Not-done-here syndrome is mental laziness

The provocative title of this post, is one of the many great points made by Jessica Kerr at the morning keynote at today's GOTO Copenhagen. The keynote was called "Forget Velocity, Let's Talk Acceleration"

Jessica Kerr gave an energetic talk, which covered a lot of ground - enough for several blogposts, which I hopefully will get around to write in the next few days. This blogpost, however, will focus on the point expressed in the title.

Most of us have come across developers, some of them quite good, who suffered from the not-invented-here syndrome, i.e. they'll rather spent the time it takes to write the code themselves, instead of using existing code written elsewhere.

There are probably cases where it makes sense to write it yourself, rather than reuse or modify code made elsewhere, but it is rarely the case. Usually, it takes a lot of time and effort, and it ends up being not as good as the code you could have gotten elsewhere.

I've seen it happen from ORM over logging frameworks to even an entire Ajax framework.

I have always assumed that this happened because of the arrogance of the developers in question, who thought they were better than everyone else.

Not so, says Jessica Kerr - it is due to mental laziness.

This is based on the principle that programmers find it easy to invent new things, but hard to analyze existing code. This means that it is mentally easier to write a framework yourself, rather than take in a framework written by someone else, and get to understand it.

Or put differently, the mental energy you have to spent on writing the framework yourself is less than the mental energy you have to spent on learning a new framework.

Thus, people who suffer from a not-invented-here syndrome, are mentally lazy.

This resonates with me.

One of the followup points that Jessica Kerr made, was that if you look at something, and think that you should rewrite it, then you should stop up, and make sure that it isn't just mental laziness that is speaking.

It is often necessary to rewrite existing code, but rarely to the extend that developers and architects wants to do so. Rewriting the code, however, spares the developers and architects for the work they need to put into analyzing and understand the current code beyond the basic level.

So, in conclusion, rewrite code if necessary, but make sure it is really necessary, and not just done to avoid the hard work of analyzing the existing code.

Disclosure: This blogpost mentions the GOTO Copenhagen 2017 conference. As a blogger who blogs about that conference, I get a free ticket from the organizers. The organizers don't dictate what I write about, and don't have any say about the content of the posts.  

Progress is slow if you ignore the past

I have just returned from spending my Sunday at the 1st day of the 21st Danish GOTO conference (not all of them were named GOTO, there has been some name changes over the years).

As expected, it was a great day, with some great talks - if you want to see my running commentary on those talks, go look at my Twitter stream @kriswager

Most of the talks I attended were great, but I especially enjoyed the keynote Engineering You by Martin Thompson, and Dan North's talk Beyond Developer, both of which focused on how software engineers/developers should expand their knowledge and become better programmers.

Both of these talks started out by looking back at the roots of the field. Dan North took us all the way back to Ada Lovelace:

Taking us back to the roots. @tastapod starts his talk with going back to Ada Lovelace #Gotocph pic.twitter.com/exmt9OcroE

— Kristjan Wager (@kriswager) October 1, 2017

Martin Thompson, on the other hand, only took us back to 1967, where "software engineer" was coined. He spent some time on the 1968 Software Engineering conference sponsored by the NATO Science Committee, where many of the issues raised, and experiences expressed, would fit well into a conference today.

It is interesting how little we have learned in 50 years. Words on slide is from meeting in 1968 #Gotocph pic.twitter.com/XV1AxclpmQ

— Kristjan Wager (@kriswager) October 1, 2017

The above tweet only shows one of Martin Thompson's examples from the conference.

While it is easy to despair over how little progress that has been over the last 50 years, I think it is probably better to think about it this way: while our methodologies change, the problems we face are the same, and it makes sense to look at what people did in the past, to see if they have solved problems we face today.

A lot of people tend to think of pre-Agile days as a period of endless, mostly failing, waterfall projects, but the truth is, that this generally wasn't the case in the early days, and probably wasn't as common later, as legend makes it sound.

It is worth remembering that back in the early days of the field, people were not only building programs, they were also building the tools (e.g. compilers) they needed in order to build programs. These tools have evolved since then, but they are still based on the same solutions that we base our tools on today. Why should solutions to organizational problems be any different?

