Recently a friend told me this story. She had given a presentation at a conference and soon after started receiving messages from a guy that wanted to talk more about the topic. He was very insistent that she was the only person that would understand his situation. Not wanting to be rude, she offered they continue in email but he wanted to meet in person. His requests became more and more demanding over time. It became obvious that he wasn't looking for mentoring or advice. He wanted a date.

She had no interest in that.

Unsure what to do, she asked a few other female attendees for advice. What a surprise to discover that the same guy had also contacted them and was playing the same game. In fact, she later found out 5 women that had attended the conference were receiving the same treatment.

Yes. Really.

Wait... it gets worse.

This is the third conference I've seen this happen. This isn't just a problem with one particular conference or even one kind of conference.

So, it isn't a coincidence, this is an M.O.

I call this pattern "playing the odds". You approach every woman that attends a conference assuming that odds are in favor that at least one will say "yes".

I'm not sure what is more insulting: the assumption that any female speaker is automatically available or interested in dating, or that the women wouldn't see right through him.

The good news in all three cases is that the conference organizers handled the situation really well once they were aware of the situation.

So, guys, if you ever think you are the first person to think of doing this, I have some sad news for you. First, you aren't the first. Second, it won't work.

To the women that speak at conferences, now that you know this is a thing, I hope it is easier to spot.

The problem is that there is no transparency in the system. It isn't obvious if the guy is doing this to a lot of women because sharing such information is difficult. It would be uncomfortable to share this information. There are many privacy concerns, in particular if the guy was contacting the women for legitimate reasons, a false-positive being publicly announced would be... bad.

If only there was a confidential service where people could register "so-and-so is contacting me saying x-y-z". If multiple people reported the same thing, it would let all parties know.

I was considering offering such a service. The implementation would be quite simple. I would set up an email inbox. Women would send messages with a subject line that contained the person's email address, name, and whether their approach was "maybe" or "very" creepy. I would check the inbox daily. For example my inbox might look like this:

Subject: [email protected] Joe Baker  maybe
Subject: [email protected] Mark Jones  maybe
Subject: [email protected] Ken Art  maybe
Subject: [email protected] Mark Jones  maybe
Subject: [email protected] Ryan Example  very
Subject: [email protected] Mark Jones  maybe
Subject: [email protected] Mark Jones maybe

If I saw those Subject lines, I would alert the parties involved that Mark Jones seems to be on the prowl. The service wouldn't be entirely confidential, but I would do the best I could.

Then I realized I could build a system that would require zero human interaction and only be slightly less accurate. It would be a website called "did-he-just-hit-on-me.com" and it would be a static web page that displays the word "yes". True, it wouldn't be 100 percent accurate but exactly how less accurate is difficult to determine. If you have to ask, the answer is probably "yes".

Jokes aside, maybe someone with better programming skills could come up with an automated system that protects everyone's privacy, is secure, and strikes the right balance between transparency, privacy, and accuracy.

I'm not one of the people who is directly affected by this sort of thing, so if my thinking on these solutions is off base, I'm eager to hear it.

In the meanwhile, I'm holding on to that domain.

Posted by Tom Limoncelli in Women in Computing

Tom will be giving a talk entitled "Safer Puppet" in 4 quick demos" at Puppet Camp NYC on May 15, 2015

Info about the event.

Info about the presentations and how to register.

Posted by Tom Limoncelli in AppearancesArchive

Tom will be giving a talk entitled "Safer Puppet" in 4 quick demos" at the May meeting of LOPSA's NJ Chapter on May 7, 2015

More info on their Meetup page.

NOTE: This is a dress rehearsal of the talk I'll be giving at Puppet Camp NYC the following week.

Posted by Tom Limoncelli in AppearancesArchive

If you own a Boeing 787 Dreamliner, and I'm sure many of our readers do, you should reboot it every 248 days. In fact, more frequently than that because at about the 248-day mark, the power system will fail due to a software bug.

Considering that 248 days is about 2^31 * 100, it is pretty reasonable to assume there is a timer with 100 microsecond resolution timer held in a 32-bit unsigned int. It would overflow every 248 days.

"Hell yeah, I did it! I saved 4 bytes every time we store a timestamp. Screw you. It's awesome.
Sincerely,
a software engineer that makes planes but doesn't have to operate them.

Reminds me of all the commercial software I've seen that was written by developers that didn't seem to care, or were ignorant of, the operational realities that their customers live with.

Last week at DevOpsDays NYC 2015 I was reminded time and time again that the most important part of DevOps is shared responsibility: The opposite of workers organized in silos of responsibilities, ignorant and unempathetic to the other silos.

Posted by Tom Limoncelli in DevOps

There are still tickets available for Puppet Camp New York 2015, Friday, May 15, 2015. It is a day of presentations useful for folks from beginner to advanced. I'll be one of the speakers. In my talk I'll be demoing some of the things we do at StackOverflow that make using Puppet safer: Git, CI, Vagrant, and using Puppet Environments. A lot of people at these events aren't using Puppet yet, so the material is usually very introductory.

