I haven't kept this as up to date as I'd like but the stuff that is here is good to know. I'm going to modify it so other people can add sections to it and it can be a living document, but until then this is all you get.
Imagine our surprise, then, when we rebooted the server and saw only 32 GB of memory available in Windows Server 2008. Did we install the memory wrong? No, the BIOS screen reported the full 48 GB of memory. In fact, the system information applet even reports 48 GB of memory:
But there's only 32 GB of usable memory in the system, somehow.
Did you feel that? A great disturbance in the Force, as if 17 billion bytes simultaneously cried out in terror and were suddenly silenced. It's so profoundly sad.
That's when I began to suspect the real culprit: weasels.
No. Not the cute weasels. I'm referring to angry, evil marketing weasels.
That's more like it. Those marketing weasels are vicious.
It's sort of like if you were all set to buy that new merino wool sweater, and you thought it was going to cost $70, which is well worth it, and when you got to Banana Republic it was on sale for only $50! Now you have an extra $20 in found money that you would have been perfectly happy to give to the Banana Republicans!
Yipes!
That bothers good capitalists. Gosh darn it, if you're willing to do without it, well, give it to me! I can put it to good use, buying a SUV or condo or Mooney or yacht one of those other things capitalists buy!
In economist jargon, capitalists want to capture the consumer surplus.
Let's do this. Instead of charging $220, let's ask each of our customers if they are rich or if they are poor. If they say they're rich, we'll charge them $349. If they say they're poor, we'll charge them $220.
Now how much do we make? Back to Excel. Notice the quantities: we're still selling the same 233 copies, but the richest 42 customers, who were all willing to spend $349 or more, are being asked to spend $349. And our profits just went up! from $43K to about $48K! NICE!
Capture me some more of that consumer surplus stuff!
How many versions of WIndows Server 2008 are there? I count at least six. They're capturing some serious consumer surplus, over there in Redmond.
Datacenter Edition
Enterprise Edition
Standard Edition
Foundation
Web
HPC
Already, I'm confused. Which one of these versions allows me to use all 48 GB of my server's memory? There are no less than six individual "compare" pages to slice and dice all the different features each version contains. Just try to make sense of it all. I dare you. No, I double dog dare you! Oh, and by the way, there's zero pricing information on any of these pages. So open another browser window and factor that into your decisionmaking, too.
I don't mean to single out Microsoft here; lots of companies use this segmented pricing trick. Even Web 2.0 darlings 37 Signals.
In an ideal world, the price would be different for every customer. The "perfect" pricing scheme would charge every customer a different amount, extracting from each one the maximum amount they are willing to pay.
The IT guy at Podunk Lutheran College has no money: Gratis.
The IT guy at a medium-sized real estate agency has some money: $500.
The IT guy at a Fortune 100 company has tons of money: $50,000.
You can never make your pricing "perfect," but you can do much better than simply setting one constant price for all situations. By carefully tuning all these details, you can find ways to charge more money from the people who are willing to pay more.
This sort of pricing seems exploitative, but it can also be an act of public good -- remember that the poorest customers are paying less; with a one-size-fits-all pricing policy, they might not be able to afford the product at all. Drug companies often follow the same pricing model when selling life-saving drugs to third-world countries. First-world countries end up subsidizing the massive costs of drug development, but the whole world benefits.
What I object to isn't the money involved, but the mental overhead. The whole thing runs so contrary to the spirit of Don't Make Me Think. Sure, don't make us customers think. Unless you want us to think about how much we'd like to pay you, that is.
And what are we paying for? The privilege of flipping the magic bits in the software that say "I am blah edition!" It's all so.. anticlimactic. All that effort, all that poring over complex feature charts and stressing out about pricing plans, and for what? Just to get the one simple, stupid thing I care about -- using all the memory in my server.
Perhaps these complaints, then, point to one unsung advantage of open source software:
Open source software only comes in one edition: awesome.
The money is irrelevant; the expensive resource here is my brain. If I choose open source, I don't have to think about licensing, feature matrices, or recurring billing. I know, I know, we don't use software that costs money here, but I'd almost be willing to pay for the privilege of not having to think about that stuff ever again.
All non-trivial abstractions, to some degree, are leaky.
This is overly dogmatic - for example, bignum classes are exactly the same regardless of the native integer multiplication. Ignoring that, this statement is essentially true, but rather inane and missing the point. Without abstractions, all our code would be completely interdependent and unmaintainable, and abstractions do a remarkable job of cleaning that up. It is a testament to the power of abstraction and how much we take it for granted that such a statement can be made at all, as if we always expected to be able to write large pieces of software in a maintainable manner.
But they can cause problems of their own. Let's consider a particular LINQ to SQL query, designed to retrieve the most recent 48 Stack Overflow questions.
var posts =
(from p in DB.Posts
where
p.PostTypeId == PostTypeId.Question &&
p.DeletionDate == null &&
p.Score >= minscore
orderby p.LastActivityDate descending
select p).
Take(maxposts);
The big hook here is that this is code the compiler actually understands. You get code completion, compiler errors if you rename a database field or mistype the syntax, and so forth. Perhaps best of all, you get an honest to goodness post object as output! So you can turn around and immediately do stuff like this:
foreach (var post in posts.ToList())
{
Render(post.Body);
}
Pretty cool, right?
Well, that Linq to SQL query is functionally equivalent to this old-school SQL blob. More than functionally, it is literally identical, if you examine the SQL string that LINQ generates behind the scenes:
string query =
"select top 48 * from Posts
where
PostTypeId = 1 and
DeletionDate is null and
Score >= -4
order by LastActivityDate desc";
This text blob is of course totally opaque to the compiler. Fat-finger a syntax error in here, and you won't find out about it until runtime. Even if it does run without a runtime error, processing the output of the query is awkward. It takes row level references and a lot of tedious data conversion to get at the underlying data.
var posts = DB.ExecuteQuery(query);
foreach (var post in posts.ToList());
{
Render(post["Body"].ToString());
}
So, LINQ to SQL is an abstraction -- we're abstracting away raw SQL and database access in favor of native language constructs and objects. I'd argue that Linq to SQL is a good abstraction. Heck, it's exactly what I asked for five years ago.
But even a good abstraction can break down in unexpected ways.
Consider this optimization, which is trivial in the old-school SQL blob code: instead of pulling down every single field in the post records, why not pull just the id number? Makes sense, if that's all I need. And it's faster -- much faster!
select top 48 * from Posts
827 ms
select top 48 Id from Posts
260 ms
Selecting all columns with the star (*) operator is expensive, and that's what LINQ to SQL always does by default. Yes, you can specify lazy loading, but not on a per-query basis. Normally, this is a non-issue, because selecting all columns for simple queries is not all that expensive. And you'd think pulling down 48 measly little post records would be squarely in the "not expensive" category!
So let's compare apples to apples. What if we got just the id numbers, then retrieved the full data for each row?
select top 48 Id from Posts
260 ms
select * from Posts where Id = 12345
3 ms
Now, retrieving 48 individual records one by one is sort of silly, becase you could easily construct a single where Id in (1,2,3..,47,48) query that would grab all 48 posts in one go. But even if we did it in this naive way, the total execution time is still a very reasonable (48 * 3 ms) + 260 ms = 404 ms. That is half the time of the standard select-star SQL emitted by LINQ to SQL!
An extra 400 milliseconds doesn't sound like much, but slow pages lose users. And why in the world would you perform a slow database query on every single page of your website when you don't have to?
It's tempting to blame Linq, but is Linq really at fault here? These seem like identical database operations to me:
1. Give me all columns of data for the top 48 posts.
or
1. Give me just the ids for the top 48 posts.
2. Retrieve all columns of data for each of those 48 ids.
So why in the wide, wide world of sports would one of these seemingly identical operations be twice as slow as the other?
The problem isn't Linq to SQL. The problem is that we're attempting to spackle a nice, clean abstraction over a database that is full of highly irregular and unusual real world behaviors. Databases that:
may not have the right indexes
may misinterpret your query and generate an inefficient query plan
are trying to perform an operation that doesn't fit well in available memory
are paging data from disks which might be busy at that particular moment
might contain irregularly sized column datatypes
That's what's so frustrating. We can't just pretend all our data is formatted into neat, orderly data structures sitting there in memory, lined up in convenient little queues for us to reach out and casually scoop them up. As I've demonstrated, even trivial queries can have bizarre behavior and performance characteristics that are not at all clear.
To its credit, Linq to SQL is quite flexible: we can use strongly typed queries, or we can use SQL blob queries that we cast to the right object type. That flexibility is critical, because so much of our performance depends on these quirks of the database. We default to the built-in Linq language constructs, and drop down to hand-tuning ye olde SQL blobs where the performance traces tell us we need to.
Either way, it's clear that you've got to know what's happening in the database every step of the way to even begin understanding the performance of your application, much less troubleshoot it.
I think you could make a fairly solid case that Linq to SQL is, in fact, a leaky and failed abstraction. Exactly the kind of thing Joel was complaining about. But I'd also argue that virtually all good programming abstractions are failed abstractions. I don't think I've ever used one that didn't leak like a sieve. But I think that's an awfully architecture astronaut way of looking at things. Instead, let's ask ourselves a more pragmatic question:
Does this abstraction make our code at least a little easier to write? To understand? To troubleshoot? Are we better off with this abstraction than we were without it?
It's our job as modern programmers not to abandon abstractions due to these deficiencies, but to embrace the useful elements of them, to adapt the working parts and construct ever so slightly less leaky and broken abstractions over time. Like desperate citizens manning a dike in a category 5 storm, we programmers keep piling up these leaky abstractions, shoring up as best we can, desperately attempting to stay ahead of the endlessly rising waters of complexity.
As much as I may curse Linq to SQL as yet another failed abstraction, I'll continue to use it. Yes, I may end up soggy and irritable at times. But it sure as heck beats drowning.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
The original iPhone was for suckershard-core gadget enthusiasts only. But as I predicted, 12 months later, the iPhone 3G rectified all the shortcomings of the first version. And now, with the iPhone 3GS, we've reached the mythical third version:
A computer industry adage is that Microsoft does not make a successful product until version 3. Its Windows operating system was not a big success until the third version was introduced in 1990 and, similarly, its Internet Explorer browsing software was lackluster until the third version.
The platform is now so compelling and polished that even I took the plunge. For context, this is the first Apple product I've owned since 1984. Literally.
I am largely ambivalent towards Apple, but it's impossible to be ambivalent about the iPhone -- and in particular, the latest and greatest iPhone 3GS. It is the Pentium to the 486 of the iPhone 3G. A landmark, genre-defining product, no longer a mere smartphone but an honest to God fully capable, no-compromises computer in the palm of your hand.
Here's how far I am willing to go: I believe the iPhone will ultimately be judged a more important product than the original Apple Macintosh.
Yes, I am dead serious. Just check back here in fifteen to twenty years to see if I was right. (Hint: I will be.)
There's always been a weird tension in Apple's computer designs, because they attempt to control every nuance of the entire experience from end to end. For the best Appletm experience, you run custom Appletm applications on artfully designed Appletm hardware dongles. That's fundamentally at odds with the classic hacker mentality that birthed the general purpose computer. You can see it in the wild west, anything goes Linux ecosystem. You can even see it in the Wintel axis of evil, where a million motley mixtures of hardware, software, and operating system variants are allowed to bloom, like little beige stickered flowers, for a price.
But a cell phone? It's a closed ecosystem, by definition, running on a proprietary network. By a status quo of incompetent megacorporations who wouldn't know user friendliness or good design if it ran up behind them and bit them in the rear end of their expensive, tailored suits. All those things that bugged me about Apple's computers are utter non-issues in the phone market. Proprietary handset? So is every other handset. Locked in to a single vendor? Everyone signs a multi-year contract. One company controlling your entire experience? That's how it's always been done. Nokia, Sony/Ericsson, Microsoft, RIM -- these guys clearly had no idea what they were in for when Apple set their sights on the cell phone market -- a market that is a nearly perfect match to Apple's strengths.
Apple was born to make a kick-ass phone. And with the lead they have, I predict they will dominate the market for years to come.
Consider all the myriad devices that the iPhone 3GS can sub for, and in some cases, outright replace:
GPS
Netbook (for casual web browsing and email)
Gameboy
Watch
Camera
MP4 Video Recorder
MP3 player
DVD player
eBook reader
Oh yeah, and I heard you can make phone calls with it, too. Like any general purpose computer, it's a jack of all trades.
As impressive as the new hardware is, the software story is even bigger. If you're a software developer, the iPhone can become a career changing device, all thanks to one little teeny-tiny icon on the iPhone home screen:
The App Store makes it brainlessly easy to install, upgrade, and purchase new applications. But more importantly, any software developer -- at the mild entry cost of owning a Mac, and signing up for the $99 iPhone Developer Program -- can build an app and sell it to the worldwide audience of iPhone users. Apple makes this stuff look easy, when historically it has been anything but. How many successful garage developers do you know for Nintendo DS? For the Motorola Razr? For Palm? For Windows Mobile?
Apple has never been particularly great at supporting software developers, but I have to give them their due: with the iPhone developer program, they've changed the game. Nowhere is this more evident than in software pricing. I went on a software buying spree when I picked up my iPhone 3GS, ending up with almost three pages of new applications from the App Store. I was a little worried that I might rack up a substantial bill, but how can I resist when cool stuff like ports of the classic Amiga Pinball Dreams are available, or the historic Guru Meditation? The list of useful (and useless) apps is almost endless, and growing every day.
My total bill for 3 screens worth of great iPhone software applications? About fifty bucks. I've paid more than that for Xbox 360 games I ended up playing for a total of maybe three hours! About half of the apps were free, and the rest were a few bucks. I think the most I paid was $9.99, and that was for an entire library. What's revolutionary here isn't just the development ecosystem, but the economics that support it, too. At these crazy low prices, why not fill your phone with cool and useful apps? You might wonder if developers can really make a living selling apps that only cost 99 cents. Sure you can, if you sell hundreds of thousands of copies:
Freeverse, one of the leading developers and publishers of iPhone games, sold the millionth copy of its Flick Fishing game over the weekend, making Flick Fishing the first paid application to reach the one million download milestone. Flick Fishing, which costs 99 cents, allows iPhone and iPod touch users to take a virtual fishing trip with the flick of a wrist. The game uses the iPhone's accelerometer to recreate a casting motion, then a combination of bait choice and fishing skill helps players land the big fish.
