Bald blogging begins

There are many kinds of friends in the world: some you make, lose touch with, and when you get back in touch with them, you spend hours on end trying to catch up and rebuild the connection you once had. Some you make, lose touch with, and are never able to rebuild that connection. And some are so deeply in tune with your own personality that no matter how long it’s been since you talked to them last, you just naturally fit into a groove again the second you come into their presence (literally or virtually), and it’s as if you were never apart.

ActiveNick’s begun blogging. Welcome to the blogosphere, m’friend. 😉

(If you get a chance, check out the "Geekish Celebrity Sightings Gallery"; I think I get top honors as most-often-photographed-with-Nick. And yes, that shot with Sarah Connor–German equivalent to Britney Spears, apparently–is a legit shot, no doctoring.)

Think your internal network is secure?

The Fourth Fallacy of Enterprise Computing is "the network is secure". Too many people trust that communication that travels across the wire, particularly the internal network, is somehow protected from prying eyes. This Shark Tank story, although not an exact match, sort of proves otherwise:

    Hey, if you can’t trust IT, who CAN you trust?

    CEO decides that his company is getting too much spam, so word comes down to this pilot fish in IT: Find a better spam filter and get it working pronto.

    "This I duly do," says fish, "and I get the latest all-singing, all-dancing heuristic-learning spam filter that can constantly adapt to new types of spam as they appear.

    "But first it has to be trained. This requires me to read all the e-mails coming into the server and train the spam filter for a period of time."

    There are meetings. There are presentations. Finally, top management decides to go ahead. And for the next two months, it’s fish’s job to read the mail.

    And fish takes pains to make sure everyone understands what’s going to happen. "Announcements are made throughout the company of what is to take place," fish says. "Our Internet policy is rewritten and agreed to by all employees so I am allowed to perform this necessary service for this period.

    "On Day 1 of the start of the learning process, one of the first e-mails I read is from the (married) CEO’s lover, very saucy and totally non-unreadable.

    "By the end of the first week, I’ve learned who is gay, who is having affairs, who is running their own business on company time, who is sending out resumes and who hates who.

    "I also learned that the CEO is planning to move the company 50 miles away and sell it in six months’ time."

    At the end of the first week, fish is called into a management meeting for an update on progress of the spam-filter project. He reports that the filter has already reached 96% efficiency.

    And he does it with a straight face. "I have to force myself not to grin knowingly at various people I now see in a new light," says fish.

    "It’s written in our ISO procedure documents that all e-mails, incoming and outgoing, are archived for five years. But I guess people don’t read those.

    "I look forward to next week’s e-mails."

So what’s in YOUR email server?

To truly appreciate the size of a thing, you must see it in perspective….

I was getting off the plane to Javagruppen ’05 this morning (or, to be more precise, what felt like morning after nine hours in a 747-400 from SFO to Frankfurt), and as luck would have it, we didn’t exactly deplane at a gate in the normal sense. Instead, the aircraft parked out in the middle of the tarmac someplace and buses took us from that location over to the terminal.

While we were headed over, about a five to ten minute ride, we passed by and in one case had to stop and wait for some of the airplanes taxiing from gate to runway or vice versa. And it struck me: although you may know this intellectually, you never really appreciate how BIG a 747 is until you see it from ground level.

When standing in the terminal, you don’t really get a good sense of the size of this aircraft; I mean, this thing is just a MONSTER compared to the typical A319/A320 or Boeing 737 that I usually end up flying when doing domestic travel. (Even the 737 or A320 is a pretty large piece of mechanics in its own right.) But when you don’t have that standing-at-ground-level perspective, you lose sight of the size of the thing; even riding in it you only see about half of the size, since the other half is devoted to cargo, perishables storage, and the usual flying mechanisms and electronic support gunk.

Which brings me to my point: a client of mine is consulting with me for some high-level technical evaluations to help them choose between continuing their current J2EE development trend, going with a "simpler" Java-based and/or J2EE-based approach, a .NET approach, or something hybrid between the three. One of the other consultants involved got a little excited and volunteered a time estimate on how long it would take him to build this modular, component-based, highly-available, highly-resistant-to-unreliable-networking-topology-change, administratable and monitorable infrastructure project, an estimate that I (and others) found just a wee bit on the low side.

This entry isn’t to point fingers at him or claim that I’m a better consultant than he is; I’ve made exactly the same mistake countless times over. It’s a common failing of ours, to make this off-the-cuff guesstimates based on nothing but whipped-up air and single-sentence requirements. And the usual result is estimates that aren’t much more reliable than my perspective of an aircraft from the terminal. Usually it’s not until you get your feet on the ground, as it were, that you suddenly realize the enormous size and scope of a project like this, just as you really don’t get the size of a 747 until you start doing empirical measurements. (For example–the winglets on the end of the wings? They’re roughly six to eight feet tall, by my calculation, despite the fact that they look like this little design "flair" that the aircraft designer thought up at the last second. And yes, they do serve an important purpose beyond making the plane look cooler. 🙂 )

Next time you’re in a meeting with folks and somebody asks you how long you think it’ll take, be sure to tell them whether this is a "from the terminal" sort of guess, or a "from the ground" sort of guess. The difference? Until you’ve been-there-done-that, and have something against which to measure their requests (meaning you have some kind of experience with the things in question, ideally having built something like it before), your estimates are likely to be all "from the terminal" guesses, and highly likely to be wildly off base.

