Turned off my "home page" today

I turned off my web hosting today that hosted my home page and a few small facebook apps that weren't making any serious money.  It's kind of the end of an era for me.  I've hosted my own web page and small apps since probably 1997.  

These days it just doesn't make much sense to host your own anything.  The cloud is our new overlord and I for one love the stuffing out of it.

You can have code at github and bitbucket for free (bitbucket does private repos at no cost - yay! ).

You can have your blog on blogger or wordpress.

You have your random one-liners and cries for help on twitter.

You have linkedin so that recruiters can spam the daylights out of you with terrible positions in far away countries.

You have roughly a ba-jillion services for hosting your small apps, like Heroku, PHP Cloud, Google App Engine, and Azure.

I just can't justify the expense of a basic web hosting or virtual server account any more.  I won't miss  doing the system administration on that thing and constantly worrying about hackers.  That's for sure.

I still need a proper home page for my domains to link to all my various cloud identities.  Any suggestions?

On Technical Recruiter Spam

I haven't updated my linkedin or dice.com profiles in about a year.  I figured by not updating those profiles that it would slow down the constant onslaught of recruiters phoning and emailing me about web developer positions.  It hasn't worked so far.  I really appreciate someone giving me the opportunity to apply to interesting jobs but the recruiting industry is just broken and full of lazy people who can't be bothered to do anything other than a simple keyword search.  I have a lot of experience so I'm going to show up in a lot of keyword searches but that doesn't mean those jobs are applicable to me or that I would be interested in them.

So if you're going to contact me anyway, you might as well try not to annoy me.  Here are some ways dear recruiter of not annoying me:

1.) If my profile lists that I'm not willing to relocate then don't send me a job clear across the state.  Or the country.   Or the world.   These would require relocation.  While I realize that New Jersey is one of the smaller states in the union, it is still 166 miles north to south and 57 miles wide.  Since I live towards one end of it as referenced by my address, it makes little sense to assume I can commute to the other end.  That's over a 100 mile commute.  A quick google map search could give you that.  

2.) If the job entails working WITH a "guru," "ninja," or "rock star" then I am not interested.  A real guru is much too enlightened to ever refer to themselves as a guru, nor would they allow another to refer to them as such.  So when I see "guru" as my potential boss/coworker, I read "asshole."  A ninja would have altered the job ad before it went live so as to preserve his identity.  And rock stars aren't developers.  They are girls named Kim that play bass guitar.

3.) If the position entails that I NEED to be a "guru," "ninja," or "rock star" then I am not interested. Please see above.

4.) If my profile lists I'm looking for full time work, then don't send me jobs that aren't full time.  I really don't get this one.  And I don't have anything funny to add to it either.  It's really just sad that people don't pay attention to this.

5.) If the position requires being an expert in some technology that I don't have as my primary skill set, then don't bother contacting me because I probably couldn't even do the job.  

6.) Stop asking for "excellent communication skills."  If I had those, I wouldn't be a developer, I would be a salesman.  Or Steve Jobs.  I can communicate well enough to get the point across the first time.  Is that excellence?  Perhaps to you it is, but you also think the world is full of gurus and ninjas so I can't really take your assessment at face value.

7.) If the position does not require me to write code to get a job offer then I'm not interested.  Because that means your other developers didn't need to write code to get their jobs there and probably two-thirds of those developers are terrible.  I don't want to work with terrible people.  The better job you do at weeding out the crappy developers, the more I will think of your organization.

8.) If the position is for a company whose name you cannot divulge until we've had several conversations then I'm not interested.  I understand not putting the name in the job ad online,  that's pretty standard these days, but if you're contacting me directly then you should give me the name of the company.  Otherwise it implies a lack of trust on my part, like I'm going to steal this commission from you somehow.  So, first, you're making contact with a stale account since I haven't updated my profile in a year.  So you're assuming I'm looking for job when I'm probably not.  And then to try and entice me into the job market, you neglect to give me the company name so I can do research on it?  That's pretty lame.

