Friday, December 3, 2010

TSA, Thanksgiving Travel and Me

After reading all the articles on the risks of the back-scatter technology (never mind the privacy implications) and watching the videos of screaming children getting "enhanced" pat-downs, I was nervous about traveling for this Thanksgiving holiday in the US. I was ready to 'opt-out', but wasn't sure how I felt about the "enhanced" pat down.

Back in October I received an 'old-style' pat-down from a male TSA agent in LAX. I was fine with it. I did not feel violated, nor did I feel that the agent was missing out on anything by not feeling the underwire in my bra.  The agent was friendly, apologetic for the inconvenience and even found a place he could search my bag where I could sit and watch (my injured knee wasn't up to doing anymore standing after a day at the Women's Conference).

Then I saw the videos of the screaming children and I suddenly became very uncomfortable with this. Many women, including myself, (and men) have an event in their past when they were touched/fondled/groped/etc in an unwelcome manner. To have to relive that moment in public at the airport just to travel is unsettling.

So, very nervous, I entered SJC on Thursday morning... only to find most of the back-scatter machines turned off. The one I saw in use was being used to scan a women's personal wheelchair - I couldn't help but think that was a perfect use for the scanner!  The woman, like all travelers in wheelchairs, was receiving an 'old-style' pat down.

I went through, like everyone else, in the same fashion I have for years - removed my belt, watch, shoes, jacket, liquids, laptop and medications...*whew* and "simply" went through.

It was the same on my return through Seattle. One machine was on, but people could just choose to go through a different line. No questions asked, no extra screening.

What made me angry was all of the main-stream news outlets, including our local KGO, reporting that the back-scatter machines had not slowed down the lines. The main report I heard was that passengers would rather get the scan and get through quickly.

But that wasn't true at all. The machines were not on. The "enhanced" pat-downs weren't happening.  How dare they say the launch weekend was a success when they were not using them?

That's a waste of our money and a gross misrepresentation of the events. I'm afraid Bruce Schneier has it right - the TSA is not going to back down, because they'd seem like idiots.  Another example of how lobbyists for manufacturers are shaping policy, instead of policy shaping manufacturing.

The TSA is inconsistent at every airport I go to. During that trip to LA, the TSA ID checker screamed at me when I approached his podium with my traveling companion.  He would not begin her screening until I returned to behind this blue line, which was difficult as the entire line had already moved up.  Yes, I can read (but thanks for pointing it out) the sign saying to stay behind the line until he was ready to process us - I just assumed that, like every other airport, you could go up with your entire party.  At least the agent that had to do my pat-down in LAX was friendlier.  Oh, yeah, in Seattle, they actually have a sign on the podium directing people to be at each side - they can process you faster if you come up with your entire party or 2 at a time (even with strangers).

Another disconcerting thing I noticed: no where to do a private screening if requested!  Why not have a few privacy screens up?  They could be set up like a maze or other formation to take up the least amount of space while still providing privacy (and room for your witness, if requested).

Boy, am I glad I'm not flying for Christmas!

Sunday, November 21, 2010

Adam Carolla and Me

I guess it's safe to say that I am a huge Adam Carolla fan. I've listened to him on Loveline, watched him on the Man Show and the Adam Carolla project, listened to his CBS radio show, and never miss a podcast (even listen to Car Cast, where I am actually learning about cars).

That being said, I couldn't believe I didn't know Adam Carolla was coming to San Jose! On Thursday afternoon, I caught a tweet from the San Jose Improv and canceled our previous plans and asked my husband if he wanted to come with me (as I was going, alone or not!)  We got there early for dinner, which got us front row seats.  It was like having a private conversation with the Ace man for nearly 2 hours. He was funny, charming and brought lots of new material to the stage.  Having the extra component of a slide show (so we really could see exactly what Adam was ranting about) made it all that much more entertaining.

I even nodded along as Adam ranted at me that, as a woman, I need to know that when my husband just starts saying "will do. will do.... will do." (ala Dr. Drew Pinsky), it means he wants to get off the phone.  Don't worry, Adam, I promise I will!

Adam Carolla

I am a good/bad audience member (depending on your perspective), because if you're funny, I will laugh uncontrollably. Thursday night, I nearly went into coughing fits due to my manic laughter :-)

If you get a chance to see him live, don't miss it. It's a great show and Adam takes the time after the show to meet, greet, sign books, and take pictures (as long as you're quick!)

Get it on!

Oh, and thanks to my husband, for being indulgent, riding his bike home at a frantic speed so we could make the express train to San Jose, and holding my place in the autograph line while I ran to the bathroom :-)

Friday, November 19, 2010

Security Friday for Oracle Solaris 11 Express 2010.11

Dan Anderson, performance guru extraordinaire, has written up some great articles on enhancements he made to the Oracle Solaris Cryptographic Framework for Oracle Solaris 11 Express 2010.11:
Both are great reads and a good window into the innovation we are still doing on the Oracle Solaris Cryptographic Framework team. Thanks, Dan!

Wednesday, November 17, 2010

Dancing with the Stars mini-rant & question...

Spoiler Alert.... if you didn't watch last night, then don't read this.

Before I start my rant, anyone know who the dancers were for Annie Lennox's "Universal Child" performance? They were amazing!



Bristol Palin somehow, yet again, was at the bottom of the leader board and sailed into the next round - this time, the finals!  Sure, she is charming and an "every day person" - not a celebrity (but, why is she on Dancing with the Stars in the first place if not for being famous?). I get that. She seems like a wonderfully sweet young woman, but her dancing is not up to par. Routinely she freezes in the middle of the routine and stops dancing, and yet she makes it into the next round.

Last night she claimed that her success of moving forward was not politically motivated, yet there are actual political sites running 'Vote for Bristol' campaigns.  Come on people, this is a dancing competition! I've always loved it for not turning into a popularity contest, and it's worse now that a contestant is moving forward based solely on her mother's political affiliation.

Okay, it is only a TV show, but one I really enjoy watching. Great music, great performances and real personal journeys without fake drama.

... for now.... :-)

Tuesday, November 16, 2010

Neil Young's LincVolt has gone up in flames

I was sad to hear the news today that Neil Young's 1959 Lincoln Continental that he had converted into a hybrid caught fire and burned up. Seems that not only is this neat car that Neil brought to the Sun Menlo Park campus for a visit gone, but so are some of his other memorabilia from his long and interesting career. Luckily, nobody was hurt and the team seems to have learned something about the charging system.

Oracle Solaris 11 Express 2010.11: Trusted Platform Module

Wyllys Ingersoll wrote a great post today on the new Trusted Platform Module, and the plugin, pkcs11_tpm.so, that hooks it all into the Oracle Solaris Cryptographic Framework in Oracle Solaris 11 Express 2010.11.  You can enable and disable the TPM provider via cryptoadm:

# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_tpm.so
/usr/lib/security/$ISA/pkcs11_tpm.so: all mechanisms are enabled.

# cryptoadm disable provider=/usr/lib/security/\$ISA/pkcs11_tpm.so mechanism=all

# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_tpm.so
/usr/lib/security/$ISA/pkcs11_tpm.so: all mechanisms are disabled.
# cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_tpm.so mechanism=all
You can find out more about configuring the actual TPM device over on Wyllys's blog.

Monday, November 15, 2010

Wow, Solaris 11 Express is out the door!

It's hard to really describe all of the cool things that have ended up in the Oracle Solaris 11 Express release that came out this morning. I mean, you've all heard about the new packaging system, new installer, and encrypted ZFS, but what about all of the other smaller things that have gone in over the years?

Like sedimented strong crypto algorithms - so customers no longer have to manage separate packages and patches?  These were installed by default as of Solaris 10 09/07 (aka Update 4), but I took a very different approach for Solaris 11 - removing those old packages from the OS and making strong crypto just part of all the basic modules. This greatly simplified the Oracle Solaris Cryptographic Framework source code and enabled a lot of projects to move forward, like libsoftcrypto and several projects in OpenSSL.

For the rest of this week, I'll try and highlight other Oracle Solaris 11 Express security features that we've all worked very hard on getting into this release.

Monday, October 11, 2010

GHC10: Friday Keynote, Barbara Liskov, Another Perspective

I did not originally blog on Dr. Barbara Liskov's Friday morning keynote, but found while writing up my trip report that many of the things she mentioned had really stuck with me so I wanted to share with a wider audience.

First of all, Dr. Liskov was an amazing and energetic speaker - enough to keep 2000 jet-lagged women wide awake through an intense technical walk through the history or structured programming languages at 8:30 in the morning. Fascinating and inspiring!

My notes mostly come from my twitter feed, as well as Teri Oda's, and the Grace Hopper Conference wiki. Hope you get something from them as well!

