November 30, 2014

Three Questions with Slack’s CEO
Slack emerged from the wreckage of Glitch, an online game that Stewart Butterfield, a cofounder of Flickr, built with his company Tiny Speck but shut down last year. While working on Glitch, the four-person Tiny Speck team was divided between San Francisco, New York, and Vancouver, so they cobbled together a new communications tool by slowly adding features—like the ability to archive and search messages—to a simple IRC-like instant-messaging app. They used the tool so much, Butterfield says, that they stopped using e-mail to communicate. After shuttering Glitch, the company switched its focus to popularizing the new communication tool.

Parallelism is not concurrency
The first thing to understand is parallelism has nothing to do with concurrency. Concurrency is concerned with nondeterministic compositionof programs (or their components). Parallelism is concerned withasymptotic efficiency of programs with deterministic behavior. Concurrency is all about managing the unmanageable: events arrive for reasons beyond our control, and we must respond to them. A user clicks a mouse, the window manager must respond, even though the display is demanding attention. Such situations are inherently nondeterministic, but we also employ pro forma nondeterminism in a deterministic setting by pretending that components signal events in an arbitrary order, and that we must respond to them as they arise.

Richardson Maturity Model
Recently I've been reading drafts of Rest In Practice: a book that a couple of my colleagues have been working on. Their aim is to explain how to use Restful web services to handle many of the integration problems that enterprises face. At the heart of the book is the notion that the web is an existence proof of a massively scalable distributed system that works really well, and we can take ideas from that to build integrated systems more easily. To help explain the specific properties of a web-style system, the authors use a model of restful maturity that was developed by Leonard Richardson and explained at a QCon talk. The model is nice way to think about using these techniques, so I thought I'd take a stab of my own explanation of it.

We need to be pragmatic about the principle of net neutrality
As an organising principle, net neutrality explains why the internet has enabled such an explosion of creativity over the past 30 years. It meant that if you were smart enough to invent something that could be done with data packets, then the internet would do it for you with no questions asked. What that meant was that the barriers to entry for innovators were incredibly low – which is why Tim Berners-Lee was able to launch the web and a Harvard sophomore named Mark Zuckerberg could unleash Facebook on an unsuspecting world. Net neutrality created what the Stanford scholar Barbara van Schewick calls “an architecture for permissionless innovation”.

API Best Practices: Spec Driven Development
One of the main reasons for REST was to focus on long-term design, or as Dr. Roy Fielding pointed out, we as humans, as developers are very good at short term design, but horrendous at long-term design. What may seem like a good solution in the short-term, if not carefully thought out and tested long-term is likely to create big problems down the road. Think of it like this, how many times have you written code only to look back at it three months later and wonder “what was I thinking?!” Your API is a contract, and unfortunately the one thing you cannot fix is poor design. For that reason it’s important to avoid editing your spec during the development cycle.

Integration Architecture: How We Got Here
Developers generally try to build loosely-coupled software components in their applications, so the basic concept of SOA is intuitive to many developers. In the late 2000’s, however, the perception of SOA became tied to the ESB architecture, which many argue is not the best way to build SOA. Though I’ve given the basic definition of SOA above, it is trickier to define in practice [1]. ESBs and SOA received some backlash from the development community because enterprise-scale ESBs often seem to have too many unnecessary features or too strict a tie to a vendor’s product suite. Developers using ESBs also tend to use them as a place to hide complexity, instead of dealing with it more effectively.

Steve Jobs Lives on at the Patent Office
Altogether, a third of the 458 patented inventions and designs credited to Jobs have been approved since he died. Jobs’s patent documents are a record of Apple’s history from startup to one of the world’s largest companies. His first patent, won in 1983, is titled simply “Personal Computer.” One of the newest, filed after his death and approved in August, covers the design of the dramatic glass cube that’s the entrance to Apple’s store on Fifth Avenue, in Manhattan. Some Apple watchers have questioned if Apple can succeed without its iconic founder. Its current CEO, Tim Cook, is a pragmatic supply chain specialist who rose through the company making sure Chinese factories delivered iPhones on time. Cook’s name has never appeared on any patent.

Harnessing Situational Awareness
To help you get started on your project assignment, you are given “high level requirements.” They are disparate materials that state business problems vaguely, but urgencies clearly. If the problems are not solved, the company will lose market share, revenue, and be beaten by its competitors. You assess all the project information. Nothing is clear except the following: (1) a fixed budget, (2) a fixed timeline, and (3) a partial project team of three full-time people, two more to be recruited, and a few others who are here part time for your project. In addition, you have some offshore developers that you can pull in. As you talk with various stakeholders and members of the project team, you begin to get a picture of the personalities you will be working with throughout the project lifecycle.

Distributed Configuration Management and Dark Launching Using Consul
The usage of Consul has also been driven by a need to improve an existing piece of our system – the Dark Launch mechanism. It’s one of the key ways Hootsuite is able to be nimble and keep our deployment rate up, without sacrificing quality. Dark Launching, or “feature flagging”, allows us to have control over very granular pieces of the codebase through an interface we created. We can modify the execution of our code at runtime by setting conditions on the execution of a certain block, such as boolean true or false, random percentage, specific members, and more.

Mitigating Mobile Risk: It’s Time for Action
Unfortunately, many security professionals continue to apply, or attempt to apply, traditional computing solutions to this new mobile reality -- and it's just not working. One big reason is that traditional network computing security features like firewalls and anti-virus protection do nothing to address the risks posed by unsecured mobile applications, or so-called "leaky apps." This seemingly harmless collection of icons, the individual squares we tap and access every day, can act as a gateway for attackers seeking to find and exploit weaknesses.

Quote for the day:

"Before you are a leader, success is all about growing yourself. When you become a leader, success is all about growing others." -- Jack Welch