Monday, December 10, 2007

Best Practices: End Dating instead of Deleting

One of the things I've gotten out of one of my business parters in Vsched (that online employee scheduling software I'm working on), is a bunch of best practices relating to managing lots of data. One of these is using start and end dates on critical data, rather than actually deleting this data.

What my partner suggests doing is to use start_date and end_date fields containing effective-as-of and effective-until timestamps. Then, if you need to delete this data, you UPDATE the end_date field with the current timestamp instead of using a DELETE query.

It does make queries over this data more complex: you need to add another WHERE predicate (e.g. start_date >= NOW() AND (end_date IS NULL OR end_date < NOW())). So that might be an issue, but hopefully you're looking at best practices before you implement, and you can always worry about perf later, right ;)

So why would you want to do this? Well here are a few arguments:

This will provide your system a better audit trail. You want to know who did what to your customer data and when they did it. If you rely on the method described in my 5Ws of database design post, you'll lose that trail when you do your DELETE. But if you just UPDATE that row appropriately, you're safe.

This will also allow an undo feature for those nasty delete features users claim to want. I say "claim", because my users claim to want to delete their data. But I know as soon as I add the feature, I'll get a bunch of them accidentally deleting data. And what will they do when they delete it? They'll curse their bad luck. Then they'll email my tech support list. Then they'll send me an email. Then they'll call me. Right when I'm about to sit down with friends and a drink. So much for that evening. But wouldn't it be better if they could undelete their own data? Yes. It would be better.

Well, as a matter of fact, I've got such a delete feature. But I didn't implement it with DELETE. I used the above end_date scheme. And it works great. Except I forgot the front end :). So when that accidental delete happened, I still got the call. But I could check the end_date and last_updated_by fields. Long story short, I found those 300 deleted rows. And with a single UPDATE query we were back in business.

Thursday, December 6, 2007

Best Practices: The 5 W's of Database Design

My company's hosted employee scheduling software started with a prototype, which worked pretty well, but just wasn't ready for prime time. So my partners and I revisited our design documents, rewrote large portions of the code base, and rebuilt the database, almost from scratch. It hurt, but it was necessary to create a production system. In doing this, we followed some best practices. One of them is implementing the 5 W's of database design: who, what, when, where, why.

Ok, maybe we didn't quite get five Ws out of that. We've got a logging and audit system to cover where and why. But we do have who, what, and when. And it's come in handy a few times.

Every table in our database has a few special fields:
  • Creation Time
  • Created By
  • Last Update Time
  • Last Updated By

These four fields are on every tuple, and our application logic updates them appropriately. Once a user logs into our system we've got a user id. Any time he or she updates a piece of data, we store that user id and the current time. We've got a couple of features in the work to provide a front-end for this kind of information. But it's also helpful for debugging and providing support.

Earlier this week I rolled out a beta feature. Shortly after the rollout, I got an email from one of my users. There was some unexpected data floating around the system. After getting the user's permission, I took a closer look.

What had happened is that the new beta feature, let's say it was an easter egg painter, had mis-painted some eggs. Eleven out of twelve eggs had correctly been painted blue. But that twelfth egg had turned red somehow.

After groaning—this is the kind of bug that takes a lot of investigation—I dug a little deeper. I checked out the creation date of the eleven blue eggs. All of them were from just a couple of hours earlier, as expected. But that twelfth, red egg had been created a week earlier.

So I sent my user a friendly reply to her panicked email. I asked her if she had happened to create any red easter eggs last week, without the automated painter. And if so, had she accidentally mixed her blue, automatically painted eggs in with those red ones. About fifteen minutes later I got a reply saying, "oops, my mistake. Thanks Nick!"

Best practice to the rescue. Problem solved, without writing a single line of code. Well maybe just a little SQL.

Wednesday, December 5, 2007

How to Protect Against Cross Site Request Forgery

When dealing with security, I try to stick to tried and trusted practices since security is such a delicate topic. I'm not making any claims about the scheme I describe here. I'm only opening up a discussion. One of the security issues I'd like to address is cross site request forgery (CSRF).

A CSRF is an attack where one site directs a user to another site in such a way that the second site thinks the request originated on a page from itself. To illustrate, suppose I put a link here with its href like so: http://www.example.com/​?c=DeleteAccount. If example.com isn't doing the right thing, and you click that link, then your account at example.com might be accidentally deleted. And the fact that example.com password protects your account won't necessarily help here if you're logged in in another window when you click the link. example.com has failed to adequately protect you.

So let me propose a scheme to address this vulnerability, and you can tell me what you think. Suppose example.com were to sign the request strings for the urls for its sensitive actions. That is, suppose instead of allowing the above url, it were to use this one: http://www.example.com/​?c=DeleteAccount​&k=SomeSig. Here SomeSig should be a signature of c=DeleteAccount (or perhaps the whole url).

Now a clever attacker would just have to get an account with example.com, find the delete account url, and grab the url (including the unforgeable signature). The problem has not changed at all. The attacker can just craft a forum post and wait for users to delete their accounts (or transfer funds to him/herself).

So let's ditch the signature and add an expiry to the url: http://www.example.com/​?c=DeleteAccount​&e=Soon. Here Soon is a timestamp after which you'd like to invalidate the url. Many sites log users out after ten or fifteen minutes, so pick something good inside of that. If you get an expired url, you can always have a warning that the url has expired and ask the user to click a new (similar, but updated) url. The idea is to force the user to understand what is about to happen.

Now if the attacker copies the url into a forum post the link will only be valid for some short time. Of course, the attacker can just update Soon to EndOfTime and we're back at square one.

But if we combine these two approaches (and add a nonce to make cracking the signature more difficult) we're a little bit better off: http://www.example.com/​?c=DeleteAccount​&e=Soon&n=Nonce​&k=SomeSig. Now we're signing the command and the expiry so that neither can be forged.

Of course, attackers can just keep going back for updated urls (or have a bot do it for them). But we've at least we've reduced the problem (unlike the previous two attempts).

The issue here is that we're continuing to trust an untrusted source. We have a trusted url (which can't be forged), but it only says, "delete account within my expiry". But what account should be deleted? We're assuming that we should delete the account of the user currently logged in. That makes some sense (we might not want to allow users to delete arbitrary accounts). But our unforgeable url makes no claims about which account to delete.

So let's have the url assert that too: http://www.example.com/​?c=DeleteAccount​&e=Soon​&n=Nonce​&u=UserID​&k=SomeSig. Now when you get this url, check that it's signed correctly, that it hasn't expired, and that the current user matches the user the url was created for. Our url asserts all of these things. And we can trust that all of these things are true, since the url comes with our own signature.

Again, I'm not making any claims that this "solves" the problem. This addresses some aspects of the problem. Feel free to correct any mistakes I've made; that's the point of this blog post. For instance, if an attacker does obtain this "unforgeable url", he or she can still embed it in a blog post and persuade a user to click the link within the expiry. At that point someone still loses an account. Ultimately a CSRF is still possible under this scheme. And there are probably some other weaknesses to the scheme as well. And I'd love to hear about them.

Anyway, I like this scheme so far. Mostly I'd like to use this scheme for 301 redirects after a form post-back with a confirmation: I'm trying to protect against forging the confirmation dialog. But the initial form post-back is just as vulnerable and should be protected also. What do you think?

Tuesday, December 4, 2007

Vsched.com Screenshots

I hope my last post whetted your appetite for the work I'm doing in online employee scheduling software. Now I want to show you a little bit of what I'm doing. So I've got a few screen shots to show off.

