How safe your online passwords are?

Trustwave recently reported that around 2 million passwords are hacked and 1.6 million are from websites including Facebook, Yahoo, Google and Twitter. The question is who we should blame for this hacking… Should we blame hackers who do this crime or blame people who do not take care of their own passwords. The blame goes to both. Password protection is critical and it starts with setting the right password with appropriate complexity. From the online safety perspective, I am thinking of a list of best practices and certain commonsense tips. These tips can be followed both by by the beginners  and  expert Internet users as well.  Here are few commonsense tips to start with:

1. Have your passwords with combination of (UPPER CASE Characters + lower case characters + numbers + special characters)

2. Do not use your or family members name or birth date as a password

3. Do not use any dictionary word

4. Change your password every month or so. Do not append your previous password with just one or two characters. Create new one.

5. Many sites detect your passwords complexity level. Set passwords where the sites sense the complexity level as high

6. Considering the hackers intelligence level, have your passwords length of 8-10 characters + numbers + special characters

7. Have separate password for your major internet based accounts.

8. ??.

What other advice do you have to make this list bigger?

Advertisements

Why J2EE projects fail?

Well, In this post, I am going back in time and re-posting what I had mentioned in my response at “Theserverside.com” on 15th June 2005. The discussion had started in the context of Rod Johnson’s presentation at Java Symposium on this topic. At TSS  people around the globe shared their point of views on “Why J2EE projects fail?” and here is what I had mentioned then…. After 8+ years, do you think this list is still valid?

——————————————————————-

(http://www.theserverside.com/news/thread.tss?thread_id=34532#174389)

Thanks Rod and all for sharing your views on this important topic.

With my experience so far in the IT field, I have seen good number of projects failing (not only in just J2EE field) but also seen good number of them succeeding in big way.

I think here are the important factors which affect the success or failure of J2EE or any software projects. (Few of them are covered by Rod in his presentation)

1. Gap between Business Analysts and Technical Architects: Business Analysts need to translate the business requirements in simple language which can be clearly understood by the Technical Architects. On the other hand, the Technical Architects need to have some understanding on the business domain. Both of them can come up with simple glossary documents covering ‘Business Terminology’ and ‘Technical Terminology’ which will help them to understand what the other person is talking.

2. Missing Non Functional Requirements: J2EE may not help in achieving NFRs in the end. Yes, few parameters can be tuned to achieve few of the NFR goals. Critical NFRs must be clearly understood in the initial stages and should be considered in the Architecture / Design / implementation / QA-Testing stages. Project is considered as failure when the NFRs are missed by huge margins.

3. Architects role: Technical Architect plays a major role in overall application success. Architect needs to put the application building blocks in place by considering NFRs, possible appropriate J2EE technologies, etc. Architect should evaluate multiple possible options before settling on any one approach including partitioning of application / technology choice (J2EE != EJB) / communication protocols, etc. Architect should deliver detailed architecture and design documents well in advance which can be reviewed and discussed with senior members of team

4. Understanding of J2EE technologies: Not everybody from the development team is J2EE expert. Few of the members may be new to J2EE and needs to gear / brush up J2EE skills. Simple crash course on the project specific technologies and J2EE best practices will definitely help before the actual development starts.

5. Ongoing code review: The ongoing code reviews will help to verify that standard J2EE best practices are in place, design patterns are implemented correctly, coding standards are followed throughout the application, etc.

6. Use of productivity tools: Project teams should incorporate productivity tools in their development environment. These tools can include XDoclet, Checkstyle, PMD, Jalopy, etc. The team should have standard development IDE and build system in place.

7. Continuous testing and QA: Iterative and incremental development will achieve continuous testing and QA of deliverables. Standard bug tracking system should be in place and quality champions should track the overall progress with respect to quality. Application developer should spend time on unit testing. JUnit kind of unit testing frameworks should be made mandatory in project.

8. Adherence to J2EE specifications: Project teams need to stick to J2EE specifications and not to the underlying container specific APIs. These APIs are good in short term but in long term they will act as trap and you will loose WORA facility guaranteed by Java / J2EE.

