Picture of LondonI’m Back!

Spent a loverly 9 days in England, now back in sweltering NYC. If you catch me using Britishicisms please make me stop.

Remote Control Through Firewalls

Here’s the problem: we sell FogBUGZ, a server product that runs on NT. It comes with a SETUP program that works fine 95% of the time, but occasionally something goes wrong and we get a tech support call.

If we could somehow remote-control our customers’ computers, it would take us about 3 minutes to get FogBUGZ up and running. Instead we have to try to tell them what to do over the phone, without seeing what’s going on, which can take an hour or more. There are plenty of remote control programs (PC Anywhere, VNC, NT Terminal Services, etc.) but they all seem to have two problems:

  1. a complicated install for the server, often requiring the original NT CD and a reboot, and
  2. they act as traditional servers, listening on a port, which doesn’t work behind firewalls.

What I would love to have is a version of the VNC server that ran as an ActiveX control. Then I could tell my clients to go to a web page and allow the control to run. We would also need a reflector that lived outside their firewall.

Does anyone have a good solution to this problem?

Update: we’re going to try using TightVNC (a compressing version of VNC) in “listen” mode, which allows the server to connect to the client instead of vice-versa, thus solving the firewall problem. To run the TightVNC Server only requires two files so the setup is relatively painless.

Spam Escalation

When I first installed SpamAssassin a couple of months ago, it worked great, catching about 99% of spam with only the occasional false positive (usually an automated emails generated by ecommerce sites).

It was too good to last; today about 25% of the spam I receive is getting through again. It’s really obvious that spammers are working around the SpamAssassin rules.

SpamAssassin has one major design flaw: whenever it decides to flag a message as spam, it includes a detailed reason why, with exact scores. There’s even a web page which might as well be titled Evading SpamAssassin. It takes about 5 minutes for a spammer to figure out how to avoid the filters.

Update: Chris Thompson advises me to keep SpamAssassin up to date. I’m not sure what’s to stop spammers from keeping their versions of SpamAssassin up to date, though…



I will be away from July 19 – July 29 on vacation. My new policy is that I don’t check email or the web while I’m on vacation.

Translators: check out the latest version of the Language Signup page which represents my current opinion of what everyone is doing and where they are up to. If everyone does what they promised, we’ll have at least 210 translated articles in 38 languages.


Listen.com wins

I’ve subscribed to listen.com, a.k.a. Rhapsody. For about $100 a year you get unlimited music, legally. They don’t have absolutely everything, but they do have the five major labels and there’s really tons of stuff to listen to. One day I played every recorded work by Cat Stevens. Now I’m working through Gary Numan and Orchestra Manouevres in the Dark. Oh, wait, there’s the new Tori Amos CD. Click! The UI is much better than anything Napster/KaZaa/Gnutella had, it’s especially easy to find new things to listen to because everything is nicely cross-indexed and reviewed. If you can’t figure out what to play, you can listen to a preprogrammed radio station, fast forwarding through any songs that bore you, and when you find something you like you can listen to the whole album, other recordings by the same artist, recordings by artists who influenced that artist, and on and on.

The service works extremely well. Songs start playing in seconds and get downloaded quickly in the background; unlike the streaming services there are never “hiccups.” (To be fair, I’m using a T1 at work from Savvis which is extremely reliable).

Finally, the recording industry (under extreme duress) has given us a reasonable way to pay for digital music. Yes, things are missing (Madonna!) but that doesn’t mean it’s not worth $100 a year for access to 15,000 good albums.

Cool new stuff

Dave’s Google whatchamacallit keeps getting better and better. It’s the command line for the world wide web. It shows the time and date when idling, so you can turn off your toolbar clock and save real estate. There are zillions of command line options now. I use it to find articles on Joel on Software … type “joel schedules!” (the ! means “I’m feeling lucky”) and the article pops up in a new window.


Steven Den Beste wrote an amusing analysis of the extreme cognitive dissonance it takes to be a Mac fanatic. “The hardcore Mac faithful seem to believe just before each MacWorld that this is going to be the time that the Steve finally announces the killer product which is going to rock the PC heathen back on their heels and begins the great exodus from the dark side into the grace of Steve’s love.”



“Thank you for calling Amazon.com, may I help you?” Then — Click! You’re cut off. That’s annoying. You just waited 10 minutes to get through to a human and you mysteriously got disconnected right away.

Or is it mysterious? According to Mike Daisey, Amazon rated their customer service representatives based on the number of calls taken per hour. The best way to get your performance rating up was to hang up on customers, thus increasing the number of calls you can take every hour.

An aberration, you say?

When Jeff Weitzen took over Gateway, he instituted a new policy to save money on customer service calls. “Reps who spent more than 13 minutes talking to a customer didn’t get their monthly bonuses,” writes Katrina Brooker (Business 2.0, April 2001). “As a result, workers began doing just about anything to get customers off the phone: pretending the line wasn’t working, hanging up, or often–at great expense–sending them new parts or computers. Not surprisingly, Gateway’s customer satisfaction rates, once the best in the industry, fell below average.”

Measuring and Managing Performance in OrganizationsIt seems like any time you try to measure the performance of knowledge workers, things rapidly disintegrate, and you get what Robert D. Austin calls measurement dysfunction. His book Measuring and Managing Performance in Organizations is an excellent and thorough survey of the subject. Managers like to implement measurement systems, and they like to tie compensation to performance based on these measurement systems. But in the absence of 100% supervision, workers have an incentive to “work to the measurement,” concerning themselves solely with the measurement and not with the actual value or quality of their work.

Software organizations tend to reward programmers who (a) write lots of code and (b) fix lots of bugs. The best way to get ahead in an organization like this is to check in lots of buggy code and fix it all, rather than taking the extra time to get it right in the first place. When you try to fix this problem by penalizing programmers for creating bugs, you create a perverse incentive for them to hide their bugs or not tell the testers about new code they wrote in hopes that fewer bugs will be found. You can’t win.

Fortune 500 CEOs are usually compensated with base salary plus stock options. The stock options are often worth tens or hundreds of millions of dollars, which makes the base pay almost inconsequential. As a result CEOs do everything they can to inflate the price of the stock, even if it comes at the cost of bankrupting or ruining the company (as we’re seeing again and again in the headlines this month.) They’ll do this even if the stock only goes up temporarily, and then sell at the peak. Compensation committees are slow to respond, but their latest brilliant idea is to require the executive to hold the stock until they leave the company. Terrific. Now the incentive is to inflate the price of the stock temporarily and then quit. You can’t win, again.

Don’t take my word for it, read Austin’s book and you’ll understand why this measurement dysfunction is inevitable when you can’t completely supervise workers (which is almost always).

I’ve long claimed that incentive pay isn’t such a hot idea, even if you could measure who was doing a good job and who wasn’t, but Austin reinforces this by showing that you can’t even measure performance, so incentive pay is even less likely to work.

UI for Programmers in Polish