Disclosure: This blogpost mentions the GOTO Copenhagen 2017 conference. As a blogger who blogs about that conference, I get a free ticket from the organizers. The organizers don't dictate what I write about, and don't have any say about the content of the posts. 

My schedule at GOTO Copenhagen

GOTO Copenhagen 2017 is just around the corner, and I have taken a look at the talks that I definitely want to go to this year.

Unlike earlier years, GOTO Copenhagen starts on a Sunday this year, which makes some demands to the quality of the speakers, trying to lure people in early Sunday morning.

Luckily, the conference delivers - there are two keynotes on at 9:00, and while both looks interesting, I am going for Martin Thompson's talk. I have heard him speak a number of times, and every time the talk have been engaging and informative.

After the keynote, there are some interesting talks, but the next talk I really look forward to, is Dan North's Beyond Developer talk. Not only does the talk sound interesting and relevant, I also know that anything Dan North presents is going to be fun.

Skipping to the talks on Monday, I have spotted the following talks I'd be interested in:

• Eoin Woods: Secure by Design – the Architect’s Guide to Security Design Principles 
• Emma Arfelt: Privacy in Software

The many security breaches in recent months, shows that security is still a hugely important topic, which is all too often ignored or neglected. These two talks addresses different, but equally important, aspects of security.

Tuesday, there is a track called Herding Cats: The Human Factor, where I plan to spend most of my time, for reasons I explained in my last blog post

Other than that track, I am looking forward to the end keynote by Linda Rising. Linda Rising is one of the most engaging and brilliant speakers I have ever heard, and it is a pleasure to go to one of her talks.

Disclosure: This blogpost mentions the GOTO Copenhagen 2017 conference. As a blogger who blogs about that conference, I get a free ticket from the organizers. The organizers don't dictate what I write about, and don't have any say about the content of the posts.

The importance of peoples tracks at IT conferences

Let's talk about the importance of peoples tracks at IT conferences.

Some IT conferences only focuses on technical issues, but some conferences, such as the QCon conferences and the GOTO conferences always include a peoples track.

I generally go to these tracks if I have the chance, since I think they are important.

Last month, James Damore published his now infamous open letter, where he wrote a screed against diversity in Google and the tech sector as a whole. The screed was not only incredibly scientific illiterate, but also clearly demonstrated the need for people tracks at conferences.


In the upcoming GOTO Copenhagen 2017 conference, there is a people track that illustrates why I think they are important.

The track contains five talks:

• The Engineering-Manager Transition: How to take great engineers and make them great technical leaders
• Stress and depression – a taboo in our time
• Scaling Engineering Teams
• The 2D Kitten Problem
• Build the right thing: how to survive the accelerating rate of business change through experimentation

While these talks are all about people, they are quite diverse, allowing the listeners to learn from the experiences of others, and to see new perspectives.

In the above list of talks, it is especially the second and the fourth talk that I think makes the track worth my time.

The second talk,  Stress and depression – a taboo in our time by Gitte Klitgaard, raises a subject which is all too rarely discussed, and which most of us are affected by - either directly or indirectly.

The fourth talk, The 2D Kitten Problem by Laura Laugwitz, is described thus:

"Diversity" is one of those buzzwords that alternates between being supercharged and sadly hollow. While many tech companies like to boast about their diversity programs, the numbers regarding their employees don't change much. But that's no reason to give up on the concept of diversity just yet! However, we need to re-examine what actually constitutes this term in order to make it sustainable: Diversity is more than hiring a few "different" people, it's about empowering oneself and others to create positive change.

This talk will give back some meaning to the term diversity while illustrating why it's still important. There will be some interaction, some tangible examples and more than a few cats to help you through the more challenging parts of theories and self-reflection.

While it is highly unlike that James Damore would ever go to such a talk, it is talks like this that would have allowed Damore to understand the importance of diversity.

It is not possible to reach Damore and his irk, but there are other people out there who are not aware of the importance of diversity, who can be reached through such talks. This is why I think people talks are important, and why I hope conferences keep having them.

Disclosure: This blogpost mentions the GOTO Copenhagen 2017 conference. As a blogger who blogs about that conference, I get a free ticket from the organizers. The organizers don't dictate what I write about, and don't have any say about the content of the posts.