Preliminary weekly reports for the period from 23 March to 19 April indicate that Flight Control sold a total of 587,485 units during this time. We estimate total sales are now over 700,000 units, with the bulk of sales occurring in a 3 week period.
Flight Control
That's an honorable way to get rich programming, and a nice business alternative to the dog-eat-dog world of advertising subsidized apps.
I love nothing more than supporting my fellow software developers by voting with my wallet. it does my heart good to see so many indie and garage developers making it big on the iPhone. (Also, I'm a sucker for physics games, and there are a bunch of great ones available in the App Store). I'm more than happy to pitch in a few bucks every month for a great new iPhone app.
If this has all come across as too rah-rah, too uncritical a view of the iPhone, I apologize. There are certainly things to be critical about, such as the App Store's weird enforcement policies, the lack of support for emulators, or Flash, or anything else that might somehow undermine the platform as decided in some paranoid, secretive Apple back room. Not that we'd ever hear about it.
I didn't write this to kiss Apple's ass. I wrote this because I truly feel that the iPhone is a key inflection point in software development. We will look back on this as the time when "software" stopped being something that geeks buy (or worse, bootleg), and started being something that everyone buys, every day. You'd have to be a jaded developer indeed not to find something magical and transformative in this formula, and although others will clearly follow, the iPhone is leading the way.
"There's an app for that." Kudos, Apple. From the bottom of my hoary old software developer heart.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
In My Scaling Hero, I described the amazing scaling story of plentyoffish.com. It's impressive by any measure, but also particularly relevant to us because we're on the Microsoft stack, too. I was intrigued when Markus posted this recent update:
Last monday we upgraded our core database server after a power outage knocked the site offline. I haven't touched this machine since 2005 so it was a major undertaking to do it last minute. We upgraded from a machine with 64 GB of ram and 8 CPUs to a HP ProLiant DL785 with 512 GB of ram and 32 CPUs ...
The HP ProLiant DL785 G5starts at $16,999 -- and that's barebones, with nothing inside. Fully configured, as Markus describes, it's kind of a monster:
7U size (a typical server is 2U, and mainstream servers are often 1U)
8 CPU sockets
64 memory sockets
16 drive bays
11 expansion slots
6 power supplies
It's unclear if they bought it pre-configured, or added the disks, CPUs, and memory themselves. The most expensive configuration shown on the HP website is $37,398 and that includes only 4 processors, no drives, and a paltry 32 GB memory. When topped out with ultra-expensive 8 GB memory DIMMs, 8 high end Opterons, 10,000 RPM hard drives, and everything else -- by my estimates, it probably cost closer to $100,000. That might even be a lowball number, considering that the DL785 submitted to the TPC benchmark website (pdf) had a "system cost" of $186,700. And that machine only had 256 GB of RAM. (But, to be fair, that total included another major storage array, and a bunch of software.)
At any rate, let's assume $100,000 is a reasonable ballpark for the monster server Markus purchased. It is the very definition of scaling up -- a seriously big iron single server.
But what if you scaled out, instead -- Hadoop or MapReduce style, across lots and lots of inexpensive servers? After some initial configuration bumps, I've been happy with the inexpensive Lenovo ThinkServer RS110 servers we use. They're no match for that DL785 -- but they aren't exactly chopped liver, either:
Grand total of $1,150 per server. Plus another 10 percent for tax, shipping, and so forth. I replace the bundled CPU and memory that the server ships with, and then resell the salvaged parts on eBay for about $100 -- so let's call the total price per server $1,200.
Now, assuming a fixed spend of $100,000, we could build 83 of those 1U servers. Let's compare what we end up with for our money:
Scaling Up
Scaling Out
CPUs
32
332
RAM
512 GB
664 GB
Disk
4 TB
40.5 TB
Now which approach makes more sense?
(These numbers are a bit skewed because that DL785 is at the absolute extreme end of the big iron spectrum. You pay a hefty premium for fully maxxing out. It is possible to build a slightly less powerful server with far better bang for the buck.)
But there's something else to consider: software licensing.
Scaling Up
Scaling Out
OS
$2,310
$33,200*
SQL
$8,318
$49,800*
(If you're using all open source software, then of course these costs will be very close to zero. We're assuming a Microsoft shop here, with the necessary licenses for Windows Server 2008 and SQL Server 2008.)
Now which approach makes more sense?
What about the power costs? Electricity and rack space isn't free.
Scaling Up
Scaling Out
Peak Watts
1,200w
16,600w
Power Cost / Year
$1,577
$21,815
Now which approach makes more sense?
I'm not picking favorites. This is presented as food for thought. There are at least a dozen other factors you'd want to consider depending on the particulars of your situation. Scaling up and scaling out are both viable solutions, depending on what problem you're trying to solve, and what resources (financial, software, and otherwise) you have at hand.
That said, I think it's fair to conclude that scaling out is only frictionless when you use open source software. Otherwise, you're in a bit of a conundrum: scaling up means paying less for licenses and a lot more for hardware, while scaling out means paying less for the hardware, and a whole lot more for licenses.
Remember The Problem of the Unfinished Game? And the almost 2,500 comments those two posts generated? I know, I like to pretend it didn't happen, either. Some objected to the way I asked the question, but it was a simple question asked in simple language. I think what they're really objecting to is how unintuitive the answer is.
Which reminds me of another question that you've probably heard of:
Suppose the contestants on a game show are given the choice of three doors: behind one door is a car; behind the others, goats. After a contestant picks a door, the host, who knows what's behind all the doors, opens one of the unchosen doors, which reveals a goat. He then asks the contestant, "Do you want to switch doors?"
Should the contestant switch doors?
This is, of course, the Monty Hall problem. It's been covered to death, and quite well I might add, by dozens of writers who are farmoretalented than I.
What's interesting about this problem, to me at least, is not the solution, but the vehemence with which people react to the solution -- as described in The Drunkard's Walk: How Randomness Rules Our Lives.
It appears to be a pretty silly question. Two doors are available -- open one and you win; open the other and you lose -- so it seems self-evident that whether you change your choice or not, your chances of winning are 50/50. What could be simpler? The thing is, Marilyn said in her column that it is better to switch.
Despite the public's much-heralded lethargy when it comes to mathematical issues, Marilyn's readers reacted as if she'd advocated ceding California back to Mexico. Her denial of the obvious brought her an avalanche of mail, 10,000 letters by her estimate. If you ask the American people whether they agree that plants create the oxygen in the air, light travels faster than sound, or you cannot make radioactive milk by boiling it, you will get double-digit disagreement in each case (13 percent, 24 percent, and 35 percent, respectively). But on this issue, Americans were united: Ninety-two percent agreed Marilyn was wrong.
Perhaps the public can be forgiven their ignorance, but what of the experts? Surprisingly, the mathematicians fare little better.
Almost 1,000 Ph.D.s wrote in, many of them math professors, who seemed especially irate. "You blew it," wrote a mathematician from George Mason University. From Dickinson State University came this: "I am in shock that after being corrected by at least three mathematicians, you still do not see your mistake." From Georgetown: "How many irate mathematicians are needed to change your mind?" And someone from the U.S. Army Research Institute remarked, "If all those Ph.D.s are wrong the country would be in serious trouble." Responses continued in such great numbers and for such a long time that after devoting quite a bit of column space to the issue, Marilyn decided she whould no longer address it.
The army PhD who wrote in may have been correct that if all those PhDs were wrong, it would be a sign of trouble. But Marilyn was correct. When told of this, Paul Erdos, one of the leading mathematicians of the 20th century, said, "That's impossible." Then, when presented with a formal mathematical proof of the correct answer, he still didn't believe it and grew angry. Only after a colleague arranged for a computer simulation in which Erdos watched hundreds of trials that came out 2-to-1 in favor of switching did Erdos concede that he was wrong.
You may recognize Paul Erdos from a particularly obscure XKCD cartoon last week. So if you feel like an idiot because you couldn't figure out the Monty Hall problem, take heart. The problem is so unintuitive one of the most notable mathematicians of the last century couldn't wrap his head around it. That's ... well, that's amazing.
How can something that seems so obvious be so wrong? Apparently our brains are not wired to do these sorts of probability problems very well. Personally, I found the text of Jeffrey Rosenthal's Monty Hall, Monty Fall, Monty Crawl (pdf) to be the most illuminating, because it asks us to consider some related possibilities, and how they might affect the outcome:
Monty Fall Problem: In this variant, once you have selected one of the three doors, the host slips on a banana peel and accidentally pushes open another door, which just happens not to contain the car. Now what are the probabilities that you will win, either by sticking with your original door, or switching doors?
Monty Crawl Problem: Once you have selected one of
the three doors, the host then reveals one non-selected door which does not contain
the car. However, the host is very tired, and crawls from his position (near Door #1)
to the door he is to open. In particular, if he has a choice of doors to open, then he opens the smallest number available door. (For example, if you selected Door #1 and the car was indeed behind Door #1, then the host would always open Door #2, never Door #3.) Now what are the probabilities that you will win the car if you stick versus if you switch?
Paul Erdos was brilliant, but even he realized his own limits when presented with the highly unintuitive Monty Hall problem. For his epitaph, he suggested, in his native Hungarian, "Végre nem butulok tovább". This translates into English as "I've finally stopped getting dumber."
If only the rest of us could be so lucky.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
In my previous post, Url Shorteners: Destroying the Web Since 2002, I mentioned that one of the "features" of the new generation of URL shortening services is to frame the target content.
Digg is one of the most popular sites to implement this strategy. Here's how it works. If you're logged in to Digg, every target link you click from Digg is a shortened URL of their own creation. If I click through to a Stack Overflow article someone else has "Dugg", I'm sent to this link.
For logged in users, every outgoing Digg link is framed inside the "DiggBar". It's a way of dragging the Digg experience with you wherever you go -- while you're reading the target article, you can vote it up, see related articles, share, and so forth. And if you share this shortened URL with other users, they'll get the same behavior, provided they also hold a Digg login cookie.
At this point you're probably expecting me to rant about how evil the DiggBar is, and how it, too, is destroying the web, etcetera, etcetera, so on, and so forth. But I can't muster the indignant rage. I can give you, at best, ambivalence. Here's why:
The DiggBar is not served to the vast majority of anonymous users, but only to users who have opted in to the Digg experience by signing up.
The new rel="canonical" directive is used on target links so search engines can tell which links are the "real", authoritative links to the content. They won't be confused or have search engine juice diluted by Digg's shortened URLs. At least that's the theory, anyway.
No Digg ads are served via the DiggBar, so the framed content is not "wrapped" in ads.
I believe Digg users themselves can opt out of DiggBar via a preferences setting.
Digg is trying to build a business, just like we are with Stack Overflow. I can't fault them for their desire to extend the Digg community outward a little bit, given the zillions of outgoing links they feed to the world. Particularly when they attempted to do so in a semi-ethical way, actively soliciting community feedback along the way.
In short, Digg isn't the problem. But even if they were -- if you don't want to be framed by the DiggBar, or any other website for that matter, you could put so-called "frame-busting" JavaScript in your pages.
if (parent.frames.length > 0) {
top.location.replace(document.location);
}
Problem solved! This code (or the many frame-busting variants thereof) does work on the DiggBar. But not every framing site is as reputable as Digg. What happens when we put on our hypothetical black hats and start designing for evil?
On most browsers a 204 (No Content) HTTP response will do nothing, meaning it will leave you on the current page. But the request attempt will override the previous frame busting attempt, rendering it useless. If the server responds quickly this will be almost invisible to the user.
When life serves you lemons, make a lemon cannon. Produce frame-busting-busting JavaScript. This code does the following:
increments a counter every time the browser attempts to navigate away from the current page, via the window.onbeforeonload event handler
sets up a timer that fires every millisecond via setInterval(), and if it sees the counter incremented, changes the current location to an URL of the attacker's control
that URL serves up a page with HTTP status code 204, which does not cause the browser to navigate anywhere
Net effect: frame-busting busted. Which might naturally lead you to wonder -- hey buster, can you bust the frame-busting buster? And, if so, where does it end?
In the 1998 movie, The Big Hit, the protagonists kidnap the daughter of an extremely wealthy Japanese businessman. When they call to deliver the ransom notice, they turn to Gump who employs a brand name Trace Buster to prevent police from tracing the call.
Unbeknownst to Gump, the father has a Trace-Buster-Buster at his disposal. This in turn triggers Gump to use his Trace-Buster-Buster-Buster in an ever escalating battle to evade detection.
What's really scary is that near as I can tell, there is no solution. Due to cross-domain JavaScript security restrictions, it is almost impossible for the framed site to block or interfere with the parent page's evil JavaScript that is intentionally and aggressively blocking the framebusting.
If an evil website decides it's going to frame your website, you will be framed. Period. Frame-busting is nothing more than a false sense of security; it doesn't work. This was a disturbing revelation to me, because framing is the first step on the road to clickjacking:
A clickjacked page tricks a user into performing undesired actions by clicking on a concealed link. On a clickjacked page, the attackers show a set of dummy buttons, then load another page over it in a transparent layer. The users think that they are clicking the visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, and therefore the attackers can trick users into performing actions which the users never intended to do and there is no way of tracing such actions later, as the user was genuinely authenticated on the other page.
For example, a user might play a game in which they have to click on some buttons, but another authentic page like a web mail site from a popular service is loaded in a hidden iframe on top of the game. The iframe will load only if the user has saved the password for its respective site. The buttons in the game are placed such that their positions coincide exactly with the select all mail button and then the delete mail button. The consequence is that the user unknowingly deleted all the mail in their folder while playing a simple game. Other known exploits have been tricking users to enable their webcam and microphone through flash (which has since been corrected by Adobe), tricking users to make their social networking profile information public, making users follow someone on Twitter, etc.
I've fallen prey to a mild clickjacking exploit on Twitter myself! It really does happen -- and it's not hard to do.
Yes, Digg frames ethically, so your frame-busting of the DiggBar will appear to work. But if the framing site is evil, good luck. When faced with a determined, skilled adversary that wants to frame your contnet, all bets are off. I don't think it's possible to escape. So consider this a wakeup call: you should build clickjacking countermeasures as if your website could be framed at any time.