Of course, the heart of the system is a shift schedule manager. Above you can see a screen shot of part of a user's weekly schedule. I've covered up some of the info to protect the innocent, but you can see that different entries are color coded corresponding to their type (availability, preferences, work shifts, etc.). You can also see a variety of options available for a work shift, including finding a substitute to take the shift.

Here I'm adding a new unavailable time to my schedule. Our schedules support click and drag, just like any modern scheduling application.

Above you can see a nice summary of what kind of schedules are in place at the different locations and jobs. As you can imagine, work schedules need to change over the year, for example you might need more people to cover registers during the holidays. Also different locations will have different schedules.

This one is a new feature I'm working on right now to import users from a spreadsheet in CSV format. Loading employees into the system is one of the first things our customers do, so we want to make sure it's as easy as possible. You can also see a small bit of instruction in the green box. You'll find these throughout the system with helpful tips and reminders. Clicking on the question mark in the upper right (also available throughout the system) brings up some more in-depth context sensitive help.

We've also got some reports which give you aggregate information about your schedules. Here you can see who can take more hours on their schedule and how much of their schedule they actually wanted.

I'd better get back to work on that user import feature. I estimate around 1000 user clicks for the average setup without it! We're trying to make the lives of our customers easier. We don't want to replace one chore with another.

Monday, December 3, 2007

Introducing Vsched.com

I've been a bad, bad blogger for the last couple of months. But it was all for a good cause. I've been working (very hard) to get my new internet start up off the ground.

Vsched.com offers on-line employee scheduling software. We went live with our first customer, Cornell University Fitness Centers, over a month ago and everything has been running very smoothly since. They love the service, and we love having them. In the past couple of weeks and from here out we're bringing on-line other customers. So if you're interested, or know someone who schedules many employees, with many shifts, in different kinds of jobs, have them send us a note.

I'm going to try to blog more frequently about Vsched now that it's out. So let me begin by explaining exactly what it is we do.

Imagine that you've got dozens of employees with hundreds of shifts across different jobs and locations. Managing that many employees is a nightmare. You might be spending anywhere from 200 to 2000 staff hours a year doing scheduling. I know, I used to manage 90 student employees at Cornell. Creating shift schedules, keeping them up to date, and handling shift swaps is a real hassle for managers and employees alike. So my partners and I have put together an on-line application which automates these processes.

Managers can create and assign shifts with a click of a button, as well as get schedule reports and overviews. We make the right information available in all the right places, so you can find a substitute for a shift, or see a location or employee's weekly schedule with a single click. Employees can log in at any time from any where to update availabilities or schedule preferences, and to swap shifts. And the most current shift schedule is always available on-line. We even integrate with other calendaring applications such as Google Calendar to publish shift schedules to an employee's personal calendar.

One big feature I'm excited about is the automated scheduler. This kind of scheduling problem is very difficult. Computer scientists call this kind of problem "computationally infeasible". While I was a graduate student at Cornell University I spent a lot of time studying this kind of scheduling problem and came up with an algorithm that does a pretty darn good job. Cornell Fitness Centers tells me they anticipate cutting out 125 staff hours per schedule using the algorithm. So I'm pretty excited about that.

Another big feature I'm excited about is that the system is a hosted service, completely on-line. I was speaking with one customer who bought some boxed software over six months ago and still can't get his IT department to set it up for him. And I don't blame them. Maintaining a server, or client software is a hassle. With a hosted service there's no need for IT infrastructure; we take care of all the technical details.

Anyway, this is what I've been up to for the past month or so. I'm very pleased with the work my partners and I have done. I'm really looking forward to the next few months as we grow our customer base. I'll try and keep you posted on our progress.

Tuesday, November 6, 2007

Congratulations to Rat City's newest fresh meat!

Rat City held their annual tryouts this past weekend, and a bunch of my fellow skaters rocked the rink. Big shout-outs to these former PFMs and Rat City's newest fresh meat:

I can't wait to see y'all beating each other 'round on the rink... 2008 is gonna be the best season yet!!

Monday, November 5, 2007

Solving Tough Problems: mod_fcgid and Apache Errors

Almost two weeks ago I ran into some issues with my apache web server configuration running PHP under mod_fcgid. These issues started with an unexpected 403 Forbidden error, caused by a (13) Permission Denied error on my .htaccess file, and finally resulted in (due to my misconfiguration of PHP) a No input file specified error.

Since it caused me a great deal of headache, and took me a while to figure out, I thought I'd share with you my debugging process. Keep in mind, I'm a software developer, not an Apache sysadmin wizard. So you httpd wizards out there, feel free to correct me where I'm missing the obvious.

I'm running a MediaTemple (dv) 3.0 virtual server under Plesk. My problems started shortly after that with arbitrary 403 Forbidden responses to URLs I know should have worked. In fact, retrying the URL showed that it did work. As you'll see, the "sometimes works" part didn't last long.

The first step to solving a problem like this, or anything else, is to check logs. The Apache error log is the right log to start with. For me (MediaTemple (dv) 3.0 / Plesk) this was in the /var/www/vhosts/yourdomain.com/statistics/logs directory. Apart from the usual noise in log files I did see a pretty conspicuous line:

(13)Permission denied: [snip] .htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

This was pretty alarming because I had no .htaccess file in the particular directory indicated (the "[snip]" part). So I dug around on the internet for a while and found pretty much nothing of help about this problem. Keep in mind that everything was running just fine until this point. So I tried turning off AllowOverride in my global httpd.conf file (actually it goes in my vhost.conf file which Plesk includes for my virtual domain). I restarted Apache (service httpd restart) and much to my dismay, I started getting 403 Prohibited on every request. Yikes!

After finally digging through the MediaTemple knowledge base I found this little tidbit:

[...]permissions (755 or chmod o+x) on a directory created for alternate and subdomains is sufficient to serve web content. Anything else will prohibit Apache from entering the directory and showing your content to visitors.

So I did a stat on my http documents directory and I see:
Access: (0644/drw-r--r--)
One chmod o+x command later and my .html files are once again servable. Not sure what changed to cause the problem, but now everything was looking good and I was just about to close the issue as resolved.

Which brings me to the last problem I was getting on my PHP files: No input file specified. This started another round of fruitless internet searches. The bottom line is that this meant that PHP couldn't execute the file. Well, another stat command on the file in question showed:
Access: (0660/-rw-rw----) Uid: (1000/ someuser) Gid: ( 2000/ somegroup)
but more importantly neither the owner nor group for the file was associated with the suexec user that was being used for mod_fcgid. A quick chown -R suexecuser:suexecgroup command later on the folder holding my http files (-R makes it recursive) and my PHP file was working like a charm. Just make sure you replace suexecuser and suexecgroup with your actual suexec user and group (this is specified in my /var/www/vhosts/yourdomain.com/conf/vhost.conf file).

So in the end, to solve my "(13) Permission Denied" / "403 Unauthorized" / ".htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable" / "No input file specified" errors I had to:

  • Check the Apache error_log file
  • Check the MediaTemple knowledge base
  • Use the stat (or ls) command to check file permissions and ownership
  • Use the chmod o+x command to make sure Apache can descend into any directory holding files you want served
  • Use the chown -R suexecuser:suexecgroup command to make sure Apache can access and execute your code

Wednesday, October 31, 2007

Google Tech Talk: Plurilingualism on the internet

Google hosts a surprising number of really interesting tech talks about language. Back in July I attended a particularly good one by Stephanie Booth, about plurilingualism on the internet. Here's the abstract:

More people are multilingual than purely monolingual. Yet the internet is a collection of monolingual silos. Where are the multilingual spaces? How can online applications assist the people who bridge the linguistic chasms, instead of hindering them? How do present applications decide what language to present? IP address or keyboard locale detection are clearly bad solutions. How could this be done better? This talk addresses some localization issues, but beyond that, questions the very way languages are dealt with on the internet.