Impressions from the first day of GOTO Copenhagen 2016

I have just returned home after spending the whole day at GOTO Copenhagen 2016, listening to great speakers talking about software development.

As I wrote in my last post on GOTO Copenhagen, I had planned to spend the day watching the Effective Delivery track, and this is what I did.

For someone like me, who works with projects in the public sector, this was a fantastic track.

The first talk was Tony Grout's Hand to hand with a gorilla won't work, about how you introduce agile in a very large organization.

Basically, it takes a lot of effort, and some cunning, and it won't be pure, but as Grout said, "good luck with pure". Sometimes you have to be pragmatic in order to reach your goal.

One interesting thing that Grout said, was that a fairly simple, yet very effective tool, is an ordered list across the organization, allowing everyone to know what they should focus on first. Introducing such a list in Skype, increased the productivity ten-fold.

Next up was Jez Humble's When DevOps Meets Regulations: Integrating 'Continuous' with 'Government'

This talk was about the efforts of introducing DevOps in government projects in the US. A big barrier to this are the regulations they have to follow when making "information systems".

A partial list of regulations that @jezhumble have to remember when launching government system in the US. Seems similar to Denmark #gotocph pic.twitter.com/DZxepcDubP

— Kristjan Wager (@kriswager) October 3, 2016

As I write in my tweet, the list doesn't seem overly long to me, compared to what we experience in Denmark. As the talk progressed, however, I realized that the US process for fulfillment is much more cumbersome than the Danish one, and it definitely needs an overhaul.

One cool thing that Jez Humble introduced us for, is an open source cloud platform for government projects in the US. This seems like a great idea, and I'd love to see something similar in Denmark.

After the US, the turn came to the UK, in the form of Stephen Forshew-Cain's Building an effective delivery culture, where he talked about the Digital Service and its culture.

I am planning on writing a longer blogpost about Jez Humble's and Stephen Forshew-Cain's talks and how they relate to the Danish situation, so I won't go further into the talk here.

Having spent some time on government projects, the time came for talking about effective teams - this came in the form of Camille Fournier's Building a High-Performance Team is Everyone's Job. This was the title in the program, but she had given it a different name at the time of the talk (the title is unfortunately on a photo in my phone which has run out of power).

I had never heard Camille Fournier speak before, but I will most certainly do so again, if I ever get the chance.

It was a very amusing, and highly informative talk, where she spoke about her experiences, and what she had learned from them, when it came to leadership.

"I came from finance where it was OK to yell at people. Apparently that's not the case everywhere" @skamille on early mistakes #gotocph

— Kristjan Wager (@kriswager) October 3, 2016

last, but not least, on the track, Emily Webber gave her talk Communities of practice, the missing piece of your agile organisation, in which she talked about how to create communities of practice inside your organisation.

All of the talks were great, and I certainly got a lot out of them. Hopefully the same will be the case tomorrow, when I spend my time at the Tactics for better Teams track.

What I want to see at GOTO Copenhagen 2016

I have taken a look at the schedule of GOTO Copenhagen 2016, trying to figure out what I want to see.

On Monday the 3rd, there are a few interesting tracks for me.

First of all, the description of the Effective Delivery track sounds very intriguing:

Anyone with less than 15 years in IT has never known a time when there wasn’t Scrum or XP, or cross-functional teams or automated tests. They take these things for granted, but they also believe this is the state-of-the-art. Mainstream agile methods are around 20 years old now, and the world has moved on. Planning every 2 weeks makes sense if you have a 3 month release window, but what about if you are releasing every week, or even several times a day? Servers are now an inexpensive commodity, and cloud infrastructure means my expensive data center is now someone else’s pay-per-use model. How are modern practitioners taking advantage of this? What about challenges like large-scale delivery, regulated government departments, or heavyweight corporates? And how can you navigate a career when half the companies on your CV no longer exist? This track passes a critical eye over the current delivery landscape, and hopefully gives you some tools and techniques for navigating the modern world of Effective Delivery.

I like that the track takes for granted that we understand the basics of Agile development, as most of us have worked with it our whole career, and build upon this.

It is highly likely that I will spend most of the day at this track, and there are a couple of talks I definitely won't want to miss. One of these is Jez Humble's When DevOps Meets Regulation: Integrating 'Continuous' with 'Government'. As someone that works primarily with projects related to the public sector, this certainly sounds like something that I can use in my daily work. The same is probably true for Stephen Foreshew-Cain's talk Shepherding Government towards Effective Delivery, but there is no description of this talk yet.

