Google kinda sucks

Recently I’ve been more and more impressed by just how bad Google’s products are. It reminds me of Microsoft in the late 90s. They have a solution for everything, it’s terrible, but people still use it because of the network effect.

I’ll go in detail in later posts but basically, google calendar hasn’t been updated in… ever? Google keeps being able to fuck up doing a messaging application. Android Auto? It’s amazing when it works…. Which is about half the time… Google maps? It was revolutionary when it came out, remember mapquest? But now, when I left to go pick up my prescription today it offered me to go to an address I haven’t gone to in almost a year and won’t be going back to.

There seems to be 2 general problems, one is usability and the other is shitty machine learning. Like I said I’ll have a few rants on them individually, but it’s so interesting to me how Google became what it was fighting (the big large monopolistic tech companies). I guess history just repeating itself.

Maybe the government shouldn’t be “Agile”

Folks in government love to have disclaimers everywhere that their opinion is not necessarily the one of their employers and the view presented here and their personal ones. I’ve always found that a bit tedious and unnecessary but since I’m going to post something slightly related to “Digital Government” I though I might as well just drink the whole kool-aid.

There was a good question asked on Twitter

But when reading some of the answers and from lurking at the #GCDigital hashtag, I’m not sure it’s the right question.(1)Also, to actually directly answer the question, I think it’s near impossible to be the “real” agile [as opposed to the “wagile” doing sprints inside a waterfall]

I posted a thread on twitter about it, because I think that’s what the cool kids are doing these days, but wanted to unroll it here. (And fix some formatting)

So my answer:

I wonder if that’s actually the right question. At times, it seems we’re focused on “Agile” and “Digital Transformation” but those things are meaningless. They are, at best, proxies of what the true goal should be.

In my opinion, the real goal is to deliver better services to people.

That’s it, point blank. All the other stuff, “Agile”, “Digital Transformations”, “Microservices”, “Cloud Native”, those are all distractions.

We sometimes get so focused on adopting the “best practices” from tech vendors promising the new buzzwords in nice packaging or trying to imitate other tech startups that we lose sight of the real goal.

Facebook has been agile, they use all of the tech buzzwords and all of the metrics and user research etc. So does Clearview, so does Twitter. The outcomes of those companies is not what I would want the Government of Canada to look like.

So why not focus on what we really want to achieve?
How can we serve people better in the government context?

I haven’t encountered anyone who was like: “If only I could fill out my EI claim on a serverless edge computing platform that had machine learning, was secured via the blockchain and developed via agile methodology”

The focus shouldn’t be how on do we try to change this massive institution’s project methodology to one that has been successful in the private sector.
Rather, I think it should be, how do we, in the given context(2)Let’s not pretend the GC is like a private enterprise. We have restrictions and parameters that, for better or for worse, are different from private enterprises serve people better? What will tell us that we have served them better? And from there, iterate on practices we think will achieve that outcome.

Because that’s the only really important part of agile. How do we iterate on processes that help us achieve our goal.

And the goal isn’t to be agile, the goal is to serve people better.


1 Also, to actually directly answer the question, I think it’s near impossible to be the “real” agile [as opposed to the “wagile” doing sprints inside a waterfall]
2 Let’s not pretend the GC is like a private enterprise. We have restrictions and parameters that, for better or for worse, are different from private enterprises

“Intermediary” programmers

I’ve started running more and more into what one could call “Hype” programmers.

It’s these folks (actually, it’s men, it’s always men) who have read all of hacker news, know all the greatest buzzwords and why you should use tech X over tech Y but have never actually shipped real things.

I should use this deployment strategy or this container orchestration software, but when you dig below the surface, they can’t tell you why.

I think the biggest indicator of someone’s degree of knowledge relating to technology is how many buzzwords they throw at you. The higher the number, the less they actually know.

Context is key when buying a car, in digital government or in PHP

I often find folks in tech to be very dogmatic. “Framework X is the best “, “Java is a terrible language”, “pineapple doesn’t belong on a pizza”, etc.

There seems to often be a lack of context when we throw out thoughts like that.

It’s a bit like someone asking you what’s the best car and you tell them a Ferrari. So they go and buy a Ferrari and they try to use it to move their family across the country.

I saw a talk by the creator of PHP Rasmuf Lerdorf looking back at the 25 years of PHP. If there’s one thing that everyone who’s been using PHP with version 4 knows is that register globals was a terrible idea.

For everyone didn’t code PHP way back in the day. Previously, if you had a GET or POST parameter such as ?test=random_string a variable called $test was created automatically with the value passed in. No sanitation etc. So if you had some code that let’s say checked if a variable existed, well an attacker could basically inject any variable they wanted. I (and pretty much everyone) always thought this was the dumbest thing.

In his talk Rasmuf talks about register globals. And one thing he mentions is that, when this was created, JavaScript didn’t exist….. That blew my mind. In that context it made much more sense! A whole attack vector just didn’t exist when it was created. Now I’m not saying it was a good idea even considering that but just learning about the whole context was mind opening.

I find that searching for the context behind decisions is at times missing in digital government. I’m working at CDS and when working with partners there are often technology decisions that will make people’s eyes roll (I’m sure I’ve been guilty of this as well).

I think those kinds of comments don’t help anyone. They certainly don’t help us understand the context in which these decisions were made.

It’s easy to shit on tech work in government, what’s less easy is really trying to understand the context that lead to these decisions. The constraints people were under, the requirements, the available resources. All those things we might not know about. Only after we’ve started to build a shared understanding of what the current context is can we, together, find a better solutions to serve people better

Don’t use SMS for 2FA

I’ve been travelling recently and it’s ridiculous how many banking or finance app will use SMS as a second step for login.
There are 2 big problems with this:

1) Usability: If you detected that my IP is out of the country, what are the odds that I’m not using my local SIM card?
2) SMS is super not secure!

Let me use an authenticate app or check if my machine has already logged in from my home country or something.

Using a Raspberry Pi as file server

I just set up a pseudo NAS with a Raspberry Pi 4 B and a random external hard drive we had lying around. I was really impressed with the Pi’s capabilities. Even when being used as a desktop it’s super snappy. The thing has 4 USB ports and 2 HDMI outs as well as Wifi 5 (AC) and a gigabit LAN (that maxes out around 300MBs).

I know how fast technology changes. Yet it’s so interesting to think back to 25 years ago when I had a Pentium 120Mhz with 16MB ram and a 1GB hard drive (That was huge!). I think I recall the tower costing something like 2500$ (over 4000 in current day dollars) in a big tower. And now this little thing has 250 times more RAM, 4 cores running at 1.5Ghz and with all the add-ons I bought with it was less than 100$.

At times it seems like things move slowly (Where’s my flying car?). And at other times I realize how crazy the next 25 years will be. (You know, if we don’t burn up the planet and all)