It's definitely worth watching in full, but if you want the highlights, these are some of the more interesting ideas I took away from it:

  • Code-switching! I'd forgotten there was a term for it. Code-switching is awesome, especially as a form of word-play. Everyone should try it.
  • Stephanie is multilingual, and when she blogs she prefaces each post with a short summary in the language in which it wasn't posted (that is, posts in English get a synopsis in French, and vice versa). This lets her reach two language communities at once, without the tedium and mess of double-posting each post in full. Check out these recent examples.
  • "Some people really resent being shown languages they don't understand."
    Google develops software with a global reach, and we put a lot of care into trying to make sure users get our products in the right languages; but this quote was an interesting reminder that getting it wrong can provide a very negative experience for a particular user. Right now, for example, we use IP address as a factor in determining which version of Google search to show. If you're browsing from a US IP, we'll show you www.google.com in English; if you're browsing from a French IP, we'll show you www.google.fr in French. But what if you're browsing in Switzerland? We'll show you www.google.ch, but should we show the German, French, Italian, or Rumantsch version? We generally default to German, which—statistically—is the right answer, but for all the French/Italian/Rumantsch speakers is clearly the wrong answer. And what about someone from China who's road-tripping across Europe? She's probably going to want to see Google in Chinese, rather than being served a different language every time she logs on.
  • The lang and hreflang attributes are underutilized and offer some really cool potential for ways of understanding documents and hyperlinks. The most common use of lang is in the <html> tag, to define the language of an entire webpage: <html lang="en-US">. But you could also use it to define smaller subsections: stick it in a <blockquote> tag when you're quoting a different language; stick it in a <div> or a <p> if you have a section of text in a different language (for example, a summary at the top of a blog post!).

    The hreflang attribute is even more interesting to me, since I'd never heard of it before. From W3C:
    The hreflang attribute provides user agents with information about the language of a resource at the end of a link, just as the lang attribute provides information about the language of an element's content or attribute values.
    So if you link to a cool website in Spanish, you could throw <a hreflang="es" href="www.example.es"> in the <a> tag. The thing about these attributes, though—especially hreflang—is that they're underutilized because no technology takes advantage of them. But no technology takes advantage of them because they're underutilized. If we ever find a way to break out of this Catch 22, I could imagine some cool opportunities (visualizations for language targets, applications in search and social networking... the sky's the limit!).

Saturday, October 27, 2007

Jet City: Derby of the Dead

Just got back from Derby of the Dead: a doubleheader of Black vs. Blue (two mashup teams of Jet City rollergirls), and an invitational match between the Sacred City Derby Girls and Jet City's new travel team, the Jet City Bombers.

The Black vs. Blue bout was pretty evenly matched, and some decent derby. But the real action was in the invitational. Sacred City is all but undefeated (I heard they've only lost once—to Rat City), and this was the Bombers' first bout as a team, so perhaps a defeat was to be expected. But the match ended with nearly a hundred-point spread (ouch).

Sacred City pulled ahead right at the beginning; they had a few star blockers and some solid jammers. But I think what really won the game for them was their defensive coordination combined with Jet City's inability to learn from their mistakes. SCDG were great at controlling the front of the pack, so that every time their jammer made it halfway through the pack she had nothing but her own girls ahead, and they could just whip her through; whereas the Jet City jammers were constantly getting stuck behind a wall of two or three Sacred City blockers at the front of the pack, and the rest of their blockers hardly ever stepped up to try to break that wall or help their jammer through. On the few jams that they did make an effort to match Sacred City at the front of the pack, they did much better as a team, and held the score even for a few jams before falling to the back of the pack again (and sliding back down the scoreboard).

Sierra Fist did some really awesome jamming for Jet City, but unfortunately her best jam got discounted (the time got put back on the clock and the points taken off) because it was decided that Sacred City's jammer had been incorrectly sent to the penalty box, where she'd spent most of that jam. And Ta Ta Tina (who used to skate with my squad!) was getting in some really solid blocks [edit: apparently I'm an idiot; she was skating for the Blue team at this bout, not the Bombers; but she was still rockin']. But as a team JCRG's coordination and strategy just wasn't enough. They also weren't using the lead jammer position as strategically as they could have: every time a Jet City jammer broke out ahead of Sacred City's jammer, she'd just keep skating (probably trying to make up the point difference), but that usually just gave Sacred City a chance to catch up and match the points Jet City had just scored. Hopefully JCRG will be able to analyze this game after the fact and get some good takeaways and strategy from it.

One thing I didn't like was that Sacred City seemed to have a bit of an attitude. Perhaps the standards for bout behavior are different in California than up here; but it seemed like their team was constantly arguing with and yelling at the refs, questioning every call, and their skaters were swearing and giving the finger when they were called out. I totally get that derby is an aggressive sport, but some of it seemed in bad taste to me (especially for a team that was so obviously winning). They even had some fans and statskeepers in the bleachers next to me who were laughing at and mocking the Jet City skaters. Sure, some friendly trash-talking is all part of the bargain, but making fun of people for falling? or for what they're wearing? I thought derby fans were better than that.

My final gripe was that the score whore this evening was pretty disappointing. She wasn't even on skates (!), and she looked completely disinterested in what was going on. She could've been walking on a treadmill instead of around a derby track, for all it registered on her face.

To end on a positive (if not entirely derby-related) note, check out this most excellent skating video I just came across. I think this beats even the Google ball pit:

Friday, October 26, 2007

Solving Tough Problems: Timezones and DST

I spent all my time putting out fires this week, and none of my time adding cool functionality. The trouble really started when I tried solving what I assumed to be common problems. But of course, when I tried to figure out how other people had dealt with these problems, I ran into a brick wall. Well, not a brick wall actually. Instead I found lots of "solutions". All of which took me forever to realize they had nothing to do with my problems.

The disaster actually started out as planned. I was working on some functionality dealing with calendar data (which is a difficult subject). This should be a simple thing. You've got a user in one time zone and another user in a different one? No problem. This isn't exactly a new problem. There should be support for such a thing in all this advanced technology. And it should be very natural to convert between them. And it should be natural to work with both computer oriented times as well as human oriented times. By which I mean the ridiculous practices we have of leap years, leap seconds, timezone offsets, and daylight savings times.

As it turns out, I needed to find different solutions for two operating systems, and three computing platforms (and I'm not even doing much AJAX yet). Just to give you a quick overview, most of the problems arise around counting the number of seconds in a day.

There's 86400 seconds in most days. But things get hectic with leap seconds and more importantly daylight savings time (which adds or subtracts an hour from two days a year). PHP provides the function strtotime which lets you do stuff like strtotime('+1 day') to add a day, taking into account daylight savings time so that today at 6:00am "+1 day" is 6:00am tomorrow. Combine this with date-default-timezone-set and you're ready to go, no matter where your users are.

