Monday, July 31, 2006
Do members of the Agile Alliance really believe in Agile?
In a quick scan of the blogosphere I uncovered an interesting pattern amongst founding members of the agile manifesto. In multiple past blogs, I have shared my belief which is also held by others that enabling trackback allows for a two-way conversation. Some folks have argued about enabling it requires too much of their time to clear out spam. Having had trackback enabled on my own blog since day one (I have been blogging for about three years now), this perspective is simply bullshit.
The real issue at hand is that the word blog spam sometimes serves as a secret codeword for the fact that folks are afraid that if they post something that is somehow incorrect that folks in the blogosphere might be able to respond negatively and it is vital that they must command and control the conversation. Folks don't really believe in the notion of the best architectures are realized via face-to-face conversations and how it could manifest itself in the blogosphere.
A quick scan of the blogosphere for founding members of the Agile Alliance shows that Martin Fowler, Andy Hunt, Brian Marick and Dave Thomas all lack trackback on their blogs. They also lack even basic commenting mechanisms.
Lets give them the benefit of the doubt and believe that they are really interested in command & control and genuinely desire to engage in two way conversations but simply haven't gotten around to enabling it. Maybe they haven't came across sites such as Haloscan that would make it even easier for them to incorporate. Maybe the additional responsibility of two-way conversations with other bloggers may not occur due to time constraints.
I would think that the Agile Alliance would minimally want to observe dialog even when they are not at the center of it. Sometimes observation can provide its own benefits. Having the ability to see what works and what doesn't is invaluable. I don't think that I have ever had the opportunity to meet face to face with Kent Beck to tell him how Extreme Programming is valuable but needs some fine tuning to work in large enterprises but I can at least share in the blogosphere as a tip to others going down this path and let Kent observe.
I periodically read Jeff Sutherland blog which doesn't have trackback enabled but does at least allow for comments. Anyway, have you checked out some of the ThoughtWorks blogs? There is a lot of wisdom here and I have added many of them to my weekly reading list. I would love to see the following thoughtworkers also enabled trackback:
- Carlos Villela
- Chirdeep Shetty
- Darren Hobbs
- Graham Brooks
- Igor Stoyanov
- Jason Yip
- Jay Fields
- Kerry Todyruik
- Marco Abis
- Narayan Raman
- Prashant Gandhi
- Sriram Narayan
- Vivek Singh
The secret relationship between Hezbollah, Indian Outsourcing and Open Source...
Earlier in the week, I created a survey for my blog and posted the link here. I got more responses that I had hoped for and the information learned is invaluable. For those who haven't taken the survey, please do so now.
In a previous blog entry, I had also mentioned that I would create surveys for others and several folks have taken me up on the offer. Figured I would post links to them:
Of course crafting a survey is both an art and science. If anyone has thoughts on how to make the surveys more meaningful, do not hesitate to trackback...
Sunday, July 30, 2006
Heroism and Hezbollah and why I openly support them!
While I am labelled an American, I am a citizen of the planet earth which gives me the right ato believe that freedom and justice for all includes both Lebanese and Israelis equally. I am not sure why I should give a crap about Israel and their plight.
One thing that occured to me is that during the early days of Israeli occupation of Lebanon when the Israeli army started bombing innocent Lebanese citizens that Jewish people in Lebanon came to their aid. One could read that Jewish people in Lebanon have a peaceful relationship with Christians and Muslims there and that this isn't really about religion. One could also assume that Jewish people in Lebanon are more capable of humanitarian acts than their Israeli counterparts which says I should prefer Lebanon folks over Israeli folks.
On the news I heard an interesting statistic that broke down the kill rates in Iraq by race. The numbers showed a trend where blacks in Iraq are being killed significantly less than whites in terms of a ratio. One could assume that blacks have either a sixth sense when it comes to danger or that they simply are smarter in some situations than other races but that would be inappropriate to think. The person giving the news was white and did hint that Iraqi's do understand racial dynamics in America and are actually targeting folks they feel are oppressing them and only shooting others in supposed self-defense.
If you apply the same sort of statistic perspective to Israel, I think the same pattern exists. There are Jewish people who are lilly white, those who are blacker that a 150 million midnights and every shade in between. There are Jewish people that originate from countries such as Yemen. Likewise there are Jewish people who originate from countries in Europe. Statistically speaking, over 98% of all Jewish people killed in so-called terrorism acts have lineage through Europe and not other countries.
My take on this issue is that maybe this isn't about religion but aligns more to something that happened in America when Europeans first arrived when native Americans fought back to not see their land taken from them. In the days of slavery, there was one slave named Nat Turner who ran around taking off heads and attempted to organize others. History tells his story as one of the few who attempted to fight in this manner. If slavery existed in 2006 and he attempted to do the same thing nowadays, history may tell the story differently. After all, we have gotten much better in putting spins on things and the notion of public relations didn't exist then.
Have you checked out this survey? Anyway, I am firm in my belief that the hostilities in the Middle East have absolutely zero to do with anything religious in nature and that religion is anecdotal. I would love for someone to tell me why Hezbollah, Hamas and others simply aren't following in the path of Nat Turner...
Saturday, July 29, 2006
Why Java may not be better than Ruby..
I was thinking that while we all know that Ruby isn't enterprise ready and that Fortune enterprises as of late haven't taken much initiative to increase the productivity of any individual developer within their walls and instead prefer to take the outsourcing path where any individual developer is even less productive but in terms of cost a lot cheaper which makes up for the difference, maybe in this situation, productivity does matter.