I could go on and on here, but what about you?  What are your suggestions for technical recruiters?

linkedin.com needs to sync up company names when the company name changes

My invites to present and former colleagues via linkedin.com have started to tumble in as opposed to the normal trickle.  I think that's a fairly accurate sign of our flagging economy as anything I can personally put a number on.  Of course it could also be that I'm a loser who has never really used linkedin a lot and so have practically no contacts there.  ;-)

What's annoying however is the way linkedin keeps track of company names and what happens when a company name changes.  For instance, let's say I work at a company called "Davisons."  I put that in my linkedin profile.  "Davisons" gets bought by "Johnson, Inc" and they change the name of the company to "Johnson Davisons."  So any new people coming into the company know it as "Johnson Davisons," not just "Davisons."  When they look for current employees on linkedin, they won't find all of them because some have the old company named listed while some will have the new company name listed.  Not to mention how bad this problem gets when one of your previous employers changes names after you have left.

This problem is what I would call an issue with name history.  This kind of name history problem is starting to creep into other areas of the web as well.  I've already had the misfortune of trying to email someone I haven't emailed in a few years and reached a completely different person (ie, one person's email acct was shut down and another started with the same address).  Pretty embarassing -- makes me think twice about starting emails with "Hey dirtbag!  Long time no see!"

The solution for linkedin's name history problem is pretty simple.  They should ask you if the company has gone by any other names and let you choose from possible alternates (or even free type them).  It won't take long for their system to build up the necessary relationships between past and current company names.  It could even be pretty slick and auto-update old companies in your profile to their present name if the name is now different from what you specified.

A search for employees of "Davisons" in this case would give you both Davisons and Johnson Davisons and whatever other company names are "linked in" to this company.

Beware the Lone Wolf PHP Developer

With all the posts on interviewing PHP candidates popping up lately, I thought I'd post this draft that I've been sitting on for awhile that's related to new jobs and interviewing candidates.

I've run into the Lone Wolf PHP Developer at several places I have done work. Sometimes, I've had to work side-by-side with the Lone Wolf. Other times, I've replaced the Lone Wolf who had moved on to different hunting grounds. Still other times I've had to hire people and had to choose between a Lone Wolf and several other candidates.

Just who is this Lone Wolf and why should we fear them so much? Here are some telltale signs of the Lone Wolf PHP Developer:

1. The Lone Wolf doesn't understand how to work in a team of developers. They typically don't even understand what benefits that would create. They do all development on their own, listening to very little input from qualified sources.
2. The Lone Wolf got to page 141 on Enter-A-Beginner-PHP-Book-Title-Here and no further. Objects? They've never heard of them. They must not need them.
3. The Lone Wolf re-invents the wheel for every project and doesn't use standard tools and practices.
4. The Lone Wolf eats their young. OK, I made that one up. Frankly, how could a Lone Wolf have young anyway?
5. The Lone Wolf is perfectly satisfied with doing programming work on production servers and using FTP to deploy their code. It never occurs to them that they should strive to create development and test environments. It never occurs to them that deployment via FTP doesn't scale higher then one developer.
6. The Lone Wolf doesn't know what the letters SCM, CVS, or SVN are, or how to use them in their daily work.
7. The Lone Wolf never reads my blog or any other blogs on programming. The Lone Wolf may not know what a blog is.
8. The Lone Wolf says crazy things like "MySQL can't do transactions" and somehow gets management to believe them.
9. The Lone Wolf was initially adored by management because they launched a lot of code live during their short stay. Too bad all that code is buggy and completely un-maintainable moving forward. Management doesn't like that.
10. The Lone Wolf whips up incredibly stupid and unnecessarily complex solutions like template systems in which the templates are stored in a database instead of the file system/memory/cache. They shun using tried and true templating methods like PHP files, XSLT, or at the very least, Smarty. (see also: reinventing the wheel)
11. The Lone Wolf names variables after themselves that mean nothing to anyone else (ex, $lonewolfFlag )
12. And worst of all… The Lone Wolf PHP Developer fails to realize that there are other developers out there in the business world, trying to earn a living just like they are. By failing to conform to development standards that have been proven and tested, they make everyone's job more difficult.

Now, I personally have run into this Lone Wolf scenario with other programming languages as well. But I think because it is so simple to work with PHP without much formal training that it lends itself to this problem much more readily then other languages. The blessing and curse of PHP is that it is the new VB 6.

