“Modern Software Over-Engineering Mistakes” is a nice collection of examples, results and reviews of over-engineering mistakes of the modern day.
CNA shares some interesting news:
A proposal promoting startups visa, aiming to attract entrepreneurs from non-EU countries will be submitted to the next meeting of the Council of Ministers for approval, Cyprus President Nicos Anastasiades has said.
Addressing a graduation ceremony of IDEA, a starup programme co-founded by Bank of Cyprus and CIIM, the President also announced that a proposal from the legal framework for university spinoffs, liking academic research with entrepreneurship will be tabled within the next three months.
“We believe that the Cypriot startup visa will be one of the most competitive and will bring multiple benefits in the medium-term both as regards new jobs as well as promoting innovation and research and the boosting the competitiveness of our economy,” the President said.
Of course, knowing how long things take in this country (especially if the government is involved) and how twisted they get by the implementation time, one shouldn’t hold one’s breath. But there’s hope, if nothing else…
Startups are born and gone every single day. Much more often so in technology sector. Most of these just disappear into the ether. RethinkDB at least leaves the useful trace of analysis of what happened and why they failed.
When we announced that RethinkDB is shutting down, I promised to write a post-mortem. I took some time to process the experience, and I can now write about it clearly.
In the HN discussion thread people proposed many reasons for why RethinkDB failed, from inexplicable perversity of human nature and clever machinations of MongoDB’s marketing people, to failure to build an experienced go-to-market team, to lack of numeric type support beyond 64-bit
float. I aggregated the comments into a list of proposed failure reasons here.
Some of these reasons have a ring of truth to them, but they’re symptoms rather than causes. For example, saying that we failed to monetize is tautological. It doesn’t illuminate the reasons for why we failed.
In hindsight, two things went wrong – we picked a terrible market and optimized the product for the wrong metrics of goodness. Each mistake likely cut RethinkDB’s valuation by one to two orders of magnitude. So if we got either of these right, RethinkDB would have been the size of MongoDB, and if we got both of them right, we eventually could have been the size of Red Hat.
Thank you, guys. There are valuable lessons in there. And three points, of course:
If you remember anything about this post, remember these:
- Pick a large market but build for specific users.
- Learn to recognize the talents you’re missing, then work like hell to get them on your team.
- Read The Economist religiously. It will make you better faster.
It’s amazing how well-timed this article is for the things that go on around me right now. But even if you are not spending most of your days, nights, and weekends building a company at this moment, have a go at it anyway. Here’s a bit to get you started:
My current hypothesis is that if you are a CEO, focus your organization on the three machines. Product, Customer, and Company. Then, have a direct report own one of them. If you have a sub-scale leadership team (e.g. you are three founders and four other employees), as CEO you can own one, but not more than one. As you get bigger (probably greater than 20 employees), hopefully now you have enough leadership to have one person own each, but recognize that if someone is being ineffective as a leader of one of the machines, you will have to replace them in that role (either by firing them or re-assigning them).
Here are some interesting news on the subject of Google and HTTPS:
In support of our work to implement HTTPS across all of our products (https://www.google.com/transparencyreport/https/) we have been operating our own subordinate Certificate Authority (GIAG2), issued by a third-party. This has been a key element enabling us to more rapidly handle the SSL/TLS certificate needs of Google products.
As we look forward to the evolution of both the web and our own products it is clear HTTPS will continue to be a foundational technology. This is why we have made the decision to expand our current Certificate Authority efforts to include the operation of our own Root Certificate Authority. To this end, we have established Google Trust Services (https://pki.goog/), the entity we will rely on to operate these Certificate Authorities on behalf of Google and Alphabet.
The process of embedding Root Certificates into products and waiting for the associated versions of those products to be broadly deployed can take time. For this reason we have also purchased two existing Root Certificate Authorities, GlobalSign R2 and R4. These Root Certificates will enable us to begin independent certificate issuance sooner rather than later.
We intend to continue the operation of our existing GIAG2 subordinate Certificate Authority.
If you need a bit of help putting this into perspective, this Hacker News thread has your back:
You can now have a website secured by a certificate issued by a Google CA, hosted on Google web infrastructure, with a domain registered using Google Domains, resolved using Google Public DNS, going over Google Fiber, in Google Chrome on a Google Chromebook. Google has officially vertically integrated the Internet.
Amitj Aggarwal, former Staff Engineer at Google (2008-2012), has collected a whole bunch of data in regards to engineers salaries, in USA and worldwide. His points seem to be overly optimistic at times, but I don’t have any links handy to contradict his research.
Here are a few points to get you started:
- Zoho, Salesforce pay 40% more than Oracle, Cisco, GE!!!
- Top 7% or so engineers at Netflix, Amazon, Google, Facebook are paid more than $1.4M per year. Next 10% make $700K on average.
- Facebook has lost relevance to Slack, LinkedIn, Snapchat, Pinterest and Quora. If you are working at Facebook ask for a 50% raise else move to a startup.
- Oracle is loosing to cloud startups. If you are working at Oracle ask for a 60% raise else move to a startup.
- ENGINEERS DO NOT WASTE MONEY ON AN MBA. You will make 2X more on average as an engineer.
- Tableau, Splunk, Slack, Airbnb, Quora, Twitter, Facebook, Google pay more than $320K salary to their top hires. Definitely interview at these fine places. Uber top engineer salaries are $190-340K per year.