I have been noodling whether inner-city kids should learn Ruby next year instead of Java. Yakov Fain, an editor at JDJ graciously donated copies of his book. I wonder if anyone in the Ruby community would step up to donate books for the same noble cause?
Maybe the real test of productivity is to teach folks who have never programmed before in any language and see how well they adapt. My general observation is that these kids were pretty sharp and had lots of professional developers beat by miles. I guess not having to unlearn technology can prove to be a competitive advantage.
Anyway, it would be interesting if there is any vendor in the blogosphere that is charitable and wanted to donate a dozen T-shirts to the students for their hard work? For that matter, if analyst firms such as Gartner or Forrester also wanted to be charitable, it would be equally accepted. They will be staying at the Los Angeles Hilton by the Airport where they will be competing against other high school children who have learned ASP.NET.
I will post an update in this regard on Friday to let you know how they made out...
Friday, July 28, 2006
Why software vendors don't love Enterprise Architects...
You would think that if an architect from a Fortune enterprise were openly blogging that many software vendors would attempt to pick his brain for how to better sell to large enterprises. This hasn't happened. Minimally, they might attempt to at least add you to their blogroll but sadly I am the stepchild in the vendor community.
Maybe the problem isn't me but the vendors. The bloggers that I read savagely such as Kim Cameron, Pat Patterson, Eric Newcomer, Mark Little, Ashish Jain, Dick Hardt, David Chappell, James Robertson, Sara Gates and Don Box seem to only list other vendors. From what I can tell, they haven't even listed a single, uno, one actual end-user customer. Do their employers forbid them from talking to us customers virtually or otherwise?
I wonder if they haven't realized that humans love their names and that is one tactic to gain buy-in for the ideas they represent? I wonder why they list other vendors on their blogroll at all? You can't sell them things? You can steal ideas from them? I guess it is all about transparency?
So what do enterprise architects do all day...
- As many folks are aware, I am working on pushing an industry-wide solution to the increase the ability to protect personally identifiable information stored in relational databases and have had great success in getting enterprise architects in other Fortune enterprises to support the specification. I had deep conversations with two different database vendors on the value proposition of implementing stronger protection mechanisms. One vendor was ecstatic to see that us customer types could actually articulate such a deep specification for one of their problems. I guess that most vendors have a hard time of pulling requirements out of most of us. Anyway, they have agreed to slot the functionality for the R2 version of their product in the future.
I wonder if any industry analysts would be interested in doing not one but two different case studies on this problem space. The first case study would cover the needs of large enterprises and what they are doing to protect personally identifiable information. The second case study (this is more interesting) in how enterprises can not only consume industry specifications but could become active creators of them.
- Also participated on a conference call with several architects that are employed by other Fortune enterprises in hopes of creating an industry-wide message format to support DMV insurance checks. I have realized that I spend too much time doing Powerpoint and other enterprisey things and some of the finer details of WSDL and XML are slowly slipping away. The one thing that is appreciative is that when folks from other enterprises review your thought, they have no reason to be cordial and therefore will provide honest feedback. I have to figure out how to get the same level of honest feedback within my own enterprise. I think I get away with too much at certain times in terms of providing technical advice.
- Worked with several other folks on the start of the 2007 operating plan (aka budgets). I remember earlier in my career budgets weren't as painful as they are nowadays. In the old school, budgets were more driven based on monies exiting the door in terms of real dollars. Nowadays with chargebacks, budgeting has gotten more complicated due to notions of chargebacks. My contribution to the budget is all the wonderful security initiatives we should consider for next year. The hardest part is that especially in the security space which is usually not well known and that executives have less opportunity for management by magazine in this camp that the distinction between what you can "sell" vs what makes sense is even more profound. Putting into the budget things that have 100% integrity without analyst coverage, hype articles in publications such as CIO and Infoworld will result in me having to do even more Powerpoint next year than this year.
- Actually spent time reading the latest Forrester ESB report written by Mike Vollmer and Mike Gilpin and of course noticed that ServiceMix wasn't included. I immediately went on my rant that open source projects should be covered right next to closed source proprietary implementations such as CapeClear and Sonic. Part of the issue is that analysts tend to start with vendors which is logical for closed source but not open. I could use ServiceMix in a production environment not yet care a single bit about how LogicBlaze operates nor their financials. Open source provides folks with a choice in terms of support and makes it optional as to whom you get it from. Analysts really need to start thinking more about how their customers could use software and not stick to just the status quo. I guess they are too busy predicting the past...
- Many folks are aware that noted industry analyst Brenda Michelson will be doing a case study on our enterprise architecture practices. I learned on this day that the CIO, I had lined up will need to take a vacation day. I really thought it was important to do the face-to-face thing and now have to move it to a phone call a week later. Anyway, I will be finishing up the final agenda that includes all of the wonderful folks she will get to interview while visiting in person. The cast of characters I have lined up should provide an interesting perspective on what us enterprisey folks do well but also need to improve upon.
- Also started on writing a software architecture description document that outlines how identity federation would need to work in our industry vertical. I hope to put the final touches on the document tonight and get the document out to my industry peers early next week. One of the things that I think will be intriguing to see is that I am suggesting creation of a platform that is built upon open source. I am firm in my belief that for Fortune enterprises to actually trust the security of each other that source code should be available for inspection at any time. I wonder why companies such as Sun who embrace open source haven't talked much about open source implementations in the federated identity space? Maybe Pat Patterson could share his thoughts?
- At home, I spent some time reading the CardSpace (formerly InfoCard) specification and am noodling how this could be integrated with Liferay Enterprise Portal. Would be interesting to see Kim Cameron championing an open source implementation in Java of his specification.