If I am not at the Effective Delivery track, I'll probably be at the Deep Learning Analytics track, where there are several interesting talks, including Michael Hunger's How the Investigative Journalists of the ICIJ used modern Open Source Technologies to unearth the stories of the Panama Papers, where Neo4j will play a major part of the talk. Neo4j is a technology I have followed for years, and I would love to hear about how it was utilized by news organizations, so they could map the data.

On Tuesday the 4th, there is no doubt that I will be spending my day at the Tactics for better Teams track. The track is described thus:

Let's get practical. Often small simple changes have a huge positive effect on team performance and work-life satisfaction. This track presents a set of simple tactics that you can bring home to your team and start using today to make a better team. The track will present both technical ideas like software visualisation as well as more process oriented initiatives.  

The reason I'll be spending my day at this track, is partly that it is the track that is most related to my daily work, but mostly because of the speakers on the track. Of the speakers, the only one I don't know if I have seen before is Corey Haines. The rest of the speakers of the tracks are people that I don't only know I have seen before, but also know that I love - especially Linda Rising, who is a brilliant speaker.

Hadn't that been the case, I'd probably have spent some time on the Microservices track, trying to figure out what all the hype is about.

 

The Dangers of Conferences

In just under a month, it is time for GOTO Copenhagen 2016, which is the 20th anniversary of the GOTO conferences (which started out as JAOO). I am looking forward to listening to some great speakers and network with other participants and the vendors.

When talking with other people in the field of IT, I often come across people whose employers won't pay for conferences, and sometimes even won't let them take time of to go there.

I have in the past tried to make the case for allowing employees to go to conferences, but I think it is time to also acknowledge and address the dangers of allowing employees to go to conferences.

The rest of this post will list the major explanations I've heard, and try to address them.

1. The company only work with legacy systems, and all the new stuff mentioned at the conferences is irrelevant for us.

A conference like GOTO doesn't only present new languages and technology, but also have sessions on methods, architecture and many other things that are several layers of abstraction away from actually systems development.

Even if your company doesn't make use of the newest technology, conferences present a rich source for re-evaluating current practices, and address inefficiencies in the current setup. Many, if not all, of the speakers have not only worked on cutting edge greenfield projects, but also on brown-field projects, that have turned into big balls of mud, so they understand the need for taking such projects into account.

2. When my employee go to a conference, they will met people from other companies, and be tempted to go there.

There is an old anecdote about a the leaders of a company talking to a consultant, and asking "what if we train our employees, and they all leave?" To which the consultant answers, "what if you don't train them, and they stay?".

If you are afraid that the employees will leave if they hear about conditions at other companies, maybe you should address the conditions at your company, rather than letting them get worse, by not allowing people to go to conferences.

Also, have you considered the idea that the employee might convince other people to check out your place as a potential workplace?

3. If I allow one employee to go to a conference, everyone wants to go.

First of all, I don't think that is true. In most companies, there is a large group of employees who don't particularly like going to conferences, and thus won't ask for it.

But even if that's the case, then I don't really think it is a problem. There might be an economic limit to how many can go, but that can probably be solved by creating a turnus, where employees get to go on alternate years.

If a large group of employees go, then they can either use the conference as a team event (if they work together), or as a way to get to know people in other parts of the organization better (if they don't work together). Either way, it makes for a closer knit mass of employees.

4. Conferences are expensive

"Expensive" is relative.  IT employees are usually highly paid, and hard to recruit. For many good IT people, conferences are a factor when considering whether to stay or change jobs.

If someone changes jobs, the cost of replacing that person is much, much higher than the cost of allowing them to go to a conference.

5. My employees will get frustrated over hearing about new tech that they can't use

Yes, this is a real risk, but there are ways around that. Maybe allowing them to slowly introduce new tech in their current projects, or by allowing them some "play time" to build tools and other programs that can help them in their daily life.

Trying to keep them away from learning new tech is only going to work for the most incurious of employees. If you are fine with your employees not wanting to keep up to date on their field, that is fine, but if that's not the case, then you have to find a different solution than keeping them from konferences.

