Tag Archives: english

Thoughts on Code of Conducts

Posted on by

I’ve just read this statement from the PSF about requiring a Code of Conduct, and I felt somehow a little down.

Don’t get me wrong, I don’t think that a CoC is something bad, and everything it says (at least the referenced PyCon US one and the example in geekfeminism.com) makes sense. It’s just that needing a CoC feels a little … formal.

I don’t like very much formality, as I like to think that PyCon conferences are more a bunch of somehow friends getting together and sharing knowledge. I’ve always felt very welcomed in the Python community here in Ireland, and the atmosphere in PyCon IE (and other meetings) is absolutely fantastic. I haven’t seen anything that I will consider remotely discriminatory (like I saw back on my college years, for example). I’ve always imagined that the rest of the Python conferences and communities have the same “magic”.

Of course, I am seeing this from my particular, mainstream european-male point of view. I am a foreigner here in Ireland, but less say on “close, european orbit”. I’m not sure if some of the problems that the CoC tries to avoid are present and I am just not noticing. I’d like to think that’s not the case.

I don’t know, makes me think about what is the general perception and behaviour of the development community. I know there is discussion out there about wether the  geek population is welcoming to diversity or just a bunch of jerks that just can’t behave (and all the spectrum in between). I guess it just makes me sad to think that we may need “an adult” telling us not to say things that we already know that we shouldn’t. It’s 2012, we have no excuse.

As I say, I just feel a little… disappointed. Like thinking that there is something wrong in all that, that we are grow up and that things are not on the same level of friendly informality. That we need rules to ensure everyone feels safe. I guess that a small number of spoiled brats that can’t behave like adults and are just ruining the party to everyone else. :-(

In defense of resting

Posted on by

I have been watching recently some documentaries about software development, including the classic Triumph of the nerds (available in YouTube in three episodes, 1, 2 and 3) and Indie Game: The Movie. They are both very good  and I’d recommend them not only to developers, but to people interested in technology and/or entrepreneurship in general.

But they are very good exponents into something very present on the software scene, which is presenting crunch mode, working insane hours, in some sort of glamourised way. It is part of the usual storytelling and, and probably, part of the hard work -> ??? -> profit logic.

Let me told you something. When I was starting my career, on my first long term job, we once had a very strong deadline. This made us work in crunch mode for a long time (around 2 months). That meant working around 12 hours or more per day, 6-7 days a week. The very last day (a Sunday), I started working at 9:00 AM and went home the Monday at 6:00 PM, only stopping for eating something quick and going to the toilet. The rest of the team did similarly.

Continue reading

Password Extravaganza: Open discussion about security

Posted on by

In recent times, I’ve been thinking quite a lot about security on Internet. And I mean my personal security on Internet. There has been some recent examples of leaked passwords on some common websites (LinkedIn, I am talking about you!), and I get the impression that the way I was handling passwords on the past was no longer good enough. Luckily, I never had problems, but I thought that I needed review my habits and to take it more seriously.

As with everything that is new, when I open my first email account (about 15 years ago) and register in the very first web pages, my security concerns weren’t really that much important. I started with a relatively (for the time) strong password with more than 6 characters, upper and lower caps + numbers that I can remember easily. Back in the day that was strong enough. I then started to use it everywhere. I’ll call it “password A” from now on.

After some time, I realised that it wasn’t really that good of a strategy, so I got another coupe of stronger passwords, and use them on “sensible” places, like my email, which is the most important point on the chain, or later Facebook.

So, some time ago, I started to think more and more about this, and started being more conscious to password security and the challenges it present. I am going to describe what are my views about passwords and my strategy about them. I am not a security expert, and I think there are a lot of wrong assumptions and myths around passwords. That’s why I want to be open about that, and try to make a “call for review” to share tips and see if I am doing something wrong and see other ways. So, please, add whatever you feel is interesting.

Continue reading

ffind: a sane replacement for command line file search

Posted on by

Screen Shot 2013-03-26 at 22.53.13
I tend to use the UNIX command line A LOT. I find it very comfortable to work when I am developing and follow the “Unix as IDE” way. The command line is really rich, and you could probably learn a new different command or parameter each day and still be surprised every day for the rest of your life. But there are some things that sticks and gets done, probably not on the most efficient way.

