Water Cooler Effect

Mark Suster writes The Power of “In Person” — Why Distributed Teams are Less Effective about the importance of in-person communications in an early-stage Startup. I have worked in an office, then been a remote employee (an effective one, I like to think) of two post-scaling companies. I fully agree with Mark’s arguments: the dynamics of in-person communications are hugely important, especially at an early stage when you are defining what your company is actually doing.

The comments Mark attracks also rock: one commenteer states “It’s too hard to move the needle, or even be poked by the needle, if you aren’t in the room.” Well said.

Intel Founder on Job Creation in the US

Insightful cover story by Intel founder Andy Grove in Business week: How America can Create Jobs. America needs Industry jobs: I agree with Grove’s statement that letting go of technologies to be manufactured elsewhere puts the country in a knowledge hole. We can’t all be knowledge workers, and not all people in the country (any country, not limited to the USA) do will be designing the next great technology only to then hand it off to other geographic regions to be manufactured. Especially seen in the light of something like this TechCrunch post: if the US doesn’t make the product, there will be less of a need to develop it there. One can go elsewhere with lower taxes, better healthcare and fine education.

Grove’s solution, a tax on products created with foreign labor, should raise some hackles. Taxes are bad, right? However, if not for government intervention, I don’t think anything can change. Corporations can’t be expected to change their ways for the greater good: their job is to do business and maximize profits. Only the government can steer their behavior by turning the greater good into a business decision. And, unfortunately, taxes are the main instrument at their disposal to do so.

ApacheCon NA 2010 HTTP Server Track Call for Participation

ApacheCon North America 2010 will be held 1-5 November 2010, at the Westin Peachtree in Atlanta, Georgia, USA.

The official conference, trainings and expo of the Apache Software Foundation (ASF) will run to Atlanta this November, with dozens of sessions on Servers, Cloud Computing, Search NoSQL, Incubating projects, innovations, emerging technologies, and more.

ApacheCon would not be complete without a track dedicated to the project that started it all, the Apache HTTP Server. The Project Management Committee (PMC) are currently planning our own technical track for ApacheCon. We are solliciting 50-minute presentations for our conference track, to fill one day at the conference.

Topics of interest include:

  • Case studies on deployment of the Apache HTTP Server within your organization
  • How-to sessions on working with certain aspects of the Apache HTTP Server technology
  • What’s New? sessions on new features of recent and upcoming versions of the Apache HTTP Server
  • Sessions discussing third-party extensions to the Apache HTTP Server
  • Security topics surrounding the Apache HTTP Server
  • Performance and scalability of Apache HTTP Server deployment
  • Cool things we all should know the Apache HTTP Server can do
  • How you solved particularly gnarly problems deploying the Apache HTTP Server

Submissions are open to anyone with relevant expertise: ASF affiliation is not required to present at, attend, or otherwise participate in ApacheCon.

Please keep in mind that whilst we are encourage submissions that the highlight the use of specific Apache solutions, we are unable to accept marketing/commercially-oriented presentations.

All accepted speakers (not co-presenters) qualify for general conference admission and a minimum of two nights lodging at the conference hotel. Additional hotel nights and travel assistance are possible, depending on the number of presentations given and type of assistance needed.

To submit a presentation proposal, please edit the Wiki page and add your proposal, including:

  1. Your full name, title and organization
  2. Contact information, including your e-mail address. Feel free to obfuscate if you think that this will make a difference in your SPAM load
  3. The name of your proposed session (keep your title simple and relevant to the topic)
  4. A 75-200 word overview of your presentation
  5. A 100-200 word speaker bio that includes prior conference speaking or related experience

You will find an empty table template at the bottom of the page. Please copy this and fill it in.

Please mail any quesions regarding proposal submissions to pmc at httpd.apache.org.

To be considered, proposals must be received by Sunday, April 4nd, 2010, at 23:59:59 Pacific Time. Following this time, the PMC will hold a vote and suggest the most interesting proposals to the ApacheCon Planning Committee for acceptance to the conference. Note that the Apache HTTP Server PMC does not itself accept session proposals: it merely makes recommendations to the Planning Committee.

Key Dates:

April 4, 2010: Call for Participation closes
May 17, 2010: Speaker Acceptance/Rejection notification
November 1-5, 2010: ApacheCon NA 2010

We look forward to seeing you in Atlanta!

Business’ Lack of Soul

Wall Street Journal columnist Gary Hamel wrote a while ago about The Hole in the Soul of Business. He correlates the lack of passion many employees of big companies have for their jobs to the sterile language in their published goals and values.

I think the problem at hand is that, during the lifecycle of any company, a shift must take place where the commitment to product quality and customer satisfaction becomes no longer the emotional product of a few passionate individuals, but becomes part of the fabric of the corporation. This means that process and procedure takes over from actual people who may care about customers.