6. My employees will try to implement the newest fad after the conference

Somewhat related to point 5. Yes, this is a risk, but you can limit the risk by ensuring that the employee get an outlet for their creativity.

Looking back on the first day of GOTO Cph - missing a bit of edge

I am at GOTO Copenhagen these days, and thought I'd post a quick overview on my thoughts on the conference.

First of all, unlike last year, it seems like the venue is too small for the conference. It is hard to get around, and many of the sessions are filled up 10 minutes before they start. It was said that the conference would be at a different venue next year, which I think is a good idea.

The first keynote was by Dr. Sengupta and was about the Mars Curiosity Rover. It was absolutely fantastic, and when there were some technical problems with the sounds in the middle of the talk, she managed that brilliantly as well.

Then there were the sessions.

I mostly went to talks in the tracks "game changing methods and practices" and "fast and continuous delivery".

I am not going to talk about the individual sessions, but I am going to quote a couple of tweets I wrote during the sessions there
.

It is probably due to me being at too many conferences, but I'd love more craziness at process/methods track #gotocph please blow me away!

— Kristjan Wager (@kriswager) October 5, 2015

As it is, the talks fell too safe. Doesn't challenge the audience. We learn, but our minds are not expanded #GOTOcph

— Kristjan Wager (@kriswager) October 5, 2015

There is no doubt that the process/method track gave us new techniques for doing Agile, but in my opinion, it would have been greater if the process/method track would have challenged us, and made us re-evaluate how we do systems development, rather than just provide new tools for doing it the same way.

An example of how this could have been done, would have been to find some organization that did waterfall projects with success, and get them to come an tell us about how they manage. One such organization is probably NASA, since I have a hard time imagining that the software for the systems used for landing the Mars Curiosity Rover was developed in an Agile project.

I think many of us would have loved to have our preconceptions challenged this way.

What I wrote could equally apply to the "fast and continuous delivery" track.

Code of conducts at conferences

Looking at the GOTO Copenhagen website, I notice that there is a code of conduct linked at the bottom. The only reason why I found it, was probably because I went looking for it.

As far as I know, this is the first year that has one for a GOTO conference in Denmark, though there might have been one last year as well.

I am quite happy to see one, since I wasn't sure that there would be one, as Danes seems to have an aversion against codes of conducts for some reason or other. Earlier this month, I was at the Coldfront conference, which does have a code of conduct, but where one of the organizers felt it was necessary to half-apologize for it.

I am glad to see that code of conducts become more widespread, since I think they are necessary in order for conferences to become more inclusive.

A code of conduct is important to conferences, especially with an international crowd, for several reasons:

1. It sets up clear boundaries of acceptable behavior.
2. It helps enable people to speak out if they feel harassed or uncomfortable.
3. It explains people what they should do, in case of harassment.
4. It helps unveil the scope of the problem.

In regards to the first point, many people say that it shouldn't be necessary, and to some degree I agree, but unfortunately, experience shows us that it is necessary - especially at conferences where there is a large disparity between the genders.

It is also worth remembering that at an international conference, there will be people will different social and cultural backgrounds, and there are different boundaries in different cultures and social circles.

Regarding the point about enabling people to speak out, the existence of a code of conduct demonstrates that the conference cares about the well-being of all the participants. This in turn, encourages people to speak out when they feel that the boundaries are being pushed.

Since it often comes as a surprise for people that they are making others feel uncomfortable with their jokes or behavior, it allows those people to change their behavior in ways that makes it a pleasant occasion for everyone.

And even if there are some people that don't care if they are making other people uncomfortable, then there is the option of reporting them, which the code of conduct should provide clear instructions for.

For the organizers, it also means that they will hear about serious incidents straight away, and not through some backdoor channel long after the fact.

I think most of us would prefer that there was no need for a code of conduct, but history has shown us that this isn't the case, and it would be naive to think that if we ignore the problem, it will just go away. Instead, provide a code of conduct which provides clear boundaries and guidelines.

It seems like GOTO Copenhagen is more or less adopting the code of conduct provided by the Ada Initiative. Note that it has a public version, and an internal version for the conference staff, which includes clear instructions on how to enforce the code of conduct.