Friday morning was full of extreme technical talks, beginning with the 8:30 AM keynote from Barbara Liskov, Professor at MIT and 2008 ACM Turing Award Winner.  Dr. Liskov regaled us with the evolution of programming languages by describing a series of must-read papers and the advances she made to this are of the science.  She started in computer systems, and in those days, it was the job of the programmer to make up for the lack of
system resources and under provisioned systems.

Dr. Liskov's advice:
  • "Reading programs is much more important than writing them." (she notes people will be reading your program for years to come and you only write it once - comment!)
  • "Don't try to work on a problem when you get too tired. The solution won't come to you until you're rested."
  • "Programmers think in terms of programming languages...if the language supports and idea it's much more accessible to them."
Dr. Liskov's recommended papers:
Dr. Liskov was a pioneer in computer language development. Many of the concepts she was discussing with her peers in the 1970s are just now appearing in modern languages. When asked what her advice was on the best "first language", she said "Python is used a lot, but lacking features we
want students to learn. C# and Java have those, but are harder to learn."

[Update: Thank you, Kelly, for the additional papers!]

Friday, October 1, 2010

GHC10: The Power of the Purse: Making Our Collective Voices Heard

The panel started out with some great slides that showed how much more women use technology than men. Women make 70% of the consumer buying decisions, women dominate higher education (140 degrees per 100 for men), and women are more likely to work in health care and education, slightly more resilient to economic swings.

The panelists include Kathleen Naughton (HP), Cathy Lasser (IBM), Wei Lin (Symantec), Divya Kolar Sunder (Intel), Vidya Dinamani (Intuit) and Patty Lopez (Intel).

Vidya said that Intuit has done a lot of lab and in home studies about financial behaviours, and they find that independently men and women behave similarly, but when they are put together to work on things like taxes they see that men are very quick to answer questions while women take the time to understand the questions and make sure they are answering them correctly.

Divya, a recent new mom, talked about shopping for baby products and how troublesome it was to find a diaper bag that worked for both her and her husband and baby bottles that seemed more like mom.  She found reading blogs from other mothers, who seem to naturally want to share their experiences, help her find what she needed.

Cathy, from IBM, is actually researching how people shop online. Some of the things they have found is that people are much less likely to return items they've bought online, which makes sense as it's harder. One thing they thought women might like was to have an avatar of sorts so they can see how an outfit would look on them, but it turns out most women don't want to see a 3D image of themselves, so it actually discouraged purchases.  An audience member said she felt similarly about shopping in stores, that she didn't like how clothes looked there, but did at home, so she preferred shopping online.
I can get that - it seems many stores always have really awful, harsh overhead lighting that, even when I was a skinny teenager, made me look awful.

A few of the panelists than discussed their thoughts on online retailers doing data mining, mostly saying they are comfortable with this occurring as it so greatly improves their shopping experience.  There is some concern that the retailers need to store this and use it in a safe manner, though there doesn't seem to be a good way to check this and currently no standards to protect the consumer. Wei, who works in security at Symantec, disagreed. One of the behaviours she has witnessed that she finds disturbing is when you shop for a type of item at one online retailer and they go somewhere else, you'll get an ad for that item. It's not clear to the consumer if this is a legitimate service or spyware.

Cathy said that a lot more companies are listening to feedback from their customers to redesign things - like NorthFace jackets and providing covers for cell phones to brighten them up so they can be found in purses!

Wei wanted to share some best practices with us: never give out your password, never give out personal information, never open a link or attachment from a stranger, change your password (personal one, too) frequently, use malware and virus detection software from trusted sources, and don't use a debit card for online shopping.  Wei also recommends getting a password wallet to help you manage all these passwords, so you can frequently change your password. I would caution you to be careful when choosing such software, as it can also be malware, too! You don't want to make it too easy for the hackers! :-)

There seemed to be a lot of questions about security and best practices for privacy on the Internet, so perhaps the Grace Hopper Conference needs a security and privacy track next year! :-)

GHC10: Fighting Cyber Crime: Technology that Fights Crime and Protects Our Children

You have a 6 in 10 chance of being impacted by cyber crime, yet people worry way less about this type of attack than they do about snake bites or getting struck by lightening. Rhonda Shantz, from Symantec, is concerned about this general lack of concern. Other panelists today include Cristina Fernandez (National Center for Missing and Exploited Children), Sarah Seltzer (Microsoft), Les Nichols (Boys and Girls Club of America), and Erica Christensen La Blanc (CA Technologies).

[TRIGGER WARNING: Some of the content below, which has to do with exploited children, may make some readers uncomfortable or bring up painful memories. Please proceed with caution.]

The cool thing about these panelists are their incredibly diverse backgrounds that brought them all into areas that protect children. For example, Les was an architect (not in the sense that we think of in the software industry, but rather the type that designs buildings) and Erica started out in television!

Taking us straight to the facts, the panel lets us know that 62% of children are having some sort of trouble online (sexual predators, bullying, stalking, virus, malware) and only 45% of parents know this.  WOW! According to the National Center for Missing and Exploited Children, pimps are using social networks to try to recruit children and others into their prostitution rings. Only about half the children who are exploited online report to their parents, because they are afraid if they do tell, they will lose their Internet access. No matter how terrible it is being exploited or harassed online, it's not worth it to them to report because the typical parental response is to take the child off of the Internet. It's hard to imagine how important Internet access has become to our children - definitely something for parents to keep in mind.

The Internet, which makes all of our lives easier, has unfortunately made it 'safer' for pedophiles to get access to exploitive material and connect with other pedophiles that they can trade material with (peer to peer networking gone bad). Now technology companies like Microsoft, Symantec and CA are looking for technological systems to find inappropriate images, shut down servers and find the predators. While I've always associated groups like the National Center for Exploited and Missing Children with working on this issue, it is heartwarming to discover some really large businesses are helping to find these disgusting criminals.  The agencies that focus on children, unfortunately have little technology experience and have come to rely on these other companies to help them bridge the gap to protect children.

Norton provides a tool called Norton Online Family for free, which aims to help parents protect their children without overly restricting the child's access to the Internet. Boys and Girls club of America has My Club My Life for teens and Net Smartz, but that does require the children to voluntarily give up some of their online access but they are seeing children willing to do this.

Microsoft is working with Dartmouth on PhotoDNA, a fascinating piece of software that can identify inappropriate photos and permutations (resized, cropped, etc) in other places and help server admins take them down and find the perpetrators.

This is a truly frightening area for our youngest generation, and I'm glad to see some really brilliant people working on this!

GHC10: Computational Sustainability: Computational Methods for a Sustainable Environment, Economy and Society, Carla P. Gomes

Professor Carla P Gomes, faculty of Computing and Information Science and director of Institute for Computational Sustainability, is a pioneer in the field of computational sustainability.

In 1987, there was a UN report that first raised concerns about human impact on the planet. A follow-up report showed things like the biomass of fish is 10% of what it was 50 years ago.  We're over harvesting our planet and overusing our resources.  A 2009 report looked at whether or not we've crossed the tipping point, and it was looking grim. All these things inspired Professor Gomes to do further research in this area to see what we could do to help reverse the tide using the field of computer science. She strongly believes that computer scientists can, and should, play a key role in increasing our efficiency of managing natural resources.

Computational sustainability encompasses many disciplines like economics, sociology, environmental sciences and engineering, biology, crop and soil science, meteorology and atmospheric science.  There is a need to develop computation methods to model things in these fields, which will help resolve these problems.  This cross discipline model helps all fields learn new research models from each other, which is helping things in this area to progress.

One problem this field is addressing is wildlife corridors, which link biological areas allowing animal movement between areas. One of the issues here is that, while important for the the animals, there isn't usually much money available to buy land, etc, to set these corridors up so that animals in different national preserves can cross populate.  This is a computational problem - need to find the graph that has the best and cheapest path between the two places. While this is an NP hard problem, the computer scientists can simplify the problem by using the Min Cost Steiner Tree. Models are critically important in solving these problems and for addressing the issues of scale.

This approach allows them to handle large problems and reduce corridor cost dramatically, allowing the projects to actually proceed as opposed to being ignored or done with too much expense or in a sub-par fashion that won't help the animals as much as possible. Her work has been done for grizzly bears and wolverines.

Now she is working on assisting the recovery of a subspecies of woodpecker, by analyzing network cascades. They are buying up the land where the birds fly, then looking at the birds flight patterns and buying nearby land, which will help the birds spread their territory which will lead to increased population. The complicated issue is figuring out which land the birds will choose to spread to.

Further consideration is necessary for species interaction, as not all species interact in a cooperative manner.

They are getting help from the eBird project, at Cornell, which allows average folks to submit data about bird sightings. This helps them to learn where the birds are migrating and how long they spend in various areas.

Many of these concepts can also be applied to analyzing solutions to problems fought by very impoverished communities. For example, what will be more valuable to the impoverished? A chicken, improved roadways, or providing cell phones?

