Fog Creek Software
Discussion Board




Open house

Hi Joel

Is this upcoming open house on March 24th for NY folks only? or any JOS fans who happen to be vacationing in New York can attend?

Farid
Monday, March 08, 2004

All are welcome.

Joel Spolsky
Fog Creek Software
Monday, March 08, 2004

What is going to be happening at this grand event??

Jeff
Monday, March 08, 2004

Everyone has to solve a coding problem before admission. The coding problems will look suspiciously similar to this list:

http://discuss.fogcreek.com/joelonsoftware/default.asp?cmd=show&ixPost=121430&ixReplies=28

Philo

Philo
Monday, March 08, 2004

Some kind of cheese will be served. People will mill around, talking to each other, mittengrabben und gefingerpoken. After we finally chase everyone out I will be finding resumes under couch cushions for weeks or months.

Joel Spolsky
Fog Creek Software
Monday, March 08, 2004

Do I get a job if I find a way to stick my resume to the inside of your two-paned acetate walls so that you have to look at it for the next three weeks while you wait for your construction guy to get in?

Inquiring minds want to know.

Nigel
Monday, March 08, 2004

Will there be anything for the lactose intolerant?

Gustavo W.
Monday, March 08, 2004

> mittengrabben und gefingerpoken

Probably don't want to find yourself bending over then....


Monday, March 08, 2004

If it was for NYer's only, there would have to some sort of test to prove your New Yorkness..

Perhaps the Fog Creek Bouncers could turn away anyone at the door who don't know how to get to Coney Island on the subway...?

Shawn Leslie
Monday, March 08, 2004

For the lactose intolerant:

Little cocktail wieners on toothpicks?

Cauliflower and broccoli chunklets?

utter coward to hide my name
Monday, March 08, 2004

I'd suggest that Joel supplies a lot of chap stick because there sure is going to be a lot of arse-kissing.

He's_Just_Another_Man_Like_You_And_I
Monday, March 08, 2004

My wife and I are considering coming down from Boston but I would hate to get there and find such a mob scene that we wouldn't be able to get in.  I suppose it would be a nice day or so in the city even if that happened.

But there is that pesky project that is supposed to be in beta by mid-April.  Perhaps another time.

Art Rogers
Monday, March 08, 2004

Would somebody be out of place if they showed up with a laptop and some pet projects they'd like to show to other folks?  What's the nature of the get-together?  Are you taking reservations to make sure you've got enough floor space?

K
Tuesday, March 09, 2004

In reply to:
--------------
Would somebody be out of place if they showed up with a laptop and some pet projects they'd like to show to other folks?
--------------

Gah!  BORRRRRRRRRRRR-ING!

Why do I get the feeling that the tone of this open house is a bunch of nerds trying to show everyone (and ESPECIALLY Joel) how much smarter they are than everyone else.  Or how much more idealistic they are.  Or how much more creative they are.  Or how they are "really smart and get things done".

Joel look at me!  Look at me!

ArseKissers Are Annoying
Thursday, March 11, 2004

That's not how I meant it at all.  I'm interested in meeting people with similar interests, and possibly starting some projects with them.  What's wrong with that?  Maybe I misunderstood the purpose of this thing.  Is it not going to be a bunch of programmers getting together to talk about software?

K
Thursday, March 11, 2004

Ignore the ranter. He's pissed off at himself.

George Illes
Thursday, March 11, 2004

K,

sorry about that.  I do think the "breaking out the laptop" to show people code is boring but I also used that as a segue into my "rant", which was not necessarily directed at any intention that you may have.

I don't know, it's 6pm, most people have been staring at code all day, there's going to be cheese. on. a. platter!  Sure, go ahead and network if you like!  But there can be other things to...you know ...talk about...or do.  But, hey, do your thing.  I'm not stoping you.  Just poking fun at it.

As for George,
I may be ranting...but gosh darn golly if there isn't a whole bunch of truth in my sentiment that just can't be denied. 

There's also a difference between being angry as opposed to mildly looking forward to seeing the super-nerds stumble over themselves trying to impress Joel.  Should be quite fun!

ArseKissers are annoying
Thursday, March 11, 2004

Thanks for the apology.  It certainly appeared like your "rant" was a response to the content of my message.  Thanks for clearing that up.