Python, smug as always [ed: I love python], provides a timedelta class, assuming 86400 seconds in every day. This is as opposed to being timezone aware (even if you install and correctly use pytz). And it gets worse. You can convert from a UTC timestamp using the handy method datetime.fromutctimestamp. But how do you convert back? Is there a datetime.toutctimestamp? No, there isn't. What about the traditional mktime? That's only going to work if the datetime you're working with is in the system's timezone. And don't even try converting your datetime to the system's timezone. The only way to access the system's timezone is time.tzname which is non-standard and incompatible with pytz. I ended up using a combination of calendar.timegm and datetime.utctimetuple. No searches I tried found this solution.

Don't even get me started on MySQL. Check out this article on timezone support. And take a look at this list of date/time functions. But don't try using the timezone db they've got for download. It was inconsistent with all the olson zoneinfo databases I saw. I had to use mysql_tzinfo_to_sql on a Linux system and copy the resulting SQL script to my Windows box and apply it manually (mysql -u root -p mysql < zoneinfo.sql).

That's probably enough geeking out / ranting for this week. Next week I'll tell you about how I solved my very unexpected "(13)Permission Denied" / "403 Unauthorized" / ".htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable" / "No input file specified" errors.

Thursday, October 25, 2007

Answering an age-old question

Which came first, the chicken or the egg? What is the sound of one hand clapping? And what happens when you give 16 Googlers ice cream, two limousines, two hours and no agenda?

Why, they go to Microsoft, of course. :)

Google Kirkland recently held an office decoration contest to celebrate our expansion into a new building in Kirkland (we Googlers are fond of office decorations). The Webmaster Tools team won by a landslide. Our prize? A limo ride to the local Ben & Jerry's shop, and ice creams all around. But we had the limos for two hours, so we decided to use the extra time to swing by Microsoft's Redmond campus to see if we could get a sneak peek at the beta version of their Webmaster Portal.

Google Webmaster Tools team at Microsoft

In the end we didn't make it much farther than the lobby (due to not knowing the last names of any of their team members), but good times were had all 'round.

Have a funny story about a team outing? Photos of your quirky office decor? Share them with us!

Tuesday, October 23, 2007

You say potato, I say linguistic train wreck

While checking out the new search queries data in Google Webmaster Tools this week, I noticed that I rank #2 for [separate wheat from chafe] (thanks to my last grammar rant). I was all ready to draft a follow-up post in the hopes of reaching a few more unenlightened searchers:

  • e + s is not pronounced [ex].
    So stop saying 'excape' instead of 'escape', and please stop saying 'expresso' instead of 'espresso'. Look it up. Really. It's espresso.
  • fiancé != fiancée
    If you choose to use the French word for "person to whom I am engaged", please be aware that (although they sound the same when spoken) there are two versions of the written word: fiancé is masculine, fiancée is feminine. A pre-husband is not a fiancée, nor is a pre-wife a fiancé, unless there's something they haven't been telling you.
  • nuclear
    I might be able to forgive him for stealing the election... twice... invading Iraq, ruining our international reputation, destroying the environment, attempting to constitutionally ban gay marriage, running our debt sky-high, and spending most of his time on vacation, if only Bush would stop saying 'nucular'. There's no vowel between the 'c' and the 'l', buddy. It's 'new' + 'clear'.
    ...Though on second thought, I probably wouldn't forgive him even then.

Yup, I was ready. But then I saw this article on YOUmoz. It argues that one man's grammar tragedy is another man's wordplay (using the examples of mondegreens, snowclones, and eggcorns):

You'll find these linguistic occurrences are popular on satirical websites like Fark and SomethingAwful, in cartoons and TV comedies, on the radio and in movies. Custodians of grammar may frown at the decay of 'proper English' but the laziness of online writers is a boon for observing the hyper-evolution of our language.

I shelved my draft and lamented having become a codger at 25.

But I think this commenter summed it up well for me: it's not that I don't like change in language. I love linguistic puns, code-switching, and other creative forms of breaking the "rules". I love hearing language twisted for clever or comedic effect; I just don't like hearing it twisted out of ignorance.

My phonetics professor in college used to dream of the day when everyone would learn the IPA (International Phonetic Alphabet) in school and mispronunciation would become a thing of the past. News anchors would no longer hesitate over the pronunciation of foreign names. You would no longer be asked to phonetically transcribe your name using English characters (most frustrating exercise ever!) so that the principal can read it out correctly at graduation. And Wait Wait... Don't Tell Me! wouldn't get to make fun of Bush for needing a phonetic cheat-sheet in his speeches.

While we're on the subject of language, I found this article on the language of the Berkshire Hathaway annual report both insightful and reassuring. At least I'm not the only neurotic out there.

Sunday, October 21, 2007

Dumbledore is gay!

Wow! Did anyone else see this one coming?

Rowling said Dumbledore fell in love with the charming wizard Gellert Grindelwald but when Grindelwald turned out to be more interested in the dark arts than good, Dumbledore was "terribly let down" and went on to destroy his rival.

That love, she said, was Dumbledore's "great tragedy".

I can't wait to see the conservative response... now Harry Potter promotes both paganistic devil-worship and homosexuality! As Bush would say, that's a double whammy.

Saturday, October 20, 2007

Google Experimental (who knew?)

One of the things I love about Google—and that drives me a little crazy—is that they're constantly coming out with so much cool stuff, both big and small, that it's hard to keep up with it all. I'm loathe to say impossible (since sites like Google Blogoscoped do a pretty bang-up job), but I'd rather spend my free time listening to NPR or playing cards than stocking up on Google press releases. So I miss a few things here and there.

Just last week I found out about Google Experimental: Google is constantly running experiments on their search pages, but usually you only stumble into them by chance (and often don't know you were in one until you think about it later and go "Wait a minute, did I really see [whatever] on that SERP?"). But apparently, with Google Experimental you can explicitly enroll yourself in certain experiments to try out new features that Google is testing for search. Cool, huh?

Looks like it's been in Labs since May. Apparently I live under a rock.

Bookmarks and badges

Everyone love badges, right? The "Collect the whole set!" mentality is indoctrinated into us by cereal box giveaways and from Boy/Girl Scouting on up. Badges are cute and colorful and better yet, now that we're grown-ups we don't even have to do anything to earn them, we can just grab them off the web. :-P

So we've added a variety of bookmarking and web 2.0/social software-type badges to our posts. Yeah, I know, we're behind the times on this and some people just find it tacky; but, well, it's an experiment. Please let us know whether you find them useful, garish, and/or if there are any we should add (or any you think are a waste of space)!

Credit to 3spots for pointing me in the right direction.

Wednesday, October 17, 2007

That crazy driver who just passed you? She might be a rollergirl

When I get out of roller derby practice I tend to drive a little crazy. After two hours of racing, cutting other people off, and taking the corners as tight as you can, it's hard to get in a car and immediately turn all of that off. I'm usually still panting and full of adrenaline for the first part of my drive home. The funny part is, I've asked several girls in my squad and they all admitted to the same tendency. I'm not trying to make excuses, I'm just saying... this may give some context to any bizarre driving experiences you've had late at night near a roller rink.

Our rink is a ~40 min. drive from my house, so I spend > 2.5 hours/week on the road. When I don't have someone on the phone to chat with, it's quite nice to have that time to myself, just to listen to music or be quiet and think. I spent more of my youth than I care to remember road-tripping, so I find being on the highway pretty relaxing (as long as I don't slip into "Must race... must kill" mode). Sometimes I'm eager to go to practice, and sometimes I have to force myself out the door (in anticipation of the pain), but the drive is always a nice buffer to be by myself and get in the mood for skating.