I was a skeptic. I didn't want to believe it either. But once shown the exploits on our own site -- fortunately, by a white hat security expert -- I lived to regret that. Don't let frame-busting code lull you into a false sense of security, too.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
Is anyone else as sick as I am of all the mainstream news coverage on Twitter? Don't get me wrong, I'm a Twitter fan, and I've been a user since 2006. To me, it's a form of public instant messaging -- yet another way to maximize the value of my keystrokes. Still, I'm a little perplexed as to the media's near-obsession with the service. If a day goes by now without the New York Times or CNN mentioning Twitter in some way, I become concerned. Am I really getting all the news? Or just the stupid, too long, non-140-character version of the news?
I guess I should be pleased that I was a (relatively) early adopter and advocate of software that has achieved the rarest of feats in the software industry -- critical mass. Adoption by the proverbial "average user". Whatever you may think of Twitter, consider this: as a software developer, you'll be fortunate to build one project that achieves critical mass in your entire life. And even then, only if you are a very, very lucky programmer: in the right place, at the right time, with the right idea, working with the right people. Most of us never get there. I don't think I will.
There is one side effect of this unprecedented popularity, though, that I definitely wouldn't have predicted: the mainstreaming of URL shortening services. You can barely use Twitter without being forced into near-mastery of URL shortening. For example, this is the super-secret, patented formula I often use when composing my Twitter messages:
"brief summary or opinion" [link for more detail]
Twitter only allows 140 characters in each status update. Some might view this as a limitation, but I consider it Twitter's best feature. I am all for enforced brevity. Maybe that's due to the pain of living through a lifetime of emfail. But depending on the size of the comment and the URL (and some URLs can be ridiculously long), I can't quite fit everything in there without sounding like an SMS-addled teenage girl. This is where URL shortening comes in.
Now, I know what you're thinking. You're a clever programmer. You could implement some kind of fancy jQuery callback to shorten the URL, and replace the longer URL with the shorter URL right there in the text as the user pauses in typing. But you don't even have to be that clever; most of the URL shortening services (that aren't in their infancy) deliver a rather predictable size for the URLs they return. You could simply estimate the size of the URL post-shortening -- maybe adding 1 character as a fudge factor for safety -- and allow the update.
Twitter, I can assure you, is far more brain damaged than you can possibly imagine. It will indeed shorten URLs that fit in the 140 character limit (whoopee!), but it does nothing for URLs that don't fit -- it will not allow you to submit the message. All part of its endearing charm.
Lame, yes, but it means that the typical, mainstream browser-based Twitter user is forced to become proficient with URL shortening services. Due to the increased exposure they've enjoyed through Twitter's meteoric rise to fame, the number of URL shortening services has exploded, and rapidly evolved -- they're no longer viewed as utility services to make URLs more convenient, but a way to subjugate, control, and perhaps worst of all, "monetize" the web experience.
So there are clear benefits for both the service (low cost of entry, potentially easy profit) and the linker (the quick rush of popularity). But URL shorteners are bad for the rest of us.
The worst problem is that shortening services add another layer of indirection to an already creaky system. A regular hyperlink implicates a browser, its DNS resolver, the publisher's DNS server, and the publisher's website. With a shortening service, you're adding something that acts like a third DNS resolver, except one that is assembled out of unvetted PHP and MySQL, without the benevolent oversight of luminaries like Dan Kaminsky and St. Postel.
The web is little more than a maze of hyperlinks, and if you can insert yourself as an intermediary in that maze, you can transform or undermine the experience in fundamental ways. Consider the disturbing directions newer URL shortening services are taking:
NotifyURL sends an email when the link is first visited.
SnipURL introduces social bookmarking features such as usernames and RSS feeds.
DwarfURL generates statistics.
Adjix, XR.com and Linkbee are ad-supported models of URL shorteners that share the revenue with their users.
bit.ly offers gratis click-through statistics and charts.
Digg offers a shortened URL which includes not just the target URL, but an iframed version that includes a set of Digg-related controls called the Digg bar.
Doiop allows the shortening to be selected by the user, and Unicode can be used to achieve really short URLs.
Believe it: the humble hyperlink, thanks to pervasive URL shortening, can now be wielded as a weapon. The internet is the house that PageRank built, and it's all predicated on hyperlinks. Once you start making every link your special flavor of "shortened" link, framing the target content -- heck, maybe wrapping it in a few ads for good measure -- you've completely turned that system on its head.
What's aggravating to me is that the current situation is completely accidental. If Twitter had provided a sane way to link a single word, none of these weaselly URL shortening clones would have reared their ugly heads at all. Consider how simple it is to decouple the hyperlink from the display text in, say, phpBB, or Markdown, or even good old HTML markup itself:
Every tiny URL is another baby step towards destroying the web as we know it. Which is exactly what you'd want to do if you're attempting to build a business on top of the ruins. Personally, I'd prefer to see the big, objective search engines who naturally sit at the center of the web offer their own URL shortening services. Who better to generate short hashes of every possible URL than the companies who already have cached copies of every URL on the internet, anyway?
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
In Why Isn't My Encryption.. Encrypting? we learned that your encryption is only as good as your understanding of the encryption code. And that the best encryption of all is no encryption, because you kept everything on the server, away from the prying eyes of the client.
In The Bathroom Wall of Code we learned the potential danger of copy-pasting code from the internet, and the continued importance of regular peer review for every line of code that enters your codebase, from whatever source.
I didn't anticipate this series becoming a trilogy, but apparently it has, because Thomas Ptacek of Matsano Security wrote a long blog entry about it. A blog entry masquerading as an overly dramatic college screenplay, but still. These guys, unlike us, are real security experts, so it's worth reading.
But you don't have to read that screenplay, because I'm going to reveal the twist in the final act right here.
The root problem wasn't failing to understand the encryption.
The root problem wasn't copy and pasting code from the internet.
The root problem wasn't failing to peer review the code.
Mr. Ptacek is absolutely right. The root problem was that we were working at the wrong layer of abstraction.
Rather than construct code from the low-level cryptography primitives provided in .NET, we should have used a library to handle our encryption needs. I'm reminded of a common Stack Overflow joke:
You can save a tremendous amount of time and effort by using the browser-independent framework that JQuery has spent untold man-hours testing, debugging, and proving in the field. While there's nothing wrong with writing JavaScript, why not speed your development time by writing to the library instead? As I've always said, don't reinvent the wheel, unless you plan on learning more about wheels.
Abstractions are important. You could view most of computer programming history as slowly, painfully clawing our way up the evolutionary tree of abstraction -- from assembly language, to C, to Java, to JavaScript, all the way up to JQuery, where the air starts to get pretty darn thin. We've already layered an operating system, web browser, and interpreted scripting language on top of each other to get to this point. It's a testament to the power of abstraction that any of it works at all.
Getting back to specifics: how can you stop programmers from working at the wrong layer of abstraction? One solution would be to disallow the .NET encryption primitives entirely. This is akin to Steve Gibson's holy crusade against raw socket programming in Windows XP. That's one way to do it, I suppose. But putting roadblocks in front of programmers is tantamount to a challenge; why not offer them more attractive alternatives, instead?
Hiding the low-level encryption primitives feels like a temporary solution. That said, I'd strongly recommend marking some of the older encryption methods as deprecated, so programmers who do stumble down some dusty old code path at least have some warning sign that they're using an algorithm with a lot of known vulnerabilities. I'm envisioning a Clippy that pops up with something like:
"Hey! It looks like you're using a method of encryption that's widely regarded as insecure by security experts! Would you like to see alternatives?"
One of those alternatives would be a full-blown library, perhaps something like Bouncy Castle, or Keyczar, or cryptlib. What could be easier than a EncryptStringForBrowser() method which has security and tamper-resistance built in, that's part of a proven, domain-expert-tested set of code that thousands if not millions of developers already rely on?
Using encryption libraries doesn't mean that crucial encryption mistakes will magically disappear overnight. But these libraries, because they force developers to work at a higher level of abstraction, do make it harder to misuse cryptography. And perhaps more importantly, usability improvements to the library can be better handled by the specialists who created the library, rather than the generalists working on the .NET framework itself.
So the next time you set out to write code -- not just encryption code, any code -- ask yourself: am I working at the right level of abstraction?
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
If you've followed my blog for any length of time, you know that I am a total regular expression fanboy. It's almost embarrassing how much I love the damn things. I'm pretty sure my teammates roll their eyes every time they see yet another class I've touched that has using System.Text.RegularExpressions at the top. You might as well rename it to JeffHasBeenHere.
But I digress. Although I love regex, I've never been a fan of the classic regular expression reference book, Friedl's Mastering Regular Expressions. I found it dry, a bit academic, and lacking in practical real world examples. It just didn't speak to me as a working programmer in the way that regular expressions themselves did, and I found that disappointing.
That's why I was so excited to discover that two of the gnarliest regex gurus I knew -- Jan Goyvaerts (author of RegexBuddy and regular-expressions.info) and Steven Levithan (author of XRegExp and RegexPal) -- were putting their heads together to create a regular expression reference for the rest of us. I immediately pre-ordered it sight unseen.
That book is Regular Expressions Cookbook. It arrived a few days ago, and although my expectations were high, I think this book has exceeded even the loftiest expectations I had. It is outstanding.
What I love about this book is two things:
It's filled with practical, real world examples of RegEx use. At every step of the way, from beginner to master level, you're building regular expressions that are actually useful in the wild, and not just abstract, obtuse academic exercises in solving string matching puzzles.
It covers all the common gotchas that you inevitably run into when you start building non-trivial regular expressions. Things like the sometimes massive (and painful) differences between regex libraries in various languages, subtle regex flavor quirks, catastrophic backtracking, unicode support, and so forth. These are all presented in context of the solutions, exactly as you'd encounter them in real programming. I know because I have the scars to prove it.
Regular Expressions Cookbook manages to be simultaneously accessible and almost ridiculously comprehensive. I consider myself a fairly advanced regex user and about 50 pages in I've already had three big "oh, wow, I didn't realize that" moments. In my mind, at least, this completely replaces the Friedl book as the go-to reference for programmers of any skill level or background who seek regular expression enlightenment.
Needless to say, recommended.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
Forty years ago this summer, a programmer sat down and knocked out in one month what would become one of the most important pieces of software ever created.
In August 1969, Ken Thompson (pictured at left), a programmer at AT&T subsidiary Bell Laboratories, saw the month-long departure of his wife and young son as an opportunity to put his ideas for a new operating system into practice. He wrote the first version of Unix in assembly language for a wimpy Digital Equipment Corp. (DEC) PDP-7 minicomputer, spending one week each on the operating system, a shell, an editor and an assembler.
The article is accompanied by a graph from wikipedia, illustrating the lineage of the Unix family.
To me, Unix has become synonymous with Linux, and the open source movement in general. The last *nixes standing shake out as follows:
Open Source
Mixed / Shared Source
Closed Source
Minix
Linux
FreeBSD
NetBSD
OpenBSD
OpenSolaris
Mac OS X
AIX
OpenServer
HP/UX
I didn't realize there were that many closed source Unix variants still surviving in the wild. It's also odd how OS X brings us full circle with the original Unics and BSD licensing. If it's lonely in the "Closed" column, imagine the existential angst of being the only vendor in the "Mixed / Shared Source" column. (NB: I think the currently tiny category Apple occupies represents the future of commercial software, but that's a topic for another blog post.)
I've been primarily a Windows developer since the early 90s, but over time, I've developed a grudging respect for Unix. I think Michael Feathers summarized it best:
There's something deep in software development that not everyone gets but the people at Bell Labs did. It's the undercurrent of "the New Jersey Style", "Worse is Better", and "the Unix philosophy" - and it's not just a feature of Bell Labs software either. You see it in the original Ethernet specification where packet collision was considered normal.. and the same sort of idea is deep in the internet protocol. It's deep awareness of design ramification - a willingness to live with a little less to avoid the bigger mess and a willingness to see elegance in the real rather than the vision.
I find this to be deeply and profoundly true in everything I've ever worked on as a programmer, and to the extent that Unix reflects these philosophies, it is undeniably on the right path. Unlike Rich Skrenta, I didn't grow up as a Unix developer, so I have come late in life to this appreciation. Joel Spolsky's take on the Unix / Windows divide, after reading The Art of UNIX Programming, is this:
What are the cultural differences between Unix and Windows programmers? There are many details and subtleties, but for the most part it comes down to one thing: Unix culture values code which is useful to other programmers, while Windows culture values code which is useful to non-programmers. This is, of course, a major simplification, but really, that's the big difference: are we programming for programmers or end users? Everything else is commentary.
So on one side, you have hundreds of command line applications, built in wildly different styles, with thousands of arcane command line parameters, all of which can be flexibly combined together to accomplish almost anything. And on the other side, you have the windows registry and MFC.
So, yes, I'm a fan of Unix. And I'm also a fan of Windows. I think it's worth studying what both are getting right and wrong, because as a programmer, I'm a fan of whatever the heck works.
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
With BitTorrent, you also start by placing your large file on a central server. But once the downloading begins, something magical happens: as clients download the file, they share whatever parts of the file they have with each other. Clients can opportunistically connect with any other client to obtain multiple parts of the file at once. And it scales perfectly: as file size and audience size increases, the bandwidth of the BitTorrent distribution network also increases. Your server does less and less work with each connected client. It's an elegant, egalitarian way of sharing large files with large audiences.
BitTorrent radically shifts the economics of distribution. It's one of the most miraculous ideas ever conceived on the internet. As far as I'm concerned, there should be a Nobel prize for computing, and the inventor of BitTorrent should be its first recipient.
I've been a happy consumer of files distributed via BitTorrent for years; it was only natural that I would turn to BitTorrent to distribute our cc-wiki licensed Stack Overflow data. I figured serving a several-hundred megabyte file with BitTorrent wouldn't be much harder than downloading one. Boy, was I ever wrong. Sharing files with BitTorrent is way more complicated than downloading them! After two frustrating hours, I finally came up with a relatively straightforward way to share a file via BitTorrent, and in the interests of saving future readers a little time, I'm documenting it here.
Now, I'm going to show you an easy way, but it isn't technically the easiest way. The easiest way is to let someone else do the sharing for you. If you own content that you want to share, LegalTorrents is the obvious choice:
LegalTorrentstm is an online digital media community.
We discover and distribute high quality open-license (Creative Commons) digital media and art, and provide support to Content Creators. We host creative content in its entirety, ensure fast, reliable downloads, and enable users to directly sponsor Content Creators and their work.
We distribute content with the full permission of the rights holders and use the peer-2-peer file-sharing technology called Bittorrent.
