MSFT @ 50

Microsoft was founded 50 years ago this coming April. Most of you are somewhat familiar with their origin story that began with a small office in Albuquerque by Bill Gates and Paul Allen. And thanks to this series in Geekwire, you can read about things from their perspective. This series has inspired my own POV.

Back in the spring of 1975, I was finishing up college in New York. The only computers I had access to were mainframes. When I got to grad school a few years later, we had a time-sharing system. That meant getting up at the crack of dawn or waiting until the middle of night to go across campus and sit in front of a monochrome character-mode terminal. The odd hours were caused by their popularity during the day. When I got my first post-grad-school job in DC, I used a downtown “remote job entry” storefront (I think it was on K Street, but don’t hold me to that) where I could submit my decks of punched cards and come back the next day to see if my programs had run without errors. (They usually took a few tries, just so you know.)

My first actual PC was an HP 85 running CPM, somewhere around 1979. I was using it to build math models for various consulting clients, and the models were built using Visicalc, the original digital spreadsheet. It had all of 8K of RAM, an amount of memory so small you can’t even buy it in a basic digital watch today.

My first interaction with Microsoft was IBM PC DOS in 1981. It would take several years before I joined PC Week in the mid-1980s, when I got my first breakout job there (now known as eWeek). Then I began using Microsoft’s local area network software, called LAN Manager, that it built to run on 3Com’s servers. The LAN Man era accounted for one of my favorite PC Week cover stories back then: we wrote about how anyone could take over a server with a simple boot floppy which granted unrestricted physical access to the machine. Ah, those were the days!

It was at PC Week that I began to develop relationships with many of the MSFT execs, including Ballmer and Gates, as we went around the country to various events and covered major product launches. It was a heady time for a former anonymous corporate user, now blessed with a huge expense account.

I got side tracked during this time period with OS/2, the failed IBM and Microsoft operating system project that resulted in a book deal for me (which remains unpublished) and a new server operating system for Microsoft called Windows NT. NT had an enduring and somewhat troubling legacy, which I first wrote about in 2003. I still have a soft spot in my keyboard for it.

NT is the OS that keeps on giving, as I recently updated a post for CSOonline about its infamous and enduring NTLM protocol, a favorite of hackers through the ages because it basically doesn’t require any authentication.

During the 1990s, Microsoft (along with many of us) discovered the web, or as we called it then, The Web. Microsoft stumbled here as well, trying to make the web its own proprietary playground, as I wrote about in 1998. This would be a common theme, one that I called attention to when ActiveX was on its way out in the mid 2000s for dynamic content. They tried and failed to squash the upstart browser innovator Netscape with their own Internet Explorer. That eventually failed and now Microsoft’s Edge browser is based on Google’s Chromium.

It was during this decade that Microsoft began to understand the open-source community. Some of this understanding was the result of court judgements (at one point in time, the company had 130 lawsuits to deal with), and some due to a transformation of its collective engineering mindset. I went to one of its 2007 conferences where it was clear that it still had  a love/hate relationship with the internet and viewed many OSS projects as competitors for its own commercial products. You can see how that attitude has changed somewhat on this current splash page, where they claim to use thousands of OSS projects every day.

It was also in 2008 that Gates announced his retirement, and where I developed a clever speaking gig giving thanks to him for making my career so interesting. The speech is somewhat tongue-in-cheek: if Microsoft had made better products or gotten on board trends sooner, I would have had a more boring arc in writing my stories, not to mention fewer support issues. Remember Bob and Clippy? Windows 8 and ME?

Thanks to all of you for reading my work over the years, and sharing your own MSFT memories along the way.

CSOonline: Python administrator moves to improve software security

The administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to identify and stop malware-laced packages from proliferating across the open-source community that contributes and consumes Python software.

The effort called Project Quarantine is described in blog post by Mike Fiedler, who is the sole administrator responsible for Python security. The project allows PyPI administrators and a select group of developers to mark a project as potentially harmful and prevent it from being easily installed by users, avoiding further harm.

In my blog post for CSOonline, I describe this effort and how it came about.

CSOonline: SOAR buyer’s guide, 11 products compared

The class of products called SOAR, for Security Orchestration, Automation and Response, has undergone a major transformation in the past few years. Features in each of the four words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response tools. Orchestration is now a joint effort with SIEM tools. Many of these features are now found in managed security products that go by other names, such as threat and incident response or cloud security posture management (CSPM). And many of the SOAR tools are no longer just focused on security but have expanded to cover the wider context of how an enterprise infrastructure operates.

