Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36
65 posts

Master Geek


  Reply # 695461 3-Oct-2012 12:22 Send private message

Chaitanya: Outsourcing to India doesn't necessarily  mean they cut cost ...


Exactly Chaitanya! I have heard of good results in outsourcing to India. Conversely, I believe the Novopay Teacher's Payroll application was developed in NZ - they are still trying to iron out the problems and the people impact was far more severe.

I think the developers in India didn't do too badly really - the site looks good and (was) mostly stable. There will always be bugs to fixed but these should have been tested here in NZ as a check that developers back in India were on track. And the speed issues are probably may not be a developer issue, unless it is to do with database design and indexing. Initially there weren't too many problems and I think the later landslide of issues (loggong in and page display) happened when quick fix-its to initial problems were applied without thinking things through.

Developer's aren't necessarily security experts but the SQL injection vulnerabilities are kind of unforgivable at any level of the product development and programmer's writing for the web should have learnt about this issue in webapps 101 - I know I did! People at all stages of the development needed to ask and re-ask the question 'What about security?' and make sure they got the answers.

65 posts

Master Geek


  Reply # 695470 3-Oct-2012 12:36 Send private message

freitasm: Outsourcing to India is probably a terrible idea [with] poorly designed technical specifications ...

But they had the best specification ever to work with - the Trade Me site. You just say 'make me one of those'. No language issues, ambiguities, design/colour decisions (apart from replace this with that), functionality implementation decisions, terminology problems or scope creep issues. Easy as.  Testing is easy as well - if it doesn't work like Trade Me then it is wrong - it is a bug not a feature.

BUT, you can't determine Trade Me's hidden security implementation or the design to handle scaling issues by playing with the Trade Me site. This is primarily where the development fell down and what should have been thought out and specified in detail by the Project Manager in New Zealand. And these are two of the things that needed to be thoroughly tested here in New Zealand before the site launched.

1770 posts

Uber Geek
+1 received by user: 68


  Reply # 695473 3-Oct-2012 12:46 Send private message

rubygirl:
freitasm: Outsourcing to India is probably a terrible idea [with] poorly designed technical specifications ...

But they had the best specification ever to work with - the Trade Me site. You just say 'make me one of those'.

...and if they actually did do it that way...it was a fail from that point onwards

Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 695479 3-Oct-2012 12:59 Send private message

freitasm: Outsourcing to India is probably a terrible idea if they had a poorly designed business idea, a poorly designed technical specifications and a poorly managed project. This probably were the culprits in a failed deliverable and all of which probably were locally produced.

When problems were identified, having a development team on the other side of the world, in a very different time zone means not being responsive at all.

It would be ok to have an outsourced team AFTER the product was launched. But leaving the most essential part of the business going offshore in a critical part of the process is complete lack of foresight.

This could be India, Egypt, USA or German. The same thing.


I agree with the first bit.

We do a lot of out sourcing here in New Zealand for other countries and it works out just fine.

The problems we saw here weren't because the project was our sourced to India.

We saw very basic WebBasics101 issues showing up and that's what caused some of the guys to run some very basic testing and checking over the site.

The same could have equally happened if a set of programmers from Wellington had been engaged by the Christchurch based company, or if it had been out sourced from Hornby to Riccarton (two Christchurch suburbs that are with in 10 minutes of each other).

MF is quite right in one of his earlier posts that this project just clearly lacked a half reasonable test plan and fairly standard programming practices.

Some here have implied that rocket scientists were needed to make this thing robust.  That suggestion is just rubbish.  

It took a dozen interested geeks less than 5 days to show up a sloppy application, with no visibility of the platform, code, design or test plan.









Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 695484 3-Oct-2012 13:04 Send private message

oxnsox:
rubygirl:
freitasm: Outsourcing to India is probably a terrible idea [with] poorly designed technical specifications ...

But they had the best specification ever to work with - the Trade Me site. You just say 'make me one of those'.

...and if they actually did do it that way...it was a fail from that point onwards


I disagree.  If that was the broad functional specification, to make something that looks and functions the same from a user point of view, then I don't see any issue with the project at all.

To suggest that what took Sam and Co almost a decade to produce, test and deploy, can be replicated in 10 months with a new and unknown team, in a different time zone, for a fraction of the budget, now that is silly.






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 695486 3-Oct-2012 13:11 Send private message

rubygirl: And the speed issues are probably may not be a developer issue, unless it is to do with database design and indexing.


At a guess, based on the comment that there are 40 servers powering this thing and understanding the technology platform (from the published JDF that someone else already posted here), and 10 years experience developing in the same technology base, I'd suggest the problems with speed had nothing to do with database design, little to do with indexing and more to do with deployment issues.