Back to the problem of over fishing, it seems to be caused by mismanagement. Professor Gomes is looking at models to help correct this mismanagement without causing any additional problems. Even after they figure out recommendations they need to get the fisheries to implement them. It is difficult to convince fishery owners that periodically closing the fisheries will actually lead to more fish when they reopen - you gotta give them time to reproduce and reach reproductive age!

Another thing her team is studying is the impact of fertilizers. While they do greatly increase the amount of food that can be harvested, they end up creating dead zones. On top of all that, they are also studying how to discover materials for fuel cell technology! These, again, Professor Gomes claims are problems for computer scientists.

Professor Gomes's research area is so incredibly broad! She shared with us, more quickly than I could capture, many of the different algorithms and approaches they are using to solve these problems. I got a great mini-introduction to all sorts of algorithms and data structures I'd never heard of before, like a spatially balanced Latin squares! She is an amazingly energetic, intelligent and passionate technical speaker and I think I could spend an entire day listening to her!

GHC10: Anita Borg Technical Leadership Award Winner Laura Haas

Laura Haas, IBM Fellow, has been recognized by the Anita Borg Institute and the Grace Hopper Conference for her outstanding contributions to technology. I am so happy to be here to hear her talk today on information integration!

Haas and her team are trying to tackle the problem of how do we get information to people when they need it? For example, if a doctor is treating a patient with cancer, she will need to find information on how this type of cancer has been treated in the past, how well the treatments have worked and access past patient records.

The challenges faced are that you have diverse data models, overlapping data, incomplete and often inconsistent data. Different people involved want different views of the data and needs and knowledge change over time.

In order to do data integration, you need to understand what is available, as well as what the data means or its intent. You have to set up the schema, figure out how to identify information about the same object and figure out what to do with missing or inconsistent data. You need to decide which problems you're trying to solve, and execute - and hope the customer doesn't come back and tell you that they really wanted something else entirely :-)

Dr. Haas started her career in 1981 at IBM and relational databases were just coming onto the scene. You no longer had to be a database wizard to write code to interact with a database - which broadened the concept of information integration. They even called it "eager integration" - as you could eagerly get as much data as you wanted.

She then started her work on the project R* (pronounced R-star), which was a distributed relational database management system. One query was allowed to access data in multiple, homogeneous relational DBMS. This type of system helped prevent data loss and helped to distribute queries and transaction management.  While the project did not have much commercial success, it paved the way for a lot of work in database systems and future products for IBM and her own future research.

Relational database technology was growing rapidly in 1984, a very exciting time for those in the industry.  Dr. Haas then joined the the Starburst team (no, not named for the "fruit" chews, but named as an extension of the R* project).  This was an extensible relational DBMS that allowed many types of additions - new functions, optimizations, indexes, data types, and storage methods. The best part of this? This project had legs - and became foundation for IBM's DB2 "for workstations".

Several people that worked on this project ended up being named Fellows or Distinguished Engineers, though she notes it took her a lot longer to get Fellow than her male colleagues and she had to earn many more accolades.  Dr. Haas recommends that you wrap yourself with the best team you can find, do not be intimidated if they are better or smarter than you are, as they will take you places!

Dr. Haas was able to take a sabbatical from IBM to study at the University of Wisconsin-Madison, where she studied with the brightest minds in database technology at the time (1992).

One of the new problems that needed to be solved in 1993, when she returned to IBM, was how to store images, videos and text that were starting to proliferate online.  Digital libraries start to emerge in this time frame and they eventually will leverage relational DBMS.  Customers were starting to want databases that could store multiple data types, so Dr. Haas and her team went to look back at concepts from R* and Starburst to solve the problem and started a new project... Garlic.

Why Garlic? Because Dr. Haas doesn't like acronyms, which IBM was famous for at the time, and she loves to cook. Garlic and chocolate being her favorite things - her old team thought if they renamed the team/project to Garlic, they'd get her to come back off of sabbatical. It worked!

Garlic was a data-less (object-)relational DBMS (aka virtual DBMS/federated DBMS). Had all the benefits of a high-level query language and all the features of the underlying data sources.  This not only became a product for IBM, but started two separate business units (Life Sciences and InfoSphere Information Integration).  Something that is very obvious listening to Dr. Haas speak is that once you find people you like working with - stick with them. You can do amazing things!

IBM was having trouble with integration, as people working in life sciences that were trying to work together wouldn't use the same database as their colleagues, so Dr. Haas's team worked on something called InfoLink to attempt to bridge this gap. Unfortunately the project was not a market success, but did help get IBM in the door at new customers and led to the InfoSphere suite - "a complete line of products for all your integration needs."

The longer Dr. Haas was at IBM, the larger her teams got - from a 10 person research team to a 120 person development organization and eventually to over 700 people (no team picture for that group... :-)

While this all sounds wonderful, there was still major problems that needed to be solved in 1999. As more people were adding federation to their systems, issues emerged. Set-up of federation was too slow and complicated, and while the development team had assumed users would be doing very simple joins/queries, but it turned out that complex queries were more the norm.

This lead to yet another project, Clio (not an acronym!) to do schema mapping by simply drawing lines! This opened up many more doors for IBM in the DBMS space and gave the researches many more ideas for future projects.

What impressed me most about Dr. Haas was the importance she gave to her team. She was so proud of each and every person she ever worked with, remembered their names and knew all about what they were doing now. Dr. Haas is clearly an amazing collaborator and it's not surprising that these brilliant people want to work with her.

What a phenomenal technical woman, very deserving of the Anita Borg Technical Leadership award!

Thursday, September 30, 2010

GHC10: Are You a Salmon, Too? BoF

This BoF, on gender discrimination and sexual harassment, started out in a very interactive style, when the panelists asked us to discuss amongst ourselves the following question: "When you asked to go to this conference, did people ask you 'When are they going to have a conference for men?'"  While nobody sitting around me got that exact response, we had various levels of questions from colleagues and management, like, "It's a women's conference, obviously not technical", "why do you need to go to a conference for women?", "why do you want to study hardware, I didn't think girl's were interested in that".

Sharon Mason, Rochester Institute of Technology, started out asking all of us to think about the experiences they were going to share with us and what we would do in these situations. Saying nothing, when you're confronted, is not the best option. This became a very interactive session.

Kristen Kielbasa, University of Albany student, gave us our first taste of strange behaviour from male colleagues. She was asked where she had just gotten some chocolates from, and when she responded "at the awards event for women", and her colleague responded, "Oh, we don't care about women". I guess even the enticement of free chocolate isn't enough to get a man to care about someone he works with every day.

Once the comments started coming from the audience, it became clear that it wasn't necessarily that these men don't care about women, as an individual, but that they don't understand how isolated women can be in technology careers and comments like that are not funny, but hurtful and further isolating. Some advice for responding to the above man were, "Does your mother know that?", "Why should 50% of the population make decisions for 100% of the technology user base?", "Why did you say that? What did you mean?"  Great conversation openers so the person you're talking to can think more about their own comments and start a discussion.

Sharon Mason, was involved with organizing a women in technology group lunch and a male fellow student said, sarcastically, "I'm glad my tuition is going to fund women's lunch. When do we get to have a men in computing lunch?"  Her response, which I think is fantastic, "Anyone, male or female, that supports women in technology are welcome to attend our lunches."

Jennifer Goodall, State University of New York, Albany, had a note in her .signature about the women in technology group she is involved in and it was included in an unrelated email she sent to a listserv. She received five bizarre email responses from men on the list, not at all about the message she sent, but about her .signature.  One of them said that it wasn't necessary for women to be paid the same as men, because they can just marry a man that makes more money than they do to supplement their income!

The general opinion of women in the room was that some people cannot be won over, are aggressive towards women in general, and are only looking for a reaction.  Though some did think that it may be a chance to take it as an opportunity to educate by asking an open ended question, like "what do you mean by that? Why do you think that we don't need more women in technology?"

As more women came up to share their stories, it became painfully clear that sexism and misogyny in the workplace and in universities are alive and well in present day. Some of the stories are clearly men that don't realize what they are saying may be hurtful or make women feel more uncomfortable, like "Wow, I can't believe there's a woman here."  Others are truly horrifying, especially when many of these men are just claiming that it's all just a joke, said in fun. I heard things like: "We only hired you because you're cute," "Someone might lose their job over this project, it's okay if it's you because your husband can take care of you", "I heard you like 'meat'".

Things to keep in mind, often women get higher grades and graduate at higher rates. We aren't dumb, we just hear it often enough in university and work settings and can start to believe it. Others recommend having the facts available, like "women don't actually have different admission standards than men at this school", "there are lots of women that made great technology advances, like ..."

Lesson for men: If you have to keep saying, "I was only kidding", "I only say this sort of stuff around you because I know you're cool with it", "Encouraging technical women just furthers the diversity gap", etc, please realize it is hurting and discouraging women. It seems these types of wounds take a long time to heal and may have permanent damage on retention of women in technology.