The site is still in beta, but signup is a snap, because they support OpenID! I encourage anyone interested to check it out. If nothing else, get the furtive thrill of actually downloading legal content through BitTorrent for once! Yes, it can happen. Shocking, I know. Don't worry, you crazy kids can get right back to your regular non-copyright-respecting torrenting ways immediately afterwards.
Anyway, you can't start sharing files on LegalTorrents without some kind of special email-us-please permission, and I was in a hurry. I wanted to share files via BitTorrent right now. I did, and you can too! But you'll need a few things first:
The uTorrent listen port. This is under Options | Preferences | Connection. This is typically set randomly every time uTorrent starts, so you may want to specify a more memorable value here.
You must have port forwarding properly configured so the outside world can get to your IP address and the port specified above. A full discussion of how to do this is outside the scope of this post, but it usually starts with your firewall settings and/or router configuration. uTorrent has a fairly nice help page at Options | Speed Guide that's a good start; just click the Test if port is forwarded properly button on that dialog to begin.
Here's where I hit a major roadblock: to share files via BitTorrent, you need a tracker.
A BitTorrent tracker is a server that assists in the communication between peers using the BitTorrent protocol. It is also, in the absence of extensions to the original protocol, the only major critical point, as clients are required to communicate with the tracker to initiate downloads. Clients that have already begun downloading also communicate with the tracker periodically to negotiate with newer peers and provide statistics; however, after the initial reception of peer data, peer communication can continue without a tracker.
Without a tracker, you're sort of hosed, as clients will never be able to find your file, much less each other. Unfortunately, most of the freely open, public trackers out there are sort of.. disreputable. And the LegalTorrents tracker won't track files unless they are on its creator whitelist, which involves that manual sign-up process. You've got precious few legit options for tracking, unless you're willing to take a trip to the wrong side of town, and associate yourself and your files with that kind of .. neighborhood. I wasn't.
Fortunately, uTorrent has a solution: you can become your own tracker!
in uTorrent, go to Options | Preferences | Advanced.
Scroll down to bt.enable_tracker and set it to True
Restart uTorrent.
Now, let's create the torrent for the file we want to host, which will point to our newly created tracker.
In uTorrent, click the Create New Torrent button.
Select the file or directory you want to share.
Enter your tracker in this format: http://my-ip-address:my-port/announce
That's it! Click Create and save the new *.torrent file you've created.
Now go forth and share your *.torrent file with the world. Share it with anyone and everyone! The more the merrier! Any client that opens your *.torrent file will attempt to connect to your tracker, download your file, and share it with other downloading clients in classic BitTorrent stylee. Pat yourself on the back; you just shared a file with the world using the transformative distribution power of BitTorrent!
But you do have to keep uTorrent running as a desktop application all the time, which is sort of a bummer. What if you wanted to share your file on a server, or via a silent background process? No problem. It's just a few more steps:
Enable the uTorrent web interface under Preferences, Web UI. Note that the URL for it is, by default, http://my-ip-address:my-port/gui/, and it requires a username and password to be set here.
Obtain a copy of the user-defined service utilities, srvany.exe and instsrv.exe. Copy them to the same folder as uTorrent.exe.
Issue this command to make uTorrent run as a service:
instsrv uTorrent "C:\uTorrent\srvany.exe"
Enter this registry file to set the path for the service named "uTorrent" you just created in the previous step:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uTorrent\Parameters]
"Application"="C:\\uTorrent\\uTorrent.exe"
In Control Panel, Services, set the account that the uTorrent service will run under. Note that you must use the same account that you set uTorrent options with if you want the service to respect those settings, so plan accordingly.
Start the uTorrent service.
(Obviously, replace the above paths with the actual paths that you installed uTorrent to.)
Bam -- you're sharing files with the world using BitTorrent, even when you're not logged in. You can control everything remotely, too, by navigating your browser to the WebUI URL.
Like so many things in Windows, it ain't pretty, but it gets the job done. It's ironic that BitTorrent, which is justly famous for equalizing the highly asymmetric nature of most people's internet connections, is itself so asymmetric when it comes to sharing: trivially easy to consume, but awkward and confusing to share. That's too bad, because BitTorrent is such a powerful tool for sharing. Hopefully this post demystifies the process a bit!
[advertisement] Interested in agile? See how a world-leading software vendor is practicing agile.
Fake51: you underestimate the ability of people to get mad. Some people start mad and just take it out on you. The hating has gradually become a little too much for me.
I read the guy's blog too, but don't understand where this is coming from. Some people just have this tendency I suppose.
Do you have a similar experience? I don't see you wanting to quit blogging, so how do you deal with this? Is it just a matter of personality? Are you better able to ignore this stuff?
And when it was all over, one of the other assistant coaches came over and said, yeah, Coach Graham rode you pretty hard, didn't he? I said, yeah. He said, that's a good thing. He said, when you're screwing up and nobody's saying anything to you anymore, that means they gave up. And that's a lesson that stuck with me my whole life: when you see yourself doing something badly and nobody's bothering to tell you anymore, that's a very bad place to be. Your critics are your ones telling you they still love you and care.
Welcoming and appreciating reasonable criticism is the right attitude to have, but it's not the full story. Do I love criticism? Do I seek it out? No. I have many personality deficiencies, but masochism isn't one of them. I don't have fantasies of waking up every day to an R. Lee Ermey browbeating from commenters. Or, maybe I do. I should blog about that.
Criticism, painful though it may be, is still a conversation. It means your readers and listeners are engaging with you, and there's something to learn from following that conversation. Those messages you're broadcasting out into the world are being received, in some form, by someone on the planet. Even if that person is, well .. this guy:
I stopped reading the blog a while a go. Joel explains my reasoning nicely in his latest post.
The mystery of the non-reading Coding Horror reader. Another NP-complete problem, I guess.
If you think something sucks to the extent that it's actively harming the world and you want it to go away, leaving comments to that effect is not the way. I know, because I bear the psychic scars of a million online flamewars, dating all the way back to 300 baud dualup modems and BBSes. I've been doing this a very long time. I've seen what works, and what doesn't.
The "just don't look" strategy [is] effective in any situation where someone or something runs on attention. On the web attention comes in the form of links and pageviews so "just don't look" translates roughly into "just don't link or read". If you don't like who's on the cover of Wired, just don't look. If no one talks about her, she'll go away. Think media gossip sites are ruining the web? Don't read them. Leggy blonde conservative got your knickers in a knot? Just don't look. Commenters ruining the internet? Moderate your comments or close them up. If some Web 2.0 blowhard says something stupid, just don't look. Hate blonde socialites? Just. Don't. Look.
I am absolutely sick to death of hearing about Susan Boyle, both in the traditional media and online. Nothing personal, you understand, I'm sure she's a perfectly lovely person. But I don't talk about Susan Boyle, because talking about her gives Susan Boyle power and currency. I just ignore Susan Boyle. I wish I had two brains so I could ignore her twice as hard. I. Just. Don't. Look. And if we could convince enough people to ignore her, she .. disappears. Poof. Like magic.
One of my favorite books as a child was the Great Brain series, the story of a family in rural Utah, set in the late 1800s. In these books, there was a strange punishment the parents doled out to their children when they seriously misbehaved. For a period of a week, or longer -- depending on the severity of the misbehavior -- nobody in the family would talk to, acknowledge, or address in any way, that particular boy. It was called "The Silent Treatment". This didn't seem like much of a punishment to me. In fact, as an introverted kid who loved solitary activities like computers and reading more than anything, it seemed kind of like a .. reward. I couldn't reconcile this feeling with the semi-biographical reality depicted in the books. To the Fitzgerald boys, the silent treatment was the worst possible punishment, far worse than a physical beating. They would go to incredible lengths to avoid getting the silent treatment. As punishments go, it must have been a doozy, though I couldn't quite wrap my geeky, socially maladjusted young head around exactly why.
The silent treatment was a punishment I didn't fully understand until years later in life. That's how you change the world. Not by arguing with people. Certainly not by screaming at them. You do it by ignoring them.
And if you feel strongly enough about me and what I do here, you can begin by ignoring this.
Joey: So you really did graduate from computer engineering?
New Girl: Yes I did, from UBC!
Joey: And you took the "Algorithms" course?
New Girl: Of course!
Joey: And you have all the papers you wrote?
New Girl: Yes! I kept them all, and I'll show them to you tomorrow!
Joey: I want to see the one we always called the "Hell Paper" at Queen's -- the mandatory fourth-year paper. You know the one, where we prove P = NP?
New Girl: I did that! I proved P = NP! I placed near the top of the class, and the professor used my paper as an example!
Joey: You proved P = NP?
New Girl: Yes!
Joey: Gotcha.
Poor Joey. Dating crazy people is one thing, but dating crazy people who claim to have proved P=NP is another matter entirely. I know, I know, my track record with P=NP is hardly any better. But at least you're not dating me, right?
The defining characteristic of an NP-complete problem is that optimal solutions, using math and logic as we currently understand them, are effectively impossible. Sure, you can approximate a solution, but an optimal solution requires so many calculations as to be infeasible, even with computers that operated at, say .. the speed of light.
In fact, one of the outstanding problems in computer science is determining whether questions exist whose answer can be quickly checked, but which require an impossibly long time to solve by any direct procedure. Problems like the one listed above certainly seem to be of this kind, but so far no one has managed to prove that any of them really are so hard as they appear, i.e., that there really is no feasible way to generate an answer with the help of a computer.
Unfortunately, proving inherent intractibility can be just as hard as finding efficient algorithms.
The theory of NP-completeness provides many straightforward techniques for proving that a given problem is "just as hard" as a large number of other problems that are widely recognize as being difficult and that have been confounding the experts for years. Armed with these techniques, you might be able to prove that the bandersnatch problem is NP-complete and march into your boss's office and announce:
I can't find an efficient algorithm, but neither can all these famous people.
At the very least, this would inform your boss that it would do no good to fire you and hire another expert on algorithms.
Now you can spend your time looking for efficient algorithms that solve various special cases of the general problem. You might look for algorithms that, though not guaranteed to run quickly, seem likely to do so most of the time. Or you might even relax the problem somewhat, looking for a fast algorithm that merely finds designs that meet most of the component specifications. Thus, the primary application of the theory of NP-completeness is to assist algorithm designers in directing their problem-solving efforts toward those approaches that have the greatest likelihood of leading to useful algorithms.
As with so many things in programming, the first step is learning enough to know when you're really screwed.
Unfortunately for poor Joey, this sad corollary to NP-completeness apparently applies to dating, too.
3) OUR LITTLE FRIEND, THE COMPUTER
3.1) Are there any OSes that don't suck?
3.2) Are there any vendors that don't suck?
3.3) How about any hardware?
3.4) Just HOW MUCH does this system suck?
3.5) Where can I find clueful tech support?
3.6) What can I do to help my computers behave?
If you answered "yes" to any of the above, I am sorry to inform you that you may be a system administrator or IT professional. But I do have one bit of potentially, at least theoretically good news for you:
Server Fault is for system administrators and IT professionals, people who manage or maintain computers in a professional capacity. If you are in charge of ...
servers
networks
many desktop PCs (other than your own)
... then you're in the right place to ask your question! Well, as long as the question is about your servers, your networks, or desktops you support, anyway.
Please note that Server Fault is not for general computer troubleshooting questions; if you paid for that desktop hardware, and it's your personal workstation, it is unlikely that your question is appropriate for Server Fault.
Although there is certainly some crossover, we believe that the programming community and the IT/sysadmin community are different beasts. Just because you're a hotshot programmer doesn't mean you have mastered networking and server configuration. And I've met a few sysadmins who could script circles around my code. That's why Server Fault gets its own domain, user profiles, and reputation system.
So if you're a bona-fide BOFH, or just a wanna-be BOFH luser like me, join us on Server Fault. Who knows, maybe we lusers can learn something from each other.
* (For the record, yes, I do own that book -- although I am easily the world's worst UNIX system administrator.)
"RAID" is now used as an umbrella term for computer data storage schemes that can divide and replicate data among multiple hard disk drives. The different schemes/architectures are named by the word RAID followed by a number, as in RAID 0, RAID 1, etc. RAID's various designs all involve two key design goals: increased data reliability or increased input/output performance. When multiple physical disks are set up to use RAID technology, they are said to be in a RAID array. This array distributes data across multiple disks, but the array is seen by the computer user and operating system as one single disk.
I hadn't worked much at all with RAID, as I felt the benefits did not outweigh the risks on the desktop machines I usually build. But the rules are different in the datacenter; the servers I built for Stack Overflowall use various forms of RAID, from RAID 1 to RAID 6 to RAID 10. While working with these servers, I was surprised to discover there are now umpteen zillion numbered variants of RAID -- but they all appear to be based on a few basic, standard forms:
RAID 0: Striping
Data is striped across (n) drives, which improves performance almost linearly with the number of drives, but at a steep cost in fault tolerance; a failure of any single striped drive renders the entire array unreadable.
RAID 1: Mirroring
Data is written across (n) drives, which offers near-perfect redundancy at a slight performance decrease when writing -- and at the cost of half your overall storage. As long as one drive in the mirror array survives, no data is lost.
Raid 5: Parity
Data is written across (n) drives with a parity block. The array can tolerate one drive failure, at the cost of one drive in storage. There may be a serious performance penalty when writing (as parity and blocks are calculated), and when the array is rebuilding.
Raid 6: Dual Parity
Data is written across (n) drives with two parity blocks. The array can tolerate two drive failures, at the cost of two drives in storage. There may be a serious performance penalty when writing (as parity and blocks are calculated), and when the array is rebuilding.
(yes, there are other forms of RAID, but they are rarely implemented or used as far as I can tell.)
It's also possible to generate so-called RAID 10 or RAID 50 arrays by nesting these RAID levels together. If you take four hard drives, stripe the two pairs, then mirror the two striped arrays -- why, you just created yourself a magical RAID 10 concoction! What's particularly magical about RAID 10 is that it inherits the strengths of both of its parents: mirroring provides excellent redundancy, and striping provides excellent speed. Some would say that RAID 10 is so good it completely obviates any need for RAID 5, and I for one agree with them.
This was all fascinating new territory to me; I knew about RAID in theory but had never spent hands-on time with it. The above is sufficient as a primer, but I recommend reading through the wikipedia entry on RAID for more depth.
