« January 2004 | Main | March 2004 »
February 29, 2004
Relationship of convenience
Last week I rode TRAX a few days while my car was in the shop. While waiting for the University line one day, I noticed a woman studying for her driver's license test. I guess she wasn't there because of a long-term committment to public transportation.
Posted by pete at 1:34 PM
February 28, 2004
Managers and leaders
Jim has been talking about managers and leaders on his blog for a few days now. Jim's discussed this with me before, and I've thought about it some.
I read the first chapter of The Essential Drucker this week, which covers the history and development of management (in brief). I was surprised to find that management as a business concept and profession has only existed 150 years. It's no wonder that there are still so many questions about what management is.
During that time the roles of management and the people that are managed have changed dramatically. In part this may contribute to the confusion today over management and leaders. In the 1950's, most of management existed to channel information from the top of the hierarchy to the rank-and-file on the assembly lines. Today's corporations deliver products and services that are the highly-trained knowledge workers that make up the rank-and-file. A manager may just as often have to manage information in the rank-and-file and communicate it up-wards as the other direction.
I like one reference Jim mentions to Mike Vance, that "the superlative manager and the superlative mother share the same skill set." Superlative mothers don't just plan the agenda for the week, make sure that food's on the table and that the kids ate breakfast before they headed out the door. As we are realizing, superlative mothers (and fathers) are successful parents only when they are so involved in their kids' lives that they can guide their children, raise the bar, challenge them, help them overcome challenges.
I don't know if there's a difference between a leader and a manager, but I can say confidently that organizations today will not succeed if managers see their role as just interfacing between the rank-and-file and the upper levels of the organization, and making sure that stuff is coordinated within their group. Successful organizations are made up of successful managers who are involved in what their employees do enough to direct their employees to personal and organizational success. Leadership is one of many qualities that today's managers must practice and exhibit.
Posted by pete at 11:54 AM
February 23, 2004
Doing something serious about SPAM
As I've discussed previously, I get a lot of spam. I have spent a lot of time putting filter systems in place to block spam while letting the "good" stuff through.
In spite of that, I still receive at least 20-30 spam messages a day that leak through the filters (because spammers are always trying to one-up the spam filters). I've gotten to the point where I'm afraid I'll accidentally delete a legitimate message in the process of deleting spam.
Today (well, a few hours ago yesterday) I decided to try out TMDA in addition to what I've already got in place. TMDA is a challenge-response system that will help deal with those 10% of spam messages that still get through.
TMDA isn't necessarily for the unexperienced to implement, especially if you're adding it to existing filters (and I have a very long .procmailrc file). But now that I've got it working, it's very effectively catching those spam messages that used to slip through.
I read from several people how much the TMDA frustrates them, and implemented features to avoid most of those frustrations. First, if I ever send out a message, the recipient can reply to that specific message without having to go through TMDA at all. Within 24 hours, that email address will also be automatically added to my list of accepted addresses (I need to figure out how to make that real-time). I've already added all addresses I've emailed in the last year to be automatically accepted, too. For the most part, the people I already communicate with won't even notice TMDA.
TMDA has a lot of features that I will be experimenting more with during the next few weeks, but right now things look pretty good.
Posted by pete at 2:35 AM | Comments (2)
February 16, 2004
First Windows code leak exploit
Three days after Microsoft acknowledged that Windows 2000 and Windows NT4.0 source code had been leaked to the Internet, the first exploit to use that source code was announced.
It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.The author states that this flaw was found by reviewing the recently leaked Microsoft Windows source code. The flaw reportedly resides in 'win2k/private/inet/mshtml/src/site/download/imgbmp.cxx'.
This just fans the flames for spam-funded miscreants to find Windows vulnerabilities and exploit them before someone else does.
Posted by pete at 11:13 AM
February 14, 2004
Back
I'm catching up on posts. Check for posts back to February 10 for new posts you haven't read yet.
Microsoft security improving? http://pete.kruckenberg.com/blog/archives/000335.php
Annual portfolio re-balancing
http://pete.kruckenberg.com/blog/archives/000333.php
How to improve customer service (Part 2)
http://pete.kruckenberg.com/blog/archives/000334.php
Posted by pete at 8:02 PM
Microsoft security improving?
Gartner recently published a report claiming that Microsoft product security is improving (I'd hope so, they'd sure have to try hard to do worse than they have).