I'll be doing a rehearsal of my talk this Thursday (May 7th) at the NJ LOPSA chapter meeting. They meet in Lawrenceville, NJ (near Princeton). For more info, visit their web site.

Hope to see you at one or both!

Tom

Posted by Tom Limoncelli in PuppetSpeaking

Update: 2015-05-21 Backupify reached out to me and said that they had 2 different email addresses for me in their system, both have now been removed. I have not received marketing emails from them since. Thank you, Backupify, for looking into this matter.

A year or so ago I tried Backupify and then disabled it shortly after. Ever since I've received many emails from them, mostly warning that my disabled account was... umm.. disabled. Thanks for the reminder.

On April 17th I complained to them via their Zendesk system and their support agent Adam Deligianis explained the issue and cancelled the account. "I have now processed the cancellation of your account so you will not receive any more emails from us." (link)

This week I got more spam from them. This was was pseudo-personal message from Rob May, a SVP of Business Development, that states, "You are receiving this email regardless of your unsubscribe settings because it includes important information that impacts availability of your Backupify account."

If the account was cancelled, I'm not sure why I'm receiving this at all. Did Adam Deligianis lie to me? Did his management force him to lie? Or did Rob May dig deep into the database to spam people that don't even have accounts?

I've opened another (support request) asking them to investigate and not spam me in the future.

Here's the thing...

Backups are really critical. Doing backups right is all about attention to detail. I think every book I've ever written talks about this. Should you trust your backups to a company that lacks the attention to detail that Backupify has demonstrated in their marketing department?

This is one of those "everyone does it" kind of problems. Marking departments don't feel they have to care about spamming people because we (users) don't complain loudly enough. The marketing departments know that a single ops person complaining about too much email will be ignored when their CEO/CIO/CFO are trying to weigh the business costs and benefits of buying a backup solution.

Tom

Posted by Tom Limoncelli

A tweet about Git

Best Tweet I've seen in months: That just about sums it up.

Posted by Tom Limoncelli in FunnyRants

I received an interesting email recently:

Did the submissions process for LISA change in recent years? I recall going to submit a talk a couple years ago and being really put off by the requirements for talks to be accompanied by a long paper, and be completely original and not previously presented elsewhere. Now it seems more in line with other industry conferences.

Yes, LISA is very different than it was years ago. If you haven't attended LISA in a while, you may not realize how different it is!

The conference used to be focused on papers with a few select "invited talks". A few years ago, the conference changed its focus to be great talks. LISA still accepts "original research" papers, but they're just one track in a much larger conference and have a separate review process. In fact, the conference now publishes both a Call for Participation and a separate Call for Research Papers and Posters.

If LISA is now "talk-centric", what kind of talks does it look for? Quoting from the Call for Participation, "We invite industry leaders to propose topics that demonstrate the present and future state of IT operations. [Talks should] inspire and motivate attendees to take actions that will positively impact their business operations." LISA looks for a diverse mix of speakers, not just gender diversity, but newcomers and experienced speakers alike. We have special help for first time speakers, including assistant with rehearsals and other forms of mentoring.

What about the papers that LISA does publish? The papers have different criteria than talks. They should "describe new techniques, tools, theories, and inventions, and present case histories that extend our understanding of system and network administration." Starting in 2014, the papers have been evaluated by a separate sub-committee of people with academic and research backgrounds. This has had an interesting side-effect: the overall quality of the papers has improved and become more research/forward-looking.

Because LISA mixes industry talks and research papers, attendees get to hear about new ideas along before they become mainstream. Researchers benefit by having the opportunity to network and get feedback from actual practitioners of system administration. This gives LISA a special something you don't find anywhere else.

Another thing that makes LISA better is the "open access" policy. Posters, papers, and presentations are available online at no charge. This gives your work wider visibility, opening up the potential to have greater impact on our industry. Not all conferences do this, not even all non-profit conferences do this.

Does that make you more interested in submitting a proposal?

We hope it does!

All proposal submissions are due by April 17, 2015.

  • Tom Limoncelli and Matt Simmons
  • (volunteer content-recruiters for LISA '15)

P.S. LISA has a new mission statement: LISA is the premier conference for IT operations, where systems engineers, operations professionals, and academic researchers share real-world knowledge about designing, building, and maintaining the critical systems of our interconnected world.

Posted by Tom Limoncelli in LISAUsenix

Last year I open sourced my enhancement to Python PDB which lets you rewind time. Sadly I announced it on April Fools Day. Oddly enough, even though I open sourced it, people thought the screencast was a hoax. It isn't at all. It really works.

Check out last year's post:

http://everythingsysadmin.com/2014/04/time-travel-pdb.html

Posted by Tom Limoncelli

My 5-minute "Ignite" talk was accepted. Come and hear it.

Posted by Tom Limoncelli in AppearancesArchive