- Also at home, I started to sketch out evaluation criteria for an upcoming proof of concept in the entitlements space. There are a variety of vendors that play here including Identity Engines, BEA, Securent, Jericho Systems and others. Sadly, this is one space that corporations need to understand and embrace as it addresses a lot of problems we face. Of course, the analyst firms are asleep at the helm with only Burton Group having deep coverage but with no research reports yet.
- It wasn't until 8:30 pm that I had the opportunity to play with my two sons. So much for the savage quest of work/life balance...
Thursday, July 27, 2006
Why most Enterprise Architecture practices in large enterprises result in mediocrity...
The one thing that I think should also be considered is that large enterprises and their enterprise architects can easily fall prey to isolation. Over time large enterprise tend to become their own mini-nations with its citizens bound to their countries by special vocabularies and unique cultures. CIOs never challenge them to learn the language of others.
Over time, enterprises forget that they are a citizen in an even larger ecosystem and devolve into worst practices such as offshoring while forgetting that taking care of their own employees is top priority. Many CIOs get it twisted and in the era of outsourcing where loyalty is rewarded by finding the least patriotic way to not only eliminate jobs within your own country (aka the enterprise) but also either becoming agnostic or spiteful in attacking the soul.
Isolation in any form is evil. I wonder if I could ask other enterprise architects in the blogosphere such as Scott Mark, James Tarbell, Nick Malik, Robert McIlree, James Melzer and Charles Betz to stop practicing isolation for a single day.
Other than blogging, when was the last time you got out and talked face-to-face with other enterprise architects that work for other enterprises? Attempting to understand other cultures can be immensely helpful. Maybe we should as a community declare Friday August 11th as EA liberation day? Let's seize the moment and break our insular habits...
Wednesday, July 26, 2006
Should industry analysts who blog become more quantitative?
Last month for work purposes I needed a survey engine to collect feedback from fellow architects and chose Survey Monkey but I forgot to cancel the subscription and it charged me for another month. Figuring that I shouldn't let it go to waste, I thought I could do two things.
1. I would ask the community to take a survey I created in hopes of providing quantification on the many things I tend to blog about and would ask a variety of questions regarding Ruby on Rails, Enterprise Architecture, SOA, industry analysts and other topics. I have posted the survey here.
2. I would also create surveys for others in the community that wanted to also solicit metrics from their peers on whatever was of interest to them. Simply drop me an email or trackback to this posting along with the questions you would like to ask and I will oblige.
Tuesday, July 25, 2006
Why IT in large enterprises can never be agile...
If you have read my blog for any extended period of time, you may have noticed that I think the phrase IT should align with the business is bullshit. How can you ever hope to align if you outsource the whole damn IT staff to suboptimal locations such as India or China? Shouldn't alignment help business users get higher quality working software instead of making it even more difficult for the business to communicate with IT?
Maybe alignment is today's secret codeword for increase risk, don't be patriotic and of course make delivery of high quality valuable working software less important than project plans, methodologies, maturity models and governance practices? We all understand intuitively that direct communication has a dramatic effect on reducing risk on any undertaking but lets ignore this for a moment and consider best practices of outsourcing. Direct communication no longer matters when we can have onsite liasons who communicate on our behalf to offsite liasons.
In modern IT development in most corporations, developers usually never get the opportunity to talk to real world customers. At least they were three or so degrees of separation between them. As IT further aligns itself with the business, we have ensured that developers now have a minimum of two additional folks (degrees) between them and the customer.
Some will think it is unfair for me to attack outsourcing and their practices. There may be some truth to this. Maybe the real problem isn't with outsourcing firms in India and China (not really) but more of the problem resides in the IT executives that made this decision in the first place. If you have the tolerance to attend any industry analyst conferences targeted at CIOs and can endure the ardous buzzword laden presentations, one theme resonates in the hallways that is somehow managed to be the new drug that CIOs smoke (most won't admit to inhaling) is the believe that it takes a long time to develop IT applications.
I wonder why in the dot.com days, a team of individuals was able to within six months time build an entire online bank from scratch yet nowadays we cannot even outsource production support for an existing stable application to folks in India and China within a year's time? Does your CIO have the aptitude to learn from the work effort of others or are they busy throwing daggers when others are more productive than them?
Awhile back the Ruby community at some level attacked me when I said that productivity of an individual no longer matters but at another level others chimed in and agreed. I wonder CIOs could learn something from the likes of Martin Fowler, Scott Ambler, Chris Petrilli, James Robertson, Nick Malik and others or will they simply continue to choose a convenient stereotype that suits their own personal needs but not the needs of their busineess?
Anyway, the biggest problem I see with IT aligning with the business is the sage wisdom held by many CIO's that get it twisted and think that developers lack the ability to communicate with the business. Someone needs to kidnap these fools. This in my humble opinion is the one thought process that needs to be taken out and shot along with those who oft repeat it in order to enable agility. Sadly, the problem will continue to fester as most enterprise architects who are the only ones that have the potential of doing something about it are asleep at the helm...
Monday, July 24, 2006
Why most Enterprise Architects aren't getting paid enough...
Don't get it twisted as I do like money and like most folks wouldn't mind even more of it. I guess the main problem that I have is that my life is centered around more than just money. If you told me that I could work from home more, have more time off so I can spend time with the kids, or even told me about how wonderful your enterprise is in terms of charitable giving I would probably consider your value proposition. The simple fact is that I have already paid off my house and car and have absolutely zero debt along with managing to max out my 401K contributions, save for my kids college and most importantly can support charity that makes a different in the planet and therefore really ain't thinking about the need to solve for something I believe isn't busted.