In this review for CSOonline, I cover some of the major issues for enterprises that are looking for a SOAR tool and briefly mention 11 vendors (out of dozens that offer such products). Be warned that these products are pricey, and finding true price transparency is almost impossible without engaging the vendors’ sales teams.

Book review: The Perfect Home

The Perfect Home by Daniel KenitzThe novel The Perfect Home by Daniel Kenitz centers on a power couple who are behind a leading shelter reality TV show and what could go wrong. If you are a fan of such shows you might enjoy the novel, which chronicles the decline of their relationship when the husband plans on getting rid of his family in the quest to garner more fame, more power, and more money on his own. Twin babies are involved, an affair happens, and the wife reunites with her long estranged father, all in the quest to figure out the shifting reality — in this case, their actual lives — rather than what is depicted on screen as they renovate various homes around the country as the cameras and scripted witty banter roll. Having been through a divorce from my own cheating spouse, I still found this novel interesting and engaging, and the exploration of the shifting understanding of marital trust worthy of the author’s treatment.

How to best disconnect from Twitter

Last month, I suggested that it is time to remove ourselves from Twitter. There are several ways to do this. You’ll see my process and you can make your own decisions. TL:DR is:

  • I stopped posting more than a year ago, but still kept my account to protect my brand as a placeholder.
  • I downloaded an archive of my tweets in multiple ways, and will tell you why this is necessary.
  • I then deleted all my tweets, using the Windows software from Cyd.social.
  • I also deleted the other digital effluvia of my account, including retweets, likes and follows).

Before we go down this journey, I would urge you all to read how to backup all of your social data, a blog that I wrote many years ago and have tried to keep current. If you haven’t ever done this, now is the time to create and download these archives. This should be a part of your regular backup processes of your data.

Backing up your social network data

That post will direct you to a particular link where you can prepare and then download an archive of each of your accounts. For Twitter, it might take a day or two to gather it together, but Twitter will send you an email when it is ready, and then you have a few days to download it. The others have somewhat different processes and schedules. You can pick and choose various options and data types to include in your archive: for example Google has dozens of services that may or may not be meaningful to save periodically.

But, and this is important: the archive of your tweets depends on having a working Twitter account. There is a page of HTML that will bring up a summary of your archive, but the tweets and follows and so forth have to exist online. It is a somewhat half-solution. I had a small hiccup with my archive that I will get to in a moment.

A better solution is to use one of the dedicated archive/deletion tools, and as I said, I ran Cyd.social, which logs into your Twitter account and then creates a complete offline archive. The hiccup was that Cyd didn’t like the very long file name that Twitter created, so I renamed it and that passed muster. Cyd uses this archive as a starting point to seek out and delete your content history.

There are two versions, as you can see from the screenshot: the free one will archive and delete all of your tweets. The paid version (which you can purchase an annual subscription initially for $36) will also allow you to be more selective and keep some of your tweets, and also delete other aspects of your account, such as followers, likes, and DMs.

I upgraded to the premium version so I could delete everything. I liked the design of the software, which tells you in advance what it is about to do to your account. Because Twitter has put in place rate limits to prevent these mass deletion operations, Cyd has to work around them and sometimes pauses during its housekeeping to foil these limitations.

One content type you might notice is not covered by Cyd is list management. I have quite a few lists, and ideally would like to convert them to followers on LinkedIn before I delete them, but I haven’t found a tool to do that.

Another thing that I noticed browsing my archive is how few of my words of wisdom were retweeted or liked. Almost all of them had no engagement whatsoever. You would think with all the years of using Twitter and various analysis tools I would have noticed this before now. Sigh.

I came across a free analysis tool from Cleve.AI that does summarize my LinkedIn activity. You can see an excerpt from my report below, which has a nice summary of my words of wisdom, shown below.

Best wishes and happy new year to you!

