Coding Horror

programming and human factors

The Last PC Laptop

I've been chasing the perfect PC laptop for over a decade now.

Though I've tolerated lugging around five to seven pound machines because I had to, laptops were always about portability first and most of all to me. I quickly gravitated to so-called ultraportable laptops as soon as they became available. The first one was the 2003 Dell Inspiron 300M. It was the first laptop I found that delivered a decent 3-ish pound package without too many compromises. How I loved this little thing.

Inspiron-300m

But there was a downside to that 2003-era ultraportability – the default battery in the system provided about 2 hours of runtime. Switching to the larger battery extended that to a much more respectable 5.5 hours, but it also added a pound to the system and protruded from the rear a bit.

I've pursued the same dream of reasonable power with extreme portability ever since, with varying degrees of success. The PC industry isn't exactly known for its design leadership, and it can be downright schizophrenic at times. So if you were a fan of laptops that were actually thin and light and portable, it's been rough going for a long time. 2007's Dell XPS M1330 was a brief bright spot, but honestly, it's only in the last few months I've found an ultraportable that lived up to my expectations, one that I feel confident in recommending. That laptop is the Asus Zenbook Prime UX31A.

ASUS Zenbook Prime UX31A

Having lived with this laptop for about two months now, I can safely say it is without question the best PC laptop I've ever owned. Consider the Tech Report review and the Engadget review, both rave. Here's what you need to know:

  • Retina-esque 1920x1080 resolution in an amazingly high quality 13.3" IPS display
  • Intel's latest 17 watt Ivy Bridge processor with (finally!) decent integrated graphics
  • 128 GB SSD with fast 6Gbps interface
  • Just under 3 pounds
  • Decent 6 hour runtime
  • Classy brushed metal case and cover

All of this for about $1,050 at the time of writing. If you're suffering through a sub-par TN display on your current laptop, the awesome IPS display is almost worth an upgrade on its own. After switching to bargain Korean IPS displays on the desktop, I'm desperately hoping my poor eyeballs never have to endure another awful TN LCD display for the rest of my life.

This is a machine that pleasantly surprised me at every turn. The keyboard is solid feeling with a dimmable backlight, and the achilles heel of all PC laptops, the trackpad, is about as good as it ever gets on PCs. Which is to say still not great. Even the power adapter is classy, although highly derivative of Apple. While this is substantially closer to the ideal ultraportable hardware I've had in my brain since 2003, it still exhibits some of the same problems I experienced with that Inspiron 300M almost 10 years ago:

  • An operating system pre-loaded with useless craplets and pointless bloatware, all in the name of hypothetical value add by the vendor and/or marketing subsidies.
  • Several branding stickers I had to peel off the machine after I opened the box. (Note that the press photos for a machine never include these ugly stickers. Go figure.)
  • A trackpad that works kinda-sorta OK, but never quite inspires enough confidence that I can stop carrying an external mouse around in my laptop bag with me.

The first thing I did when I got the laptop was wipe it and install the Windows 8 preview, and soon after updated it to the final Windows 8 release. Despite all the grousing about the tablet-centric nature of Windows 8 – some of which is warranted, but can easily be ignored entirely – I am an unabashed fan of the operating system. It is a big improvement over Windows 7 in my day to day use. The more I use Windows 8 the more I believe it's the biggest step forward in Windows since Windows 95. So what I've put together here is probably the best, most platonic ideal form of Wintel laptop hardware you can buy in mid-2012.

(In the interests of full disclosure, I actually own two of these. One for my wife and one for me. Because I am an inveterate hotrodder, I had to have more memory and a larger, faster SSD. So I bought the UX32VD model which has a discrete Nvidia 620M GPU and, most importantly, can be upgraded internally. So I dropped in a Samsung 830 512 GB SSD and 8 GB DIMM. This led to a slightly oddball final configuration of 10 GB RAM and an internal embedded 32 GB SSD plus the 512 GB SSD. It hurts battery life by at least an hour, too. You should also know that the teeny-tiny Torx screws on the back of this laptop are not to be trifled with. Bring your jeweler's loupe. In case it wasn't already abundantly clear, let me spell it out for you: going this route is not recommended unless you are as crazy as I am. The base model is really nice! Trust me!)

