Happy Birthday, Cincinnati. A quick tour through all things Cincinnati.
I am just blown away that there are employees that would sell a user’s password for $150USD. Ii am even more blown away by the fact that they would admit to it.
This is a handy new development that allows you to run Linux (Crouton) in a window on a Chromebook. It also addresses some of the difficulties of copy and paste from ChromeOS and Crouton which is something I have been missing very much.
Obviously, you can run Crouton without this plugin by switching between full screen Crouton and full screen ChromeOS, but these just feels more seemless and integrated.
I chuckled my way through this post on ‘Why SOAP lost’ because it seems to be missing some fundamental observations.
SOAP (like Java) was designed for structured use in well designed systems. most developers shy away from anything structured. It gets in the way of just writing code (or more frequently, downloading code and pasting into the editor). Much better to use JSON and write a bunch of validation code than to use SOAP/XML and re-use existing robust, well tested parsers and validators. I know, I am making a big assumption there – that a developer would actually write validation code. The more ad hoc the development process, the more ‘agile’ it is and that is good, right? Ask your friendly neighborhood QA and operations people about the value of optimizing for slap-dash development versus designing for sustainability, consistency, uptime and performance.
XML is ‘much harder to read’ than JSON? Right. Give someone a JSON document with 2-3 levels of nesting and an array or two and see how much easier they think JSON is. XML can be verbose, but that is for the purpose of clarity. Oh, and kudos for adding the line breaks in front of the namespace declarations to make your example XML look more ‘verbose’.
I’m not sure I understand the comment about SOAP usage of HTTP POST being a hardship because it can’t be tested in a browser. Easily solved by using something like the POSTman plugin in your browser. And I suppose the author is one of the service designers who doesn’t use anything but HTTP GET and returns everything (including errors) with an HTTP status of 200. Because, you know, that is easier – especially when your production environment is a browser and not a server or something exotic like that.
The last set of bullet items in the post is missing a little something as well:
Laziness, when it is the primary decision criteria, optimizes for development and sacrifices everything else. That is like optimizing for 5% or less of the lifecycle of that code. Just dumb. Be a nice person and drink your steaming cup of STFU when your YAGNI snark causes 20 hours of production downtime a month because the code has no design rigor behind it and certainly doesn’t take supportability concerns into consideration.
Outstanding detailed article on using two-factor authentication with the Mac OS X operating system. Note that there is a lot of good follow up in the comments section as well.
I bought a yubikey neo back in October and have been using it with Google’s U2F implementation. I think that this is a smart way to go security-wise and I am glad to see that Google is making it easier to take advantage of. You can also opt for the less expensive yubikey standard if you don’t have a need for the Near Field Communications (NFC) capability on the yubikey.
I found this posting to be a bit swear-y (you’ve been warned), but otherwise on the money.
The final paragraph nails it (I have definitely seen my share of those ‘success’ messages:
Above all else, have a wonderful holiday season and give your teams a break until the code freeze is lifted in mid-January. Then you can get back to shoving Agile on people, making them work 60 hours a week again and then having your directors send “we did it the Agile way!!!!” success messages after the project you executed took production offline, took twice as long to finish and cost 3 times as much.
It seems like only yesterday it was 2014…
I saw that Google is testing a password generator for the Chrome browser. Hmm, I wonder if that means that they will stop storing passwords in clear text?
Password-generating tools like LastPass, 1Password, RoboForm, and others are a mainstay of browser accessories, and are often recommended by security experts because they can help create and manage “strong” passwords. “Strong” refers to passwords that are difficult for hackers and computers to guess. Google’s effort, if it makes it into the regular version of Chrome, could encourage other browser makers to build password generators and make the field more competitive.
1Password has the advantage that it is multi-platform and not tied to a single browser, which I consider to be a very good thing. Having each browser create its own incompatible password manager would be even worse that each browser having its own incompatible HTML interpreter.
Another recent post, again focused on API design, but could/should apply to all tech efforts (The Four Principles of Successful APIs). This time the guidance takes a slightly different approach:
1. Understand The Strategy
2. Decide Who You Are Really Designing For
3. Start Small and Iterate
4. Architect for the Long Term with Abstraction
#2 sounds like a component of #1 – your target user base should be part of your strategy. #3 is a good opportunity to apply the consistency principle from the previous posting. #4 is interesting because abstraction seems to be a hard concept for developers who tend to think that API = CRUD overlay.
I had to chuckle when I read through this post titled When crafting your API strategy, put design first. It is very high-level and could/should apply to anything. Here are the main points:
Design for consistency
Design for scale
Design for people
Check. Yes to all of these. I suppose some folks need to be reminded of this. Especially the ‘sling code first and declare victory at some arbitrary point’ proponents. The ones with 60 hours of production downtime a month because design ‘just slows them down’. Apparently downtime doesn’t slow them down, but it sure slows down the consumers.
Another chuckle was this paragraph, which is nearly a direct quote from me (emphasis added):
Planning too little is dangerous. But so is planning too much. This isn’t a science experiment to find the ideal design. Perfection isn’t the goal: consistency is.
