Today I setup a new website:
Something I want, something I'll use, and something that might be useful to others?
After Monkigras 2013, I was really looking forward to Monkigras 2014. The great talks about developer culture and creating usable software, the amazing buzz and friendliness of the event, the wonderful lack of choice over which talks to go to (there’s just one track!!), and (of course) the catering:
The talks were pretty much all great so I’m just going to mention the talks that were particularly relevant to me.
Rafe Colburn from Etsy talked about how to motivate developers to fix bugs (IBMers, read ‘defects’) when there’s a big backlog of bugs to fix. They’d tried many strategies, including bug rotation, but none worked. The answer, they found, was to ask their support team to help prioritise the bugs based on the problems that users actually cared about. That way, the developers fixing the bugs weren’t overwhelmed by the sheer numbers to choose from. Also, when they’d done a fix, the developers could feel that they’d made a difference to the user experience of the software.
While I’m not responsible for motivating developers to fix bugs, my job does involve persuading developers to write articles or sample code for WASdev.net. So I figure I could learn a few tricks.
A couple of talks that were directly applicable to me were Steve Pousty‘s talk on how to be a developer evangelist and Dawn Foster‘s on taking lessons on community from science fiction. The latter was a quick look through various science fiction themes and novels applied to developer communities, which was a neat idea though I wished I’d read more of the novels she cited. I was particularly interested in Steve’s talk because I’d seen him speak last year about how his PhD in Ecology had helped him understand communities as ecosystems in which there are sometimes surprising dependencies. This year, he ran through a checklist of attributes to look for when hiring a developer evangelist. Although I’m not strictly a developer evangelist, there’s enough overlap with my role to make me pay attention and check myself against each one.
One of the risks of TED Talk-style talks is that if you don’t quite match up to the ‘right answers’ espoused by the speakers, you could come away from the event feeling inadequate. The friendly atmosphere of Monkigras, and the fact that some speakers directly contradicted each other, meant that this was unlikely to happen.
It was still refreshing, however, to listen to Theo Schlossnagle basically telling people to do what they find works in their context. Companies are different and different things work for different companies. Similarly, developers are people and people learn in different ways so developers learn in different ways. He focused on how to tell stories about your own failures to help people learn and to save them from having to make the same mistakes.
Again, this was refreshing to hear because speakers often tell you how you should do something and how it worked for them. They skim over the things that went wrong and end up convincing you that if only you immediately start doing things their way, you’ll have instant success. Or that inadequacy just kicks in like when you read certain people’s Facebook statuses. Theo’s point was that it’s far more useful from a learning perspective to hear about the things that went wrong for them. Not in a morbid, defeatist way (that way lies only self-pity and fear) but as a story in which things go wrong but are righted by the end. I liked that.
Ana Nelson (geek conference buddy and friend) also talked about storytelling. Her point was more about telling the right story well so that people believe it rather than believing lies, which are often much more intuitive and fun to believe. She impressively wove together an argument built on various fields of research including Psychology, Philosophy, and Statistics. In a nutshell, the kind of simplistic headlines newspapers often publish are much more intuitive and attractive because they fit in with our existing beliefs more easily than the usually more complicated story behind the headlines.
The Gentle Author spoke just before lunch about his daily blog in which he documents stories from local people. I was lucky enough to win one of his signed books, which is beautiful and engrossing. Here it is with my swagbag:
— Laura Cowen (@lauracowen) February 1, 2014
After his popular talk last year, Phil Gilbert of IBM returned to give an update on how things are going with Design@IBM. Theo’s point about context of a company being important is so relevant when trying to change the culture of such a large company. He introduced a new card game that you can use to help teach people what it’s like to be a designer working within the constraints of a real software project. I heard a fair amount of interest from non-IBMers who were keen for a copy of the cards to be made available outside IBM.
On the UX theme, I loved Leisa Reichelt‘s talk about introducing user research to the development teams at GDS. While all areas of UX can struggle to get taken seriously, user research (eg interviewing participants and usability testing) is often overlooked because it doesn’t produce visual designs or code. Leisa’s talk was wonderfully practical in how she related her experiences at GDS of proving the worth of user research to the extent that the number of user researchers has greatly increased.
And lastly I must mention Project Andiamo, which was born at Monkigras 2013 after watching a talk about laser scanning and 3D printing old railway trains. The project aims to produce medical orthotics, like splints and braces, by laser scanning the patient’s body and then 3D printing the part. This not only makes the whole process much quicker and more comfortable, it is at a fraction of the cost of the way that orthotics are currently made.
If you can help in any way, take a look at their website and get in touch with them. Samiya and Naveed’s talk was an amazing example of how a well-constructed story can get a powerful message across to its listeners:
"This is supposed to be a compliment, but your talk made me cry" – @monkigras
— Charlotte Spencer (@Charlotteis) January 31, 2014
After Monkigras 2014, I’m now really looking forward to Monkigras 2015.