Of course not a single recruiter even discussed more time off as most enterprises don't get the notion of work hard, play hard. Many enterprises love the monotone of continuity at the expense of a sense of urgency. I suspect that more enterprises would be successful in filling their ranks with top talent by compensated experienced individuals with more time off and increasing productivity than by simply increasing expenses in the form of salary.
The one thing that I have always thought about on the day some enterprise is stupid enough to make me CIO what I would do. I believe my first action would be to cut every single IT budget line item by 10% while avoiding rationalization. I suspect that this would actually save the enterprise 15% as it would remove the frivolous jockeying for position time wasting Powerpoint creating, bullshit that otherwise would occur.
I think we all have been around long enough to know that if one were dumb enough to listen to the rants and screeds of developers who constantly complain that there isn't enough time to do a high quality job and honored their wishes by granting everyone an additional 10% more time to deliver that quality wouldn't actually go up. We all know it would be consumed with more meetings with those who don't provide real value, additional documentation that doesn't aid in the creation of valuable working software and even more tracking of things that don't matter. The Agile Manifesto will never be a reality in most enterprises...
Getting back on track, the one thing that was absent from every single recruiter's conversation was the notion of team. Sure, every IT executive can babble for hours on their team-oriented culture. We all know that creating a team-oriented culture is one thing, but maintaining it so that it is sustainable is another.
Successful teams are heavily dependent upon folks working together towards a common goal yet many enterprises are creating risk in fracturing it by setting up reward structures that distiguishes a few disproportunately. Jack Welsh and the idiots over at GE (NOTE: I am a shareholder) came up with a good but otherwise sustainable idea that you should reward the top 10% of your enterprise disproportionately which has been mindlessly adopted by other executives.
For the record, these recruiters who keep calling me are not only ruining their own enterprise but are more importantly ruining any potential value proposition that enterprise architecture could bring. I am firm in my opinion that no individual should ever be recognized beyond their market value.
I wonder if I would think about the pitch from the recruiters if they told me that the head of IT promoted an open environment in which everyone can be creative? Those execs who crave off the charts financial reward will eventually leave anyway. If recruiters where to figure out why drives an individual beyond compensation then they could contribute more than their worth.
Many EAs love the challenge of the job and the opportunity to leverage their imagination which is always more enticing than money. Hey, fellow EA's, did I get it twisted...
Finally, an Open Source Compatible Windows Operating System ..
Sunday, July 23, 2006
Is Enterprise Service Bus the hype of the minute ...
Cape Clear's CEO, Annrai O'Toole gloats in his blog how Cape Clear got the number one spot. I would love to ask him directly (He doesn't have trackback turned on but should) how CEO's of software companies feel when getting awarded the number one spot when many of his competitors where intentionally excluded out of the running?
CIOs and other folks in the enterprise should question the fact that neither report seems to list any open source ESBs. I know that Sun has one and pays a lot of money to analyst firms. I wonder if they are not paying enough in this space? I wonder if any Sun bloggers have an opinion on this aspect? Anyway, you may have noticed that the number one open source ESB ServiceMix is notoriously missing. What if the marketplace learned that the real number one ESB didn't originate from a closed source proprietary company but was community developed?
The hard part is that I would love to understand why it was excluded. Is it that the folks in the open source community aren't paying for consideration? Is it that all of these reports include vendor analysis which kinda doesn't make much sense in open source and therefore they exclude it because it breaks their taxonomy?
The primary vendor behind ServiceMix is LogicBlaze but that really shouldn't matter. It is reasonable for an enterprise that has the right mix of talent to use ServiceMix as their ESB platform without ever engaging in a conversation with LogicBlaze. The same thing can be said of JBoss, Alfresco and other open source products.
I wonder what Annrai's thoughts are on ServiceMix and whether he would actually demand of Forrester and Gartner their inclusion in the next updates in this space so that he is being fairly compared? I suspect that if he doesn't, the folks over at Sonic such as David Chappell may. I would also be curious to understand if James Strahan of LogicBlaze is asleep at the helm and not paying attention to what industry analysts are saying. Sadly, many open source projects and companies believe that industry analysts are of nebulous value (Actually, I agree) and therefore don't make the effort?
I wonder if LogicBlaze, Cape Clear, Sonic and others in the ESB space are clients of analyst firms that cover open source deeply such as Redmonk and 451 Group? They can gain insight even though their solutions aren't necessarily open. I would suspect that if Redmonk did similiar analysis, they might even note that the vast majority of enterprises that have successfully implemented SOA have done so without having an ESB in the first place. ESBs have no more than 2% market penetration and this is unlikely to change in the near future.
Anyway, maybe it is a failure of my peers in other enterprises not demanding of analyst firms they interact with to make sure that all research includes not only closed source proprietary software but open source solutions that are community driven. After all, you are their to find solutions to business problems regardless of the model in which they are developed...
Saturday, July 22, 2006
Outsourcing, Industry Analysts and the Lack of Integrity...
I spent some time attempting to track down research in the outsourcing space and came up empty handed. Many folks are keenly aware of folks in India that work for outsourcing firms and how they doctor their resume to show more experience than they actually have. The casual observation is that certain outsourcing firms do this more than others. Imagine if analysts were to start publishing a resume integrity factor metric on each firm?
Some firms as a practice don't even show you resumes but instead stick to high-level BIOs of their employees. Wouldn't this be useful information to track? Anyway, my observations are that there are common pain points regardless of which outsourcing firm one works with. Some analyst firms have observed that cultural traits such as when American's say yes it indicates a commitment while in India yes may mean they acknowledge that they received the message. Shouldn't cultural analysis go a lot deeper than this? There are many Indian outsourcing bloggers in the blogosphere and it would be interesting if they could blog on cultural disconnects (if they are self-aware?)