GHC10: Cloudy with a Chance of Security, Another perspective

I was excited to see one of the women I had breakfast with, Gerlinde Zibulski (SAP, AG), on the panel, as we were already having fascinating discussions on security and data privacy this morning.  Other panelists include Kore Koubourlis (Microsoft), Linda Berardi (StraTerra Partners, LLC), and Alyssa Henry (Amazon Simple Storage Service).

This panel starts out with a great explanation of cloud computing: you pay for what you use, not for provisioning the system. Great for smaller companies that want to be able to change platforms or other directions quickly.  Customers can focus on doing work, not trying to piece together a system from scratch.

When it comes to security and privacy, you need to think about things like how long can I store this data? How securely does this data need to be stored? What countries can this data be stored in?  Compliance obligations can make this that much more complicated.

By storing your data in the cloud, you can leverage resources of the cloud, like disaster recovery set up, backups, penetration testing, etc. While individual organizations may say they'd like to do these types of things, and they might even have plans to do so, cloud providers have to have this all set up before they even put the cloud online. This is what you're buying from them, it's part of the service.

A funny thing is, while people are often afraid of putting things in the cloud, they actually discover that they have a much better idea of what is happening in the cloud with all the logging than they do for their internal network. There is a big problem with these internal unknown server, with the lack of logs and analysis: you might be paying people to maintain servers and applications that are over provisioned or just not used! True, you could add this type of auditing to your internal servers and applications, but will you?

Because cloud computing was so criticized a few years ago due to inadequate security, you'll often find the security on these servers is much better than anything you would provision yourself. Cloud providers know now that they are being constantly scrutinized, so they have to be secure. The panelist put forth the supposition that they are more secure than anyone's internal servers, but that does kind of miss the point that at least internal servers are... internal :-)

Overall an interesting talk, though I would've like to hear more about how they secured their clouds (where instead there was a lot of why), but it's great seeing so many women that work in security in just one morning!

GHC10: Role of Usability in Security

Heather Richter Lipford, from University of North Carolina (Charlotte) and a high school class mate of mine, started out by surveying the audience to see how many bad habits those of us that should know better have: password reuse, falling for phishing, or getting a virus (lots of hands came up).  This is known as the weakest link property, where the people are the weakest link - but could it be because the systems are too hard to use? (this is a reoccurring theme at this conference, it seems). Ms Lipford asks, how to improve this? Consider ease of learning, ability to perform the task quickly, have a low user error rate and high user retention over time.

Some possible solutions to things like phishing would be to have spoof warnings in browsers, but it needs to be something that users will not only notice, but understand what it means. Unfortunately, people are now thinking that things like seeing the lock icon in the browser means the site is legitimate - when all it means is that the site is secure.  Phishing sites, it turns out, can use encryption, too.  Oops!

Dr. Lipford's research is showing that users greatly underestimate the risks and negative outcomes of their behaviour, particularly when it comes to balancing short term gain vs long term risks.

Mary Ellen Zurko, from IBM, talked to us about her specialty in cloud computing. She noted that she's seen a change in how customers interact with IBM. Years ago, customers trusted that vendors would make the product secure and they simply wanted to know about features. Nowadays, customers want to know how the system will be secured and how their data will be protected. This comes up a lot when it comes to cloud computing, perhaps because the data is no longer centrally located and people feel more vulnerable.

More recently, people have a growing concern about keeping their email address private than a decade ago, this is a strange concept for me, but the thought of no spam is nice ....

What is usable security?  UI designers need to be thinking about this usable security early in the design, make sure it's obvious and available to everyone, and avoiding surprises by anticipating future changes and addressing confusion and make sure you handle user mistakes.

Diana K. Smetters, from PARC/Google, started out by noting that more than 50% of the certificates on the Internet are wrong (this could be because they are expired, site address mismatch, invalid, etc), so all "rational" users who actually want to use the Internet are going to always click through!

You've got to meet the users half way (or more than that). For example, phishing attacks are a mismatch problem.  The browser doesn't know the user's intent, ie they don't know you don't want to go to the evil PayPal imitation site. One approach to this is to not use general purpose browsers for accessing sites like banks, but rather an application - but that only works if you can get the users to use the application! [Side note: not to mention having cross platform support.]

You have no idea what a user will find difficult, unless you do an actual usability study. You have to give up on what you think would be good for the user (no matter how right you know you are) and you have to think about all types of users.

Dr. Lipford came back to expand this to to privacy as well. She talked about photo sharing sites, where other people upload and tag photos of you. The problem is that you may not want to have these photos linked to your profile or online identity. The problem is very complicated, because it may not be that you don't want to share the photo at all, but just not necessarily share it with everyone in your network. It's not just strangers that people don't want to share with - it could be that you don't want people you work with to see you drinking that giant beer at a friend's party.  The thing is, even people who have had problems with photo sharing in the  past, still continue to share photos, because this is something we as humans love to do.

Dr. Lipford is working with her students on coming up with a photo sharing application that allows two-way feedback between the owner of the photo and the person tagged in it. That is, the tagged person could restrict who could see the photo and request to the owner that the photo be removed.

The panel recommends the book Security and Usability, O'Reilly 2005, and the Symposium on Usable Privacy and Security, for further information on this topic, and mostly to keep in mind that usability and security go hand in hand and need to be designed in from the beginning.

GHC10: Thursday Welcome/Keynote, Another Perspective

After entertaining us with a great video filmed at last year's Grace Hopper conference, they let us know that this year's conference sold out even before the early bird registration was meant to close and they still ended up with over 2100 attendees! WOW! I am so glad I registered early so I could be  part of the tenth Grace Hopper celebration!

Duy-Loan T. Le, from Texas Instruments, moved to America when she was 12 years old and didn't speak English. By the age of 16, she had not only mastered the language, but was graduating high school as valedictorian!  After being elected the first female senior fellow at TI, she vowed that she wouldn't be "first and last" and gave herself 15 years to help make another woman a senior fellow. Eight years later, she's still working on this goal...

Ms. Le talked about the great struggle of arriving here, becoming, in essence, deaf and dumb, as she didn't speak the language. She started working by babysitting and doing translation work, struggling to learn her school lessons at the same time as learning the language.  Through all of that, she somehow managed to graduate early. Continuing on that track, she graduated from college with her engineering degree cum laude at 19 years old.  By the time she was 20, she'd purchased her first house, bought her mother a house and gotten married.

During her first business trip to Japan in 1985, she noted that there were no women in the workforce. Any women seen were cleaning or serving tea. She asked us to imagine the look on the face of all those men when she introduced herself as the senior engineer that had been sent there to train them :-)

Realizing that she couldn't begin training these men with their preconceived notions, she spent the first two weeks of her four month stint learning about her hosts and her host country, and teaching them about herself as well.  She found that once they got to know her as a person and as an engineer, she was able to finally proceed with the training she'd been sent there to do.

Even with all this new technology we have at our fingertips, the only real way to build relationships, according to Le, is by starting the relationship with good old fashioned face to face. There was something she had been working of for two months, that had totally stalled. It was resolved in two hours once she flew out to the person she was working with.  You need to remember that it's not technology we're working with - it's people!

In order to successfully collaborate across the boundary of people, you need to have respect for those people, what they bring to the table and what they need.  Doing this will help you attain your goals and get respect from those you are working with.

What a very inspiring speaker!

Wednesday, September 29, 2010

GHC10: Collaborative Risktaking

Getting a bunch of engineers into a giant ballroom after a wonderful lunch filled with great conversation is hard. After much wrangling, we all got at tables of 10 and Dee McCrorey started us off with a really fun video taking a look back at women in technology and famous risk taking women.

Right off the bat, we're being asked to take risks at this conference: meet (and follow-up) with 20 new people, dance, and get interviewed for the Anita Borg Institute archives (and possibly used in future ABI events).  I've been meeting lots of very interesting women and getting business cards (or connecting my super cute Poken to theirs) - but will I follow-up?  Right now I'm going to say yes... check back with me :-)

Dee started talking about how the business world has drastically changed. For the first time, there are multiple generations working together on the same projects and that is changing the workplace as ideas are quickly exchanged.  Old style companies treat their people as exploitable, let legality stifle innovation and only focus on ROI, but that type of management style will not work in this new world of business.

In order to survive in this new world, you need to innovate, collaborate, be willing to take risks, be bold, responsible and able to measure your results.

At this point, we did our group activities at our tables. We started with scoring our pre-work, a worksheet on our risk taking style.  It was a strangely scored test, and we were all, apparently, responsible risk takers. :-) We were next supposed to do a team challenge, but instead my table started working on our own personal/career time lines...oops [Side note: several of us had trouble remembering order of events, except for the very tragic or very happy - ie weddings and deaths. The time line would've been excellent pre-work.]