If pressed, I might admit the combination of ASUS Zenbook Prime hardware and modern Windows 8 amenities lives up to the whole Intel "Ultrabook" marketing schtick. But I'm not sure that's enough any more.

Every time I leave the house – heck, every time I leave the room – I have to decide what kind of computer I'm going to take with me, if any. Besides the ultraportable laptops, I now own an iPhone 5, several retina iPads, and a Nexus 7. I'm sure there are many more of these devices on the way. In the calculus of deciding what kind of computing device I want with me, even the most awesome ultraportable laptop I can find is no longer enough. Consider:

  • Want 10 hours of real world battery life? Even when doing actual work that would ramp the CPU up? Many tablets and phones can achieve that magical 10 hour battery life figure, but it will be a long, long time before you reliably get that out of any ultraportable laptop. Personally, I blame x86.

  • Want to start doing stuff immediately? Even Windows 8, which has radically improved wake times, is laughably slow to start up compared to tablets and phones which are practically instant-on by design.

  • Want the smallest most portable device you can get away with? It's unlikely that will be a laptop, even an ultraportable, because of the implied keyboard and connectivity ports, plus the big screen and hinge. There is no form factor more compact than the touchscreen tablet. And you've got to take your phone along in any case, because that's how your family and loved ones will contact you, right? Have you seen the iPhone 5 benchmarks? It's faster than most tablets!

  • Want to be always connected to the Internet? Sure you do; how else can you get to Stack Overflow and Stack Exchange for all of life's essential questions? Then you probably need some kind of cellular support, for 3G or 4G or LTE or whatever the telephone companies are calling high speed Internet access these days. That is quite rare on traditional laptops, but obviously common on phones and much easier to find on tablets.

  • Want easy access? Just try opening a laptop on a crowded subway train or bus. Or with, say, 3 toddlers running around your house. I dare you. But phones and 7" tablets offer easy one handed operation; you can whip them out and fill whatever time you have available, whereas cracking open a laptop feels like a sizable commitment in time and space to doing something.

My laptop is increasingly a device I only take when I know I'll need to do a lot of typing, and/or I'll need a lot of screen space to work. But even a phone could do that if it had decent support for bluetooth keyboards and external displays, couldn't it? And even a few programmers, the audience who would most need all the power and flexibility of laptops, are switching to tablets.

I've waited 12 years for the PC industry to get its collective act together and, if nothing else, successfully copy Apple's laptop hardware designs. Now that they (mostly) have, I wonder: is it too late? Has the PC industry irrevocably shifted underneath them while they were so busy pumping out endless refinements to generic x86 boxes? I love this new laptop, and in many ways it is the perfect ultraportable hardware I dreamed of having in 2003. But every time I power it up and use it, I feel a little sad. I can't shake the feeling that this might end up being the last PC laptop I ever own.

[advertisement] Stack Overflow Careers matches the best developers (you!) with the best employers. You can search our job listings or create a profile and even let employers find you.
Discussion

Computer Crime, Then and Now

I've already documented my brief, youthful dalliance with the illegal side of computing as it existed in the late 1980s. But was it crime? Was I truly a criminal? I don't think so. To be perfectly blunt, I wasn't talented enough to be any kind of threat. I'm still not.

There are two classic books describing hackers active in the 1980s who did have incredible talent. Talents that made them dangerous enough to be considered criminal threats.

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
Ghost in the Wires: My Adventures as the World's Most Wanted Hacker

Cuckoo is arguably the first case of hacking that was a clearly malicious crime circa 1986, and certainly the first known case of computer hacking as international espionage. I read this when it was originally published in 1989, and it's still a gripping investigative story. Cliff Stoll is a visionary writer who saw how trust in computers and the emerging Internet could be vulnerable to real, actual, honest-to-God criminals.