On my way home from the last practice I was thinking about friends. Y'know how different friends are good for different things—maybe one's a great listener, another one is completely unreliable but really good for going out dancing? I love some of my friends because I can completely be myself around them—even if that means I'm angry or lazy or just plain uninteresting for awhile. But I also appreciate having friends who make me want to not be who I am: who make me want to be more than what I am, who inspire me to change myself for the better and to push the limits of how I see myself.

My derby girls are that kind of friend. I don't take easily to athleticism, but after a practice with them you could almost talk me into signing up for boot camp. They make me push myself way past my comfort zone, make me yearn to be strong and skilled and full of endurance. I don't always live up to the skater I want to be, but I love knowing a group of girls who constantly remind me of how I need to work to get there.

How to have a successful wedding be way too uptight

Remember when we told you that the secret to a successful wedding is to not take yourself too seriously? Well, apparently these folks either didn't read our blog, or forgot to write that one down:

A New York couple sued a florist for $400,000 for using the wrong color flowers at their wedding—a mistake the newlyweds said caused them "extreme disappointment, distress and embarrassment."

Tuesday, October 16, 2007

The world in your radio... literally.

Today our local NPR station finished its week-long pledge drive (thank gods). Of course I dislike pledge drives as much as the next person, but I'm proud to say that Nick and I donated to the station on the first day of the drive. Last year's drive finally got to us and we decided that after years of avid NPR-listening it was time to become members. (And yes, even though it's hooooorribly cheesy to say so, you do listen differently once you've pledged. But only during the pledge drive, when you get to feel smarmy and superior for having donated. After that it feels like normal again.) :-P

Then on Saturday I considered taking it all back when, during the inane motivational prattle that inevitably accompanies pledge drives, one of the announcers said (during the Rick Steves travel show), "KUOW's in-depth reporting brings you the world through your radio. And right now we're literally bringing you the world with Rick Steves."

Literally? Really? I'm still waiting for someone from KUOW to show up at my door with the world. Maybe that was the thank-you gift for my particular pledge level?

Happily, however, I am not alone in my grammatical neuroses: there exists a blog all about misuse of the word "literally". I'm glad someone else is writing this sort of thing so that I don't have to.

Monday, October 15, 2007

Blog Action Day: a retrospective

Today is Blog Action Day. From the official site:

On October 15th, bloggers around the web will unite to put a single important issue on everyone’s mind—the environment. Every blogger will post about the environment in their own way and relating to their own topic. Our aim is to get everyone talking towards a better future.

Of all the adjectives I could think of to describe Nick and me, 'environmentalist' is not the first that springs to mind. But looking back over our blog it seems we've actually written more environmentally-focused posts than I would've thought! In honor of Blog Action Day, a retrospective of our environmentally-related writing this year:

If you're looking for more reading material, check out some of our friends' posts for Blog Action Day, and feel free to let us know about your favorite articles or contributions from today.

InfoCamp 2007: Wrapup

I don't know if I have a whole lot to say that I haven't already. You can see all the posts I made from InfoCamp Seattle 2007 by checking out my infocampseattle2007 tag.

The event was great. I met some great people like the keynote speaker, Nick Finck, the plenary speaker, Bob Boiko, some of the organizers, Aaron Louie and Kristen Shuyler, and some innovative librarians, such as Whitney Edwards and Justin Otto.

My second session on short cut access to information was cancelled since there were only about 20 people left by the end of the second day and there were about 4 sessions competing for them. But I did get to attend a session that showed an example where a lot of work got done without enough user research and led to a lot of unanswered questions about how to proceed.

At the end of the day we had "five minute madness" where we all shared a few comments about what we liked, what we didn't like, and what we learned. Nick Finck pointed out what a great ROI we got from this un-conference: the whole thing cost $20 for registration, we got two days worth of breakfast and lunch, tons of sessions, a great keynote and plenary, and we got to meet a lot of smart people from across the information ecosystem. And he's totally right. InfoCamp Seattle 2007 was supported in a big way. From the InfoCamp Seattle 2007 wiki:

  • ASIS&T - The American Society for Information Science & Technology
  • UW iSchool
  • Information Architecture Institute
  • Ascentium - interactive marketing and technology
  • Blink Interactive - user experience consulting
  • Digital Web Magazine - online magazine for web designers, web developers and information architects
  • One Economy - a nonprofit organization that brings broadband to the homes of low-income people
  • ZAAZ - web design services with technical and creative design
  • Ginger Palace Restaurant - sponsor for lunch on Saturday

Sunday, October 14, 2007

Across The Universe

Wow. Just got back from seeing the film Across The Universe. It was superb.

When I first saw the preview for this film, it looked unlike anything I'd ever seen, and I knew I'd have to watch it. They certainly pulled some of the most titillating scenes for the preview, but the entire visual experience is fascinating and bizarre. Think Tommy, but more accessible. Think Michel Gondry, but more psychedelic. (Incidentally, my favorite random shot was of a head shop called the Psychedelicatessen.) Think Moulin Rouge, but more giant puppets.

I'll spare you the movie review in full; what really struck me was the role art played in the movie and the feelings it evoked in me. The main character is an artist, several of his friends are musicians and performers, and all the emotion and turbulence of love and the 60s and the Vietnam War are wrapped up in and expressed through their art and their music. (Oh yeah, and there's the fact that the movie is a musical, too.) The viscerality of it all was fascinating and was something that I'd partially forgotten. One of my best friends is an Artist; during the periods of my life that I've spent with him, I remember feeling some of that same visceral quality. There's something... fascinating? eerie? about art in the way it makes you feel more alive.

I spent a couple weeks at RISD on my way to and from Paris, and the energy there was amazing. There's no way to say this without sounding corny, but you could just feel that there was this confluence of creativity all pooling together, people feeding off each other's ideas and amazing secret things coming to life behind every closed door. Just being in that environment was energizing... like being a fluorescent light near a Tesla coil, lighting up simply by being in the vicinity. After a week there I was sketching, writing poetry, drafting stories and dreaming up crafts projects for months. (I'm actually quite glad of the timing, because I made some really neat sketches in Paris that I normally would never have thought to even attempt.)

So what is it about our relationship with art and music? I used to think that some people were just born with art and creativity in them, and they spent their life trying to pour it out onto paper (or any other medium). But now I'm thinking that art shapes us as much as, if not more than, we shape art. Or at least that being able to express ourselves in that particular way taps into some part of ourselves that we rarely stimulate in other situations. There was this great scene in Across The Universe where he was pinning strawberries on a white wall and they were dripping juices like blood running down the wall. How evocative is that?? How else could you create that feeling, that strong, without just doing it?

A fellow skater is applying to live in an art commune that's starting up in Seattle. I really hope she gets in; maybe I can go visit and some of that stardust will rub off on me. In another life I'd love to tap into that lifestyle more; but for now I'm feeling pretty suburban and yuppie. It seems I'm settling for occasionally drooling over the graphic novels in the bookstore and dreaming of the days when we could draw on the walls while listening to Philip Glass.

InfoCamp 2007 Live: Plenary by Bob Boiko

Day two at InfoCamp Seattle 2007 is underway. We began the day with a YouTube video titled "Information R/evolution". It's pretty slick:

We just got a very interactive (reminds me of my best lectures back at Cornell) plenary session delivered by Bob Boiko, instructor at University of Washington's Information School, author of the Content Management Bible and Laughing at the CIO, and president of Mediatorial Services.

Bob started with a quote from the cover of an issue of (the now defunct) Business 2.0 magazine: "Forget everything you know about business". He argues that we don't actually throw away old information. In fact, he argues, we "reinvent, refine, [...] and rearrange" information, building on what has come in the past.

