Traffic School for Software Projects

Ever wonder if there's a correlation between the way some folks develop software and the way they drive their cars?

The Tailgaters

These are the ones who are constantly on your ass, going 90 MPH, and flipping you the bird because you are holding them up. You might even be going faster than the guy to your right, but that's apparently not fast enough for the maniac behind you. If you get out of this guy's way, he will inevitably zoom past you, race right up on the next guy, and do the same thing to him. These guys are an accident waiting to happen. They aren't thinking about the safety of others, or about the possible parking lot ahead of them on the road. All they care about is getting where they're going as fast as possible. If some poor slob gets angry enough, he's going to slam on his brakes, and there's going to be a loud screeching sound followed by a crash, car parts flying everywhere, sirens, flashing lights, and lawsuits.

In the software world, these are the folks who are constantly hounding you, demanding, "Is it done yet? Is it done yet? Come on! Hurry up!" The quality of the project takes a back seat to the speed of its delivery. They will likely sacrifice people, resources, process, features, and quality and not worry about the risks that await them down the road. It's all about meeting the deadline, and God help those who get in their way.

Advice to you Tailgaters: SLOW THE HELL DOWN! It's better to get there alive than in a body bag. You aren't saving that much time by going so fast you make Mario Andretti look like an old man with a walker. You're risking lives, and you will eventually crash and burn. I'll wager that alot of you think you've never been in and accident. Well, that might be true. But I bet you've caused a lot of them.

Same goes for you software tailgaters. Slow it down. You want the project to get there in one piece, with as much of its promised feature set and team in-tact as possible. Your constant pressure isn't helping anyone. A healthy dose of encouragement is one thing. Unhealthy pressure (tailgating) is quite another; it kills morale, and results in high turnover, which leads to increased costs and loss of employee buy-in. So knock it off; let your foot off the accelerator!

The Weavers

Weavers like to move in and out of traffic, zipping from one lane to another, often unexpectedly, and rarely using their turn signals. Their lane changes are unpredictable, haphazard, unannounced, and a source of frustration and terror to those around them. They are the reason that defensive drivers exist. You can't predict where they're going, when they're going to change directions, or what direction they're going to move in. The best you can do is hope you have power steering, anti-lock brakes, and really good peripheral vision.

Weavers drive like they're the only ones on the road; changing lanes doesn't require a turn signal because, well, they don't care if anyone's in harm's way. All that's important is that they get into the lane they want to be in. They just yank that wheel to the left or right and fwoop! there they are where they want to be, while your brakes squeal, your car lurches, and heart hammers in your chest. We won't talk about the string of expletives that explodes from your mouth.

In the software world, these are the guys on the project who like to suddenly shift direction midstream. It might be a change in the process, in the coding standard, in the project's vision. It could be a change in how the teams are set up, in the reporting structures, in the UI's design, in the tool selection, in anything. Anything. But they thrive on change, and they don't really care about the impact that those changes have on the people around them. They're oblivious to the others around them. Change is exciting! It's good! It's cutting...no, it's bleeeeeeeeding edge!

Weavers work like they're the only ones on the project, with complete freedom to do whatever they like. No warning is necessary; asking for someone's advice or opinion about it's suitability is pointless because it doesn't matter to them. They want to do it, so they're going to do it. Who care's if anyone else likes it?

Advice to the Weavers: Learn to use your mirrors and turn signals! That means you actually have to become aware of the other drivers on the road. Yes, I know. That means you sadly have to realize that you are not the center of the universe, and that there are others who share the road with you.

And for those of you who think you can just change anything about a project midstream, learn to think differently. Change introduces risk into a project. Unannounced risk is unmanaged risk. Unmanaged risk increases the chances of project failure. (Crash and burn, Mav. Crash and burn.)

The Gawkers

Gawkers are a special breed of road hazard. These folks will be traveling down the road and spot something they find of interest, and slow down to a crawl to scrutinize it. In the process, the people behind them must slow down as well. This creates a nifty domino effect in traffic. Interestingly enough, what these folks find of interest is usually nothing of interest at all. But the ensuing traffic jam becomes a subject of much heated debate.

Software projects are commonly plagued by Gawkers: individuals who have no real business being involved in the project, but who nonetheless feel compelled to attend every meeting and inject their two cents, suggest things, and add "filler material" to waste everyone's time. They want to be CC'd on every email, take part in every hallway conversation, and stop by the developers desks to "check-in" and provide "moral support." They pepper us with questions and phone calls, spot-checks and emails, instant messages, and reminders, additions to meeting agendas, and interjections about meaningless and completely unrelated minutia in the middle of our meetings when we'd rather be back at our desks doing real work that matters.

Advice to the Gawkers: For God's sake people, stop gawking and drive! Pay attention to the road ahead of you, ignore that pigeon crapping on the rail, or that car parked on the side of the road, and just drive! You're holding up traffic for miles and leaving a string of accidents behind you.

And all you busybodies who seem to think you have to be involved in projects that have nothing to do with you, "Move along people, nothing to see here." We have work to do, and you're holding us up. Just leave us alone so we can get it done.

The Gadgeteers

We've all seen them. Some of us have been them. Driving down the road, accelerator hammered to the floor, while trying to operate some electronic gadget, be it a cell phone, Blackberry, iPod, radio, or even something as innocuous as the car radio. These geeks are so distracted by what they're doing that they'll careen recklessly from side to side within their lane, as if they're using the Braille Method to stay within the lines. They'll speed up, slow down, and be so engrossed by the spectacular fabulousness of their toys that they have become a danger to everyone else around them.

With the Gadgeteer, it's all about the toys. These devices aren't required to operate their vehicle: they're distractions that make it unsafe to operate the vehicle, especially at high speed, because they make it impossible for the driver of the vehicle to focus on what he or she should be focusing on: the road, and the other vehicles on it.

Software professionals are often distracted by the shiny, flashy appeal of the latest tools. But the truth of the matter is, you can write software in Notepad or any simple text editor and compile it with a command-line compiler. You don't need the flashy, glitzy tools to get the job done. (For the difference between need and want see here.) They might make your job easier, more comfortable, and less of a nightmare, but you don't truly need them. So don't get all obsessed about them and put other people at risk over them. Certainly don't become obsessed about them.

And whatever you do, don't let them constrain you or the project.

Advice to the Gadgeteer: First off, shut up and drive. If you're so compulsive about yakking on a cellphone 24/7, get an implant with a neural interface. Oh wait, we don't have that technology yet. Probably because NO ONE NEEDS TO BE THAT CONNECTED! So disconnect, relax, and enjoy the drive. Stop fiddling with all those gadgets, put them down, and pay attention.

If you're a software Gadgeteer, learn to do without for a while. Learn what it is to use primitive tools. You might actually learn to appreciate the tools that you do have. All those big, flashy programs you use are likely overkill for what you do, anyway. How many of the features do you actually use? Does the system really make you more productive, or does it spend a lot of time distracting you with countless configuration options, window placement options, font and color options, and so on? Wouldn't it be nice if you could actually focus on the code for a change?

The Lost Navigators

There's not a lot of hope for a Lost Navigator. Drifting slowly through the highways, byways, and side-streets of the country, looking for their exit or side street, hopelessly lost, and without a clue, these poor folks present the rest of us with a horrible choice: to be patient, or to pass. Our frustration knows no bounds. They drive slowly, obviously looking for something; sometimes, you can see them, scanning a mapbook, or consulting a crumpled set of MapQuest directions. In the worst case, they have no directions whatsoever to go by. Inevitably, they never seem to stop and ask for directions. They are lost, they are slow, and they are frequently oblivious to the line of cars piling up behind them as they look desperately for the place that they should be going.

Sometimes, in a moment of relief, they see their exit, and swerve to enter it. But frighteningly, this is all too often done from the left lane of the highway, and they must cross two or three lanes of traffic at the last moment to reach their offramp. And so they do. Cars swerve to get out of their way, slamming on brakes, honking horns, and nearly going off the road themselves.

