The difference between a consultant and a contractor

Last Sunday I was enjoying a coffee and a slice of home-made carrot cake (her baking, not mine) with Sally, a friend who runs her own small digital consultancy specialising in product development, especially in the area of mobile and tablet apps.

We were talking about our businesses and settled on a rather good explanation of the difference between a consultant and a contractor. I know I’m sometimes asked the difference.

A contractor usually works >60/70% time for a client, and generally comes into the clients office to work a fairly standard 9-5-ish workday. They generally work an entire day for that client. They may only have one or two clients on the go at once. If the client hasn’t got any work for them that day, they still get paid (while they sit there and, if it’s their kind of thing, download pictures of cats).

A consultant works for several different clients at once. When the client buys a day off them, it may not be delivered in one day, but spread over the course of several days. Consultants generally get to turn up when they say they will, rather than exactly when the client wants them to, but the corollary of this is that the consultant doesn’t generally get paid more if the working day is greater than 7.5 hours long (or am I just doing it wrong?). If the client hasn’t got any work for us, we don’t get paid, and have to earn our money by working for one of our other clients.

Latest Security Theatre: Please Remove Your Glasses

Heading back home from giving a talk at the INEX meeting in Dublin on Friday 20th September, I came across a fairly ridiculous piece of security theatre.

Welcome to Dublin Airport, by forzadagro on Flickr.
Welcome to Dublin Airport. Now remove your dignity, please.

My frequent flyer status with BA entitled me to go through the Fast-track security lane and avoid the 15-20 minute queue of glum-looking Ryanair passengers. There was a chap in front of me who had just checked in for the same BA flight.

Without seemingly flinching, the security officer supervising the loading of belongings into the x-ray machine asked the man in front to remove his spectacles and put them through the machine! I was stunned to hear this, and I think, so was he. In over 15 years of regular flying, this is the first time I’ve ever heard this be asked of someone wearing spectacles (i.e. not sunglasses worn inside). Good for him, he politely declined this seemingly random request, explaining that if he did that, he would be unable to see.

Being as blind as a bat without my glasses, I was ready to similarly decline if this security lady had any ideas about asking me to give up my glasses. Fortunately, I think she’d realised her seemingly random and possibly frivolous request had overstepped the mark, she didn’t ask me to do the same.

Now, I personally would find such a request undignified. Unable to see where I’m going clearly, I would be placed at increased risk of having an accident. It’s likely I would need to be helped through security, and helped to find my glasses once through the X-ray machine.

I don’t really see how it’s different to making a person with a prosthetic leg remove it for inspection and hop through the magnetometer arch on one leg, and I don’t see airport security guards forcing people to do that.

I put it down to poor staff training and the general ridiculousness that this security theatre is “good for us”, but I’m still pretty shocked that such a loss of dignity could even be contemplated in the first place.

I will be contacting DAA and asking them to respond and explain what their policy is regarding screening of people wearing glasses.

25 tune iPod shuffle

Remember this doing the rounds on Facebook a few years ago? Thought I’d do another… retro is good, right?

I put my iPod (other portable media players are available) on shuffle – here are the first lines (excluding “ooh-ahh-baby”-ing over the intro) from the first 25 songs (non-instrumental) that it played.

Your job is to name the song and the artist. No cheating. 🙂

Be warned, my music taste is eclectic and this iPod has over 5000 songs on it.

Put your answers in a comment, or tweet me. Have fun…

 

1) Good times bad times, baby you’re trouble.

2) My heart is empty, you’re eyes are dull.

3) Downhearted and confused because baby you’ve been starting to lose.

4) You’re a law unto yourself, and we don’t suffer dreamers.

5) Tongue tied I’m short of breath don’t even try

6) Who wants to be right as rain, it’s better when something is wrong

7) Out of a million seeds only the strongest one breathes.

8) I want to run, I want to hide.

9) Save some face, you know you’ve only got one.

10) Waking to these sounds again, I wonder how I’ll sleep

11) Day starts with a blast of feedback.

12) I hear the sound of the ticking of clocks.

13) I can’t see you Mama but I can’t hardly wait.

14) Your life is a story I’ve already written, the news is that I am in control.

15) How ever much I push it down it’s never enough.

16) I love you, steel painted eyes.

17) I had a picture of you in my head, it kept me warm when you were not there.

18) While my mind is at rest, while my mind is at rest.

