The Daily Parker

Problem: I have multiple websites on a Windows 2008 server (using IIS7), and I need to enable SSL (i.e., https:// connections) on more than one of them.

Generally, secure websites get their security certificates from trusted providers. Most modern browsers verify that the third-party certificate came from the purported vendor and are attached to the purported website, and give you a nice warm feeling when your address bar turns green. (I have used Comodo most of the time, though because of some experiences helping a local small business renew their certificate recently, I might switch.)

The way SSL works, however, you don't actually need third-party verification to keep the conversation secure. Many servers issue their own SSL certificates, which secure the traffic between the browser and the server regardless of which server or who issued the certificate. In other words, a self-signed SSL certificate will keep the conversation private without guaranteeing that you are talking to the person you think you're talking to. If you can confirm the identity of the server through other means, and then trust the certificate, then you're golden.

Because only I or my subcontractors will ever need to visit these administrative sites within Inner Drive Technology's Worldwide Data Center that I want to secure, self-signed certificates are perfectly appropriate. Under previous versions of IIS, not only did this cause enormous headaches, but also IIS would only support one and only one secure site per server instance. That really sucks if you have, as Inner Drive does, about 30 sites on the same server.

IIS 7 makes this so simple I almost cried with joy.

Step one: Issue a self-signed certificate

In IIS7, go to your server node, and open up the Server Certificates feature:

In the Actions list, click on "Create Self-Signed Certificate..." to bring up the dialog box. Enter a starred domain name for the certificate:

Once you click OK, you've got a self-signed certificate that IIS can find.

Step two: Open the right dialog box

Expand the list of sites in the Connections (left) pane, and click on the site you want to assign. In the Actions (right) pane, click on "Bindings..." This brings up the Bindings dialog box. Now click Add, to bring up the Add Binding dialog box:

Step three: Click OK

Drop the Type box down to "https." Enter the specific host name for the site, and choose your starred certificate:

That's it. Seriously. And anyone who's ever dealt with this configuration crap before will understand my teary-eyed joy.

Generally, I prefer to learn new things by reading first, then doing. I mentioned Wednesday that I've grown dissatisfied with my photography skills, so naturally, I'll go first to Amazon. You know: read about a technique, try it out, post the results online, rinse and repeat.

So it seems somewhat odd to me that most of Amazon's top-rated books on photography—like this one on Photoshop—have Kindle editions that cost almost as much. Because nothing will help someone understand how to do advanced photo editing than 10 cm, 18 dpi halftones, right? Even stranger: the example I just cited has a companion DVD, which I assume does not come with the Kindle version. That, to me, puts the F in WTF.

Apparently "gardener" makes more sense than "engineer:"

So why do so many gardens fail, yet so many skyscrapers succeed? With a few exceptions, the technique for building a skyscraper is similar whether you are in Europe or you are in Singapore. Gardens do not work that way. Every garden is different because the environment it is in is different. Even gardens that are within throwing distance of each other can have wildly different soil. That is why the lowest bidder can probably build the same bridge as the highest bidder, but your company can’t grow the calibre of gardens that Google can grow.

Remember that time when someone in your company unsuccessfully used an Agile gardening methodology, and then went around saying that it was horse shit that doesn’t work? Well horse shit does grow gardens, it just wasn’t enough to save your garden. Your garden was probably dead before it started – a victim of the climate of your organisation. Were you trying to grow a rainforest in the desert? You can’t just plant the same plants as Facebook, Flickr or Twitter and expect them to take root regardless of the quality of your gardeners or the climate of your organisation.

(Hat tip MVT.)

Via Fallows, UC Berkeley biologist Michael Eisen watched a used book price war between two bots that ended...oddly:

Once a day profnath set their price to be 0.9983 times bordeebook’s price. The prices would remain close for several hours, until bordeebook “noticed” profnath’s change and elevated their price to 1.270589 times profnath’s higher price. The pattern continued perfectly for the next week.

But two questions remained. Why were they doing this, and how long would it go on before they noticed? As I amusedly watched the price rise every day, I learned that Amazon retailers are increasingly using algorithmic pricing (something Amazon itself does on a large scale), with a number of companies offering pricing algorithms/services to retailers. Both profnath and bordeebook were clearly using automatic pricing – employing algorithms that didn’t have a built-in sanity check on the prices they produced. But the two retailers were clearly employing different strategies.