Their problem, usually, is that they simply lack a decent navigational system, a decent set of instructions that tell them how to get where they want to go. It's not always their fault. Sometimes, however, you get the pig-headed kind who decide they can find their way through anything and can't be bothered to stop and ask for directions.

Often, in software development, there are folks who are placed in roles for which they are not well equipped. They are assigned a task, given little to go on, and told to do it. They have the little bit of information they're given, and they set out. So they move slowly, trying to find their way, and they might stop occasionally to ask for help. But their progress is slow, and as a result, their piece of the project moves slow. That's not so bad, actually; it's the guys who refuse to ask for help that cause the problem. By refusing to seek help, they're making a bad situation worse.

Advice to the Lost Navigators: Get better instructions. MapQuest lies. Frequently. Improve your situation! And for you blockheads who won't ask for directions, get off your high horse. Although I'll guess that your problem's a genetic defect of some sort, so I won't push that issue any further.

If you're in a software project, and you're struggling due to a lack of information, get that information! You can't be expected to do your job without it. If you need information about process and such, seek out excellent sources of information from places like the Software Best Practices forums maintained by Construx software. Interact with other developers in the Google newsgroups (drop me a line and I'll point you to them). Check out The Code Project and the programming topics at reddit. Read MSDN. Ask other developers where they go for information online. There's no reason for you to suffer from a lack of information when there's a wealth of free information from experienced developers providing it online.

And there are Others...

We know there are more. Let's not forget the Makeup Artist, the Conversationalist, the Belligerent Road Hog, and so on. But I'm sure you all can figure those out for yourselves.

And I'm sure you all have ideas of your own.  

Who Killed NDoc?

NDoc has been dead for some time now. In fact, if you visit the NDoc project site at SourceForge, you'll see that it hasn't been touched since February of 2005. In an email written by NDoc's author, we find the reasons why:

Unfortunately, despite the almost ubiquitous use of NDoc, there has been no support for the project from the .Net developer community either financially or by development contributions. Since 1.3 was released, there have been the grand total of eleven donations to the project. In fact, were it not for Oleg Tkachenko’s kind donation of a MS MVP MSDN subscription, I would not even have a copy of VS2005 to work with!

While lack of developer participation and user contributions wasn't the only reason that Kevin quit, they were certainly very compelling reasons to quit.

NDoc was and is a fantastic open source project. It's ease of use, feature set, and the frequency with which updates were made available made it a joy to work with. And Kevin was right on the money when he described its use as "almost ubiquitous." It enjoyed widespread use, and folks downloaded it as a must-have utility without even thinking about it. I know I did.

The problem, however, is that in not thinking about it, we also didn't think about the hours and energy that went into building, debugging, testing, documenting, publishing, and maintaining it. We didn't think about the time to cull through the defect reports, interact with the users, respond to feature requests, deal with mail bomb threats, and so forth. We just grabbed our freebie and ran with it. We didn't think about the poor guy who had a family to feed, bills to pay, and a completely separate life to maintain. We just took, and never gave in return.

We expected much, and gave very little beyond demands, requests, criticisms, and an increase in bandwidth costs. It's no surprise that the man lost his enthusiasm for the project. No one volunteered to help maintain it. No one volunteered to lend a hand, and very few offered to help pay the meager $5 donation.

When the mail bomb attacks came, it was all over. But that was only the last straw. By then, the damage had already been done. The mail bomber wasn't the one who killed NDoc.

We killed NDoc.

By our very apathy, by our refusal to support the open source products that we love, and the developers who created and maintain them, we doom them to death.

Microsoft has released the CTP of Sandcastle, their attempt to fill the void left by NDoc. As will inevitably be the case, it will be big, slow, and not nearly as flexible or fun to work with as NDoc. It will have fewer releases, and Microsoft will be far slower to respond to defect reports. (Ready yourselves for the "It's not a bug, it's a feature" disclaimer.) All the beauty that comes with a highly interactive open source community effort will be lost in the shadow of a giant corporate software project.

We will have no one to blame for it but ourselves.

I was excited to hear that Microsoft was incorporating unit testing into Visual Studio 2005. But I loathe their implementation of it. Instead of embracing the standard models used by NUnit and JUnit, they bastardized it and threw all our previous tests out the window, resulting in a conform or die scenario. As always, Microsoft's assimilation strategy prevails. It will likely happen again with Sandcastle, and I fear that the masses of us who have to maintain and document .NET 1.0 and .NET 1.1 code bases will be intentionally left behind as the .NET 2.0 marketing machine wields its iron grip on Sandcastle's design.

NDoc did not die; we killed it. And now, we have to pay the price for our own apathy and greed. Another product--bound to be something with which we are unhappy--will take its place.

Which open source project is next on the chopping block? We love them so much that we're willing to bleed their developers dry of enthusiasm by refusing to contribute to them. What shall we kill next? Who will deliver the first killing blow?

The sooner we clear them out of the way, the sooner a corporate giant can replace the innovative projects we love and control with some knock-off that we despise and can't control.

Methodology Fundamentalism

If you aren't taking part in Steve McConnel's Software Best Practices forums, you're missing out. It's not very active yet, but it's got tons of potential. By all means, check it out.

In a really interesting thread, a poster suggested that he'd like to ban the use of the term, "Best Practices," given that it's become something of a convenient excuse that IT professionals use to excuse every insane practice under the sun, regardless of its logical suitability to the business or environment. In his particular case, he cites this lovely bit of whimsy:

The IT manager at my last place of employment had set up the network to change passwords every 30 days. His response every single time the multitudes cried out in pain was to hold up a sheet of "best practices". Yahhh!

Now, admittedly, lots of companies have this policy in place. But if the only reason you can explain the 30-day password change policy is because it's on a best practices list somewhere, you've got a problem.

The Chief Software Engineer at one of my previous employers had a staunch policy that Is-A inheritance had to be maintained at all times, and could not be violated at any time whatsoever, even if you had a perfectly good reason for doing so. He would rewrite your code behind your back to make sure it happened. "Best practices, dontcha know." End result: confused developers who had code changed on them, extra code written to support additional classes, angry developers, adversarial relationships, hostile work environment, and, eventually, employee turnover.

Blind adherence to Best Practices is a Very Bad Thing. You need to have a compelling reason to do so. If you're doing it just for the sake of doing it, you're shooting yourself in the foot, and likely pissing people off in the process.

The same is true if you're just blindly grabbing hold of The Next Big Methodology. We're inundated with methodologies in this business. Test Driven Development, Refactoring, Visual Modeling, Big Upfront Design, the Waterfall Method, Use Cases, Agile, Extreme Programming, and on and on and on. Every one of them involves risk. The risk is largely due to the fact that there are people involved, and people tend to clash, especially when they're under pressure. So you can't just foist any old methodology on them; them you have to pick the one that's going to work best for them, given the number of people that you have, the resources at your disposal, the time you have, and the project you're doing.

And let's be very clear, people: There is no Silver Bullet Methodology.

A few months ago, I responded to a thread on the Braidy Tester (a great site, love Michael Hunter's stuff) that blind adherence to "best practices" and adoption of "The Next Big Thing" without adequate analysis of the risks involved was unwise. I contended that sometimes you had to deviate from what everyone else was doing and develop your own customized methodology that might be a hodgepodge in order to get the job done, because what worked for ABC corporation didn't necessarily work for Your Real World Company, Inc.

A Microsoft Developer, who shall remain unnamed, said, in short, that I had an amateur opinion.

But the truth is that I've watched a lot of folks (and entire companies) become Best Practice Zealots, and turn this whole thing into a Fundamentalist Religion. Best practices and methodologies are supposed to help you get your job done better, faster, on time, within budget, and according to specification and customer expectations. They aren't supposed to be an iron rod with which you can bludgeon everyone around you. Too many companies are willing to just snatch up the next Silver Bullet Methodology and apply it without determining whether or not it fits their business model, their project, or their customer.

