Genii Weblog


Civility in critiquing the ideas of others is no vice. Rudeness in defending your own ideas is no virtue.


Tue 20 Jun 2017, 02:19 PM
As software vendors or application developers or anyone else who documents software or processes, we often face the need to come up with an example. The goal of almost any example or documentation is to be simple enough for the uninitiated to grasp while being complex enough to show the possibilities. This is often accomplished with more than one example, so that we can show both how easy it is with one example and how powerful and flexible it is with another.

But there is an interesting question of responsibility raised by examples. Are we responsible for those people who just grab the example and go with it, even if they should be modifying it? A classic, and rather extreme, case might be when your example includes "YourServer" or "YourDB.nsf" or even "Firstname Lastname". While it might lead to an embarrassing support call, the implications of someone actually using such an example verbatim are slight. Most likely, the process or software won't work until they plug in an appropriate value.

There is one class of example which is different. This is the case of somebody using an example with a password or encryption key that is intentionally weak. I read today that 15% of IoT users leave the default password, and we have all known users who use 12345 as a password or key. While it is clearly the responsibility of the user to be more secure, do we have a responsibility to encourage security? It is not a simple question, as even if we do, and use a complex password or key, that password or key is usually static in the documentation, and so inherently insecure.

The following comes from the OpenSSL wiki. It comes with a clear warning not to use that key, which is good, but it intentionally uses one of very few weakest DES keys, which seems an odd choice. Since the user is not meant to type the example exactly, why not use a more random secure key? But if they did, would that be false security since it was static? In a perfect world, the key used in the example might be random and generated on the fly so that every viewer saw a different key. Then, if the example were copied and pasted, a "good" key would be used. But is that really the responsibility of the documentation writer? I don't know.

Inline JPEG image

Copyright © 2017 Genii Software Ltd.

Mon 19 Jun 2017, 04:02 PM
I'm excited to announce I'll be speaking at MWLUG 2017 in Alexandria, VA on data analytics, extraction and visualization.
 
Finding the Gold in Them Thar Hills
They say everyone should visit their own region as a tourist, with eyes wide open to the treasures visitors see easily which we no longer notice. Likewise, those who have used IBM Notes/Domino for many years may not easily see the value embedded in data buried in various databases over these years. Patterns, trends, connections, all hidden in plain sight. In this session, we will explore the kinds of hidden treasure you may have, and different ways to extract/expose that treasure for data analytics and data re-purposing, as well as ways to use data visualization to make the gold you find shine.
MWLUG has proven to be a consistently excellent conference, and I'm delighted to have a chance to speak there again. But even more, I look forward to seeing all of you. If you'll be there and want to hang out, don't hesitate tweet at me or contact me through Facebook or email or phone. Anything but a brick through the window will work. If you'd like a meeting to talk about any of our products, especially our new CoexLinks Migrate, CoexLinks Journal and AppsFidelity Migrate, let me know in advance of your interest so I know not to bore you with talk of my latest novel. (Which will be awesome when I finish it.) If you want to hear about my novel, be forewarned that I can be obsessive.

Copyright © 2017 Genii Software Ltd.

Thu 8 Jun 2017, 04:48 PM
More than 17,500 documents in 110 seconds.
 
With a simple command from the server console, CoexLinks Migrate exports all email documents from a Notes email database into MBOX or EML format, both standards-based formats used by many email products as well as data warehouses and email vaults. Our high speed engine renders even complex rich text emails with high fidelity and accuracy.
 
But why not try for yourself. Request an evaluation license today.
 
 
As usual, closed captions are available.
 

Copyright © 2017 Genii Software Ltd.

Tags: