Goals

A week ago an email alerting me to a new post from Steve Jones showed up in my in-box. I had to chuckle a bit because the topic was one, Goal Progress, that I had seriously thought about writing about for last week’s blog.  But I decided to write about teaching instead and put off a post on goals. There was a reason for that. I thought it would make a better post for this week.

There are some goals I’m fairly public about. I’ve started to write about my yearly goals and my results at the start and end of each year. But often I have more private goals. These are usually of a more personal nature. This post is about one such goal.

My Biking History

Ever since I got my first 10 speed, on I think my 10th birthday, I’ve loved to bike. Learning to read gave me intellectual freedom, but learning to bike gave me physical freedom. Growing up in a small town meant that to go any place interesting, biking was often the fastest and easiest way to do so. I could cover miles in fairly short order. Before I knew it, I was biking everywhere.

In high school, in the spring sports season I continued my relationship with the outdoors with the Outdoor Experience (OE) program. Part of that time was spent biking. I quickly upgraded my original 10 speed to one I bought from my original OE coach, Ben Kaghan. It was a beautiful Italian bike I continued to ride through high school and college until I was in a serious accident with it where I ended up going head over the handle bars and destroying the front forks. Twice in high school, as part of the OE program I managed to get in a Century ride, once my freshman year and once my senior year. They were nice bookmarks to my high school experience. Surprisingly to me, my senior year ride was a bit tougher, I think the route selection was a bit worse and we ended up with more hills.

For college graduation, I received a beautiful Trek 520 from my mom. I continued to ride, though not as much as I’d like. But several times, in September or October, I would ride to an annual event that my college outing club hosted known as “Fall Lake George”. This was an IOCA event where as many as a dozen colleges would canoe, sail, swim (yes a few have over the years) or powerboat to Turtle Island and camp for the weekend. I’d send my gear up in another vehicle and arrange for a car-ride back. Depending on factors this was generally about a 65-70 mile ride. The last time I did this was in 2015, the day before my father died. For various reasons, including changing college policies which have resulted in cancellations of this event, I haven’t done it since.

That said, most years I’ve routinely gotten in at least a few rides over 30 miles, with a few 50 mile rides snuck in there. But the elusive 100 miles had not been accomplished.

Due in part to COVID and wanting to get out more, and long stretches of good weather, I’ve found myself riding more this year than any year in memory. As of this morning my mileage for the year is over 1200 miles in the saddle. That was sort of a personal goal I had set for myself without publicizing it.

But there was one more goal. One I finally managed to realize this past weekend: the Century ride.  I had actually already accomplished 2 half-Century rides this year which I had felt good about, including one with some significant altitude gain. So I felt good about my chances. But I still wasn’t 100% sure.

Near Lake George is an amusement park, The Great Escape. My entire family has season passes and while I enjoy a day or two there, the rest of the family loves it there. My original goal was bike there, join them for a ride or two, and then bike home. And if I felt my legs weren’t up to it, toss the bike on the back of my wife’s car and ride home with them. Alas, due to Covid-19, The Great Escape has not been open at all this year.

But, I still sort of wanted a bail-out option. So I came up with a back-up plan. Right across from The Great Escape is a really incredible ice-cream place known as Martha’s Dandee Creme, which is a traditional stop for the family after a day at The Great Escape. So, about a month ago, I figured, if the weather worked, this past Labor Day weekend would be a good weekend to attempt my ride. And I’ve got to say the weather was nearly perfect for it. Not to warm nor too cold (though the first few miles from the house which was mostly downhill so I had lots of wind, but little muscle action, and still early in the morning were noticeably chilly.)

So at 7:45 AM I set out. The first 2-3 miles are basically coasting downhill from my house to the Hudson River and then the next 5 or so are avoiding potholes and city traffic as I make my way north to the first river crossing.

20200905_094609

32 miles in and going strong, but fuel and bio break.

I find that on longer rides, after about 2 hours, I need generally need some sort of refueling stop. Fortunately, in my area there’s lots of Stewart’s Shops. It’s generally easy to plan a break around them and I did.

20200905_095543

Milk (and a brownie) does the body good!

