• Some Process Thoughts

    July 7, 2015

    In an Era of Distributed Teams

    Over the last bunch of years, I've worked with a fair number of distributed teams, both doing open source and contracting. Over this time, I haven't ever been in the same room as half the people I've worked with. I've used a ton of tools from AIM to Slack.

    Here are a bunch of thoughts on process.

    Almost Always in the Light of Day


  • You're Stealing from Yourself

    July 6, 2015

    And from Me

    I read Jessie Frazelle's blog post that outlines some of the horrid things that have happened to her solely because she's a woman contributing to the tech industry.

    If you're engaging in acts of aggression against Jessie or any other woman or person of color, you are stealing from yourself.

    Jessie is making a measurable contribution to the tech community. How do I know? Well, because I've heard of her. Because she wrote a very fine post on isolating desktop apps using Docker and done conference presentations as well.


  • Filling the Pipeline

    June 28, 2015

    With qualified People of Color

    Kumi Walker tweeted:

    What a joke: Behind Silicon Valley's Self-Critical Tone on Diversity, a Lack of Progress http://bits.blogs.nytimes.com/2015/06/28/new-diversity-reports-show-the-same-old-results/ cc/ @cbracy

    And he's right!

    There are no excuses for failure to improve the diversity in high tech companies. None!

    The platitudes of "we're trying" and "the pipeline sucks, so we're victims" is bullshit. These are companies that "disrupt" and use "social networking" to get the job (and the revenues) done. They should use the same tools to recruit a diverse workforce that they use to generate revenue: data mining and social networking.

    A plan for Detroit


  • Thoughts from Munich

    June 20, 2015

    Random Stuff

    I'm spending the weekend in Munich on my way to Devoxx in Krakow.

    I've done a ton of travel this year: London, Tokyo, Atlanta, Beijing, and now Munich.

    I'm drafting this post from the San Francisco Coffee Company. So, yeah, I flew 11 hours and 1/3 of the way around the world from San Francisco to sit in a coffee shop named after my town, hacking on my MacBook, and feeling meta-mocking about the whole thing.

    But the differences between cities around the world seems to be less and less. I'm really conflicted about this.

    What's good


  • CSS Selector Transforms in ClojureScript

    June 9, 2015

    Coming full circle

    Lift's CSS Selector Transforms are the best thing in web development, ever.

    Granted, Lift's CSS Selector Transforms are built off concepts in Enlive, Lift treats the transforms as composable components... and that means more concise, reusable code.

    If you're doing client-side work, there's Enfocus and kioo, but they are very brittle and don't play well with Reagent.

    So, I decided to write a bunch of web utilities for ClojureScript, single page apps.

    The code is stand-alone and outputs Hiccup format HTML or it can return a DocumentFragment that can be used any old way.

    The code is the first part of Dragonmark Web.

    So what, and why?


  • We Live in an Amazing World

    May 23, 2015

    We Really Do

    I hung out with a couple of friends last night and we spent a fair amount of time finding interesting and obscure music tracks and videos and playing them for each other. We carry the collective musical creation of all of humankind in our pocket and any of it can be recalled and performed at any time.

    This week, I started work on a new project.

    I was able to access all the tools and documentation that I needed to learn a new computer language. I was able to become proficient with the new computer language and publish code for part of my new project for the world to see and use.


  • My Thoughts on Go

    May 21, 2015

    Meh

    I have been working on a project that needs to run as small-footprint native code. I've been doing C since 1980 and have written a fair number of commercial packages in C, C++, Objective-C and blends among them.

    But after a couple of decades doing Java and other managed languages, I no longer want to have to think about memory management.

    Plus, the project is Docker related and most of the Docker ecosystem is on Go. So, I decided to do the project in Go.

    Here are my "about a week in" thoughts.

    The Comfortable


  • I Love my MacBook Retina

    May 20, 2015

    It's an Amazing Machine

    On more or less of a lark, I ordered a MacBook Retina. I'm very glad I did.

    First, the lark... I have 4 running MacBook Pro/Airs and a couple of other running Macs floating around. The physical size difference between my 11" MacBook Air and the new MacBook is trivial. But... I like toys.

    The MacBook Retina is a particularly awesome device and it's become my "traveling around town" machine.

    The Keyboard

    The keyboard is, I suspect, love it or hate it kinda thing.