I'm not sure Kevin Mitnick did anything all that illegal, but there's no denying that he was the world's first high profile computer criminal.

Kevin Mitnick FBI wanted poster

By 1994 he made the FBI's 10 Most Wanted list, and there were front page New York Times articles about his pursuit. If there was ever a moment that computer crime and "hacking" entered the public consciousness as an ongoing concern, this was it.

The whole story is told in minute detail by Kevin himself in Ghost in the Wires. There was a sanitized version of Kevin's story presented in Wizzywig comix but this is the original directly from the source, and it's well worth reading. I could barely put it down. Kevin has been fully reformed for many years now; he wrote several books documenting his techniques and now consults with companies to help improve their computer security.

These two books cover the genesis of all computer crime as we know it. Of course it's a much bigger problem now than it was in 1985, if for no other reason than there are far more computers far more interconnected with each other today than anyone could have possibly imagined in those early days. But what's really surprising is how little has changed in the techniques of computer crime since 1985.

The best primer of modern – and by that I mean year 2000 and later – computer crime is Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground. Modern computer crime is more like the classic sort of crime you've seen in black and white movies: it's mostly about stealing large sums of money. But instead of busting it out of bank vaults Bonnie and Clyde style, it's now done electronically, mostly through ATM and credit card exploits.

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground

Written by Kevin Poulson, another famous reformed hacker, Kingpin is also a compelling read. I've read it twice now. The passage I found most revealing is this one, written after the protagonist's release from prison in 2002:

One of Max’s former clients in Silicon Valley tried to help by giving Max a $5,000 contract to perform a penetration test on the company’s network. The company liked Max and didn’t really care if he produced a report, but the hacker took the gig seriously. He bashed at the company’s firewalls for months, expecting one of the easy victories to which he’d grown accustomed as a white hat. But he was in for a surprise. The state of corporate security had improved while he was in the joint. He couldn’t make a dent in the network of his only client. His 100 percent success record was cracking.

Max pushed harder, only becoming more frustrated over his powerlessness. Finally, he tried something new. Instead of looking for vulnerabilities in the company’s hardened servers, he targeted some of the employees individually.

These “client side” attacks are what most people experience of hackers—a spam e-mail arrives in your in-box, with a link to what purports to be an electronic greeting card or a funny picture. The download is actually an executable program, and if you ignore the warning message

All true; no hacker today would bother with frontal assaults. The chance of success is miniscule. Instead, they target the soft, creamy underbelly of all companies: the users inside. Max, the hacker described in Kingpin, bragged "I've been confident of my 100 percent [success] rate ever since." This is the new face of hacking. Or is it?

One of the most striking things about Ghost In The Wires is not how skilled a computer hacker Kevin Mitnick is (although he is undeniably great), but how devastatingly effective he is at tricking people into revealing critical information in casual conversations. Over and over again, in hundreds of subtle and clever ways. Whether it's 1985 or 2005, the amount of military-grade security you have on your computer systems matters not at all when someone using those computers clicks on the dancing bunny. Social engineering is the most reliable and evergreen hacking technique ever devised. It will outlive us all.

For a 2012 era example, consider the story of Mat Honan. It is not unique.

At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and years ago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years. My guess is they used brute force to get the password and then reset it to do the damage to my devices.

I heard about this on Twitter when the story was originally developing, and my initial reaction was skepticism that anyone had bothered to brute force anything at all, since brute forcing is for dummies. Guess what it turned out to be. Go ahead, guess!

Did you by any chance guess social engineering … of the account recovery process? Bingo.

After coming across my [Twitter] account, the hackers did some background research. My Twitter account linked to my personal website, where they found my Gmail address. Guessing that this was also the e-mail address I used for Twitter, Phobia went to Google’s account recovery page. He didn’t even have to actually attempt a recovery. This was just a recon mission.

Because I didn’t have Google’s two-factor authentication turned on, when Phobia entered my Gmail address, he could view the alternate e-mail I had set up for account recovery. Google partially obscures that information, starring out many characters, but there were enough characters available, m••••n@me.com. Jackpot.