At this point I was more than half-way to my turn-around point, which was actually at about 55 miles, not 50. Once I had taken care used the facilities and refueled, I was back into the saddle for another stint. This was a shorter stint, but finally I would be gaining some altitude. Up until now the ride was basically along the Hudson, but in about 15 miles, I’d pass through Fort Edward and Hudson Falls where the river turns west and I would have to do some, albeit minor hill-climbing.  

My original goal had been to hit Martha’s by 12:30 PM. I had given myself lots of time because I had no idea how fast or slow I’d be. Well at this point I texted my wife to say that my new goal was now Noon.

20200905_113408-1.jpg

11:45 at Martha’s Dandee Creme!

I beat even that goal and that included a stop to make sure I hadn’t missed a turn.

One of the peculiarities I’ve found with endurance events like this is that my appetite essentially disappears. I knew I needed calories and as such ordered a soda, some chicken fingers and fries. The soda I had no problem drinking. Of the 5 chicken fingers, I managed to down 2 and of the fries, not even 1/2 of them. I saved the rest for my family.

Once they showed up, we ordered ice cream. I mean, what’s the point of biking to an ice cream place if you don’t get ice cream?

A very surreal experience, The Great Escape on Labor Day weekend, empty, and soundless

Finally it was time to get back in the saddle and head southbound. I felt strong about it, but wasn’t sure about the wind and all. And the wind at spots was definitely a factor and it definitely slowed me down.

But….

The big 100!

I made it. There was just one problem. As I had mentioned, my turnaround point was about 55 miles from my house. This meant I was still over 10 miles from home. I made a quick pit stop just south of here (again at a Stewart’s) and then raced home. Honestly, the about 2 miles near the house was the worst, not because of the distance per se, but because I finally had to regain all the altitude I had lost from my house to the Hudson 9 hours previous.

But I pulled into my driveway right before 5:00 PM.

Finally home, 111.6 miles later

I had, for the first time in 35 years, finally completed another Century ride. Actually a bit more than a Century ride. Goal accomplished.

Final stats:

  • 9:44 Door to door including stops
  • 111.6 miles covered
  • Crossing the Hudson, 4 times
  • Altitude changes: 515->13 feet and then slowly back up to 476 feet. And then all that in reverse
  • 1 Stewart’s Chocolate Milk consumed
  • 1 Stewart’s large brownie devoured
  • 2 chicken fingers digested
  • Some french fries eaten
  • 1 small (which is actually quite large at Martha’s) salted-caramel soft-serve cream in a cone ingested
  • 7:16:12 actual riding time
  • 29.20 top speed on some random hill.
  • 15.3 mph average speed overall (down from 16.3 mph turn around and 15.8 at 100 mile mark, the hills at home and city traffic killed me)

Conclusion

So, the first question that comes to mind, “would I have written this blog post had I failed to achieve my private goal or always kept the failure private?” – Good question. I think it depends on the reason for the failure.

“How did you feel the next day?” – Honestly? Pretty good. Other than my knees, I find if I’m in shape, long rides like this don’t really leave me overly sore the next day. And taking doses of ibuprofen definitely helps with the knees and more.

And of course, “Would you do it again?” – Well I probably won’t wait another 35 years. We’ll see what happens next year or the year after that.

“What other private goals do you have?” – That would be telling! 🙂

Seriously, it was a great time for me, I’m SO glad I did it and am feeling great. Not to bad for someone my age in a year of Covid.

How Much We Know

Last night I had the privilege of introducing Grant Fritchey  as our speaker to our local user group. He works for Redgate who was a sponsor. The topic was on 10 Steps Towards Global Data Compliance.  Between that and a discussion I had with several members during the informal food portion of our meeting I was reminded me of something that’s been on my mind for awhile.

As I’ve mentioned in the past, I’ve worked with SQL Server since the 4.21a days. In other words, I’ve worked with SQL Server for a very long time. As a result, I recall when SQL Server was just a database engine. There was a lot to it, but I think it was safe to say that one could justifiably consider themselves an expert in it with a sufficient amount of effort. And as a DBA, our jobs were fairly simple: tune a query here, setup an index update job there, do a restore from backups once in awhile. It wasn’t hard but there was definitely enough to keep a DBA busy.

But, things have changed.  Yes, I still get called upon to tune a query now and then. Perhaps I making sure stats are updated instead of rerunning an index rebuild, and I still get called upon to restore a database now and then. But, now my job includes so much more. Yesterday I was writing a PowerShell script for a client. This script calls an SFTP server, downloads a file, unzips it and then calls a DTSX package to load it into the database.  So now I’m expected to know enough PowerShell to get around. I need to know enough SSIS to write some simple ETL packages. And the reason I was rewriting the PowerShell script was to make it more robust and easier to deploy so that when I build out the DR box for this client, I can more easily drop it in place and maintain it going forward.  Oh, did I mention that we’re looking at setting up an Availability Group using an asynchronous replica in a different data center? And I should mention before we even build that out, I need to consult with the VMWare team to get a couple of quick and dirty VMs setup so I can do some testing.

And that was just Monday.  Today with another client I need to check out the latest build of their application, deploy a new stored procedure, and go over testing it with their main user. Oh, and call another potential client about some possible work with them. And tomorrow, I’ll be putting the finishing touches on another PowerShell article.

So what does this have to do with last night’s meeting on Global Data Compliance? Grant made a point that in a sense Data Compliance (global or otherwise) is a business problem. But guess who will get charged with solving it, or at least portions of it?  Us DBAs.

As I started out saying, years ago it was relatively easy to be an expert in SQL Server. It was basically a single product and the lines tended to be fairly distinct and well drawn between it and other work. Today though, it’s no longer just a database engine. Microsoft correctly calls it a data platform.  Even PASS has gone from being an acronym for Professional Association of SQL Server to simply PASS.

Oh, there are still definitely experts in specific areas of of the Microsoft Data Platform, but I’d say they’re probably more rare now than before.  Many of us are generalists.

I mentioned above too that I’d probably be more likely to update stats than an index these days.  And while I still deal with backups, even just the change to having compression has made that less onerous as I worry less about disk space, network speed and the like. In many ways, the more mundane tasks of SQL Server have become automated or at least simpler and take up less of my time. But that’s not a problem for me, I’m busier than ever.

So, long gone are the days where knowing how to install SQL Server and run a few queries is sufficient. If one wants to work in the data platform, one has to up their game. And personally, I think that’s a good thing. What do you think? How has your job changed over the past decade or more. I’d love to hear your input.

2019 in Review

Last year I did a review of 2018 and then the next day I did a post of plans for 2019. I figured I would take time to look back on 2019 and see how well I did on some of my goals and then perhaps tomorrow set goals for 2020.

One of my first goals always is to make one more revolution around the Sun. I can safely say I successfully achieved that.

But what else? I vowed to blog once a week. I did miss a few this year, but pretty much succeeded on that one. But, perhaps those misses where why I failed to break 2000 page views for 2019. That said, I don’t feel too bad. In 2018, I had one particular post in 2018 that sort of went viral, and that alone really accounts for the higher number in 2018. So if I ignore that outlier, I did as well or better for 2019. That said, I think I’ll set a goal of 2020 page views for 2020. It’s a nice symmetry.

I’ve continued to speak at SQL Saturdays in 2019 and will do so in 2020. Still working on additional topics and may hint at one tomorrow.

But I again failed to get selected to speak at SQL Summit itself. That said, I was proud to again speak at the User Group Leadership meeting this year. My topic was on moving the needle and challenging user group leaders to bring more diversity to their selection of speakers (with a focus on more women, but that shouldn’t be the only focus).  It was mostly well received, but I could tell at least a few folks weren’t comfortable with the topic. I was ok with that.

I set a goal of at least 3  more articles for Redgate’s Simple Talk.  I’m pleased to say I not only succeeded, but exceeded that with 4 articles published. It would have been 5, but time conspired against that. That said, I should have another article coming out next month.

I never did take time to learn more about containers.

I continue to teach cave rescue.

I think I caved more.

I didn’t hike more, alas.

And there were a few personal goals I not only met, but I exceeded. And one or two I failed it.