It's worth mentioning here that RAID is in no way a substitute for a sane backup regimen, but rather a way to offer improved uptime and survivability for your existing systems. Hard drives are cheap and getting cheaper every day -- why not use a whole slew of the things to get better performance and better reliability for your servers? That's always been the point of Redundant Array of Inexpensive Disks, as far as I'm concerned. I guess Sun agrees; check out this monster:
That's right, 48 commodity SATA drives in a massive array, courtesy of the Sun Sunfire X4500. It also uses a new RAID system dubbed RAID-Z:
RAID-Z is a data/parity scheme like RAID-5, but it uses dynamic stripe width. Every block is its own RAID-Z stripe, regardless of blocksize. This means that every RAID-Z write is a full-stripe write. This, when combined with the copy-on-write transactional semantics of ZFS, completely eliminates the RAID write hole. RAID-Z is also faster than traditional RAID because it never has to do read-modify-write.
But far more important, going through the metadata means that ZFS can validate every block against its 256-bit checksum as it goes. Traditional RAID products can't do this; they simply XOR the data together blindly.
Which brings us to the coolest thing about RAID-Z: self-healing data. In addition to handling whole-disk failure, RAID-Z can also detect and correct silent data corruption. Whenever you read a RAID-Z block, ZFS compares it against its checksum. If the data disks didn't return the right answer, ZFS reads the parity and then does combinatorial reconstruction to figure out which disk returned bad data. It then repairs the damaged disk and returns good data to the application. ZFS also reports the incident through Solaris FMA so that the system administrator knows that one of the disks is silently failing.
Finally, note that RAID-Z doesn't require any special hardware. It doesn't need NVRAM for correctness, and it doesn't need write buffering for good performance. With RAID-Z, ZFS makes good on the original RAID promise: it provides fast, reliable storage using cheap, commodity disks.
Pardon the pun, but I'm not sure if it makes traditional hardware RAID redundant, necessarily. Even so, there are certainly fantastic, truly next-generation ideas in ZFS. There's a great ACM interview with the creators of ZFS that drills down into much more detail. Hard drives may be (mostly) dumb hunks of spinning rust, but it's downright amazing what you can do when you get a whole bunch of them working together.
Twitter is tweeting...sorry...talking to a lot of companies!
Is everyone starting to talk like Elmer Fudd or what? Sheesh! :-)
Just a quick post about everything going on with Twitter. It doesn't surprise me that Twitter is talking to a number of different companies. Twitter's growth rate is downright scary.
And the big boys are taking notice.
The companies interested in purchasing Twitter see a lot of potential in such a tiny function. Twitter provides a ton of features that any company would love to acquire, such as:
What company wouldn't want these features? Lately, it seems that the bird is the word....
Sorry, I couldn't resist. :-)
Along with the possible acquisition of Twitter, everyone wants to keep up with the Jones with the latest trends. Here are some sites that utilize Twitter to track trends on the Internet. You could even use them to track the Twitter acquisition?
Bob Bakh discusses how to connect a FreeNAS (Networked Attached Storage) to a TiVo.
Recently, I had someone send me a question from a previous post about how to hook up a FreeNAS to a TiVo. Bob Bakh was generous enough to provide a description of how he hooked everything together.
Take it away, Bob!
I configured a box to run FreeNAS on my network to manage storing Media, and backing up vital information in my home.
It was a great tool, however I wanted more, mainly the ability to simply play media stored on the FreeNAS box on my home TV without the use of a general purpose computer. One way was to use my AppleTV, hack it and use an AFP mount, or an NFS mount directly to the AppleTV, this worked well, but was a pain, and a hacked AppleTV is not a happy AppleTV. So I gave up on that plan.
I looked at my TiVo and realized I had the makings of a decent setup there, so I started to Google around for some solutions. I stumbled across a simple one in my world, which was to TiVo Desktop with the GoBack feature enabled. I used the free TiVo desktop from TiVo. And the GoBack function allowed by a hack from Visual Hub, however that hack is no longer available. A PC version is available.
You will need to buy the TiVo desktop plus to accomplish this, but it does take some manual setting of what video files you want to transfer.
Okay, so this worked, and my computer showed up in the TiVo now playing menu and allowed me to see videos that were in a mounted directory from the FreeNAS. I would select the video and it would transfer to the TiVo, and life was good, it was a bit slow, but it worked.
Now my issue with FreeNAS and other software based NAS systems was that I had to manage the hardware, and it got to be a little warm in my home office where I stored the system, so I made a few changes.
I now run a QNAP TS-509 , a 5 disk raid 5 self contained NAS system. It runs on a micro Linux kernel, has redundant network connections, and runs really cool, so my office is no longer 10 degrees hotter than the rest of my house, and it’s a whole lot quieter.
I originally had it configured the same way as the FreeNAS system, and it worked fine, but I was on the hunt for a better solution. The QNAP has a little thing called ipkg, which allows me to install UNIX utilities written and packaged for its kernel.
I installed the following
binutils - 2.17-2 - The GNU assembler and linker and related tools
bzip2 - 1.0.5-1 - Very high-quality data compression program
confuse - 2.6-2 - a configuration file parser library
ffmpeg - 0.svn20080409-2 - FFmpeg is an audio/video conversion tool.
flip - 20050821-1 - Utility program to convert text files between UNIX or Mac newlines and DOS linefeed + newlines.
grep - 2.5.3-1 - Global regular expression parser
libc-dev - 2.6.1-3 - libc development files.
libdb - 4.2.52-3 - Berkeley DB Libraries
libnsl - 2.6.1-4 - Network Services Library
libstdc++ - 6.0.9-6 - Standard C++ library, needed for dynamically linked C++ programs
ncurses - 5.7-1 - NCurses libraries
ncursesw - 5.7-1 - NCurses libraries with wide char support.
openssl - 0.9.8i-1 - Openssl provides the ssl implementation in libraries libcrypto and libssl, and is needed by many other applications and librari
python - 2.5-1 - This is a package that sets up the default python.
python24 - 2.4.5-1 - Python is an interpreted, interactive, object-oriented programming language.
python25 - 2.5.2-2 - Python is an interpreted, interactive, object-oriented programming language.
python26 - 2.6-1 - Python is an interpreted, interactive, object-oriented programming language.
python30 - 3.0-1 - Python is an interpreted, interactive, object-oriented programming language.
readline - 5.2-2 - The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are
ruby - 1.8.7-1 - An interpreted scripting language for quick and easy object-oriented programming.
sqlite - 3.6.4-1 - SQLite is a small C library that implements a self-contained, embeddable, zero-configuration SQL database engine.
zlib - 1.2.3-3 - zlib is a library implementing the 'deflate' compression system
Then I visited pyTiVo. This is the home of pyTivo, a python script that emulates a TiVo server on your network.
This allowed me to configure a directory on the system as my TiVo directory, and now I serve up videos straight from my QNAP to my TiVo, much more efficient, and no more gateway box.
I used the pyTiVo installation instructions. What this gave me is a great way to manage my videos, and with a workflow based on handbrake and visual hub, I’m able to convert my children’s DVD collection to MPEG-2 and have them view it on the TiVo, and able to keep months of their TV shows stored offline for their viewing.
It has been a great solution.
I think you may be able to install pyTivo directly on the FreeNAS system, but I never tried it.
I hope this answers some questions for you, and I can help if there are any others.
Wow! I wrote that. But so much HAS changed since March 2007.
I recently received a comment post from a reader about how awful a past post was. I read the post over and started thinking about my question, "When to use AJAX programming?"
After thinking about the question and reading it over yet again, I realized something about the reader's opinion:
He was right!
In that post, I mentioned when would be an ideal time to use AJAX: Only use AJAX in Intranet applications.
What a load of malarky! Who wrote that!
Oh.
Well, some of my points are flawed and some are right on. However, I've learned a lot since that time and found better techniques on how to write AJAX applications.
I do stand corrected. The usability aspect of AJAX would not only enhance the application, but could off-load entire web pages of HTML from the server and transition it to a simple data transfer of JSON and/or XML back to the client without an entire page refresh.
What's your take on AJAX?
So much has changed since AJAX was introduced, but how many people are currently using AJAX in their applications? I know this is just one question, but there are many more that people should be asking.
Are developers worried about security regarding AJAX and what safeguards should you add to secure your AJAX application?
Should there be a limit as to how much AJAX is added to an application? What are the guidelines for too much or too little?
Does it skew the web analytics of your web site?
I leave these questions to my audience.
What do you think about these questions and the advantages/disadvantages in my past post? Post your comments below.
Here is a collected personal experience of job hunting throughout the years. This guide is to help those in need of finding a job and how to come out on top.
After being out of a job for an allotted time of almost 2 years throughout my career and since the economy is slowly starting to come back (SLOWLY!), I thought this would be a great time to offer tips and tricks on how to actually perform a job search.
Initial Shock
After finding out the first time that I was laid off, I was completely devastated and upset with myself. I started thinking that everything I did was for naught. Not so!
Don't take it personally, it's just business.
When working for someone, keep in mind that they have an agenda and a business to run. I know, I know, they let a lot of talented people go and it's a bitter pill to swallow, but they are doing it for the better of the company. Remember, They can't take your experience away from you.
Do NOT burn any bridges!
I have talked to a number of managers who at one point had to release a consultant/employee and it was out of their control. The manager felt horrible about letting that person go...until that person opened their mouth. Needless to say, the consultant was extremely upset and took it personally. The consultant made it abundantly clear that he would never work for them again.
The manager calmly agreed.
Dust off your resume!
In your career, your resume is your secret weapon. Have it ready at all times, including on-line. You never know who you'll be talking to next. I currently have my resume on Google Docs. The great thing about Google Docs is that they can download it in PDF, MS Word, or any other format.
NOTE: Make sure you have a text version of your resume and cover letter for email deliveries.
It's all about choices!
Now, stand up, dust yourself off, hold your head high, and get ready to make your next move. You have two choices:
If you have enough money in your account to sustain a lifestyle for a 3-6 month period of time, by all means, go for it!
If not, well...continue reading. :-)
Create your resume portfolio.
Let's focus on your resume. As I said, your resume is your greatest weapon when looking for an opportunity so you need to make your resume look outstanding.
"Blah" Resumes
Don't just print out an updated resume on plain ink-jet paper and hand it to someone. Not a good thing to do. Again, THIS IS A JOB. I can't stress that enough. Your image should shine through when you hand them your resume. Look for example resumes on the Internet and tailor them to fit your personality or image.
Make a trip to Staples, OfficeMax, or Office Depot
Purchase the following items for your resume:
Exceptional Resume Paper
10" x 13" Clasp Envelopes
GOLD Paper clips
Portfolio-Style folders with two pockets on the inside.
These are your tools to create a solid resume that looks professional. The gold paper clips are for your multiple attachments (I go with gold because they look better and are more attractive than the silver paper clips).
How to organize your "resume portfolio."
Include recommendation letters, actual photo or graphic images (if applicable for design work), and cover letters (placing your cover letter first) on the left-hand side of the portfolio and place your resume on the right-hand side.
Then place each "resume portfolio" into the 10x13 Clasp Envelope.
You are now ready to start marketing yourself!
Network, Network, Network!
Let's get cracking! You have to find a job!
Prepare your Job Search Journal/Log
Open Microsoft Word or OpenOffice Writer and save a blank document as Job Search Journal - 2009. Your Job Search Journal should look like this.
3/16/2009 ------------- 8:00p - Contacted Mrs. Doe from recruiting company @ 999-999-9999 regarding position at Marketing, Inc.
9:30p - Received call from Jeff about an interview for Friday
.
.
3/17/2009
-------------
* Found a new job posting on Indeed.com for a CIO position.
.
.
I know this sounds like a pain in the @$$, but trust me, your contact list is very valuable.
Make yourself visible to recruiters
One thing that recruiters look for are people who show some initiative and are in constant contact with them. As my father used to say, "the squeaky wheel gets the grease."
My job search site of choice is LinkedIn.com. Over the years, I have accumulated a large number of recruiters in my address book so this was a great place to start.
LinkedIn.com makes this a VERY simple process. Since you can tag all of your contacts with a particular keyword, I've tagged certain contacts with the "recruiter" keyword and sent an email to all of them with the click of a button.
After sending out an email to these recruiters, 80% of the recruiters wrote back within 30 minutes telling me about opportunities and wanted to schedule an interview to get a better "feel" for my skills. This entry would be added to my Job Search Journal as:
Sent emails out to my list of recruiters from LinkedIn.com
Joe at blah blah
Phil at blah, blah
No vacation time on this job.
Just because it's called "Job Search" doesn't mean you stop now and wait for people to call you. It should be called the Job Search "Job."
Understand that this is a JOB in itself. You wake up in the morning, you sit at your computer, (or go out) and you start networking through email, phone, and setting up interviews.
Don't forget the Job Classifieds section
Your job search should also include newspaper classifieds. Even though we live in a digital world, that doesn't mean that we need to disconnect ourselves from people.
At one point on a Sunday, I gathered all of the possible jobs that fit my skills from the Sunday paper. I looked through my contacts and tried to find any name that was inside that company (here is where LinkedIn.com comes in handy) and wrote a personalized cover letter to that particular person and included it with the resume portfolio. I woke up the next morning and went out with a stack of "resume portfolios" and MapQuest maps. I went the quickest route to hit all of the companies on my list, walked into the company, and handed my resume to the person responsible for hiring individuals.
Yeah, I hear you, "Oh, that is soooooo old school."
I say, "The street ain't that harsh."
The funny thing about doing this, half of the people I met that day remembered me and kept me in mind for future positions or opportunities. They noticed I got off my @$$ and wanted to make an effort of helping them to fill positions instead of projecting an image that I was at home waiting for people to come to me.
And of course, each company I stopped at would be entered into your Job Search Journal/Log.
The Digital Job Search
Of course, we couldn't have a complete job search without Internet activities. Here are some possibilities for a thorough job search on the Internet:
Indeed (http://www.indeed.com/)
Another one of my personal favorites. Indeed.com has the ability to create a search agent in the form of an RSS feed. So every morning you can check your feed reader for positions that meet your criteria.
I'm sorry, but I have to mention this. One other quick note about LinkedIn.com, they have a utility offered on their site called the Jobs insider.
This extension is absolutely amazing. It's offered as either an Internet Explorer or Firefox extension. It's free, so download and install it.
Let me give you an example of how it works.
I was on a job site looking through a list of jobs and found one that was really interesting. I clicked on it for additional details.