Since he already had the e-mail, all he needed was my billing address and the last four digits of my credit card number to have Apple’s tech support issue him the keys to my account.

So how did he get this vital information? He began with the easy one. He got the billing address by doing a whois search on my personal web domain. If someone doesn’t have a domain, you can also look up his or her information on Spokeo, WhitePages, and PeopleSmart.

Getting a credit card number is tricker, but it also relies on taking advantage of a company’s back-end systems. … First you call Amazon and tell them you are the account holder, and want to add a credit card number to the account. All you need is the name on the account, an associated e-mail address, and the billing address. Amazon then allows you to input a new credit card. (Wired used a bogus credit card number from a website that generates fake card numbers that conform with the industry’s published self-check algorithm.) Then you hang up.

Next you call back, and tell Amazon that you’ve lost access to your account. Upon providing a name, billing address, and the new credit card number you gave the company on the prior call, Amazon will allow you to add a new e-mail address to the account. From here, you go to the Amazon website, and send a password reset to the new e-mail account. This allows you to see all the credit cards on file for the account — not the complete numbers, just the last four digits. But, as we know, Apple only needs those last four digits.

Phobia, the hacker Mat Honan documents, was a minor who did this for laughs. One of his friends is a 15 year old hacker who goes by the name of Cosmo; he's the one who discovered the Amazon credit card technique described above. And what are teenage hackers up to these days?

Xbox gamers know each other by their gamertags. And among young gamers it’s a lot cooler to have a simple gamertag like “Fred” than, say, “Fred1988Ohio.” Before Microsoft beefed up its security, getting a password-reset form on Windows Live (and thus hijacking a gamer tag) required only the name on the account and the last four digits and expiration date of the credit card on file. Derek discovered that the person who owned the “Cosmo” gamer tag also had a Netflix account. And that’s how he became Cosmo.

“I called Netflix and it was so easy,” he chuckles. “They said, ‘What’s your name?’ and I said, ‘Todd [Redacted],’ gave them his e-mail, and they said, ‘Alright your password is 12345,’ and I was signed in. I saw the last four digits of his credit card. That’s when I filled out the Windows Live password-reset form, which just required the first name and last name of the credit card holder, the last four digits, and the expiration date.”

This method still works. When Wired called Netflix, all we had to provide was the name and e-mail address on the account, and we were given the same password reset.

The techniques are eerily similar. The only difference between Cosmo and Kevin Mitnick is that they were born in different decades. Computer crime is a whole new world now, but the techniques used today are almost identical to those used in the 1980s. If you want to engage in computer crime, don't waste your time developing ninja level hacking skills, because computers are not the weak point.

People are.

[advertisement] How are you showing off your awesome? Create a Stack Overflow Careers profile and show off all of your hard work from Stack Overflow, Github, and virtually every other coding site. Who knows, you might even get recruited for a great new position!
Discussion

I Was a Teenage Hacker

Twenty-four years ago today, I had a very bad day.

On August 8, 1988, I was a senior in high school. I was working my after school and weekend job at Safeway as a cashier, when the store manager suddenly walked over and said I better stop ringing up customers and talk to my mother on the store phone right now. Mom told me to come home immediately because, well, there were police at the front door asking for me with some legal papers in hand.

He did unlawfully between June 7, 1988 and June 8, 1988 use a computer or computer network without authority and with the intent to temporarily or permanently remove computer data, in violation of Section 18.2-152.4 of the 1950 Code of Virginia, as amended.

Like I said, definitely not a good day. The only sliver of good news was that I was still 17 at the time, so I enjoyed the many protections that the law provides to a minor. Which I shall now throw away by informing the world that I am a dirty, filthy, reprehensible adult criminal. Thanks, law!