But, I definitely succeeded at my last goal, having fun. 2019 was a great year in many ways and I spent much of it surrounded with friends and family. For reasons I can’t quite put my finger on, I think I enjoyed SQL Summit this year far more than previous years. It really was like spending time with family.

I’ve been blessed with great friends and family and 2019 just reminded me of that more than ever.  Thank you to everyone who brought positive contributions to my life in 2019. I appreciate it.

 

52

52 is an interesting number.  It’s the number of weeks in the year. It’s the number of cards in a deck. It’s a number of Earths in the DC Multiverse. It’s an untouchable number, something I just learned. It’s the atomic number of tellurium. In fact it has a number of interesting trivia associated with it according to Wikipedia: 52.

It also just happens to be the number of times I’ve been around the Sun, though strictly speaking that depends if you’re counting sidereal or the tropical year and the fact that I was born at night. But I think we’re close enough.

And it just so happens my birthday falls on the day I usually blog. So rather than something technical (though if I can get permission from a client, I may have something fun and technical soon) I thought I’d post some reflections and thoughts.

For me birthdays are both interesting and boring. I’m glad I’ve reached another milestone. But honestly, after age 25 when my car insurance rates went down, I haven’t given individual birthdays much thought. That’s not strictly true, I sometimes think about the fact that I’ve passed the point where statistically I’m looking at fewer days ahead of me than behind me.

I grew up in a small town, Falls Village CT, and parts of me never have left it. When I stop to daydream, my thoughts take me to the town green where we often played, or the woods behind my dad’s house, or the sand quarry behind the depot I grew up in. It was a safe and quiet life. I watched the world move from bell-bottoms to Reagan power ties.

While just a teenager, I and friends ran not one, but two Monopoly marathons to raise money for the Muscular Dystrophy Association. The first year we played for 100 hours (in teams) and the second 150 hours. I was and am still quite proud of the organization that took and the money we raised.

Since then I’ve done a lot.  I got thinking about that last night at the Capital Area SQL Server User Group meeting. I’m proud to lead this group.  I really enjoy, as I’ve noted before, giving back to the community that has helped me so much.

I’m proud to be a Regional Coordinator for the National Cave Rescue Commission. I can literally say the work the NCRC does saves lives. It’s an honor and humbling when folks come up to me and tell me how their training has made a difference in the lives.

I’m proud of much of what I’ve done in as my avocations and vocations, even if at times I’m often a victim of imposter syndrome. There’s still many times when someone will ask me a question and my first thought is, “why are they asking me, I’m just a kid and… oh wait… no I am the expert here and I’m far from being a kid.”  This is especially true when people I look up turn around and ask me for advice.  This happens a lot in the SQL world.

I’m very proud of my family, especially my son and daughter who are growing up to be wonderful adults, capable of critical and deep thinking. They will make an impact on the world and I don’t think as a parent I could want for anything more.

And of course proud of my wife, but I can’t take credit there, she’s a wonderful person in her own right. I just married well.

One common thread I’ve realized in my life that I enjoy is teaching and sharing my knowledge. I also, as anyone knows me, love a good debate.  Bring your facts to the table. Teach me something, change my mind, or be willing to have yours changed. I still recall a debate I had with someone once about a detail of the Constitution. She made one claim, I made another. We finally settled it by finding a copy of the text and realizing who was right. Afterwards there was no rancor or hurt. We both had appreciated the intellectual exercise and the correction of fact.  But even opinions can at times be changed. At Summit I had two pieces of white chocolate from New Zealand. They changed my mind about white chocolate! I enjoyed them.

People often ask me what I want for my birthday and the truth is, I rarely want material things. Honestly, unless it’s a new Tesla (and NOT the truck) I can and will probably buy it for myself.

