Friday, September 30, 2005

The news of late / on race & entitlement

You'll recall in a previous post that I expected the investigation of New Orleans' city officials to find nothing good.

"I think it may be fair at this point to say that the governments of New
Orleans and Louisiana will be found utterly incompetent at best, and
irreversibly corrupt at worst."

With the recent resignation of the New Orleans Chief of Police and a probe into allegations of looting by NOPD officers, I think it's now fair to say that he doesn't want to stick around to be drilled by the press about his department's handling of post-hurricane security. The reality may be worse. If they suspect more severe - even criminal - repercussions as a result of their negligence, it's likely that more of those in positions of responsibility may take a similar exit.


On another note, I'm sometimes forced to watch "Dr. Phil" in the mornings on videotape - my wife owns the remote before work, and she catches up on a few shows each A.M. I at least appreciate that he finds very tactful ways to give very confused people a reality check, and am comforted that his views and advice are consistent with (or better than) my own opinions on a given subject.

The last show of which I saw a part, was on the topic of race. One of his guests was a black man that was perceived by his black friends as "too white". There were some humorous bits of video to establish both sides of the argument, but the thing that stood out was the guest's comments on Affirmative Action. I don't have the exact the exact quote, but he was very much opposed to the premise on which Affirmative Action is based. He said (paraphrasing) "I want to be advanced based on my merits."

I had written - and Blogger.com had lost - a very eloquent dissertation entitled "Mourning the Death of the American Meritocracy". It was inspired by weeks of headscratching and frustration with the overall lack of accountability and presence of an entitlement mindset in America.

In the wake of that exercise, this man's words struck a chord of hope with me - that despite his friend's allegation that you become a democrat based on the color of your skin, there are people of all backgrounds who still believe that the entitlement society is an inherently evil thing.

I no more believe that the crime and drug problem in this country is linked to race than I believe one's ability to succeed is based on it. There are statistics galore that paint the American drug problem as a predominantly caucasian issue (for instance, 80% or more of users aren't black).

However, if your only news sources are broadcast television and the local paper, it's easy to believe that black people are the main problem with crime & drugs, and that white people control the world.

This type of journalism is certainly sensational, but it does a terrible disservice to the American citizenry. It's not complete. It's often unfair. It seems to always favor the angle over the truth, because it's more interesting that way (pay attention to the Tom DeLay developments and see if you feel the same).

On the whole, American journalists hold themselves to standards for entertainment value instead of standards for integrity (legitimacy, accuracy, and fairness). I, for one, think it should be the other way around.

Thursday, September 29, 2005

...then Microsoft gets it all wrong

I'm really agitated that I can't post here more often than I do...but I try to ensure that when I do post, the info is meaningful.

While I earlier commended Microsoft - specifically, the Office product team - for getting it right, the remainder of Microsoft is still getting it all wrong.

A couple of months ago, we signed up for a new Microsoft licensing agreement covering our Office products. We opted for Software Assurance - which means whenever Office revs again, we'll get it for free. But Software Assurance also provides some very enticing benefits. In particular, the TechNet Concierge Chat was of interest to me. I would love for my HelpDesk to get an MS rep on-line when troubleshooting an Office issue for a customer.

I looked into getting us registered & signed up, and this is when the allegations against & stereotypes of Microsoft's security ineptitude took on a very real, very accurate palor.

I learned that this benefit had in fact already been activated for us. Furthermore, an e-mail was sent to me with instructions on using it - an e-mail I never received, because it was sent from Microsoft's mail servers using my boss' e-mail address. That's right. The process Microsoft uses to notify customers of benefit activation involves purposefully sending masqueraded e-mail messages using its customers' own addresses - instead of a Microsoft-owned address.

Any e-mail admin worth their salt won't allow someone to spoof their domain name for incoming messages. We use Postini (you should too), which blocks incoming mail sent from one of our domain names if it doesn't originate from a trusted IP address - Microsoft is not among our trusted addresses, for very obvious reasons.

Microsoft's licensing customer service reps know of this practice, but are powerless to do anything about it. What they will do, however, is verbally give you those credentials if they can speak to the person they believe is the benefit administrator. Very secure indeed.

It gets better.

Assuming you have your login information, you need to use the oft maligned Passport login service to access your benefits. Again, from a security standpoint, there are significant issues here.