9. Simple but working approach: Client needs working solution not the big technology stack. Over-designing the applications will not only take more time but will increase the chances of failure. Client requirements can be broken down in small sub systems and releases should be planned in such a way that client will get started on the application early. Even in small blocks when client see the working system, his and development team’s confidence will go up and obviously the chances of success will go high.

10. Use of Open Source components: Do not build everything on your own. There are several J2EE related open source technologies available on web. Use them (after evaluation and testing obviously) wherever possible. You can also modify them if needed for your application needs. This will help in saving development time. For example, displaytag utility can be used as navigational component.

Obviously this list is not complete. Keep posting your views on this.

Thanks
-Swarraj.

—————————————————————————-
Note: All these blog posts and views mentioned in my personal blog are my own and NOT of my current and previous employers. I am NOT representing any of my organizations through this blog. This blog is just for sharing my personal views based on publicly available information related to interesting things happening in Technology area.

Do Architects need to be better story tellers?

Architects need to convey, convince and influence internal as well as external stakeholders on several technical / non-technical matters. Whether it is around creating a glorified to-be state vision in front of business stakeholders or influencing technology adoption strategy for the technical stakeholders – Architects have to play a major role. On other hand, not every situation is a happy one – delays, flaws, issues and interruptions are part of everyday life. Architects have to convey such messages as well. How well, Architects need to be in conveying such good and not-so-good messages to these stakeholders?

Good communication is different than art of story-telling. Architects need to have great skills of story-telling. It is the skill which reflects self-conviction, vision, visualization, confidence and emotions. This is the skill which needs to be built with ancillary skills like verbal and written communication, body language, public-speaking, etc. The great story tellers believe in what they talk, what they see and what they want others to see. Whether it is a legacy modernization program or adoption of future technology which does not exist today, Architects are the ones who can tell story and show journey from past to future through words and pictures. Characters, roles, responsibilities, hurdles, mitigation strategies – all can be told through scenarios, actors, interactions and dependencies. Actors can become hero and hurdles can become villains. What matters to the listeners is better understanding of possibility and feasibility which someone can tell them convincingly. Who other than Architect can do this job better?

Here are few tips on how someone can become a great story teller:

  1. You need to be convinced with what you are telling others: You are not creating a fake image of what can be done or what is possible. Make sure you know the subject and you are convinced with possibility and feasibility of what you are telling. Self-conviction, confidence and homework are must.
  2. Know what audience wants to listen: Who are you going to tell this story to? You should not tell great technology adoption story to ones who are worried about how business can be improved in a recession time period. There is a correlation but timing matters too.
  3. Basic images and drawings only to convey your thoughts: Great power point presentations does not mean great outcome. Story has to be visually created through your story telling skills and not through decks. Keep minimum relevant images and drawings to keep people just focused on what you have to say.
  4. Engage them as participant than listener: think how your audience can become part of your story and how they can play an active role. More you see their participation in your story, more success you would see towards the end.
  5. What are you expecting the outcome to be? Do you know what you are expecting the outcome to be? Agreement on certain thought process? Approval on certain decision? Decision on specific matter? You do not need to keep them reminding on what it should be, but set the objective clear in your mind and direct the audience to the conclusion through your story.
  6. Challenge status-quo: Past is changing and style of conveying thoughts is changing too. Power points and animations are being replaced by creative ways. Thought leaders use words than texts, they show practical case studies than lengthy methodologies, they are the ones who are self-convinced with certain ideas and who can direct others towards the possibilities. Art of story-telling was always a powerful skill and it is going to be same forever.        

 

What you think?

Making sense of 2014 technology trends!

Making sense of 2014 technology trends!

