A mystery signal….

One of my hobbies is Amateur (HAM) Radio. Recently I’ve started picking up a mystery signal that is interfering with local 2-Meter and Air-Band radio signals. I’m wondering if anyone out there knows what this mystery signal is? Here’s what the signal looks like in SDR# on a RTL Dongle:

And here’s the .wav file of what it sounds like:

The Anti-Interview for Introverts

A recent article on Forbes, titled “The 10 Best Jobs For Introverts“, got my attention –  I found it curious that software developers were not on list, but I also wondered: How do companies interview Introverts for Geoscientists or a Court Reporter positions? It got me wondering if people tend to have pre-conceived notions about what the interview process is and how it should work? Does it vary much by industry?

Over the years I have had the opportunity to work for some great companies and with amazing people, each workplace unique in its culture and industry. While the process varied in the initial email or phone screening,  eventually the one common step was to bring me in for that formal interview.

Ugh. Take the entire day off. Shave, shower, put on the suit and tie, parade into a conference room and fend off the barrage of questions that run the gamut from theoretical to why you left a company 5 years ago. I’ve come to dread it. I know, it is a formality, eventually you have to show up and let folks get to see you in real life. But does the process have to be so stressful? Can it be relaxing? Fun? Educational? Can I be the one asking most of the questions? I have to sell myself but so do you.

Here are my 5 key items for what I call the “Anti-Interview”:

  1. First, you have to understand that I’ve done quite a bit of research already about the company, the products and services, and the people who work there. Sites like Glassdoor and LinkedIn can have a wealth of information on what your interview process is like, if your employees are happy, and whether or not compensation expectations match up. I’m going to have questions. Lots of them.
  2. Let me show up in the same level of dress my future co-workers do every day. If they are rocking flip-flops, shorts, and a t-shirt, I want to as well. Chances are you won’t see me this dressed up again. I’m going to feel more comfortable dressed casually and hopefully you are too.
  3. Conversations during informal meals and activities are ice-breaking and ground-breaking. There’s no pressure to provide definitive answers to questions, and the conversations can flow more freely. Interested in a challenging project I’ve worked on? That goes well with a burger and a beer. Want to know if I’ll be a good fit for the team? Pair me up with your weakest Foosball player and lets do best of 5 tournament.  Want to pitch me on your next big product? I’ll do best with a large whiteboard and a couch to kick back on.
  4. I depend heavily on “knowing where to go to find the answer” if I don’t know if off the top of my head. My strength is problem solving not memorization. Recalling parameter orders for PHP functions is a exercise in futility and I always get inner and outer joins mixed up when writing out  SQL queries.  I’ve been working in the industry for 15+ years but the code flows from my mind to fingertips, not from my mouth.
  5. I feel much more comfortable in one on one sessions and small groups. When I come to work with you If I run into a roadblock it’s more likely I’ll swing by an individual’s office or desk, not round up the entire team into a conference room for 20 questions.

So I pose this question: What do you call this informal process? Are companies doing this? Do you feel this way too? What are your thoughts on Anti-Interviews for Introverts?

Lone Star PHP 2013 – An introduction to the Secure Software Development Lifecycle.

This June I attended Lone Star PHP 2013 in Dallas, Texas, and presented “An Introduction to the Secure Software Development Lifecycle”. The presentation was an introduction to the Secure Software Development Lifecycle, including requirements and design, development, testing, and acceptance. I also covered topics such as implementing ‘Least Privilege’, ‘Policies and Standards’, and ‘Defensive Coding Practices’.  We also discussed operational aspects and risk mitigation.

Here are the presentation slides and sample code.

SurgeCon 2012 Notes

Mainly for my own reference….

* godaddy: culture of fear – not open – need to talk about failure
* “choice and voice” driving change
* big data – churn
* experience / availability / performance / scalability / adaptability / security / economy’
* wearable computing = a big thing.  really?


[Scaling Pinterest]
* it will fail, keep it simple
* amazon ec2/s3 worked well
* pro/con limited choice means working within confines/planning
* mysql, very good support from Percona
* memcache + redis
* clustering vs sharding
* few failure modes = simplicity
* failure modes: data rebalance breaks, data corruption replicates, improper balance, data authority failure
* dont approach sharding too early, end up denormalizing, harder to add features
* objects and mappings – object tables and mapping tables, queries are pk lookups or index lookups: no joins
* data does not move
* no schema changes required, index = new table
* Service Oriented Architecture: conn limits, isolate functionality, isolate access (security)
* Scaling the team
* search / feeds / followers <- services
* kafka / hadoop – log every action, snapshot dbs, run analytics.