If you're going to embrace "best practices" remember this: they're guideposts, sitting on the side of the road, pointing you towards success. If you're using methodologies, they're supposed to be the route that gets you where you're going without hitting any tolls, construction sites, congestion points, and so on. Best practices and methodologies are supposed to be used together, to get you where you want to go: to a successful product delivery, with the whole team, the client, and the product intact. If anything is going awry, be willing to reevaluate your selection of practices and methodologies.

Caveat: Don't switch methodologies in the middle of the project. Jeesh. I'm not that stupid. (Though I can see where some people might think so.)

Dew is to Water As Want is to Need

On a recent Coding Horror entry, Jeff Atwood brought up a really interesting point about the power of observing users versus asking them. Paraphrased, what users actually want is typically not what they think they want or tell you they want.

It's funny and sad because it's true.

It took me a long time to understand the difference between want and need. I may want a nice, tall fizzy bottle of Mountain Dew, but my body needs water. It doesn't need Mountain Dew. Sure, Mountain Dew tastes better, and I like the fizz, and I look way more cool when I'm holding it, but I don't need it. I need water to hydrate my body and keep me numbered among the living. There's a big difference.

Similarly, when users tell you they want a piece of software that does X, Y, and Z, what they usually need is something that does A and B. (Usually, A and B are something on the order of "It works well" and "It doesn't corrupt my data.")

Nonetheless, trying to get users to tell you what they need is akin to extracting molars from a chicken. It's nearly impossible. They'll give you something like this:

• It has to look really good. You know, like SILF. (Software I'd Like to @#$%)
• It has to be fast. Really fast. Like, it has to be so fast that I get whiplash when it starts up.
• It can't hoard memory. Cuz I'm using Windows 98. In fact, can you make it use no memory at all?
• It has to be secure. Really secure. Like, Fort Knox secure. Oh, but I want to be able to pass it around on the Internet and share it with all my friends. Or on a USB drive. Or whatever. Ooh! BitTorrent!
• It has to be a Web app to. With Flash. In fact, do it all in Flash. But I have to be able to use it on my cell phone. And on my XBox. And FireFox. FireFox totally pwnz Micro$oft.
• Everything has to be done in my company's colors: Black and brown. I want all the text in this really cool dark brown color, and the background all has to be black! It's bitchin'! And flames everywhere! And I have this cool soundtrack I want to play throughout the whole thing! And every button should be a different color, and they should make machine gun sounds when you click them! And then explode with a giant fireball!
• I've only got a budget of $500.
• I need it by Friday.

Oh, God. The horror. The humanity!

While this list is obviously heavily laden with hyperbole, it's not too far from the truth. A completely user-driven set of application specifications, expressing their wants would likely provide nothing that they needed. At some point, you have to realize that users are, in fact, dreaming about toys.

In the end, software is about enabling users to get their work done faster and easier with a minimal amount of hassle. But users don't know that. Largely, they think it's about fun. Not all software is a first-person shooter or a massively multiplayer online role-playing game. (Sadly.) As a member of a software team, it's our job to identify their needs, and create software that meets those needs without getting sidetracked.

If you're starting a new system from scratch, don't waste your time asking the users what they want; ask them what they need. Explain the difference to them. (Begin by making sure you understand it yourself.) Explain that everything that isn't needed that is added to a product incurs additional cost and delays the delivery of the product, and that someone has to pay for it.

Build systems into your products to monitor which features are being used the most. Don't trust users to tell you. They aren't thinking about it. This kind of information is very useful for determining where to spend your time improving the product. It's also useful for identifying features that you think are critical (in business applications, especially) that should be used, but aren't being used. You can figure out why they aren't being used and target those areas for resolution.

If you write a solid subsystem like that for your software, you won't have to rely on user feedback, which isn't always reliable. A solid monitoring system will not lie to you. And that information will help you make much more intelligent decisions in the future. It's a question of silently observing the users as they actively use the product, instead of asking them about it after they've done so. All of us have a pretty short attention span when it comes to software use. I have no idea what the most used commands are in any given software package based on my own usage scenarios. For that reason, you couldn't ask me to tell you what commands or features I use and get a meaningful answer from me.

So think about whether or not you need it. If you do, invest the time to do it. But don't do it because you want it. Do it because you need it.

Dew? Or water?

Everything I Need to Know about Debugging I Learned from CSI

I started to write this blog entry a few months ago, but it quickly got out of hand. With a little encouragement from a tester at Microsoft I was encouraged to publish it to a magazine, but things at work got out of hand, and I just never found the time. Since I am the quintessential procrastinator, I've decided to just publish it here, so that it will at least get published in some form. So, without further adieu, I present it for your general amusement.

—Mike

Okay, I admit it. I'm a CSI dweeb. No, I don't like CSI: Miami (it blows). I like the original CSI. And although all of those shows are equally implausible and unrealistic (let's face it, no CSI team is that thorough, that precise, or that good), the very premise of crime scene investigation and its parallels to defect resolution hit me like a ton of bricks recently.

At first thought, it's just a corny idea. But then, the more I thought about it, the more I realized that the idea isn't as silly as it sounds. I thought about writing this article as a parody, but when I set out to do so, it didn't turn out that way.

Some folks might look at this and laugh their butts off. But read it, think about it, chew on it, and then, after you're done, if you still think the parallels aren't striking, go ahead and laugh.

The Basics of Crime Scene Investigation and Defect Resolution

We’ve all done the dirty work in software development: defect resolution. In many companies, it’s the first place where new developers are unceremoniously dumped when they are brought on board. The thinking is that it will familiarize them with the product. “You’ll learn the code!” they say. “Then you can move into the development.” These poor saps are armed with reams of source code, an IDE, and a compiler, and sent marching into the battlefield with a stack of defect reports and an order to make progress repairing a system with which they typically have no experience whatsoever.

This thinking is fundamentally flawed. You don’t want someone who doesn’t know a lick about a complex software system trying to resolve its defects. But that’s a subject for another article.

When confronted with a defect report, there are a certain number of predictable responses that tend to flash through every developer’s mind when he hears it:

1. “It’s an ID10T error.” This one’s my favorite. It can’t possibly be a defect in any code that I wrote. The user must have done something wrong. Everyone knows users are st00pid. I mean, just look at them. They’re like, lame. And stuff.

   In the Dark Ages, this might have flown, but this is the 21^st Century. There’s this thing called a presumption of innocence.

2. “We already fixed that.” Another keen insight. If it’s already fixed, why is it still happening? If it’s already been fixed, you’ll have to provide proof that it’s been fixed in a build in your test environment. If you can’t prove that, then what you’ve likely done is fixed the wrong thing and claimed victory. As we’ll see later, this will fall under the novel concept of “Convicting the wrong suspect.”

3. “He did what? You’re not supposed to do that.” Okay, let’s get something straight: just because a developer might not do something doesn’t mean that a user won’t. Users do unpredictable things all the time. And your lack of coding for it doesn’t mean that it’s not a defect. Holding the users at fault for being unpredictable is not an acceptable excuse. Inadequate code coverage in the test plan is a defect. Get used to it.

4. “It’s a known issue and we can’t do anything about it.” Okay, that’s marginally acceptable. Sometimes. But have you made an effort in the software to barricade the users from the effects? Trained them? Documented it? Why are users still running into it?

5. “I know exactly what causes that. Let me fix that right now.” The most fatal of all the answers. This knee-jerk reaction is what leads to reaction #2. This is always a bad response, and only in the rarest of cases is it ever right. I would estimate the chances of it being right as roughly equivalent to those of a stray cosmic ray setting off a nuclear disaster that ended the world within three seconds of your reading this sentence. Okay, that’s extreme. But you get my point.

   Defects resolved this way are rarely documented properly. Test plans are rarely updated to ensure that the fix is correctly tested. They’re just quietly slipped in, like an Easter egg, and no one is any wiser. The only thing that gives them away is that there’s a new version of the file in the source code repository. (You do have a source code repository, right?) And that’s assuming it’s the only change in that version of the file.