Similar to every year, we have started reading predictions reports and articles on 2014 technology trends. Sometime I feel publishing such articles has become a ritual task than a reality check. Analysts, Evangelists, thought leaders and technology vendors, each one of them have their own point of view on what will we see around technology adoption in 2014. Like most of you, I also have started going through these point of views and digesting as much as I can. People like to talk on future trends (easy thing to do in life) based on some supporting data and many assumptions. In most of the cases, more than ‘supporting data’ it is the ‘set of assumptions’ which decide fate of specific technology trend.
Architects and Technologists need to read and interpret these reports not just for hyped predictions but need to read carefully all assumptions and relate these predictions to the facts and feasibility checks on the ground.

Here are few considerations you may find useful while going through these reports and for analyzing relevant technology trend which you can seriously follow in 2014 and adopt in this and subsequent years.

1. Review 2013 technology trends: While you look at 2014 technology trends, make sure you also analyze state of 2013 technology trends, what has moved on the hype curve, which technology has moved up in the maturity curve and which is fading away. Also it would be nice to review variation / derivative of specific technology being considered in 2014 in the context of what has been talked in 2013. Mobile, Cloud, Analytics etc are appearing in such reports again and again. Watch carefully and compare 2013 and 2014 predictions around this stack.

2. Relevant use cases: Did you find specific / relevant use cases for your industry around these trends in 2013? When you look at 2014 technology trends make sure you spend time to identify and analyze appropriate use cases where you can apply these trends. Creativity and innovation to solve business problem through such technology trends is one part but at a broader level, feasibility of adoption in the given context is equally important.

3. Prerequisites and dependencies: Nothing works in isolation and not these technology trends too. While you read these reports, try to find what prerequisites and dependencies have been identified for successful adoption and implementation of these trends. Make sure you are not spending your time for too futuristic trends. (Obviously you will not find all these details in free version of reports which are meant to create hype. You may have to buy those at hefty costs…)

4. Hype to reality: Obviously trends take time to be reality. While reading 2014 trends it would be a good idea to look at 2011, 2012 and 2013 trends to find out what has become reality? Are there relevant case studies, noticeable business benefits and reference adoptions in real life? If not, how much additional time would it take and what are the hindrances? Has the technology trend become business reality or still hype? And do you find similarities between those trends and what have been listed in 2014 trends?

5. ROI and TCO considerations: You may probably find relevant use cases and reference case studies for a specific technology trend but ROI and TCO factors in the context of it are equally important. Hype and practical considerations are different and due considerations for ROI and TCO are must.

6. Critical brainstorming: Analysts and others who come up with such reports do industry study and obviously do their homework – no doubt about that. But it would be a great idea to critically brainstorm pros / cons / applicability / feasibility /etc within equal minded technology and business groups. Not necessarily analyst reports cover everything.

7. Too early – too late: There is always a debate around is it too early to adopt a technology trend before it become mature and OR/AND is it too late now as everyone else has adopted it? You have to take right judgment on what is too early and too late. There is no specific thumb rule. To be in a business, it has to be a right time decision though!

What other suggestion would you like to consider while reading 2014 technology trends?

—————————————————————————-
Note: All these blog posts and views mentioned in my personal blog are my own and NOT of my current and previous employers. I am NOT representing any of my organizations through this blog. This blog is just for sharing my personal views based on publicly available information related to interesting things happening in Technology area.

What keeps you motivated?

Every human feels motivated with either acknowledgement or appreciation of his / her contribution to certain task. No matter how senior or junior the person is in the organization, psychologically it is proved that appreciation and acknowledgement always helps in motivation.

But the question is do you know – what keeps you motivated? Please take a quick look at following options and select the best relevant option. (Please note, these options are close to each other so select the most appropriate one)

Appreciate you taking this poll!

Are we having FaceBerry (Facebook + BlackBerry) phone in 2014?

Facebook announced their Q3 results last week with all good news including revenue going up by 60% to $2.02 billion.  Of this revenue $1.8 billion is coming from advertising and almost half of that from mobile ads. (As you must have noticed, many ads are appearing on our FB pages this year… approximately 1 in 20 posts coming to us as news feed is an advertisementJ).  

In September 2012, Mark Zuckerberg had mentioned that building a phone is the wrong strategy for them.  With changing dynamics, Facebook understand importance of Mobile platform in its business model and did attempt introducing HTC First (Android device) in April 2013 with preloaded Facebook Home interface. Unfortunately that attempt was a major flop and AT&T had to drop price of HTC First to $0.99 after its debut.  There are different opinions on why HTC First failed but one of the reasons is – how many people really want their phones tightly coupled with Facebook?

After failure of HTC First, there were rumors that in June 2013, Mark met Samsung executives to build another Facebook branded smartphone but Samsung denied the offer considering HTC First failure.

According to Wall Street Journal, BlackBerry executives met Facebook last week (October 2013) in San Francisco. Though exact purpose of the meeting is unknown, with current situation of BlackBerry in the market, I am sure BlackBerry executives must not have talked about weather conditions in San Francisco. Possibly both parties must have discussed opportunities to work together and Facebook must have shown interest in acquiring BlackBerry soon.

BlackBerry is cash rich with more than $2 billion in hand, no debt, has patents related to secure networks technology, popular services like BBM, and strong (but fading) brand of keyboard based phone, etc. Analysts predict patents value somewhere in between $ 1-3 billion. BlackBerry is struggling at the moment with declared layoffs, poor sales and must be looking for best possible options to get acquired. There are other players including Lenovo who have already shown interest in them and choosing the right deal is what BlackBerry must be doing at the moment.

Though Zuckerberg had mentioned no interest in building their own phone and decided to focus on partnerships with manufacturers through ‘Facebook Home’ software, with latest revenue numbers on mobile platforms he must be probably rethinking his strategy. Also not to forget that major manufacturers have shown (almost) no interest in ‘Facebook Home’. So having control on mobile hardware is critical to Facebook at the moment.

With these considerations, it looks like we are heading towards Facebook + Blackberry combined phone in 2014 with Social features, secured network, BBM features and business applications all together.

Who needs Facebook phone though? The question remains unanswered…

Is Bitcoin economy the real one?

Next week Vancouver, Canada will see world’s first bitcoin ATM which will dispense Canadian dollars in exchange of digital money which is anonymous crypto-currency – bitcoin.

Nobody knows who Satoshi Nakamoto is – whether he is a single person or a group of people operating under that name, but what he created in 2009/10 is being considered disruptive in nature as far as payments and banking industry is concerned – it is called bitcoin.

Bitcoin is digital money for peer-to-peer transactions on completely decentralized payment network which is powered by its users without any centralized controlling authority.  Please refer to http://bitcoin.org/en/faq for more information on bitcoin.

Here are few questions on Bitcoin though:

1. Since it is a completely decentralized P2P payment network without any centralized body (and without even knowing who has created it), how are different Governments and Regulatory bodies looking at it?

2. Though Bank’s can have deposit accounts from different merchants to cash in bitcoins, P2P nature will have some impact on banking transactions. How are the Banks looking at it?

3. Bitcoin price volatility is high. It was $13.30 on Dec 31 and high to $205.50 on October 22. While writing this post, its buying price is $197.15. Pl see following chart for its volatility.

bitcoin

(http://bitcoincharts.com/charts/mtgoxUSD#rg360ztgTzm1g10zm2g25zv)

4. Considering that the algorithm will create only 21Million bitcoins over the period of 140 years, there will be tremendous demand-supply competition. Though the bitcoins will be traded in fractions, the global trading scenarios will be very complex. Even if individuals form pools to operate in groups, the associated complexity may be unmanageable in future.

5. Recently bitcoin was in news due to Silk Road case. Considering the anonymous nature of operations, bitcoin based transactions will be very difficult to track and control.

6. With the bithcoin there are exchanges, banks, trading platforms and trading strategies. Though the technical aspects of bitcoin mining are little difficult to understand, buying and selling them relatively easy. Latest economic situation in Cyprus saw ups and downs of bitcoin prices due to that.

Thousands of merchants around the globe are already carrying out bitcoin based transactions. On one side its gaining popularity but not having clarity from regulatory and Government bodies around the world the question is – will this bitcoin based economy the real one?