[they own the pipes]
* round trip latency is the killer
* reduce number of requests to 1
* cert size (1024 vs 2048) and buy a ‘better’ certificate? — less “chained”
* optimize tcp stacks / ack[nowledgement] segments
* dont run or allow ssl2 / old ciphers
* DTLS: SSL w/o the TCP mess – rfc6347


[arch behind fast dns]
* ttfb (time to first byte)
* ttfdnsqr (time to first dns query response)
* many http optimization ignore dns impact
* reduce multiple domains
* dns needs: better.. redundancy, routing, design.
* down/slow server in delegation = bad (need a healthcheck/load balancer for roundtrip banding)
* unicast (bad) vs anycast (good)
* delegation uptime matters
* hot potato routing
* backbones and routing: ospf/igp (link state / metrics) and bgp (distance vector)
* mix igp (ospf) with bgp. ospf floods routes, ibgp stacks adjacencies formed in ospf
* depend on igp route metrics
* data sync and monitoring (same ips in different spaces)
* two networks: anycast facing out towards users, unicast data replication in between the application
* enemy = complexity, avoid multi-level delegation,  pick right ttls, put dns hardware close to userbase
* peeringdb.com
* automated detection, manual changes to route around congestion in asia
* openbfd echo daemon on github
* ecmp: multiple links between routers, load balance at layer 3 level.


[scaling in the cloud at cost and sla]
* make solution as cloud provider agnostic as possible.
* SOA architecture, multi-datacenter, minimal cross-DC traffic
* config mgmt (puppet,chef,etc)
* monitoring (nagious, cacti, graphite, etc) w/ basic alerts (cpu,load,memory,qps,latency)
* service transport (http, thrift-rpc, native: memcahce, redis, rabbitmq)
* load balancers (haproxy, varnish,nginx/apache) and ELB (AWS Specific)
* GSLB global server loadbalancing (between datacenters) route users to nearest DC
* DNS/BGP/Anycast/cookies/user-config
* instance sizing (go 64bit)
* tweak garbage collection and memory settings
* deploys (phased) w/ health-checks
* failure detection, retries, fuzzing, queuing
* tagged deploy units (easy rollbacks)
* keep expensive operations local to region/ datacenter
* nodejs “hiveway” caching proxy + triggered updates (look for BrightTag to open source soon?)
* do aggregate roll-ups at once (1 min, 5  min, 1hr, etc)


[mysteries of a CDN Explained]
* find/send user to closest node (beat speed of light)
* ip geotarget / anycast dns
* cdn shield / middle tier between cdn origin and cdn pop
* check out ganglia2 / arista switches
* DSA (non caching cdn / http keepalives voodoo)
* fastly github version of apache
* sysctl values (2 to adjust – ref slides)
* short ttl = survive flash traffic




[who needs clouds? ha in your datacenter]
* simple not easy, open not closed, logic not magic
* linux-ha (load balancer)
* IPVS IP Virtual Server
* litmus_paper (open source – github.com/braintree)
* big_brother
* pacemaker
* “thundering heard” and adding resources
* load balancing the load balancers
* OCF (open cluster framework)
* IPaddr2 script


[realtime web – dirt in production]
* find video on web about shouting at disk drives
* voxer PPT app
* DIRTy apps tend to have a human in the loop
* mobile devices at the edge – network transience causes connection state issues.
* illumOS (Joyent)
* Application Restarts = cascading latency bubbles
* if app cant keep up with with tcp backlog, syn packets get dropped
* how to measure / monitor how close we are to the end of the tcp backlog queue?
* github dtrace / tcplistendrop.d
* slow disk i/o – cloud multi-tenancy (running backups, benchmarks) – no insight
* zfsslower.d tool
* dtrace scripts to drill down into particular areas
* heatmap tool (https://github.com/brendangregg/FlameGraph)
* identify latency outliers
* memory growth: whats in the heap? leak (and then where!)? app growth?
* libumem


[zero to 500k qps – scaling appnexus]
* servers + perl + zen = cloud
* auction-based ad-serving
* batch-based change processing
* simple http communication between processes
* packrat log streaming app
* netezza (tupac/icecube), hadoop/hbase (wutag/quest), graphite (real-time)
* netezza vs vertica vs hadoop
* keepalive dns over vendor loadbalancers
* maestro / api driven infrastructure / runbooks