Facebook.com opens up facebook platform similar to ning.com

Read about the new developer environment for Facebook.com on cnn.com. I can't tell yet if this is Facebook.com adopting some of the Ning.com philosophy of "create your own social network" or if it's just a giant widget factory on steroids.

No longer will Facebook consider itself merely another social network. Instead it is becoming a technology platform on which anyone can build applications for social computing... Outsiders can now develop Internet services on Facebook's infrastructure, he explains, that will have full access to all its members.

developer.facebook.com has more info on the facebook platform. And of course, you have to love that it's built on PHP.

It’s the business model, stupid. How terrible programming can lead to big money.

The last few projects I’ve been working on have involved paging through lines of poorly programmed and utterly atrocious looking procedural code in PHP. I’ve mostly been mopping up for other consultants, some outsourced, some not. I’ve questioned on several occasions whether or not a 5 year old was responsible for the terrible programming decisions made.

And I’m not talking about the differences between using a switch/case statement instead of an if/else structure. I’m talking about creating 10,000 global variables and carrying them from page to page instead of populating arrays and objects as needed. Database normalizing? What’s that? We’ll just keep repeating the customer name and address for every line item of every order. This stuff should be Programming 101. Apparently these programmers were absent that semester.

Now, are you ready for the kicker? These terrible apps are all making boatloads of money for their respective companies. I’m talking millions… sometimes tens of millions of dollars a year… being sucked into the company coffers by a web application held together with the programming equivalents of toothpicks and dental floss. Shocked? I was. It’s taken me awhile to shake off the disbelief and get down to the factors at play.

The key here is that each of these projects has a really great business model. Each business model is sound and complete, providing for multiple revenue streams through a single core product. All the projects were pretty cool ideas too, coming from the “Why didn’t I think of that?” department. They aren’t web-based services for programmers, tech folks or companies. They are services for real everyday people. People that think aol IS the internet.

The common elements with these projects:

• Great business idea.
• Terrible system implementation.
• Big money coming in, from common web surfers, regardless of the terrible system.

Sound like anything else you may have heard of? For me, it’s really revolutionized my thinking on a lot of items. People will come and pay for services they want, regardless of how difficult it may be to purchase them. And they will put up with a crappy business experience if the service provided is valuable enough to them. So you can code all you want, make all those objects perfectly encapsulated, make the database fly with tight queries, stamp out every bug you find -- that isn’t going to make you any money. Because it’s the business model, stupid.

Yahoo customer service is amazing

I use my.yahoo.com/ all the time lately. Obviously, I use the email and the weather feature is nice. I have both of these on my front page. But some of the other tools of my.yahoo.com have become indispensable to me, particularly, the bookmarks, notes and briefcase. I use these to store files and information of a temporary nature that I can use from both home and the office.

Yesterday morning, my yahoo briefcase broke. I’m not sure what happened but when I was moving a fairly large database file from one folder to another in the briefcase, it came back with an error. Then, no matter what I clicked on in the briefcase, it wouldn’t go anywhere or do anything. Gasping at straws I filled out the help form at my.yahoo. Lo and behold, yahoo customer service actually wrote me back within 12 hours AND fixed the problem.

I couldn’t believe it. I was dumbfounded -- a free web-based service that actually takes the time to support their users. I’m not even a “customer” so I don’t even know if that’s the correct name to use, but yahoo customer service is amazing. Enough said.

Creating software products versus Supporting software products

For the first time in a long time, I find myself working on applications in a revenue generating department of a company. It’s pretty refreshing. I’m working in online product delivery so the web applications I work on are actually sold to customers via subscriptions – they gain access to a particular application on the web for the length of time that they have paid for. The business focus is to create products and the financial focus is obviously to make money by creating products that customers want to buy. This obviously has a good side and a bad side.

The good side is that it looks like I’ll be working on “new” things a lot. Most programmers love “new” stuff and I’m no different. The bad side is that “old” things aren’t given quite so much concern. Refactoring existing code to run more efficiently is not a priority. It’s almost looked down upon. If a bug arises in an existing application, the focus seems to be to fix the bug in the smallest way possible and move on with the “new” stuff. Still, there’s quite a bit of adulation to go around when something “new” is launched. That’s because it can make money.

Most of my career has been spent working in various IT departments. The business focus in the IT department is one of support. You have to support the other users and the applications they use.