The plenary consisted of trying to answer the question, who are we as information professionals? A couple of highlights from the answers he elicited:

  • We make the process of accessing information easier
  • We deliver information of high quality
  • We elicit the right question from users to answer their questions
  • We improve the experience of finding the question and then answering that question
Bob rounded all this out with the statement:
We hook up the knowers with the want-to-knowers.

However, he argues that this process needs to be personal and typically should involve lots of people. He argues that there are tons of idle brains around; "this is not a limited resource" he says. This sounds a lot like the current trends in social sites (a.k.a. web 2.0).

Then there's the notion of "cross pollinators" which Arron Louie brought up while introducing the key note. Regarding this, Bob asked three questions:

  • Are we cross pollinators?
  • Is that valuable?
  • How do we do it?

Regarding the first two, we all agreed that the answer is yes. As for the third, that's what this BarCamp is all about!

In fact, Bob asked me to give a session about making access to information "easier" (in this case, faster). This was after I brazenly argued that I know how to speed up access to a specific type of information by an order of magnitude in all cases. I think I'll call the session "Shortcuts to Information: Increasing Time to Access by an Order of Magnitude". By the way, an order of magnitude may just be a rhetorical device in this case...

Saturday, October 13, 2007

InfoCamp 2007 Live: My Session on Calendaring

For my participation at InfoCamp Seattle 2007 I presented some user interface issues with calendaring systems which is something I've been doing for a while now. I'm far too modest to go into too many details (maybe I'll write a blog post about it in more detail later, plus I'm dead tired after Thingamajiggr last night, and a full day of InfoCamp), but below is a quick overview of some of the problems I'm interested in investigating and addressing. I also looked at some different calendaring systems and programming languages with regards to how they address these issues.

  • Storing Time
  • Storing Repeating Entries
  • Editing and Deleting Repeating Entries
  • DST and Repeating Entries
  • Entries on the DST boundaries
  • Users in multiple timezones (especially when not all observe DST)
  • Programming Language Support for Date Arithmetic

So that sums up day one of InfoCamp Seattle 2007. So far, so good. By the way, my Lenovo Thinkpad X60's battery performed admirably: after a full day of note taking, blogging, and presenting I'm at 47% with an estimated three hours and 21 minutes remaining. Not too shabby.

I should also point out that I'm using photos (most graciously thankfully for) from Kristen Shuyler, one of the organizers of InfoCamp. You can find more at Flickr tag infocampseattle2007.

InfoCamp 2007 Live: Gateways to Information and Information Technologies in Public Libraries

The first session I attended at InfoCamp 2007 was titled "Gateways to Information" presented by Justin Otto, a librarian at Eastern Washington University. He was primarily interested in investigating how to bring the often vast information resources at libraries to library patrons. In fact this is a topic of interest to many of this weekend's participants, many of whom are librarians.

The session was part feedback session for EWU's library website, and part general discussion on accessing large amounts of information from many different (and often walled-garden style) data stores.

Consider the many kinds of information available at a library:

  • Library Catalogue
  • Research Databases (such as JSTOR and ProQuest)
  • Subject Guides
  • Library Events
  • Information About Local Organizations

It seems as if most of these libraries traditionally present the user with lists of links (dozens), sometimes categorized, but typically along single dimensions (such as subject areas). Often there are search facilities, but either the search is not a unified or federated one (meaning you must already know what data store you're searching under first) or the search facility provides poorly ranked results (perhaps due to poor result integration).

My fellow session participants and I came up with a few general principles which we find useful:
Unified Search
Make all information from the library (events, catalog, research databases, etc.) available from a single search interface, with high quality results integration. Make this search facility available on every single page.
Bread Crumbs
Someone brought up Steve Krug's infamous Don't Make Me Think with respect to his comments on creating a bread crumb trail to help users navigate a site.
Card Sort Analysis
This is one I hadn't heard of before, but someone suggested placing content areas on cards, handing the cards to users, and asking them to categorize the content into a hierarchy. Given the amount of content at a library and its complex relationships, this seems like an excellent technique to get a feel for how users might want to navigate subject areas.

I stayed for a second session on Information Technology in Rural Libraries given by Whitney Edwards, Elliot Edwards, and Katy Herrick of the Libraries of Stevens County in Eastern Washington. It sounds like they're addressing some interesting problems with some innovative techniques.

Stevens County has nine very rural libraries, each with different resources and its own collection. The population of Stevens county is technologically literate (seemly very much so!); however, the internet service opportunities in Stevens County seem to be limited. Most patrons of the library have only dial-up access.

Whitney and her colleagues provide several important services to their community. A very popular one is high-speed internet access (available wirelessly). The Stevens County librarians also maintain a wiki for the library that also performs as a local organization repository.

InfoCamp 2007 Live: Keynote by Nick Finck

I'm attending InfoCamp 2007 today and tomorrow and (trying to) live blog it. I just sat through the keynote given by Nick Finck from Blue Flavor. What a great name eh? I was competing with him to present a session, but he gave up and rescheduled his once we saw my name go up :)

Nick started by bringing us into the context of the information age as it transitions into the age of information overload. He cited two studies, the first in 2000 discovered that each user produces over one exabit of information (I'll check on this when I get a chance). The second study, in 2002, revised this number up by double, and discovered that the amount of information doubles every three years. From this data he draws the conclusion that we're drinking from a fire hose of information.

Nick also lead us through the notion of differing user experiences and contexts. Specifically he noticed the difference between the developing world, our culture, and societies embracing ubiquitous, mobile computing experiences. Did you know that in Japan even posters are tagged with barcodes which mobile phones can read, automatically adding the event to your calendar? Nick asked the question, how can we create user experiences, and provide access to this wealth of information to all these various users, through their various modalities and contexts?

Finally Nick asked, what's next? And admitted to having no crystal ball. However he did note that he sees more and more ubiquitous computing (an LG internet fridge in the UK). And he sees a place for this ubiquitous access to information. He concluded that this is a good industry to be in, noting the many attractive job postings for "information professionals" (not the MS definition). This is good news for you and me :)

I gotta run to the first session now, I'll update later (and try to cite those two studies on information production rates and provide more concrete details)

Friday, October 5, 2007

Marc Andreessen rips on SteveB

I was going to compose a post about how social networking is not just a fad for "younger" people (which of course means it's not going anywhere once we all grow up, right?). But after Marc ripped on Steve's quote (above), he wrote the post for me: Social networking and the Geocities fallacy.

But there's always more to say when some "older" person (which of course means irrelevant and out of touch, right?) rips on something new. I don't mean to offend (I don't believe either assertion about age), I'm just pointing out the arbitrariness of SteveB's statement. And wasn't he a "younger" person once? And wasn't there something that appealed to him that made him and Microsoft what they are today (have you seen the explosive revenue growth for the latest FY?)

That aside, the feature list comparison between Geocities and Facebook (and Ning too) only points out that part of the comparison is wrong (the feature equivalence). What's more interesting is that the idea behind social networking a la Facebook/Ning is both new, and more importantly, useful to society. I'm going to go out on a limb here and say that contact with friends is not a fad, and that technology supporting that, facilitating that, enhancing that is relevant, valuable, and sustainable. I wouldn't say I'm an expert in social networking, but I think staying in touch with friends and colleagues helps me achieve my potential. And that reminds me of someone's mission statement.