* site architecture:
– load balancer (assigns a webserver)
– webserver (hiphop asssembles data)
– services / cache / databases on the backend
* scaling meta tips
– scale horizontally
– iterate quickly
– ‘gatekeeper’ to stage and rollout code / select what subset of users see
– instrument the world
– “claspin” tool – high-density heatmap viewer for large services, find needle in a haystack, drill down.
– “scuba” tool – in memory datastore – key/value pairs, slice across different sets
– rtwatch tool (realtime watch) – select specific data points, see connections, identify outliers
– ODS tool (operations data store) – site health / key metrics
* scale your tools
* take ownership
* automation: sophisticated systems / failures are common / automate carefully
* faster deployments: central server is bottleneck,  use bittorrent (opentracker)
* challenge: how to restart services quickly enough w/o impacting users
* distributed shell system to run commands on multiple systems at the same time
* fbar tool – facebook auto remediation (write ‘recipes’ or scripts to fix an issue) (think playbooks for NOC engineers)
* fbar uses API + plugins (monitor, config, hardware, etc)
* automation pitfalls: masks systemic problems, cascading failures, unknown actors, cultural fear
* culture wrs: keep teams small, work on most leveraged problem, move people around, constantly prioritize
* scale ops: invest in the people
* ops focus areas: availability, reliability, operation,  efficiency
* roles  to watch out for: the butler, the adversary,  the beautiful mind, the godfather
* fix more, whine less.


[changing architectural foundation w/ continuous deplyment]
* arch needs to change with the business over time
* “boxed” software only gives you 1 chance to deploy
* CI not good for infrq changes /hardware changes/etc
* “culture before tools”
* other people always around to help
* unit tests + functional tests + manual tests
* nagios + naglite2
* “super grep”  -> tail -f | grep
* “deployinator” on github
* graphs: ganglia / graphite
* overlay deployments / code changes with graph stats
* statd (github)
* logster (github)
* “feature flags” allow deploy w/ subset of users to see/use
*  a/b testing for interface changes and to prove interest
* ci pattern: change in small steps.
* dark launch by config. iterate in prod while dark
* maintain old and w in parallel
* ramp up new arch, remove old
* minimize bug hours, trash the schedule, iterate on the tools.


[monitoring and debugging nosql inpruio]
*blekko  (new search engine)
* conventional monitoring can  too noisy
* monitoring tips: subject = most important  info and body needs enough info to login
* ‘turds’ info in /tmp/ (e.g. output of ps/free/etc)
* be aware that problems clear up
* system hangs destroy evidence on reboot
* wrapper cron jobs
* roll up alerts (ex: 57 alerts that are the same = 1 email)
* “audit” the monitoring system
* statmover.com and saturnalia db
* write your own oom killer and trigger before oom fires
* am i thrashing (swap monitoring)
* identify broken, move out of rotation, flag for follow-up
* automate with scripts common failure recovery tasks
* “beach certify” common tasks



Insight into getting conference proposals accepted..

Recently in a conversation on Twitter the topic of what a successful conference proposal – one that gets accepted – looks like, came up. I thought I would expand upon the conversation and the “3 key takeaways” advice I gave, by providing the raw submissions I entered, in this case, to PHP Tek 12, as well as some lessons learned and additional commentary.

What it takes to get accepted.

  • Luck – Yes this is a huge factor, and in the case of PHP-Tek, they make a concerted effort to include a percentage of new presenters each year.
  • Exposure – You need to flush out your ideas at your local user groups and online. Build up not only your presentation skills, but hone what you present to your audience.
  • Relevance – Stay recent and don’t be afraid to cross (programming language) boundaries.

What my proposals looked like:

The format for PHP-Tek 2012 consisted of a web-based submission system which allowed you to enter proposals under the following inputs:

  • Title
  • Description
  • Notes (for the organizers)
  • Keywords
  • Talk Type (regular or Training)
  • Difficulty Level (Beginner, Intermediate, Expert)

Here (from the text file I used to gather my thoughts) are my submissions:

Moving in for the kill – how to position yourself for the job market, what to focus on, what to look out for.
desc: Moving in for the kill – how to position yourself for the job market, what to focus on, what to look out for. This will be a talk covering the current state of the job market (with a focus on PHP developers) and a walk-through of how to super-charge you job search, including some tips and tricks, and also what to watch out for. I will also focus on the social networking aspects and working with recruiters.

notes: Discussing some tips and tricks and things to look out for based on my experiences while looking for a job on the market.

keywords: job, recruiter, tips & tricks talk

type: Regular Talk (1hr)

difficulty level: Beginner

Graphing real-time performance with Graphite – http://graphite.wikidot.com/
desc: Graphing real-time performance with Graphite – http://graphite.wikidot.com/ This presentation will take an existing open-source project (done in php) and cover how to integrate performance monitoring to identify areas that could be improved through code refactoring or database tweaks.

