Skip to main content


Showing posts from March, 2012

Startups, Incubators, and Hackathons are Evil!

I want to build my own startup!

I remember a conversation I had with my father about 30+ years ago. He was recently retired for the second time when we were talking about potential businesses. There was a time when he was the president of his own company and I always thought that when he retired I would take over. Anyway that was the message in the media in the 70s. Now it was time for a new future. As we discussed businesses he mentioned that over 90% of all new businesses fail.

Shit... what was I going to do now? (if I had to do it all over again I would have minored in computer science instead of majored)

I don't know what the numbers are today but I cannot imagine that they are any better. And let's be specific... the percentage of tech startups that succeed has got to be lower that that.

I want to be at a hackathon!

Until I decided to include hackathon in this article I had no real idea what it was. Some weeks ago I wrote about the social aspects of hackathons and the hiring p…

Why is Mozilla investing in Rust?

A very long time ago I was having a conversation with peers that spilled into a blog post. At the time I was noticing that all of the big boys like Google, Yahoo and others were gobbling up language gurus like Guido.

Now, in hindsight, Mozilla is creating Rust. I do not pretend to know what their real motives are but I do find it interesting to observe. Mozilla's history is all over the map. It was commercial, then it was open source and non-profit, then it was commercial again under AOL and then it was open-source and semi-nonprofit as the Mozilla Foundation... or something like that.

It just seems curious to me that they would go this route. They have 3 or 4 successful projects. They have uber cool tools that are functionally cross platform. I don't think they do any pure or applied research in languages to this point in time. Why Rust?

Google's GO fills a need and they are clearly going to direct the future of the language. Unlike the days of the IBM and Microsoft - OS/2 a…

Programming Challenges are "de-motivational"

I think the title of this article give away the ending. Sorry... I suppose you can stop reading here.

Thank you for reading on... I recently applied for a programming position. In the initial response email from the hiring manager or HR I received a response like:
... and then there is the programming challenge ... and it should take 2 days.
Really? Are you kidding? You want me to give up 2 days for what? That was my unfiltered subconscience speaking. But really, that's a lot to ask. Specially when someone is going to take my 2 days of work and skim it for some quasi critical check boxes and make a summary evaluation.

So I said no.
As for the programming challenge. With over 25 years of practical experience and interviewing on both sides of the fence... I do not do programming challenges if I can help it. They are (a) subjective (b) generally insulting (c) trumpeted by junior silicon valley programmers (d) perpetuated by myth (e) and a sign of lazy managers.
I've written about this …

tmux is better than webex

Many of my clients use webex, go-to-meeting or one of those desktop presentation programs in order to share a desktop and get some work done. They are really nice when you have display slides, GUIs, and sometimes videos. About the only problem with the scenario is that it take plenty of bandwidth for just a terminal session... along with the audio.

I'm new to tmux, however, I've used GNU Screen for years. Screen has the ability to share a terminal session but it's not very friendly or easy when compared to tmux. The PragProg book has some nice recipes for tmux and is worth checking out.

Using tmux for paired programming (not a favorite) is easy. And tmux is specially nice that it let's one or both users to work in the session but you also get to do other things if you want to be in readonly mode. tmux is installed by default on any OpenBSD installation ... I think it's a tool you can trust. Also, iTerm2 had some plug-ins for tmux but that requires a custom version.

"Unfortunately, we'll reject most software developer job applications."

Andrew Stuart of Supercoders in Australia made the bold statement that is the title of this response. While I understand the point he is trying to make he has selected an example that demonstrates that he does not get "it".

He insists, in his article, that potential employees know the [parochial] definition of private, protected, public, abstract class and interface.

There was a time when I knew the definitions word for word. The GOF were also a part of my indelible memory... but as time progressed and as open source took a foothold idioms like protected and private meant less and less.

Back in the day when library vendors were distributing binary-only files private and protected meant something. It meant that the vendor could hide the implementation details. This was usually necessary when there was some intellectual property in play. It's simply not the case any more.