What’s fascinating about all this is both the seemingly endless possibilities for both chaos and mischief. It seems impossible that we stumbled onto the only example of this kind of upward pricing spiral – all it took were two sellers adjusting their prices in response to each other by factors whose products were greater than 1.

When Eisen published his blog entry the book had dropped to $106—or $135 through bordeebook. Just now, though, bordeebook has it for $977, and profnath seems not to have it any more. I wonder what happened there.

Back in my last term at Duke our technology strategy professor, Wes Cohen, assigned us two chapters from The Soul of a New Machine by Tracy Kidder. I'm reading the whole book now that I've got some time. Anyone who has the least interest in how teams work and where technology comes from should read it.

Kidder embedded himself in a team at the Data General corporation from early 1978 to late 1979 as they struggled to bring a 32-bit minicomputer to life. He describes borderline-Apergers engineers, 14-hour days, building motherboards from scratch, untested technologies, irresponsible schedules, burnout, and success—all around a computer that expressed the state of the art for perhaps six months after it came out. When Kidder wrote the book, in 1980, neither he nor any of the people he wrote about knew that minicomputers had become obsolete as a class already. None of them could see that IBM's toy computer, the PC, was about to make Data General irrelevant.

Kidder describes the team debugging prototype CPUs using oscilloscopes. He explains the near-impossibility of writing microcode—the instructions that tell a physical set of chips what to do and in what order—without using a second computer to write it on. He talks about engineers carrying around punchboard covered in blue and red wires, the red ones representing bug fixes, the blue representing the first attempt. You think it sucks figuring out which class broke the build in a modern C# development environment? Try imagining your joy at discovering that the CPU didn't work because a piece of solder came undone.

I imagine my reaction to this book might be similar to that of a modern nuclear submariner reading a contemporary account of building a state-of-the-art wooden battleship in 1862 (with only a brief mention of the Monitor and Merrimac, because almost no one understood in 1862 what those ships meant to naval combat). There are parts that made me wince, exactly as I winced in the episode of Mad Men when they showed an invitation to a wedding—to be held 22 November 1963.

About two years ago I read Pete Peterson's account of the heyday of WordPerfect Corp., which I also recommend, but for different reasons. Peterson wrote knowing the outcome, and he also had an axe to grind; but "Almost Perfect" still hits me right in the gut as a practicing software developer.

Twenty or thirty years from now, I'll look back and laugh at everything I didn't know in 2011. The Soul of a New Machine is a brilliantly-written monument to getting the job done, and advancing the profession right into a cul-de-sac.

On this day 150 years ago, the United States began its bloody civil war that left the South in ruins and 600,000 Americans dead. And on this day 50 years ago, Yuri Gagarin became the first human being to leave the planet and return safely.

But who, other than James Fallows, remembered that 10 years ago today, Microsoft strangled Clippy?

But what about Clippy? It's a big day for him too. Ten years ago, he was finally given the deep-six at Microsoft, or at least turned off by default as the first step to full elimination, so he would no longer automatically pop up with such helpful observations as, "It looks like you're writing a letter!" At Microsoft's Mix11 conference for web developers today in Las Vegas, Dean Hachamovitch, head of IE activities at Microsoft, announced the anniversary of Clippy's demise.

More on Anheuser-Busch's sad acquisition of Goose Island Brewery. First, Brewmaster Greg Hall told the Tribune about the trouble he's seen:

In an interview with the Tribune last month, brewmaster Greg Hall said the company’s sales had “outpaced our forecast in 2010, so that we weren’t quite ready for all of the growth we got.” Goose Island also hired an investment banker to assist the family in securing funds for expansion.

Although the Craft Brewers Alliance’s 2006 investment in Goose Island has technically exempted the brewer from craft-beer status, the company’s popular brands have shared the problem of other craft beers: increasing capacity to meet surging demand.

Goose Island is best-known for its 312 Urban Wheat Ale, and respected in craft circles for other products like Matilda and Bourbon County Stout. Goose Island has been outsourcing some production and seeking additional investment to expand capacity.