Another casual observation is that certain industry verticals tend to have higher success rates in outsourcing over other industry verticals. I suspect that some of this has to do with having consumer-level knowledge of certain business domains while lacking in others. Hey industry analysts, why not start calling out this fact.
Still haven't seen any industry analyst published detailed research on best practices on what enterprises should do when outsourcing fails (for any reason) and ways to bring it back in-house. We all know of failure stories, why not provide insight into some of them?
I wonder what other enterprises are doing in terms of knowledge transfer to outsourcing firms? No not how to transfer knowledge around the inner working of business applications as this is pretty straightforward. I am more curious about how knowledge transfer is occuring around internally created "reference architectures" , design reviews and how governance should work in a outsourcing scenario at more than a conceptual level. Which enterprises have gotten this problem space nailed. Could you work with one of them to create a case study?
Lastly, I would love to know which outsourcing firms have more open communications and allow their employees to have honest dialog vs the usual run it up the flag pole control the message scenario? I would love to understand which firm has the most bloggers? In my travels I have ran across one or two from Wipro and about the same from Infosys and Thoughtworks but haven't ran across any from Cognizant, Satyam, Accenture, Bearingpoint, McKinsey or Covansys. Do you even exist? Are you interested in engaging in a larger conversation?
Friday, July 21, 2006
How Open Source one ups Visual Studio...
SharpDevelop, one of the most famous Free/Open Source .net IDE's is now in version 2.0 with more functionalities and features. When compared to Visual Studio Express Editions, it provides code coverage, unit testing, the ability to test regular expressions, XML documentation preview and generation and much more...
I wonder if the Ruby on Rails community is envious?
What can corporate America learn from playing games?
Imagine if enterprisey folks pulled their heads out their bleeps and started studying the architectures of others. For example, wouldn't it be interesting if Alan Pelz-Sharpe blogged on the content management architecture of say playboy.com than some corporate entity who is less mature? Imagine if the folks at Gartner instead of sending desist notes to James Governor instead focused on sharing with us enterprisey folks the architecture of gambling sites that are not only highly available and load balanced not just between data centers but sometimes between countries which never seem to lose a transaction nor suffer from mysterious slowdowns.
At some level, the Ruby Community is accurate in their description of most IT folks in corporate America as being too enterprisey. We over-engineer things which results in more costs than need be. It is amazing that many of the web 2.0 sites are built on the LAMP stack and run on only two or three single CPU pentium servers while us enterprisey folk need millions of dollars worth of infrastructure for applications that will receive less traffic because we are worried about scale.
The funny thing is that while we can learn a lot from many of the successful web 2.0 companies on how to be lightweight, I am of the belief that we could learn more from gaming engines and their architecture.
I wonder what it would take for industry analysts to start producing analysis for corporate consumption on the architectures such as Battle.net which supports 75,000 concurrent in a highly secure manner. Most gaming companies have security nailed not only in terms of firewalls but actually have embedded secure software development practices into their applications as well. I suspect that folks who study secure coding such as Gary McGraw could learn a thing or two.
From what I know of battle.net the most intriguing thing about it is that it supports so many users let is still a single threaded application. Us enterprisey folk have been convinced over the years that multiple threads of execution are required in order to build an enterprise application. We couldn't live without our J2EE containers that make it easier to build them. I wonder what would happen if an enterprise architect challenged their own culture in this regard?
Another thing that is interesting is that gaming engine architects are conscious of what their application looks like on the wire. They can tell you for each and every function within their application and exactly how many packets are generated. I suspect that absolutely zero folks in the blogosphere that are employed in corporate environments have even thought about this before the fact (we are great at doing it in a crisis though).
Anyway, I hope to figure out a way for folks in enterprises to learn better architecture and have pinged several software developers in the gaming software development profession and have asked them if they would be interested in doing a podcast to talk about some things that we could learn from them. Stay tuned...
Thursday, July 20, 2006
Why the Euston Manifesto will trump the Agile Manifesto...
Should Industry Analysts get paid to write research reports?
First, AG wanted to know my opinion on the MS funded Gartner reports or the notorious "Get the Facts" campaign. For the record, I am OK with software companies paying analyst firms to conduct real research on certain subject domains. I would say that I wouldn't call the particular work you mentioned though as research but more of a marketing piece. Of course, it is easy to concoct a scenario in which one vendor will look better than another and publish the results. Research is much deeper than that and should outline the probability that one would be in that situation along with why folks got there in the first place.
I think that most folks would have thought of this more as research if it also included other operating systems in the mix along with a little bit more transparency on how the analysis was conducted. I would also say that Gartner is not alone in the field of taking money from software vendors to create research. The likes of Radicati, Yankee, IDC and others also have a similar practice. Maybe the real rub with some in the community is not the money but that they didn't on the front page of the report clearly show in terms of a disclaimer who exactly was paying for it, how much they paid for it and what was out of scope. If this were included, I suspect you would have less issue with it.
The second comment in the blog that was equally intriguing was with Neil Macehiter and his comment on European analyst firms and how being across the pond makes it more difficult to be face-to-face. At some level I agree that there are certain circumstances in which research could occur over the phone but I am sticking to the point that face-to-face is much better. I guess the way this gap gets closed is by acknowledging that industry analysts tend to frequent many conferences here in the United States. The odds are good that many conferences will be in the Big Apple (NYC). If you are close to NYC then you will be close to us which makes it easier to close the gap and have a face-to-face conversation. Now the more difficult part is in getting analysts to publicly display their travel schedule months (instead of the day before in their blog) so that this can be orchestrated.