Dee then brought up a calculus concept: an inflection point. This concept can be applied to your own personal and career peaks and valleys - these inflection points are personal and/or organizational shifts with the power to transform our lives (for better or worse). If you don't learn how to identify when these changes are coming down the pipeline, you are at risk for making a bad decision or poor career move that you'll have to work a long time to recover from.

Our next exercise was to work on our Optimum Change Cycle worksheet, which I had a lot of trouble with. Because I couldn't remember all my peaks and valleys from over the last 3 years, my time line was incomplete so then I had a tough time with everything that built onto that.  Fortunately, our table mentor gave me tips to work around this which helped me relax and get more into the activities. Dee, and others, were all talking about their personal cycle - for example, Dee said she is on a two year cycle - she needs some sort of change, or she might start sabotaging herself or career.  I don't think I have to have change on any cycle, as I'm often quite content to "stay the course".  I mean, really, I've been at Sun (Oracle now) for 14 years, and working on the same team since 2002. [Side note: one advantage of working at a really large company is that you can change jobs without losing accrued vacation and benefits, heck, you can even change your job without changing managers!]

As I was listening to my table mates, I got to thinking - I am not change adverse and can happily role with the punches, but I don't often seek it out. Does that mean my ship doesn't have a rudder?  Or is it something much simpler than that - a few years back, I lost my biggest advocate in our organization. Thing is, I didn't even know he was advocating for me behind the scenes, helping me get interesting projects as well as promotions. It was actually more than a year after he left that I noticed something was different, and my manager explained what I had lost.  So, what can I do?  Seek a new one out? Become my own advocate? Combination of both?

All that said, Dee says we've got to build safety nets, like networks of people to help and support you in your risks (the greater the risk, the greater your network needs to be). Beware of filling your network with just birds of a feather type folks, instead you want an innovation tribe - a diverse mix of people that can give you a mix of opinions.  Doing so should allow you to make better decisions more quickly.

Make sure you share the experience with others and feedback to your network of support. This can be down with short videos, emails, blogs, etc.

Towards the end of the session, our table mentor asked about how the session impacted us and what we'd do with what we learned. My table mate, Misti, mentioned that she realized she could really benefit from a semi-annual self assessment of her career and life - to look for those inflection points and make sure she's on track with her goals. I think that's a great idea and am going to commit to doing that for myself.  A lot of being a good and responsible risk taker means being aware of what you bring to the table and supplementing what you lack with a network of support.

What did you get as a take-away from this workshop?

GHC10: PhD Forum 3 UI/Education: another perspective

I love the PhD forums, as you get 2-3 short presentations on fascinating new work

In this session, Laurian C Vega started with her presentation on Usable Security in Practice: Collaborative Management of Electronic & Physical Personal Information. Ms. Vega is taking a unique stance of data security: that it's not the user that is the weakest link, but the systems that make it difficult for the user to act in a secure manner. For example, one government agency she spoke to had an application that required 60 different passwords to use it fully. Now, there's no way someone is going to remember that many passwords, so users will work around this by writing things down or reusing passwords. Systems need to be made with security and usability in mind.

She went to physicians' offices and childcare facilities in rural Virginia to see how they managed their data records. She found many still used paper, but in some ways it was more secure than digital records. Obviously, nothing was online, so that threat was eliminated, and the physical records were very strictly controlled, typically by the physician themselves or by the director of the childcare facility. The downside of such a system, though, is that archives and "backups" (ie photocopies) often end up stored in someone's basement, where access is not controlled.  So, there is something to be learned from the old way - both practices to initiate and to avoid!

Katherine Panciera presented In the Beginning: The Early Lives of Users in Online Communities. She had read a paper, Becoming Wikipedian, which talked about the evolution of a Wikipedia editor, showing that the more edits people performed, the more involved they got in the community. She wanted to see what she could learn about the users of online communities and how their behaviour would change over time. Much of her research so far has been on users of an interesting bike website, Cyclopath.  So far, she's found that power users actually show themselves within their first few days of using the site. It'll be interesting to see what further research shows.

Our last speaker was Lijun Ni presented Building Professional Identity as Computer Science Teachers. Apparently there is a lack of teachers in this country  that can teach computer science to high school students. For example, the entire state of Georgia has only 72 CS teachers! I wouldn't have even known about this problem, as it seems all the high schools (and even some of the middle schools) in the San Francisco Bay area all have CS teachers. Heck, even my high school in Indiana (R Nelson Snider) had a math/CS teacher back in 1990.

Ni's research shows that a major contribution to this is teacher retention - 46% of teachers leave the profession after only 5 years! This is so surprising to me, as it seems they are only working about as long as it took them to get their initial qualification to teach! The other major issue is that teachers who do stay are very resistant to change in their curriculum. Makes me wonder if anyone is still teaching Basic in high schools?

Ni's furthering her research to try to resolve those problems, and it seems she has a lot of work ahead of her.

Friday, September 24, 2010

Getting Ready for Grace Hopper 2010!

I am unbelievably excited about the Grace Hopper Celebration of Women in Computing event happening next week in Atlanta, GA! My bag is packed... well, over packed... need to fix that. I've got my laptop upgraded and set up to access my new mail server and my new business cards with my new phone number arrived this week! I put new batteries in my Dymo label maker and have two extra sets of tape for it - you'll be able to find it at the community table so you can add extra information to your badge (like your twitter feed, etc). I looked at the conference schedule and have already made myself a personal schedule with all the rooms for all the sessions I want to attend.  I need to make sure I don't forget my chargers and extra laptop battery.  Packed tea and my travel kettle and I pre-ordered a travel mug from the conference, so no need to bring my own. Oh, and my rain jacket, as thunderstorms are in the forecast!

I am really looking forward to attending the PhD forums on Wednesday, before the big conference kick off happens, and I'm thrilled that usability forums include issues like how usability impacts security of the entire system. I'll be sure to post my notes right away (unlike PBWC, GHC has prolific wireless access, so live blogging is easy).

I've already started connecting with other attendees, thanks to the twitter lists that @ghc is maintaining.

What are you looking forward to? Anything other unusual items to pack?

Thursday, September 23, 2010

Beers (and Bears) of Yosemite

I had the great fortune of making it up to Yosemite 3 times this summer.  Yosemite is the most beautiful place I've ever been, and you can't beat a campground within walking distance to a bar!

Yosemite bars serve Mammoth Brewing Company brews on tap, and you can also purchase them in every grocery store we checked (okay, that was just the one in Curry Village...).  I haven't seen Mammoth beers out here in the bay area, so was excited to try them the first weekend we were out.  I ordered myself a Double Nut Brown and my husband an Epic IPA.   The brown was a nice typical brown (which just might be my new favorite style of beer), rich, nutty, slightly sweet without being syrupy, with an incredibly smooth finish.  The Epic was much too bitter for me, typical of American brewers pushing for stronger & stronger flavored IPAs (as opposed to, in my opinion, nice flavors).  Much like its flavor, the beer itself was very strong. Of course, American bars so rarely list the ABV, so we didn't know 'til my poor husband woke up the next morning with a terrible hangover.

When we asked the barmaid on our next visit about the ABV, she believed the brown was close to 5 or 5.5% and the IPA, being EPIC, was closer to 8 or 9%.  Yikes, a warning would've been nice!

On another stay, we also tried the Mammoth Brewing Company Amber - lots of flavor in this one, a bit of honey,  caramel, hops and lots more carbonation (not necessarily a good thing when you are at altitude).

I didn't get to see any bears in their natural habitat this year, but did have the misfortune of camping at a site with a loose bear locker.  This black bear had obviously learned that if he banged on this locker, he could often get the food out. We had it padlocked, so that method didn't work, but didn't stop him from knocking on the locker. Fortunately, our neighbors chased him out of the site (we were in our tent).  The next night he came back, and this time I got to help with the chasing!  On the last day of that trip, the rangers treed that bear and we had a quiet night of sleep. This is when I'm glad we don't camp in grizzly country! *whew*

Progress!

So, on Tuesday morning, I went in for my reevaluation of my partial tear in my quadricep tendon - and the PA from Orthopedics said I could take the torture device, I mean, knee immobilizer off! No more crutches! Now I have a cane! I need some more decorations on it, though, it's pretty boring with just a couple of dinosaur and OpenSolaris stickers.

The best part is? I can wear jeans again! It was getting pretty cold to be wearing skirts (I couldn't wear tights or leggings, either, because the knee immobilizer had to be directly against the skin).

Actually, the truly best part is I can now sit in a chair like a normal person. The pain in my back and healthy leg are starting to recede now that awkward angle sitting (either sitting on the edge of the chair so my foot could rest on the ground or with my leg up on the CPU and the leg brace digging painfully into the back of my leg) and bizarre pirate walk are done with.

I started rehab on Tuesday and am learning how to walk again. I never thought I'd be one of those people that didn't move the opposite arm to the leg that's going forward (I've heard a dozen dance choreographers yell at people for this), but here I am consciously telling myself to move my left arm as my right leg goes forward. I guess walking with crutches for a month creates some weird coping mechanisms!