How IT can learn from Target and Walmart

With all the holiday shopping happening around now, you probably have visited the websites at Target and Walmart, and maybe that prime Seattle company too. What you probably haven’t visited are two subsidiary sites of the first two companies that aren’t selling anything, but are packed with useful knowledge that can help IT operations and application developers. This comes as a surprise because:

  • they both contain a surprising amount of solid IT information that while focused on the retail sector have broader implications for a number of other business contexts
  • they deal with many issues that are at the forefront of innovation, (such as open source and AI) not something normally associated with either company
  • both sites are a curious mixture of open source tool walkthroughs, management insights, and software architecture and design.
  • many of the posts on both sites are very technical deep dives into how they actually use the software tools, again not something you would ordinarily think you could find from these two sources

Let’s take a closer look. One post on Target’s site is by Adam Hollenbeck, an engineering manager. He wrote about their IT culture: “If creating an inclusive environment as a leader is easy for you, please share your magic with others. The perfect environment is a challenge to create but should always be our north star as leaders.” Mark Cuban often opines on this subject. Another post goes into details about a file analysis tool that was developed internally and released on open source. It has a user-friendly interface specifically designed to visualize files, their characteristics, and how they interconnect.

Walmart’s Global Tech blog site goes very heavy into its AI usage. “AI is eliminating silos that developed over time as our dev teams grew”, Andrew Budd wrote in one post, and GenAI chatbot solutions have been rolled out to optimize Walmart’s Developer Experience, a central tool repository. There are also posts about other AI and open source projects, along with a regular cyber report about recent developments in that arena. This is the sort of thing you might find on FOSSForce.com or something like TheNewStack, both news sites.

Another Walmart article, posted on LinkedIn, addresses how AI is changing the online shopping experience this season with more personalized suggestions and predictive content, (does this sound familiar from another online site?) and mentions how all Sam’s Club stores have the “just walk out” technology that was first pioneered by Amazon. (I wrote about my 2021 experience here.)

One other point: both of these tech sub-sites are not easily found: tech.target.com (not to be confused with techtarget.com) and tech.walmart.com — have no link from either company’s home pages. ” I’m not sure these pages should be linked from the home pages,” said Danielle Cooley, a UX expert whom I have known for decades. “As cool as this stuff is for people like you and me and your readers, it’s not going to rise to home page level importance for a company with millions of ecommerce visitors per day.” But she cautions that finding these sites could be an issue. “I did a quick google of ‘programming jobs target’ and ‘cybersecurity jobs target’ and still didn’t get a direct link to tech.target.com so they aren’t aiming at job openings. But also, the person interested in cybersecurity will not also the person interested in an AI shopping assistant for example.” Given their specificity, even if a visitor lands on them, they still might go away frustrated because the content is pretty broad.

You’ll notice that I haven’t said much about Amazon here. It really isn’t fair to compare the two tech sites to what they are doing, because of Amazon’s depth in all sorts of tech knowledge. And to be honest, in my extended family, we tend to shop more at Amazon than either Target or Walmart. But it is nice to know that both Target and Walmart are putting this content out there. I welcome your own thoughts about their efforts.

A very practical business book to help spur innovative thinking

The Imagination Emporium by Duncan Wardle is an interesting business book. Unlike many books that fall flat after a solid first chapter full of suggestions on how to improve your workaday life, Wardle’s book is a solid construction that is chock full of real tools to help you figure out new ideas, sort and rate them and act on the best after building a consensus from various stakeholders. It is a “What Color is Your Parachute” reimagined for the digital, collaborative age, and like Parachute contains some simple but very effective ideation exercises. The trick is to actually stop reading and work through them to generate the ideas yourself.

Wardle was former head of innovation and creativity for Disney, and the design of the book’s pages show exactly how creative and clever he can be at getting you to use his tools. It starts off by exploring the “river of thinking,” where colleagues shoot down your ideas because that isn’t the Way Things Have Been Done or because There isn’t Any Budget or No, Because types of replies. Sound familiar? We have all been there.

Wardle says that our imaginations began to be stifled the day we went to first grade and told to color between the lines. That attitude creates a river of negative thinking that has lasted all of our lives. Another example — don’t call the person sitting by your office’s front door a receptionist, but as “Director of First Impressions.” See what that does? The person becomes empowered to do something important.

None of us go to work today and say we are going to kill a bunch of ideas, and yet, that is what we all do. Wardle’s book will get you to go to “Yes, and” and become better idea nurturers by building a team of diverse opinions and perspectives, and have naive experts that can stimulate your discussions.

Once again, priceless isn’t a marketing strategy

I want to introduce you to one of St. Louis’ premier restaurants, Charlie Gitto’s. It has been around for decades and you can be sure of a great meal, with great service and a quiet place where you can hear your tablemates. So go on over to their website and check out their menu. I’ll wait while you take a look.

