicroSoft's hype.
You CAN pass a fundamental type by reference in C#
That I didn't know. The designers of Java took a conscious decision not to allow pointers or references to fundamental types, and the only time I've ever found this to be problematic is in CORBA code, where modifiable arguments of fundamental type have to be wrapped in an object. Outside of CORBA code, I can't think of a single occasion where I've wanted to be able to pass a fundamental type by reference.
You may be a master of C#, but you clearly know very little about Java - all objects are passed by reference in Java. Fundamental types like int, long, etc. are passed by value, and I understand this is the same in C#.
You have a blender at work? Wow, and I thought people who talk on the phone all day were annoying!
It's for protein shakes - I work out at lunch time, and I'm only allowed to use the blender during the lunch hour. As for annoying, those sat around me are all managers so the only thing the noise would distract them from is Facebook, regardless of the time of day.
Associating MAC addresses with specific switches and addresses on the DHCP server is precisely how my place does things. It means that even if someone does sneak in their laptop, plugging it into a network socket is going to result in no connection. Compare that to when I was on site as a consultant at a very large investment bank last year - they had personal wireless access points and laptops all over company network. Some of the company access points were unsecured while the personal ones were brought in by people wanting to subvert various inter-departmental firewalls. Infrastructure was outsourced, which meant getting things like ports opened for trading systems to communicate with each other was an extremely slow, bureaucratic process. Instead, it was much easier to plonk a wireless access point on each network.
... tropical fish *tank* ...
Oh yes, and it's probably worth pointing out that our sys support people would have an issue with personal kit that runs Windows.
Looking around my desk I see the following electronic widgets that are mine rather than the companies:
A pair of DEC Shark computers.
A Sparc based luggable.
Coffee percolator.
Blender.
As long as I got them checked out for electrical safety the system support people here were fine with it, and this is nothing as compared to some of the stuff I saw at a big dot.com that likes exclamation marks. One guy had a pinball machine in his cube, and another had a large tropical fish bubbling away while percolators were everywhere.
Gnome developers don't give a frak about BSD.
Really? The core GNOME developers may not develop on, or principally for, the BSDs but they are pretty receptive to patches from the ports and package maintainers. Since the release of GNOME 2.0, the code has certainly got more portable across different Unix like operating systems, which is quite remarkable as there's far more features that rely on OS specific implementations of things like Bluetooth. (Freedesktop initiatives have certainly helped).
The FreeBSD 5.x series is a good example of a not very stable or thoroughly inspected environment, as is NetBSD on some so-called "supported" platforms (I'm talking about Mac-PPC here).
while I agree that FreeBSD 5.x was effectively a beta release at best, I disagree with your opinion on NetBSD. Speaking as someone who runs NetBSD and Linux on a PowerPC Mac (G4 Powerbook), I can assure you that while installing NetBSD was painful, it runs faster than Linux as well as being just as stable. I also run NetBSD on sgi-mips, sparc, vax and alpha. The only one that has stability problems is my Alpha when I tried to use an IDE hard drive (SCSI works fine). In comparison, I've never managed to successfully install Linux on the SGI or Vax, although on Sparc and Alpha it installs and runs fine.
I would suggest you consult with a qualified lawyer before you find yourself in the same situation.
The closest I've been to this is when I worked for a dot.com that had one of their servers compromised. I was accused of hacking my own system by the boss (a particularly nasty piece of work who had basically fucked her way to the top of a media company), which amused me no end as I had the root password and therefore no need to hack my way in. I also had a paper trail that showed I was aware of the server being insecure, but that management all the way up to the boss would not allow me to take it off line in order to rebuild and secure it. I walked out of the office and they received my resignation by courier that afternoon. Subsequently the boss refused to pay my last months salary, and said she would take me to an industrial tribunal if I pursued the matter. I pursued it to the small claims court, where the dot.com didn't even bother sending a solicitor on the day. I won, and received a cheque several days before I would have been able to instruct baillifs to seize the company assets if they didn't pay up.
Based on that experience, I can't help feeling that Childs' only mistake was to be working for a political rather than a commercial entity. If there really was a dispute over the passwords, then it should have been a disciplinary matter. In the UK at least, it could have been taken further by instituting proceedings at an industrial tribunal, but I've never heard of a firm getting someone locked up on the grounds that the SF authorities have. I even know of people who have stolen large quantities of hardware and simply walked with nothing more from the employer than a refusal to supply a reference.
It really is fscked. Every job advert is for Lehmans.