Immediately, the LinkedIn.com Jobs insider Sidebar appeared and notified me that the company on the job detail page that I was looking at had 6 contacts connected to that job and they could help me get that particular position. I clicked on the number 6 and it immediately took me to LinkedIn.com's web site with people I could contact to help me with this position. Amazing!
Job Search Schedule
Now that you have a general understanding of how a REAL job search works, here is an overview of my schedule that I wrote while looking back over my Job Search Journal:
Sunday
Wake up and check the Sunday newspaper. Look over the classifieds and cut out what interests you.
Research the companies and see if you have any contacts from those companies who could help you out with a name or recommendation.
Spend the rest of the day printing out resumes for those particular job positions. If you got a contact or name, print out a cover letter with the contact name and include it in your resume.
Monday, Wednesday, and Friday.
Mornings were analog activities
Distribute my resume portfolio's to the companies that I was interested in by driving to their locations. This had an additional benefit of getting the "stink blown off of me" during the week (translation: it got me out of the house and moving).
Afternoons were digital activities
Check my email for possible opportunities
Check the job boards for positions that fit my skills and submit resume's as well.
Even though it's analog, return any phone calls or start calling recruiters to find out the status of jobs mentioned previously.
Since Friday is heading into the weekend, most recruiters will or won't call back after 3:00p or 4:00p.
Tuesday and Thursday
According to a number of job recruiting places, Tuesday and Thursdays are the best times to schedule interviews, so it's best to keep these days open. The best thing to do if no interviews are scheduled is to proceed with the digital activities in the afternoon as discussed above.
Saturday
Review your Job Search Journal
Schedule activities for next week.
Get more resume supplies. :-)
Conclusion
I've covered everything in this guide from initially knowing about losing your job to making an actual job out of it. In this economy, you need to have a creative side of finding work, whether it's freelance or full-time.
Two other pieces of advice I have to offer. One is a product. A book actually. A book called What Color is Your Parachute? This book is definitely the handbook for determining what you want to do with your life, whether it's working for someone or working for yourself (an entire chapter is dedicated to that). By all means, pick up a copy to expand your job search abilities.
The other piece of advice I have is don't be hard on yourself and don't wallow in self-pity. You literally have a job to do. Start networking and prepare yourself for a career, regardless of what you decide. You control your life. No one else does.
I hope this guide gave you an idea of how much work goes into a job search. This guide was primarily for people who are out of a job for the first time and need some guidance and help. I hope I've provided that assistance.
If anyone has other suggestions for other job seekers out there, please post them in the comments below.
Lately, Firefox has been climbing in the browser ranks...and for good reason.
With the continuing growth of Firefox spreading throughout the web, Firefox's architecture to allow add-ons, themes, and plug-ins provides users with an absolute easy way to assist you in your travels on the information super-highway.
The Mozilla Foundation created a section on their site called Fashion your Firefox. They've organized some of their web-worthy extensions into categories for people who want to accessorize their Firefox browser.
The categories include:
Finder and Seeker
Social Butterfly
Shutterbug
Digital Pack Rat
Rock Star
Decorator
Shopaholic
News Junkie
Executive Assistant
Select the Extensions that you think will assist you and you're on your way.
It's amazing to see how far Mozilla has gone with their extension architecture. Firefox extensions even provide a way to replace applications with Super Extensions.
Are their other extensions that you think are better than this list? Post something below to start a discussion.
How do you survive this sort of thing? There are a number of things you can do in this time of crisis.
Create your own business
What better time than now to start your own business. Nothing like trial by fire.
If you have a hobby on the side, now may be a great time to think about dedicating your time to starting up a business based on that hobby. Talk to your friends and see if they would be willing to work with you as well. Who knows...You may find a fellow business partner who shared your same hobby or dream.
Start writing
There are a lot of great opportunities out there since the web spawned blogging and journalism. Determine what your expertise is and either start blogging on a regular schedule or write an eBook and sell it through ClickBank or other digital product site.
Learn a new skillset
Of course, you can always learn a new skillset if your existing skillset becomes either old or obsolete. Recently, Computerworld just came out with a report on the 9 hottest skills for 2009. Check out the list and see if you can apply or enhance your existing skills based on the list. Oh...and make sure you live in a city that has growth potential.
Join LinkedIn.com
The old adage "It's not what you know, it's who you know" holds true on LinkedIn. Make sure you register and start requesting recommendations/endorsements from your fellow co-workers. Then start focusing on the jobs portion of the site and start apply for jobs that fit you. Who knows, you may find that ideal, dream job through one of your friends.
Create a small widget and sell it
Nowadays, someone can create the smallest application and make a million dollars at it. Find a small widget that is cute, ridiculous, funny, or just plain gross and market it through the right channels. You might find out that a little idea can go a long way.
This list provides only five ways to tackle this economy, but there are definitely more.
Did I miss any? Post a comment below to further the discussion.
When a developer is brought in to a project, most managers believe that since that person is a developer, they should automatically understand the system. Not so.
Most businesses believe that if they lack a programmer with a certain skillset, they outsource the job to a programmer or programmers. It doesn't matter if it's in or out of the country, consultants or new employees.
When a new developer is brought in and introduced to a new system and asked to maintain it, they struggle. With the amount of "creative coding" applied across the hundreds of thousands of systems, managers expect a developer to pick up where the other developer left off.
As I've said before, all programmers "paint" a different image on their digital canvas. Writing code is no different than painting for artists. It may be more abstract than what another programmer is used to, but their creativity sometimes makes other programmers tilt their head and start twitching because it's not what they're used to seeing in code.
The amount of knowledge or skill for one developer may not be the same for another. As a matter of fact, if a new programmer is introduced to a new system, the amount of work is based on four criteria:
How much does the developer know about the system?
Joe Schmoe is considered an entry-level developer and cannot provide the same value that Joe Elite just gave to the project because he just designed the entire application.
How much business knowledge can the developer apply to the system?
Does the developer have previous knowledge in this line of work? Did he/she/they work on a similar system somewhere else? If not, there needs to be a ramp-up period for the new recruit to understand what the client is looking for and how the system works.
Can the developer get along with team members?
If a new employee/contractor is added to the team and the team starts to bicker instead of being productive, it may lead to a disaster for the project down the road. As the old saying goes, "Too many chiefs and not enough indians."
Is the developer a novice, intermediate, or advanced programmer?
If someone doesn't know the difference between a flyweight and singleton pattern and the project uses patterns, I think Joe Schmoe may seem a little overwhelmed with the project. This criteria should be addressed when interviewing individuals.
Even though one developer is replacing another developer, it does not mean the project will be successful or fail miserably, but it does mean that it may extend the length of the project. Usually, the amount of work required by one developer multiplies by at least 2 when a brand new developer is introduced into a new system.
I've seen companies take this route and they expect the developer to hit the ground running. Give the developer ample amount of time to absorb the requirements, design, and technology of the system before expecting the developer to perform the assigned tasks.
One developer does not equal one developer.
Jonathan Danylko
Have you experienced other criteria when outsourcing a project or brought in a new developer? Did I miss one? Tell me about it below in the comments section.
T-Mobile releases the G1, Google exposes two existing services, helps the world, and takes part in the Election 2008.
Wow, what a week for Google!
T-Mobile G1/GPhone
Of course, the G1 was released this week. I was waiting for the dust to settle down to find out if this was an iPhone killer or not. From what I've seen on CrunchGear with their roundup, it's pretty close, but not quite an iPhone. There are some features missing that may sway a consumer one way or another.
I'm still wrestling with paying $179 for the phone with a $25/$35 a month bill.
Google Contact Manager
The Contact Manager has been screaming to be built and released to the public since GMail was created. As you would expect, this manages your contacts throughout every Google service that deals with users.
It has a nice clean interface, allows you to set up groups, and add pictures to your contacts as well.
Google Moderator (apps engine)
Ok, it really isn't an existing service to the public, but according to Matt Cutts, Google Moderator existed internally at Google and was used for teams asking questions.
Google Moderator lets anyone ask a question and letting the users vote the questions either up or down as to which are the most important they want answered.
This moderator would also be an excellent way for companies to conduct feature matrixes for future products (i.e. Submit a feature for this future product.)
Google 10 to the 100
10 to the 100 is a call for ideas that help as many people as possible on this planet. Your one idea may even be worth $1 million dollars. Maybe even more.
Google has committed $10 million to implement your ideas and projects submitted through Google.
If you wanted to make a difference in the world, this would be the place to start.
Google InQuotes
Ok, let's cut through the poltical horse hockey! Since the Election 2008 is upon us, the media is feeding us so much information on candidates, we don't know what is right or wrong.
So, Google has created Google InQuotes. This takes all of the people running for office and collects all of their quotes regarding political issues. So if you want to see what Obama said about Iraq as opposed to what McCain said, check out this site.
My parents came back into town because of a recent death in the family and brought, of course, both laptops. For a recap of what happened before, check my past laptop experience with my parents.
The laptop my father was using was the Acer Aspire 5315. He didn't want all of the software on the computer. I found the OS disk, backed up his data, reformatted his hard drive, and voila! He had a clean machine.
The one piece of software I didn't install was the most critical piece of software he needed: The Acer ePower Management Utility.
Here's what the problem was: The Acer required the ePower Management Utility to control the fan. When the machine was used for an extended period of time, it would overheat. When the laptop overheated, the laptop would shut down to save the computer from melting down or damaging the processor. With the ePower Management Utility installed, the software would identify that the laptop was overheating and activate the fan.
Since then, we (*I*) have been benchmarking it by leaving it on, putting it into suspend/hibernate mode and everything seems to be working fine.
Now, it seems my parents are grateful because they each have a laptop.
How did I figure this out? Research. :-)
There was a whole post on this at the Ubuntu forums. It seems some other techno-geeks like me reformatted the hard drive and wanted to install Linux on the machine.
For those who own other Acer machine models, I imagine this would pertain to you as well if your laptop continues to shut down after 10-13 minutes of heating up.
The new Acer Aspire One is definitely small enough for the road, but is it good enough for my parents?
I recently had a visit from my parents. They were having problems with their laptop because it kept shutting down right in the middle of doing something important: email.
After they were here for a couple of days, I noticed first hand when the Acer laptop would shut down. I couldn't explain why it was happening. Possibly the battery pack or the power cord.
Eventually, I couldn't take anymore and started looking for a replacement for my parents while they were here. Because they sure weren't getting mine. :-)
I was starting to look over the Sunday ads and noticed that Best Buy had the Acer for $349. This was not the one that had a Solid-State Drive (SSD). This one actually had a 120GB hard drive inside. This was fantastic that at least one model had an internal hard drive.
MicroCenter also had the same Acer Aspire One on sale for the same price, but we went with Best Buy because of location, location, location.
We purchased it from Best Buy and got it home. Heck, I was more excited about it than my parents.
After cracking it open, I started installing (and removing) all the software from the hard drive. It came installed with Windows XP Home, which was what my mother and father were already used to and my mother kept asking me, "Can I use it now? How about now? Can I use it?" Ahhh...parents.
There were two drawbacks with this Acer: One, Bluetooth was not included, and two, I needed to install something from CD. Since the NetBook was so tiny, Acer couldn't install a CD/DVD drive would work with the NetBook.
The solution? First problem was easy: since the Acer Aspire One had three USB ports, I gave my parents a USB Bluetooth adapter just in case they had a need for it.
The second problem? I copied to CD to my server and added it from the wireless network. If I had a USB CD/DVD Drive, you could easily hook that up as well.
Overall, I liked it. I think they will be happy with it as well.
However, my father doesn't like the size of the screen, so it becomes the property of my mother. :-\
If you want some additional information and reviews on the Acer Aspire One, check out the following links:
For those who own a Sony VAIO, I would definitely make a call to Sony for replacing your laptop. Sony is recalling 73,000 VAIO laptops due to burn hazard. The recall involves faulty wiring where the computer hinge is located, resulting in short-circuiting or burning the user.
The laptops involved include the VGN-TZ100, VGN-TZ200, VGN-TZ300, and VGN-TZ2000.
The interesting thing about the recall is that it only affects certain laptop models. Even if you have a model listed above, you still need to call Sony and find out if you laptop needs serviced or not.
Randy Pausch passed away recently (Oct. 23, 1960 - July 25, 2008)
For those who haven't heard of this fantastic speaker, Randy Pausch was a Carnegie Mellon Professor and was diagnosed with pancreatic cancer. His doctor said that he was expected to live around 3-6 months.
When he gave his "Last Lecture" on September 18, 2007, he focused on Achieving your Childhood Dreams instead of talking about his cancer.
His lecture is nothing short of monumental and is something everyone should watch and absorb. If you take his perspective on life, I guarantee you will be successful.
Google posted a YouTube video in memory of this extremely charismatic and enthusiastic man. The video is 1hr 16min and 27 seconds...
Since I've been working at my full-time job (with overtime), working on two products, four websites, and continuing to work with my existing 15 clients, I've been trying to make time for DCS Media.
Unfortunately, there is only so much time in a day.
I will be taking a short hiatus from blogging. This includes Fireday as well.
Are you trying to find ideas to start your business? Keep your eyes (and ears) open.
It's been a while since I posted a business lesson and over the Easter weekend, I heard a joke that relates to even the smallest entrepreneur.
Here's the joke:
It is pouring rain in the flood plain of the Mississippi Valley, and the rising river begins to threaten homes, including that of a local preacher.
When water floods into the ground floor, a rowboat with police comes by, and the officer shouts, "Let us evacuate you! The water level is getting dangerous."
The preacher replies, "No, thank you, I am a righteous man who trusts in the Almighty, and I am confident he will deliver me."
Three hours go by, and the rains intensify, at which point the preacher is forced up to the second floor of his house. A second police rowboat comes by, and the officer shouts, "Now let us evacuate you! The water level is getting dangerous!"
The preacher replies, "No, thank you, I am a righteous man who trusts in the Almighty, and I am confident he will deliver me."
The rain keeps coming, and the preacher is forced up onto the roof of his house. A helicopter flies over, and the officer shouts down, " Please, grab the rope and we'll pull you up! You're in terrible danger!"
The preacher replies, "No, thank you, I am a righteous man who trusts in the Almighty, and I am confident he will deliver me."
The deluge continues. The preacher is swept off the roof, carried away in the current, and drowns. He goes up to heaven, and at the pearly gates he is admitted and comes before God.