- Starting salaries for fresh software engineering graduates is now $130K-160K. Ask shamelessly. For the best ones its ~$180K.
- Apple pays 60% more than Samsung.
“The True Reason Behind The 40-Hour Work Week & Why We Are Economic Slaves” doesn’t really say anything new, but it explains things nice and simple.
We automatically accept a 40-hour workweek with meager hourly pay as normal, even though many work overtime and still struggle to survive. There are also those who make enough to live comfortably but are unable to request less hours—you either work 40 hours a week, or you don’t get to work at all. We submit when told what to wear, when we have to arrive and depart, when we’re allowed to eat, and even when we’re allowed to use the restroom. How is it we have come to allow this?
The 40-hour-work week came about during the Industrial Revolution in Britain when at one point workers were putting in 10 to 16 hour days and began to protest. Working situations for Americans began to worsen as well, and by 1836, labor movement publications were also calling for a 40-hour workweek. Citizens in both situations were so overworked, an eight-hour day was easily accepted. This system is unnecessary now, if it ever was, but we still accept it due to the effects of our capitalist society.
It goes over the relationship of inflation, debt and consumerism with a few historical references. Good reading for anybody wondering why the paycheck-to-paycheck life cycle is difficult to change, no matter what’s the size of the paycheck.
In an office setting, I see power and influence gather around…
- The person with the newest, coolest and/or most expensive clothing
- The person with the larger corner office
- The person with the most assistants
- The person with the most impressive sounding title
- The person with the closest parking space
- The oldest, richest, whitest males
- The person who’s allowed to create or interrupt meetings
- The person with the most impressive social and public-speaking skills
- The person who uses their power to get what they want
In a distributed organization, I see power and influence gather around…
- The person who produces output and solutions that exceed expectations
- The person who can connect deeply with colleagues over a distance
- The person who can effectively and concisely articulate their own views and ideas
- The person who helps their coworkers be the best versions of themselves
- The person generous with their understanding of how to navigate the organization’s processes and culture
- The person who can give voice to unrecognized or unspoken truths
- The person who learns fastest from their mistakes
- The person who uses their power to empower others
It’s of course not fair to generalize this way. There are healthy traditional organizations where appearances are not necessarily the basis for power. There are probably unhealthy distributed organizations where power centers around the appearance of lots of activity that produces few good outcomes. But my experience so far is that a distributed organizational structure inherently facilitates an experience of power, empowerment and leadership that is better for the people in it, and for the work they are doing together.
I don’t have much experience working for a distributed organization, but judging by many Open Source projects, which are, in essence, distributed organizations, I’m inclined to agree with the above observations. I wouldn’t be able to put in words so well though.
Subbu Allamaraju says “Don’t Build Private Clouds“. I agree with his rational.
There are very few enterprises in the planet right now that need to own, operate and automate data centers. Unless you’ve at least 200,000 servers in multiple locations, or you’re in specific technology industries like communications, networking, media delivery, power, etc, you shouldn’t be in the data center and private cloud business. If you’re below this threshold, you should be spending most of your time and effort in getting out of the data center and not on automating and improving your on-premise data center footprint.
His main three points are:
- Private cloud makes you procrastinate doings the right things.
- Private cloud cost models are misleading.
- Don’t underestimate on-premise data center influence on your organization’s culture.
Here are a couple of interesting articles from the last few days on Slashdot.
First, comes in a very non-surprising survey saying that “40 percent of organizations store admin passwords in Word documents“. Judging from my personal experiences in different companies, I’d say this number is much higher if you extend the Word documents to Excel spreadsheets and plain text files. I think pretty much every single company I’ve worked at used such common files for admin password storage (at least at some point).
“Why or why?!!!”, the security concerned among you might scream. Well, I think there are two reasons for this. The first one is that password management is complicated. There are tools that help with this, but even those are rarely easy to use. Storing the passwords in a secure, encrypted storage is one thing. But, how do you share them with just the right people? How do you trust the tool? What happens if the file gets corrupted, the software updates, the license expires, or the master password is lost? The risk of losing admin access to all your equipment and accounts is scary. On top of that, there is the issue of changing passwords (especially when people leave the company) – not a simple job if you have a variety of accounts (hardware, software, services, etc) and a lot of people who have a varying degree of access. Or automation scripts that need access to perform large scale operations. Personally, I don’t think this problem has been solved yet.
The second reason is in this other Slashdot post – “Sad Reality: It’s Cheaper To Get Hacked Than Build Strong IT Defenses“. This is very true as well. A simple firewall and a strong password policy is often more than enough for many organizations. The risks of compromise are low. In those cases where it does happen, you’d often get some script kiddie consequence like a Bitcoin mining app or affiliate links spread across your website. Both are quite easy to detect and fix. Is it worth investing hundreds of thousands in equipment and personnel to prevent this? For many companies it is not.
The fact of the matter is that a lot of people don’t really care about security or privacy on the personal level, and that then translates into the organizational mentality as well.
Just think about people leaving in all those high crime areas. Some of them think the risk is worth it – maybe then can make more money there or have a more exciting life. Some of them simply can’t afford to move anywhere. That’s very similar to the digital security, I think. Some don’t care and prefer to run the risk, saving the money on protection. Some simply can’t afford to have a decent level of security.