Sybreon Ones Nought

http://picasaweb.google.com/s/c/bin/slideshow.swf

Well, these photos were taken months ago when my whole family went to KL Tower for dinner. In case you didn’t know, KL Tower is a communications tower in KL. It is a tourist spot as it offers a 360 degree sky-line view of the city. Also, there is a rotating restaurant at the top, which does not have very good food but I cannot argue with its view. It makes one full rotation in 90 minutes, which means that diners will be able to see the whole city at least once, while they dine. It is a little pricey though.

EVE Online looks like a pretty nice game. The only catch seems to be the number of players – only 300,000 spread across the world. That really limits the number of active players that one can interact with at any one time. I like the fact that it is an emergent world, though.

There are far too many IT ‘experts’ set loose upon this world that it is no longer a safe world to be in. I cannot believe the number of responses to the question on how to filter HTTPS traffic through a proxy server suggested performing a man-in-the-middle attack on their own networks. To me, this is just totally brainless and intolerable. Good thing that most of these people do not actually work in IT security or administration (at least I hope that they do not).

I cannot even begin to explain why it is such a stupid idea to use that method to control HTTPS traffic. It is the lazy man solution to the problem. The trouble with this method is that it totally undermines the security of HTTPS traffic. It allows the proxy server or system admin guys to actually sniff the sensitive data traveling inside the secure connection. If the employees are doing banking online, this would allow the server to actually see private and confidential information. That breaks the whole security chain.

The best way to do it would actually be to filter the traffic externally. For example, the traffic pattern can be analysed to determine if it is a streaming connection (possibly streaming video) or if it is a transactional connection (possibly online shopping and banking). It is also possible to block HTTPS connections to certain websites by analysing the CONNECT command used to initiate the transaction through the proxy. Obviously, all these other methods are more difficult and require more work than the lazy man solution.

I most certainly hope that they do not use the lazy man solution at work. Just to be safe, I should refrain from doing my online banking at work.

Just last week, I was making a speech about how offensive driving is actually a good way to drive but I did not have any proof for it. I based my entire premise on the assumption that offensive driving would create a buffer zone around the driver, thus making it actually safer for the driver. If everyone drove offensively, things may actually be good. Then, here comes some research to show that offensive drivers actually prevent traffic jams from happening.

The interesting finding is that if most of the people are law-abiding, and you have a certain amount of people who are breaking the rule, then you are actually getting the minimum chance of a traffic jam

Well, it’s good to know that rule-breakers are actually beneficial to the overall traffic conditions.

Because rule-breakers “carve out their own path,” Flynn said, they dilute large concentrations of rule-abiders moving in the same way. He pointed out an example familiar to anyone who has driven on a two-lane road: breaking the speed limit to pass a slow vehicle prevents a long chain of cars from forming.

Her research showed that tailgating drivers were more likely than a non-tailgater to have a car in the lane next to them, so they weren’t just speeding up in order to change lanes. She also found that these short time headways tended to extend across several vehicles, creating a platoon.

The conclusion of the article was that, feel free to break traffic rules because they help improve the flow of traffic. However, do not tail-gate because if we do, chances are that everyone else is doing it too, which will increase the likelihood of accidents.

I had just finished attending an advanced project management course today (it is worth 14 hours towards the PMP certification exam). In parts, it was a great refresher course on the stuff that I had forgotten since taking the courses at university. I also learned a few new things through the course. Taking this PMI process and the previous CMMI process together, I have come to some rather curious insights.

The main insight is that most of these processes like to say that they work just as well for anything but I think that most would probably face problems with open source development. I also started to realise that most of these processes require a well-defined hierarchy and job-scopes in order to work. This would probably be useful for larger organisations but would not be very useful for small ones where there is virtually no hierarchy and everyone did everything. It is not that these small organisations lacked processes, they merely had very different processes. Then, if we bring in the issue of open source software where anyone can contribute, it brings about an entirely different organisation and process again.

Firstly, communication channels. In a traditional structure, the number of communication channels is smaller as there is always a reporting hierarchy. However, in an open source project, the communication channels are less obvious because the stake-holders are more numerous. Anyone who has ever contributed any piece of code can be considered as having a direct stake in the project. So, the reporting hierarchy would paralyse traditional processes if they were to be adhered to. Imagine an organisation where your customer wasn’t just an external stake-holder but was also a co-worker and active participant in all the steps of your process. Now, imagine that multiplied by everyone else because every one of your co-workers and you yourself, was also the customer.

Secondly, job descriptions. In a traditional structure, everyone would be assigned roles and responsibilities. While there may be some crossing of boundaries, that would be the exception rather than the rule. In an open source project, responsibilities are not assigned but rather taken on by anyone who wishes to be involved due to the spirit of voluntarism. So, in your traditional process, you could transfer responsibilities but in an open source project, you couldn’t. There would be a lot of crossing of boundaries in open source development, often with a single developer contributing to multiple modules in the system and then being both accountable and responsible for those contributions.

I’ll give you an example of a kind of typical problem. Let’s assume that a feature needs to be added into the software. In a traditional process, someone (whether the client or management) would need to initiate the change, then the process kicks in and we study the impact of the change before kicking it up to the change board to decide whether to make the change or not. In an open source process, anyone can initiate the change, and then proceed to implement the change without approval because it would be faster than studying the impact of the change and if it turns out that the impact is negative, all changes can be rolled back.

So, while I do think that processes are integral to any software development process, I have a feeling that the traditional processes may not fit in easily and a lot of tailoring will need to be done.

I have just read the blog entry by Paul Graham called such. In fact, in my personal experience, this concept of profitability is very important. In fact, I used to call it breaking even. It is essential that any new start-up reach this point of “ramen profitability” in under 20 months. If they can hit it within a year, that would be terribly splendid. The reason is simple.

Once a start-up is able to make enough money to feed itself, it can focus its efforts at growing rather than survival. There is a massive difference between the two states. Survival is about doing anything and everything possible to make money. Sometimes, founders may end up doing something totally different from what they imagined they would do, all in order to raise some money. In fact, I actually encountered the same situation before, having to switch to trading when money was running low. I won’t tell you how low, but it was low enough to force me into eating one meal a day only.

That is why, if and when I do get back into the game, this idea of “ramen profitability” will be right at the top of my list of goals. I know of another company that managed to hit this goal within 6-months of opening and they have been growing year-on-year since. In fact, I would argue that instead of focusing on making big bucks, all start-ups should start by focusing on doing that which is necessary to make money fast. The reasons are aplenty and they are mentioned in the article.

So, three cheers for “ramen”!

Oh noes! What am I ever going to look forward to on telly now that she’s gone? I grew up wondering who was the genius behind all those PETRONAS advertisements and that genius has gone to sleep somewhere better. I was also a fan of some of her local films like Sepet and Gubra. I actually bought the original DVDs for those films in support of her message. You have to really watch her films to see that she was trying to send a really clear message that we have to do something about what is happening in our country.

Love her to bits. Now she’s gone. What to do?

Show you something that you will never see in the Malaysia today.

But maybe, we will see it in Malaysia tomorrow.

Her message. Hope that we all get it.