Menu

Seconds & pixels

"This is our last dance. This is ourselves. Under pressure."

The Secret

Now you’re looking for the secret. But you won’t find it because of course, you’re not really looking. You don’t really want to work it out. You want to be fooled.

I love this quote from The Prestige because it touches on a very interesting fact of magic shows. A good magician would never reveal to the public how a trick was performed. This is not because of vanity or selfish information hoarding, it’s simply because once it’s revealed, the magic is gone – now it’s just a trick. The magic is all in the secret.

Unfortunately, I find the quote to be true outside of magic shows as well. I talk to a lot of people that ask a lot of questions, but don’t really truthfully want to ‘work it out’. They prefer to believe in the ‘magic’. They believe it’s magic of some kind or another that made someone be successful, that got a politician elected, that got a writer on the bestseller list, an app to get 1M users, a startup to get funded. It’s magic and normal people can’t do magic so there is no point in even trying.

For this crowd, they would rather be fooled than enlightened. They are looking for the secret, but they don’t believe the explanation when they hear it and they keep looking for the secret of the magic trick. Because the truth – that there is no secret, that it’s just day to day hard work – would mean that the goal they are dreaming about is – and has always been – within their reach and that responsibility is painful. The magic is a much more comforting story.

Next time you are looking for ‘the secret’, ask yourself this: am I really looking? Or am I happy to be fooled?

It’s not the user

I would guess that at this point everyone in the world knows about this week’s “leak” where lots of private pictures from celebrities were stolen and then shared in the open. And if you’re interested in this sort of stuff, you’ve probably read quite a few opinions ranging from “why do these pictures exist” and “why are they saved anywhere online” to “what are the big companies doing about this”.

I’d normally avoid hot topics like this like the plague because of the kind of silly discussions that usually gravitate towards them, but in this case, there is a point that I would really like to make. That point is…

It is not the user’s fault.

It’s very easy, as an engineer, to look at this and breathe out with relief that nothing really got “hacked”, it was just phishing, brute forcing, guesswork and other hacks that involve humans more than technology. It’s just bad user passwords and people putting them where they’re not supposed to, it’s not our fault, our system was intact, nothing leaked through the holes. It’s especially good because deep inside there is a little voice telling you that this will not be the case every time, so at least on this one occasion, you can escape the blame, go home have dinner and sleep well at night.

Unfortunately this is an inadequate reaction, to say the least, and it’s a very wrong position to take, if you really care about the users and the industry.

We want people to use our stuff. We also want to make things as easy for them as possible. Just turn the phone on, it will just work. Just install the app, it will just work. Just take some pictures, it will just work and we will automagically back these up for you so that you can never lose them, you don’t need to do a single damn thing, it’s all magic from us techy wizards over here, don’t worry, love the cloud, life is good, please give us a 5 star rating and buy our stuff!
That is what we want, we want to make it *magical* and the magic happens when the complexity is hidden away. Unfortunately as soon as something goes wrong, the complexity starts leaking out in a big flood of user-blaming.

You’re holding it wrong

The user has set a bad password. The user does not have a PIN. The user does not use an encrypted connection. The user does not have a password on their wifi. The user has an easily-guessable password on all their accounts that they haven’t changed in five years. The user is wrong, our magic is INTACT, we cannot be faulted, the user has used our product wrong.

No, they f*ing haven’t. They used it in the way in which you told them they can use your magical device, in the super-duper-uber-simple way. You didn’t ask them to take a network defence course and a crypto book and understand why Password1 is about as secure as leaving your door unlocked and pictures with where your laptop is located outside. You told them that you have this covered and they don’t need to worry about a darn thing because *you* are the magician and they are muggles. The truth is that you lied and now you’re trying to blame the user to save face.

Instead of asking why do people still set incredibly poor passwords, here are some more interesting questions:
– Why do we allow users to set incredibly poor passwords?
– If hackers just brute-force and guess passwords, why don’t we try to brute-force our own passwords and make users change them when we succeed?
– Hey, why do we still have passwords? Is this really still the only way to authenticate a person?
– If we think two-factor authentication helps, why is it an elusive option that you have two dig out instead of the enforced standard?
– If secret questions and answers can be so easily guessed, why do we still ask for these? Surely we have better options available?

 

We are the wizards, we hold the keys to the magical kingdom and we expect users to trust us that this magic is good and it helps them and they have nothing to fear from it. Everytime the magic fails, everytime the user is hurt, they will trust us less. They will see the magic as more black than white, something to be feared and avoided. Fear kills innovation, fear kills sales, fear kills the magic.

It is not the user’s fault, it is the magician’s fault. The trick has failed, the complex machinery behind the magic hat has not only been revealed, but it killed the rabbit in the process. There is no one else to blame, we need to just accept our fault, sincerely apologise and do our best to make sure that this doesn’t happen again. And we need to do that fast before we lose all confidence and the magic show turns into a witch hunt.

The best that you can be

I am not the best developer that I could be today.