Who said anything about showing people code?  Sharing personal projects with one another doesn't have to be about the code that went into those projects.  I'm sure that the FogCreek people intend to discuss their projects.

What exactly did you have in mind?

K
Thursday, March 11, 2004

Hmm.  What do I expect?

I'm not sure, because I've never particpated in an Open House such as this before.

a) I'm looking forward to seeing what his office looks like.  Being that it's bionic and all!  I plan to take pics, if that's ok with Joel.

b) I'm looking forward to seeing and listening to Joel in person.  His writing style is terrific and his (very funny) personality really seeps through.  It will be nice to put gestures, a face, etc. to the writing I so often read.

c) I'm looking forward to networking.  I'll happily listen to and maybe even get involved in some of the topics that are discussed here on a daily basis (I tend to keep quiet, and only interject when I see that nobody raises a point that I may have).  These conversations may/may not involve Joel.  I don't plan on following him around, arse kissing. :)

Of course, if the topic changes to other things: movies, nyc, sweaters from the gap, I'll happily get involved in that too.  You know, just hanging out.  I plan on going with others and this will be the first stop amongst other things to do in NYC.

d) I'm looking forward to cheese.  I love that stuff.

ArseKissers are annoying
Thursday, March 11, 2004

Are we talking about cheese with Merlot?

Farid
Thursday, March 11, 2004

That's fantastic, your expectation (c) was exactly what I had in mind.  I'll see you there.

K
Thursday, March 11, 2004

For the really paranoid: How will you prevent unauthorized physical access to the FCS development machines? It takes < 1 minute to compromise a machine if one can boot from the CD drive.

Just me (Sir to you)
Friday, March 12, 2004

Ow, bad me. Forget about that last remark. I have been threath modeling today. No fun.

Boy do I hate security work.

Just me (Sir to you)
Friday, March 12, 2004

Just me,

It's a valid point. Sounds like a good interview question:

How do you secure a PC in a crowded office filled with dozens of nerds^h^h^h^h^h IT professionals?

Strong BIOS passwords? Cut the power?

dmooney
Monday, March 15, 2004

This is a good interview question for who?  A programmer?

I disagree.

I_code
Tuesday, March 16, 2004

I_code,

Very insightful.

dmooney
Tuesday, March 16, 2004

dmooney,

How much more insightful do you need me to be?  There really isn't too much depth to this topic.

I asked: who is this question for?  If it would be for a programmer, I disagree.

One of these network guys that runs around the office?  Sure!  But, a programmer?  no.

In the 5+ years that I have been programming, not once have I ever wrote code to interact with the BIOS.  Nor have I ever had the question that "Just me" addressed to me. 

Never in my life have I ever had to even think of BIOS passwords.  (So, there's some passwords lurking around that area?  Who knew?).

Quite possibly you might have been involved in putting together PC's from scratch or maintaining computers for some business/school/etc.  Me, I buy my computers from Dell/HP/Toshiba, turn them on, install my programming tools, and code.  Maybe one day I'll mess around with all the details of the BIOS, but I just have other things I'd rather be doing in my spare time right now.  But hey, you caught me.  I didn't get interested in programming computers until college!  (just playing video games before that :)

Would that make me a bad programmer?  I seriously doubt the knowledge on that subject would affect me either way.

I_code
Wednesday, March 17, 2004

Hey, don't take this too serious guys. As I said, I was a bit cranky after another day of security stuff.
Still, I don't think it is too much too ask of a professional in our industry to be aware of security practices and risks. Look at it this way. Your boss decides it would be a good thing for the steet cred of the company to trow a party at the office for the underground balckhat scene. Your office is assigened as a place where people can leave their coats etc. What are you going to do about your PC? If you are going to have people with possibly malicious intent with your computer (nearly) unsupervised, you better prepare for it.
Joel's development PC's might be a tasty high profile target. This "open" event was publicly announced, and it sure looks as if people will actually be allowed inside the development spaces.
I am sure Joel has setup bios passwords too prevent malicious rebooting "just in case".

Just me (Sir to you)
Thursday, March 18, 2004

But, dmooney's response was:

This would be a good interview question!

Which, I disagree with.