But here goes:

  • Another 52 years – hey, why not? We’re making medical breakthroughs, and it’s possible I’m wrong and I’ve got more days ahead of me than behind me. Right now, I’d love that.
  • Learn something – challenge yourself in the next year to learn a new skill or a new topic. Don’t get stuck doing the same things all the time.  Earlier this year I finally took the time to start learning about Extended Events. Who knows what I’ll learn in this coming year.
  • Teach someone something – everyone one of you has a skill someone else doesn’t. Share.
  • Related to that: if you’re a caver, or have a friend or family member who is a caver, get them to take the 2020 National Cave Rescue Seminar.
  • Have a friendly debate with someone. Realize it’s not about winning or losing, but an exchange of ideas. Bring your facts to the table and recognize your opinions. Be open-minded.  Be prepared to say, “You know what, you’re right, I was wrong.” This is not losing a debate.  And be prepared to acknowledge someone saying the above to you. Accept the words graciously, don’t lord it over them. This is not about winning a debate.
  • Be kind.  If nothing else in the coming year, be kind.

And that’s it for turning 52.

P.S. Unrelated, but check out my latest article at Redgate’s Simple-talk: Building a Countdown Timer with PowerShell

Snow Daze

I’ll be honest upfront. I have a love/hate relationship with snow. I love the sounds of a snowstorm. I don’t mean the wind if it’s there, I mean the quiet hush that can settle over the land, a muffled calm. It’s peaceful.

I love the starkness it can leave behind, everything white with a gray or black background. The lack of color is beautiful in its own way.

I love how it slows down life for a bit. You can’t go fast. You have to stop and take a measure of the moment.

And, I hate shoveling it. Sure, it’s a good workout, if you’re fit enough and not at a risk for a heart attack. But, it can be a pain. I drive a Subaru, so often I only shovel the end of my driveway where the snowplows leave their pile of detritus as they go by since once that freezes in place it can become an implacable wall. But this snowstorm, I did the entire driveway. It was deep enough I thought it prudent.  And it’s not just the weight of the snow that’s the issue. It’s moving it to a place that’s out of the way.

I’m a person who actually loves the seasons. I love how they mark the inexorable passage of time.

“One Christmas was so much like the other, in those years around the sea-town corner now, out of all sound except the distant speaking of the voices I sometimes hear a moment before sleep, that I can never remember whether it snowed for six days and six nights when I was twelve, or whether it snowed for twelve days and twelve nights when I was six.” – Dylan Thomas A Child’s Christmas in Wales

I’ve been alive for over a half-century now and at times it seems the years fly by faster. The snippet from Dylan Thomas reminds me so much of Falls Village CT, the town I grew up in. In some ways it never lost a certain Victorian charm.  We were part of the modern world, but separate enough that we were ensconced in a tiny bubble. In the winter, I’d lay awake on a snowy morning hoping to hear the snow plow go by.  We’d build forts in the snow and have epic snowball fights. We’d come in sopping wet and warm ourselves by the wood stove and drink hot chocolate and share epic tales amongst ourselves.

When it got a bit closer to Christmas we’d go to the nursery and buy a 14′ tall tree, because we could.  We’d decorate the first 8′ and then above that, the best we could.

It’s not Christmas yet here, but at GMS Headquarters it’s slowly arriving:

20191203_094342

Christmas Lights

And soon I’ll start listening to Christmas music.

And I’ll try not to think about the next round of shoveling I have to do.

I’d love to sit around all day sipping hot chocolate and doing nothing, but there’s work to do and eventually more snow to shovel.

And I can hear the occasional plow go by, getting the roads fully clear.

All is well here at GMS Headquarters.

 

Thoughts on Writing

“I also did the copy edit. If it looks good to you, then I can get it published ASAP!”

This is an excerpt from an email I received yesterday. It was probably my favorite email of the week. It means another article of mine will be published at Red-Gate. I’m quite proud of this and once it is published I’ll be updating my page on published articles.

Let me be clear, while I appreciate getting paid for the Red-Gate articles and for the book I wrote, the truth is, I write for more than the money.

I write because I enjoy it. Getting paid sometimes is a bonus. Knowing that others may gain something from my writings is another bonus.

Just about two years ago I decided to go from writing for this blog on an occasional or “as inspiration” hit me basis to a weekly basis. This has had two impacts. I think I have fewer truly inspired posts, but overall I think my (and have been told, but you can judge for yourself) writing has improved. It’s like pretty much any activity, the more you do it, the better you get at it. And it has paid off, literally. I don’t get paid to write this blog, but it indirectly lead to my writing gig for Red-Gate.  So I guess it’s been worth it.