notes: Going to take a open source project and show how to integrate graphite to identify performance bottleneck

keywords: performance, graphs, integration

talk type: Regular (1hr) difficulty

level: Beginner

php://memory and streams for scaling
desc: php://memory and streams for scaling This presentation will be an overview of using php://memory to store data during application runtime. We will cover the benefits over traditional methods and also some drawbacks.

notes: Would like to play around with php://memory to show how it can be used to improve performance – just thought this was a neat feature that most folks wouldnt know about.

keywords: php, memory, performance, streams

talk type: Regular (1hr)

difficulty level: Intermediate

Devops: Silver bullet or pending disaster? – What to lookout for.
desc: Devops: Silver bullet or pending disaster? – What to lookout for. DevOps is all the rage in many circles but is this approach a silver bullet or a Titanic failure for your organization? We will cover some of the pros and cons of integrating cross-functional teams and how it can help your employees and your business grow – or fail miserably.

notes: Thought I would take my previous experience from the ops/support side and highlight things to consider when building out teams, how to integrate monitoring and performance, etc.

keywords: performance, monitoring, devops, support

talk type: Regular (1hr)

difficulty level: Beginner


You’ll notice that the details are very high-level. That is for two reasons (In my case):

  • You don’t want to overwhelm the organizers with too much information.
  • In some cases your presentations might be still be in the ‘idea’ stage.

Conference Jitters.

One of the lessons I came away with from this experience was:

  • Have material ready. You can *never* have enough.
  • Be prepared to show up and rework your entire presentation.
  • If you think your presentation is too ‘code’ heavy then have high-level slides ready.
  • If you find yourself coming up with time left over, have code ready.
  • Engage your audience with every slide. Ask questions, take questions.

Feedback and Postmortem.

For me the most inspiring aspect was being “on the other side” of the conference. I’ve always been an attendee and this was my first time presenting. Be prepared to take (critical) feedback and be humbled by it all. Also: Remember, In most cases you are there on the dime of the organizers and the attendees. They came there to see you and others like you. Make sure you are accessible not only to the feedback you give during your presentations, but during the conference as well.

So how do you get accepted?

The best advice I can give is to practice, practice, practice. Get out and present at local user groups, do a screen-cast or online presentation, expand upon an idea. Attend other presentations not only for ideas but for hints on what works and what doesn’t.  Contribute to an open-source project. Blog. Tweet. These are the in-roads to being successful in the (php) community and at conferences.

php://memory Redux

I recently had the opportunity to speak at my local Baltimore PHP User Group and gave a presentation on php://memory and php://temp along with some demos, including one on frequency analysis. Below are the linked code samples and presentation..

php://memory Redux

Code Samples: https://github.com/nanderoo/php-memory-redux

Presenting at PHP|Tek 2012

The schedule is out for the PHP|Tek conference: #Tek12 and I’m excited to announce that I have been selected to give two talks:  Graphing real-time performance with Graphite and php://memory and streams for scaling .

If past years conferences are any indication, like the past tutorials and sessions, this year will only be eclipsed by the un-conference and after-parties. As I have come to learn, the real magic at conferences like this happens in all the space and time between whats on the schedule!

Make sure to follow @mtacon and the #tek12 hashtag on Twitter. There is also a #phptek channel on FreeNode  up around the time of the conference.

Graphing real-time performance Graphite:

Code Samples: https://github.com/nanderoo/php-graphite-demo

PHP Memory and streams:

Code Samples: https://github.com/nanderoo/php-memory-demo

Dreams of disaster at SurgeCon 2011

I recently attended Surge 2011 and thought I would publish some twitter notes and thoughts about the experience. This was the first conference I’ve attended in some time that wasn’t focused on a particular language (like ZendCon) and it was great that Surge was held right here in downtown Baltimore.

Day One

Node js / Chef / Riak

nanderoo Neal Anders Really wish I could be in two places at once for the #riak and #chef training today at #surgecon – until then it’s time to hack some node.js

– riak

rustyio Rusty Klophaus by nanderoo Riak 1.0 shipped! So much good stuff is in this release: blog.basho.com/2011/09/30/Ria… #nosql #basho #riak
nanderoo Neal Anders Great News! Was stuck compiling #erlang RT @seancribbs: @nanderoo We will have pre-built installs for Mac, deb/ubu, centos. #riak #surgecon