The later part is an important part of the code of conduct, which all too often was lacking in the past, creating situations where conference staff either overreacted or ignored any reports they received, and where documentation of incidents were non-existent - allowing some conferences to claim that there had been no reports of harassment at their conferences, even though several people have reported such.

What sounds interesting at GOTO Copenhagen 2015?

The GOTO Copenhagen conference is still a couple of months away, but I have taken a look at the talks, and spotted a few that I think will be interesting.

Generally speaking, I don't go for technology specific talks - by which I mean that I tend to go for talks about processes (e.g. Agile), concepts (e.g. Big Data) or general architecture, rather than talks about specific languages, or even worse aspects of languages, or about specific programs (e.g. a specific NoSQL database). I don't mind examples at a talk being language specific, but I prefer to be able to apply the concepts from the talk broadly.

Having said that, I am as prone to follow hype as everybody else, so if something new and exciting is presented, I might very well go there, even if it breaks my general preferences for talks.

When you see my list, you'll notice that I haven't filled my schedule. This is quite common for me - I rarely know what I want to see at a conference when I begin my day. Instead I like to hear the talks getting presented in the morning, and then decide what to go to.

If you tend to skip those talk presentations, I think you're really missing out. Some of the most exciting talks I've listened to was not remotely on my schedule until I heard them presented at the start of the day.

So... onwards to my list.

The first talk I noticed was Richard Lander's How to train your corporation to prefer open source.
Microsoft has gone through an incredible change in regards to their stance on Open Source in the last few years, to the degree where now they have Open Sourced most of the .NET platform. This is hardly something one would have guessed a few years ago (even though Microsoft has never been as anti-OS as some people think it has), so I definitely want to hear how this happened.

I don't usually go to IOS-related talks, but I might just go to Jorge D. Ortiz Fuentes' Test Driven Development (by controlling dependencies).
There is no description of the talk, but I am always interested in seeing how people handle dependencies, as I think this is an overlooked problem-area in my software development Projects. Given it is in the IOS and Swift track though, there is a high likelihood of me giving the talk a pass.

Other than the mentioned talks, I will probably spend the rest of the first day listening to talks in either the Game Changing Methods and Practices track or the Fast and Continous Delivery track.

On the second, and final, day of the conference, there are four tracks that all sounds interesting - Reactive Architectures, The State of Data, Front-end: The Bleeding Edge, and Security, Safety and Privacy.

In the first track, Reactive Architectures, I am probably going to Jonas Bonér's The Sadness at the End of the Happy Path and Dave Farley's Reactive Systems: 21st Architecture for 21st Century Systems.
Building resilient and high-performance systems is hard to do, and any ideas on how to do it better, are definitely welcome.

If I am not going to Dave Farley's talk, I will certainly be going to Dave Thomas' The State of Data 3.
I have seen Dave Thomas talk a number of times, and his talks are often quite amusing, but also, more importantly, highly informative. Big data is his field, so I expect the talk to be as great as always.

A talk that sounds interesting, is Phil Winder's Modern Fraud Prevention using Deep Learning, which is at the same time slot as  Andreas Halberg's Secure Coding Patterns - another talk that sounds useful for when developing systems.

As always, when at multi-track conferences, there are often several talks I find interesting at the same time, and which I won't choose between until the last minute. Again, much depends on how the talks are presented, and whether I have heard the speaker before. Usually there are a few speakers that are "must-go-to" for me at the GOTO conferences, but this doesn't seem to be the case at this conference. This is not a bad thing - it gives me the opportunity to get to know new great speakers.

Disclaimer: As a blogger who blogs from the conference, I get a free ticket (like I have done for the last couple of years). The deal comes with no strings attached, except for an agreement on me writing a certain number of blogposts about the conference. The conference has no say over the content of the blogpost.

Privacy should be a priority

Ever since Snowden started telling the World about the doings of the NSA and other government agencies, privacy has become much more of a focus area for a lot of people - this includes Tim Bray, who debuted a new talk at GOTO Copenhagen called "Privacy and Security, Policy and Tech".

At GOTO Copenhagen, the room was unfortunately full, and I didn't get to see it, which is why I was quite happy to get a second chance the week after at GOTO Aarhus.

The overall message of Tim Bray's session was that privacy is important, and that we, as developers, should make sure to project the privacy of our users' information as much as we can.