In the blogosphere, I tend to have a lot of interactions with folks over at Redmonk and periodically they visit my state to engage in a dialog with IBM. Sadly though we have never managed to coordinate a face-to-face meeting (Stephen and I have met at the OSBC conference though.
The more interesting comment was from James Bach who asked the question of who is going to pay for a publicly published study of their own screw up?. He further states I am simply not allowed to publicly criticize, in detail, anyone's specific situation or practices. I would like to respond with the following considerations:
- When industry analyst firms do case studies on enterprises, they do them to gain their own insight as well as to share with others. The enterprise doesn't pay anything for their creation.
- To a certain extent, a case study on an enterprise is a little different than a software vendor. For example, my enterprise doesn't sell technology so by sharing information with analyst firms in hopes of favorable press, it will never result in a better bottom line. It does however benefit us to tell our competitors that we are better than they are at technology.
- No enterprise would volunteer to be publicly trashed regardless of the analysts perspective. The key thing to understand is that an enterprise of course will tell you all the wonderful things they have accomplished. The harder part that actually makes a case study more compelling is in getting an enterprise to also share with the analyst firm things that they would do differently in hindsight. This is distinct from trashing. Analyst research should provide this form of insight which is useful to lots of folks.
- Its OK to admit you are human in public. I do it all the time. If you want to know what I am doing well, ask. Likewise, if you want to know what I would do differently, ask. There is no magic to this. I suspect you run across a lot of folks in other enterprises who lack integrity and want to have one sided conversations. You will not find anything other than the highest levels of integrity amongst the circles I travel in.
Anyway, in thinking about AGs question of paying for research reports. I would like to say on the record that not only are there situations in which software vendors should pay analysts to create them but there are scenarios in which us enterprise folks should also consider the same.
One of the problems that enterprise folks face is that there is a lot of innovation going on in the marketplace which usually occurs outside of the walled gardens of our incumbent vendors. Venture Capitalists such as Ed Sims and others frequently create innovative startups to address a need. Herein is the start of the problem space. Imagine if analyst firms were to instead of writing up wonderful grids showing how products compare to each other instead focused on the current needs of enterprises and levelset those for vendors to consume.
We have been busy circulating a specification for a problem space we are labelling as data masking whereby we believe that in order to protect from loss of personally identifiable information additional constructs need to be built directly into the database engine. We have sent this specification to Microsoft, IBM, Oracle, ANTS, MySQL, Ingres, PostGres and others. Likewise, we have sent it to enterprise architects for other Fortune enterprises seeking their support. The problem space is that we would like to see certain problem spaces we all collectively face become commotitized out of the gate but don't have enough bandwidth ourselves to get others to assist in this undertaking.
Now imagine if I could pay an industry analyst such as James Governor of Redmonk to actually write a whitepaper on the pervasive problems we face. Likewise, imagine if this same whitepaper contained statistics on how many other Fortune enterprises also face the same problem so that my incumbent vendors when hearing of my requirement will not immediately think this problem is somehow unique to me nor put it in the queue until their other customers have the foresight to articulate it to them. Would it be a better investment for me to say pay an analyst firm $20K to write this whitepaper with the goal of commotitizing something that if left to the venture capital community would result in yet another vendor to work with and the large six figure purchase price for this solution.
Wednesday, July 19, 2006
Indian Outsourcing and Censorship on the Internet
Earlier this year, Indian officials have often prove paranoid on Internet services issues, such as online mapping services (Google Earth, Google maps and the likes) dubbed “national security threats”…
Teaching Java to High School Students...
In the past, I have mentioned that I spend three nights a week after work teaching Java to high-school aged students how to code in Java. When I threw out the call for assistance to industry analysts and large software vendors for assistance, they pretended they didn't hear my call. Luckily, one person did. His name is Yakov Fain who graciously donated copies of his wonderful book: The Java Tutorial for the Real World.
Normally, most book reviews posted in the blogosphere are all about the perceptions of an individual and what they have learned from the book by reading it. Having used it in a real-world setting by teaching high-school students I can say that my perspective of this book is a lot different. This book has gems that on the surface would have felt distracting if I simply read them but in this context proved invaluable.
If you want your kids to learn how to program in Java, there is no other book I would recommend for purchase. I am surprised to know that on Amazon, inferior books such as the Java Tutorial and Head First Java are actually selling more copies. Maybe if book buyers not only understood the content of the book but the soul of the authors, the velocity of sales for books in this category would change.
Anyway, we have a total of six more classes to go. I would love for someone who works for the likes of Dell, Gateway, Apple, HP, etc to consider making a generous donation of older model laptops so that these kids have the ability to have a computer in their own home and won't lose the knowledge that they worked so hard to obtain...
Tuesday, July 18, 2006
Outstanding Questions on Gaming Engines
Awhile back I used to be a big gamer and played Diablo all the time. Of course, with two children and my new found love of blogging, there isn't enough time anymore. One of the tactics that I use so as to not lose all the fun is to figure out how to use technology I am interested in at home within a work context. Hence I have questions around gaming engines.
In a future blog entry, I will outline the work context in more detail but need to figure out quickly answers to certain questions I have. If anyone can point me to industry analyst research in the gaming space (especially free research) I would be greatly appreciative.