By the way, I just joined Facebook :) It's pretty cool so far. I'm pretty pleased with my 27 friends in under 24 hours. I've actually chatted with (good) friends I haven't been in touch with in years. Some of them are married, god forbid ;)

Sunday, September 30, 2007

2007 Roller Derby Championship

This weekend the eight best roller derby leagues in the nation have sent their all-stars down to Austin, TX for the 2007 WFTDA championship tournament. The contenders:

It's a big tournament for Rat City because Texas was the league that revived roller derby in the 00's, so they've been the dominant league for awhile (they've been skating and scheming for the longest), and they beat Rat City at the Bumberbout last year (on our home turf); but Rat City beat them in the 2007 Dust Devil regional tournament (earning the title 'Best of the West'), and again when Texas' Honky Tonk Heartbreakers played an invitational against our Derby Liberation Front here in Seattle in May. So Rat City has been showing strong and earning their reputation as one of the toughest, fastest leagues in the nation. Now the 2007 Nationals are on Texas' home turf, so we've all been biting our nails wondering what the outcome will be. Several girls from my skating squad have been texting us play-by-plays and news from rinkside.

I'm pleased to announce that, as of a few hours ago, Rat City beat Texas in a neck-and-neck bout, 89 to 79!!! Go Seattle! Lead Jammer has been live-blogging the bouts at Nationals and has a great play-by-play of the RCRG-TXRD bout here (click 'Archive' > 'Bout 6'). Sounds like it was an amazing game, especially since Texas was up by 11 points at halftime. If anyone finds video footage online, please let me know!

A Saturday in Dublin

I've got to say, it's good to be back home. Traveling is exciting but it's also tiring and unfamiliar. Adam and I spent our second week in Dublin in nearly back-to-back trainings, meetings and conferences. We'd originally planned to take Friday off and do a long weekend in Galway, but we ended up staying in the office on Friday just to unwind and have informal chats and follow-up with all the folks we'd been training and talking with all week. Also to raise a pint with a friend to celebrate his imminent return to the US of A. As much fun as it sounds to go traipsing around Ireland, I think the Friday was well-spent, since one of the biggest benefits I got out of this trip was getting to know the Dublin-based Googlers better which has heightened my sense of commitment to them.

I did get to spend Saturday being a tourist, however, before flying back to the US on Sunday. Adam took the train up to Howth, and I stayed in Dublin and just spent the day walking around, mostly in the Temple Bar area. Being in Seville had reminded me that I'm a somewhat abnormal tourist: rather than rushing around to see all "The Sights," I'd rather take my time, check out some places that real people (dare I say locals?) might actually frequent, stop when I want, and just savor the time.

slide-guitar player It was in this sort of spirit that I spent an hour sitting on a street corner listening to this Dublin cowboy playing some of the best slide guitar I've heard in I-don't-know-how-long. I have to admit that the Josh Bell experiment crossed my mind; who cares if I have no idea who the hell he is, if the music is so good it makes me want to stay until my butt's fallen asleep? I also went to an open-air book market, a "fashion" market (clothing and jewelery), and a really fantastic farmer's market in this hidden little square that I just happened to stumble across.

After wandering for awhile, I walked back out toward the river (like most significant European cities, Dublin has a river running through it) and saw crowds of people lined up along the river and on the bridges. One of the onlookers told me that it was the Liffey Swim; apparently once a year hundreds of people jump into the River Liffey and swim a couple miles downstream. It's one of the big events of the outdoor swimming season. And I happened to arrive just a couple minutes before people started launching themselves from the starting line:

Liffey Swim

The swimmers had to go through a decontamination shower when they got out of the river (yum). More photos from the day available in my Picasa web album.

Saturday, September 29, 2007

Sojourn in Seville

More notes from my Europe trip... I arrived in Dublin on a Tuesday, and then on Wednesday turned around and flew (along with a bajillion Dublin Googlers—or is that Google Dubliners?) to Seville in a monster double-decker jet. I can't remember ever being on a plane this big. Luckily I was still too sleepy (thanks, jet-lag) to put much energy into worrying about how something that large can fly.

We were all travelling to a Google conference in Seville that lasted for three days and covered a variety of topics specific to our EMEA offices and markets. It was quite interesting for me to hear about our business from that perspective; Google is a global company, but sometimes it's easy for American Googlers to forget about this since we develop our products in English first and most of us aren't too tapped into what's going on in foreign markets.

It was raining and in the 50s when we left Ireland, but sunny and over 100° when we stepped off in Spain. The Dubliners were particularly excited since apparently it had rained in Dublin for the last 60 days straight (!). After checking in to our hotels we wandered around downtown Seville for the rest of the afternoon, meeting Googlers from various offices all over Europe (Seville city center was completely swamped with Googlers, it was kinda other-worldly). I love that all the folks I met were friendly, engaging, and easy to hang out with even though we'd only just met.

narrow Sevillan street

Like many European cities, Seville has its own feel and lots of intriguing architecture and city layout that are unusual to my American eyes. Most of the streets are unbelievably narrow and winding (good luck giving directions in this city!). Even with a map you'll get lost at least 5 times before you make it anywhere. I can't imagine how anyone deals with having a car here. Many of the streets seem not to be wide enough to even fit a car. Lots of building exteriors are painted with the same dusky yellow color:

Sevillan house

While I was in high school I spent a couple weeks in northern Spain (Burgos), but I'd forgotten about the Spanish evening schedule: lunch starts around 2 or 3p, and instead of dinner at 6 or 7, people go out for tapas at that time and then have dinner as late as 10p. As a high schooler I thought it was a great setup (that way you can hang out with your friends all afternoon/evening rather than having to come home at 6 for dinner and then not being able to escape again for the rest of the night); but this time around it just left me wondering how people digest so much fried food so late in the day. The Sevillan specialty dish is apparently frito variado (assorted fried fish), and Adam and I ended up one night with an entire fish, sliced into rings and then fried and then plated in the order that it had been sliced (head and tail and all), so it still looked like a fish, just with some space in between. It was tasty (and this coming from a girl who doesn't like fish), but I don't think I could handle it on a regular basis.

Guadalquivir After the conference was over I stayed the weekend in Seville with a few other Googlers and did some sight-seeing. One of my favourite parts of the city was the river (Guadalquivir) that runs through Seville. Something about it reminded me of the Seine in Paris; probably the wide stone walkways down by the water, and all the people biking and strolling down there. Souvenirs brought back from Spain: a tiny oil panting of a street scene from a street vendor, and a really nasty cough (both of which I still have three weeks later...).

Wednesday, September 26, 2007

Big News: I'm Moving Forward

I'm not moving away, I'm not moving out. I'm moving forward. Last week I quit my cushy software development job to strike out on my own. I've been kicking around various snippets of code, design, research, and blogs (not so much blogging actually). All of which I plan to do more of. A lot more of.

Someone who's seen what I've been reading recently might blame The 4 Hour Work Week. But that wouldn't be (completely) correct. I did find it pretty inspirational—who doesn't want a fabulous lifestyle and to work only 4 hours per week? But someone who knows me will tell you that I will never find a 4 hour work week fulfilling.

So what's next for me? I guess I'm still figuring that one out. And frankly, I love that attitude :) I think I'll try that out for a while. I've got a couple of things cooking, and cooking a couple of things on my own is turning out to be pretty complicated. One of the things I'm hoping to do more of is writing, and writing interesting stuff. So stay tuned.

Monday, September 17, 2007

Two weeks in Europe

I just flew in from Dublin, and boy are my arms tired!