A lot of people have a quite relaxed opinion about privacy and security, though this has started to change after Snowden. As Tim Bray said:

A lot of people has realized that the internet is a bad place, and that their information is hanging out places where it shouldn't be.

Also, people have started to realize that just because they have nothing to hide now, it doesn't mean that they won't have in the future - if nothing else, then when laws change, and formerly perfectly legal things become illegal.

A historical example of that could be membership of certain political organizations in the US, which was prefectly legal, until the red scare and McCarthyism kicked in.

Another, more recent example, is simply being a LGBT activist in Uganda, which carries high risks of prosecution, even if their "kill the Gays" law was Struck Down.

Again, quoting (or rather, paraphrasing) Tim Bray:

Most people at this conference probably live where the government is fairly civilized, and won't get their door kicked in at the middle of the night. But while it is probably true for people at this conference, it is not true for a majority of the World population as a whole.

This is an important point. Even if we have nothing to hide, and don't expect ever to have anything to hide, the same doesn't hold true for most of the World's population, perhaps including a large proportion of your end users.

This should be obvious, but a lot of people tend to forget that, and don't even enforce the most basic of methods for enabling privacy such as HTTPS.

HTTPS was an area that Tim Bray dedicated a lot of time to, exactly since it is such a basic method, and so many systems don't support it.

This has to change.

Using HTTPS is such a low-cost, easy solution that there is absolutely no reason not to use it at all times, no matter whether privacy is needed. And as Tim Bray also pointed out, there is an asymmetrical cost to using vs. not using HTTPS. Using HTTPS costs a little all the time even when it is not needed, but not using HTTPS can come at a huge cost when it was needed. This is an unacceptable risk.

One thing Tim Bray didn't get into, which I also find important, is that if everybody runs HTTPS, and thus encrypts their Communications, it offers a type of herd immunity to those who really need to protect their privacy - their communication doesn't stand out from the rest.

This is the reason why Google encrypts its user's traffic (they were actually inspired by Cory Doctorow's book Little Brother).

So, all in all, the overall message of the session was that we need to think about how we can protect the privacy of the end users, and at the very minimum we need to ensure basic privacy measures like HTTPS.

Size doesn't matter

Big data.

A couple of years ago, at a GOTO Aarhus conference, I took a break from the sessions, and walked around in the vendor area. Here I was lucky enough to be able to listen in on a conversation between Dave Thomas and Jim Webber, where Dave Thomas was explaining to Jim Webber why graph databases, like neo4j, were not suited for the type of stuff he was doing. Basically, what Dave Thomas did, was to take all global stock data several times a day, and run some analysis on it (I am obviously simplifying it, and probably explaining it wrong).

This is the sort of things I think of when I hear the words "big data".

Since that's the case, I have been somewhat skeptical when people start talking about big data in Denmark, because we have very few domains where there are anything remotely close to such data amounts (health care probably being the one exception).

It turns out that I've basically misunderstood the concept of big data, and that I underestimated the amount of data out there.

At GOTO Copenhagen, I went to a talk with Eva Andreasson, where she gave an overview of the big data landscape, mostly at the vendor level. During this session, she made a number of important points, which made me realize I have to change my view on big data and its usage in Denmark.

First of all, Eva Andreasson made clear that only about 10% of all data out there is what we traditionally would consider data (e.g. data about companies or people). The rest of it is all the trace data that people leave around when they navigate the internet, doing whatever shopping or browsing they want.

Such trace data, put together with traditional data, allows companies to analyze end-user behavior much better than traditional data alone. E.g. while traditional data will tell you what customers bought, trace data will tell you what products customers spent a long time looking at, without buying them at the end - allowing the company to do some further analysis on what it would take to get the customers to buy the product.

Another thing that Eva Andreasson made clear, is that big data isn't just about working on large data amounts. It is also about aggregating new data sources into existing use scenarios of existing data, and about making new use scenarios of the data that you work with, allowing you to look at things in new ways, hopefully gaining new insights.

Based on these two points, it is clear to me that I have to reevaluate my understanding of when big data is relevant. And judging from the conversations I've had with other people about big data, I am not alone in this.