One of the problems you had in the pre-Internet 1980s as a hardcore computer geek was that all the best bulletin boards and online services were kind of expensive. Either because you had to pay an hourly fee to access them, like CompuServe, or because they were a long distance modem call. Or both. Even after the 1984 AT&T breakup, long distance at around 20-30 cents a minute was a far, far cry from today's rates. (Does anyone actually even worry about how much voice calls cost any more, to anywhere in the world? This, my friends, is progress.)

Remember, too, that this is back when 9600 baud modems were blazing, state of the art devices. For perspective, the ultra-low-power wireless bluetooth on your phone is about 80 times faster. If you wanted to upload or download any warez software, that meant potentially hours on your modem at rates of around $20/hour. Adjusted for inflation, that's closer to $40 in 2012 dollars. My family wasn't well off enough to afford a second telephone line, so most of my calling was done late at night both because the rates were lower, and also so that I wouldn't be monopolizing the telephone. Nothing was worse than the dreaded "mom picked up the phone" disconnect to an elite difficult-to-access BBS with limited slots.

One way or another, I eventually got involved with the seedier side of the community, even joining a lesser Apple // pirate group. Probably my main claim to fame is that while trolling BBSes, I personally discovered and recruited a guy who turned out to be an amazing cracker. He was so good he eventually got recruited away.

Psi-5-trading-company

I was, at best, a footnote to a footnote to a footnote in Apple // history. This was mainly a process of self-discovery for me. I learned I was the type of geek who doesn't even bother attending his high school prom, partially because I was still afraid of girls even as a high school senior, yes, but mainly because I was so addicted to computers and playing my tiny role in these nascent online communities. I was, and am, OK with that. This is the circuitous path of 30 years that led me to create Stack Overflow. And there's more, so much more, but I can't talk about it yet.

But addicted, I think, is too weak a word for what I felt about being a part of these oddball, early online home computer communities. It was more like an all-consuming maniacal blood lust. So obtaining access to free, unlimited long distance calling rapidly became an urgent priority in my teenage life. I needed it. I needed it so bad. I had to have it to talk on the phone to the other members of my motley little crew, who were spread all over the USA, as well as for calling BBSes.

I can't remember exactly how I found it, probably on one of the BBSes, but I eventually discovered a local 804 area code number for "calling cards" that accepted a 5 digit PIN, entered via touch-tone phone. Try over and over, and you might find some valid PIN codes that let you attain the holy grail of free long distance calling. Only one small problem: it's a crime. But, at least to my addled teenage brain, this was a victimless crime, one that I had to commit. The spice must flow!

All I had to do is write software to tell the modem to dial over and over and try different combinations. Because I was a self-taught programmer, this was no problem. But because I was an overachieving self-taught programmer, I didn't just write a program. No, I went off and built a full-blown toolkit in AppleBasic, with complete documentation and the best possible text user interface I could muster, and then uploaded it to my favorite BBSes so every other addict could get their online modem fix, too. I called it The Hacking Construction Set, and I spent months building it. I didn't just gold plate, I platinum plated this freaking thing, man. (Yes, I know the name isn't really correct. I read as many 2600 textfiles as the next guy. This is mere phreaking, not hacking, but I guess I was shooting for poetic license. Maybe you could use the long distance dialing codes to actually hack remote machines, or something.)

I never knew if anyone else ever used my little program to dial for calling codes. It certainly worked for me, and I tried my level best to make it work for all the possible dialing situations I could think of. It even had an intro screen with music and graphics of my own creation. But searching now, for the first time in 24 years, I found my old Hacking Construction Set disk image on an Apple ROM site. It even has real saved numbers in the dialing list! Someone was using my illicit software!

Hacking-construction-set

If you're curious, fire up your favorite Apple // emulator and give the disk image a spin. Don't forget to connect your modem. There's full blown documentation accessible from the main menu. Which, re-reading now, was actually not half bad, if I do say so myself:

Hacking-construction-set-docs
Hacking-construction-set-docs-2

I used to regularly call BBSes in Florida, California, and Missouri? That's news to me; I haven't seen any of this stuff in over 24 years! All I did was upload a disk image to a few BBSes in 1986. After all that time, to discover that someone used and loved my little bit of software still gives me a little thrill. What higher praise is there for a software developer?