But without looking at the infrastructure, the code base and deployment plan, I wouldn't have a clue and I doubt anyone else would either.  We're all just wildly speculating based on experience.




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


BDFL
49922 posts

Uber Geek
+1 received by user: 4622

Administrator
Trusted
Geekzone
Subscriber

  Reply # 695492 3-Oct-2012 13:32 Send private message

DonGould: At a guess, based on the comment that there are 40 servers powering this thing and understanding the technology platform (from the published JDF that someone else already posted here), and 10 years experience developing in the same technology base, I'd suggest the problems with speed had nothing to do with database design, little to do with indexing and more to do with deployment issues.


If the dev team lacked orientation to correctly deploy a secure system, my bet is they did not have a database person doing query optimization, index creation, etc.

It wouldn't surprise me. I was once asked to have a look at a New Zealand system behind one those daily deal sites.

The owner complained they had to restart the server up to eight times a day, mainly at the busies time, when new deals came out.

I found a SQL Server running on a 1024 MB virtual machine, shared with the IIS server. All queries where "select * from" instead of picking only the fields it needed. And a query that ran a selection with a where clause containing four conditions over a table containing 10 million rows and no index. Actually not a single table in the system had an index but the primary keys.

Obviously 80% of the traffic was to the frontpage, so I spent my time fixing that frontpage, its queries and the indexing problem. The entire site was consistently faster, with no need to restart it all.

Because 80% of the problem was solved with 20% of the work, the owner decided that putting money into the 20% of the remaining functionality would cost a lot (yes, the old Pareto Principle), so we didn't get into any of the other 80 or so scripts running the rest of the site. His reasoning was that a migration to a new version would solve all the problems, so I left at that.

People have no idea of technology, and try to use it without clear, defined goals, strategies and management. That's where projects fail.





Awesome
3998 posts

Uber Geek
+1 received by user: 575

Trusted
Subscriber

  Reply # 695500 3-Oct-2012 13:37 Send private message

It also sounds like their session management across the servers hasn't been properly thought about or tested. Maybe their load balancer isn't configured right.




Twitter: ajobbins

Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 695520 3-Oct-2012 14:11 Send private message

freitasm: If the dev team lacked orientation to correctly deploy a secure system, my bet is they did not have a database person doing query optimization, index creation, etc.


Yes, while that's pure speculation, I think it's a fairly safe bet.

freitasm:  I found a SQL Server running on a 1024 MB virtual machine, shared with the IIS server. All queries where "select * from" instead of picking only the fields it needed. And a query that ran a selection with a where clause containing four conditions over a table containing 10 million rows and no index. Actually not a single table in the system had an index but the primary keys.


lol...  wouldn't have been to hard to make you look like the golden boy on that one.

I've seen projects where com objects are used and the database connections are just opened time and time again within the same routine sequence rather than using the same connection object. 

It's simple stuff like that which doesn't show up as an issue in testing until you put some load on the server or just have a look at the connection counts and do some simple projections.

MF as you well know, but many readers may not, these platform products have hundreds of parameters that can also be set to manage the application and tune performance. 

Was development and preproduction testing done on a platform that mirrored the production system.  I've seen that cause an application as simple as a web based phone book fail.

The concept of OO programing is great until you get to many abstracted layers causing the platform to pull to much resource at once.

I've also seen projects where the developers just assumed that the platform would clean up resources as it finished with an object without understanding the concepts of object and connection pooling which means the platform doesn't just clean stuff up when you're done with it because it assumes that it will be reused.

I'm not saying any of these things impacted Wheedle, I have no idea at all having not seen the platform or code, but they are very common mistakes with MS development that I've seen time and time again.

freitasm:People have no idea of technology, and try to use it without clear, defined goals, strategies and management. That's where projects fail.


Have to totally agree with you on this one.  You're right on the mark.

I've seen project managers who don't understand the technology at all, ask question after question that just drives the developers off track and ends in poor results.






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


Have plan, send $NZD50m
3475 posts

Uber Geek
+1 received by user: 75

Subscriber

  Reply # 695521 3-Oct-2012 14:21 Send private message

ajobbins: It also sounds like their session management across the servers hasn't been properly thought about or tested. Maybe their load balancer isn't configured right.


That was my initial thought when we started to see log on errors showing up and MF posted about being able to see other peoples details after he'd logged in.

I wish them good luck getting that one sorted out if that's the case.  The JDF that someone posted suggested to me that they weren't asking for people with proven experience in that space.

Given your history, I'm going to guess that you know a bit about this issue in the MS/ASP space. 

I wouldn't like to guess how many people do actually have much exposure, in New Zealand, to these kind of systems.