In my case, is using the command `find` to search for files. 95% of the times I use it, is in this form:

find . -name '*some_text*'

Which means ‘find in this directory and all the subdirectories a file that contains some_text in its filename’

It’s not that bad, but I also use a lot ack, which I think is absolutely awesome. I think is a must know for anyone using Unix command line. It is a replacement for grep as a tool for searching code, and works the following way (again, in my 90% usage)

ack some_text

Which means ‘search in all the files that look like code under this directory and subdirectories that contains the text some_text (some_text can be a regex, but usually you can ignore that part)

So, after a couple of tests, I decided to make myself my own ack-inspired find replacement, and called it ffind. I’ve been using it for the last couple of days, and it integrates quite well on my workflow (maybe surprisingly, as I’ve done it with that in mind)

Basically it does this

ffind some_text

Which means ‘find in this directory and all the subdirectories a file that contains some_text in its filename’ (some_text can be a regex). It has also a couple of interesting characteristics like it will ignore hidden directories (starting with a dot), but not hidden files, it will skip directories that the user is not allowed to read due permissions  and the output will have by default the matching text in color.

The other use case is

ffind /dir some_text

Which means ‘find in the directory ‘/dir’ and all the subdirectories a file that contains some_text in its filename’

There are a couple more params, but they are there to deal with special cases.

It is done in Python, and it is available in GitHub. So, if any of this sounds interesting, go there and feel free to use it! Or change it! Or make suggestions!

 

ffind in Github

ffind in Github

Magical thinking in Software Development

Posted on by

I guess we all Python developers heard this kind of argument from time to time:

Python is slower than C++/Java/C# because is not compiled.

Other than the usual “blame the others” when working with other companies (usually big corporations than thinks than using anything except C# or Java is laughable), you can also see a lot of comments in technical blogs or places like Hacker News or Reddit with similar, simplistic arguments. You can recognise them on the usual rants about how technology X is The Worst Thing That Ever Happened™ and Should Never Be Used™

That’s a form of Software Development Magical Thinking. This can be really harmful for software development, specially when the opposite, positive form is used. Let me define Software Development Magical Thinking in this context:

Software Development Magical Thinking noun Assuming that a technology will magically avoid a complex problem just by itself.

Probably that will become clearer after a couple of examples:

Java is a static type language and it is safer than dynamic type languages like Ruby.

We program in C++ so our code is very fast.

MongoDB / NodeJS / Riak is web-scale.

Please note that those are not completely, utterly wrong statements. C++ can be very fast. Static typed languages can avoid some bugs related with input parameters type. But there is no guarantee that creating a system in C++ is going to act like a magic wand against slow code. Or that Erlang will avoid having a single point of failure. And you’ll get as sick of bugs and security issues both on static type language and dynamic type languages. *

Those are all complex problems that need careful design and possibly measurements to deal with them. Deep analysis of the problem, which usually is more complicated that looks on the first place. Or even worst, the problem is not as bad as it looked and the designed system is more complex that it should, trying to catch a problem that never arises. Not to exclude having previous experience to avoid subtle errors.

Let me say it again. There are problems that are HARD. In software systems they are confronted almost daily. And no single thing will make you forget them. Even if you use a very good tool for what you’re doing (like Erlang for concurrency), which usually implies paying a price (in development time, etc), doesn’t replace vigilance and issues could eventually appear. Unfortunately, making software is tough.

The problem with Software Development Magical Thinking is that it is very easy and it is also very natural. Seductive. We know that “general Magical Thinking”, simple solutions to very complex problems, is quite common. Hey, a lot of times, it even seems to work, because the Feared Problem will only present after certain size that is never attained, or after the designer leave the company and left a latent problem behind. Most of the time, making a totally informed decision is unrealistic, or simply not possible, and some risks must be taken.

But as software developers we should know that things are not that easy, even if we have to compromise. Each bug that takes time methodically eliminating causes. Every measurement that makes you wonder what is the best metric to reflect a value. Every time you realise that there was a back-of-the-envelope calculation that shows something that will have an impact on some design aspects. Those are all reminders that should makes us think that there are no silver bullets and we shouldn’t take lightly all those difficult problems.

Make decisions. Design systems. Choose a tool over others. Take risks. But don’t be delusional and careless. Be conscious that software can bite you back. Be vigilant. Be skeptic. Avoid Magical Thinking.

PD: And please, don’t say “Python is slow”. Just don’t. It is not for most of the jobs. It is not going to make you win a discussion unless you carefully measure and proof it. And, perhaps most importantly, raises my urge to kill.

* No, I am not going to comment anything the Mythical Web Scale property.

EDIT: Wow, it has been submitted to Hacker News here. Just in case any one whats to add to the discussion there.