Going back to Andrew's comments. I don't know many a-list developers, programmers, architects - th…

Little Snitch - Network Monitoring

One of the really neat features of Little Snitch(LS) is that it has a small dashboard that indicates the network i/o for a particular destination. There is a console version of that feature for the Linux set called iftop (there is a version for OSX too). But as I sit here considering LS I'm thinking that it was good in it's time be that is not the case right now.

LS has a "rules" engine where you specify the application and what remote systems it can connect to. But as I look at the rules they are all enabled. So what benefit is it?

In order to install the OSX version it's best to have already installed MacPorts. Then install iftop.
sudo port install iftop
(clearly you need root/admin access to your OSX system).

Once you have iftop installed you can launch it with:
sudo iftop
You need root access because intercepting the network packets requires root access.

GO's missing feature fulfilled

I really like the GO language, however, I've had a couple of complaints that prevent me from using it in production. (a) the language has been a moving target and it seems that the 3rd party library developers have lost whatever momentum they had. (b) the absence of a version manager like RVM for Ruby or VirtualEnv for Python.

Well we cannot do anything about (a) because it's as much political and emotional as it is technical and cost. But having (b) in our back pocket makes development so much easier(GVM - go version manager). I think once it makes it into the mainstream of GO development more real progress is going to be made.

Go offers a nice balance between perl, python, ruby, java, erlang, lisp and a few others. With it's memory management, sockets, IPC, datatypes, compiled, formated, syntax... it's just a nice balance.

Where are my machines? (nmap)

I do odd jobs from my home office. It's not much but it supports my hobbies. Recently I was handed a POS and asked to configure it/integrate a new PinPad from a vendor that was not already supported.

The first task was to login. It was a linux based system with an ethernet port and ssh-server running. When the machine boots up it calls for an IP address from the local DHCP server. In my case the DHCP is served by my firewall. Depending on the type of software running on the DHCP server sometimes they list the IP address leases. This one did not.

nmap is a tool used to locate hosts and open ports. It has a number of good and bad uses.

The first step is to install nmap. This is simple on most Linux distros. Since the system I'm on is OSX I had an extra step. Assuming that I already macports already installed.
sudo port install nmap
Once the installation was completed I needed to execute the search.
nmap -v -p22
"-v" is the option for verbose

"-p22" is th…

What is so interesting about the Flask microframework?

I get that Flask has a lot of the same design patterns that Ruby's Sinatra has. I suppose if one used a metadata approach to application construction/deployment that you might be able to basically interchange between them.

I did a search hoping to find out the differences between Flask and Tornado. I was rewarded with a page from the the Flask development doc. The contributor was suggesting that one might link or cascade Flask with either Tornado, Gevent, Gunicorn or some other proxy setup.

While mentioning Tornado the contributor says...
Tornado is an open source version of the scalable, non-blocking web server and tools that power FriendFeed. Because it is non-blocking and uses epoll, it can handle thousands of simultaneous standing connections, which means it is ideal for real-time web services. Integrating this service with Flask is a trivial task:
In the deployment section of the doc Flask makes is clear that the built-in webserver is strictly for development. The reasons are pro…

Programmer DNA in your code - "In Plain Sight"

In a recent "In Plain Sight" episode the writers tried to suggest that the bad guys, given enough CPU cycles, could identify and geographically locate an individual programmer based on his code's DNA.


I implemented some algorithms as an undergrad that could compare two documents and determine the likelihood of plagiarism. But in this case (a) the english language (b) comparing two known documents.

I would like to think that I'm not the only one that realizes that the potential for matching two snippets or even complete source trees is as unlikely as proving program "correctness". (when I was an undergrad that proof could not be completed)

First of all the number of syntax permutations is infinite. The problems they solve are equally as large. Variable name substitution does not count, and with applications like gofmt and IDEs that reformat and inject comments... one is more likely to identify the IDE and not the programmer.

Tower App Missed the Runway - BitBucket

I like Tower. It's a strong GUI in front of a DVCS that can be hard to manage if you're not completely versed in it's execution. Even with quality books from PragProg it's still a challenge. So Tower is welcome.

This week they announced support for BitBucket. BitBucket is a DVCS based on Mercurial instead of Git. (BitBucket does have a Git option when creating repositories.) So when the announcement was made I was pretty excited.