19) Here I go, out to sea again.

20) Sittin’ here eating my heart out waiting.

21) Every time I think of you, I feel a shock right through.

22) Before you go and leave this town, I want to see you one more time.

23) Never had a point of view because my mind was always someone else’s, mind.

24) He’s on the phone, and she wants to go home.

25) Welcome to your life, there’s no turning back.

£75k fine a drop in the ocean for First Group

Train operator First Capital Connect has just been fined £75,000 by a UK judge regarding an incident in which up to 700 passengers were stuck for over 3 hours on a train, partially in a tunnel, with no toilets, no ventilation and minimal lighting.

To a conglomerate such as First, which reported over £200m profits in 2012, this has to be a drop in the ocean, and is an absolutely derisory amount compared to the  – just over £100 per stranded passenger.

It also begs the question about who is going to pay for this. First Group shareholders? Unlikely. It feels more likely to come out of our pockets, as fare increases, reduced franchise payments to the Treasury, or increased subsidy from the DfT.

We can’t change the “token” fine imposed by the judge – it should probably have had an extra couple of zeros on the end, really – but what might be reasonable is an assurance from the First Capital Connect MD David Statham or Group CEO Tim O’Toole that this fine will ring-fenced, such that it is paid entirely out of group surplus, and must not be allowed to impact the travelling public at large.

Better still, maybe they could pay it out of their no doubt generous bonuses, given the buck stops with them?

I’m also wondering how much has actually been learned from this incident, given the “analysis paralysis” that seems to affect rail operating incidents at the moment?

Errata in RFC1925: The Twelve Networking Truths

Some things in RFC1925, despite it being one of a series of April Fools’ RFCs (and therefore in the good company of the all time classic RFC1149 and it’s brethren), actually do hold true, for instance:

Fast, Good, Cheap: Pick any two – still tends to hold true.

However, like all good April Fools’ RFCs, it will declare that ‘ERRATA EXIST’ at the top. In this case, there’s definitely a shred of truth to this. Especially when you look at truth number 4:

Some things in life can never be fully appreciated nor
understood unless experienced firsthand. Some things in
networking can never be fully understood by someone who neither
builds commercial networking equipment nor runs an operational
network.

My concern is that this statement no longer holds true for the makers of commercial networking equipment.

If the makers and protocol designers really understood, we wouldn’t be pushing water up hill with things such as IPv6 deployment and encouraging use of other networking best practices, they would have made them easier to deploy in the first place.

Therefore a correction is needed, “Some things in networking can never be fully understood by someone who doesn’t run an operational network“.

Heathrow – where clean loos are an inconvenience…

My partner came back from South Africa this morning, and had asked if I could go and collect her from Heathrow.

Nipping to the Gents in the T5 arrivals hall was a mixture of what I can only describe as unpleasantness crossed with a few surreal moments.

I had to try about 4 stalls before I found one which didn’t have one or all of the following:

  • Urine sprayed all over the floor, seat and toilet pan.
  • Pubic hair stuck to the seat and toilet pan.
  • Dirty shoe prints on the toilet seat.
  • Diarrhoea sprayed all over the toilet and seat.
  • Faeces on the toilet seat.
  • No toilet paper.

Even the one I ended up using had to be swabbed down a bit first.

While looking for an (almost) acceptable stall, I came across a guy in the middle of emptying his bowels, sat with the toilet door wide open, with his luggage on a trolley in front of it, so that “he didn’t let his belongings out of his sight”.

I accept that some people have different toilet culture to us Brits, but this was getting quite bizarre, as well as inconvenient.

More than half the sinks did not seem to have soap in the dispensers, took trying 4 sinks before I found one with soap, and many of the hand dryers did not work (and had signs saying this was the case, in some cases).

I know public toilets aren’t always the best places on Earth, but this was a truly disgusting experience.

Why are these toilets so unloved?

I do wonder if they are cleaned and maintained by a minimum wage, zero hours employee, working for an outsourced cleaning contractor, who seems to have a very different idea of “clean” to you and me, that quite simply doesn’t care as long as they get paid?

Providing a clean and properly working facility is part of your brand. Why allow your brand to be smeared by such a lack of care and attention?

Welcome to Britain, eh?