I’m still nowhere near close to giving up programming and writing full-time, but it would be a fun idea to explore. Right now though my writing gives me that little extra “fun money”.  I’m content with that.

Writing also brings me closer to my father. He was an English major at UConn and as such when he graduated became a carpenter. He had bills to pay after all! Some of my earliest memories of him are him sitting in his office trying to write. Based on what I know of him, I suspect he was trying to write the next Great American Novel.  Sadly that was never to be. That said, in the garage below my office I have all his notebooks with all his handwritten stories. Someday I plan on trying to decipher his handwriting to see what it is he did write.

In terms of non-fiction however, I do have some knowledge. He was for many years a stringer for some of the local newspapers and I remember him calling in articles he had written on a variety of topics, including coverage of the local media sensation, the trial of Peter Reilly who was charged with the brutal murder of his mother. Later my father covered the retrial of Mr. Reilly, after it was shown his initial confession was coerced and there were other issues were found with the trial.  He covered more than that, but was the biggest story he covered.

He never had a book published, which I know was a dream of his. I finally did get a book published, unfortunately after he died. That said, in fairness, I think a technical book, especially in today’s climate is a bit easier than the fiction book he was shooting for.

One writing tip I took from Stephen King (and others to be fair) is to set aside a time each week to simply write.  On my calendar I have a period set aside every Tuesday to write this blog. It’s a constant reminder that I need to make time to write. More recently I added a similar block on Wednesdays to write for Red-Gate.  It doesn’t mean I’m always successful during those times or that I only write during those times, but it forces me to set aside some time to write. And the end result is, I write more. And it’s been good.

That said, I think my next goal is to write a non-technical book, whether it’ll be a work of fiction or non-fiction remains to be seen. I may need to put that on the schedule now.

So, that’s my writing for this week!

 

“Do What You Love…

And you’ll never have to work a day in your life.” – Confucius, Mark Antony, Mark Twain.

Honestly, I think that’s some of the worst advice ever. It’s a sure way to end up hating something you love doing. Or if you do follow it, make sure you understand what it is that you love.

I first realized this in high school. I had signed up to do JV soccer, something I enjoyed, but I can’t say I loved. Before school started, we had a day of orientation. It included a hike or run up the mountain behind the school. I loved the woods and I loved (and still do at times) running through the woods. Somewhere along the way, a fellow student saw me running and suggested if I enjoyed running through nature so much, that I consider doing Cross-Country instead as my fall sport. I took their advice; snd hated it for two fall semesters in a row.

I realized what had happened was that I had replaced what to me was a fun, non-competitive activity and turned it into something where I had to perform at a specific level every single time. What I loved was running through the woods, not running competitively.

People assume I love working with computers.  That’s not entirely true. I ENJOY working with computers. I enjoy solving problems and computers are one way I can express that joy. When I make a query run 10x faster, or automate a process that previously took someone an hour a day to do, I enjoy that. But do I love it? Probably not. And I’m actually grateful for that. Because if I loved it, it would mean those days of drudgery where I bang my head against the wall all day trying to solve a problem, or I’m up until 3:00 AM recovering a failed server would turn something I love into something I dread. Something I loved would become a chore.

I love to teach caving. I get a real thrill out of it. But, I suspect that if I spend 40 hours a week, 50 weeks a year doing it, it would soon become a chore.

As my kids started their college journey, I’ve advised them, “find something you enjoy, not something you love. Keep the something you love for your own personal time so it doesn’t become a chore.” And that’s my advice to anyone.

But hey, I could be wrong. What are your thoughts? Did you pick your job because you love it and if so, do you still love it, or did you end up resenting it at all? Or do you enjoy your job?

Lifelong Learning

Writing a weekly blog isn’t always easy. For one, you have to come up with a topic every week. As fellow DBA Monica Rathbun recently pointed out, that’s not always easy. But sometimes (ok, often) I get lucky and the universe conspires to give me a topic.

This is what happened this week. The other night I was talking to my son about a possible project I might need his programming skills on. We reached a point in the discussion where I realized what we wanted to do was possible from a technology point of view, but I honestly had no idea how to accomplish it. I literally said, “I have no idea how to do that. But that’s ok, that hasn’t stopped me before. If I don’t know how to do something and I need to, I’ll learn it.”