Anyway, here are my outstanding questions:
- I am aware of gaming engines such as Torque and Renderware but couldn't locate a mutually exclusive completely exhaustive list of all available engines and their pricing & licensing models
- Would like to understand if you had a budget of say $20K, which engine is best for developing 3rd person games
- Obviously support for Windows is built into every gaming engine but would be interested to learn which ones also support the MAC platform
- Which gaming engines currently support 64-bit Intel and multiple cores or at least have it on their roadmap to do so within the next year or so
- Assume nowadays that all gaming engines support network/multiplayer capabilities. If this isn't the case, how do folks get around this?
- Any thoughts on business models around network games and whether the game company itself should provide multiplayer services such as battle.net or should it be hosted by a third party.
- Most importantly, would love to get my hands on a sample business plan for a gaming company startup
Monday, July 17, 2006
Are you Catholic? The Struggle of Perspectives...
Last week I took vacation in Trinidad. I also had the opportunity to meet my new sister-in-law Michelle. She is Catholic. While watching TV, she commented on the news story about the Middle East which caught my attention. Of course, I have always known that folks outside the United States shared a different perspective on the Middle East than those who have the freedom and privelege to listen to one-sided conversations presented on our own TV sets.
Anyway, the perspective she shared was interesting. Folks from Trinidad have no interaction with folks who practice Judiasm but understand and appreciate the similarities between Judiasm and their practice of kosher which is analogous to Islamic practices of Zabihah. Likewise, she was more thoughtful about sinister acts going on in India and had thought that folks who were Hindus were more capable of evil that any other religion and that the atrocities that occur there simply gets no coverage. She further commented on how she felt that Hinduism was one of the most contorted religions on the planet (NOTE: Michelle is of Indian descent so don't get it twisted).
I found her perspective interesting in that folks from Trinidad actually on a daily basis interact with folks from faiths such as Catholic, Baptist, Islam, Hinduism, etc. Anyway, as a Catholic she also mentioned her adoration of Islam and mentions how the priest (NOTE: He is from South America) there understands that there is an ounce worth of difference between Judaism, Islam and Christianity.
Upon returning, I had the opportunity to talk with the second Michelle who was a recent addition to our family late last year. She is an IT employee for a large airline. Her perspectives on several things were different than the Michelle who grew up in Trinidad. This Michelle spoke of things about Islam from an diametrically opposed perspective than what the Michelle in Trinidad did. She mentioned that her local priest (NOTE: He is of European descent) represented perspectives on Islam that were inline with the media in the United states but otherwise generally inaccurate.
The comparison of the two Michelle's made me think about the following questions in which I would love insight from the blogosphere on:
- Do Catholic practitioners blindly believe everything they hear about another religion if told by a person of authority?
- If a Catholic Priest says something negative about another religion. Do Catholic practitioners ever ask whether their experiences are first-hand or simply passed down knowledge?
- As a non-Catholic, if I were to hear a priest make a negative statement about either Hinduism or Islam in a public forum. How offensive would it be if I were to stand up and actually ask them when was the last time they stepped foot into a masjid or temple? I suspect we know the real answer already...
- Are Catholics in America more insular in their thinking and perspective on other cultures than other parts of the planet?
- Should Catholics take an active step for themselves to understand others or simply defer to the wisdom of others. What would Jesus do in this scenario?
Thoughts on Entitlements and XACML
In my travels, the folks over at Citigroup seem to have the most mature thinking in this space having built in-house, their own entitlements engine several years ago when no products existed. I know that folks from Bank of America and Wachovia have also travelled down this path, but haven't ran across many others in the Fortune 500 space that have embraced the notion of entitlements engines.
For those who are not familiar with this problem space I would suggest considering the following. In the early 90's, enterprises realized that they shouldn't embed basic identity within enterprise applications and moved towards the notion of a corporate directory based on the LDAP protocol. When the web became popular, enterprises realized that externalizing authentication capability away from enterprise applications provided them with the potential of doing single signon which created products such as Yale CAS, Netegrity Siteminder, Oracle CoreID and so on.
The notion of externalizing entitlements (fine grained authorization) away from enterprise applications is now on the forefront as it provides an enterprise a single location to figure out for auditing / control purposes who has access to what at a fine grain of detail. The notion of using a consistent way to express policies around who can access what is moving towards the widespread adoption of XACML which is an OASIS specification.
Anyway, if there is anyone in the blogosphere that can provide insight into any of the below thoughts, please do not hesitate to trackback:
- Sun seems to be the thought leader in the XACML space yet no one from Sun actually blogs about it. They created the XACML reference implementation. I wonder what it would take to get folks like Sara Gates, Ramesh Nagappan, Sameer Tyagi and other Sun bloggers to start talking about its importance.
- I haven't yet ran across any .NET implementations for XACML. Is Microsoft taking a backseat to Sun in this regard? Not even their MVPs are talking about it. I wonder if Harry Waldron, Donna, Alun Jones or Michael Howard could comment?
- Is anyone in the Ruby community considering implementing XACML? I wonder if David Heinemeier Hannson is thinking out loud about security?
- I would love to understand how SmallTalk supports or doesn't support XACML. Maybe James Robertson knows the answer?
- Is anyone from Cisco noodling the notion of putting XACML support into switches? Wouldn't it be intriguing to be able to manage not only applications I have access to but to also do the same for say VLANs?
- Are XML firewall vendors such as reactivity and vordel considering making their products XACML PEPs?
- Should David Lithicum's company also embed XACML into their SOA integration appliance?
- How come industry analysts aren't talking about entitlements yet they seem to be all over Sarbanes Oxley and HiPPA. I know folks from the Burton Group are digging into this, but what about other security-oriented analysts from Gartner, Forrester, IDC and so on?