The Network Engineering “Skills Gap”

Talking to colleagues in the industry, there’s anecdotal evidence that they are having trouble finding suitable candidates for mid-level Network Engineering roles. They have vacancies which have gone unfilled for some time for want of the right people, or ask where they can go to find good generalists that have a grasp of the whole ecosystem rather than some small corner of it.

Basically, a “skills gap” seems to have opened up in the industry, whereby there are some good all-rounders at a fairly senior level, but trying to find an individual with a few years experience, and a good grounding in IP Networking, system administration (and maybe a bit of coding/scripting), network services (such as DNS) and basic security is very difficult.

Instead, candidates have become siloed, from the basic “network guy/systems guy” split to vendor, technology and service specific skills.

This is even more concerning given the overall trend in the industry toward increasing automation of networking infrastructure deployment and management and a tendency to integrate and coalesce with the service infrastructure such as the data centre and the things in it (such as servers, storage, etc.) – “the data centre as the computer”.

This doesn’t work when there are black and white divisions between the “network guy” and the “server guy” and their specific knowledge.

So, how did we get where we are? Firstly, off down a side-track into some self-indulgence…

I consider myself to be one of the more “all round” guys, although I’ve definitely got more of a lean toward physical networking infrastructure as a result of the roles I’ve had and the direction these took me in.

I come from a generation of engineers who joined the industry during the mid-90’s, when the Internet started to move from the preserve of researchers, academics, and the hardcore geeks, to becoming a more frequently used tool of communication.

Starting out as an Internet user at University (remember NCSA Mosaic and Netscape 0.9?) I got myself a modem and a dialup connection, initially for use when I was back home during the holidays and away from the University’s computing facilities, all thanks to Demon Internet and their “tenner a month” philosophy that meant even poor students like me could afford it. Back then, to get online via dialup, you had to have some grasp of what was going on under the skin when you went online, so you could work out what had gone wrong when things didn’t work. Demonites will have “fond” memories of KA9Q, or the motley collection of things which allowed you to connect using Windows. Back then, TCP/IP stacks were not standard!

So, out I came from University, and fell into a job in the ISP industry.

Back then, you tended to start at the bottom, working in “support”, which in some respects was your apprenticeship in “the Internet’, learning along the way, and touching almost all areas – dialup, hosting, leased lines, ISDN, mail, nntp, Unix sysadmin, etc.

Also, the customers you were talking to were either fellow techies running the IT infrastructure in a business customer, or fellow geeks that were home users. They tended to have the same inquisitiveness that attracted you to the industry, and were on some level a peer.

Those with ambition, skill or natural flair soon found themselves climbing the greasy pole, moving up into more senior roles, handling escalations, or transferring into the systems team that maintained the network and servers. My own natural skill was in networking, and that’s where I ended up. But that didn’t mean I forgot how to work on a Unix command line. Those skills came in useful when building the instrumentation which helped me run the network. I could set up stats collection and monitoring without having to ask someone else to do it for me, which meant I wasn’t beholden to their priorities.

Many of my industry peers date from this period of rapid growth of the Internet.

Where did it start going wrong?

There’s a few sources, like a fire which needs a number of conditions to exist before it will burn, I think a number of things have come together to create the situation that exists today.

My first theory is the growth in outsourcing and offshoring of entry-level roles during the boom years largely cut off this “apprenticeship” route into the industry. There just wasn’t sufficient numbers of jobs for support techs in the countries which now have the demand for the people that most of these support techs might have become.

Coupled with that is the transition of the support level jobs from inquisitive fault-finding and diagnosis to a flowchart-led “reboot/reinstall”, “is it plugged in?” de-skilled operation that seemed to primarily exist for the frustrated to yell at when things didn’t work.

People with half a clue, that had the ability to grow into a good all-round engineer, might not have wanted these jobs, even if they still existed locally and were interested in joining the industry, because they had turned into being verbal punchbags for the rude and technically challenged. (This had already started to some extent in the mid-90s.)

Obviously, the people in these roles by the 2000s weren’t on a fast track to network engineering careers, they were call-centre staff.

My second theory is that vendor specific certification caused a silo mentality to develop. As the all-round apprenticeship of helpdesk work evaporated, did people look to certification to help them get jobs and progress their careers? I suspect this is the case, as there was a growth in the number of various certifications being offered by networking equipment vendors.