Adam and I just got back from two weeks in Europe, most of which was spent in the Google office in Dublin. The Dublin office is completely fascinating (for a language geek like me) because it's very international and anywhere you wander in the office you can hear people speaking to each other in French, German, Turkish, Swedish (often at the same time!)... We've been taking advantage of their international expertise and spent the last couple weeks working to improve our webmaster communication efforts outside the sphere of just the USA or the English-speaking market.

So the single biggest thing that struck me upon arrival in Dublin was (and you're gonna laugh): there are no bugs! I'd forgotten from my time in England that there are no screens on the doors or windows there. You can leave them all open—even when it's dark out, and the lights are on inside—and no bugs come in! It's amazing! I have no idea why this is the case, but it's so.

Actually Ireland reminded me a lot of England in some ways. The driving on the left, of course; but also the styling of their street signs, the storefronts, the architecture of their houses. I was trying to describe what makes the buildings different from in the US, and the best I could come up with (aside from all that classic red-orange brick) is that the building-fronts are very flat.

houses on a typical Dublin street

The neighborhood in which the Google office is located used to be not-so-desirable, but is undergoing a rejuvenation (at least, according to my cab driver). Observe all the cranes:

cranes along the quay

I did do a day of touristing around Dublin [edit: details here], but most of my time was spent in the office at breakneck pace: back-to-back meetings most days, giving presentations, talking one-on-one with people, even answering Q&A on a panel at a conference. It was a fairly overwhelming couple weeks, but definitely worth it. Meeting all of the international Googlers who were there was not only a pleasure (one of them is a fellow Rubik's Cube enthusiast!), but gave me a new perspective on the importance (for Google) of building our international presence. Now my challenge is to synthesize all the information I whirlwinded through and to bring it back in a useful form to my colleagues stateside.

Friday, September 14, 2007

Why Knowledge isn't Lost

It's been a while since we posted. Sorry about that. Big news coming up... Anyway, someone told me recently that he feared that human knowledge is no longer resting within the minds of people. Instead he's afraid that we've become dependent on technologies like the internet. And he sees this as a big problem facing humanity as we move forward. Being part of the internet generation and community, I disagree.

First of all, I don't see knowledge as disappearing from our minds. It may be true that in education we are focusing on more and more advanced topics, leaving out in-depth understanding of the basics. But this just forms the basis of other knowledge which is emerging and which does rest in our minds. The same thing has happened with other paradigm shifts. See this O'Reilly Radar article for more information about what I mean by paradigm shifts, which describes the paradigm of the future as "expertise". I think this notion of "expertise" is a better way to think about the issue.

Second, we're striving for productivity. The human mind is like a sieve. If you read Lifehacker, you know what I mean. Our minds are great at executing on plans, pulling in the necessary information, and synthesizing the desired result. But for storing information it's terrible. Here's a couple more links.

Consider this post by Chris Brogan where he writes: "I try to have a fresh new blog post out every day. And if I’m really motivated, I’ll put up two or three as things land in my head." And check out the very related book "The 4 Hour Work Week" by Tim Ferris (an excellent read).

I'll agree that relying on volatile storage presents some dangers. Some might argue the web/internet/collection of electronic knowledge is volatile storage. It would be interesting to see if this is the case. Surely there are competing effects: introduction of new information, loss of information (due to time?), re-introduction of existing information (reposting, re-synthesis, etc.). But how do these interact, and are we in a steady state? Is more information being lost than gained? Or is it the other way around?

Thursday, August 30, 2007

Three things on my desk

One of our friends/acquaintances blogs for Cranium, and while checking out their blog I was tickled by their recurring "Three things on my desk" posts. It seems like Cranium has a lot in common with Google in this respect: fun office, creative people, sense of humour.

In honour of my team's move to our new building, and subsequent redecoration of our (awesome!) new space, here are three things on my desk:

  1. trophy 3rd place trophy from the search engine slot-car racing showdown at Alan's Vintage Tub & Bath-hosted dinner during SES! Too bad it was third out of three, hehe. :(
  2. pink flamingo pen Pink flamingo pen. Back when I worked in a café, we made everyone sign their credit card receipts with a pen just like this. Ahh, those were the days... It significantly lowered our pen-stealage rate, that's for sure.
  3. devil ducky Devil ducky. What office is complete without one of these?

Tuesday, August 28, 2007

Keep It Web Based, Even If You Don't Trust the Servers

John C. Dvorak recently wrote a scathing commentary of web based applications. He makes some great points, specifically about WGA having serious issues beyond technical difficulties, and the problems with single point of failure. But he goes on to declare that web based applications are flawed and that we could be at least as successful if we reversed the trend toward online services and returned to client-only applications. I think this conflates the issues, and I disagree with this attack on the vision of web based applications.

The problems due to single point of failure are caused by a failure of implementation. I want to focus on the vision aspect of Dvorak's article. The benefits of web based applications are due (among other things) to powerful, inherent concepts: available always, available anywhere, and available with anyone.

Available Always

Dvorak writes,
What happens if the system fails? The damage wouldn't be too bad if you backed everything up, but then why use the online system in the first place?

System failure, backup, and recovery are details which any software product should handle by itself, rather than Dvorak's model of "control your own data". Putting aside privacy issues for a moment, as a user I don't want to have to maintain my own data.

Consider the automatic save feature that's been built into Microsoft Office apps for a long time, and since then copied by many others. It's automatically saving everything you do, so you, as the user can focus on your work. However, even this just punts the issue to your hard disk which might fail at any moment. I have to confess, I don't back up my hard disk (who does?). Instead, I try to use systems which handle this piece for me as well. Web based systems are very well placed to do this, better even than client applications because the implementation and maintenance are completely in the hands of the service provider, rather than the user.

Available Anywhere

Dvorak also writes,
What happens if the timeline goes the other way? In this instance, you'd start with server-based online applications, and then suddenly a new technology—the desktop computer[appears...] "Now control your own data!" "Faster processing power now." "Cheaper!" "Everything at your fingertips." "No need to worry about network outages."

I believe that "everything at your fingertips" means I don't have to carry my own computer around with me everywhere. I love having my email client anywhere. I love having my blog writing software just a URL away. And my goal tracking software is available to me, no matter what computer I'm using. And I get consistent performance (nearly) every time for all of them. I don't need to worry about carrying my data on a memory stick. I don't need to worry about buying proprietary, licensed software. I just need the only thing I ever should: me. I need nothing else to be productive and get work done.

Available with Anyone

At one point Dvorak writes,
Easier to share files? So how hard is it to attach a doc file to an e-mail anyway?

Smooth collaboration goes beyond packing up your bytes and handing them over to someone else. Susan and I planned our whole wedding using Google Docs and Spreadsheets. If we had done this in a client-based spreadsheet app we would have ended up with at least 5 copies of the spreadsheet, all out of sync. The synchronization and collaboration features of web based applications were key to our success.

Back to the Failure

Towards the end of his article Dvorak writes,
What is often lost in individual analyses of how to proceed with your data-processing needs is the concept of "being at the mercy of a single company." It's something that you need to avoid at all costs.

He makes a really great point! We don't want to end up with single point of failure (through software or policy). However, and I won't dive into details, I believe that you don't have to "be at the mercy of a single company" to use "cloud computing". This is admittedly non-trivial, but there's a great start-up idea hiding here. In any case online service providers better get on board with this, since Dvorak is correct in this point.

In the end, I would argue that being at the mercy of a single computer, and, worse, at the mercy of a single person (i.e. yourself) is no better, if not worse, than being at the mercy of a single company. And that particular issue is surmountable itself, as I predict we will begin to see in the near future.