About that trouble. Using my own software got me in trouble with the law. And deservedly so; what I wrote the software to do was illegal. I hired a local lawyer (who, as I recall, was missing a hand; he had a prosthetic hand that was almost impossible not to look at) who represented me. It was quite clear at preliminary hearings that the Chesterfield County court system did not see any computer crime cases, and they had absolutely no idea what to make of me, or what this was all about. All they saw was a smart kid with a bit of bad judgment who loved computers and was headed to the University of Virginia, most likely not a life as a career criminal. So the case was dismissed for the cost of lawyer's fees. Which, for the record, I had to pay myself, using my income as a Safeway cashier.

This was definitely a wake up call for me; in the summer of 1988, I was about to graduate from high school, and I thought I'd try being just a regular guy at college, with less of an obsessive focus on computers that causes me to get in trouble with the law, and perhaps spread my wings to other interests. Who knows, maybe even girls!

That didn't last long. Because after all these years, I must confess I've grown to love my own bad judgment. It's led me to the most fascinating places.

[advertisement] Stack Overflow Careers matches the best developers (you!) with the best employers. You can search our job listings or create a profile and even let employers find you.
Discussion

Today is Goof Off at Work Day

When you're hired at Google, you only have to do the job you were hired for 80% of the time. The other 20% of the time, you can work on whatever you like – provided it advances Google in some way. At least, that's the theory.

Google's 20 percent time policy is well known in software engineering circles by now. What's not as well known is that this concept dates all the way back to 1948 at 3M.

In 1974, 3M scientist Art Fry came up with a clever invention. He thought if he could apply an adhesive (dreamed up by colleague Spencer Silver several years earlier) to the back of a piece of paper, he could create the perfect bookmark, one that kept place in his church hymnal. He called it the Post-It Note. Fry came up with the now iconic product (he talks to the Smithsonian about it here) during his "15 percent time," a program at 3M that allows employees to use a portion of their paid time to chase rainbows and hatch their own ideas. It might seem like a squishy employee benefit. But the time has actually produced many of the company's best-selling products and has set a precedent for some of the top technology companies of the day, like Google and Hewlett-Packard.

There's not much documentation on HP's version of this; when I do find mentions of it, it's always referred to as a "convention", not an explicit policy. Robert X. Cringely provides more detail:

Google didn’t invent that: HP did. And the way the process was instituted at HP was quite formal in that the 10 percent time was after lunch on Fridays. Imagine what it must have been like on Friday afternoons in Palo Alto with every engineer working on some wild-ass idea. And the other part of the system was that those engineers had access to what they called “lab stores” — anything needed to do the job, whether it was a microscope or a magnetron or a barrel of acetone could be taken without question on Friday afternoons from the HP warehouses. This enabled a flurry of innovation that produced some of HP’s greatest products including those printers.

Maybe HP did invent this, since they've been around since 1939. Dave Raggett, for example, apparently played a major role in inventing HTML on his 10% time at HP.

Although the concept predates Google, they've done more to validate it as an actual strategy and popularize it in tech circles than anyone else. Oddly enough, I can't find any mention of the 20% time benefit listed on the current Google jobs page, but it's an integral part of Google's culture. And for good reason: notable 20 percent projects include GMail, Google News, Google Talk, and AdSense. According to ex-employee Marissa Meyer, as many as half of Google's products originated from that 20% time.

At Hewlett-Packard, 3M, and Google, "many" of their best and most popular products come from the thin sliver of time they granted employees to work on whatever they wanted to. What does this mean? Should we all be goofing off more at work and experimenting with our own ideas? That's what the book The 20% Doctrine explores.

The 20% Doctrine: How tinkering, goofing off, and breaking the rules at work drive success in business

Closely related to 20% time is the Hack Day. Hack Days carve out a specific 24 hour timeframe from the schedule, encouraging large groups to come together to work collaboratively (or in friendly competition) during that period. Chad Dickerson instituted one of the first at Yahoo in 2005.