That said, earlier in the week I was chatting with a friend of mine who has her doctorate in psychology and we were discussing learning new things and one of the items that came up was how it does get harder to learn as one gets older. On the flip side, we have more skills and memories to build upon which can help compensate.

Going back, even further, I remember my maternal grandfather. He was a PT Boat vet from WWII. Some of my earliest memories were him staring at me surrounded by a bright glow. No, he was not an angelic being, rather he loved to film everything on 8mm film and often used a bar of bright lights to make it bright enough. Later in live, he started to move all the 8mm and Super-8 film to VHS. He learned the necessary skills.

Even later in life, with some help from us grandkids, he started to move everything to DVDs. He was probably in his 70s when he took this up and learned how to edit everything on the computer, add in new sound tracks and titles and more.  I mention this story because I remember the day my mom again called to vent her frustration with her computer and how she was ready to toss it in the microwave and have them commit a murder-suicide together. She claimed she was too old to deal with learning how to use her computer. I mentioned to her that her father had learned how to edit DVDs and he was even older.  She was quiet for a minute and then agreed I had a point. Now in her defense, I will say, more often than not she will now call up and say, “Well, I had a problem with the computer, but I figured it out.”  Again, proving, you’re never too old to learn.

What brought all this together though in my mind was this post from Grant Fritchey. It’s well worth the read and I think he makes a lot of valid points. I know as my career in IT I’ve had to constantly learn. What I need to know today is often vastly different from when I did my first install of SQL Server 4.21a. It’s one reason why I made a point last year of buying a LattePanda singleboard computer and installing Linux and then SQL Server on it. I had decided to challenge myself and set a goal of building a SQL Server for under $200.

I plan on learning up until the day I die (and who knows, perhaps after that!) What about you? Will you stagnate or grow?

And as a reminder, if you enjoy reading my blog, please subscribe to keep abreast of updates and additions.

And a final note, I will be travelling over the next two weeks, so I may be too busy to blog.

Being Observant

I was busy last week teaching cave rescue at the annual National Cave Rescue Commission Weeklong training seminar, hence my lack of a post last week.

As always, I had a great time helping to teach a class of 19 students. Our teaching includes classroom time as well as time in the field. We use both caves (obviously) and cliffs for out in the field instruction. The cliffs give us an opportunity to focus on rigging and lets everyone see what’s going on; mostly. In a cave, often it’s too dark and small to let everyone have a good few.  But, you may notice that I said mostly above.

Let me interrupt with a quick video.  Can you count the number of times the players dressed in white pass the basketball? If you got 15, congrats.

Now back to the class being on the cliffs. As part of our exercises, we usually do several iterations of the same thing, such as lowering a patient and then raising them up. Each time we may change a detail or two, such as where they can rig, what haul system to use, etc. The idea is that repetition helps them learn the skill. Often though, at the last iteration we toss in a wrinkle: they’re not allowed to speak, at all. Generally this means, they have to start with a pile of rope and hardware on the ground and without saying a word, rig a safe system to lower and raise a patient.  Generally they use a variety of hand signals and various body motions. While at times it can be quite entertaining, it can also be instructional. It’s often the faster iteration of the day, in part because they’ve honed their skills but also due in a large part because there’s no ideal chit-chat.

The point of the exercise is multi-fold. Partly it’s a great challenge for them that they end up really enjoying. It also illustrates that communication is still possible when you can’t verbalize things. This is actually often common in caves where rushing water or echos can make vocalizations useless. It finally shows that they’ve come together as a team and can work effectively.

That said, sometimes they can miss details. As instructors we ensure though that no safety issues are missed. We will stop the exercise if we see something unsafe and help them make it safe.  Part of this includes an instructor on a separate rope to hang over the edge so they can watch the patient (generally another instructor) go down and come back up. This instructor watches the entire process for safety reasons.

This time around, we decided to add a bit of a twist to the exercise.  Generally the safety instructor stays at the top. This time however, he rappelled over the edge, all the way to the bottom. Nothing overly unusual about that.