Remember how I was saying the Java community was chaotic?

They’ve got nuttin’ on the VB guys.

OK, quick recap for those who’ve not paid attention to what’s been going on over the in the Land Without Curly Braces:

    Microsoft’s "5+2" (five years free plus two years paid) support for the VB 6 IDE is ending this year. Moral: Microsoft is not going to spend any more effort to make sure teh VB 6 IDE runs on platforms produced after this year (namely, Longhorn).
    The transition from VB 6 to VB.NET/VB 7 has not gone smoothly for a number of VB developers, most likely due to the large number of simultaneous shifts going on: the language, library, and underlying platform concepts all changed at the same time, and frankly, it’s too much for somebody to assimilate all at once. (Hell, Java developers were working with a much smaller library, much simpler runtime, and a language that more or less mimicked C++, and it still took us a while to make the switch effectively.)
    Apparently, a group of VB developers, led by VB MVPs, have created an open letter/petition to Microsoft to preserve the VB 6 IDE, by merging the VB 6 IDE into the next release of Visual Studio, calling it (how original) "VB.COM". (As of this writing, 2139 signatories including 222 Microsoft MVPs.)
    Some responses took place: Dan Appleman and Rich Levin and Scott Swigart all basically comment on the petition and the facts of the case, in pretty typical blogger fashion (which is to say, each side sort of claiming the other side doesn’t understand the facts, doesn’t see the real problem, and so on, and so on).
    Even Rocky, whom I deeply respect and admire, felt compelled to respond.
    And, like any good scandal, this is one controversy that just keeps on giving. Press outlets are starting to pick up on the whole thing and treat it like some kind of National Enquirer scoop: "Microsoft MVPs Say They Want Old VB Back", "Visual Basic 6 Backers Revolt", and it’s followup "Scoble: VB.Net is no Second-Class Citizen". All we need now is a picture of VB.NET with Angelina Jolie while a weepy VB 6 sits at home with the kids.

Results? I can see a couple of interesting takeaways from this little debate that seems to be going on:

    Nobody’s really sure what "support" for a language or IDE really means anymore. For that matter, what difference does it make? When was the last time you called (insert your language vendor here) and got somebody who could really help you solve your problems, anyway?
    There’s an awful lot of unmanaged VB 6 code out there; whether it deserves to die or not is really immaterial–it’s there, and it needs to be dealt with in some fashion.
    Apparently nobody has ever heard of VirtualPC: look, if you really really want to run the VB6 IDE, just create a Win2K VPC and run it inside there to do your coding. How hard is that?
    Microsoft needs some kind of formal response to this, if only to say, "We hear the problem but aren’t sure what the right solution will be". Just letting this thing rage through the blogosphere without a response will give the impression they don’t care about their VB 6 community, and that’s millions of developers. Not a good signal to the rest of the world.
    "VB.COM" is a really stupid name.
    The various responders to the petition are really good at weaseling around this. "I’m on board with what the petitioners want, but let’s at least stick to the facts…". Wow; I’m definitely going to have to remember that one for the next EJB3 panel I sit on. Look, either you agree with the petition, that there needs to be continued support for the VB6 IDE (including patches and SPs?), or you’re ready to let the IDE die (even though, as pointed out, the compiled code itself will still run). I don’t see how you can be in alignment with the petition but not with the solution (another response quote).
    Last but not least, there’s still a lot of lingering rancor in the VB community over the whole move to .NET, and it’ll probably more or less remain there forever.

And we in the Java world thought the mess over open-source Web frameworks was bad….

Priceless

Dinner with some of the p&p guys (David Trowbridge, Jim Newkirk, Rocky Lhotka, and so on) yielded the following bit of Mastercard humor:

    Color laser printer: $2500

    Color laser toner: $350

    Printing out color-syntax-highlighted source code: Priceless

To quote Jim: "You have to blog this." 🙂

Three days of Indigo

The latest Indigo "SDR" (placed into quotes because as an event that topped out at 100+ people, it wasn’t so much a software development review as it was an introduction of Indigo to a group of people who hadn’t seen it before) is over now, and while I can’t say that I learned a heckuvalot that I didn’t know before, I can say that I’m glad I attended; if nothing else, it was interesting to hear the questions of the audience, the hallway conversations, and the quality time with the various members of the Indigo dev team.