First of all, I'm not Ma or Pa Kettle trying to get to my Hotmail account, or the 'Zone to play some stupid version of solitaire or gems or whatever. I'm a paying business customer. If my credentials are compromised, the attacker gets access to some better-than-average stuff.

Second of all, it's not as hard as one believes for your Passport credentials to be obtained maliciously. This is because Microsoft trusts Windows and Internet Explorer cookies to remember your password, etc. more than it trusts you to manage it. Interestingly, last I checked, there weren't any security patches released for my brain to keep me from blurting out my passwords if someone talked to me long enough.

Lastly, around two years ago, an Indian hacker proved he was smarter than the Redmond developers who wrote Passport. To prove it, he compromised literally the entire Passport database in Microsoft's data center.

The original damage estimates were hyperbolic, but it further proved that Microsoft is not very good at security architecture. Even Windows Server 2003, which was redesigned with a strict security focus, is prone to attacks that affect OS versions back to NT4. So much for the story of it having been 'completely re-written'.

Every other enterprise vendor's support and entitlement website requires simple user ID and password authentication. It's a model that is familiar to everyone. For some reason, Microsoft decided to overcomplicate it for the only customers that matter - the ones that pay for services.

To their credit, the people I've spoken to in my account team have taken my concerns very seriously, and are championing my cause within Microsoft in an effort to provide me some form of satisfactory resolution. I'll be sure to publicly commend them for anything they achieve in this regard.

In the mean time, I will remain ever skeptical of Microsoft's claims to be security-minded. The conservative IT manager will be well advised to do the same.

Thursday, September 15, 2005

Health Kick

In the interests of better health, I've decided lately to cut back on intake and increase the amount of physical activity I do. Simple formula, well proven, etc. I don't drink or smoke, I just eat more than I expend in exercise. Carlos Mencia referred to this matter of mathematics recently, using a pretty funny metaphor. He illustrated that one's "numerator" (mouth) is larger than their "denominator" (gestures toward butt as if to imply pooping), and results in a "remainder" (fat belly). I can relate to that.

So, I've eaten smarter over the past three weeks. Less intake. No soda or sweet drinks, just water & tea. I'm down 15 pounds, and can actually begin to see it. I'll start exercising now that I have my first ever piece of home gym equipment, and hope for the best.

What's killing me is the almost constant feeling of hunger - no matter how much water I take in. One of my employees used to run long-distance in college at OSU. He said my body knows it's losing weight (which is healthy but not normal), and is trying to provoke me into filling the furnace. Resisting it takes discipline, or chewing on straws - whichever works.

I still have an urge to snack, however, and now that I'm paying attention to Nutrition Labels, what I've found is very interesting. 3 "Snyders of Hanover" pretzels (in a bag) is roughly equivalent to 1/4 cup of peanut M&M's, which is roughly equivalent to 12 Lay's "Stax" potato 'crisps', which is roughly equivalent to a single Hostess cinnamon streussel cake...all of which have more calories (and less substance) than a good ol' pint of Guinness Draght.

Good thing I like Guinness. Anything that's been around for over 230 years has got to be good, right? Don't believe me? If you're one of those people who enjoys using statistics to justify an otherwise indefensible position, you'll appreciate the benefit Arjen's Beer Page offers up.

Beer me!

Tuesday, September 13, 2005

Holistic Meltdown

That's the term I use to describe the farce that has become disaster relief in the wake of Hurricane Katrina.

Holistic Meltdown.

I think it may be fair at this point to say that the governments of New Orleans and Louisiana will be found utterly incompetent at best, and irreversibly corrupt at worst. There is simply no way you can justify the complete lack of cohesion and response in New Orleans. Mississippi and Alabama - while spared perhaps the worst - have no such similar issues. No, it's New Orleans that has shamefully - singularly - failed to take care of its residents following a natural disaster that could have - should have - been expected to have happened during any Autumn in the past 40 years.

To make matters even worse, amidst all of the ridiculous allegations that race (rather than incompetence) were behind the abysmal treatment New Orleans' residents received at the hands of the motley crew of first responders, here now stands FEMA pouring salt into the wounds of the survivors.

You'd think something as important as disaster aid, which is only really useful to people who have been in a disaster, should be as easy to register for as possible.