— Paul Johnston (@PaulDJohnston) February 12, 2014
Recently I started doing a internet-wide scan for rsync servers, thinking it might be fun to write a toy search-engine/indexer.
Even the basics such as searching against the names of exported shares would be interesting, I thought.
Today I abandoned that after exploring some of the results, (created with zmap), because there's just too much private data out there, wide open
IP redacted for obvious reason:shelob ~ $ rsync rsync://xx.xx.xx.xx/ ginevra Ginevra backup krsna Alberto Laptop Backup franziska Franz Laptop Backup genoveffa Franz Laptop Backup 2
Some nice shares there. Lets see if they're as open as they appear to be:shelob ~ $ rsync rsync://xx.xx.xx.xx/ginevra/home/ drwxrwsr-x 4096 2013/10/30 13:42:29 . drwxr-sr-x 4096 2009/02/03 10:32:27 abl drwxr-s--- 12288 2014/02/12 20:05:22 alberto drwxr-xr-x 4096 2011/12/13 17:12:46 alessandra drwxr-sr-x 20480 2014/02/12 22:55:01 backup drwxr-xr-x 4096 2008/10/03 14:51:29 bertacci ..
Yup. Backups of /home, /etc/, and more.
I found numerous examples of this, along with a significant number of hosts that exported "www" + "sql", as a pair, and a large number of hosts that just exported "squid/". I assume they must be some cpanel-like system, because I can't understand why thousands of people would export the same shares with the same comments otherwise.
I still would like to run the indexer, but with so much easy content to steal, well I think the liability would kill me.
I considered not posting this, but I suspect "bad people" already know..,
This is a repost from Stefano Zacchiroli's post
how-can-i-help by Lucas Nussbaum is one of the best things that happened in the area of attracting contributions to Debian in quite a while. It can be used both as a standalone tool to list opportunities for contributing to Debian which are related to your installed packages, and as an APT hook (which is also the default configuration) that at each upgrade will inform you of new contribution opportunities.
how-can-i-help is great for newbies who are looking for ways to give back to Debian which are a good match for their skills: among other things, how-can-i-help shows bugs tagged "gift" related to packages you use.
how-can-i-help is also great for experienced developers, as it allows them to find out, in a timely manner, that packages they use are in dire need of help: RC bugs, pending removals, adoptions needed, requests for sponsor, etc. (As highly unscientific evidence: I've noticed a rather quick turnover of RFA/O/ITA bugs on packages installed on my machine. I suspect how-can-i-help is somehow responsible for that, due to the fact that it increases awareness of ongoing package issues directly with the people using them.)
So, if you haven't yet, please apt-get install how-can-i-help RIGHT NOW.
I daresay that we should aim at installing how-can-i-help by default on all Debian machines, but that might be an ambitious initial goal. In the meantime I'll settle for making how-can-i-help's popcon count skyrocket. As of today, it looks like this:
which is definitely too low for my taste. Please spread the word about how-can-i-help. And let's see what we can collectively do to that graph.
how-can-i-help is just a tiny teeny helper, but I'm convinced it can do wonders in liberating dormant contributions to the Debian Project.
Later this year I am going to do something stupid. I’m going to climb Mount Mulanje, the highest mountain in southern Africa. It will take 5 days to get up and I’ll be carrying a heavy pack all the way.
People keep asking me if I’m in training. I’m not. I probably should be. What those people don’t know is that it’s not climbing the 3,002m peak that worries me. It’s the insects. I am extremely attractive to insects. Even in the UK I get bitten, a lot. When I was working on an outdoor theatre production I got bitten so much that they put it in the accident book.
I’m doing all this for AMECA, a UK charity who have built a sustainable hospital in Malawi. Adults pay for their treatment, which funds free medical care for children. Sadly there is no NHS in Malawi. So, is this just about helping people in Africa? (As if that wasn’t reason enough!) No.
The money that I’m raising pays bursaries for nurses from the UK to go to Malawi and work out there for 6 months. The nurses get valuable experience that they bring back to the UK. Everyone benefits.
I first wrote about this last summer, and I’ve had a lot of generous sponsorship from people. Only some of whom want me to suffer whilst I’m doing the climb. Some generous people donated anonymously, so I can’t thank them in person. But thank you. Thank you so so much to everyone who has helped. I really do appreciate it.
I’ve only got 4 months to reach my fundraising target of £2,550. If you can help out, the link is right here:Please donate on my Virgin Money page
All the money goes straight to AMECA. Thank you.Pin It
There are times when I'm very proud of the Debian project, the developers, the contributors, the bug-reporters, even the users.
There are times when I'm less impressed.
These days I guess I'm not qualified to comment, being an ex-developer, but I still am disappointed.
Part of me wants to rejoin the project, to see if I can help. The other part is thinking there are other choices, maybe I should look at them.
Conflict is bad.
Being conflicted is worse.