Indigo defintiely represents a major shift in focus for Microsoft in its approach to enterprise systems, and over the next year or two you’re going to see more and more of that shift emerge, I think. In many respects, Indigo (as Steve Swartz put it) is the first technology Microsoft has released that doesn’t come with a baked-in "Do it this way" message; Indigo’s approach is intended to be a flexible one, that allows you to take whatever "slice" at the technology you prefer: an ORPC-based one, a messaging-based one, an angle-bracketed one, or even a "I just want it to work and not have to think any more" one. That’s going to make it hard for guys like me to sell books and training on the subject (because I and others can take two very different approaches on how to teach it, and we’ll all be right), but I think it’s ultimately going to provide the best flexibility for companies looking to use it over the long haul.

Meantime, it’s off to home for the weekend, before I head back to St Louis next week to teach, to Boston to speak, and to Madison, WI the week following to teach again. Somewhere in the middle, I have an essay I want to release to the world arguing for a fairly major shift in thinking regarding Web services, inspired by the BOF I was in at SD West a few weeks ago….

Another smart guy moves to aspects

Tim Ewald recently blogged about some XSLT object model stuff, which was posted by Chris Sells for download from Chris’ blog. I love it when somebody whom I deeply respect discovers a technology that I’ve been advocating for years, in this case, the technology being aspect-oriented programming.

Tim will likely be somewhat shocked at the idea that he’s embraced AOP; it’s been something of a dirty word amongst the DevelopMentor-esque crowd for a half-decade now. But the brutal truth is, what he’s done–the execution of code in response to what amounts to a pointcut (through an XML document instead of through a programming model)–is quintessentially an AOP concept. All we need, I guess, is a standardized XPath language for navigating the structure of an AST, and we’ll all be in harmony, ya?

This simple equation defines the essence of an AOP system: pointcuts/queries + code. And the richer and more flexible your pointcut/query system, obviously the more powerful your AOP system. This is why simple interception, such as the CORBA interceptor, .NET/COM+ context-bound attribute interceptor or Java dynamic proxy, is not a rich AOP system in the slightest–although powerful, it uses only one sort of joint point, and that in itself inherently limits your abilities. Imagine if OOP only allowed just one base class or interface; how useful would OOP be?

As to the oft-quoted "killing blow" regarding AOP systems, that being that aspects cannot be ordered or stateful, it’s interesting to note that people refuse to make similar accusations about XSLT, yet it (a) fundamentally presents much the same kind of programming model as an AOP-based system would, and (b) has similar problems with ordering and state, yet nobody’s calling for XSLT to die….

Exploring LISP

While at the bookstore tonight on a date, I ran across Paul Graham’s ANSI Common Lisp and decided it was time to go back to Lisp for a bit; I haven’t really explored the language since my days in college, when we spent a week on it as part of a "Programming Languages I" class. (For the record, I got a B- in the class, but mostly because half the class was C++; the Lisp lab I got a 50 on because I just could NOT wrap my head around all that recursion and list processing at the time. I’ve never been back since.)

The interesting thing I find, on second approach, is that Lisp is a fairly approachable language, assuming you’ve got Graham’s book next to you to do it. He’s done a good job (up through Chapter 2, anyway) of highlighting the key parts of Lisp–the fact that it’s a very simple language in terms of its basic syntax and structure–without bogging you down too much in rhetoric and "clearly Lisp is the best of any language on the planet" propaganda. (Well, there is a bit of that last, but that’s to be expected from Graham, particularly if you’ve read his "Hackers and Painters". It’s not too unbearable, at least not thus far.) My next task is to find a Common Lisp implementation I can stick into a VPC/VMW image and start playing around with. Maybe I’ll even think about giving a talk on it and how Lisp seems to have influenced other languages, a la Ruby.

(Yes, I got the book while on a date–what, you’ve never been on a date with a geek before? Sheesh!)

Is Ruby the new Lisp?

While cruising through more of Graham’s Lisp book (see previous entry), I’ve been having a few moments of "Hmmm, I think I’ve heard about some of this kinds of stuff before", and sure enough, as I was idly flipping through Pickaxe v2, I found a lot of the same sorts of things Lisp can do are things that Ruby can do. Which then got me wondering: is Ruby the next Lisp? And if so, does that make Ruby a "second chance" for widespread acceptance for Lisp? Can I learn to be a better Ruby programmer by learning Lisp, or vice versa?

While we’re at it, one of the new lines of thinking centers around the notion of Domain-Specific Languages; if one of Lisp’s strengths is writing programs to write programs, does that make Lisp a natural candidate for building DSLs? And, again, if the Ruby == modern(Lisp) equation holds true, does that make Ruby a candidate for building DSLs?

I just can’t see how either of them can make progress against the rich and powerful VMs (the JVM and CLR) with their commensurate library support, though–which then makes me wonder how Ruby.NET or JRuby is coming along, and if there’s any implementations of Common Lisp for the JVM or CLR…. (Google hasn’t helped much in my 30 seconds or so of looking.) Anybody want to enable my laziness and feed me some CLisp implementations for the JVM and/or CLR? (And yes, I know about the one that ships with the .NET Framework as a sample–I’m looking for something a bit more "real" to work with.)