The Friday before, I had organized the first internal Hack Day at Yahoo! with the help of a loosely-organized band of people around the company. The “hack” designation for the day was a tip of the hat to hacker culture, but also a nod to the fact that we were trying to fix a system that didn’t work particularly well. The idea was really simple: all the engineers in our division were given the day off to build anything they wanted to build. The only rules were to build something in 24 hours and then show it at the end of the period. The basic structure of the event itself was inspired by what we had seen at small startups, but no one had attempted such an event at a large scale at an established company.

The first Yahoo! Hack Day was clearly a success. In a company that was struggling to innovate, about seventy prototypes appeared out of nowhere in a single 24-hour period and they were presented in a joyfully enthusiastic environment where people whooped and yelled and cheered. Sleep-deprived, t-shirt-clad developers stayed late at work on a Friday night to show prototypes they had built for no other reason than they wanted to build something. In his seminal book about open source software, The Cathedral and the Bazaar, Eric Raymond wrote: “Every good work of software starts by scratching a developer’s personal itch.” There clearly had been a lot of developer itching around Yahoo! but it took Hack Day to let them issue a collective cathartic scratch.

Atlassian's version, a quarterly ShipIt Day, also dates back to 2005. Interestingly, they also attempted to emulate Google's 20% time policy with mixed results.

Far and away, the biggest problem was scheduling time for 20% work. As one person put it, “Getting 20% time is incredibly difficult amongst all the pressure to deliver new features and bug fixes.” Atlassian has frequent product releases, so it is very hard for teams to schedule ‘down time’. Small teams in particular found it hard to afford time away from core product development. This wasn’t due to Team Leaders being harsh. It was often due to developers not wanting to increase the workload on their peers while they did 20% work. They like the products they are developing and are proud of their efforts. However, they don’t want to be seen as enjoying a privilege while others carry the workload.

I think there's enough of a track record of documented success that it's worth lobbying for something like Hack Days or 20% time wherever you work. But before you do, consider if you and your company are ready:

  1. Is there adequate slack in the schedule?

    You can't realistically achieve 20% time, or even a single measly hack day, if there's absolutely zero slack in the schedule. If everyone around you is working full-tilt boogie as hard as they can, all the time, that's … probably not healthy. Sure, everyone has crunch times now and then, but if your work environment feels like constant crunch time, you'll need to deal with that first. For ammunition, try Tom Demarco's book Slack.

  2. Does daydreaming time matter?

    If anyone gets flak for not "looking busy", your company's work culture may not be able to support an initiative like this. There has to be buy-in at the pointy-haired-boss level that time spent thinking and daydreaming is a valid part of work. Daydreaming is not the antithesis of work; on the contrary, creative problem solving requires it.

  3. Is failure accepted?

    When given the freedom to "work on whatever you want", the powers that be have to really mean it for the work to matter. Mostly that means providing employees the unfettered freedom to fail miserably at their skunkworks projects, sans repercussion or judgment. Without failure, and lots of the stuff, there can be no innovation, or true experimentation. The value of (quickly!) learning from failures and moving on is enormous.

  4. Is individual experimentation respected?

    If there isn't a healthy respect for individual experimentation versus the neverending pursuit of the Next Thing on the collective project task list, these initiatives are destined to fail. You have to truly believe, as a company, and as peers, that crucial innovations and improvements can come from everyone at the company at any time, in bottom-up fashion – they aren't delivered from on high at scheduled release intervals in the almighty Master Plan.

Having some official acknowledgement that time spent working on whatever you think will make things better around these here parts is not just tolerated – but encouraged – might go a long way towards making work feel a lot less like work.

[advertisement] What's your next career move? Stack Overflow Careers has the best job listings from great companies, whether you're looking for opportunities at a startup or Fortune 500. You can search our job listings or create a profile and let employers find you.
Discussion

The IPS LCD Revolution

When I wrote about TN LCD panels 5 years ago, I considered them acceptable, despite their overall mediocrity, mostly due to the massive price difference.