- I need some really hard test cases and will send a copy of the bestselling book: Enterprise Service Oriented Architectures to whomever provides the most intriguing test case...
Sunday, July 16, 2006
Industry Analysts and Case Studies
In the past, we have done case studies on SOA with Jason Bloomberg of ZapThink and Anne Thomas Manes of the Burton Group. Likewise, Alex Cullen of Forrester is putting the final touches on a case study on our EA practices that should be on their site in the August timeframe. We also have one of my favorite bloggers and industry analysts Brenda Michelson scheduled to visit us in August to analyze us and publish the results on various practices we have.
There are several analyst firms that have never contacted us regarding the desire to do a case study which I think speaks to some problems with how industry analysis works. Many of them have suggested that getting case studies out of corporate America is difficult. I cannot say whether this is true or not for other firms, but I can say that it is not difficult at all for my employer. All one has to do is ask.
Other analysts are worried that corporate media relations departments will want to censor their work. We do not practice this aspect. We of course want all information to be 100% accurate when published. One of the philosophies that is engrained within our culture is to acknowledge our own faults and shortcomings. Sometimes acknowledging areas in which you need improvements shows more signs of maturity than if you simply do case studies that are motherhood and apple pie.
I would say though that we have three constraints that I think folks should understand before approaching us. Constraint one is that we only talk on the record. Many analyst firms attempt to abstract us down into a Fortune 100 enterprise in the Northeast instead of mentioning our names on the record. From an ego perspective, we of course scenarios where the study is all about us and we are not just in the mix.
Constraint number two is that we tend to allow folks who want to do case studies on us to do it face-to-face. None of this over the phone stuff. Constraint number three is that information collected and ultimately published should occur in a formal research report. We acknowledge that blogs and other web 2.0 forms of communication are starting to grow in importance but the formality of traditional approaches is still king.
Actually, I would say there is a forth constraint. We obviously don't talk about our security posture and won't tell you all the open firewall ports, provide network topology diagrams or anything else that if it fell into the wrong hands could be exploited. This even includes organization charts along with headcounts.
Anyway, within my blog I tend to interact most with the folks over at Redmonk but we never seemed to have ever landed on doing any form of case study. Have to figure out how to make this happen with them. On this same note, they also interact with noted EA and blogger Scott Mark. It would be interesting for Redmonk to also do a case study on his employer as well...
It would be intriguing to see analysts that blog such as Stowe Boyd, James Bach, Dan Keldsen, Thomas Koulopoulos, Rob Enderle, Frank Gens, Gordon Haff, Neil Macehiter, Jeff Gould, Mike Rothman, Jeff Kaplan, Amy Wohl and James Governor talk about why they aren't doing more case studies on us enterprise folk. I would think that this would also provide immense value to software vendors that are paying the vast majority of their bills...
Saturday, July 15, 2006
Enterprise Service Oriented Architectures
Enterprise Service Oriented Architectures is currently the number one bestselling book on SOA at Borders, Barnes & Noble, Bookpool and is number two on Amazon. There are of course several deficiencies in the book including but not limited to:
- A chapter on unified infrastructure for service communication (ESB)
- A chapter that deals with other aspects of management of an SOA such as organization, governance, guidance, etc although the Management chapter provides a great technical view.
- A chapter that speaks to the Life-Cycle: Starting with event driven process chains and transforming it into BPEL, etc.)
- A chapter that speaks to the notion of semantics, which actually realize reuse and agility
If you are an owner of this book, I would love to hear your feedback via trackback. Likewise, the author team is sketching out the next volume in this series and will be seeking out one or two additional co-authors to take on other dimensions. If you are interested in being a contributor to the next book, please leave a comment...
Friday, July 14, 2006
The Six Things I would love to see from Microsoft...
Here are the six things I would love for someone from Microsoft to respond to:
1. The CodePlex project is brilliant. The ability to enable a community of developers for code-sharing is powerful. I know you have critics such as Matt Asay and Dave Rosenberg that is of the belief that you are attempting to undermine the open source community but I am a big believer that you have something bigger planned. Today, open source is still all about software vendors. Tomorrow, you may enable open source to become all about customers and the code they provide for themselves. Imagine a day where say everyone in the financial services industry vertical starts developing applications for themselves in a collaborative manner without the assistance of vendors and Microsoft has been the enabler of this. Please don't listen to the hype put out by much of the open source community as they are not spokepeople for us all.
2. We know in the underground that you have a team dedicated to GNU Linux but never hear from them in the blogosphere. What are they up to? What do they think are the most important things the community should consider to make Linux better? Are they working on a way that Linux could participate in Active Directory? Us customers would love this.
3. In thinking about CodePlex, I do think though you should get dinged for not making CodePlex itself open source. You should fix this asap.
4. Imagine if Microsoft Exchange had built in Identity Based Encryption. You could not only show leadership for how secure email could be done and one up every single open source system including sendmail and postfix but would actually assist in helping smaller businesses not leak personally identifiable information in their communications with outside parties. After all, we know that identity theft is on the rise and this could make a significant dent in the problem space. I know that Pat Patterson has noodled this.
5. In thinking about the above, I wonder what it would take for Kim Cameron to start blogging about identity-based encryption externally along with evangelizing its potential internal to Microsoft. What would happen if identity-based encryption were core to say Active Directory and enterprises could use that approach instead of rolling out certificate services?
6. Visual Studio is one of the most powerful development environments around. Why are you taking so long to displace Eclipse? Wouldn't it be cool if there were a way for the Java community to plug into Visual Studio and place all resulting code on CodePlex?