I use both GitHub and BitBucket. GH is perfect for my public projects and BB is perfect for my private projects.  It's all about the cost.

Naturally I was excited when they mentioned the BB support. I thought... one tool, two repos.

But that is not the case. There is little or no documentation on this feature. The "manage repositories" is very unclear and the behavior seems to be adaptive. To what, I do not know. The one thing that is missing is a statement like:
While we have support for BitBucket, we are still limited to Git reposit…

Sparrow (Mail app) falls short

SparrowMailApp is actually a functional mail application both on the OSX desktop and iOS iPhone. The key, however, is that it is a standalone and it simply does not integrate well.

On the desktop, unlike MailplaneApp, it downloads an caches all sorts of data even though it's using IMAP. And if you have one of those new MacBook Air laptops then you probably do not have enough disk space and/or the sync process when you use multiple computers is just silliness. Also, if you use GMail heavily, as I do, then you probably also use google voice which unless you have unlimited minutes on your phone you'll need google chat in order to use your computer as the endpoint.

The iPhone app is another nice try if you use it as a standalone. (a) it does not use notifications (b) it does not check your email in the background (c) it does not integrate into other applications like Instapaper in order to email links or texts. There are some workarounds like Prowl and BoxCar but after using it for …

Crossroads has forked ZeroMQ

I understand the mission but crossroads has a long way to go. They should not be at version one until most or all of the client libraries fall in line.

I'm all for a more stable source but their major complaint might be better resolved in github rather than a fork.

Good luck either way. I'll be watching.

What is the current employment situation?

I always follow several job boards regardless of my work status. The quantity and quality of the postings act as an indicator as to the type and availability of potentially interesting and lucrative opportunities. Sometimes you can sense a migration from contract work to fulltime and vice versa as companies adapt to the economics.

Obviously the best opportunities come from personal connections and not cold calls.

According to news and government reports there are lots of available jobs out there. Suggesting that employees have the high ground. So it was interesting to me when I spoke to a professional recruiter the other day and he said that employers currently hold the upper hand. That employers are reluctant to hire people and that they have to be a perfect match. And if you want that next job you're resume needs to read exactly like the requirements.

Keep in mind that if a recruiter has a perfect position for you, and they know it when they see it, you could present your resume us…

JSON and more JSON

A few articles ago I wrote about processing CDRs from an asterisk server. One of the design decisions I made was using very simple JSON messages as the message payload from the publisher to the subscriber. As most are familiar with JSON it's a key/value container represented in UTF-2/ASCII. The format of the message is well documented and widely implemented.

There are a number of alternatives to JSON, like BSON, s-expr, msgpack and a few others. I settled on JSON because it was trivial to hand code a JSON payload without having to make any decisions and that it mapped to/from hash datatypes in python and ruby.

In the article I wrote the publisher in C and the subscriber in Ruby.

The publisher was an not an easy decision but by the time I committed to C I had a plan and it's just one page of code for JSON, Redis and a but of parsing. (this code had to be fast and small for the reasons discussed in the article)

The subscriber was a different. It did not have to be all that fast... b…

Where is TopView now?

Back in the simple DOS days, and prior to even Windows, there was a movement to get multiple applications to run on the desktop at once. There were several solutions. Some were text only. Others supported text and/or graphics. Almost all of it was 8-bit color. Of course the first Apple Macintosh was release in 1984 but it was not doing any protected mode work and the more advanced processors had only started to roll of the Intel.

One of my favorite operating environments was TopView. By todays standards it's not that impressive but then again given the amount of memory, disk, and CPU we had in those days; the team did an amazing job. I met the team of developers once. They worked in a small set of 10-ish windowless offices that could only be described as in the basement. (as basements go in Florida). It truly felt like a dungeon.

Some time later Quaterdeck released a project called DesqView. I used and upgraded that puppy for years. My operating environment is not much different tod…

Reliable Asterisk CDRs

This is going to be a long and technical article pertaining to the capture of CDRs (call detail record) using the custom extension file and an AGI script.

I designed, built, deployed, and maintain a number of asterisk servers which are used as part of a VOIP arbitrage system.

