Monday, December 31, 2007

Word of the Day

Intractable - Some questions cannot be answered simply without making a leap of faith, for example: what will this object be worth 10 years from now? These problems can be said to be intractable.

How much value is in a 10GB tract of disk space on a RAID with an interface to Subversion that is access-controlled? Does the value change depending on the particular data contained within? Are there conditions under which a lower "acreage" would actually have a higher value?

How much cost variation is introduced into the equation as disks fail and are replaced? Is it possible that a malicious user could introduce so much excess throughput into the system that this cost is increased? If a fault in security is experienced, what are the potential risks to data? (espionage, corruption)

What strategies can be used to minimize these risks without impacting well-intentioned users? Can these strategies be implemented without the necessity of employing any full-time personnel? What if the size of the user-base is especially small? Can a fair price for such a service be defined on a small scale, if there is no set billing cycle, and if billing does not recur?

This is also what I do.

Sunday, December 30, 2007

Private E-mails

I'm actually still in decompression, the company is Thomson Legal and Regulatory (West) and I get the impression it's your standard Big IP Corporation.

I'm pretty sure there are actually a lot of lawyers in the company and I could probably get the advice I want, but if I start asking questions like those and demanding answers, they're going to think I'm looking for trouble.

Here's what I think: I'm going to keep a copy of EVERYTHING that I produce, and in case somebody asks, I'm going to claim it's my legal duty thanks to Sarbanes Oxley. They've shown me absolutely no evidence that anything I do is being backed up regularly.

I think that makes it my responsibility to keep an off-site backup. Of course it's not reasonable or necessary to assert ownership until "it" is worth money, and I'd better be fully disclosive and forthcoming about any associations I make outside of the company.

Wednesday, December 26, 2007

Another Critical Update = No Christmas

About these computers: I have to say I got fed the biggest line of manure about how and what these things are supposed to do for me!

Another critical update from Microsoft and now all I know is my software repository is down, until the administrator comes back to his desk and flips a switch in the right order. And when I sit in front of this machine processing my task list, with each day that passes I tend to wonder to myself: where are my six-packs of rock-hard abs and washboard stomachs?

That's it! Tomorrow is canceled, unschedule my appointments and disable my spell checkers! Take everything important, wrap it up and put it all up in the Internets, because someone has got to take control of it all before everything becomes completely out of hand.

All I can say is that machines in my day ran with half as much memory at twice the speed, and they didn't complain about it either! Of course I don't think they had this sweet radio to listen to while they did, anyway remember while you do, these radios are sweet, and you have to guard them and protect them from invaders...

if those people get their hands on these radios, you don't want to know what they're gonna do! i am serious, and with all that you may now receive your quote for the day: the going rate for a sandwich and chips is three and a half dollars.


Thursday, December 20, 2007

Security < Performance

Desktop applications in the same running session often have necessity to pass messages back and forth, to provide for a smooth and cohesive end-user experience, as well as to gather enough information to effectively manage process life-cycles. This necessity frequently runs at odds with the goal of information security.

Code and data carried on a USB key is guaranteed not to be accessed by anybody else, so long as the key is in your possession and any computers you use to access the key are not attached to a network. Firewalls establish network boundaries and proxy servers serve as access points by which such measures can be bypassed.

Passwords and encryption are sometimes helpful for this reason as well. Other times, we developers just build APIs so complex that the required cost of investing oneself to understand the goal of a project is actually higher than the value which can be extracted from within the boundaries of the development process.

Blogged with Flock

Monday, December 17, 2007

The Gap

Currently spinning my wheels looking for the way to bridge the gap from software testing to increases in revenue. I'm not trying to say that there is no utility for software testers, or that software testers have no direct effect on revenue...

Actually this is exactly what I am saying. What is a software tester? If the software provided some benefit to the users that increased their bottom line, we would simply be called software users. If we were working on the API's and increasing the feature-completeness of our software, it would be called development. A software tester is something in the middle.

A person who doesn't know their software well enough to profit from use, or isn't smart enough to improve it directly... how discouraging that sounds! Rest assured, these jobs will still be here; software has faults just as people, and there must be someone underneath the productive developers to take the chopping block if the quality of released software is especially low! :-D

Anyway, we have got an especially low volume of distinct assignments from The Management since arrival and I'm taking this as a sign to mean that we testers had better know what to do with a code base. Word from full-time employees is that it can take as long as 3 months to get up to speed and really become a functioning member of a development team.

I can't stand the idea of spending 3 months as a useless living widget in a building full of widget makers, so I guess I'll have to work smarter and harder! The Blackjack project just got a new requirement for cross-platform execution, so I can continue development on my own time. That way I'll have something left to do when I run out of rooms to clean in my house.

Sunday, December 16, 2007


So my buddy Dan told me about this awesome program called FolderShare... and I don't know if I'll ever look at another Network File System again!

No seriously, that's how good this program is. You can build a network of your own computers that all replicate files back and forth automatically, you can set restrictive permissions for a user that allows addition but not deletion or editing of files, you can do everything remotely that you would do locally if you configure the app another way. Best of all, it seems to work seamlessly around NAT restrictions.

I doubt this will get past the Thomson corporate firewalls... and that's a damn shame, I sure hope the app works internally at least! It just does what it sounds like, share a folder, and it does it extremely well. Revision history is another thing, and I'm keeping Subversion around for this purpose... and the presentation layer is born! Sweet.

Download it here.

Thursday, December 6, 2007

Blackjack Simulation

I'm working on a simulation of Blackjack to remind myself of how a program with business logic would be constructed. There are a couple of simple classes in package casino, including Dealer, Shoe, Card, Table, Player, Hand, Chips (aka Bank), Door, and optionally Cashier for converting from one type of currency to another.

Players enter the casino through the Door with a certain amount of money in their personal Bank, case the Tables which each have a single Dealer and Shoe, and a finite number of seats. Player joins a Table and places a bet. Each Player Hand is dealt from the Shoe, then a brief exchange between Player and Dealer decides whether any more cards are dealt into that Hand. The process is repeated with the next Player until the value of each Hand is determined.

The Dealer then completes the transaction by dealing out his own Hand, comparing the value of each other Hand on the Table to his own Hand, and making any necessary adjustments to each player's Bank. Players decide whether to play another Hand, either placing a new bet or leaving the Table, and for as long as this pattern continues another Hand is dealt for every bet. When a Player has had enough, he can proceed to the Cashier and/or leave out the Door with his money.

With the assumption that not every Player is smart, we can fairly assume that the casino will not run out of money and it is almost pointless to maintain a central bank; you can only watch as the balance increases, and as it rises, so does the number of Players who have been bankrupted by the house. This is not the goal of a good casino, and such a statistic would only serve to make the owner feel guilty! Adjust the scenario to allow smart players who can count cards, adjusting their bets based on the probability of winning each hand, and your casino owner may begin to feel compelled to introduce door guards and pit bosses.

The simulation results will tell us if the reasonable casino owner has real cause to be concerned.