The preacher asks, "Dear Lord, I don't understand. I've been righteous and observant my whole life, and I depended on you to save me in my hour of need. Where were you?"
And the Lord answers, "I sent you two boats and a helicopter. What more do you want?"
What does this have to do with being an entrepreneur?
Well, most people take things for granted or are blind to see opportunities around them. If you hear two or three people around you start a sentence with "I wish there was a/an <object>", "You know what I'd like to see?", or "Do they make something like <object>?", you are probably in a position to take action.
That last sentence is important. The key is to sit up, notice what people are missing, and take action. Don't let your ideas sit and ferment. Move on them!
Idea Generators
However, if you are coming up empty with ideas or opportunities, where can you find these opportunities?
Go Shopping (but keep your ears and eyes open) - Everyone is out purchasing products and this is a prime area of where to overhear someone asking where these items or products are located. If they are hard to find, they may head home and resort to the Internet for locating these type of niche products.
Social Networking Event - Gather your business cards and head out to a networking event. People love to put a face with the name and love to talk about their ideas with everyone. I had one person introduce themselves to me and I returned the introduction with what I do. They immediately said, "Hey, I've been looking for someone to do this <project>. Could you help me out or do you know of someone who could do this?" They've been a client of mine ever since.
Revisit what you've built - If you've built something for someone and there is a huge demand for this type of product or service, tweak it a little bit and reuse it. You may find out that you may be sitting on a goldmine when you release your revamped product or service.
Build a better mousetrap - If you have an idea, don't get upset because someone built one already. Two things to think about: 1). If no one improved on the wheel, we'd all have concrete wheels instead of rubber tires; and 2). Google didn't build a new search engine, they just improved it and made it better.
These are just a couple of ideas to generate opportunities, but there are many, many more. You just need to be aware of them.
Know when an opportunity comes your way and act on it.
Jonathan Danylko
Does anybody have other ideas on how to generate opportunities?
MS Outlook has been around for a long time, but maybe it's time for a little change.
Outlook is one of the best known PIM's around because it comes with and integrates nicely into MS Office. However, since Google has taken MS Office online with their Google Docs, maybe it's time to move from Outlook to Thunderbird.
But isn't Thunderbird an email client? Yes, but so is Outlook. As well as email, Outlook also includes a contact list, a to-do list, and a calendar for your appointments.
Thunderbird doesn't have these innate abilities that Outlook does. But you forget, Thunderbird has the same extension architecture as Firefox. If you search, you'll find some handy extensions that push Thunderbird past Outlook's functionality.
Here are some additional reasons why I'm moving from Outlook to Thunderbird:
Outlook is not portable - Besides Pocket PC devices, Outlook is not as portable as Thunderbird. I've never seen Outlook on a USB Flash Drive yet.
Outlook is a little top-heavy - Outlook contains hard-wired connections to the Windows APIs. I don't think (to my knowledge) that you can take the assemblys (or DLLs for the old-schoolers) with you without breaking a EULA.
Outlook is strictly Windows-based - If you moved to another PC that was Linux-based, you are out of luck.
Thunderbird is FREE - I know Outlook Express exists, but the difference between Outlook and Outlook Express is like night and day and to get the professional version of Outlook, I need to purchase MS Office.
Let's get started on moving over to Thunderbird from Outlook!
Assess your existing Outlook PST file
Since we are so close to Spring, it may be a good idea to look over your PST file and do a little "Spring Cleaning."
First, check to see if your Outlook PST is in need of repair. If so, the How-To Geek shows you how to fix your broken Outlook PST file.
If your Outlook PST file is huge (I've seen them at 2-3gb), see where you can trim it down a little.
Clean out your Trash - Next to your Inbox, this is the biggest storage hog you have. Clean it up!
Move your important "Sent" messages somewhere - In your business, you may need them. Delete ones that are completely irrelevant ("Hi, Mom, How are you?").
Archive your messages - Since it is the start of the year (or close to it), archive your 2007 software subscriptions and newsletters to another folder so it's not taking up any space in your Inbox.
There. Now that you've trimmed the fat, let's move on to the next step.
Installing Thunderbird (with some add-ons)
If you don't have Thunderbird, download and install it.
There are two additional downloads you need to make your transition to Thunderbird successful: Sunbird and Lightning.
Sunbird is a standalone calendar application similar to Thunderbird and Firefox, but is geared specifically towards managing your schedule. There is a nice Provider for Google Calendar extension that synchronizes your schedule with Google Calendar, so you can look at your schedule on the road.
Lightning is a Thunderbird extension that welds Sunbird's calendar into Thunderbird allowing your calendar and email to exist in one application.
After installing Sunbird and Lightning, the only thing left is to import your PST into Thunderbird.
Import your PST file into Thunderbird
As I mentioned above, Thunderbird's extension architecture is based on Firefox's architecture. This is awesome for extension authors because you can actually turn Firefox and/or Thunderbird into a completely different application.
Kevin Purdy over at LifeHacker.com found a great Thunderbird extension that imports an Outlook PST into Thunderbird. According to the site, this extension works in Windows and Linux. More reason to make yourself platform-independant. The extension is 1mb in size.
As soon as you install this extension, you are able to import your PST into Thunderbird using the Tools/Import... pulldown menu.
For my audience, are there any other extensions that make Thunderbird "Outlook-like?"
Tired of your Roxio burning software? Need to document your network? Check out these free utilities.
Over time, if you continue to pay for burning software or hire a contractor to document your network, the amount of money spent can become costly.
Fortunately, there are companies out there providing exceptional software that accomplishes both of these tasks.
First up is the site called MakeUseOf.com where they list all of The Best, Free Alternatives to Nero CD/DVD Burner software. One of the products on the list that I use the most is ImgBurn and loaded that on my portable USB drive.
The other list is comprised of network utilities thanks to PCWorld. The top 10 utilities for your network contains quality software for little or no cost.
I've used the Network Notepad to document some networks so I definitely recommend this utility. I'm currently testing out the rest of the utilities.
Are there any other top quality networking or burning utilities for little to no cost?
Here's some advice for freelancers on what to do and what not to do: John Rambo style.
After watching Rambo this weekend, I couldn't help but realize that John Rambo was a freelancer.
I'm not talking about the type of freelancer that goes crazy on clients the way Rambo attacked the enemy, but the way he handled himself before all of the fighting is what I'm referring to. Check out these similarities I noticed in the movie that relates to freelancers.
When a job comes along, you don't HAVE to take it. Rambo has been through a lot in war and even the hint of gunpowder can make the man go crazy. Even though the crusade was trying to save lives and had good intentions, they didn't realize what they were getting into, but Rambo kept telling them to go home. He was going to be paid handsomely, but still declined the offer. Analyze the jobs that appear on your radar. You're a freelancer. Decide whether you want it or not.
Always keep your cool. During the entire movie, John Rambo kept his cool and knew every situation he went into. If a client get out of hand, always remember to think about a situation before you speak. Possibly even diffuse the problem before it even becomes a problem.
Don't let a loudmouth intimidate you. This continues down the path of number 2. Lewis was pretty fierce in the movie and kept egging on John Rambo. But John Rambo didn't do anything. Heck, these were the guys who were going to help him even though Lewis kept pushing him. If someone is pressuring you or forcing you to get fired up, just keep this in mind: Most leaders keep their cool in hot situations and stay level-headed to make the right decisions. Don't let someone push you into making a rash decision. You may not like the outcome.
Step up and take action! As residents of Burma were being forced to run across a water landmine-ridden field, most of the mercenaries were worried that they would be found out if they started attacking. This was the fear factor setting in. They were there to do a job and, in my eyes, they failed at that point. If you are there to do a job or have a project that you even think will start making you money, don't sit around and wish the problems away or think you can't do it. You attack and start the ball rolling (even if the loudmouth doesn't start doing anything). Remember, action speaks louder than words.
Know when to pull out the big guns. Near the end of the movie, John Rambo got out the big guns. He saved the mercenaries who were near the boat because he knew he needed help. When you are knee-deep in bad guys or projects, know when to ask for assistance instead of trying to take on everything yourself. If you need help, pull out your big guns (your contacts in your network) and see if anyone can help with your projects.
I watched the movie last night (Sunday) and I thought it was pretty good. A LOT of killing, so make sure you don't take your 10 year old to go see the movie (which I saw a couple bring their 9-10 year old to watch it).
What disaster recovery steps did I take to make sure this disaster doesn't happen again?
I recently had a business client of mine call me and tell me that their hard drive on their server crashed and their business was currently losing money. Fortunately, it was just the operating system that went South, so a reinstall of Windows Small Business Server 2003 was in order.
After recovering their OS, all of their data was retrieved and everything was back to normal. They felt relieved that their critical data was backed up, but they asked me two questions:
What are our backup options in regards to the server and our critical data?
How can we recover quickly from a server meltdown?
Based on the experiences of when a company loses their data because of a faulty hard drive or server meltdown, users go into a panic mode and become reactive instead of proactive. Immediately, they start to implement disaster recovery plans, purchase the necessary hardware and software, and start to document their server settings.
It's amazing that all it takes is one time to become a creature of habit. Since they didn't like their existing backup plan, they asked if I could recommend a solid alternative plan for backing up their server and critical data.
A while ago before the hard drive crash, I recommended the setup of two physically separate drives: one being an OS drive and the other for their important data. This was definitely a smart move, because as I look back, they were properly backing up their critical data to an external drive on a daily basis, which was awesome. The operating system wasn't backed up at all. You can always reload an OS, but you can't re-key all of your data.
With that said, an OS drive that dies off still slows down, if not completely shuts down, a business for a day or two. So where to start?
First, the data...
No one likes losing their vital data whether its home photos and videos, accounting records, or even source code (gasp!).
My first recommendation in the backup plan was to order a USB External Enclosure and a hard drive for their critical data. The USB External Enclosures are around $20-$40 and the hard drive would be an appropriate size that would be able to hold all of their data.
The backup software I recommended was Cobian Backup. I've been using Cobian Backup 8 for a long time and I'm very impressed with it's reliability.
There are five reasons I love this software:
Cobian Backup doesn't have any malware, adware, or spyware.
It installs itself as a windows service, so if the power goes out and your server reboots, you don't have to login to the server for the service to start the backup process.
It allows you to set a schedule of when to backup the files (you pick the directory and files to backup).
There is an awesome feature of downloading files from an FTP site, archive them, and then send them somewhere else, possibly offsite.
This quality piece of software is FREE.
After installing the software and the USB external hard drive, their data was on a backup schedule of every day for six days, create an incremental backup of their critical data.
...then, the OS
I recommended two options for the OS backup:
With the hardware available today, you can easily create a RAID setup with an additional hard drive.
After the server is completely finalized and running for business to start up again, create an image of that server and archive it for later.
Instead of going with one solution, they decided to run with both.
If you aren't familiar with RAID, a RAID system has one primary drive that holds your data and one or more hard drives are connected to a RAID controller that creates a mirror of that primary hard drive. When a primary hard drive fails, the other hard drive picks up the slack and notifies the user that a hard drive was corrupted and needs replaced. The secondary (or additional drive) continues with daily operations until the primary hard drive is replaced.
After purchasing the hardware for the RAID system and installing the two hard drives and RAID controller, it was time to install the imaging software.
Lifehacker reported on a software package called DriveImage XML and I definitely recommend this software for home office/small businesses.
This excellent imaging software accomplishes the following tasks (feature excerpt taken from their website):
Oh, and the software is FREE as well.
Another option which wasn't used here, but I may be using at home is CloneZilla. According to the SourceForge site,
Clonezilla, based on DRBL, Partition Image, ntfsclone, and udpcast, allows you can massively clone many (40 plus!) computers simultaneously. Clonezilla saves and restores only used blocks in the harddisk. This increases the clone effiency. At the NCHC's Classroom C, Clonezilla was used to clone 41 computers simultaneously. It took about 50 minutes to clone a 5.6 GBytes system image to all 41 computers via unicasting and only about 10 minutes via multicasting!
After reading this description, I will definitely be looking into this for later. Having experience with this, I feel that I have a feeling a training class or company may have a desperate need for this type of utility.
Conclusion
These methods in backing up the server and critical data may seem excessive, but determining your disaster recovery plan should be in place now when your server crashes. Be proactive, not reactive.
It's your business and your data should be protected. Determine how to recover from a disaster so your business can continue without falter.
Do you think this is the best plan for a home office/small business? No? Write a comment below.
I want to thank everyone for a fantastic 2007 and I definitely look forward to an even more prosperous 2008.
I remember when I first started DCS Media back in 2006 that I couldn't sleep the night before launch. I was so excited to kick off this site.
To this day, I still have that same feeling with DCS Media as I did before. It was a passion of mine to always learn about the latest and newest technology and to provide quality reviews of software and services to small businesses and startups through the eyes of a professional computer technician/architect/programmer/technologist.
Re-Introduction
The primary goal of DCS Media in 2006 was to provide a site to my clients for viewing new technology available to help them with their startup or small business goals. This worked in conjunction with my love of technology and programming.
So a morphing began.
A combining of the two would be ideal for the startup/small business owner to know what type of technologies and ideas would be required for their business to succeed.
A Micro-ISV is a 1 or 2 person company that provides software and/or services to larger companies and it seems this term is becoming more and more well-known in the technology industry.
As DCS Media has grown over the past two years, I seem to be moving more towards a Micro-ISV profile. The site may change a little over the next year, but the categories will stay the same.
The primary categories that DCS Media focuses on are:
General News (WebWorthy)
Web 2.0 technologies
Small Business news
General Technology
Designer and Developer techniques
With the addition of tags over this last year to work in harmony with the categories, the site has been going strong ever since.
Upcoming features
For the startups and small businesses reading this, go for it! Make 2008 your year to shine. We hope that DCS Media will be a part of that.
For the existing (veteran) Micro-ISV's out there, I will be trying to make DCS Media more of a destination instead of a conduit by providing some new features on the site that will help you complete your projects on time, provide you with a better understanding of your clients, and provide the tools and technology to help you in making your business more profitable and maintainable.
In the next week, I'll be introducing new sections on DCS Media:
Five-Fix Award - A Firefox award that is given to the authors of Firefox extensions that receive a 5 out of 5 rating from the Fireday reviews.
Fireday Listings - Complete listing of all Fireday reviews in hReview format.
Online Tools for the Micro-ISV - An ongoing compilation of online tools for Micro-ISVs.
...and more throughout the year.