Said process and procedures bring with them the danger that individuals within the company become disempowered and demotivated. Sadly, it is the only way to scale an operation beyond a few individuals: process and procedures must be put in place to ensure customers have a consistent experience. You can’t put the burden on what few employees you have that happen to be the driven customer satisfaction rock stars. They will burn out and leave, and expose the rotten structure underneath.

There is a fine line between empowering and disempowering your employees. If you do it right, employees remain involved, passionate and motivated. If you do it wrong, the customer experience will be consistent, but it will be crappy. Taken to its logical extreme, the only continuing contribution your employees will make to morale is to post Dilbert cartoons on their cubicles.

Attack on EMV Payment Cards

The BBC discusses a man-in-the-middle attack on EMV payment cards, also known as Chip-and-PIN. The attack was developed by a team at Cambridge University in the UK. Using a real card wired up to a laptop, connected to a fake card that is inserted in the POS terminal, this attack can authorize payments with an arbitrary PIN.

I am not sufficiently familiar with the cryptography in use for the EMV protocol, but my first thought is that astute observation by POS personnel should provide substantial defense against this entire class of attack: if someone shows up at your cash register with an EMV card wired to his backpack, something fishy is probably afoot.

My other thought has to do with the notion that banks might attempt to shift the responsibility for fraudulent Chip-and-PIN transaction to the consumer. “Since EMV is so secure,” the reasoning goes, “the PIN authorization is proof positive that the transaction is valid.” Except it has now been shown that PIN authorization can be spoofed.

Security is not black and white: it does not make fraud impossible, but makes it harder and more expensive to commit fraud. The protection level provided by a security feature should be commensurate to the value of the transaction it protects. Too high a protection level is likely to be more cumbersome, or more expensive, than the transaction in question justifies.

Ubuntu Packages for Perl Modules

The Apache HTTP Server perl-framework testsuite needs a number of Perl modules in order to run. You can install those through CPAN, but on some distributions these modules have been made available through the distro packaging scheme.

This is a quick-and-dirty list of Perl-related packages that need to be installed on a vanilla Ubuntu system in order to run the perl-framework:

Ubuntu Package Perl Module Remarks
libcrypt-ssleay-perl Crypt::SSLeay
libdevel-corestack-perl Devel::CoreStack
libdevel-symdump-perl Devel::Symdump
libdigest-md5-perl Digest::MD5 Part of the default load
liburi-perl URI Part of the default load
  Net::Cmd Part of perl-modules package
  MIME::Base64 Part of perl package
libhtml-tagset-perl HTML::Tagset Default load
libhtml-parser-perl HTML::Parser Default load
libhtml-parser-perl HTML::HeadParser Default load
libwww-perl LWP Default load
libipc-run3-perl IPC::Run3  
libhttp-dav-perl HTTP::DAV Sucks in the following
libxml-dom-perl
libxml-perl
libxml-regexp-perl
perl-doc Perl documentation Some files are used as content by some tests

OK Apple, Where Is It?

Apple says: “Apple will support Microsoft Windows 7 (Home Premium, Professional, and Ultimate) with Boot Camp in Mac OS X Snow Leopard before the end of the year. This support will require a software update to Boot Camp.”

My VMWare VM is running Windows 7 on the Boot Camp partition, but I’m waiting for this new version of Boot Camp so I can boot Windows 7 directly on the metal. It’s the end of the year. Where’s my update?

How to Build Apache for Development

This is how I currently build Apache httpd for development and testing.

Pre-requisites:

Once these are in place, check out the Apache source code from http://svn.apache.org/repos/asf/httpd/httpd/trunk, cd into the checkout and run ./buildconf --with-apr=/path/to/apr/source-code. Then run configure:


./configure \
--prefix=/somewhere/convenient \
--enable-mods-shared=all \
--enable-maintainer-mode \
--with-apr=/where/you/put/it \
--enable-proxy=shared \
--enable-ssl=shared \
--enable-case-filter=shared \
--enable-case-filter-in=shared \
--enable-bucketeer=shared \
--enable-echo=shared \
--enable-mpms-shared=all

make and make install. This module complement is what will be exercised by the test harness. The build system will leave the last ./configure invocation in config.nice, and also install the latter under the build subdirectory when you make install. Isn’t that nice?

To run the test harness, check out http://svn.apache.org/repos/asf/httpd/test/framework/trunk. Underneath the checkout, find in Apache-Test/lib/Bundle/ApacheTest.pm a list of the Perl modules you need. A number of these will already be on your system. Get what you don’t have from CPAN or your package manager. Also, install HTTP::DAV and its dependencies which is not on the list but needed to exercise mod_dav. Then run:

perl Makefile.PL
t/TEST -httpd /somewhere/convenient/bin/httpd -apxs /somewhere/convenient/bin/apxs

Note your skips and failures. Add Apache modules and Perl modules if you find the list above out of date. Then make your changes to Apache, rebuild and run t/TEST again. If your new build is in a different installation root, run make realclean in the framework and set it up again. When your changes to Apache (no longer) cause any tests to fail, propose the change to dev@httpd.apache.org. If you add new functionality, add new tests. That’s all. Easy.