In spite of several major incidents during 2003, Gartner predicts that Microsoft's products will be as secure as the average product. I'm not sure what that means. Since Microsoft owns the majority of many industries they are in, isn't the average mostly comprised of Microsoft? So, reading between the lines, Microsoft's security practices used to be so much worse than other products, that the 10% of better-secured non-Microsoft products actually was able to offset the average of a market 90% owned by Microsoft. That's some gap between the minority and the majority.
Anyways, since Gartner published this report, things are starting to look a lot more like this is a temporary glich than a long-term improvement. Or at least, that "improved" doesn't mean much for Microsoft customers trying to secure their networks.
One week later, the same author published another report detailing yet another Microsoft vulnerability that is expected to lead to another MSBlast-type of worm. This vulnerability was identified by eEye in July 2003 and took Microsoft seven months to patch. At any time during those seven months, the miscreant community could have stumbled across that vulnerability and launched a worm that couldn't be blocked. That's improvement?
Lest you think MS04-007 is a fluke, take a look at this. eEye has notified Microsoft of no fewer than seven vulnerabilities, the least-serious of which only can exploit 91 million machines. Three can exploit every Microsoft-based machine, and all of those have been waiting for a Microsoft patch for at least two months.
And this could be just the beginning. This week Microsoft confirmed that some of the source code for Windows 2000 and Windows NT4.0 (which are presumably used extensively in Windows XP and Windows Server 2003) was leaked to the Internet (and seems to be easily found). This means that the miscreant community has even more opportunities to find vulernabilities and exploit them before they can be patched.
I am sure that Microsoft product security is improving, but it has such a long way to go until it reaches a threshold where it can be considered "secure". I'm not sure that improvement even matters, other than to give some sliver of hope to Microsoft's customers and the I.T. industry who get to deal with yet another year of exploited Microsoft vulnerabilities.
Posted by pete at 6:59 PM
February 13, 2004
Annual portfolio re-balancing
[Originally written 01/11/04, but I didn't get around to posting it until today.]
I'm about 10 days late, but I finally got around to re-balancing my investment portfolio (I was hoping to get it done during the Christmas/NewYears break).
This year, I decided to rebalance comprehensively. I am managing five different retirement accounts: an independent brokerage account, two IRA's with the same brokerage, retirement account with another brokerage through my employer, and yet another IRA with the same employer brokerage. This is actually the fewest number of accounts I am willing to manage, in part due to my belief that I can get higher returns through my own brokerage than through my employer's.
Previously, I was managing each of these kind of independently. As in, the same distribution of funds in each account, according to my investment strategy. This creates an incredible amount of work when I rebalance (redistribute funds between investments to get back to the same distribution proportions) each year.
So, I decided to allocate funds globally. Easy in theory, a lot of work in practice. Because not only did I have to calculate amounts globally, I also had to determine how investment options in my employee accounts matched up to my investment strategy and to comparible index funds available in my independent accounts. Complicated and time-consuming.
I finally decided to keep my international, fixed-fund and real-estate investments in the employee accounts, since those appear to be the best-managed (i.e. they stick to an index instead of mucking with the returns via "professional active managers"). The rest (large cap, mid-cap, small cap) will be in my independent accounts, because I can choose better investments there than are available in my employee accounts.
Then it was on to figuring out how to reallocate in my independent brokerage account with the fewest number of trades. This would probably be a cool exercise for a Computer Science class. Given current allocations, desired new allocations, and costs of each transaction, minimize the effort to the fewest trades. I got it down to 4 sells and 6 buys (could have been less, but the two IRAs have to be managed separately, and only cash can be moved into IRAs).
Put all the orders in to be executed tomorrow morning. Then I don't have to worry about anything until the end of this year, when I rebalance again.
Posted by pete at 11:46 PM
February 12, 2004
How to improve customer service (Part 2)
[Started on January 5, 2004. Finished today.]
In Part 1, I discussed how businesses struggle with customer service (and many other communications behaviors) because they don't invest in training employees to improve these critical skills.
So what specifically does an organization need to do to improve relationships with customers and between employees?
Here are some thoughts I had during and after I took several training classes (the first I've ever taken in my decade-long carreer):
Too often, organizations underestimate the amount of effort required to achieve Excellent Customer Service. If all it took was telling people to do those things, then every organization would already be doing them.
The only organizations I know of who have successfully incorporated those behaviors have only done so after investing a tremendous amount of effort and passion over a long period of time at every level of the organization. I do not know of any organization that felt the investment did not pay off many times over (I can, however, think of many organizations who were unwilling to make the necessary investment and continue to suffer because of it).
Posted by pete at 12:58 PM