As you can see, 2008 is going to be quite a year for DCS Media and I want to make sure my audience is part of that success by further expanding the site with new toolsets and techniques to further your business success.
Happy New Year everyone, and here's to a great 2008!
Don't go completely crazy with AJAX. Use good judgment on how and when to use it.
Since my last post of when to use AJAX, a lot has changed in the ways of AJAX programming. New tools, ideas, and techniques are constantly being developed to support this latest and greatest craze.
Some developers just want use the latest buzzwords and technologies in their applications just to prove that they can build such a beast. Sort of like an "I climbed Mt. Everest" battle cry.
However, most applications shouldn't be built completely with AJAX from the ground up. Of course, AJAX and DHTML are two completely different animals. But that's another post altogether.
Just a Pinch
AJAX should be used sparingly like pepper on food. Just "sprinkle" it on some applications, don't dump an entire load of AJAX into your application. The more you add to it, the more complex it will become to maintain. Keep it simple and use it with good judgment.
My advice of where to put AJAX or how to learn AJAX?
Write your application with your favorite server model (ASP.NET, PHP, ColdFusion, etc.). Make sure it's functional before you even think of adding AJAX or you'll muddy the waters even more.
Then look your application over. Where would AJAX benefit your users? Here are a couple of suggestions:
Do you have an OnChange event on a dropdown list that completely refreshes the page? Instead of refreshing the page, make an AJAX call, return JSON, and fill in the proper fields.
Speaking of onChange JavaScript events, do you have cascading dropdowns? This is a perfect case of when to use AJAX. Selecting one item from dropdown A affects the list in dropdown B. Streamlining this process provides a better experience for the user (and they don't forget where they last left off).
Have a huge table/grid? Consider using AJAX or one of the many AJAX Frameworks out there. Instead of writing your own, may I recommend the Dojo JavaScript Framework. They just included the newly TurboGrid which is just plain awesome!
Waiting for a large page to load? Load the main page and then load the subcomponents through AJAX.
As you keep building web applications, you'll start to see places where AJAX does make sense.
I know I'm a little bit late on the Google paid links shakeup party, but I'm stating a case regarding my site with paid reviews or services.
Everyone is up in arms about the pay-per-post or paid links available and Google demoting sites because of paid links (Thanks for the update, Shoemoney). Personally, I'm in total agreement about what SEO experts are saying regarding the PageRank philosophy. Ignore PageRank and continue building your site with great content.
It boils down to your site having great content and your passion for that content. Period. If you don't have great content, then yes, you won't have much of a PageRank.
Now, my stand on paid posts.
Since my audience is geared towards the technology and small business crowd (a.k.a. a Micro-ISV), I always try to create quality posts that pertain to small business web devigners. So if I receive a request from a paid posting service (i.e. Pay-Per-Post, ReviewMe, etc.) and that opportunity is relevant to my audience and they could benefit from it, I will review it.
If there is an opportunity to review a site about curtains or mechanical equipment, chances are it won't be reviewed on this site. If there are more technology or small business campaigns, then yes, I may accept the review and a posting of a review will appear so long as it benefits my audience.
I'm trying to understand why Google would penalize a site for posting relevant review geared towards my site and audience. Because I'm being compensated for reviewing a site or service to benefit my audience? Or it's not "organic?" Hmmm...
The bottom line of paid links, in my opinion, are judgement calls to the authors of the site on where they'd appear. There is nothing wrong with getting a little compensation for doing a paid post so long as it meets this criteria:
The post should contain content that your audience will love and benefit from.
The review should be related to the primary subject of your site.
It has to be a well-written quality post that definitely portrays your site is meant to give a solid review of a service or site.
Ah yes, Black Friday. After everyone stuffs themselves on Thursday and rests, Friday comes along and everyone goes shopping...at 5:00a in the morning. :-)
The most popular Black Friday sites are listed below:
It's been over 3 years and today the final product is released along with the famous grid widget.
This is one of those days that is quite memorable for Dojo users: Dojo 1.0 is available today.
One of the greatest widgets included in the release is the grid widget. For those who haven't seen it before, TurboGrid examples can be seen on the TurboAJAX group's website.
In addition to the release of Dojo 1.0, Shane O’Sullivan has released three widgets designed for image-related sites built in Dojo 1.0.
The image widgets include Thumbnail Picker, Slideshow, and Gallery. For more details, check out his site for demos as well.
These three widgets show what can be accomplished with Dojo's JavaScript framework.
Nokia's N-Series is fast becoming a road warrior's companion.
Recently, I purchased a Nokia N800 for my mobile needs and found that there is an entire family of mobile devices. But after playing around with my Nokia N800, I'm beginning to realize that even though the hardware is there, the software isn't.
What I mean by the software is that it's not the operating system. It's the third-party community. There needs to be more software developed for the Maemo operating system. Heck, I'm still waiting for an MS Office package on the N800 (isn't OpenOffice available?)
Earlier this year, I owned a Palm T3 and being a truly committed individual to Palm, I waited to see which direction Palm was taking. It seems Palm is heading towards a smartphone mentality. A smartphone just wasn't practical for my needs (I like my devices separate).
But after six months of research and waiting, I took the plunge and purchased the Nokia N800. That opened my eyes and I started seeing other Nokia devices popping up that focus on mobility and functionality, such as the Nokia N95 with the Mobile Journalism Toolkit (Ref: CNet as well) or the new Nokia N810 with the attached keyboard.
In the grand scheme of things, I know Nokia is trying to compete with Apple and the iPhone/iTouch and they are doing an exceptional job with the N-Series of devices, but I also think they are focusing on someone else at this point.
If they can take out another mobile competitor along the way, they just might do it.
Anyone have additional thoughts on this particular direction Nokia is taking?
UPDATE: Even thought this is not a PDA or an iPhone copy, it is considered primarily as an portable Internet Tablet device.
If there was ever a great time to start a business, now is that time with two great contests!
Over the past month, I've been seeing a lot of people talking about preparing your ideas and building a business. Now, even the big names are getting in on the action.
Sometimes reaching out and examining how startup businesses arrive at their ideas is stimulating and invigorating. There may be some ideas that spring up from the creativity pool, but there are some that spring a leak and drain the pool completely.
Where am I going with this? It seems large companies are looking for creative ideas...and are willing to pay for them.
Intuit recently announced the JustStart contest where they are looking for the best idea for a startup and are willing to pay you close to $50,000 for your story. According to their site:
The best idea could score $40K in cash and over $10K in expert resources. Plus, two first prize winners walk away with $5K.
Enter the contest, it's easy. Tell us what you'll Just Start. Fact, fiction or fantasy. What have you always dreamed of doing? What are you resigning from and moving towards? And, how will the Just Start grant ($50k) help you strike out on your own?
So if you have a fantastic idea, by all means share it with the world. Who knows, you may be $40,000 closer to your dream job.
Wait...there's more
For all of you programmers out there, there is another opportunity for you to make more money.
Amazon's Web Services group are giving away $50,000 cash with another $50,000 of free web services to a lucky company or entrepreneur with a great start-up idea as well.
Amazon Web Services Start Up Challenge allows not only a programmer, but a non-programmer to come up with web site ideas. The entry form includes how everything would be defined in your business plan (provided you have one).
So, if you could create your own web site that incorporates Amazon's web services and it's creative enough, why not submit to both contests. Who knows...you may win both.
UPDATE: Oct-18-2007 - Entrepreneur.com JUST added this little gem regarding another site called IdeaBlob that is giving away $10,000 for great ideas.
Today's post is geared towards an energy-efficient Blog Action Day.
It's Blog Action Day and the topic is about how to make the world a "greener" place. On this blog, it deals with making a "greener" difference with your business.
A lot of large companies like Adobe, Hewlett-Packard, Palm, and Honda have taken the initiative to move towards a greener company. All it takes is one step to move towards a cleaner world.
If you are a Micro-ISV/small/home business, you can definitely make a difference by showing other large companies how green you can be. Start with one action below and move on to another.
1. Work towards a paperless or virtual office.
This is probably the biggest way to make an impact in your office. If your office is service-based, the paper you accumulate could be scanned and saved in a customer folder on your PC. Just make sure you backup your data.
2. Recycle your aluminum cans.
...or you'll have the "office linebacker" visiting your office. Also recycle glass, aluminum, and plastic.
3. Look for the Energy Star symbol on products.
Such as computers and laptops to save energy.
4. Save the energy by turning off the lights and your PC at night. Besides the server, I always turn off the PC's and lights at night to conserve energy.
5. Monitor your power consumption with Local Cooling.com.
This desktop application automatically optimizes your PC's power consumption by using a more effective power save mode.
These 5 steps are just the beginning. To continue your path to make you business more energy efficient, head over to the Blog Action Day or visit these other sites to help with saving more energy.
DCS has contributed $30 for the day to the National Wildlife Federation. It may seem small, but if enough people contribute to their own charity of choice, we can make a big difference.
The TurboAJAX Group is taking the TurboGrid (written entirely in Dojo) and incorporating it into Dojo JavaScript Framework 1.0 release.
This is absolutely great news for Dojo users.
Everyone has been asking "Where's the grid widget?" since Dojo 0.9 was first released (I was one of them). That question has been answered through a press release declaring that the TurboGrid will be released in the 1.0 version of Dojo.
One question I had answered was is it going to be the professional version or the free version? And then I came across this blog post where the press release was posted as well.
According to the blog post, they are including the buffed up version (I'll call it the professional version).
Since it's not the TurboGrid Classic, there are tons of features included. You have GOT to see this grid in action.
Everyone has a credit card, but does everyone know what the creditors do behind the scenes?
When you start up your small business, you look for cash in the most interesting places: banks, relatives, and maxed out credit cards.
Whoa, Whoa, Whoa!
NO CREDIT CARDS! I keep telling people that credit cards are evil. They definitely have their place, but be aware of how much you will inevitably be paying.
Using a cash advance on a personal credit card is bad enough, but financing a business using credit cards? Not a smart move. I understand that small businesses take risks all of the time, but there is a fine line between risk and stupidity, which may be a reason why some small businesses never get off the ground.
CareOne Credit discusses The Dirty Dozen Credit Card Traps and just proves my philosophy on how credit cards take more of your hard earned money for themselves. Prepare yourself for an informative article.
Look for other ways to make money for your small business besides charging!
One of the primary concerns that AJAX faces are security issues.
When you start building your web application from the ground up, it's best to think about security immediately.
Aleksey Shevchenko, over at Developer.com, submitted an article called AJAX Security, which talks about the different types of AJAX attacks and provides tips on how to programatically prepare yourself for such attacks.
Programmer's rejoice! Take existing web services and build your own online software.
Ok, Ok, Ok. Who still thinks Web 2.0 doesn't exist?
If you are still one of those skeptics who think there still isn't a Web 2.0, you're right.
Kind of.
Sort of.
Some sites aren't even considered Web 2.0 because of their site architecture.
For example, mention web services to someone and see if you get a blank stare. Being a programmer, I'm starting to realize that web services are becoming the hinge pins of Web 2.0 and for the coming of Web 3.0.
Let me explain.
When the Internet first became popular, everyone started building their piece of the information superhighway. After the web sites were built (Web 1.0), web services were introduced and added to the mix.
If your site included a collaborative effort, web services, and, optionally, all of the visual bells and whistles, then you had a verifiable Web 2.0 site (Reflective buttons and rounded corners need not apply).
Web 2.0 is currently where most sites build off of old media sources with a new and modern look and feel with social efforts. Developers took old sites and made their news publicly available through RSS feeds and programmable open APIs. Granted, there are some sites that haven't even moved forward with a 2.0-based mentality.
If you don't have the back end infrastructure or any web services available to the public, you may have a difficult time convincing people that your site has a Web 3.0 "personality" (Yes, yes, which isn't here yet, I hear ya).
in my opinion, Web 3.0 will be defined as a web site that builds on top of existing Web 2.0 web services if certain web sites provide that particular functionality. For example, if Site A uses web services from Site B and Site B goes down, Site A better have a backup plan for providing content or services to their audience or customers.
The reason everyone keeps calling it Web 2.0-this and Web 3.0-that is because of the versioning aspect of it. You're building off of what already exists. You're leveraging the Internet and it's vast resources at your disposal.
Web 2.0 is not about the big red candy-like buttons, the rounded corners, or the reflective images in your title (although sometimes it does help). It's a combination of two things: a technological progression of how the Internet is growing up and becoming a "program" itself and for the general community consensus to provide a name for the versioning that is occurring every single day.
Over the weekend, I came across a site that hosts a lot of AJAX techniques that are quite useful, I particularly like the charting feature.
The site is called AJAXDaddy and showcases some really outstanding techniques such as various table utilities (TableKit, Sortable Table, etc.), a 35mm Photo View (very nice widget), a Javascript carousel, a Fisheye interface, and many others.
Have a manager wanting to know why you would want to use the latest technology and says it's too new? Forward this to them.
I've been using AJAX since I saw the first post from Jesse James Garrett and I've never looked back. It's a technology that is definitely here to stay.
Being a programmer is great, but trying to convince upper management as to why AJAX should be used on the next project is a bigger undertaking than writing an application.
If you are still looking for that reason to implement AJAX into your project, Agile AJAX provides 10 business reasons to use AJAX in your application.
I use the Google Notebook on a daily basis and this is definitely a welcome addition.
Every day, I look through my RSS feeds, check my email, and start jotting down my ideas for future posts and thoughts into the Google Notebook.
This morning, Google Notebook put on a new face. I opened my set number of tabs and was frantically looking for the "Google Notebook" title. Ahh...Found it. Google now sets the title to your current notebook you were previously working on. Nice.
Two things were bothering me that they fixed:
The caret wouldn't disappear when typing. Big thanks to the Google Notebook team for fixing that one.
The content of your notebook is now inside a frame where the toolbar is visible all the time as opposed to just at the topic of a journal entry. It was tough when you had a long entry and wanted to create a link. Another big thank you to the Google Notebook team.
While I typed in a couple entries into a notebook, I was starting to get that feeling again. You know...the feeling when a programmer just knows when a program is stable and the coding works just as it should.
I don't hear a lot of press about the Google Notebook and I think it's one of the most important tools in a blogger/programmer/entrepreneur's arsenal.
My parents came back into town because of a recent death in the family and brought, of course, both laptops. For a recap of what happened before, check my 
For those who own a Sony VAIO, I would definitely make a call to Sony for replacing your laptop. 