 

What don’t you see on their menu? Prices! Now lest you think that this is common among top-tier restaurants, I did a quick check and found many of their competitors have prices listed, some who charge even more than Charlie Gitto’s does.

My interior designer wife reminded me of another example. We have been to one of her lighting supplier stores. There are no printed prices on any of the items in their showroom. Instead, there are QR codes that you can scan for the retail prices. Imagine looking at a dozen lamps or whatnot: this gets tedious really quickly. Far easier to just bring up the Google pages.

This is not a new subject for me. I wrote about this back in 2011 when I said priceless is not a marketing strategy. Back then, I wrote that those vendors who don’t publish prices really are unsure about their pricing strategy, and so have instructed their PR firm or marcom team to just omit this information and see what the reaction is by potential customers and other related parties. Based on this free research, they will come back and adjust the Web pages and add the appropriate pricing.

Well, I was wrong. These priceless vendors never plan to publish anything publicly. Take a look at these two examples which are long on details on how their prices are calculated without providing any actual dollar amounts.

Tines’ page shows you how many degrees of freedom a price depends on: depending on how you count, there are four basic tiers (one of which is free, kudos to them), and seven different add-on tools, and five different usage tiers and you get at least 140 different prices, and then a note saying that older customers are on a different pricing model. Yikes!

I was eventually able to squeeze out a range from Tines, but it took several emails. Another vendor initially refused to name their prices, when I published the article I had the wrong information, gleaned from some online information (which turned to be incorrect). They finally did come clean with the right schedule. Hopefully another lesson learned!

Now I realize that posting a fancy restaurant’s menu and posting a $500,000 or so enterprise security service are different things, but not really. What if when you came into the restaurant, and they presented you with a menu that had different prices for the following

  • If you are going to pay cash, you get a slight discount, since they avoid the credit card processing fee (I have started to see more this situation).
  • If you are going to occupy your table for more than 90 minutes, there will be an add-on per minute charge.
  • If you made a reservation for a certain size party but show up with fewer diners, you will be hit with a surcharge.

You get the point.  Some restaurants are even charging in advance, when you make your reservation. Those are restaurants that aren’t getting my business.

When I first wrote about this situation, I had a lot of comments. One vendor told me they cleaned up their act and thanked me for my POV. One small step for vendorkind. But really folks: the harder you make it for your customers, the fewer customers you will have. And that is something really priceless.

Red Cross blog: The Journey From Intern to Board Member:

Every Red Cross volunteer has a unique background and reason for volunteering. Recent University of Missouri graduate CJ Nesser is no exception and is proof of the younger generation’s desire to take on heavy levels of responsibility and make a difference in the world around them. This is his story about his volunteer efforts, an impressive young man indeed!

 

Time to move away from Twitter

Yes, I know what it is now known as. When the Muskification began two years ago, I wrote that this was the beginning of its demise. I said then, “Troll Tweeting by your CEO is not a way to set corporate (or national) policy.” How true, even now.

Since then, I haven’t posted there. I still have my account, mainly because I don’t want anyone else with my name to grab it. But I have focused my efforts in content promotion over on LinkedIn. This week I give a more coherent reason why you might do the same and follow in the footsteps of The Guardian, who announced they are moving off the platform earlier this month. They said, “X now plays a diminished role in promoting our work.”

I got a chance to catch up with Sam Whitmore in this short video podcast. We discuss why PR pros should follow my example. Sam and I go way back nearly 40 years, when we both worked as reporters and editorial managers at PC Week (which has since been unsatisfactorily renamed too). Sam takes the position that PR folks need to stick with Twitter because of historical reasons, and because that is where they can get the best results of coverage by their clients and keep track of influential press people. I claim the site is a declining influence, and so toxic to anyone’s psyche, let alone their client’s brand equity.

In January 2023, I wrote a series of suggestions on Twitter’s future, including how hard it will be to do content moderation (well, hard if they actually did it, which they apparently don’t) and how little operational transparency the social media operators now have.

Since then, Twitter has become the platform of outrage. As my colleague Scott Fulton points out, this is different from encouraging engagement.  If I state a point of view on X, the only way I can expect my statements to be amplified is if they can be rebutted or maybe repudiated.” My colleague Tara Calishain pointed me to a post on The Scholarly Kitchen, where several of its contributors point out their own movements away from Twitter.

Is Sam or I right? You be the judge, and feel free to comment here or on LinkedIn if you’d like.