I think that if my boss decides it would be a good thing for the steet cred of the company to trow a party at the office for the underground balckhat scene, I'd:

Spend an hour or so googling for all types of neat ways to protect oneselves for this very scenario.  I'd guarantee that I'd have a real nifty solution.

But, this scenario has never happened.  And on top of that, I've never been asked to do that type of research.

For anyone to think that because I didn't know this info off the top of my head (bios-passwords), that wouldn't make me a good candidate to be hired...well, that's preposterous!  Meanwhile, dmooney is suggesting this as a question for programmers.  The network guys that run around the office? yes.  Programmers? no.  I think that no matter what someone says, if the candidate doesn't think of the bios-password stuff, that will affect the persons hiring.  I liken this to people expecting other people to know the little trivial facts that they know.  Everybody has little trivial facts that someone else doesn't know!

I_code
Thursday, March 18, 2004

And a quick google search gives me an article that says, amongst other things, this:

Boot password
By setting a boot password, you can make your computer prompt for the password every time it is restarted.

-

Am I hired? :)

I_code
Thursday, March 18, 2004

For the curious (all none of you), the google search was:

protect my computer accessing

and the first article that came up mentioned adding the bios password.

---

Now, just because I really haven't paid attention to these issues before...how does the BIOS password help here?

For example, when the computer is done restarting, Windows is going to start and it's going to want you to enter a userid/password.

The BIOS password, if not entered, I'd guess would stop Windows from loading.

What could happen in between the BIOS password being entered and loading Windows that a 'hacker' could do?

Or is it that you'd expect a 'hacker' to get into the BIOS and do something there?

I_code
Thursday, March 18, 2004

Well,

- huddle round the computer with a small group shielding the ops man from sight
- change the boot priorities if nescessary
- boot from a cd that installs a nice backdoor
- retrieve cd
- reboot
- reset boot options if nescessary
- act as if you tripped the power cord if you are not sure that you could kill all windows boot sounds, or turn the machine off "by accident"

or something like that

Just me (Sir to you)
Thursday, March 18, 2004

I was thinking something along the lines of an impossible question, not a technical question. Like there are many ways to prevent access: cutting off power, removing the display, removing the hard drive, removing the keyb, removing the whole box... after a minute of thinking about it I came up with using a BIOS password which prevents the computer from booting and the BIOS from being reconfigured to boot from an alternate device (like a SCSI zip drive somebody snuck in or a CD). But I have some PC admin experience so these are the things I thought of.

Somebody without that kind of experience I would want them to say something like ... well I have no PC hardware exp and I'm no systems guy (good: honest) so I'd have to do a bit of research (good: proactive, doesn't just give up). I'd hit Google first, or maybe contact my friend who knows all about this stuff on IM. I might try to contact my PC vendor's support staff to see if they have any ideas.

I'd basically be looking to see how the person thought about the problem. If they have experience in that area, then they might just spit out "BIOS password", in which case I haven't learned much expcet they have a clue about PC hardware (which can be useful). If they don't have experience then I want to see how they think about something like this.

dmooney
Thursday, March 18, 2004

> What could happen in between the BIOS password being entered and loading Windows that a 'hacker' could do?

You tell the BIOS to boot the O/S from CD or floppy disk, and you insrert a bootable CD or floppy disk: thereby loading something other than Windows, and avoiding the Windows password completely.

Christopher Wells
Sunday, March 21, 2004

The trouble with not setting a BIOs password is that if you don't anybody else can.

So they set a BIOS password so you can't get into the BIOS but before that they set a boot password so you can't boot and can't access the BIOS to change the boot password anyway.

And no there is no need for programmers to know this but it would be nice of they admitted that there was no need for other IT experts to know nothing about coding either.

Of course some programmers do come across BIOs passwords by accident. I had a friend who, before he made his career in EFL teaching, got an associates degree as a SQL programmer. I had just networked all the PC's at work and was called to his office because he said he'd lost his desktop. Wnen I got there I saw him staring at the blue screen of the CMOs setup. I asked him what he'd done. He told me he knew I changed the configuration so when he saw the sign saying "press del for setup" that was exactly what he did. The next day I set BIOS passwords on all machines.

I suggest you think of the same if your manager starts reading books on pair programming :)

Stephen Jones
Tuesday, March 23, 2004

*  Recent Topics

*  Fog Creek Home