Thank you all for your good thoughts - I can bend my knee to 90 degrees - hopefully more as the rehab continues!

Monday, September 20, 2010

PBWC: Lunch Session with Safra Catz

One of the coolest things about this year's Professional Business Women of California conference was getting to hear Safra Catz, co-president of Oracle, give the luncheon keynote. As a recent Oracle employee, it was great to hear one of our fearless leaders speak so candidly to business women.

Catz didn't shy away from making comments about the Sun acquisition from the get go, when she introduced Oracle as a "30 year old software, well, now hardware, company". She went on to note, when it came to acquisitions, "I feel like Larry Ellison's personal shopper and I'm exhausted" and that she was very happy that Oracle was able to get Sun before anyone else did.

Catz shared her top ten list of things she wished someone had told her about earlier in her career:
  1. You can never be #1 by chasing #1. What is #2? The first loser. Aim to be best and be willing to work outside of the box to achieve it.
  2. Scale matters - the more customers you have the more you can spread your cost, but scale is different than size.
  3. Focus on what your real business is. Bigger is not better and you shouldn't expand and acquire things just for the sake of "growth" - target only areas that make sense for your business.
  4. If it doesn't make sense... it doesn't make sense! She prefers an acronym free zone and people that speak plainly and question things that don't make sense.
  5. Don't stand still. Making a few mistakes is better than making no decisions at all.
  6. Don't stand still, but don't chase fashion. Stick to your core.
  7. If you don't ask, you don't get. The only way to be certain that the answer will be "no" is to not ask at all.
  8. Just because everything can be put online doesn't mean it should be.
  9. Integrity is a perishable asset. You can recover from being stupid, but not from lying.
  10. The difference between having long term success or not is knowing you didn't do it alone.
Hearing Catz speak gave me a great insight into my new corporate home, and I'll try to keep her lessons in mind. Is there anything you'd add to this list? Things you wish people had told you sooner? (or, things people had told you but you really wished you'd listened to them?)

Something I continue to remind myself: try not to hold a person's past mistakes against them, and certainly don't hold your bad mood against them, either! What else?

Wednesday, September 8, 2010

Faultline Brewery

Had a work lunch at Faultline in Sunnyvale yesterday, which meant I didn't really have an opportunity to try all of their beers... but I did get to enjoy the cask conditioned Pale Ale. Unlike many Pales lurking in the marketplace right now, this brew had lively hops without overwhelming bitterness. It came in at a nice 5% ABV and the pint glass was even nearly full. It paired well with the daily special of blackened cod served over penne pasta with alfredo sauce, peas and bits of real bacon. The beer balanced out the spice of the dish and made for a very tasty lunch. Service was superb, especially for such a large group.

I did get to try the Belgian Abby style beer as well that a friend was drinking. Lots of citrus and a fine finish. I definitely want to go back so I can have a full pint of that.

This delightful Pale Ale brings up a great point: if you're a local brewer, you really need to invest in a beer engine (or two) to serve up cask conditioned beers. The natural carbonation and cellar temperature cannot be beat for enjoying a pint.

Friday, September 3, 2010

Adapting...

These last few weeks have been a big lesson in adapting for me. Vertigo, knee immobilizer, and an office move.

Life as an Oracle employee is finally sinking in - things are different. Some things are better, some are ... well, different. Packing up my old office in Menlo Park was quite a walk down memory lane - I found old CDROMs full of SunScreen source code, old Solaris install media, cards from friends, pictures of family, and stacks of old design notes.

I've moved around a lot in my years as a Sun employee, but my very first office was a double window office in Menlo Park (MPK17) overlooking the foothills - probably my favorite office to date. From there I went into Palo Alto (PAL1), Mountain View (MTV21), back to Menlo Park (MPK18) then back to my favorite building, MPK17. I moved back into Menlo Park 17 right after September 11th. Everything seemed so surreal, joining the OS group and working on a product with a seemingly endlessly large team. I couldn't believe how strict the integration standards were (and now, as a CRT advocate I enforce these and as chair I document them), nor how large the scope of our overall project was.

I sat across from a woman, Renee. And over the next 9 years, even as our offices moved, we were still across the hall from each other.

Now I'm in Santa Clara. I still have one box left to unpack. Renee is on the other side of the building, not too far, but not shouting distance either (of course, the rest of the people around me are probably grateful for this). The commute is nicer, though I'm further from my friends in San Francisco. I think I'll like it here.

About two weeks ago, I sat up from a massage and suddenly found the room spinning. No matter how long I sat, it wouldn't stop. Hours later I found myself visiting a doctor at Kaiser who diagnosed me with Benign Paroxysmal Positional Vertigo (BPPV) which is a vague diagnosis which basically means: "Something in your inner ear relocated. You're dizzy and you're just going to have to learn your new spatial environment". He performed the Epley Maneuver and gave me some exercises to do. So, I've been adapting to my new inner ear. It's taken awhile, but the dizzy spells are very infrequent and typically only happen when I turn my head upside down (like when drying my hair!). So, yoga is right out... oh, it was anyways....that knee immobilizer....

Apparently during my 105-mile bike ride for the American Lung Association, I partially tore the tendon that attaches my knee to my quadriceps. This knee has always had a tight quad, so swelling in my knee wasn't unusual. After a few weeks, though, of having it swell up every time I tried yoga or short bike rides, I made my way to Kaiser. Initial x-rays showed a perfectly healthy knee, but the MRI (which I had to wait more than 2 weeks for) showed the tear. Now I'm in a knee immobilizer. The device goes from just above the ankle to most of the way up the thigh. It needs to be worn directly on the skin, 24 hours a day. This means no jeans! I can wear short-shorts or skirts. Thank goodness I have a lot of skirts! I can walk with crutches (which results in sore ribs/hands/shoulders), or kinda like a pirate (which results in sore back). I alternate. I'm adapting.

I have a long recovery ahead of me. I can already see the muscle in the effected leg melting away. I don't know when I'll be able to ride my bike again. I'm so afraid I won't be able to. I am already tired of driving everywhere. I don't even want to think about skiing - I can't miss out on ski season, too!

As much as I want to feel sorry for myself and have a great big pity party, I realize that I am very fortunate to have medical care and an incredibly supportive husband who has been doing most of the driving and taking care of the house. I can put Renee on speed dial. I can adapt.

Friday, August 6, 2010

Professional Business Women of California Conference: Workshop Session I

I will admit that when I first looked through the schedule, I wasn't very excited about any of the seminar session breakouts, so I decided to attend the workshop track. Leave it to PBWC to make sure I wasn't disappointed!

For Workshop Session I, I attended Chris Melching's Paddle Your Own Canoe: Tips for Selling Yourself.

This is something that comes up every now and again as a blogger and someone that is very active on twitter as well, but I will admit I haven't really thought much about creating a brand. When I'm online and writing, I'm usually just sharing my experience - no matter what area it's in. I see so many blogs that start up and try to have a specific focus, and fizzle out after a half dozen posts or so. I don't write enough as it is, and would rather just write about what is on my mind or interesting things I've done than worry about it fitting into my "brand".

Chris Melching, though, reminded us that anything you put on line is your brand. If you think potential employers aren't checking out your online presence before your interview, you're wrong.

Melching covered the standard excuse given for not doing self-promotion, "I don't want to brag", with a great Kate Hepburn quote: "If you don't paddle your own canoe, you don't move."

This is where things get tricky. Most of us, including me at times, sit and wait for promotions, for changes in career direction, new opportunities to simply appear. While that does happen, it's rare and you cannot depend on it.

So, paddle your own canoe! Think about ways you can stand out, and never forget the silent messages you send, for example, what does your listening face look like? Apparently, 55% of an impression is made up from body movement, so if you want to show someone that you do care about what they are saying!

1. Make a good impression
  • Try to keep an open body - never let hands touch!
  • Make eye contact, even in groups
  • Talk about what you can do, not what you can't do
  • Don't complain or dwell on the negative (this one can be so hard!)
  • Smile more
  • Come up with possible solutions
After attending this workshop, I tried to think more about my own passive face. Often when I'm working at my desk, or just thinking about something while I'm walking down the hallway, people will ask me what's wrong. I now realize that my "thinking" face reads like a "sad" or "upset" face and I am slowly trying to change that habit (which is hard to do, while thinking about something else).

2. Build up your online presence to extend your presence beyond those you interact with on a daily basis. (side note: when she asked for a show of hands of women that used twitter, blogged or interacted on Facebook... only a small number of hands came up!)

3. Act as if...

Act as if you're already important. Walk up to someone and start a conversation as if you know (for sure) that they want to be talking to you.

Act as if you're confident, and before you know it, you will be!

