In my current role I’ve been working on a number of framework style components that allow developers to focus on the specifics of the task in hand and, hopefully, ignore the generic and common plumbing and orchestration. One of the frameworks is a reporting framework, the other an exception handling framework. One of the things we’ve been trying to avoid is inheritance where other methods would be better, but type compatibility and inheritance of some functionality appears to be the best model for some of what we’re doing at least. Which raised a big debate about Fragile Base Class problems*. Of course, one of the guys piped up with the Open/Closed Principle, but was trumped by a reference to Liskov’s Substitution Principle and so the talking shop went on…
Ivan Moore and Rachel Davies are talking about Gumtion Traps again, which caused me to realise that every time I encounter a gumption trap in my work I start talking about them. It inevitably ends up as either:
a) the other party has heard about and undertsands Gumption Traps and we start listing our number one traps or
b) the other person has not heard about Gumption Traps and I start explaining about this great book (which I haven’t even read) called Zen and the Art of Motorcycle Maintenance (Pirsig, 1974) and how he talks about having the right tools for the job and all the other things that get in the way of the real objective.
So, all in all, Rachel, Ivan I’d just like to say a great big thank you for Gumption Traps, the biggest bloody Gumption Trap of all.
Back in 2001 I wrote about the differences of PKI and passwords after speaking at Secure Summit. Bruce Schneier talks about the situation in Internet Banking today, with most still using simple passwords.
This makes perfect sense because, still, certificates are vulnerable to theft and brute force attack.
There is an interesting attack on passwords, however, that most sites don’t consider or protect against. If you only care about geting into _an_ account, not a specific account then a brute force attack against name, rather than password is very viable. Simply take a password, or passwords, that somebody is bound to have then run through usernames to find the user who has it.
I came across a company recently who had actually made this form of attack very simple. They had decided that usernames based on your real name were obviously a risk so all usernames were instead a five letter random sequence, making it trivial to now run through and find a user (any random five letters) with pa55w0rd as their password.
Professionalism is defined by the dictionaries as the “expertness characteristic of a professional” or the “pursuit of an activity as an occupation”. We often talk about the quality of what we do and measure the professionalism of our work against others – although we often use different terms the overall meaning is Alice’s work is more professional than Bob’s.
So in Software, what is professionalism about?
Testing Meme Propagation In Blogspace: Add Your Blog!. —
This posting is a community experiment that tests how a meme, represented by this blog posting, spreads across blogspace, physical space and time. It will help to show how ideas travel across blogs in space and time and how blogs are connected. It may also help to show which blogs are most influential in the propagation of memes. The dataset from this experiment will be public, and can be located via Google (or Technorati) by doing a search for the GUID for this meme (below).
The original posting for this experiment is located at: Minding the Planet (Permalink: http://novaspivack.typepad.com/nova_spivacks_weblog/2004/08/a_sonar_ping_of.html) ? results and commentary will appear there in the future.
Please join the test by adding your blog (see instructions, below) and inviting your friends to participate ? the more the better. The data from this test will be public and open; others may use it to visualize and study the connectedness of blogspace and the propagation of memes across blogs.
The GUID for this experiment is: as098398298250swg9e98929872525389t9987898tq98wteqtgaq62010920352598gawst (this GUID enables anyone to easily search Google (or Technorati) for all blogs that participate in this experiment). Anyone is free to analyze the data of this experiment. Please publicize your analysis of the data, and/or any comments by adding comments onto the original post (see URL above). (Note: it would be interesting to see a geographic map or a temporal animation, as well as a social network map of the propagation of this meme.)
To add your blog to this experiment, copy this entire posting to your blog, and then answer the questions below, substituting your own information, below, where appropriate. Other than answering the questions below, please do not alter the information, layout or format of this post in order to preserve the integrity of the data in this experiment (this will make it easier for searchers and automated bots to find and analyze the results later).
REQUIRED FIELDS (Note: Replace the answers below with your own answers)
* (1) I found this experiment at URL: http://www.twelve71.com/archives/000657.html
* (2) I found it via ?Newsreader Software? or ?Browsing the Web? or ?Searching the Web? or ?An E-Mail Message”: Newsreader Software
* (3) I posted this experiment at URL: http://www.dynamicorange.com/blog/
* (4) I posted this on date (day, month, year): 04/08/04
* (5) I posted this at time (24 hour time): 11:55 GMT
* (6) My posting location is (city, state, country): Birmingham, England
OPTIONAL SURVEY FIELDS (Replace the answers below with your own answers):
* (7) My blog is hosted by: Magic Moments
* (8) My age is: 30
* (9) My gender is: Male
* (10) My occupation is: Geek
* (11) I use the following RSS/Atom reader software: SharpReader
* (12) I use the following software to post to my blog: MovableType
* (13) I have been blogging since (day, month, year): 17/07/99
* (14) My web browser is: FireFox
* (15) My operating system is: Microsoft Windows XP