Usually when I work from home, I get a lot done. Today...not as much. I've run errands, had two meetings outside the house, and (to Parker's horror) vacuumed.
Now I'm off to another meeting, with half the house un-vacuumed and many emails unread.
Articles also unread:
Now, time for a board meeting.
I just saw a comment on a review site listing the following as a "con" for a particular Web-based product:
I really feel like this company doesn't fix problems that only affect a couple of customers. Instead they prioritize fixes that affect the whole system and only fix specific problems when they have time.
Yes. Also, you might be interested to learn that businesses try to make profits by selling things for more than it cost to obtain them.
On behalf of the company in question—a small business in Chicago whose principal constituents are non-profit organizations with budgets under $1m—you're either new to this whole "commerce" thing or you have a magnificently droll sense of humor. Either way, good day to you, sir. I said good day!
Specifically today, I'm talking about chipped credit cards, which the rest of the world has had for years longer than we have, and they're a lot less annoying. Bloomberg's Ben Steverman explains why:
It's an awkward and irritating experience, and payment companies are aware of the problems. "Some places, it's seamless and beautiful," said Robert Martin, North American vice president of security solutions at Ingenico Group, the second-largest maker of payment terminals in the U.S. "Other places, not so much. But we're learning."
Unfortunately, there are no easy fixes. To connect to card networks, retailers use a countless array of software providers and payment processors. Payments can also be linked to more than a dozen other applications controlling store operations, from coupons to inventory. If not configured perfectly, this tangle of systems and vendors can slow chip transactions to a crawl.
Customers' experience with chip cards should improve gradually, one upgrade at a time, as the systems become more standardized, industry experts say. Slow transactions and confusing interfaces will disappear, or retailers risk losing customers to rivals with more pleasant checkout experiences.
Once again, the U.S. is way behind the rest of the world. In the U.K. and Canada, about 40 percent of Visa's transactions are contact-less, the payment network says. In Australia, the number is 85 percent.
And let's not forget: in the rest of the world they use chip and PIN systems, which are far more secure than chip and signature. Maybe someday...
While I'm trying to figure out how to transfer one database to another, I'm putting these aside for later reading:
Back to database analysis and design...
The Tribune reported yesterday that Dev Bootcamp, an immersive software-development school, is shutting down after their next class graduates in December:
Dev Bootcamp’s final cohort will start classes this month and graduate in December. Campuses officially close on Dec. 8, according to the email, signed by Dev Bootcamp President Tarlin Ray. Graduating students will also get “at least six months of career support,” the letter said.
“(D)espite tremendous efforts from a lot of talented people, we’ve determined that we simply can’t achieve a sustainable business model without compromising our mission of delivering a high-quality coding education that is accessible to a diverse population of students,” the letter said.
Dev Bootcamp was never profitable, Nishimura said. The Kaplan acquisition [in 2014] gave Dev Bootcamp flexibility, but ultimately, faced with the prospect of cutting back full-time instructors and raising tuition, the company decided to shut down.
I have four co-workers who have ties to Dev Bootcamp, including one who wrote parts of the curriculum. They report that Kaplan's aggressive expansion into markets outside Chicago and San Francisco drew resources away from existing programs, driving students and faculty away. For example, one intriguing offering, "Engineering Empathy," which sought to teach budding coders how to work on teams and with clients, got cut during the rapid-expansion phase.
The three alumni in my office are some of the best coders I've ever met. So I'm sorry to see Dev Bootcamp go. I hope that in future someone creates a program as effective as theirs.
Tonight at 02:40 UTC, all Unix-based computers (including Apples running OS-X) will pass a milestone: 1.5 Gs since the beginning of time (at least as far as Unix is concerned).
Unix keeps track of time by counting the number of seconds since 1 January 1970 at midnight UTC, which (at this writing) was 1,499,962,035 seconds ago. Tonight at 21:40:00 Chicago time will be 1.5 billion seconds since that point.
If you miss this anniversary, don't worry; it'll be 2.0 Gs into the Unix time epoch on 18 May 2033 at 03:33:20 UTC. Mark your calendars now!