However, once he was at the bottom, along with the patient, who happened to be me, I very quickly detached the ropes connected to my harness and connected them to his harness. I then moved over to the line he had been on and started to ascend as the students began to haul him up.

They eventually got him to the top and congratulated themselves on a job well done. Other than the student at the edge of the cliff who had watched the process, none of them appeared to notice that they had lowered me and raised him.

This actually isn’t totally surprising. We like to think of the human brain as a computer, but in many ways it’s not. Or at least it’s not a digital one with perfect recall. We actually ignore a lot of “noise” in order to focus on what’s important at the time. The fact that the person they hauled up was different from the person they had lowered counts as noise in this case because it’s so improbable that the brain won’t bother processing it, lest it take away from more important tasks, like ensure the ropes were handled safely.

And for those of who you didn’t watch the video, the answer is 15, but that’s not what’s important. Go watch it.

Today’s takeaway, our brains are fuzzy and work “well enough” most of the time, but can miss details. And generally, that’s ok.

Security: Close isn’t good enough!

I was going to write about something else and just happened to see a tweet from Grant Fritchey that prompted a change in topics.

I’ve written in the past about good and bad password and security polices. And yes, often bad security can be worse than no security, but generally no security is the worst option of all.

Grant’s comment reminded me of two incidents I’ve been involved with over the years that didn’t end well for others.

In the first case, during the first dot-com bubble, I was asked to partake in the due diligence of a company we were looking to acquire. I expected to spend a lot of time on the project, but literally spent about 30 minutes before I sent an email saying it wasn’t worth going further.

Like all dot-com companies, they had a website. That is after all, sort of a requirement to be a dot-com. And it was obvious it was backed by a database server (which I knew was SQL Server, which sped up my process, but only by a few minutes). So, I did the obvious thing and got the IP address of the web-site. Then, I simply tried to connect to SQL Server from my desktop to that IP address and one or two on either side of it. On my second attempt, the IP address right before the one of the website replied to my attempt to reach SQL Server. That was not a good sign. The reply meant there was no effective firewall in place. Note, had they not been using SQL Server, but some other tech, it might have taken me another 10-15 minutes to find the right client to connect. So knowing it was SQL Server wasn’t overly important.

But of course at least they had a password right? Well, back then, the latest and greatest version of SQL Server was 2000 which still did not require a password when you set it up.  I asked myself, “it couldn’t be that easy could it?”

Sure enough it was. Within minutes I had logged in as sa without a password. I now had complete control of their SQL Server. But even more so, back then SQL Server allowed unfettered access to xp_cmdshell. In theory at that point I could have done anything I wanted on the box, including installing remote access software and creating and giving myself administrator access.  I didn’t. But, my email to my boss was short and sweet. I explained how there was absolutely no way we could acquire their platform without a complete top to bottom review of it for any signs of malware. If it took me only 30 minutes or less to get in, I was almost certain their system was owned.

We never acquired that company. I’ve wondered since then what happened to them. My guess is, like many dot-com companies they folded. I can’t say it would have been because of their lack of security, but I can say that the lack of security played a huge factor in us NOT acquiring them. (and for the record, the company I worked for at the time ended up acquiring 1-2 other companies, merging with a 3rd and finally being acquired by a 4th, which is still around. So we were doing something mostly right.)

The second incident that comes to mind was about 8 years later at another start-up. I was asked by the COO to do some due diligence on the setup in another division’s datacenter setup. Again, I didn’t do anything fancy. I knew they weren’t running SQL Server, but I figured I could still do some probing. This time what I found was a bit different. It wasn’t software per se, but rather their iSCSI switch. Sure enough not only did it have a public facing IP address, but, the CTO of that division had failed to change the default password. I was very tempted at the time to give the IP address to my 8 year old son, without any other details and asking him to try to log in. Given his skills, even at that age, I’m 99% sure he’d have figured how to Google the required information and get in. But I figured I didn’t really need to do that to make my point.

That and other factors later lead to the CTO leaving the company.

Moral of the story: Make sure your sensitive information is under some form of lock and key and don’t use blank or factory default passwords, let you or your company end up in a headline like this one: Evisort Data Exposed.