IBM’s Watson is not just good for game shows – apparently it takes a turn at bartending: This Cocktail Concocted By IBM’s Watson Isn’t Half Bad
What You’ll Need:
1.5 oz. coconut milk
3 oz. white rum
3 oz. banana juice
4 oz. pure pineapple juice
1/2 oz. fresh lime juice
10(ish) drops blue food coloring
2 USB sticks for garnish (optional)
5 oz. Sprite or similar soda
I saw this whiny article in the Washington Post that was just begging for a response. The gist of the article is that the author got a Computer Science degree and wasn’t given his dream job out of the gate. This then becomes an indictment of the education system rather than the typical sniveling millennial i-wasn’t-given-the-world-without-having-to-work-for-it screech that it is. Let’s take a look at some quotes from the posting:
My college education left me totally unprepared to enter the real workforce. My degree was supposed to make me qualified as a programmer, but by the time I left school, all of the software and programming languages I’d learned had been obsolete for years.
The think this belies a misunderstanding of how higher education works – it is not what you are given, it is what you do with it (the whole learning how to learn thing). It is as if he expects to read a book on swimming but never gets into the pool; and ‘surprise’ he really can’t swim because he put no effort into applying the learnings. Also, if ‘all of the software and programming languages’ were obsolete, what were they teaching? FORTRAN?, RPG?, Visual Basic?
To find real work, I had to teach myself new technologies and skills outside of class, and it wasn’t easy.
Poor you. You should have been doing this all along. The Computer Science curriculum should be teaching you fundamental concepts in how computers work, programming concepts and techniques that can be applied across specific programing languages, databases and platforms. Actually, it is a bit shocking how many recent CS grads don’t have a grasp of fundamentals.
Businesses aren’t looking for college grads, they’re looking for employees who can actually do things – like build iPhone apps, manage ad campaigns and write convincing marketing copy. I wish I’d been taught how to do those things in school, but my college had something different in mind.
Businesses are indeed looking for those things, but they are looking for people who can learn and grow and apply what they have learned in the past. If you have a CS degree and can’t figure out how to write an iPhone app you either had a horrible curriculum or slept through most of your class time. The fact that you weren’t specifically trained for that is not a problem with your education. Rather it is a failure to apply what you should have learned.
At least 90 percent of my college education (and that of so many others) boiled down to pure terminology, or analysis of terminology. My success in any given class was almost wholly based on how well I could remember the definitions of countless terms – like the precise meaning of “computer science” or how to explain “project management” in paragraph form, or the all-too-subtle differences between marketing and advertising.
Wow. Ok. So, if that percentage is accurate, I can see why you can’t get a job. When I got my CS degree (many moons ago) that was maybe 1% of what we were taught.
To me, this is the root of our college problem: The average college student is paying $30,000 a year for the chance to learn valuable skills from professors who haven’t had the opportunity to learn those skills themselves. Maybe it’s a crazy idea, but if you’re going to spend all that money for a college education, shouldn’t you expect to learn real-world skills from people who know what they’re doing?
This seems excessively harsh and a bit misguided. If you want to be learning what is new and trendy, go to a conference, a user group, or actually talk with people who are doing interesting things. By the time those things get packaged up into an approved curriculum, the technology might be on the stale side. But, again, if you don’t understand the fundamentals, you are not going to be able to effectively apply new technology and concepts. No one can give that to you at any price.
Solving the issue of inexperienced teachers may be even simpler: have schools relax academic requirements for professors and focus far more on hiring effective businesspeople. With a little more leeway, academically-minded candidates will have more freedom to gain job experience, and schools may even attract more talent directly from the business world. Success in business and success in the classroom are certainly different things, but I’d wager that it’s a lot easier to show an accomplished businessperson how to teach than it is to show a teacher how to be an accomplished businessperson.
So it sounds like what you want is for all universities to be trade schools, focused on cranking out very specific skills and techniques rather than more broadly educating students and preparing them to apply a wide set of competencies to a range of problem domains. This sounds a bit like the certification trap from the 90s – go get a very narrow, often vendor specific certification but still have no practical experience in applying that knowledge. When that vendor falls out of favor, you are a bit stuck unless you can teach yourself the reasoning and abstraction skills you would have learned in college.
To steal the trite closing from the original article: But what do I know, I have been happily applying my Computer Science degree for nearly 30 years with technologies, programming languages and platforms that never even existed when I graduated.
One of the things that I really like about the Android ecosystem is the degree to which you can customize it to suit yourself (and not what some designer in Cupertino thought was good enough). This extends to the newly released Android Wear devices (I opted for the Samsung Gear Live).
I just discovered a new widget app called Zooper Wear – Square Wearables that brings useful aggregation to Wear notifications. I really like having a consolidated view of the number and type of alerts all on one screen. Throw in current temperature and battery level and I am sold.
Interestingly, top coffee drinkers are from countries that probably couldn’t grow their own coffee if they tried.
America might be famous for running on coffee, but it doesn’t run on much. Not compared to a handful of other countries, anyway. When it comes to actual coffee consumption per person, the US doesn’t even crack the top 15.