6. “Oh God. What now?!” Don’t even tell me this has never crossed your mind. We’re all swamped. Products slip, schedules get crazy, we work overtime, and work piles up. We try to prioritize, but things get missed. Defects get buried in a stack, and some of them just don’t get fixed. We don’t see defects as challenges, we see them as annoyances, burdens, more junk sitting on our plate when we’re already seriously overtaxed.

We all know that there’s more clever and witty responses out there. Some of them I just can’t put in print. But for the purposes of this article, I think we’ve painted a pretty accurate picture of defect resolution as it stands today: it’s viewed as a dull job, one that’s resented, a pain in the neck, and one that no one looks forward to.

Let’s face it. You have to essentially tell the developers that their code is broken. Or, you have to tell the users that they don’t know what they’re doing, or that there’s nothing that can be done, and that they just have to wait. Either way, it’s a no-win scenario for you. You always come out the bad guy. No one wants to cooperate with you, because they know that you’re only going to give someone bad news. If you’re new to the company, you probably don’t even know anything about the product to begin with, so you’re flying by the seat of your pants as well. And if your company is like most, you don’t have the best equipment or software to make finding those defects as easy as it could or should be.

Who the heck would want that job?

Now, turn your attention to another group of individuals who are stuck in the very same situation. Their job is no different. They have to do the same basic thing. They have to wade into a situation that they know nothing about, typically understaffed and underequipped, and determine whether or not a problem occurred. Then they have to accuse someone of being in the wrong, or telling both sides that no wrongdoing took place at all (potentially angering both sides). Through it all, their job is to figure out the who, the what, the where, the why, and the how of it all. Crime scene investigators do this every day. They wade into a new crime scene, knowing only that a crime may have been committed, that one or more suspects are at large, and they have a crime scene to work with. They’re given the evidence, and told to run with it. Sound familiar? It should.

Crime scene investigation is essentially the act of solving a complex problem: finding the truth in a vaguely described problem when you’ve got few hands, little money, a lack of resources, a finite amount of time, and every witness can be a suspect. At the end of each case, they have to render their findings, and simply state the facts, regardless of whether or not the victim or the justice system likes it. Sometimes they’re praised, sometimes they’re despised. But they’re frequently overworked and underpaid, and the amount of care they have to take to get their jobs done is mind-boggling. If they make a mistake that tampers with the evidence, an entire case can get thrown out of court.

The Process

The job of the crime scene investigator is to determine the following:

1. Whether or not a crime was committed.
2. If a crime was commited, what the crime was.
3. If a crime was commited, who committed it.
4. if a crime was commited, how it was commited.

You’ll note that the investigator is not responsible for prosecuting the crime. His job is simply to collect the evidence, analyze it, and form a theory that fits the facts and leads to the perpetrators of the crime (if any).

The crime scene investigator uses the scientific method to arrive at his or her conclusions. The American Heritage Dictionary defines the Scientific Method as:

n. The principles and empirical processes of discovery and demonstration considered characteristic of or necessary for scientific investigation, generally involving the observation of phenomena, the formulation of a hypothesis concerning the phenomena, experimentation to demonstrate the truth or falseness of the hypothesis, and a conclusion that validates or modifies the hypothesis.

In other words, “Prove it, buster.”

Here’s the gist of it: You need to gather the facts, form a hypothesis based on the facts, and then prove your hypothesis. In crime scene analysis, proving the hypothesis leads you to one or more suspects who is or are more than likely guilty of committing the crime. You don’t rely on the “hunch.” Hunches put innocent people behind bars, wasting taxpayer dollars, and getting cases thrown out of court or convictions overturned on appeal.

In defect resolution, the same practice applies. You gather the facts, determine whether or not an actual defect exists, and then review the facts to create a theory. Then you prove the theory. If you can’t prove the theory, you don’t have a case. You’ll likely fix the wrong code, incorrectly mark it as “not reproducible,” “by design,” or “user error,” or fix part of the problem while the other parts that contributed to the problem remain uncorrected.

As a CSI conducts his investigation, certain guiding principles govern the way that the investigation is conducted. These are:

• Humans lie and make mistakes; evidence doesn’t. When you can’t rely on the witnesses, keep going back to the evidence to find the truth.
• You always want to convict the guilty party. You never want to convict the wrong party of the crime. When you do get a conviction, you want it to stick; you never want it to be overturned on an appeal.
• Your first suspect is usually not the right suspect. Knee-jerk reactions tend to be wrong, and based on faulty assumptions. Careful evaluation of the evidence leads you to the right suspect(s).
• You want to convict all of the guilty parties, not just one or some of them.
• Don’t be swayed by your emotions or personal involvement. Always remain detached and objective.
• Expensive tools aren’t always required to analyze the evidence. Sometimes, it’s simple tools that can be found at our fingertips every day that will do the trick.
• Patience and persistence rule the day.
• There ain't nothin' glamorous about this job. It's full of blood, gore, hate, anger, greed, fecal matter, tire tread, and a lot of pavement. No one ever cooperates willingly, but they all want answers now. And no one is ever guilty. Get used to it.

So without further adieu, let's see how the CSI process parallels defect resolution. Hold onto your butts people, it's going to be a bumpy ride.

The Process

Identify the Crime

Any time an alleged defect occurs in your product, treat it as a crime. After all, some part of your code has theoretically failed to meet its contractual obligation to the end user (or, so we’re assuming for the purposes of this article). You’ll first want to know what this alleged crime was. Was data corrupted? Did the software simply vanish off the screen? Did an error message appear? Did the screen lock up? Was sensitive data compromised?

Once you identify the crime, you'll need to categorize it. Its severity helps you to determine how quickly it needs to be resolved.

It's important to note, however, that at this point, you don't know that a defect has actually occurred. All you really know is that something happened. You still have to prove that it's a defect. So you start taking copious notes. This is why you need a defect tracking system. You need a place where you can record as much information about the event as you possibly can--preferably in one place.

Identify the Victim and Witnesses

The victim and witnesses provide valuable insight to what happened when the crime occurred. But it’s important to realize that witness accounts tend to be fuzzy at best.

Crimes and defects tend to catch people by surprise—they’re usually not paying close attention when these things happen, and the panic factor is pretty high, so relevant and often important details tend to escape their notice. You’ll still find their input valuable for recreating the series of events that led up to the event, and certain general information about it; but you will do well to remember that witnesses typically are not an authoritative source of information.

Identify the Crime Scene

When an alleged defect occurs in your product, treat the event as a crime scene.

You’ll want to know where and when the event occurred, what version of your product was being used, what OS it was being used on, what browser was being used, any plug-ins or service packs applied, what the user load was at the time, and so on. Any of these might have a bearing on the crime that was committed. You’ll need to know this information so that you know exactly which version of your software to use when you recreate the "crime scene" later.

Preserve the Crime Scene

It is absolutely imperative that you preserve the state of your software while you are attempting to identify the cause of the defect that occurred. If the environment is changing, someone is tampering with the evidence, and the evidence can no longer be relied upon to point you to the right suspect.

This is why a solid revision control process is critical to defect resolution. Every build must be labeled in your source code repository so that you can recreate it, and test it for defects. You must be able to recreate the environment later, and that means being able to use the same version of the software that the defect occurred in. You’ll hopefully have the means to do it on the same OS, with the same browser and plug-ins that the victim was using, but that’s not always feasible due to cost constraints. But having access to the source code that was used to create the software is absolutely essential. Your suspect may be hiding in there somewhere.

Collect the Evidence

The evidence is what you will base your findings on. Everything else will be ignored, because only the evidence can be relied upon to tell you the truth. Evidence includes the source code for the build in question, a fresh copy of the database, any exceptions that occurred, event log entries, data files, screen shots, and other output from the software generated at the time that the defect occurred.

Do not include email communications as evidence unless they were system-generated; interpersonal communications are testimony, not evidence.

Collect Testimony

Testimony includes emails, voice mails, and oral accounts from users that describe what happened when the defect occurred. It is vitally important to note that testimony is not evidence. Rather, testimony helps you to evaluate the evidence. Testimony is subject to witness credibility and the fallibility of human recollection.

