The State of Employment

2012-07-08 17:39:48 by jdixon

Seems that it's common for folks to blog about changes in employment. I hate to be left out on the fun, so I'll take a brief moment to officially announce my pending "new-hire" status with GitHub, effective tomorrow.

Friends who've already heard the news pepper their congratulations with a sense of confusion as to why I'd leave a good thing at Heroku. Indeed, I think most people in our industry would rank Heroku and GitHub at the top of their list of prospective employers. Unsurprisingly, I loved my job. I've never worked with a team of engineers as highly skilled or dedicated to their mission as the men and women at Heroku. So why would I leave?

Read the rest of this story...

On Being a Product

2012-03-21 11:18:35 by jdixon

By now you've heard the adage "You're not Facebook's customer, you're the product". This is a readily accepted dirty secret of social media. In fact, the practice of selling user data for advertising precedes the origins of the Internet itself. And yet, how many of us never give a second thought to granting third-party access to our private social data via OAuth logins on Facebook, Twitter and Google?

I've complained incessantly about abuses of these authentication services. On one hand you have rudimentary, coarse-grained access levels from the authentication providers. On the other you have lazy (or ill-informed) developers configuring their application to demand more rights than it actually needs to fulfill its service contract with the user. Fortunately the OAuth dialogs are mostly transparent about the privileges you're granting the application provider. Yet many users disregard this notice in exchange for the instant gratification of a popular new social media-powered toy.

Let's assume for a moment that the third-party app you just granted access to your private data is trustworthy. What happens in six months when that app continues to skyrocket in popularity and gets bought out by Evil Data Acquisition Conglomerate, Inc.? Your data just became their data. Which also happens to be sold out to advertisers and information brokers; or to anyone who wants to scrutinize your personal behavior, contacts, buying patterns, friends and family, education, political connections or employment history.

Think about this the next time you're signing up for a new photo-sharing app with sepia filters.

A Little Time Off

2010-12-16 07:36:01 by jdixon

I always wondered what I could accomplish with a few weeks of free time. Never thought I'd have the chance to find out. Yeah, funny thing about that...

I've been Product Manager for an online monitoring service over the past 15 months. I've learned a lot about the full product cycle, building up all the components of a startup web company: cranking out a business plan, analyzing the competition, defining the roadmap, performing QA, etc. It's been a ton of fun, growing an Open Source trending application into a full-blown ECA/BSM suite. Now is the right time for me to hand it off to a full-blown sales organization and see it thrive. Which means I'm taking some time off to look for my next challenge.

I'm happy to report that the job market looks very strong right now. I'd love to believe that all the interest I'm getting is a byproduct of my years of experience and varied skillset, but I'm too self-loathing for that. Regardless, I'm still interviewing and haven't made up my mind yet. So if your startup/Web/SaaS/DevOps company is looking for a seasoned ops/network/security/engineering/product-managing type, drop me a line and let's chat. My CV/resume is available online.

Working with the Mojolicious Framework

Thanks to my reorganized shed-yule, I have the chance to catch up on some side projects. The first one is the evolution of NetFlow Dashboard as a SaaS service. Devon O'Dell has been doing some nifty stuff with the collector, while I've been focusing on the user-facing web and API stuff. I stumbled across the Mojolicious framework, and zomg, you can color me impressed. Compared to Catalyst, "Mojo" is a breath of fresh air. The syntax is actually quite similar to Dancer, but it goes a few steps further, adding placeholders (with optional regex constraints) and named routes. Take for example, the following snippet:

use Mojolicious::Lite;

    # Route with placeholder
    get '/:foo' => sub {
        my $self = shift;
        redirect_to('login') unless ($self->session('username'));
        my $foo  = $self->param('foo');
        $self->render(text => "Hello from $foo!");
    };

    # Defaults to login.html.ep
    get '/login' => 'login';

    # 
    post '/login' => sub {
        my $self = shift;
        redirect_to('login') unless (
            $self->param('username') && $self->param('password')
        );
        # [ ... some code to authenticate user ... ]
        $self->render(text => "Welcome!");
    };

    # Start the Mojolicious command system
    app->start;

    __DATA__

    @@ login.html.ep
    <!doctype html><html>
        <head>
            <%= content header => begin %>
                <title>Login</title>
            <% end %>
        </head>
        <body>
            <%= content body => begin %>
                <form action="post">
                <input name="username">
                <input name="password" type="password">
                <input name="login" type="submit">
                </form>
            <% end %>
        </body>
    </html>

This epitomizes everything I enjoy about Perl code. TMTOWTDI, but without all the crufty framework directories and files that remind me of Ruby on Rails. Mojolicious::Lite is easy to read, easier to write, with all the shortcuts a strapping young web hacker might want. It's smart enough to inject common sense where it should (e.g. searching for templates by named route and format) but powerful enough to let me extend any of the underlying Mojolicious classes (like Catalyst). Good stuff.