Keep in mind that the minute you walk into a room, you're in the spotlight and you are being judged! A women executive that Melching interviewed said that within seven seconds she is already trying to figure out how to either get you out of her office, how to help you, or how to get something from you. Seven seconds!

It is important to always put forth a professional presence so you are prepared for these quick judgments people are making (even if they aren't aware they are making them). Make sure you are put together, organized, engaged and smile.

Some tips for making this happen:
  • Open up your body, you'll appear more confident
  • Slow down your pace and listen often
  • Smile (often!)
  • Project strength in how you look, act and sound at all times
  • Ask questions, stay focused (put the smartphone down!)
  • Become contagious and change people's pulse when you speak (easier said than done, right?)
  • Use large gestures
When you are speaking you can be a train wreck inside, but still project confidence on the outside by:
  • Exhaling
  • Acting calm
  • Not fidgeting
  • Smile
  • Not touching your face
  • Being purposeful
  • Pinching the table to focus your energy, and conveniently this keeps you from touching your hands together and keeps your body open. (I've tried this, it is an amazing way to focus actually)
Ask someone you trust what your strengths are, so you are aware. Ask what you do well, what you should do more of or less of.

Of course, I'm generally thought of as an animated person (which is why I do need to watch my focus expressions), so I need to take some of these tips in stride. If I started making incredibly large hand gestures along with animated facial expressions, it would likely become a very strange experience for those I was talking to. On the other hand, I do often find myself closing up in meetings and these simple reminders can help me make sure what I'm showing others is indeed the message I'm intending to show.

4. Build selling into your everyday conversations. For example, if someone asks, "How are you?", don't answer with "fine", but rather something along the lines of "I'm fantastic. I'm really excited about this project I've been working on..."

5. Be succinct. Well, if "fine" isn't a succinct answer, I don't know what is ;-) But, what Melching is talking about here is giving folks the highlight reel. When someone asked how the meeting went, don't start on about how Bob was late, you didn't have the slides ready, then your flight was rescheduled, and then your luggage was lost.... oh, wow, I'm boring myself here! Get to the point and provide the nitty gritty details later, if they are asked for. Small bites:
  • What did you do?
  • Who benefited?
  • What were the results?
  • What are you trying to ask, get, etc?
  • Stay focused
  • Share your passion
  • Avoid "um, er"
  • Share your passion
  • Increase your energy in your voice
This is an area that I have trouble with. I practiced these skills for awhile right after the conference, but realize now that I'm already slipping back into some bad habits. I'm glad I'm revisiting this with this blog entry so I can start to make this a habit!

6. Know what you want and then just ask for it. If your manager doesn't know you want an international assignment, you can't be disappointed that they give the assignment to someone else on your team.

7. Encourage objections. This will help you flesh out your own ideas, find out who agrees with you and let you learn about what is on other people's minds.

8. Clarify your next steps. Be specific, especially when you're seeking advice or something else from someone.

9. Get frequent reality checks from others - back to the "what's working? what should I do more of? less of?"

10. Grow and sustain your network! Make sure you stay in touch, and not just when you need something. This applies for personal relationships as well as business ones. Try to check in once a quarter and build your network by introducing people - they will return the favor to you someday.

Overall, I really enjoyed this workshop. While I realize out of the attendees there, I was one of the few with an established online brand, that doesn't mean I can't do more to focus it. I can certainly work on the being succinct part - how long is this entry?

Do you have any other good tips for selling yourself?

Tuesday, August 3, 2010

Monk's Kettle Ninkasi Beer Dinner

I was so happy to be able to participate in the San Francisco Bay Area debut of the draft beers of this delightful Eugene, Oregon brewer, Ninkasi, back in March.

Ninkasi, a relatively young brewing company, is named after the Sumerian Goddess of Fermentation and they have played around with some of the first recorded beer recipes while doing their brewing. Happily for us, they sent their primary brewer, Jamie Floyd, to teach us about each of the beers we tasted.

The Monk's Kettle has started a new tradition of giving the diners a welcome beer - and I can't think of anything more welcoming than a gratis beer! We were welcomed with Spring Reign, a seasonal American Pale Ale coming in at 6.0% ABV. The beer had gentle hops and a crisp flavor that, unlike many pale ales, mellowed and really grew on me as I sipped it while chatting with my friends, BJ, Rod, Cory & Mark, awaiting the first course. This was what Jamie referred to as a "session beer", and I could definitely see that. Easy to drink at 35 IBUs and not *too* strong.

The wait was well worth it, as we were served the most delicious cream of mushroom soup any of us had ever eaten in our entire lives. The soup, made from locally grown organic portobello muhrooms, was garnished with fried truffle shallots, with a tarragon reduction - simply amazing. Each of us agreed that we would've been happy if the soup was served for each course :)

The best part about this soup? It completely changed the complexion of the beer - bringing out a before hidden essence of peaches.

Chef Kevin Kroger really outdid himself with this course and we were certain we'd be let down by everything else that followed - wow, we were wrong!

The next course, coconut curry with Ocean Garden shrimp served over a Thai basil rice cake was seasoned with fresh ginger, Thai basil and mint. I found the curry lightly spiced and creamy, the shrimp was amazingly tender - perfectly cooked! Perfectly matched as well with the Total Domination American India Pale Ale (6.7% ABV), which was soft, citrusy, light and very drinkable. I swore I tasted lemon grass in the beer, too. I was surprised I enjoyed this beer so much, as it came in at 65 IBUs, and I tend to not like "bitter" beers, but this beer was very drinkable... perhaps another session beer? I can see why this beer is the #1 selling 22oz bottle in Eugene, OR. I've been keeping my eyes peeled at my local bottle shop for it myself.

Jamie Floyd took a moment here to share his IPA philosophy with us, which I find lines up perfectly with my taste preference. He realizes that hops operate on a logarithmic scale and you have to be able to find the correct balance of bitter, flavor and drinkability. Lots of brewers can make an IPA that tastes great in a 6oz pour, but Jamie only sells in 22 ounce bottle so he has to brew beers that will taste as good on your last sip as they did on their first.

And this is when true joy began - our next beer, Tricerahops Double IPA (American Imperial India Pale Ale - 8.8% ABV). This beer had an amazing hoppy flavor without the bitterness I've come to associate with hops. It can be done! It was smooth and a pleasure to drink, though at 8.8% ABV, it is better to be enjoyed in small quantities.

How could things get any better? Our waiter brought out the next course - cumin rubbed pork tenderloin, goat cheese mashed potatoes and grilled asparagus. The pork, like the shrimp, was cooked to perfection - tender and juicy, with a rosemary-orange glaze. Again, this course was cooked with tarragon - an herb I believe I've been greatly under estimating! The beer was paired well and the food and the beer accentuated one another.

Our fourth beer was Believer Double Red (American Red Ale, 6.9% ABV), which was inspired by one of my favorites - Deschutes' Jubelale. Apparently Jamie and his crew had been working on the recipe for this beer longer than anything else in their lineup, and it was their first winter seasonal. I found this beer to be more of a brown than a red, with hints of dates and a smooth easy taste. The Believer Double Red was paired with Igor Novara Dolce Gorgonzola with roasted garlic cloves and an Italian and Thai basil reduction, with toasted cashews and Metropolis bigio bread. Always a fan of blue cheeses and roasted garlic, I could not have been more delighted by this course. The flavors blended together nicely and brought out the date flavor of the beer. Another course I wouldn't have minded being repeated ;)

The fifth, and final, beer was the one I had been most looking forward to: the Oatis Oatmeal Stout (7.5% ABV, 50 IBUs). I am a huge fan of oatmeal stouts, regularly drinking some at the Tied House in Mountain View. Actually, it may just be that I'm a huge fan of oatmeal, which I eat nearly every morning and have since I was a kid.

Ah, but back to the beer! It was a creamy brew, with coffee tones and a distinct nutty flavor (I could've sworn it tasted like cashews, but that was probably the last course still lingering). The Oatis Oatmeal Stout was originally their second winter seasonal, but the beer became so popular it is now a permanent fixture in their lineup. Jamie and the gang do like a clear beer, but they try to avoid filtering as it can take out some of the lovely flavors, so they have been experimenting with using a centrifuge on this beer. I do have to say I loved the results.

Chef Kroger paired this beautifully with a tarragon chocolate chip cookie and vanilla ice cream sandwich with an Oatis Oatmeal Stout infused chocolate sauce. I don't think you can ever go wrong with an ice cream sandwich, but I would've never thought of putting tarragon into cookie mix. This was surprisingly tasty. It was a bit like tarragon was the "secret ingredient" in this beer dinner, as it popped up so often and is usually a neglected herb - but it really worked and helped accentuate the bear flavors.

All in all, another palate enticing affair! Can't wait til the next one - oh, that's tonight! :-)

Sunday, July 18, 2010

Team Salty Dawgs Did It!!!!!!

