An entry from a year ago might be useful to some readers. While my primary motivation was to decry the DST changes in coming years, many have found the graph helpful in understanding what DST is all about.

The CYA Application Security Model is the practice of implementing so-called security obstructions primarily to absolve the vendor from blame if something goes awry during everyday operations. This model is usually sold under the pretense of improving user education, or encouraging safer application usage, but that's of minimal actual concern (in reality the opposite outcome -- more risky application usage -- is probable).

An example of the CYA ASM in action is one that pops up a seemingly endless stream of confirmation "Are you really sure you want to do that?" dialog boxes, warning the user against doing what should be completely normal, benign activities.

This pestering, progress-inhibiting assault of a million warnings and confirmations application behaviour is certain to cause the user to enable a "turn off all security" mode (for instance adding every site to "trusted sites" in Internet Explorer), paradoxically making the security situation infinitely worse, but for the vendor this often the desired outcome: At least then they can smirk and blame it on the userbase if what should be a harmless activity compromises their machine.

Didn't you heed the "The Internet could be harmful to security!" dialog box when you attempted to connect to the internet?

Despite the fact that cameras are ubiquitous, we're still doing a terrible job capturing the photographic/video history of the world around us: While there's probably over a million photos of every single animal at the zoo (sidenote: zoos should have a professional photographer that goes around each day taking a photo of every animal. Each of the tens of thousands of visitors can stick their memory card into a kiosk, downloading all of the day's pictures, saving themselves the trouble of trying to get "personal" photos of animals doing nothing, clouded by scratched and spit on lexan), I doubt the street in front of the zoo is archived in any reasonable form at all.

Construction happens, disaster happens, time happens, and the world changes. Soon you're wishing you could demonstrate how that area that used to be farmland is now a cityscape, or how different the corner looked before the hurricane, and so on, all while wondering why you have a photo journal packed full of shoddy pictures of every zoo animal.

We're closer to this dream now that GPS-driven geocoding is starting to appear in a small number of products, coupled with utilities and web applications allow you to manually Geocode photos (the former is enormously more useful than the latter. People just aren't good at manual processes when their buy-in is marginal, especially highly precise applications like longitude/latitude). This is useful in that sites like Flickr are now allowing you to search and view pictures by geographic location, so there might come a future point when every street corner is covered. I wrote about my wish for this a year ago.

Now we need to do the same thing with video.

While the individual frames of video are lower in quality and resolution than a good quality digital camera, it does have the benefit of many, many frames, making it much more likely that a subject of interest will be caught.

It would be interesting to have a site where users can contribute "street videos" - A video tour down blocks and streets, categorized by time taken, direction, speed, and of course street (preferably segmented out by blocks). You could make a "trip" by combining the videos of many people. As years pass you'd be able to contrast videos years or decades apart.

There are plenty of practical uses as well: Most days I drive through a complex interchange (sometimes called "the junction") here in the GTA. It's a poorly laid out set of split-offs requiring last second lane changes for people who aren't accustomed to it, and every day (every couple of seconds, actually) some touristy sort slows to 20km/h while they try to come to grips with all of the signs, causing traffic chaos for thousands. It'd be nice if they could do a "trial run" through the interchanges video video clips.

I don't have the time or the inclination to make such a site, so there you go: A free idea! Then again, don't people claim that ideas have no value ayways?

Seth talks about the manipulation and gaming of blogs and meme sites, which I mention because the same topic -- opinion swarming & vote stuff, is one that I've written about previously, and I remain very interested in observing it in action. 

A while back I posted a complaint about the lack of native spellchecking in the major browsers, stating-

In the forum and blogging world, it would be beneficial if more tools supported convenient and efficient automatic spell-checking (the fact that no major browser has incorporated native TEXTAREA spell-checking thus far is a travesty. Any of them could have a killer feature if they simply added Word-like squiggly underlining of suspect words, with easy alternative corrections). As it is, many tools have nothing at all, and the few that do often host a ridiculously unintuitive, hacked-in partial solution.

For those who like release-quality software, salvation is at hand: Grab yourself a copy of the just released Firefox 2; an already brilliant browser that now also supports native data entry spellchecking, with little squiggly (or at least dotted) lines under suspect text, and a suggested list of alternatives.

Finally!

Hopefully this improves the quality of spelling on the net.

And to head off the inevitable comments, no, the lack of spellchecking clearly hasn't somehow improved spelling (usually argued under the "it makes you work harder at it, therefore growing spell-muscles" explanation). Given that our brains learn spelling by example, even those of us who care are misled by a constant stream of misspellings. With the addition of finger-wagging little squiggle-lines, perhaps the purity of the language will improve.

It doesn't analyze grammar, pointing out errant uses of too or to, whether it's a possessive apostrophe rather than a contraction, or help in the endless "that isn't ironic!" debate, but at least it's a start.

The best browser gets even better.