And Chicago Public Radio had some local bar owners on to wring their hands:

[B]ar owners like Phil McFarland, who runs Small Bar in Chicago's Ukranian Village neighborhood, said he's conflicted about the merger.

"I don't guess that Anheuser has bought them to make Budweiser knock offs and part of the appeal of a brewery like Goose Island is that they have the recipes they do that have the, sort of, respect in the market that they have and from a business point of view, I would have to think they'd be sort of crazy to mess with that too much, but time will tell," McFarland said.

Meanwhile, Chris Staten, the Beer Editor of Draft Magazine, said the acquisition shows Anheuser's further commitment to the craft brew market.

In other words, this is a classic "bookend" story. Goose Island has already become a major beer producer, no longer really a craft brewery, so no one can really do more than shrug. And Inbev, which owns Anheuser-Busch, is too big and stupid to make their own beer up to Goose Island's quality, so they just figured they'd buy the place. Hey, big companies buying small companies happen every day; what could go wrong?

A team member who works for our client said to two of us consultants today: "You know, it's 90% of consultants that give the other 10% a bad name."

(I have to assume, of course, that he thinks we're in the other 10%...)

Here's a brain-teaser: take one part Heathrow, one part Iberia Airlines, and a sixty-five minute connection at Madrid Barajas. I'll give you a moment to work your sums.

If you got "no, really, a 2-hour connection," you're correct!

Instead of walking at a normal pace between two gates (that, it turns out, are 600 m apart) inside one terminal to make a fairly routine domestic connection, I walked at a normal pace off my flight from Heathrow right to the nearest Iberia service desk. We all shrugged. "Es Londres, es normal" we had to agree. Up to the lounge[1] I go, to check my email and write a blog entry.

Ah, but, this is no ordinary Western European capital airport. This is Madríd. The lounge has delicious Spanish wines, fresh olives, tasty sausages and cheeses, and no freaking WiFi. The conversation at check-in went something like this:

— ¿Como se puede conectar por el WiFi?

— Ah, desculpe, no tenemos el WiFi; es de pago.

— ¿Verdad? ¿De pago? No free WiFi?

— Sí, ¿es curioso, no?

— Sí, es curioso. Gracias.

So, here I sit, snacking on olives, brie, toast, sausages, a fruity Ribera del Duero number ("Condado de Haza Crianza, 2007: La Recomendación del Sumiller"), and probably in a moment those dates I see over there, composing a blog entry in flipping Notepad.

But let me review, just to keep things in perspective. Yesterday morning I woke up to a healthy snowfall in Chicago and tonight I'm going to bed in Lisbon, having spent the better part of the day in London. The total cost of this trip will come in somewhere around one month of housing (just housing, not groceries or electricity or anything else). And unlike the situation that existed even in my lifetime, getting a visa to anywhere in Western Europe requires presenting my passport to the bored guy at the arrival gate and getting a stamp.

Late update, in Lisbon: It seems the free Internet we take for granted in the U.S. and Northern Europe does not extend to Southern Europe. My hotel has free WiFi—in the bar and lobby. In the room it costs €22 per day.

[1] As a happy consequence of (or sorry consolation prize for) flying all those miles last year, I get access to all oneworld business-class lounges worldwide. I would like to note again, just because it really annoys me at the moment, that a principal benefit of every other business-class lounge that I've ever visited is free bloody WiFi. Dear Spain: ¿WTF?

Throughout my career in software development, I have spent many, many hours in meetings. Endless meetings. Soul-sucking meetings. Insurance companies are the worst, and they hire lots of developers, which just increases the aggregate lifetime meeting time-suck of the average developer.

It's fun to figure out after the meeting not only how much time just disappeared from the universe, but also how much it cost. So I am overjoyed to discover that Scott Adams sells this on his website:

When meetings are running nearly four hours long and your coworkers are sharing tales of their weekend escapades or botched nose jobs and you'd rather just be sitting at your cube getting some actual work done, motivate people to stay on task with TIM...Time Is Money calculator.

I'm not alone in wanting this. The item is on backorder until—I am not making this up—groundhog day.