That probably sounds pretty harsh, but it’s a simple statement of fact. As we’ve mentioned before, folks tend to be caught off guard when something goes wrong. They aren’t expecting someone to snatch their purse, jack their car, or corrupt their data. It takes them by surprise. Consequently, they don’t tend to be looking for the vital details that you need from them when you are trying to figure out what happened. They’ll tend to remember vague details, but not the specifics.

There’s also the uncomfortable truth that we simply don’t like to admit that we might have done something wrong. So we’re reluctant to divulge information. And we’re emotional when our data is corrupted or software that we’re required to use doesn’t behave as it’s supposed to and we’ve got tons of work to do. We get angry, even hostile. It’s human nature. We all do it. But the net effect is that our testimony in those situations isn’t always as objective as it might be. It’s subjective, defensive, and guarded.

Finally, witnesses can only tell you what they saw, not what happened internally. If it were a medical condition, we would say that they saw the symptoms, and not the underlying disease. As a professional, you don’t want to treat the symptom; you want to root out the disease. But a witness can’t tell you anything about the disease because she simply can’t see it.

So the witnesses’ testimony helps you to evaluate the evidence, but it isn’t evidence in and of itself.

Be careful, however, that you do not treat witnesses with hostility. Just because witnesses may not be accurate sources of information does not mean that they are dishonest sources of information. Always treat them with respect and understanding. Remember the golden rule when interviewing the witness: You’ll get more with honey than you will with vinegar.

Analyze the Evidence

Once you have all of the evidence, you must analyze it to determine what happened. Sometimes, the crime that was reported turns out not to be the crime that occurred. It turns out to be the wrong crime altogether. Or there was no crime at all. Careful analysis of the evidence determines whether or not a crime occurred at all; if one did, analysis of the evidence determines when it occurred, where, and who the likely suspects are. You can use the testimony to evaluate the evidence, such as to reconstruct the order of events that led up to the crime in question. But, again, do not treat the testimony as evidence.

You should use every available tool at your disposal to evaluate the evidence, including your application’s debugger, tracing tools, the event viewer, query tools, hex viewers, file parsers and viewers, system diagnostic utilities, network utilities, and so on. Expensive tools aren’t always required. A simple text editor is often sufficient for viewing data files, and a baseline graphic editor will suffice for viewing graphics files in most cases. Wherever possible, use the simplest tool that will accurately evaluate the evidence before you. There’s no need to inflate the costs of your investigation.

The outcome of your analysis should be a theory of the crime. You should have one or more suspects: the portion(s) of your code or the external components that caused the defect.

The next step is not to rush off and fix the code. Rather, you need to prove your theory. After all, you want to convict the suspect, and you want to convict the right suspect. And you don’t want to put this suspect in jail, only to find out that the same exact crime is being committed by another suspect that you hadn’t considered. This is especially true if your suspect is the victim.

Recreate the Crime

So now you have a theory. You just have to prove it. And you have to prove it beyond a reasonable doubt. So, you have to recreate the crime scene, and then walk through the crime itself. That means putting the victim and the witnesses back where they were at the scene of the crime, and taking all the steps that lead up to the moment when the crime occurred.

At the end of the recreation, if your theory called for one suspect, there can only be one suspect who contributed to the crime. If there’s more than one suspect at the end of your recreation, you’ve got a problem. If, in the course of recreating the crime you find that some other unexpected entity was involved, you need to go back to the evidence collection step, and start over. You’ve got another suspect out there somewhere that you didn’t know about.

Once you’ve identified all your suspects and you are reasonably sure you can prove they are the cause of the problem, you need to verify that your theory cannot be disproved. Is there any possible way that the crime could have been committed by another suspect? After all, that’s what a defense attorney would claim; the defense is going to do everything in their power to shoot your case full of holes. You want to be absolutely sure that your case is ironclad. As a developer attempting to identify the cause of a defect, you want to make sure that you’ve eliminated all the possible causes of a defect. Is there any other way that this defect might be caused that you haven’t considered? If there are, you need to account for them.

One last caveat: Never make the assumption that the victim is the suspect; conversely, never assume that the product is the suspect. Prove it. Be sure. And make sure that the evidence proves your case. Don’t rely on hunches or speculation. Neither the end-users nor the developers are going to appreciate being accused of being in error. If the suspect is an external entity, the developers are even less likely to be happy, because you’ve just identified extra work for them; be absolutely certain you have the facts to back up your case.

If you cannot disprove your theory, you’re ready to move on and prepare your case.

Prepare Your Case

Document everything. Preserve the evidence. If this case ever presents itself again, you’re going to want to know what you did to research it. A decent defect tracking tool is invaluable in this regard. If you lack one, there’s no reason you can’t keep it in your source code repository (unless there’s a storage limitation on it).

Even if you can’t identify the suspect, and this case is unsolved, you can keep this one in your Cold Case Files. If it rears its ugly head again, you can reopen the case and you’ll have all that evidence from the previous investigation at your disposal.

Obtain a Warrant

Now, with evidence in hand, and a solid provable case, you’re ready to obtain a warrant for the suspect. Up until now, you haven’t had enough to do that. But with the evidence, which doesn’t lie, and a thoroughly documented case, you can make your case to the development team. You’ll have the information to convince them that a defect exists, or it doesn’t.

Carefully lay out the facts, tell them what happened, how you determined that it occurred, and how you eliminated all the other possible suspects. Rely on facts, not conjecture. This is where your personal detachment is critical. You’re not supposed to be on their side or the users’ side. You’re on the truth’s side.

If no defect exists, say so. If one does exist, say so. Don’t make an issue out of it or point fingers. Simply state the facts. Be sure to point out how severe the issue is in terms of data corruption, application downtime, usability and so forth—so long as those pieces of information are based on facts and not opinions. These pieces of information will help the project team decide how quickly the defect should be resolved.

Arrest the Suspect(s)

Once the development team is convinced that the defect is real, the development team will take the information you’ve collected and use it to prioritize and correct the defect. This particular defect should no longer victimize anyone. Once the defect is resolved, the case is closed.

In Closing...

Most developers are constantly burdened with having to research and resolve defects. I know I am. But the problem is that we tend to treat them as annoyances. We don't see them with the weight that they deserve. To us, they're just "something that went wrong" and need to be addressed. So we quickly glance at the code, make a best guess and accuse the first suspect that walks by. All too often, we accuse the wrong suspect. Just as frequently, we take the defect report that’s given to us, add it to the growing list of things to do, and hope to get around to it at a later date when “more pressing concerns” don’t occupy our attention.

Perhaps the problem stems from how we view defects. Perhaps we see them as just another blip on the radar—another defect. I suspect that as developers we tend to think of defects solely in the light of the code base, and rarely in the light of the victim: the end user affected by the defect itself.

But what would happen if we changed our thinking by creating teams that viewed defects as offenses against victims that set out to prosecute or acquit the suspect by collecting the evidence and evaluating the testimony from witnesses? By elevating the perceived seriousness of the defect, perhaps we can increase the desire to get them corrected, and get them corrected correctly the first time. Too farfetched? Corny? Maybe. Maybe not.

Don’t make the mistake of thinking that I’m advocating the creation of a real CSI unit in your software shop or IT department (that would be an absolute disaster and insanity in and of itself). I don’t think you need to treat end-users as hostile witnesses. What I am advocating is the application of the scientific method to the resolution of defects: Know the difference between evidence and testimony and the value of proving your case. It’s likely to be far superior than scratching the first itch that irritates you. Think your way through a defect; get serious about resolving it correctly, deterministically, cost-effectively. There’s nothing in that statement that detracts from code quality. In fact, it enhances it.

I would hope that we all want to write better, more stable software, and that when defects are found, we'd address them quickly and with a minimal amount of cost. Part of minimizing that cost is identifying the right cause of the defect the first time.

What started out as a parody for me led me to rethink my process for defect resolution. There are ways that I can tighten it up, and improve my process. I might get laughed out of the door, but when it comes down to it, the only real thing that matters is whether or not I nailed the real perpetrator, and did so more efficiently than I did before. And isn't that the whole point of this exercise?