– chef

jtimberman Joshua Timberman by nanderoo Chef Repository used in the Chef Training at SurgeCon 2011: github.com/jtimberman/sur… #opschef #surgecon
nanderoo Neal Anders Have to say my favorite session so far today at #surgecon has been the node.js hackathon – bummed I didn’t attend the #riak session.
keithf4 Keith Fiske by nanderoo Can definitely tell who’s tweeting from #surgecon with autocorrect. Lot of “risk” training going on.
nanderoo Neal Anders In the Chef Training (presented by @opscode) at #surgecon
nanderoo Neal Anders #surgecon “your system is running low on virtual memory” twitpic.com/6rydk1
nanderoo Neal Anders @dlutzy @saschabates Would have to check with the #mongodb folks on that – I’ve only seen it partitioned into slices. #surgecon #pizza
nanderoo Neal Anders #surgecon pizza != webscale – should have gone with @nathenharvey for sushi
nanderoo Neal Anders RT: @JonWChicago: LUNCHException: pizza not found. #surgecon yfrog.com/g0x7pzj
nanderoo Neal Anders Pizza and hacking node.js at #surgecon nom nom
nanderoo Neal Anders Anyone know whats on the menu today for lunch at #surgecon ? All this node.js talk is making me hungry. #NoBreakfast


Ben Fried – Keynote Address:

solarce Brandon Burton by nanderoo “The hallmark of a professional is a dedication to self improvement” Ben Fried #surgecon
dje Darrin Eden by nanderoo root cause of scalability failure: cultural #surgecon
richparet Rich Paret by nanderoo Google’s Ben Fried: industrial era notion of org scale via job specialization needs to be discounted. #surgecon
solarce Brandon Burton by nanderoo “cult of devops!!” #surgecon
dje Darrin Eden by nanderoo scalability requires generalists and deep, end-to-end understanding. #surgecon
freire_da_silva Alexandre Freire by nanderoo Root cause of google’s ben fried’s disaster porn: scaling the organization by specialization! Nobody knew the whole system! #surgecon
joshu joshua schachter by nanderoo i am gonna start a CS journal where to get published you have to include your code. because i don’t believe this shit works half the time.
obfuscurity Jason Dixon by nanderoo “If you save it until the last minute you only need a minute to fix it.” #surgecon
obfuscurity Jason Dixon by nanderoo Disaster porn. #surgecon

Artur Bergman – A journey throu the full stack in search of performance and reliability:

solarce Brandon Burton by nanderoo “everything is shit. (but you should make it better)” paraphrasing @crucially #surgecon
solarce Brandon Burton by nanderoo Circular sharding. It’s webscale.
saschabates Sascha by nanderoo Artur Bergman: the most colorful speaker at #surgecon
solarce Brandon Burton by nanderoo If *you* didn’t fix it, it ain’t *fixed*. –@crucially #surgecon
nanderoo Neal Anders Why I attend conferences like #surgecon : @crucially ‘s “full stack” session is all meat and potatoes so far – #deepdive #nofluff #nohype
nanderoo Neal Anders In Artur Bergman: “A journey through the full stack in search of performance and reliability” at #surgecon

Hubert Fonseca and Andre Calvani – Using complex event processing to gather information from infrastructure:

nanderoo Neal Anders In “Using complex event processing to gather information from infrastructure” by Hubert Fonseca and André Galvani at #surgecon

Maxwell Luebbe, Dr. Jia Guo, and Raymind Blum – Google group session:
solarce Brandon Burton by nanderoo “everything is shit. (but you should make it better)” paraphrasing @crucially #surgecon
solarce Brandon Burton by nanderoo Circular sharding. It’s webscale.
saschabates Sascha by nanderoo Artur Bergman: the most colorful speaker at #surgecon
solarce Brandon Burton by nanderoo If *you* didn’t fix it, it ain’t *fixed*. –@crucially #surgecon
nanderoo Neal Anders Why I attend conferences like #surgecon : @crucially ‘s “full stack” session is all meat and potatoes so far – #deepdive #nofluff #nohype
nanderoo Neal Anders In Artur Bergman: “A journey through the full stack in search of performance and reliability” at #surgecon

Robert Treat – Address vendor weaknesses in user-space:

nanderoo Neal Anders Headed over to “Addressing Vendor Weaknesses In User-space” by Robert Treat #surgecon

Panel Discussion – Pushing big data to the cloud:


