30 October 2008

Letters, we get letters

All sorts of unexpected news and correspondence this week! I got a note from someone who had read my review of Herding Cats requesting other recommendations for readings in project management for someone aspiring to be a team lead. I took the opportunity to plug three of my favorite authors. I wrote (edited slightly):
Different shops call for different management styles, so YMMV. But take a look at Becoming a Technical Leader by Gerald M.
Weinberg. For that matter, just about anything Weinberg has written about programming and the psychology behind it is worth reading.

You're probably familiar with Steve McConnell's work. His Rapid Development provides a survey of the management techniques you
can use to improve the delivery of good software; some of the topics in Code Complete are also relevant.

Finally, DeMarco and Lister's Peopleware is good for helping you identify aspects of your office environment that are making you
and your team unproductive.

You may have noticed that two of these four titles are from Dorset House publishing. There's lots more good stuff to be found there.

16 October 2008

XSRF and me

Security is not my long and strong suit. But recent postings by Scott Gilbertson on clickjacking and by Jeff Atwood on strategies to counteract cross-site request forgeries (XSRF) caught my attention.

While there aren't any good countermeasures against clickjakcing yet, there are practices that you can follow to mitigate XSRF attacks. But doesn't ASP.NET take care of all that for me? Not really. Todd Miranda demonstrates, in a 20-minute video, how the exploit works against an ASP.NET site and shows some basic techniques to cope.

09 October 2008


Naomi Hamilton continues her randomly alphabetical interviews of language architects with a visit with Anders Hejlsberg, leader of C# development for Microsoft:
[I also learnt to] design the language to be well-toolable. This does impact the language in subtle ways – you’ve got to make sure the syntax works well for having a background compiler, and statement completion. There are actually some languages, such as SQL, where it’s very hard to do meaningful statement completion as things sort of come in the wrong order.

08 October 2008

Need a hint?

Nice set of tutorial brain teasers at Project Euler. Some of them would be simple enough to use as screening questions in a technical interview.

(Link via The Daily WTF.)

07 October 2008


entrance I took a long side trip from my family business in the Sacramento area to visit the Computer History Museum in Mountain View, spang in Silicon Valley. The donation-funded museum was relocated a few years ago from digs in Massachusetts.

steampunk calculatordifference engine detailUntil early next year, the highlight of the collection is Difference Engine No. 2, constructed from Charles Babbage's plans for Nathan Myhrvold and on loan to the museum. Like everything else in the museum, this machine is vounteer-powered , one staffer taking a turn at the crank while the other explains the workings. Though the gear is equipped for printing (see detail at right), that part of its operation is not part of the demo, as it takes four hours to clean up every time.

expensive benchMost of the equipment is hands-off, but you can have a seat on this Cray-1, located just outside the main exhibit hall.

Another highlight of the visit is the demonstration of a reconstructed PDP-1, Digital Equipment's first commercial system, docented by John Bohner and Peter Samson when I visited. The PDP-1, introduced in the early 1960s, was the first machine to feature a symbolic debugger, an amenity no doubt appreciated by Samson. As part of the restoration, he reverse-engineered paper-tape music files that had been serendipitously preserved in order to recreate a music synthesizer that he wrote while an undergraduate at MIT. The synthesizer resides in 4K of memory, which is also a good thing, because this model holds all of 12K 18-bit words.

grad school daysfull circleMost all of the other boxes are not powered up, but rather are displayed warehouse-style in the main hall. (Imagine the heat generated by all of these boxes were they all running!) My graduate school days were brought back by the sight of a DECSystem-10 (at left). Those panels of switches are perhaps the only attractive industrial design to come out of the 1970s. And most of us, in one way or another, have crossed paths with an IBM System/360 (at right).

There are lots of smaller, newer, and older items, as well: a rack of HP calculators, Herman Hollerith's tabulation equipment, a rack of tubes from ENIAC, some game consoles, a Sage air-defense system (tube-based and inexplicably still in service through 1983), a Norden bombsight, an Enigma machine.

Except for a side exhibit of computer chess (and the PDP-1 demo), there isn't a lot of emphasis on software; for now, the museum is largely a repository of hardware. But, we hope, forthcoming fundraising will increase the level of interactivity at this gem of a museum.