    For me, it's not quite love, but I really like the keyboard. I've been using computer keyboards since my Apple // and have seen keyboards lose travel.


  • Scala Versioning Fragility Rant

    May 8, 2015

    Yes, a Rant

    I've been doing Scala before it was a thing. I founded Lift and wrote the 2nd Scala book (Beginning Scala).

    And this morning, I'm ranting.

    Recently, I've discovered the joys of dual-language (Scala and Clojure) projects... I even did a presentation on it at QCon.

    Yesterday, I was playing around with putting a Reagent front end on a Lift app that talks to Apache Flink. Why? Because Reagent can support multi-hundred-thousand row scrolling grids seamlessly, even on my iPad, Lift is the best web framework I've ever used (yeah, I'm biased), and Flink seems to be well considered.

    But the problem was Scala's version fragility...

    The error manifest itself as:


  • 1Password on Linux and OS X

    May 1, 2015

    Password Management

    Managing the many hundreds of passwords I have across site on the Internet is non-trivially difficult. Grrr.

    I primarily use Linux (Ubuntu 14.04) for my work, but also have a couple of OS X machines because Keynote is a really good presentation package, Linux on laptops is still lame, and a few other lower-priority reasons.

    I've been using KeePass as my password manager. It's open source which is a win. It runs very well on Linux. It's written in C# and Mono runs C# well on Linux. But not so much on OS X.

    On Linux, KeePass runs really well. The Chrome browser plugin for KeePass is excellent. The Firefox KeePass plugin is marginal.


  • The IT pendulum

    April 11, 2015

    Meta-cycles in technology choices

    I've been working on my keynote for QCon Beijing and looking at technology trends and choices since the 1950s.

    One of the interesting tensions that I've seen in IT is the tensions between "getting it right" and "doing it quick".

    Most of enterprise/business IT is about making good business decisions. Business people who make those decisions need information that's mostly right, not exact. Yes, there are parts of IT that deal with transactions around money where making a 1 penny mistake is not acceptable, but the vast majority of what we do with enterprise IT is to help business people make informed choices.


  • Lift XML Vulnerability

    March 22, 2015

    A Serious Vulnerability

    Security testing at a large Lift-powered site revealed a serious XML-related security vulnerability.

    The core issue is that Lift prior to recently patched versions 2.5.2, 2.6.1, and 3.0-M4 are vulnerable to a XML eXternal Entity attack. The attack allows access to the local filesystem via XML entities:

     <?xml version="1.0" encoding="ISO-8859-1"?>
      <!DOCTYPE foo [
         <!ELEMENT foo ANY >
            <!ENTITY xxe SYSTEM "file:///etc/passwd" >]><foo>&xxe;</foo>
    

    The root cause of the problem is that Lift uses Scala's scala.xml.XML library for parsing and the default configuration of that library is insecure.


  • Pixie: stunningly good

    March 8, 2015

    A sweet Clojure-ish language

    It's likely no secret that I really dig Clojure. It's the first unityped language I've used since Objective-C in the early 90s that I really like. Yes, I still love Scala, but I think Clojure is pretty much the best designed computer language I've ever used... and maybe that's because Clojure is mostly "less is more" but in a few places, it's not.

    The things I really like about Clojure are:


  • What I Travel With

    March 7, 2015

    The Right Gear is Important

    I travel a fair amount and I like to have the right gear to travel will. Here's my current set-up:

    dpp's travel stuff

    Most importantly, a Traser Code Blue Watch. This watch is light and comfortable on the wrist and has a tritium light source so it's always visible. I can half wake on a dark airplane or in a dark hotel room, check out the time, and go back to sleep. I can do this without pushing buttons or doing something that's going to annoy others around me.


  • Slurping data from NeXT drives

    January 23, 2015

    Getting Old

    Yep... I'm getting old and so are my computers. I used to do a lot of coding on NeXT cubes and slabs.

    I have a bunch of NeXT machines laying around and so do some of my friends.

    But how does one get old data, programs, mailboxes, etc. off a NeXT machine? Turns out that it's not so hard.

    NeXT machines used SCSI drives.

    So, to get data off a NeXT drive, one has to put together a setup that supports SCSI-1 drives.

    I purchased:

    And I had a 50 pin micro to Centronics SCSI cable.