It's very easy to just assume that because someone has done an MS Word course, they know how to do a mail merge properly and that you can automate it and use MS Access to pull data from a range of data sources, on different platforms at the same time, to print a letter.

Read my CV, which doesn't even begin to suggest I've ever done a Word course (because I haven't) and you might not hire me to do this sort of thing, but you might hire someone who has done an MS Word course (if you get my point).

I guess I'm saying that it would be really easy for a project manager to just hire the wrong people or not even ask for the resource they really need.

D




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - [email protected]


BDFL
49922 posts

Uber Geek
+1 received by user: 4622

Administrator
Trusted
Geekzone
Subscriber

  Reply # 695565 3-Oct-2012 15:23 Send private message

I think the whole thing comes down to not having the proper TPS Report covers:







BDFL
49922 posts

Uber Geek
+1 received by user: 4622

Administrator
Trusted
Geekzone
Subscriber

  Reply # 695593 3-Oct-2012 15:58 Send private message

Just received:


Dear Wheedle Member,

I made a decision yesterday morning to take Wheedle offline.

On Monday night our tech team made some tweaks and changes to the website to improve its performance and speed. These changes were deployed to the website without first passing through our normal test protocols. We quickly discovered that the changes were causing problems with the auction listing prices. There was also some concern raised around password security and retrieval. Please rest assured that your password has been, at all times, strongly encrypted and stored in our database. We are also exploring alternative ways to further increase password security.

In light of these events, we are undertaking a complete review of the website including engaging an independent firm to carry out a full a check of the security of the website.

We experienced a very positive interest in Wheedle and we had an astounding member uptake. We will be back soon, better, stronger and safer.

I apologise for any inconvenience this has caused and thank you for your support.

If you have any concerns or questions, you can reach me by email: [removed]

Carl Rees
Managing Director
Wheedle




7248 posts

Uber Geek
+1 received by user: 890

Trusted
Subscriber

  Reply # 695594 3-Oct-2012 15:58 Send private message

Duplicate

1295 posts

Uber Geek
+1 received by user: 9


  Reply # 695596 3-Oct-2012 16:01 Send private message

freitasm: Just received:


Dear Wheedle Member,

I made a decision yesterday morning to take Wheedle offline.

On Monday night our tech team made some tweaks and changes to the website to improve its performance and speed. These changes were deployed to the website without first passing through our normal test protocols. We quickly discovered that the changes were causing problems with the auction listing prices. There was also some concern raised around password security and retrieval. Please rest assured that your password has been, at all times, strongly encrypted and stored in our database. We are also exploring alternative ways to further increase password security.

In light of these events, we are undertaking a complete review of the website including engaging an independent firm to carry out a full a check of the security of the website.

We experienced a very positive interest in Wheedle and we had an astounding member uptake. We will be back soon, better, stronger and safer.

I apologise for any inconvenience this has caused and thank you for your support.

If you have any concerns or questions, you can reach me by email: [removed]

Carl Rees
Managing Director
Wheedle



This part is interesting:

"Please rest assured that your password has been, at all times, strongly encrypted and stored in our database." 


It is very clear this wasn't the case at all. I wonder if this is something being spun to him by the Indian developers or if he actually believes this?

BDFL
49922 posts

Uber Geek
+1 received by user: 4622

Administrator
Trusted
Geekzone
Subscriber

  Reply # 695598 3-Oct-2012 16:02 Send private message

It could have been encrypted - but reversible. Which means practically it wasn't.




1 | ... | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

How stable are snap IP addresses?
Created by Physn, last reply by Oriphix on 23-Oct-2014 18:09 (20 replies)
Pages... 2


$39 iPhone plan goneburger
Created by MadEngineer, last reply by MadEngineer on 23-Oct-2014 22:23 (17 replies)
Pages... 2


Spark Socialiser
Created by freitasm, last reply by freitasm on 22-Oct-2014 18:39 (34 replies)
Pages... 2 3


American legal jurisdiction in New Zealand
Created by ajobbins, last reply by gzt on 21-Oct-2014 14:58 (30 replies)
Pages... 2


iPad Air 2 and iPad Mini 3. Gonna get one?
Created by Dingbatt, last reply by Handle9 on 23-Oct-2014 21:53 (101 replies)
Pages... 5 6 7


Snap have failed our company!
Created by dafman, last reply by kornflake on 23-Oct-2014 17:41 (37 replies)
Pages... 2 3


Thief taunts 12 year old via stolen laptop
Created by macuser, last reply by charsleysa on 22-Oct-2014 23:49 (12 replies)

Another Trade Me competitor: SellShed
Created by freitasm, last reply by freitasm on 23-Oct-2014 19:00 (44 replies)
Pages... 2 3



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.