However, if you visit http://disasteraid.fema.gov with anything other than Internet Explorer 6 w/ JavaScript enabled, you're not going to have much luck applying for relief funds appropriated by your federal government. Somehow, your browser version is important in applying for relief. I'm not sure why your browser version matters to FEMA. In reality, it probably wasn't an intentional act. Maybe it's because the government has bought licenses for a bajillion copies of Windows XP w/ IE6, so they figure everyone has it. Unlike AOL, it doesn't come in boxes of cereal. Libraries, etc. with internet-connected computers may not actually have IE6.

It's almost comical in a Douglas Adams kind of way. Bumbling bureaucrats who have nothing left but policies & processes. A careless decision by disinterested employees of a mega-establishment, blissfully unaware of the consequences of their actions. It's almost surreal.

This however is the least of the survivor's problems. There are too many people who could really use clean clothes, a good meal, and a bottle of water that don't give a damn about a FEMA website.

Perhaps the most disturbing stories are those recounted by people very close to those providing relief. A co-worker's brother is a Pastor in the Dallas area, and helped to establish a facility where survivors could stay, be clothed and fed, etc. People have driven from thousands of miles to offer assistance to families there. One after the other, they offer housing and personal aid to as many people or families as they can.

Here's what's disturbing. One gentleman came from Mississippi, offering to take up to 15 families back with him. He would house them, feed them, help them re-establish their wardrobes & dignity, and pay $200 per day (equivalent of $50,000 / year) to the able bodied for assistance in cleaning up his home town.

Nobody came forth.

The offer was repeated over the PA system that so many before him had used.

Again, no-one came forth.

If there was ever a question that the entitlement mentality engulfing this nation's poor - fueled by the misguided, affluent liberal contingency - is a downward spiral, this situation should put it to rest for good. These people would rather live in squalor than go to work for $50k per year. LOTS of them. Even those with nothing left to lose would rather beg than earn.

Can someone from the left please read The Dream and the Nightmare with an open mind, and re-evaluate the real consequences of bleeding heart liberalism?

Thursday, September 08, 2005

Being Certifiable

An interesting article in the Management section of 9/5's ComputerWorld hits on a topic that has been home to a pet theory of mine for a long time.

I've not had to adjust the theory much over the 15 years I've been doing this. The theory goes as follows:

  • In technology, education does not equal employability.

This is a "pet" theory, because it's one that I live and prove every day. I am not proud that I dropped out of high-school at 16, but it's the truth. I got my GED, at my then girlfriend & now wife's insistence, at about 20 years old - shortly before my first step off the "IT Worker" platform and onto the "IT career" train. I've never been to college except to see people or watch events.

An employer did send me to training, and I did begin passing some certification exams. Then I failed one, despite knowing my stuff inside and out. It was the stuff nobody used anymore that I wasn't familiar with, and didn't care to spend time learning, that caused me to fail the last exam I ever took.

And that's where the theory was born. I didn't know enough about obscure networking hardware to pass a test, but I did know enough to get hired, promoted, and sent to training by a Fortune 50 company. That being the case, what is the value of a certification?

I still find it to be a fair question, and a difficult one for anyone to answer convincingly.

I went on to enjoy some good success - both at that company, and others - despite my lack of certifications. In fact, Novell hired me to be a field Consultant without being a CNE. They didn't value certifications either - not even their own.

What I have found is that companies - good ones anyway - value people in any discipline that exhibit two primary traits. Attitude, and aptitude.

Degrees and certifications aren't relevant by themselves. Companies or managers that require them before they'll interview someone are nearsighted - period. If you find a candidate who passes the sniff tests - appears apt, is personable, speaks to things such as organization & work ethic, etc., the degrees & certifications they carry should serve to set them above the rest of the crowd. They help to fill in the details of a candidate's overall picture - not draw the entire thing by themselves.

I wouldn't want to work somewhere that pre-determined the benefit a prospective employee might contribute based on degrees or certifications. When I look for jobs and see postings that require Bachelor's degrees, I kind of chuckle to myself. What the hell good is a Bachelor of Arts degree if you want to be a technologist? What if they studied Marine Biology? How can that be relevant?

I've worked beside people with enough certifications after their name to require a 10" long business card - and I didn't trust them to be behind a keyboard. I'll employ someone with boatloads of the right attitude and raw aptitude right this minute, regardless of how much experience they have or certifications they carry in tow.