Day Three

Theo Schlossnagle – Architectures for real-time data:

peschkaj Jeremiah Peschka by nanderoo Fantastic talk by @postwait at #surgecon
nanderoo Neal Anders “write in c, its a cleansing experience” via @postwait #surgecon
nanderoo Neal Anders 350,000 metrics per second – impressive. #surgecon
solarce Brandon Burton by nanderoo “we don’t use Ruby. Our stuff works” @postwait #surgecon
nanderoo Neal Anders “debugging in a distributed system is like playing Russian Roulette” via @postwait #surgecon
solarce Brandon Burton by nanderoo “In “two” months, you may not be able to build the next thing, because you’ll be maintaining the last thing you built” @postwait #surgecon
nanderoo Neal Anders”sharding isnt magic, it is traumatic” #surgecon via @postwait
nanderoo Neal Anders Ready for “Architectures for real-time data” by Theo Schlossnagle but I think my 1st cup of coffee was decaf so I’m only half-here #surgecon

Baron Schwartz – Extracting scalability and performance metrics from TCP traffic:


Mike Panchenko – Building cloud service on a cloud infrastructure:


Wez Furlong – Practical lessons learned in scaling at Message Systems:

chrismunns chrismunns by nanderoo The MessageSystems talk at #surgecon is one of the best. Really interesting architecture. Good job to the speaker
nanderoo Neal Anders “its awesome and its really technical” via @wezfurlong #surgecon
nanderoo Neal Anders Hmnn… “images with a high proportion of skin-tone” #surgecon
nanderoo Neal Anders Post-lunch food coma, just in time for @wezfurlong ‘s “Practical Lessons Learned in Scaling at Message Systems” #surgecon

Rob Cope – Cloudbursting with Amazon EC2 and SQS:

nanderoo Neal Anders “Design for the ‘one in a million’ occurrence.. it happens all the time in the cloud” #cloudbursting #surgecon
nanderoo Neal Anders “SIDS – Sudden Instance Death Syndrome” … “dont even ssh in, just shoot it in the head” #cloudbursting #surgecon
nanderoo Neal Anders Great Tip: Auto Scaling – Set cap to prevent bankruptcy! #cloudbursting #surgecon
nanderoo Neal Anders “Cloudbursting with Amazon EC2 and SQS” by Rod Cope #surgecon

Geir Magnusson – When business models attack:

nanderoo Neal Anders In @geirmagnusson ‘s session – Best slide so far: the one where he showed prod traffic and noted the load testing spike. #testprod #surgecon
thommay Thom May by nanderoo Wondering if @geirmagnusson is going to get a “fn(x) is hiring” line into every slide 🙂 #surgecon
nanderoo Neal Anders “When ever someone uses bullet points in a presentation, a kitten dies.” #surgecon
nanderoo Neal Anders “When Business Models Attack” by Geir Magnusson up next for me at #surgecon
nanderoo Neal Anders Scoring @geirmagnusson ‘s session in my top-3 for #surgecon
papa_fire Leon Fayer by nanderoo One of the best talks of #surgecon by @geirmagnusson to finish it off right! Already looking forward to next year.
nanderoo Neal Anders Does everyone at #surgecon know that @geirmagnusson is hiring? He’s hiring.

– closing session:

nanderoo Neal Anders Closing Session for #surgecon

wezfurlong Wez Furlong by nanderoo Another great #surgecon wrapped up. Props to @OmniTI for gathering a great crowd of tenacious thinkers and doers!

ryancnelson ryan nelson by nanderoo “…point to the place on the doll where the Operating System touched you.” #surgecon

cdferry Chris Ferry by nanderoo So fucking true – “This is why Systems Administrators are angry” – “Packaging other peoples software” #surgecon

Additional Notes:

There where a few articles that came out about the conference

cschammel Chris Schammel by nanderoo Another article about #surgecon on gigaom: goo.gl/cacZg
cschammel Chris Schammel by nanderoo Article on Ben Fried keynote at #surgecon: goo.gl/Pvjiw
keithf4 Keith Fiske by nanderoo Surge 2011 on Slashdot – tech.slashdot.org/story/11/10/01… #surgecon

– no mobile site

– outdated website / breakfas

nanderoo Neal Anders Plenty of coffee and power outlets at #surgecon – no sight of the continental breakfast yet though? #hungry

nanderoo Neal Anders Love the setup for the vendor hall w/ breakfast. Great way to get your munch on and talk w/ folks. #surgecon twitpic.com/6sbzze

– set hard stops for presenters

– links to presenter info (twitter / website)

– video / content online (why not till january?)

– irc channel

nanderoo Neal Anders #surgecon channel up on #freenode for those interested.

