Re: [Jon Udell / Derek Robinson] Distributed HTTP, Beyond Napster

Date view Thread view Subject view Author view

From: Jeff Bone (
Date: Mon Oct 02 2000 - 22:06:43 PDT

Strata Rose Chalup wrote:

> Jeff Bone wrote:
> >[...] this sort of "race" between sysadmins, who
> > want to de facto control access to information resources
> Actually, Jeff, as a semi-reformed (and recently backsliding) former
> sysadmin myself, I have to say "bzzt!". We don't WANT to, we feel that
> we HAVE to in order to survive.

Ya don't have to school me on this one, I can sing that song. My first real
job was being an internal sysadmin for the then-700 person customer service
group at Sun. I understand the point and can, if I try really hard,
remember and empathize with the pain. OTOH, sysadmins can often be the
overly-enthusiastic small-town cops of the 'Net. As with small town cops,
they can be damage. Anything that retards adoption of new and useful tech
is damage; it will be routed around.

OTOH, you seem like a reasonable sort. :-) Would you poke an identd-size
hole in your firewall if I were your user? The question isn't academic at
all; I'm the CEO and lead investor in my current company, and my best
friend is our defacto sysadmin, and yet we've had yelling / screaming fits
about this kind of issue. And I'm unwilling to pull rank-and-experience,
because after all part of what I pay him to do is own that problem domain.

The problem is that the "close all roads" method --- which is the only thing
possible given the current blurring and shuffling of stack levels in our
current Internet architecture --- is a blocker to certain kinds of
progress. I just want a way around that that satisfies all parties
involved. I don't ever want to be in the business again of trying to
convince firewall vendors to open ports by default for new (or old)
protocols, or educate / convince sysadmins of similar. You can't roll out
new tech to corporate America profitably given those kinds of constraints.
Given that, everything has to be RPCs over HTTP; further, traffic flow
*has* to be bidirectional over organizational boundaries, and *has* to
happen outside the sphere of sysadmin influence. (Remember: a big part of
the reason the Web took off was it enabled, for the first time, smaller
internal IT groups to deploy new services without a single administrative
chokehold in or outside the organization. Got box? Got web server.)

> Sysadmins are continually held responsible for information resources by
> higher management, whether or not they have any actual control over
> content, security, etc. So it becomes a matter of sheer CYA to try to
> control any information services in an organization. That way you have
> some chance of keeping it working, or starting with a known-working
> state when it breaks.

Attack the politics, don't play the game. Esp. with larger corps, this CYA
mentality is why smaller competitors can totally run laps. If it impairs
*anybody's* productivity, security is a loser. (But then, this is totally
in keeping with my "personal responsibility" personal political philosophy,
I guess.)

> "You certainly can do that, but first please put it in email, print it,
> and give me a signed and dated copy for review by my management." For
> really good stuff, it's "

That company is a dead company. By far the largest challenge facing
businesses in the next decades is adapting to the ever increasing rate of
change. Decision-making has to be decentralized, and autonomy has to be
pushed out to the edges, in order to cope with it. This is why corporations
"ossify" as they get larger. (BTW, anyone looking for a good business book
read should read _Maverick_ by Ricardo Semler. It's the best business book
I've ever read, barely beating out Guy Kawasaki's _Selling The Dream._)

> [Just FYI, these are all examples from PAST employers, thankfully...]

Been there, seen that. The happiest day of my life was in 1990 when I moved
over to the dev group and lost the pager I'd been saddled with for the first
6 months I was at Sun. (Well, maybe not happiest, but close.) Still, the
symptom and the resolution are out of sync.


Date view Thread view Subject view Author view

This archive was generated by hypermail 2b29 : Mon Oct 02 2000 - 22:23:41 PDT