Talks on PyCon Ireland 2012

Posted on by

Well, as usual, this year’s PyCon Ireland has been amazing. I always get impressed by the high quality of the talks and, in general, how much the attendants know. It is always a pleasure to share some thoughts about technology with incredibly talented people. Python Ireland is doing a great job.

This year I didn’t give one talk, but TWO! It was very exhausting, but fun. I am posting the slides here, in case someone find them interesting…

You can also download the source Keynote file, which includes notes.

EDIT: Videos added

Respect your production data

Posted on by

I read yesterday this blog post: I Accidentally Deleted All Our Data by Taylor Fausak. Probably you’ll end with the same expression in your face that I did. An a palm covering it.

Something in advance. It takes GREAT courage and openness to tell in your blog this story. I think is really a great attitude about it.

Saying this, I must say that the whole story a recipe for disaster. Lots of steps make my spider-sense to tingle. Strongly.

Doing a script on the python interactive shell to update your production data, while in a convention, between presentations… Well, it’s not the right moment to do ANYTHING that could change your data. A quick look a monitoring tool, that’s grand. But anything more complex that that is highly risky. And specially using the interactive shell.

You have to RESPECT your production environment and data. Ideally, every change in production should be automated and tested before in advance. That means everything but the most extreme cases, like bugs that are blocking the whole application. Sometimes, in extraordinary cases, could necessary to take extraordinary measures. But it should always be treated with the proper caution.

You have to set all your attention each time you have to change anything on production and have a clear view in advance of what are you trying to do. Think really carefully what are you going to do. And double check everything you type. Every step that has not been previously tested on a staging environment is a possible disaster for your application.

Anyway, stories like that only make me remember how much attention should I put into changing production data and keep a healthy fear of what could happen. Treat your production environment with proper R-E-S-P-E-C-T or it can bite. Hard.

Bonus: Really, really, REALLY the best way of testing that something works is SAVING everything AGAIN????????

This code give me nightmares…


from mongoengine import connect
from models import Family
connect('the-production-database')
for family in Family.objects:
   family.save()

Utopia Kingdoms scaling case. From 4 users to 90k+

Posted on by

I almost forget to put this presentation I gave in PyCon Ireland 2011 this month. It’s about some problems and solutions working on Utopia Kingdoms game regarding scalability.

So, here are the slides

UPDATE: In case anyone is interested, here is the talk, courtesy of PyCon Ireland ;-)

 

Think a little about the readers of your web site

Posted on by

This is a translation of a post by Ricardo Galli about some of the lessons he has learned on Menéame, a social news website in Spanish similar to Digg. I wanted to share some of the concepts with my co-workers, but I thought that it could be interesting to translate the complete work and share it with the whole world ;-) Any English errors are my own. I will also like to thank David Brodigan for help me reviewing the English version.

Bored of having to wait more than 5 seconds to display a blog’s page? Annoyed with those sites with dozens of widgets, gadgets, AJAX effects and mashups that take hours to load? Troubled because you have developed a very efficient program for the last hot framework and “it’s slow”? Me too, and that worries me a lot, These sites are incredibly crap pieces of work that don’t take into account the basics about usability and human interface: Response time perceived by the user.

You can criticize everything else about Menéame, except its speed or that we have not taken into account this very important aspect, that’s why I’m sharing the few rules we have been following very strictly. We already knew some, but we have also learnt many more during these past five years of development .

There are a lot of parameters to take into account to develop “fast” websites. Not only the server speeds, or the time it takes the server to generate dynamic HTML, there are other parameters that directly affect the browser and user’s perception.

In July 2001 I wrote an article at Bulma [in Spanish] where I explained, according to measurements made during the development of the first sites of Diari de Balears and Última Hora (during the years 1997-1998), the fundamental technical parameters to measure and take into account: response time, return time, download time and “display time”. That last parameter, display, is the one that has the most impact for the user. The user expects a quick response, and that’s mostly perceived as the time that takes for the page to start to display on the browser.

Continue reading

Django and Rails and Grails, Oh my!

Posted on by

On the PyCon Ireland I give a talk comparing between Django, Ruby on Rails and Grails framework… I just forget to put a link on this blog!

The presentation can be found at Prezi, and there is even a video, if someone wants to make funny comments on my exotic accent :-P A problem with the projector doesn’t allow me to display the slides, so I felt a little weird taking the laptop and pointing at the screen, but the people making the video has make their homework and shows the proper slides on place. Nice!

Presentation

Video

The original idea was to show the same simple application (a simple posting service) make with the three frameworks, but not being able to display on the projector really ruined it. Anyway, the code can be downloaded here, if you want to take a look.

Let me know what do you think!