Wow! In one of the most amazing experiences of my life, I completed over 100 miles with my fabulous teammates in the American Lung Association's Breathe Easy Ride. I raised $4300 and the team raised $7656 (before any corporate matching) to help make lung disease walk the plank!

Since January, I had ridden over 1600 miles on my road bike, but still nothing could've prepared me for this. It was intense, exhilarating, heart breaking, exhausting, difficult and full of joy, laughter and unexpected camaraderie. My team was my pack. I could not have done it without their physical and emotional support, and the amazing support of all of you who donated to my ride and sent me inspiring letters.



A misfit team of current Oracle and former Sun employees, all with different abilities and skills, started leaving the parking lot at the Sonoma Mountain Village about 5:40AM on June 26th onto the foggy and desolate roads of Rhonert Park. I left first, as I am the slowest rider on the team, and found myself riding amazingly fast accompanied only by horses and cows, trying to get as many miles under my belt before my team caught up with me. The air was thick with fog and quite cool, and I quickly warmed up as I was maintaining speeds over 15 mph.

Mark, Richard & John caught up with me after nearly a half an hour, apparently wondering where I'd gotten off to as they were not expecting that sort of speed from me... and warned me not to spend all my energy too soon. :-) Mike & Bryn were the last group to leave the parking lot, and inadvertently followed some 66 mile riders and started off on the wrong path - bypassing the rest of the team completely...until later.

As per my plan, I spent only the minimal amount of time at the first two rest stops - just stuffing my face with potatoes (YUM! roasted with rosemary!) and fruit, reloading my Cytomax and topping up my water. At the third rest stop, we had a surprise: Mike! Poor Mike was getting over a bad cold and just couldn't keep Bryn's pace, but this was good for us as we now had 5 people in our pack!

The weather stayed on our side, remaining cool, foggy and overcast until about 10 AM when the Sun just started to peak through. The five of us maintained time trial positions (single file line, each rider right on the back wheel of the one in front), taking turns at the front. While I am used to drafting with one or two people, the formation with this group of 5 riders had us moving like the wind! At our 4th rest stop (55 miles in), we were still maintaining an average speed over 15mph, even with several moderate climbs past us. We were cool, fresh and all felt great!

Then came Coleman Road. As we started the climb, John & Mike got out ahead of us, missed a turn and went 5 miles out of the way before realizing their mistake. Richard, Mark and I slowly climbed up this steep and soul crushing road, when lo-and-behold, down came Bryn! Curious as to why he was going the wrong way, we stopped only to discover that when he finished his descent to the coast and reached HWY1, it was so impassible with fog, his only option was to turn around and climb back up Coleman Road.

Bryn regaled us with tales of rough road and cattle grates before continuing onto his own personal journey, but not even his warnings could prepare us for what lay ahead. I could've used my mountain bike, the roads were so rough and twisty (and why on earth were there so many cattle grates?!?! WHY!?!)... heck, I could've used a car. It was brutal, desolate, frightening and beautiful.

When we reached HWY1 about 70 miles in, it was foggy, but we had at least a quarter mile of visibility, so Mark, Richard and I persevered ahead - little did we know poor John was back on track and doing that terrible climb alone, even though he'd already done an extra 500 feet/10 miles on his detour. It was noon, and I foolishly thought that I could do 30 miles in just under 2 more hours....

The climb out of the coast and back to the valley was unbearable. My legs were tired. I was hungry & thirsty. Fortunately, Mark had been carrying around extra food & water all day - as there were more than 30 miles of intense climbing and scary descents between rest stops! Mark was happy to lose the extra weight, and Richard & I were happy to have food and water :-)

For those of you who are curious, we were following (in reverse) the Tour de California route - yes, serious climbs for professional riders. The pavement was graffiti'd with ALLEZ, ALLEZ, ALLEZ and various rider's names.

After finishing our descent into the valley, we found Mike, who had backtracked on the route in order to skip the Coleman climb (since he'd done that bonus 10 miles with John), yet still get 100 miles in.

When we arrived at the 5th rest stop at mile 82 a bedraggled mess, happily greeted by volunteers from the Salvation Army with warm roasted potatoes, nuts, and ice cold water. The sun was out by then and we were all getting tired. As the four of us pulled out of the rest stop, we spotted John pulling in. Knowing he'd catch up, we continued on. At this point, every little hill just killed me. I'd have to immediately drop into granny gear and just use every ounce of energy I had just to keep spinning my legs. My quadriceps were burning. My IT-bands were on fire. I could only think of all the support I had and I knew I had to finish. Mark, knowing how important this was to me, literally pushed me up the remaining hills, even though he was beyond exhausted himself.

Terrified of being removed by SAG for taking so long, as the ALA said would happen, I just kept spinning, making it to the 93 mile rest stop just as they were closing. They gave us some fig bars and cold water and we were on our way again - this time with John!

Somewhere on those last 10 miles, Mark, Richard and I got separated from the group when we had to wait an insanely long time to turn left at a T-intersection. As the three of us were on final approach, Richard ran over a small drill bit that managed to pierce the wheel and slide *into* the spoke. Mark & Richard weren't sure if they were going to get that drill bit out, so I pushed on ahead.... and missed a turn, getting lost with 103 miles completed.

In the end, I rode 105.5 miles, Average speed 13.2mph, 8 hours of riding, 10 hours total door-to-door, burned 4544 calories and climbed about 6500 feet.



The most difficult thing I've ever done. I'm still recovering. Thank you everyone! Thank you!

Wednesday, June 30, 2010

Professional Business Women of California Conference: Opening Session!

Last month, I was fortunate enough to attend the Professional Business Women of California's annual conference in San Francisco! This conference is both inspirational and educational, a real treat to be able to attend. Oracle, my new employer, is a sponsor of this conference as well, so I got to meet many Oracle "classic" employees and got to learn more about the company and the new corporate culture.

The day started with a wonderful suggestion from PBWC Board President Ann Barlow: "Put the Blackberry down and tune in!" This is important, particularly in today's culture - most of us do not multi-task as well as we think we do (I know I don't!) and it's nearly impossible to be reading email and fully paying attention to people in the room. Personally, I was glad to give this day my undivided attention (though I did wish they had wireless access so I could live blog... which would've gotten this entry up a lot sooner!)

Ms Barlow noted that while women have many strides as professionals, the layers over middle management are still dominated by men! While it's clear this is a problem, it's not so clear what we, as women, can do to fix this.

Our morning keynoted was from Sheryl WuDunn, a Pulitzer Prize-Winning journalist, author of Half the Sky, and world traveler. Ms WuDunn told us about some of her travels - including a trip to China, where she met Dai Man Chu, a little girl who's parents were going to take her out of school in the 6th grade because $13/year in tuition was unaffordable and she was only a girl. When WuDunn wrote about this, readers from the New York Times came through with enough in donations that not only Dai Man Chu could attend school, but so could other girls in the village!

In her travels, WuDunn has learned that in many countries all resources, including food, go first to boys. In India, for example, 1-5 year old girls have a 50% higher mortality rate. In places where people make less than $1 a day, only 2% of that income goes towards educating their children, while 20% goes towards tobacco, alcohol, festivals and prostitution!

WuDunn feels the best way to end poverty and terrorism is to educate women and allow them to enter the workplace - but in order to do that, somehow a shift has to happen in spending priorities in impoverished countries. She feels that groups performing micro-loans, as well as places like Heifer International that gives livestock are some of the ways that can help make women more independent in these countries and hopefully make positive strides towards education and entering the workplace.

What an inspiring way to start the morning!

Thursday, June 17, 2010

Training Continues for next week's 100 mile ride!

First, thank you to all of the advice I got from this blog and on facebook, particularly to WillO, @kleen, Bryn and Mark, my training has been progressing very well!

With more frequent snacking, Cytomax in my bottle, and shorter but more frequent breaks, I have gotten away from the mysterious gassy stomach and massive headaches on my long rides. My speed has really improved as well, though I am still the slowest rider in my group rides.

So far my big rides have included 65 miles in the East Bay for the Primavera (which was so amazingly beautiful! We got to race against a steam powered train!), 82 miles in Gilroy's Tiera Bella (the 100 mile route with the big climb up to Henry Coe and back cut out... :-), and 83 miles from our house to the ocean and back (big climbs included Arastedero, Alpine, Old La Honda Road, Stage Road, Pescadero and Tunitas Creek). I'm still riding after all that!

I've even done three mountain bike rides this year - and haven't cried on any of them (even though I fell down once and ran into a post another time.... :-)




Look at that awesome speed! It's a good thing you can't hear whining in a photo ;-)

While training has been going well, I am still far short of my goal. Can you please help support the fight against lung disease? As a reminder, I am riding because my mother is a lung cancer survivor, my step grandmother just died from lung disease and many other members of my family have lung disease - including me! Doing all this riding with asthma is tough, but it is such a worthy cause. Please help me out by supporting my ride today! Your donation is tax deductible.