Aim for the stars

One of the great things at most conferences is the keynote talks, since they are usually picked by the conference organizers in order to expand the mental horizons of the conferences goers.

The organizers behind the GOTO conferences are, in my opinion, particularly good at this.

Every time I've been to a GOTO conference (or a QCon conference where they have been involved), there has been at least one keynote talk, that made me rethink things, and look at the field in new ways.

At GOTO Copenhagen, there were several such talks, but one of them stands out in particular.

Very moving keynote speech by @russolsen on the moon landing and the lessons we can learn from it #GOTOcph
— Kristjan Wager (@kriswager) September 26, 2014

On a two-day conference, the least attractive keynote slot must be the early one on the second day (after the conference dinner the evening before), and I am always impressed by the speakers who can go on stage at that slot, and leave an unforgetable impression.

At GOTO Copenhagen it was Russ Olsen who gave his "To the Moon" talk.

I hadn't heard Russ Olsen before, but judging from the keynote talk, he is a great speaker, and I'll definitely check out any talks of his I come across in the future.

So, what was so great about Russ Olsen's talk?

Well, as my tweet embedded above states, it was about the Moon landing and what we, as a field, can learn from it. Most people would probably find this interesting as it is, but my description doesn't do the talk justice at all - Russ Olsen manages to express the feelings of nerverousness and wonder behind the whole process, especially during the last 10 minutes of decent towards the moon.

Russ Olsen also has a great message - quoting Kennedy, he reminds people that they shouldn't do something because it is easy, but because it is hard, and that nothing is impossible.

So, if you're at GOTO Aarhus, I would highly recommend going to Russ Olsen's keynote talk on Tuesday, even if the conference dinner made you get to bed late. But in case you miss it, it can apparently be found online.

Ahead of my time

If you follow me on twitter, you'll undoubtfully have noticed that I've spent the last couple of days at the GOTO Copenhagen conference.

If you look at my last couple of blogposts, that might surprise you, since they were about going to GOTO Aarhus, not GOTO Copenhagen. Well, that's because I am going to GOTO Aarhus in my capacity as a blogger, while I went to GOTO Copenhagen as a "civilian" (i.e. together with some of my colleagues). Since GOTO Copenhagen and GOTO Aarhus have the same sessions, this means that I probably get to see more of the sessions than anyone else, perhaps excluding the speakers themselves.

Even though I didn't go to GOTO Copenhagen as a blogger, it won't keep me from writing a bit about my impressions from the sessions I attended there - this also allows me to make some suggestions for what people should go to at GOTO Aarhus.

Below is my schedule during GOTO Copenhagen:

Thursday:

• New Linting Rules - Kyle Simpson (Enterprise Architecture)
• From 'Agile Hangover' to 'Antifragile Organisations' - Russell Miles (People & Process)
• Fast Delivery - Adrian Cockcroft (People & Process)
• Deep Dive into the Big Data Landscape - Part I - Eva Andreasson (Enterprise Architecture)
• Lean Enterprise - Part II - Jez Humble (People & Process)

 

Friday

• The Future of C# - Mads Torgersen (Enterprise Architecture)
• What I Learned About Going Fast at eBay and Google - Randy Shoup (People & Process)
• Responding in a timely manner - Microseconds in HFT or milliseconds in web apps, its all the the same design principles - Martin Thompson (Enterprise Architecture)
• A retake on the Agile Manifesto Part I - Katherine Kirk/Prag-Dave Thomas/Jez Humble/Tatiana Badiceanu/Martin Fowler (People & Process)
• A retake on the Agile Manifesto Part II - Katherine Kirk/Prag-Dave Thomas/Jez Humble/Tatiana Badiceanu/Martin Fowler (People & Process)

 

As with most conferences, there is a rating system, where one can indicate what you feel about a given session. At GOTO it is the classic green-yellow-red system. All of the sessions I attended, with one exception, I gave a green - and the one I gave a yellow, I actually think in hind-sight also deserved a green.

 

I should probably add that I give a green based on either of two critierias:

1. Was it interesting/informative/entertaining
2. Did I get new insights out of it

This means that theoretically a speaker can be less than stellar, but able to give me new insights, and then receive a green vote. In reality, however, this happens very rarely, so green votes are usually given to great speakers, who usually are also able to provide me insights.