Unfortunately, the vast majority of LCDs on the market now are TN. You can opt to pay a little bit more for one of the few models with *VA – if there are any available in the size you want. *-IPS is widely considered the best all around LCD display technology, but it is rapidly being pushed into the vertical "pro" graphics designer market due to the big jump in price. It's usually not an option, unless you're willing to pay more than twice as much for a monitor.

But when the $499 iPad 3 delivers an amazingly high resolution IPS panel that's almost reference quality, I found myself a whole lot less satisfied with the 27" TN LCDs on my desktop. And on my laptop. And everywhere else in my life.

I'll spare you all the exposition and jump to the punchline. I am now the proud owner of three awesome high resolution (2560x1440) 27" IPS LCDs, and I paid less than a thousand dollars for all three of them.

Three Korean LCDs

(If you're curious about the setup, I use Ergotron monitor arms to fit everything in there.)

I won't deny that it is a little weird, because everything is in Korean. I replaced the Korean 3 prong power cord in the power brick with a regular US power cord I had laying around. But a monitor is a monitor, and the IPS panel is stunning. The difference between TN and IPS is vast in every measurable dimension. No bad pixels on these three panels, either. Although, as my friend Scott Wasson of Tech Report fame says, "every pixel on a TN panel is a bad pixel".

How is this possible? You can thank Korea. All three of these monitors were ordered from Korean eBay vendors, where a great 27" IPS LCD goes for the equivalent of around $250 in local currency. They tack on $100 for profit and shipping to the USA, then they're in business. It's definitely a grey market, but something is clearly out of whack, because no domestic monitor of similar quality and size can be had for anything under $700.

I wanted to get this out there, because I'm not sure how long this grey market will last, and these monitors are truly incredible deals. Heck, it's worth it just to get out of the awful TN display ghetto most of us are stuck in. Scott Wasson got the exact same model of Korean LCD I did, and his thorough review concludes:

Even with those last couple of quirks uncovered, I still feel like I won this thing in a drawing or something. $337 for a display of this quality is absolutely worth it, in my view. You just need to keep your eyes open to the risks going into the transaction, risks I hope I've illustrated in the preceding paragraphs. In many ways, grabbing a monitor like this one on the cheap from eBay is the ultimate tinkerer's gambit. It's risky, but the payoff is huge: a combination of rainbow-driven eye-socket ecstasy and the satisfying knowledge that you paid less than half what you might pay elsewhere for the same experience.

There are literally dozens of variants of these Korean 27" LCDs, but the model I got is the FSM-270YG. Before you go rushing off to type ebay.com in your browser address bar, remember that these are bare-bones monitors being shipped from Korea. They work great, don't get me wrong, but they are the definition of no-frills:

  • Build quality is acceptable, but it's hardly Jony Ive Approved™.
  • These are glossy panels. Some other variants offer matte, if that's your bag.
  • They only support basic dual-link DVI inputs, and nothing, I mean nothing else.
  • There is no on-screen display. The only functional controls are power and brightness (this one caught me out; you must hold down the brightness adjustment for many, many seconds before you see a change.)

Although the noise-to-signal ratio is off the charts, it might be worth visiting the original overclock.net thread on these inexpensive Korean monitors. There's some great info buried in there, if you can manage to extract it from the chaos. And if you're looking for a teardown of this particular FSM-270YG model (minus the OSD, though), check out the TFT Central review.

In the past, I favored my wallet over my eyes, and chose TN. I now deeply regret that decision. But the tide is turning, and high quality IPS displays are no longer extortionately expensive, particularly if you buy them directly from Korea. Is it a little risky? Sure, but all signs point to the risk being fairly low.

In the end, I decided my eyes deserve better than TN. Maybe yours do too.

[advertisement] Hiring developers? Post your open positions with Stack Overflow Careers and reach over 20MM awesome devs already on Stack Overflow. Create your satisfaction-guaranteed job listing today!
Discussion