Guiding Principles for Software Projects

If you haven't seen this blog post from Patrick Cauldwell, you should. In it, he lays out the guiding principles he's following on the project he's working on. (Credit to Scott Hanselman, where I found the link.)

Take a gander at it. It's a truly excellent and thorough list of principles, and it's one I plan to post near my desk (especially given recent posts I've made). You may not be able to achieve every one of them, but it's not the achieving that's important--it's the effort. It's getting the darned thing started.

Creating My Own Personal Hell

In today's excellent post, Jeff Atwood blogs about the classic development process mistakes. He provides this handy list, which I will blatantly repeat here:

People Mistakes	Process Mistakes	Product Mistakes	Technology Mistakes
Undermined motivation Weak personnel Uncontrolled problem employees Heroics Adding people to a late project Noisy, crowded offices Friction between developers and customers Unrealistic expectations Lack of effective project sponsorship Lack of stakeholder buy-in Lack of user input Politics placed over substance Wishful thinking	Overly optimistic schedules Insufficient risk management Contractor failure Insufficient planning Abandonment of planning under pressure Wasted time during the fuzzy front end Shortchanged upstream activities Inadequate design Shortchanged quality assurance Insufficient management controls Premature or too frequent convergence Omitting necessary tasks from estimates Planning to catch up later Code-like-hell programming	Requirements gold-plating Feature creep Developer gold-plating Push me, pull me negotiation Research-oriented development	Silver-bullet syndrome Overestimated savings from new tools or methods Switching tools in the middle of a project Lack of automated source control

I was horrified when I saw that list. I've seen it before, of course, being a big fan of Steve McConnell's works. But seeing the list put there like that, so succinctly, gives me this sinking feeling in the pit of my stomach. I think the project I'm on is guilty of almost every one of those. The problem? I'm the sole developer on it (admittedly, however, not by choice).

I was thrust into this project from day one with a completely unrealistic schedule, no requirements, no goal, no vision, no contact with the users, no management team, and no freedom of movement in the tool selection. When it comes down to it, I have to fill all the roles in the project: I have to be the DBA, the software engineer, the business analyst, the architect, the web designer, the project manager, the customer support representative, QA engineer, the risk manager, the technical writer, the release engineer, and the software developer.

I get paid to be the software developer. It's my job title. I'm not particularly very good at much else; I slog my way through the rest of the roles. In three years, I've been pulling my hair out to delivery *everything* related to the project, and as a result, every facet of the project has suffered. The code quality has never been what I would have liked it to be. In this particular case, the old adage, "Jack of all trades, master of none," has certainly proved to be true. My inability to specialize in my chosen field has prevented me from being able to deliver code of a superior quality; instead, I've delivered substandard products across the board: code, product, documentation, and customer service.

Our process is haphazard at best. I am constantly rushing to get the builds out according to a quarterly schedule. The customer seems to want to get the builds as quickly as possible. I never have time to fully regression test the builds. The customer wants to constantly shortchange the testing time in order to get the builds in their hands. So, I get them the builds when they want them, giving them the caveat that I *know* there are bugs in it. I ask them to fully test the build from end to end. But they never do. They find a handful of bugs and throw it back to me, insisting that the bugs they've found must be fixed before they will continue testing. The company will not hire a QA or testing staff because they believe that I can do it all. So I have to stop my work, resolve the handful of defects the customer has found, and rush that bug fix build out the door. Again, the customer wants that build as quickly as possible--without sufficient time allocated to me to regression test it. So I give it back to them, and they shortchange their own testing again. And the cycle repeats itself.

The customer seems to think that the entire problem rests at my feet. Perhaps it does. I don't know. I'm just tired of being shortchanged on the testing time, the lack of hands to help with the testing (even if it's temp assistance), and the proper prioritization of testing in the development process. You CANNOT shortchange testing in software development. The number of defects in this project has soared out of control because the customer will not allow me to take the time to test it fully, nor will they fully test it themselves.

Each time they get a build, they insist on getting an update to the test scripts, which I dutifully try to update--but they don't give me enough time to complete them--so they get partially updated test scripts. Even then, I know that they aren't using them. How do I know this? Because when I use the test scripts to test the software, I find defects that aren't reported in our defect tracking system. I know they aren't using them. So why do they demand that I prepare them for them? Are they using them as some sort of ego-bloating paperweight on their desks? I know the work has to be done, but dammit, why isn't sufficient time allocated for it?

I cannot tell you how many weeknights and weekends I've given up for this project. And it's not like I'm getting paid overtime for this stuff. I have no personal life. And "thank you" and "good job" is simply not enough. I don't get paid for all the other hats I wear. I get paid to be a software developer. I don't get paid to be the the DBA, the software engineer, the business analyst, the architect, the web designer, the project manager, the customer support representative, QA engineer, the risk manager, the technical writer, and the release engineer. And management doesn't see that. All they see, every time I bring this up, is that the customer is apparently "happy" and that I can always be relied upon to get the work done.

Of course I can. I'm killing myself to get it done. It's Classic Mistake #4: Heroics. The company thinks I'm freaking Superman.

My God. What have I done?

To a large degree, I led the company to that opinion. I took on too much work. I let them believe that I could do it. But eventually, I started pushing back when I realized my mistake. I set realistic expectations about what could and could not be done. The course was reasonably corrected.

But in every project, in every organization, there is a certain Wall. Beyond that Wall ye shall not pass. It is the Wall of Absolute Resistance, and no amount of pushing, pleading, or reasoning will avail you. The forces on the other side are simply not reachable.

You can preach best practices until you're blue in the face, and some organizations will simply not see the light of day. You can talk about automated unit testing and they won't care. You can talk about investing more time in testing, to reduce the costs of defects as early as possible, and they'll still be more interested in beating a competitor to the market with a bug-riddled application than they will be in sparing users a frustrating experience and corrupting their data. You can tell them that you are going to have to bring on more hands earlier in a project to ensure its success, and they'll be more worried about the costs of the new employees' benefits in the short term than they will be about the rapidly escalating costs of the software's development and maintenance in the long term.

What do you do in an organization like that? What should I have done? The short answer is this: I don't know what I should have done in the past. It's been a valuable learning experience for me, that's for sure. In newsgroups, people have told me they envy me my position, that it's great job security. My response to them these days is this: I can live without this kind of security.

In the future, if a company offers me a job and tells me I'll be the sole developer, I'll walk away from the offer. I'll never do this again.

Some folks have claimed that it presents the great opportunity to establish your own process. In my experience, there is no process in a team of one. There's nothing in place to hold off the torrents of work that come your way. There's no one to correct you when the urge to gold-plate the code comes along. There's no one to review your code. There's no one to ensure that your code is checked in on time, labeled properly, unit tested regularly. There's no one to ensure that you're following a coding standard. There's no one to monitor your timeliness on defect correction. There's no one to verify that you're not just marking defects as "not reproducible" when, in fact, they are. There's no one to double-check your estimates, and call you on it when you're just yanking something out of your ass.

There's no one to pick up the slack when you're sick, or away on a business trip. There's no one to help out when you're overworked, sidetracked with phone calls, pointless meetings, and menial tasks that someone springs on you at the last minute and absolutely must be done right now. There's no one to bounce ideas off of, no one to help you figure your way out of a bind, no one to collaborate with on designs, architectures or technologies. You're working in a vacuum. And in a vacuum, no one can hear you scream.

The insane hours, the stress, the loss of a productive life outside of your job--it's not worth it. I'm willing to accept all that I have done to create this scenario. And you can bet that I'll be doing everything in my power in the future to ensure that it doesn't happen again.

If anyone's reading this, let this be a lesson to you. Think hard before you accept a job as the sole developer at a company. It's a whole new kind of hell. If given the chance, take the job working with other developers, where you can at least work with others who can mentor you and help you develop your skill set, and keep you abreast of current technology.

Take my advice. Don't open that door. It leads straight to Hell.

Fighting Fire with Fire

Today, yet again, someone sent me a chain letter in my email.