The financial focus of most IT departments is one of saving money or holding onto revenue. You improve programming processes so that applications are quicker and more powerful. This enables people to do more work in less time. But in IT, no matter what you build, you are still only “supporting” the business. You aren’t creating business. No matter how good you are, you aren’t making the company money. You are costing them. You may be helping them to save more money than previously but make no mistake -- You are costing the company money. And you’ll be first on the chopping block when job cuts need to be made.

There is a vulnerability with LiveUpdate. Please use LiveUpdate to download a fix.

I hate security updates like this.

From: http://www.securityfocus.com/bid/11873/discussion/

Symantec Windows LiveUpdate is reported prone to a local privilege escalation vulnerability. This issue can allow a local unprivileged attacker to gain administrative privileges on a vulnerable computer. It is reported that this issue only presents itself during an interactive LiveUpdate session. A local attacker may influence the LiveUpdate GUI Internet options configuration functionality in a manner that grants them elevated privileges. This issue affects Windows LiveUpdate on computers running retail versions of Symantec products and Symantec AntiVirus for Handhelds Corporate Edition v3.0.

And the solution: http://www.securityfocus.com/bid/11873/solution/

Symantec has released Windows LiveUpdate 2.5 to address this issue. This version can be automatically installed on vulnerable systems by running LiveUpdate. It is also available for download from the following location: http://www.symantec.com/techsupp/files/lu/lu.html

Credit Card fraud prevention and algorithm design at Amex

Nothing is a bigger pain in the butt then pumping gas into your car in the middle of a snowstorm. Nothing that is… except for when the gas pump turns down your Amex credit card and makes you scramble across icy pavement to pay the attendant inside. Luckily, my Amex card only started failing on my return trip as I visited family this weekend.

When I got home, I had several half-human, half-automated phone messages from Amex mentioning that my account was flagged for possible fraudulent charges.

The human read my name aloud and an automated voice gave the actual warning and 800 number to call. It was funny to me at the time that the men and women speaking my name completely butchered it. They had one job to do and they did it poorly. The automated voice performed admirably.

Upon phoning Amex, I went over my recent charges with a representative. I’m pretty anal about receipts and so I had almost every recent receipt in my wallet. All the charges he read off looked good to me so he removed the flag from my account but not before I questioned him on why the account was flagged in the first place.

I originally thought perhaps my card had been flagged for the recent onslaught of purchases I’ve put on it. I’ve fallen in love with the Amex point system and have been using my Amex card instead of cash for my holiday purchases. I like giving gifts so needless to say, that credit card is practically smoking in my wallet these days.

But it turns out that Amex flagged my account for a combination of reasons:

• There were several small purchases in one state on Friday in the AM and several small purchases on Friday in the PM in another state.
• There were 4 purchases at gas stations in a 24 hour period.

Basically, since I was traveling by car through a few states and buying Christmas presents along the way, Amex thought perhaps my card was stolen. That's a reasonable assumption. What was in actuality just someone driving to a relative's house, buying gas and a few small gifts at outlet stores along the way could well have been a rowdy gang of credit card bandits souping up their post-apocalyptic Mad-Max vehicle with new electronic gadgets.

The Amex rep couldn’t tell me whether or not either of these reasons alone would have caused the flag to be set on my account. But I’m kind of glad that they have some kind of system in place that is at least looking for irregular patterns of purchasing. It got me to thinking about what kind of business rules their “purchase pattern algorithm” would require.

Right off the bat, they would need some kind of purchasing history on you. I know for a fact that if you only make small purchases on your Amex and then make a huge purchase, that they’ll flag you for that. But does that mean there’s no fraud prevention going on for your account in the first few months of new customers? Probably not, but I wonder.

Amex would also need to keep track of the geographic locations of purchases. For instance if a purchase is made in this state now and another far away state 5 minutes from now, that’s probably fraud. But how do they get/maintain that geographic information? What about for web purchases? Is that order recorded with the geographic location of the purchaser or the vendor?

Amex also has to have date information built into their system. They didn’t flag me for lots of purchases near the holidays, they flagged me for other reasons. This means their system expects credit card activity to ramp up in November and December. That’s a reasonable assumption. But to me, it also immediately says that November and December are the best months to commit credit card fraud.