This isn’t a criticism of vendor certification per se, it has it’s place when it’s put in the context of a network engineer’s general knowledge. But, when the vendor certification is the majority of that engineer’s knowledge, what this leaves is a person who is good on paper, but can’t cope with being taken off the map, and tends to have difficulty with heterogeneous networking environments.

The other problem sometimes encountered is that people have done enough training to understand the theory, but they haven’t been exposed to enough real-world examples to get their head around the practice. Some have been taught the network equivalent how to fly the equivalent of a Boeing 747 or Airbus A380 on it’s extensive automation without understanding the basics (and fun) of flying stick-and-rudder in a little Cessna.

They haven’t got the experience that being in a “learning on the job” environment brings, and can’t always rationalise why things didn’t work out the way they expected.

The third theory is that there was a divergence of the network from the systems attached to it. During the 2000s, it started to become too much work for the same guys to know everything, and so where there used to be a group of all-rounders, there ended up being “server guys” and “network guys”. The network guys often didn’t know how to write scripts or understand basic system administration.

Finally, it seems we made networking about as glamorous as plumbing. Young folk wanted to go where the cool stuff is, and so fell into Web 2.0 companies and app development, rather than following a career in unblocking virtual drainpipes.

How do we fix it?

There’s no mistaking that this needs to be fixed. The network needs good all-round engineers to be able to deliver what’s going to be asked of it in the coming years.

People wonder why technologies such as IPv6, RPKI and DNSSEC are slow to deploy. I strongly believe that this skills gap is just one reason.

We’ve all heard the term “DevOps”, and whether or not we like it – it can provoke holy-wars, this is an embodiment of the well-rounded skill set that a lot of network operators are now looking for.

Convergence of the network and server environment is growing too. I know Software Defined Networking is often used as a buzzword, but there’s a growing need for people that can understand the interactions, and be able to apply their knowledge to the software-based tools which will be at the heart of such network deployments.

There’s no silver bullet though.

Back in the 2000s, my former employer, LINX, became so concerned about the lack of good network engineering talent, and woeful vendor specific training, that it launched the LINX Accredited Internet Technician programme, working with a training partner to build and deliver a series of platform-agnostic courses which built good all-round Network Engineering skills and how to apply these in the field. These courses are still delivered today through the training partner (SNT), while the syllabus is reviewed and updated to ensure it’s continuing relevance.

IPv6 pioneers HE.net offer a number of online courses in programming languages which are useful to the Network Engineer, in addition to their IPv6 certification programme.

There is also an effort called OpsSchool, which is building a comprehensive syllabus of things Operations Engineers need to know – trying to replicated the solid grounding in technology and techniques that would previously be picked up on the job while working in a helpdesk role, but for the current environment.

We’ve also got attempts to build the inquisitiveness in younger people with projects such as the Raspberry Pi, while venues such as hackspaces and “hacker camps” such as OHM, CCC and EMF exist as venues to exchange knowledge with like-minded folk and maybe learn something new.

We will need to cut our existing network and systems people a bit of slack, and let them embark on their own learning curves to fill the gaps in their knowledge, recognise that their job has changed around them, and make sure they are properly supported.

The fact is that we’re likely to be in this position for a few years yet…

Third Runway, or not Third Runway?

Hot news today is Heathrow Airport’s third runway plans. It seems there’s some realisation that a “Boris Island” won’t be built early enough to satisfy the needs of the South East’s demand for landing slots, and something needs to be done now rather than in 20-odd years.

There is a perception that London lags behind Amsterdam Schiphol, Paris Charles De Gaulle or Frankfurt, in the sense that it’s not an “airline hub” of the same magnitude, and dear old London Town is being left behind.

If anyone has been through any of the above airports recently, I’m not entirely sure that being like them is something we should be aspiring to!

I’ve already made my views known about Frankfurt‘s recent redevelopments, trying to make it less painful than before, and still managing to miss the target.

Anyone who flies to Amsterdam often enough will have experienced the mind-numbingly long taxi to or from their relatively new runway, which far enough away to be built in a completely different town to the airport itself. You would be forgiven for thinking you’re driving to the UK, as the taxi time is often as long as the flight itself, unless you’re lucky enough that the prevailing wind lets you take off and land closer to the terminal.

As for Charles De Gaulle… I’ll just give you a Gallic shrug.