I loathe chain letters. I've blogged about them. They're evil. They're vile. They're a waste of time. They clog up mailboxes. They make impossible promises and fill your head with touchy-feely nonsense. I'm sick of receiving them, and I think it's rude and impolite of folks to send them around to their friends out of some superstitious and selfish sense that they're going to improve their own wellbeing. And yet, my cries to have people stop sending them to me have gone unheard, unheeded. I am still receiving them. And I have noticed that the recipient lists only seem to be getting larger.

So I've capitulated. But I've decided to do it with a twist.

Every time someone sends me one of these damned things, I'm going to send them a link to my blog post about chain letters. And I'm going to CC everyone on the list.

So now, admittedly, I've become a hypocrite. But only for a short time. When I'm satisfied they've gotten the message, I'll stop. Until them, it's on, baby. Bring it!

So Now I'm an Uncle. Again.

My niece had her baby last night. So I'm an uncle. Again. I'm very happy for them. David (my nephew) is bursting at the seems, and I'm sure that Krissy (his bride to be) is relieved to have 6½ lbs. of kicking baby boy ejected from her womb. I can't wait to set eyes on the little guy. He's very healthy, and the mom's doing very well. David, of course, is acting like he did all the work. (Of course he is. He's a guy.)

As we're all sitting around in the afterglow of this glorious occasion, it hit me. I am supposed to be the baby's godfather. (Don't ask me why. I have no idea.) This comes from Krissy, the mom.

Now, it hit me yesterday that I had no idea what being a godfather entails. So, being the techy geek that I am, I looked it up in Wikipedia and found this lovely bit of news:

Traditionally, the godparents were counted informally responsible for ensuring that the child's religious education was carried out, and for caring for the child should he/she be orphaned. Today the latter duty is the most commonly recognized duty of a godparent, and the word "godparent" often no longer has religious overtones. The modern definition of godparent is an individual chosen by the parents to take a vested interest in raising a more complete human being. However, godparent is not a legal position, and should the parents seriously intend the godparents to act as foster parents in case of their death, this must be legally specified through the usual means (such as a will).

A godparent may, or may not, be related to the child. A child may have one or several godparents.

Oh boy. This is just fabulous. The idea that I'm supposed to be responsible for the kid's religious upbringing is, well, laughable. Certainly no one expects me to encourage a child to pursue a relationship with the Christian God. (They've got another thing coming if they do.) You won't find me doing anything of the sort. Rather, what you'll get from me is something along the lines of, "Young man, this is a pentacle. And this, this is a statue of the Goddess, and that is her consort. Ignore all this one male god bullshit."

It also bears noting that Krissy is of a distinctly Catholic background. So, being a glutton for punishment, I delved further into the article and read that as well:

In the Roman Catholic church, only church members who have undergone Confirmation are accepted as godparents. Someone who belongs to another Christian denomination cannot become a godparent but is known as a Christian Witness, with most of the regular role of a godparent. Non-Christians are not at all eligible to any religious role formalized by the Church. This is based on the view that the godparent-godchild relationship is not something which is just between the persons and God, but a whole-Church event wherein the Holy Spirit dwells.

A Godparent is regarded as a patron saint on earth, who prays for the newly baptised, looks after them spiritually and gives them guidance. The Catholic Church sees Baptism as an entry into the Kingdom of God, and entry into the Church.

Um, yeah. Sorry folks, none of that is going to happen. Prior to meeting The Guy, the only time I went anywhere near a Catholic priest was to have sex with him. I do NOT condone baptism of babies (it's pointless), I don't believe that priests are a conduit to God, and I flatly deny the authority of the Catholic church in all its forms. Hell, I don't even believe in Hell. (I didn't even believe in that bullshit when I was a Christian.)

Suffice it to say, I'm a completely unsuitable candidate for either a godparent, or even a Christian Witness.

What's a gay pagan to do? How do I break the news to the new mom that the Church likely won't even let me in the door, let alone serve as a godparent or "Christian Witness"? This ought to be interesting, to say the least.

So, in the short term, I'll sit here and muse over the imagery in my head, of buildings crumbling around me, crucifixes bursting into flames, holy water boiling, and nuns passing out, while the day approaches when I have to explain it to them. They'll be crushed, but I think they'll get over it. I'm certain there will be other fine candidates out there. I mean, after all, the Pope has dictated quite clearly who is and who is not acceptable in the eyes of God. All they have to do is get the checklist, right?

And there, at the bottom of the checklist, it will point out that you must be a bigoted, straight, white, rich, pro-life, guilt-ridden, married Catholic with children who can continue to line the coffers of the Church.

Clearly, I've failed the suitability test.

Enough is Enough

Okay, things are getting out of control. How many people are going to lose their jobs because people are offended over words?

MSNBC reported today that Isaiah Washington's contract on Grey's Anatomy was not renewed by ABC. (See here.)

The whole thing revolves around Mr. Washington having referred to T. R. Knight, a fellow cast member on the show, a faggot backstage during the Golden Globe Awards. This, of course whipped all the gay rights groups across the country into a furor. Many of them were just frothing at the mouth, and demanded an apology (rightfully so).

Mr. Washington did apologize. Further, he sought therapy, met with the activist groups (including the Gay, Lesbian & Straight Education Network and GLAAD), and made a public service announcement regarding the episode. He went out of his way to make amends. He certainly didn't treat this episode like it was no big deal.

But all of that is, apparently, not enough. In addition to doing all of that, he must, apparently forfeit his job before anyone will be happy. That pisses me off. This whole thing has gotten completely out of hand.

Look, I'm gay, and I get ticked off when someone throws words like "faggot," "queer" and "homo" around with every intent on insulting someone. But when that person makes an apparently honest and sincere effort to rectify the situation, I'm willing to give them the benefit of a doubt. Any reasonable person should be willing to do so as well.

But our society has become so ridiculously obsessed with this insane idea of political correctness that we single out these high-profile cases and decide to make examples of them. It's wrong.

People are entitled to say what they like. It's called free speech. We are also entitled to disagree. So what if the guy said something insulting? Get over it. We have become so soft that we've forgotten what it means to have the balls to just be adults, realize that those kinds of statements reveal something about the kind of people who say them, and shake it off.

Inevitably, someone will tout the whole "Words lead to violence" argument. Statistics, please. Give me hard facts and not your wild conjecture. I get enough unsubstantiated conjecture from the White House. Give the numbers and we'll debate that then.

Sure, words have power. But only if you let them. All we have to do is reach down, grab our genitals, and remember that we're not children. We don't run home crying to mommy every time someone says something mean to us. We deal with it like competent adults, and treat each other fairly. This reaction was way over the top.

Firing this guy (or, more accurately, opting not to renew his contract) was WRONG. It was overkill. Give the guy another chance. He's done all the right things to make it right. How many times can you bludgeon the poor guy with the same thing before you've made your point?

We're all just a bunch of cry-babies, and we need to get over it. It angers me to think that folks think that, because I'm gay, I support this decision. I don't. Give the guy his job back. Give him another fair chance. Let him prove himself. Any one of us would want to be treated the same way. Stop making a scapegoat out of him.

And for God's sake, people, grow a thicker skin.

The Evil Wiles of the Chain Letter

My mother recently got a chain letter in her email, and was telling me how she hates it when people send them to her. Certain friends and family members are notorious for forwarding them us, and it really peeves us off, because they're a complete waste of our time. We simply delete them these days. Unfortunately, in many cases, you have to open the email before you can determine whether or not its a chain letter. And by the time you've opened it, you feel utterly compelled to finish reading it. It's like a hypnotic effect.

Once you've opened a chain letter, it's contents are like road kill: you have to look. You can't help it. You don't want to look, but you have to. Your brain screams, "It's not right! Turn the other way! Close your eyes!" But your eyes stare fixedly at it while your mouth drops open in horror and bile rises at the back of your throat. When you've finished reading it, you're left with that feeling that you just got ripped off, like you paid to see Saving Private Ryan and instead got something on the order of Killer Beach Bimbos from Outer Space.