I suggest you read Paul Venezia's articles and blog entries concerning the Terry Childs case. The SF authorities have changed their account a number of times, and it is no longer clear what Childs employment status was at the time he refused to handover the password(s). As for passwords being the companies property, they should have instituted the procedures that Childs suggested, and would have avoided this issue. What if he'd been incapacitated (by the classic running over by a bus for example)? As for documentation at home, well if that's a crime then most of the conscientious and hard working IT people I've ever worked with would be guilty of it. http://weblog.infoworld.com/venezia/ If this really boils down to Childs refusing to hand over the password(s) after being fired, then SF are going to have one hell of a fight on their hands to not be laughed out court by arguing that the passwords are "company assets".
Your boss is your boss. Unless there's the chance that somebody could be physically hurt, your employer's passwords are NOT yours, no matter how stupid you think your boss is.
By the time his boss thought to ask for the password(s), he had already been fired. Any obligation he had to his boss had disappeared. The same goes for documentation and written procedures - I'm not going to document anything after I've been sacked. In this case the guy had been arguing for written procedures to be put in place, but no one in authority would sign them off as any failures would then be their ultimate responsibility. It should be the managers that are taking flack for this, as so often with IT cock ups.
That's not really fair. At my current job I've seen former Perl programmers write Java code that's just as illegible, unpredictable and slow as anything they used to do in Perl. Classic "former Perl programmer traits" include:
I strongly agree with your critique of Hibernate. It requires you to design your database with Hibernate in mind, rather than using the natural idioms of relational database design. It's also produced performance bottlenecks when I've used it, which require as much work to resolve as I would spend hand coding a data access layer. All you need is a decent abstraction for the JDBC API, such as the one bundled with the Spring framework, then writing your own data access layer is far less onerous.
I assume this Lewis Carroll fellow was only writing batch programs.
BOOKS
-----
Learning Java (O'Reilly) - one of their better books in recent years, and actually kept up to date with new editions
Effective Java (Addison Wesley) - preferably the second edition, which covers generics
J2EE Design And Development (Wrox) - heavy going, but it's simply the best book on J2EE development
ANT In Action (Manning) - describes the de-facto build tool in the Java world, which can also automate things like deployment
TOOLS
-----
Checkstyle http://checkstyle.sf.net/ - a basic static analysis tool
PMD pmd.sf.net - a more advanced static analysis tool
THINGS TO AVOID
---------------
EJB - it's gotten better in version 3.0, but a lightweight framework like Spring is still a better choice for almost every project
Maven - it might be great for some Apache hosted projects, but it's caused more problems than it solves on every system I've worked on with it
Yeah this excuse comes up every time someone dares to go against the Slashdot orthodoxy and criticise Perl, along with "it's possible to write unmaintainable code in any language". The truth is that Perl code is generally a hack, because it's so easy to do something that just about works with it. Look at the CPAN modules for example - so much unmaintained, unfinished code (for example, has Perl/Tk stopped crashing and leaking memory like a sieve yet?). For systems where "just about works" isn't good enough, I'll choose a language and libraries that allow me to use decent profiling and debugging tools. One where there is also extensive literature on designing systems (programming in the large, not just the language details or programming in the small). Where OO and threading are an intrinsic part of the language, not another weird joke from Larry Wall or eternally marked as experimental.
I'd rather user PCRE. Written in clean and simple C and BSD licensed.
Finnish basically doesn't have monosyllablic words except for common particles; two syllables is the minimum.
Wrong. There's "pää" (head) and "tie" (road) for starters. The agglutinative nature of Finnish does mean that these words often occur as part of a longer word, rauta|tie|asema (railway station, literally "iron|road|station") for example, but they are freestanding words in their own right.
Which would have been pretty rich coming from someone with a surname that's strongly believed to a corruption of a Czech one, and who was also unable to trace his lineage back more than a couple of generations. If I remember rightly, his father Alois was born illegitimately and only had the name of his purported father added to his birth record much later, in order to make it easier for someone (Alois, his father or mother - can't remember) to get married.
I wasn't aware of significant, if any, influx of North Africans or Arabs into Italy (the really recent immigration from North Africa hasn't had time to impact the genetic makeup of the population as a whole). The only part of Italy that I'm aware has had a North African or Arab influence is Sicily, where the Sicilian language at least has Arab influences (as well as Latin, Spanish, Norman French and some German influences). There's also a dialect in Sicily that is strongly Albanian influenced, and unintelligible to other Sicilian language speakers, the result of a significant migration of Albanians a long time ago who then remained pretty much in one small region.