– noted tweets:

_tr TR Jordan by nanderoo Give your developers root on production. I think this is the third time I’ve heard this, this time by @beamrider9. #surgecon #gimmeroot
obfuscurity Jason Dixon by nanderoo Another great #surgecon, but what happened to all the failure stories like we had last year?
brennor42 Brennor by nanderoo Sensing some deja vu from yesterday’s sessions… disks suck, networks suck… #surgecon
saschabates Sascha by nanderoo #surgecon emergent theme: complex systems cannot be effectively diagnosed without smart generalists who understand them end to end
cdferry Chris Ferry by nanderoo Push responsibility to the edge. Developers must be on call. Sys Admins should be escalated to. #surgecon
_tr TR Jordan by nanderoo “When the developer deletes the server, what should you do?” “First thing, give them a hug. They probably need it.” #surgecon
dje Darrin Eden by nanderoo If an alert doesn’t have a link directly to a playbook it goes straight to the incident commander. [ed. brilliant!] #surgecon

DenishPatel DenishPatel by nanderoo Interesting method for Software Development ! 1. Build V1 quickly 2. V2 “correctly” /cc @katemats #surgecon
obfuscurity Jason Dixon by nanderoo “If you could do all that why isn’t it automated?” “The short answer is FEAR.” #surgecon
davezwieback Dave Zwieback by nanderoo “Specialization is for insects”. RT @solarce: Was @bfnyc inspired by elise.com/quotes/a/heinl… ? #surgecon

Grandescunt Aucta Labore

Update: In case the point wasn’t subtle enough, I have accepted a job. The notes below are my initial brain dump of the other interviews I had leading up to this. Thanks to everyone so far with the outpouring of support.

I thought I would share some of the experiences of the past 4 months. My hope is that you might find the information, especially related to the job market and my job search, insightful. I’ve also decided to keep the names of recruiters, agencies, and employers anonymous wherever possible.


There are many great challenges one faces in life, and for me my most recent one began in earnest in July of last year when my wife found out that the drug-research company she was working for was closing down their office in Durham, NC. In October the opportunity of a lifetime  presented itself in the form of an offer for her to carry on her research at Johns Hopkins University in Baltimore, Maryland.

And so it began…

The Good

First and foremost I have to give great praise for my employer and my boss. When my wife and I decided on JHU I was immediately forthcoming, upfront, and honest with the decision and ramifications. My boss took the news with understanding and compassion and I consider myself very fortunate to work for a company that has such amazing leadership. It speaks highly to the culture they encourage and the mentorship program they have which I found such tremendous value in.

Second, there were some great people I encountered along the way that really kept my hope alive. Thank You. Thank you for reading my resume, for taking the time to talk with me and understand my situation and goals and for being honest and upfront. While not all the opportunities were the right fit it was your professional and courteous demeanor that stood out. These qualities were ultimately key influences in the decision on the offer I accepted.

Third, I couldn’t go on without reaffirming the power of friends, community, and networking. Sometimes you just need to hop on IRC or Twitter and vent or proclaim. Other times it’s a beer and hot wings shared with a recruiter or former co-worker. Let folks know what’s going on. Remain positive and up-front and keep everyone up to date with where you are. You might be surprised by the connections that get made and the words of encouragement that come unsolicited.

The End Result: You’ll go to this face-to-face interview. Maybe it goes well, maybe it doesn’t. Don’t take bad news/feedback as a loss, but as invaluable input on how to improve your search. The good interviews that lead to job offers will in retrospect seem so obvious.

The Bad

If you have been at this for awhile you start to pick up on telltale signs that the person who just called or emailed you hasn’t even read your resume. It’s as obvious as the subject of the email describing a position for a skill-set you don’t have, or the way they lead into the phone conversation and pitch vague details on the job or client. Sometimes these are great opportunities in sheep’s clothing, and other times they are wolves.  Push for as much information as possible early on, be direct and drive the conversation.

Be prepared for the “recruiter-spam” flood. It’s hard to avoid and will almost certainly drag you down if you are not prepared for the onslaught. There are some great people out there who are hard workers. There are also allot of people who search on wild-carded skills and mass-select and email every match they find. Sometimes these folks work for agencies that scrape multiple job sites for resumes and keyword-match and hand out lists for them to cold call. This shot-gun approach is the worst possible way to find a great candidate and your needs and ambitions are never in their best interest.

I found that a ‘canned recruiter response’ that is easily copy-and-pasted into a reply email is the best way to politely handle the large volume of these inquiries. Be polite but clear in this response on your high-level career goals, marketable skill-sets, and commute-range or telecommute stance. From my experience you’ll here back from about 10-15% – and they will acknowledge your existence and are polite about your response. The rest you will never hear from again.

The End Result: You might find yourself actually doing a face-to-face interview at some prospective employer. My experience has been that you’ll look back on this and categorize it as part of “The Ugly” and learn to hone/filter out better  “The Good”s.