The well-known Hanlon's razor states-

Never attribute to malice that which can be adequately explained by stupidity.

While it's a seemingly pessimistic perspective on the capacity of one's fellow human, it is an undeniable truth that we often mistake carelessness, thoughtlessness, or outright ignorance as malicious intent.

Yet it's a more serene existence -- to the benefit of one's lifespan -- to simply assume that the person who dangerously cut you off on the road, for instance,  is just a moron deserving a bit of sympathy, rather than considering him or her a roadway foe challenging you to a deadly battle of wills.

From a software development perspective, however, I think an inverted variation would serve the industry well.

Never blame others until adequately considering the possibility of your own (negligence | carelessness | stupidity).

As a general rule, the denizens of the software development profession -- it certainly isn't limited to this profession, but given that it's the general focus of this blog it's the one I comment upon -- have a tremendous capacity for assuming the worst of others, far before considering the unsavoury prospect that maybe -- just maybe -- it's actually their own mistake or lack of knowledge that's the cause of the issues they face.

It is far too common to cast a wide net of blame, declaring that Microsoft's products are screwing up, the documentation is all wrong, the server is malfunctioning (maybe because of cosmic ray particles toggling memory bits), the installation tool is a dud, and one's coworkers are surely idiots insidiously and maliciously changing code just to make one's brilliant code poetry fail to achieve its momentous glory.

After such hand-waving, blame-weaving dramatics, in most cases the developer realizes that they skipped an obvious step in the instructions, or they forgot to get latest of the entire branch, or they were copying the wrong file or looking at the wrong folder or running the wrong executable, or they were using the class entirely wrong, or they completely misunderstood how the operating system security system works, or they set a global setting a week back that completely changed how the application functions, or they ignored the email and documentation and group meeting detailing system changes, and so on.

They quietly retreat -- don't expect a retraction -- until they repeat the same mistake the next time something doesn't go exactly as imagined.

I've met these people in the industry. I've worked with these people. I've been one of these people.

I think we can all relate to situations where we've railed against a company, a product or a person, only to have the embarrassing realization that we were simply doing something dumb.

And it's not even that doing something dumb is noteworthy: We're humans, and we're bound to make mistakes. The problem is that we often don't even give a moment of time to even the possibility that we could be at fault, instead just assuming the worst of others.

It's far more beneficial to both productivity and team morale to have a little bit of self-doubt in these situations: Assume the worst of yourself before assuming the worst in others.

Epilogue

After hashing out this entry, I wondered why it wasn't appearing on the public blog. After berating various products and services, I remembered that I recently outsourced my DNS (for the reasons described here, using the service recommended by a reader), and forgot to add an entry for the FTP server. Whoops.

As a completely offtopic aside, one of the reasons I switched DNS providers was to have support for a domain SPF record. While it does nothing to stop the tide of pump-and-dump investment scam spams, at least it allows those recipients utilizing the service to immediately dump-bin those that claim to come from yafla (I get about 100 bounces a day, and who knows how more actually get through), knowing that the from: address was forged.

We -- specifically the humans among us -- are a very uncreative bunch.

While we excel at refining existing ideas and solutions, we're extraordinarily poor at creative, original thought.

And I'm not just talking about business, scientific or engineering creativity: Even in the realm of the creative arts (writing, art, music), many practitioners are simply absorbing (being "inspired by") what others are doing and then making it their own.

In a way we're all unintentional, subconscious plagiarists, and while we often don't even realize it, many of our "original" ideas are nothing more than refinements (or degradations) of those that we've come across elsewhere at some point in our time on this Earth.

Other times it's completely accidental.

Many of the great inventions in science, mathematics, medicine, and healthcare, for instance, weren't scientifically pursued with an engineering discipline, but were rather accidental discoveries (usually stumbled upon while searching for a slightly better way of building a different mousetrap).

And sometimes confused communications yields innovation.

Many of my best ideas weren't the result of quiet time in deep contemplation -- in fact I've found intentional, focused thought to be terribly unproductive -- but rather were the wonderful benefit of the bad habit of not paying complete attention to presentations or media.

Quite a few times I've glanced over an article or casually listened to a presentation while distracted; drawing inferences and conclusions based upon what I think is being presented to me. As my mind casts it into a workable solution, I've often found that what I visualized bears little correlation with what was actually described.  A few inputs, and the presumption that it's a logical solution, fooled my brain into creating new solutions out of nowhere, in a way that I could never have done otherwise.

This, I suppose, is the foundation for brainstorming sessions. It's the reason why it's often productive to randomize all sorts of product or business ideas and them merge them into seemingly bizarre combinations (I created this "How Will You Get Rich?" tool as a joke, but was surprized to find me actually stopping on some of the supposedly joke suggestions, imaginary scenarios where they would work).

How do you innovate? How do you engage the lateral thinking part of your brain, thinking up creative and novel solutions to problems?