Chain letters have even moved away from the email format and evolved into MySpace comments. (I haven't checked out sites like TagWorld or any of MySpace's competitors, so I can't really comment on that.) Fortunately, MySpace comments are easily ignored. You can just customize the page to not display them.

Now, chain letters pose a number of problems, as I see it:

1. They waste the recipient's time. No one that I know likes to waste time reading them. I'd guess that those who do are also those who like to forward them, thereby propagating them and contributing to the misery of those who don't want to get them in the first place.

2. They clog up mailboxes. Most users have a finite amount of space in their mailboxes. When your mail box runs out of space on the mail server, the mail server refuses to accept mail for you until you start clearing out your mailbox. If your mailbox is full of spam, that tends to tick you off. No one wants to waste a limited amount of space on email that serves no purpose and that they'll just delete anyway. This is especially problematic if the chain letter includes images, audio, or video attachments.

3. They tend to contain deeply nested attachments. Because they are forwarded so many times, and due to the way that many email programs forward emails, the message is forwarded as an attachment: its text is not included in the body. This forces the user to open the attachment in order to read the message, which is often a risky proposition these days, since many casual users either don't use virus software or don't keep it up to date. However, every time the message is forwarded, the message is sent as an attachment, with a new message wrapper. So the new recipients have one more layer to click through in order to get to the actual message. By the time it's been sent ten or twenty times, which happens quite frequently, the real message is so deeply embedded in nested attachments that it's a chore to reach it. This is a highly annoying aspect of these messages, and it wastes lots of time.

   The fact that the messages are included as message headers also bloats the size of the email itself. Instead of simply including the text of the body, and using a single mail header, the email is sent as a file attachment, with the complete email header plus the complete email header for the new email. Now if I send it again, I get to create an email that contains a new email header, plus a new file attachment that contains the email header and text for the email I received plus the original attachment. The file's just gotten much larger. When my recipient forwards the file, it will get larger again. This causes the chain letter's overall size when sent across the Internet to grow every time it is forwarded.

4. They are propagated by exploiting human weakness. Chain letters aren't sent out by a mindless computer sitting in an air conditioned network operations center. Nor are they sent out by some hacker sitting in a dark room in his mom's basement somewhere. They are sent out by people who get them from their friends, and think they're cute, or touching, or emotionally stirring, and forward them on to their friends. They forward them on to the people that they think are most interested in them. And so, unlike spam, which dies when it hits a user's machine and (hopefully) goes to his or her recycle bin or junk email folder, the user keeps the chain letter alive by sharing it with his or her friends and coworkers. Further, the user sends it to multiple individuals, and those individuals do the same. So the chain letter is spread like a biological virus.

5. They are nothing more than personal, selective spam. Don't believe me? Dictionary.com defines spam as "unsolicited e-mail, often of a commercial nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups; junk e-mail." Now here, by "indiscriminately" we mean that the sender of a chain letter thinks that everyone wants to get the same chain letter that he or she did. "If I like it, certainly all of my friends and coworkers want to get it." So what does that mean, exactly?

   It means that the sender is distributing spam, knowingly and willingly, albeit naïvely. People have been sent to jail and fined for that because it's illegal in certain states. Why is it illegal? Because it annoys users, and wastes bandwidth and the recipients' resources. The biggest reason, however, is that it annoys users. This article shows that the vast majority of people want spam banned simply because it annoys them.

   By definition, spam is not required to be commercial in nature. That means that all those chain letters you get that promise you happiness, the good will of angels, good luck, blessings, prosperity, the love of your life within three days, your wish coming true, the prevention of bad luck, and on and on, are all spam. Most of us just haven't viewed chain letters in that light before.

And those are just the issues I can think of right off the top of my head.

While I'm at it, it isn't just novice users that get sucked into these emails. With address spoofing you can receive an email that looks perfectly legitimate, and you can start clicking on those attachments because it seems perfectly reasonable to do so. I've done it. My mom has done it. My coworkers have done it. You've typically already opened four or five layers before you realize what you've done and think to yourself, "What am I doing? This is obviously junk!"

So please, please, think before you send that next chain letter out. Those promises they make at the bottom of them are untrue. The threats they make are untrue. You control your own destiny, and no email is going to dictate it for you. Do you think that the destiny of the people that to whom you forward the email is going to be changed because you sent it to them?

You aren't helping anyone by forwarding these things. Point of fact, you're likely annoying more people than you're helping.

Do everyone a favor. When you receive a chain letter, delete it immediately. Then contact the person who sent it to you and politely ask them not to send them to you anymore.

Finally, Someone Dares to Say it

From an article highlighted on Digg:

Intelligent extra-terrestrials almost certainly exist on distant planets beyond our solar system, leading British astronomers told the government yesterday.The scientists expect that the first evidence of primitive alien life, such as microbes and vegetation, will emerge within 10 years, with more substantial finds following future space missions.

I can't believe that anyone with a brain larger than the size of a peanut believes that in a universe the size of ours, we're the only planet with life on it. Statistically speaking, the chances are astronomically remote that we're the only planet that harbors life. (Yeah, that's a cruddy choice of words. Sue me later.) It would be the height of human arrogance to think that our world is the pinnacle of evolution throughout the known universe, and to place ourselves at the top of the evolutionary food chain.

But hey, what do you expect from a bunch of talking apes? (Especially a world where the biggest, loudest, most idiotic chimp of all was "elected" the ruler of the most powerful tribe of apes.)

Anyway, when you take into account the size of the universe, and the number of worlds that we're starting to find, the chances of finding one with primitive life begin to rapidly increase. Every time we find a world with primitive life, the chances of finding one with more evolved life forms similarly increases. The further away from our world we move, the greater the chances of finding one with life forms similar to or more advanced than our own.

Does that mean they'll come zipping across the interstellar spaces in vast fleets of gleaming starcrafts to invade or embrace us? Hell no. They'll be just as constrained by the laws of physics as we are. But they're out there. Somewhere.

In my mind, the laws of statistics and probability are every bit as valid as the laws of physics.

read more | digg story

Out with the old, in with the new...

So this is it. I finally bit the bullet and decided I had had it with MySpace. That site just annoys the hell out of me.

I decided I wanted a personal blog. One that I could reach easily and use to keep in touch with my friends, keeping them up to date on the goings-on in my personal life, and rant about politics, religion, the massive gay agenda, and other unimportant things. So I made a MySpace page, and started blogging there.

For a while, it was nice. I like to have the freedom to blog spontaneously. A thought will hit me and I like to just fire it up and pour out my thoughts on a moment's notice. So it was very convenient.

But I've got to say, that place is nothing more than a cyber bathhouse. The amount of soft-porn spam I receive each week is ridiculous. "Hi! My name is Candy/Cindy/Trevor/Rick/Guadeloupe and you look hot! They won't let me show my real pictures here because they don't let you show nudes, but you can check them out on this site here...."

Oh my frickin' God, people. Give it a rest.

That place just skeeves me out these days. So I got fed up with it.

Then it occurred to me that I maintain a tech blog on Blogger (see The Essential Geek), and I update it constantly using Windows Live Writer, a very nifty little desktop application. So if the mood ever strikes me to blog about something technical, I just fire up Live Writer, blog it, and click the Publish button. Oila! Instant blog entry.

Why in the hell was I blogging about my personal life any other way? And why in the hell was I putting myself through all the crap that comes with MySpace? I know better. Sometimes, I'm convinced that I intentionally put myself through that kind of thing through some deep-seated need to punish myself for sins committed in a past life.

So I'm wiping that slate clean. I'll archive all the old blog entries, and keep them for posterity's sake. Then I'll take the MySpace page down. But this is where I'll start blogging about anything and everything important to me. You'll hear me talk a lot about The Guy: he's the man my world revolves around. You'll hear me rant about politics, religion, gay culture, philosophy, and just about everything in between. You'll agree, disagree, and likely not give a shit from time to time.

I'm looking forward to starting this all over. And I hope that, once in a while, a reader or two will have the guts to voice an opinion. Like it? Hate it? Don't care? Fine. But say something.