I’m not building any kind of system right now that would require this kind of algorithm design but it’s interesting to be able to look at one in use that affects us on a daily basis. Or at least as often as we use our credit cards. Next time, we'll look at algorithm design for traffic lights and how they always seem to turn red when I approach.

The BALCO steroid scandal, Enron, Martha Stewart

After letting all these BALCO steroid headlines sink in for a few days, it’s occurred to me how similar it all is to some of the other high profile corporate scandals of the past few years.


Baseball, like any professional sport in the U.S. is big business. Millions and millions of dollars change hands every year due to baseball. The fact that some players broke the law to gain a competitive edge doesn’t surprise me at all. By breaking the law and taking steroids, they upped their statistics, which garnered them a bigger paycheck. Their bosses probably turned a blind-eye to this too because the better the player’s statistics, the more people sit in the stands and buy apparel which in turn raises everyone’s salary in the organization.


It seems pretty cut and dried to me. They broke the law to gain a competitve advantage. That’s what folks at Enron did. That’s what Martha Stewart did. That’s what numerous other company personnel are doing right now in many other companies; they just haven’t been caught yet.


Until big business learns some morality, I fear we will have to weather quite a few of these storms. I wonder these days if capitalism and morality can even coexist at all.

It's a bunch of BCS

I wrote a similar diatribe last year on this. Here is an updated version:


I like football. Not-so-much college football because of the constant bickering involved in "who is the best" type discussions. Although, I wish I had paid more attention in my statistics classes in school. I’m trying to understand this whole college football snafu in determining who is actually the number one college team.


I’ve come to the conclusion based on several years of programming experience that there is no mathematical algorithm that can define who is the national champion in college football.


The BCS is quite simply broken beyond repair. It is therefore quite an interesting study in corporate application development.


Looking at the BCS standings from a mathematical standpoint has me just stumped. I tried reading through Colley’s Matrix info but my eyes glazed over. Colley's rankings make up essentially 1/7 of the BCS calculation. In retrospect, I probably started with the wrong part of the BCS calculation, as there seem to be a few simpler methods out there being used.


But Colley makes a good point before he gets to all the mathematical jargon. There are 117 division I-A college football teams that each play about 11 games. Some of them play more than 11. This upsets the rankings. Some of these games may even be against division I-AA teams. This also upsets the rankings. Therefore, the opponents of each team for a season cannot be a statistically viable sample representation of the teams competing since teams compete on multiple skill levels (I-A, I-AA) and for multiple durations. Put another way:


There’s too many teams in college football with too much disparity between them and they don’t all play the same number of games.


The solution? Well, a lot of people want to get rid of the BCS computerized rankings. Some people want to change them to add in margin of victory. Some people want to add an 8 team playoff like in I-AA. (The problem there is how to decide which 8 teams though, so the BCS will again be involved).


This becomes an interesting business problem because this is not a problem that can be solved by throwing more data at it. This is a classic (but wrong) business system approach:

“We don’t think this data is always right. So, we’re going to fix it by throwing more data into it.”

It won’t help if they add certain items like “margin of victory” into the calculations. Any programmer can almost immediately come to the underlying conclusion that there is failure built into the system. The architecture, if you will, for determining the college football national champion will almost never provide a definitive champion. Quite simply, the BCS system is broken and needs to be re-built from the ground up. Much like a malfunctioning application, sometimes you have to know when continual debugging isn’t helping, and be confident enough to design and build a new system.


The solution to all of this BCS nonsense is three-fold.


First, they need to get rid of half the teams in division I-A football. Half of those teams are terrible anyway. Army. Vanderbilt. Western Michigan. Good gravy, my mom and her sewing circle could beat those teams.


Second, every team in the country needs to be in a conference and that conference needs to have a playoff system to determine the winner. Yes, this means you Navy and Notre Dame (if you are ever good again).


Third, you can’t let division I-A teams play division I-AA teams. It screws everything up. The math goes out the window and it is like comparing apples to pineapples.


Or of course, we could just say “who cares” and let those boys just earn a decent education instead of spending all this time, money and effort on trying to weed out the winners from the losers.


But who the hell wants to do that? It’s so un-American.