There, I said it. It’s hard to say or write it, but of course the list can go on. I am also not the best athlete that I could be today. Or the best writer. Or the best poker player. I have the potential to be better at any single one of these and probably many more.

It’s important to pick out your priorities and follow them without guilt. I am not the best that I could be at any of the above, because I believe strongly that splitting my focus between multiple activities makes me a better human. I could be a better developer, but that would require less sports, less reading and writing fiction, less time with friends, less time with family. There is nothing wrong with choosing that, if that’s what makes you happy, but I know that would not make me happy.

For many years, I struggled with guilt for not spending as much time as I could towards my professional goals. In the mean time I have learnt to live with the reality that my ultimate goal is to be a better person and there is a lot that goes into that mix. To ignore some goals in order to make more room for another might mean succeeding at a smaller goal, but it would hurt the bigger picture in the long run.

Whatever mix of goals makes you happy, that’s up to you and there is no right and wrong answer. The only wrong approach is to let others dictate this for you. Carve your own path.

Aldrin_Apollo_11_head

The more mundane affairs, now that we’ve left the Moon…

One of the things I enjoy the most about twitter is the accounts that are “livetweeting” some historical event as if they were taking place right now. I am a huge fan of the @RealTimeWWII account that has been live tweeting the war as it happened on this day and time back in the 40s (it’s now up to 1942).

The benefit of following a historical event this way, even one that I know well and studied for quite a bit, is that it’s no longer just an atomic “event”. The granularity, the detail and the real duration of it become much more obvious. It’s one thing to talk about the blitz and it’s another to follow the events that composed it day by day and being able to focus on individuals and how they were affected.

Something really exciting that I caught on to in the last few days is an account that is livetweeting the Apollo 11 mission. I’ve always been interested in this famous missions, but watching this event unfold through twitter has given me a new appreciation of both the complexity of the mission and a better understanding of what it must have been to live through that.

Here’s an example of what I mean. It’s one thing to talk about how long it takes to get to the moon and back, and targeting and landing and all that and it’s something completely different to really try and think about what it was like for the people, the three humans, that were part of all this.
They took off on July 16th and came back on Earth on July 24th. That’s 9 days! I’ve always known that this mission took a while, but it never really occurred to me what that meant. These astronauts had to sleep, they had to eat and they had to do what people usually do after sleeping and eating! Armstrong and Aldrin didn’t just walk on the moon, the dined and slept on the moon!

I have problems sleeping after a bad week and these guys had to sleep after getting to, landing and walking on the MOON, while still on the moon, without the certainty that they will be able to leave and go back home. They also had to sleep while hurling through space at over 6000 km/h as it took them several days to get back home. And we’re not talking power naps either, they slept more than I do on average night in my bed at home!

I think stepping back a bit too look at events this way adds a very human touch to the entire thing which you never get just by reading about it.

And moreover, I think it also helps to put our own lives in perspective. Yes, it is easy to get overstressed nowadays, maybe easier than “it used to be”, but if astronauts on the moon were able to make time for a meal and for a good night’s sleep, we all probably should too.

Tech debt: it ain’t all bad

Technical debt, as defined by wikipedia:

Technical debt (also known as design debt or code debt) is a neologistic metaphor referring to the eventual consequences of poor software architecture and software development within a codebase. The debt can be thought of as work that needs to be done before a particular job can be considered complete. If the debt is not repaid, then it will keep on accumulating interest, making it hard to implement changes later on.

I think the use of the word debt here is absolutely superb! The two really are similar in almost all ways I can think of. Take for example, the concept of interest.
Getting into debt means you have to pay interest. If the debt becomes too big, the interest can become so high that all you’re doing is paying interest off and no more money goes towards capital repayments.

Similarly, allowing technical debt to grow out of control means that you will be spending more and more time on paying off your “interest” (i.e. the extra work generated by the debt) and less and less resources will be available to work on the stuff that matters.

Anyone that has worked on software with bucket loads of tech debt knows this part of the metaphor really well. What I’d like to talk about today is that the other part of the metaphor also applies: debt is not all bad!

Debt is just another way of saying credit and credit is very important. You need credit to make large purchases, like a house, or to finance a budding business. Credit only becomes a problem when it gets out of control, but well-planned, affordable credit is key to economic development.

Similarly, technical debt is not all bad and it can add value to an organisation. When it is well managed, it can help get a product to market quicker, it can help prototype and experiment with features faster, it can be immensely useful. The key phrase in there is well managed. Allowing the debt to get out of hand will probably mean that all the speed a team gained in going out to market quickly is lost when bugs need to be fixed and features need to be added.

An experienced engineer should know when the time is right to clean-up some debt and when to let it linger a bit longer. Sometimes it’s appropriate and sometimes that God object just needs to go and you can’t have it any other way. Knowing when to do either of these is the hard part; I’m still learning how to gauge that.

If you find this topic interesting, I recently found a great piece about code debt that explores it a lot more than I have done here and that I would strongly recommend you check out: Technical Debt 101

Older Posts