The Ugly

And then there are the scumbags and outright scams. This ate on my soul in words I can’t describe. It sometimes came in the form of a forged email from a job site, in others a call (or two or three or four back-to-back) from different folks who all sound like they are calling from a bar or cramped convention-center hall – the background noise is a huge red flag. If they are using call-sheets or can’t tell you which job site they found your resume on, hang up. If they are the 2nd or 3rd recruiter to call you in a day about a position that you saw and applied for already last week, let them know you have already been submitted, and leave it at that. Don’t divulge the details of who or when or how. Be firm, polite, and don’t return the follow-up calls from “the account rep” over the person you just talked to. Again, big red flag.

There are a number of other indicators that may come up that would flag this as a bad deal. Do your research, make sure you get the full name, phone number, and website of the person who called you “out of the blue”. Check out their website. Look at the jobs they have posted and where their offices are. Use Google Maps ‘Street View’ option to see if  they are in a rundown warehouse or in a respectable looking office building or office complex. It could be a clue.

The End Result: If you find yourself doing a face-to-face interview in this situation, it’s not an interview, you have been suckered into the “also ran” corral so someone (with less skills, drive, salary requirements, and experience than you) can seem more promising and make the potential employer think they are getting a great deal from the other candidates they have seen. Chances are you are the 2nd or 3rd person this recruiter agency has rammed through and you are just there for show. Recognize.

…And that’s it for this post. Share your thoughts in the comments below..

toArray() with Doctrine 2 and Zend Forms.

Based on a couple of assumptions (like ‘NS’ is your library that handles the Doctrine Entity Manager) ..in your abstract class, will need 2 methods:

 *  A way to force eager loading.
public function forceEagerLoad() {
    return true;

 * Returns the object and its properties as an array.
public function toArray() {
    $tmpMergedMappings = array();
    $tmpFieldMappings = array();
    $tmpAssocMappings = array();
    if(!$this->em) { $this->em = NS::em(); }
    $testObj = $this->em->find(get_class($this), $this->id);
    $testJob = $testObj->job;
    $tmpFieldMappings = $this->em->getClassMetadata(get_class($this))->fieldMappings;
    $tmpAssocMappings = array_keys($this->em->getClassMetadata(get_class($this))->associationMappings);
    foreach($tmpFieldMappings as $fmKey => $fmValue) {
        if(is_object($this->$fmKey)) {
            if (get_class($this->$fmKey) == "DateTime" ) {
                switch ($tmpFieldMappings[$fmKey]["type"]) {
                    case "sndatetype":
                        $tmpMergedMappings[$fmKey] = $this->$fmKey->format('m/d/Y');
                    // handle any custom types..
                        $tmpMergedMappings[$fmKey] = $this->$fmKey->format('Y-m-d H:i:s');
            } else {
                // presume the default _id mapping...
                $key_id = $fmKey."_id";
                $tmpMergedMappings[$key_id] = $this->$key_id->id;
        } else {
            $tmpMergedMappings[$fmKey] = $this->$fmKey;
    foreach($tmpAssocMappings as $amKey => $amValue) {
        $tmpKey = $amValue."_id";
        switch (get_class($this->$amValue)) {
            case "Doctrine\ORM\PersistentCollection":
                // dont do anything with these right now..
                // Trigger the loading via the proxy.
                if(method_exists($this->$amValue, 'forceEagerLoad')) {
                    $forced = $this->$amValue->forceEagerLoad();
                } else {
                    // Note: these classes dont have/inherit a forceEagerLoad() method,
                    // or we are trying to call it on something not set yet.
                if($this->$amValue) {
                    if($this->$amValue->id != null) {
                        $tmpMergedMappings[$tmpKey] = $this->$amValue->id;
    return $tmpMergedMappings;


..and then in your Zend Controller action, say for editing:

public function editAction() {
    $id = $this->getRequest()->getParam('id');
    $role = $this->em->find('NS\Role', $id);
    if(empty($role)) {
        // handle error
        return $this->_helper->redirector->gotoUrl('/role');
    } else {
        $this->view->role = $role;
        $this->view->form = $this->roleForm($role->toArray());

..and your form can look something like this:

public function roleForm($data = null) {
    $form = new Zend_Form();
    // id (hidden)
    $id = new Zend_Form_Element_Hidden('id');
    // name
    $name = new Zend_Form_Element_Text('name');
    // description
    $description = new Zend_Form_Element_Text('description');
    // submit button
    $submit = new Zend_Form_Element_Submit('Save');
    if($data) {
    return $form;