The first generation system, which inherited, was a single system that housed the Asterisk server, database server for CDR and other billing and reporting data, and a PHP webapp that reported on the data. The system worked (a) when the volume was low; (b) when the overall amount of data was low. Needless to say I was brought in when the "system" (1) started hanging (2) losing call detail records (3) webapp could not return result before the browser would timeout. It was a mess.

The new system uses multiple systems (n+1). There can be a limited number of asterisk servers connected to a dashboard. The dashboard is where all the data is stored, where the ETL is performed, and where the reporting is initiated.…

Lua is "good enough" development at it's worst

I'm trying to rewrite my AsteriskCDR capture program from PHP to just about anything else. I inherited the PHP version of the program from a programmer who did not know anything about concurrency or performance. Inside the Asterisk configuration there is a file "extensions_custom.conf".  This file contains all of the scripts for the individual PBX extensions. And when the call is completed the last thing the script does is capture the CDR.

The first thing that you might say is that I should use the built-in CDR recording. I would except for two important reasons.  My extension file contains many customizations so I need the CDR to reflect that information accurately. The second is that the built-in capture does not really address concurrency from the reporting/admin side of the equation. Regardless of the database or storage that info needs to be taken off-box so that it can be reported on... think map/reduce.

Back to the PHP code I have the following challenges: (a) it…

golang 3rd party libs let me down

[UPDATE 2012-03-28] Google released version 1.

I'm working on a presentation project and one of the demo apps is a pub/sub that I need for a VOIP customer.

Currently the app is written in php. It's executed when each phone call completes. And it currently writes directly to a log file. Both attributes are bad which I was hoping my demo app would correct. And while I've considered C I'd rather not for the moment.

golang has a fast and functional API and language. The target executable is statically linked and a reasonable size. My concern is that the beanstalkd and redis libs are old. So before I pushed my first message I've abandoned golang for lua.

commit often?

[Update 2012.03.07] - I forgot to mention that fork'ing, rebase'ing, and some other basic features make it easier to be a write-only developer. One of the critical paths is when you update/merge your local repo with the remote base while you're actively developing. Yes, there are some procedures to minimize the risk like commit then pull and merge, however, this does not isolate your changes nicely. A subject for a completely different conversation is "one code repo" like Google or "one code repo per project"?

I have participated in a number of strategies for commit'ing code to a repository. Each strategy has side effects, unintended consequences, and unimaginable consequences. The common strategies are:

commit often
commit after a complete thought
commit daily regardless of state
commit after a complete feature

When beginning a new project I like to start with a fresh directory/folder; layout the first set of project files which could be created by a gen…

IntelliJ+Grails is not that bad sort of...

Essentially, JDK 7 is OpenJDK, and there still are known issues with running IDEA under OpenJDK. Oracle JDK 6 works best in our experience
I have been writing java code since it's first release. At the time it did not do much so I did not actually deploy anything. Around the time of version 1.0.2 it was stable and robust enough to build production applications that would run under both Sun and Microsoft operating systems.

Happily I moved away from the JDK and toward perl, python, ruby and erlang only to be dragged back into the fold. Java has changed a lot over the years. (a) there are a lot more APIs, (b) tools and IDEs are everywhere. Game changers include many of the Apache projects and a good number of 3rd party libraries.

Now I'm getting back into the swing of things. IntelliJ, from JetBrains, is as I remember. JB is undoubtedly pushing the capabilities of the environment, the language and the different SDKs. But on many levels it feels unnatural.

Take the quote at the top of…

Twitter, Facebook, when is it time to drop all your social networks?

Just a few minutes ago I saw a linkedIn post from a former coworker. It read "excellent read" and then some shortened URL. I used to follow this guy because he was a CTO that I respected while I worked with him but recently, since I started following him on Twitter, I realized that he did not have a lot to say.

One would think that a CTO for a technology company would promote the company, promote the technology or even the people. No. This guy tweets about pizza, wine, and his last great kill in the wild. So I Un-followed him. But when "excellent read" popped up in LinkedIn I found myself asking... just for a second... could he be publishing the next piece of disruptive advice that would propel me into financial and intellectual nirvana.

Meh! I doubt it and I'll never know.

In the meantime I find myself asking myself some of the same questions. What is all this social stuff good for? The Zuckerbergs of the world would have you believe that we all need it like we n…

Python is Better than Perl - The Killer App.

Back on July 5th, 2011, I wrote a post about how perl was better than python. Since then I have a new opinion. Partly because of the cruft I received from the Mojolicious community. It's sad because perl is a great language and the CPAN community is also very strong. That a few curmudgeons can ruin it for the rest is sad. As an editorial comment they are only hurting the language they are protecting so much.

One of the biggest chalenges with languages like perl, python and ruby is that they are being installed as part of the base OS. Specially in most linux distros. (perl has been there from as early as I can remember) Recently python and ruby have been added to the basic install. This is not a bad thing but these languages are under constant development and they are constantly evolving making current applications obsolete or non-functioning.

This is also a HUGE challenge in the development cycle when dependencies are constantly moving and yet developers need to make progress. S rec…

Dell XPS13 or MacBook Air 13?

I'm not going to make any statements about the Dell other than to say that it's probably a nice machine and it probably runs Microsoft Windows really well. It might even run Linux after you've already paid the MS tax.

But looking at the feature functions and comparing them to the MBA... Ya gotta go with the MBA.

OSX is a better OS than Windows and if you have to pay the tax then the cost of OSX upgrade and the fact that there are only two versions where MS has 8 or 10 versions. Not to mention that the Server version is only slightly more expensive.
The MBA certainly allows dual boot and supports Windows and Linux.
Neither system permits memory upgrades (apple has a 2GB model most are 6GB)

I'm abandoning the comparison here. The hardware is pretty similar. The cost difference is marginal. Which is the better company and where is your application investment?

Contractor or Consultant?

[Update 2012-03-04] Wikipedia has a great definition of "consultant". (Everyone is an expert)

Scott Berkum wrote an interesting essay; or so I thought because it struck a cord. This article was written in 2007 and before I realized that there was a followup to it in 2008; I had already replied.
BRILLIANT! Most of these are easy to understand although they are an unpleasant reality.

ADD is cause[d] by by an under-qualified individual in power and in fear of competition for their job [or intellectual cache] and so this is the only way to be the hero.

CDD happens when an ADD hires someone only to find out that the other person is smarter, faster, more well read, however, ADD-man is still ADD-man.

CYAE is also an ADD. In this case ADD’s boss usually make a hiring decision that ADD does not approve of. Then ADD goes into CYA mode and will sometimes go into get the other guy fired mode.

DBD is also attributed to ADD-man. See ADD-man has read a few articles and magazines but he has no re…

Hire Me

I just started a open/public project meant to capture some of the really subjective material when it comes to system design and implementation. I'm trying to mirror the projects on both GitHub and BitBucket. So far I've managed to keep the README files in tact, however, I think it's going to be a challenge to code and deploy multiple programming languages etc... and still get the mission across.

On the other side of the coin, integration is one of my specialities.

In the meantime I'm currently in the market for a contract or a full-time opportunity. I'd prefer a well funded startup or a new venture within an established organization. Either way let's talk.

This project has been created in response to the many recent articles that have been written and the number of job search services which feed on public source repositories. Part of me wants to find a novel way to game the system but I have a higher purpose and that's the message I want t…

iterm2, tmux and the ever-present security

Being a freelance consultant I worry a lot. I worry that I might lose or misplace my laptop or worse that it falls into the hands of someone with less than honorable intentions. Of course you might also install a trojan, be attacked by a virus through multiple vectors.

As a result my clients' secret sauce falls into the wrong hands; or maybe my family's private information is leaked like credit cards or SSN.

This and far worse is possible. Unfortunately there are no absolutes. Not even if you built your OS and applications from scratch. First of all there is not enough time to code review everything you'd need. You are probably not a programmer and if you are there is only a slim chance that you can code everything from a video device driver to a web server and a word processor. (there are only a few on the planet and I'm certainly not one of them).

So the best way to protect yourself is a layered approach.

Pay for your hardware from somewhere reputable; HP, Dell, Apple.