While Heathrow is BA’s “hub”, it’s not really a hub operation in the sense of a US air carrier. Flights don’t arrive and depart in deliberately orchestrated waves, purposely designed to connect, such as Delta’s operations in Atlanta. BA’s hub operation is more by accident, because of the sheer volume of the operation, rather than schedule design. Flights “happen” to connect, rather than do so by design.

Following the effective breakup of the BAA, Heathrow, Gatwick and Stansted are now owned by different operators, and from reading this BBC article each of them seem to be vying for a bit of the cherry, while Boris would like to demolish Heathrow entirely.

What it’s left me wondering is why there is a complete lack of joined up approach?

Danger Will Robinson! Radical thinking…

In terms of land and environmental concerns such as noise, a 2nd runway at Gatwick seems to be an easy win when compared against putting a 3rd runway at Heathrow.

Given that we’re seemingly hell bent on building HS2 (let’s ignore the fact that less than half of the money being spent on HS2 could revolutionise rail in the North of England) , wouldn’t it be eminently sensible to extend it such that it touches Heathrow and extends South to Gatwick? Use the train as a complementary form of transport to the train, rather than as a competitor.

It could then serve a dual-purpose of making it more convenient for those in the Midlands to access Heathrow and Gatwick, while also handling connecting traffic between Gatwick and Heathrow.

What would the Gatwick to Heathrow travel time be on such a train? About 20-25 minutes? I know some airports where it can take just as long to transfer between terminals, or to get from departure lounge to gate!

Might it even be possible to provide trains, or designated sections of trains, for “sterile transit” between the airports, without the need to officially enter the UK?

Yes, this will involve taking on the fearsome NIMBYs of Surrey, but isn’t it all for the “greater good”?

Should we ever decide to build “Boris Island” or devastate Hoo with a big International airport, it’s close enough to HS1 to be hooked up to that. We can offer fast train connections into Central London, and maybe even to France or Brussels from the airport. Just think, it might be preferable to fly in to Boris Island then get the train, if you’re travelling to Lille!

But, as I say, that would require some joined-up thinking. Something we need to get better at.

Anti-spoofing filters, BCP38, IETF SAVVI and your network

I was invited to present at the recent IX Leeds open meeting, as “someone neutral” on the topic of BCP38 – largely in relation to the effects from not deploying it, not just on the wider Internet, but on your IP networking business (if you have one), and on the networks you interconnect with.

I basically broke the topic down:

Introduction: I started by introducing the problem in respect of the attack (“that nearly broke the Internet”) on the CloudFlare hosted Spamhaus website in March 2013.

What and how: Quick overview of address spoofing and how a backscatter amplification attack works.

What you should do: BCP38, uRPF, etc., and what you need to do, and what to ask your suppliers.

Why you should care: Yes, it benefits others, but you have costs in terms of bandwidth and abuse/security response too.

The bleeding edge: IETF SAVI working group.

It wasn’t meant to be a technical how-to, but a non-partisan awareness raiser, as the IX Leeds meeting audiences aren’t full of “usual suspects” but people who are less likely to have been exposed to this.

It’s important to get people doing source address filtering and validation, both themselves, and asking their suppliers for it where it’s appropriate.

Here’s the slide deck (.pdf) if you’re interested.

You’ve now got to be big to do IT for Network Rail

I noticed this article appear on The Register this afternoon. Caught my interests as it’s crosses tech and travel industries.

The main gist of this is that Network Rail, the organisation responsible for rail infrastructure in Great Britain, has changed it’s IT procurement strategy, creating a framework with 5 massive players able to bid for the work in the future.

No doubt dealing with just 5 large organisations is helpful to whoever is managing contracts at Network Rail, who up until now may have had over 250 different IT suppliers.

The questions immediately occurring in my mind are:

  • Does this risk stifling of innovation? By excluding smaller, agile companies from participating, does it run the risk of NR’s IT becoming dominated by expensive, white elephant, gold-plated mega-systems that try to boil the sea?
  • Do the cost savings from easier contract management actually weigh up against the threat of an oligopoly developing, which could force up the price for IT services? It’s unlikely that all 5 suppliers in the framework would bid for every tender or work package, maybe two or three would?
  • How does this line up with one of the alleged benefits of rail privatisation: the dismantling of the BR monolith would allow entrepreneurial organisations to operate in the sector, this is something which has probably only had limited success and then only in specific areas.

At the end of the day, it’s public money that Network Rail is spending here. Hmm…