The good news is that right now it's 21°C out. The bad news is...well:
The Tribune reports:
Northern Cook, Lake and McHenry counties were getting hit hardest, according to the National Weather Service.
By 8 a.m., the weather service received numerous reports of standing water — some as deep as 25 cm in Mundelein, where homes were flooded and residents had to be rescued by rafts.
A flash flood emergency was issued for Lake and northeastern McHenry counties and will remain in effect until 11 a.m. Wednesday, according to the National Weather Service. Already, 5 to 8 inches of rain had fallen in those areas with an additional 25 to 75 mm likely.
Metra's Milwaukee North Line service has been suspended between Fox Lake and Libertyville because of flooding. Further south on the line, Metra is providing minimal shuttle service between Lake Forest to Chicago.
Fortunately, I got to the office well before the first line of storms hit. Unfortunately, shortly after snapping the photo above, the second line hit. Fortunately I was only a block from the office.
It's a general rule of software security that, if I have physical access to your computer, I own it.
I'm analyzing a piece of software so that I can transfer its data to another application. The software runs on a local machine and is written in .NET, with a SQL Express back-end. I have administrator access to the SQL database, the machine, and therefore, to the software.
It took me all of an hour to find the master encryption key in one of the DLLs that make up the software, and another hour to build an applet—using the software's own assemblies—that can read and decrypt every byte in the database.
Good thing I'm covered by a confidentiality agreement and the owner of the data has engaged my company to do exactly what I'm doing. But wow, we really need to migrate this stuff quickly, and get it the hell off this computer.
McMansionHell.com suffered a really bad week that had an awesomely good outcome thanks to the EFF. It's worth reading about. But last week, she published a great essay on the architectural styles (or lacks thereof) of the modern wealthy and how we should look at middle-class architecture as well (emphasis hers):
Architecture as a field has always been captivated by the houses of the elite - those who can hire architects, build large and high quality homes, and set trends for the next generations. While it is always enjoyable to look at street after street of high-profile houses and marvel at their fine execution and intricate architectural details, we must keep in mind that these houses are not where most of us live.
Architectural history and preservation have always preferred buildings left virtually untouched and in pristine condition. For most of us, our houses are not museums - they are places we live - places that grow as we grow. We build additions, decks, and other secondary structures; we enclose our porches in order to add a dining room; we redecorate to our tastes and the styles of today.
McMansions are so disappointing to us because they are the homes of the upper and upper-middle classes who used to build houses that were interesting, that set the stylistic trends later codified by architectural history. While they are now included in guides like A Field Guide to American Houses, the usual objectivity is put aside, replaced with an air of disdain, as if to say “this is the best you could come up with?”
As to the matter this week, I wonder which genius at Zillow decided to sue a young architect for making fun of the houses on Zillow without actually harming the company itself? I mean, doesn't Zillow itself exist thanks to freely-available data?
Via Bruce Schneier (again), Fortune takes a look at Google's security project:
Google officially formed Project Zero in 2014, but the group’s origins stretch back another five years. It often takes an emergency to drive most companies to take security seriously. For Google, that moment was Operation Aurora.
In 2009, a cyberespionage group associated with the Chinese government hacked Google and a number of other tech titans, breaching their servers, stealing their intellectual property, and attempting to spy on their users. The pillaging outraged Google’s top executives—enough so that the company eventually exited China, the world’s biggest market, over the affair.
The event particularly bothered Google co-founder Sergey Brin. Computer-forensics firms and investigators determined that the company had been hacked not through any fault of Google’s own software, but via an unpatched flaw in Microsoft Internet Explorer 6. Why, he wondered, should Google’s security depend on other companies’ products?
I have mixed feeling about it. The project does great work, and the Internet has benefited enormously from these efforts. But as long as it is embedded inside Google, it has to deal with accusations that it targets Google competitors.
On the other hand, as Schneier's commenters point out (and as he has suggested in the past), better Google exposing the bugs than the NSA losing control of them.