Changes to XTC in 2017

The 10th January 2017 XTC meetup was a very active affair. I had asked the question “What shall XTC do in 2017?”. This involved a lot of talk of the history of XTC, and asking philosophical questions like “What is XTC?” and “Why would anyone come to XTC?”. I had a major a-ha moment as a result of these talks (more on that later). I think that there was also a sense of positive optimism and enthusiasm, and I left the meetup with a renewed sense of energy for XTC.20170110_all

Changes for 2017

Firstly, some concrete changes to XTC starting from now:

Fortnightly instead of weekly

For the moment, XTC will be held once a fortnight (instead of once a week, as it has been previously). The pool of XTC regulars has dropped from previous years. We recognised that we’re spreading ourselves too thinly. By cutting the number of meetups in half, we hope that on any particular meetup night there will be a bigger and more diverse group, and hence much better conversations. Depending upon how XTC goes this year, we may decide to tweak this further (in either direction).

Seed topic

The organisers will ensure that there is always a seed topic. Many people have noted that when someone proposes a topic to discuss before the meetup, it will naturally ensure that someone will be there, and that people know at least 1 thing that will be discussed. Sometimes the topic will give the incentive for people to turn up to argue a point 🙂

Jeff started things off by getting everyone who attended to propose a seed topic that they would be happy to talk about. After there were a good amount of topics, we all voted on topics that we would be interested in.

It so happens that the first time we voted, the most popular topic was “The Silver Bullet Fallacy”. Hence, this will be the seed topic of our next meetup on the 24th January.

20170110-seedtopics1

New Co-organisers

Nader and myself are both organisers of XTC. However, both of us find it hard to find time to help with the organisation and promotion of XTC as much as it should. I asked for help, and @jtf, @sleepyfox and @tomwhoscontrary all volunteered to dive on that grenade. Thanks, all!

The Nature of XTC

With the XTC changes out of the way, there is one thing that I wanted to talk about: what is XTC? The website at http://www.extremetuesday.com talks about the nature of XTC as follows:

Working in XP can be hard so its good to meet other people and discuss common problems. It’s a professional network and support group.

  • It’s more than just XP
  • XTC encourages people to write papers, books, articles and run events to publicise XP.
  • XTC allows people to gain experience in XP practices when their day-job doesn’t.
  • XTC introduces people to the XP community.
  • XTC is a social club for like minded people to have a drink after work and put the world to rights! XTC has an anarchic spirit

Personally, I have found the above points seems to miss the essence. I agree wholeheartedly with the first and last points, but the middle 3 leave me a bit uncaring, as Extreme Programming seems such a minor part of what XTC is these days (at least in my experience, though YMMV).

I asked people who turned up what XTC was to them. Some initial answers:

  • People who do the things I want to do
  • People who have tried different approaches
  • People who I like to talk to (but maybe not like)
  • Extended colleagues
  • Colleagues you wish you had

I found these unsatisfying, in that they were all self-referential (XTC is the people who like XTC).

Then someone then hit upon the phrase “Continuity XP” (or “NextP”). XTC started off as a group of people trying to understanding the implications and context of Extreme Programming. It was a place to discuss the problem domain, and share experiences of different contexts where XP worked and didn’t work. Thas is, a Community of Need (using @PapaChrisMatts name). XTC is the continuation of that group. Some consider XP to be a mapped solution (now the nucleus of a community of solution). However, the original group didn’t just disband and go home. XTC continued to be the locus of a community of need, moving on to different problems in the software development space (lean, agile, large scale agile, action science, among many others). This was my major a-ha, the description of XTC that I always had a problem articulating: XTC is the group of people who look beyond the canned answers in software development. We see “solutions” as a limiting goal. We are the people who are always questioning the established wisdom.

What do you think? Come along to the next XTC and discuss! 🙂

20170110_postits

Password Managers

Knowing that I’m a long way behind on my security practices, I asked some friends “What password manager do you use?” (with the proviso that I use Linux and Android at home).

I’ve decided to give KeePass a go, but for full disclosure here’s all the responses I received:

ST: I like LastPass. They LastPass got hacked last year, but didn’t lose anything.
https://blog.lastpass.com/2015/06/lastpass-security-notice.html/
Ah, they did lose hashes.
If that puts you off, I hear KeePass is good.
And that’s offline.
Though you’ll probably still want to sync it.

AG: ¯\_(ツ)_/¯ I use 1Password, the Linux client is shite
KeePass is nice but theres no decent browser extensions since foxpass died AFAIK
don’t trust lastpass for shit, their concept is whack theres been some dodgy phishing like stuff
like this https://www.seancassidy.me/lostpass.html
historically had some super dodgy defaults too, like auto filling sites without prompts, so JS could grab your credentials etc
no clue if they’ve fixed that
https://www.dashlane.com/ is a competitor to lastpass, no clue how it compares, go google around see if Taviso found any exploits
https://twitter.com/taviso/status/763801055725359104 apaprently there is

TD: fwiw I use keepass @tumbarumba , have for 7yrs+ now . zero issues. I don’t use a web client… good old fashioned copy pasta for me.

MS: I continue to love 1Password, which I’ve used for years. I find the following feature set unmatched anywhere: (a) easily sync securely via DropBox to all my devices on multiple platforms, (b) easily move/copy data between my personal vault, my family shared vault, and business vaults.

I hope someday that 1Password makes Linux a first-class citizen. If I were you, I’d suggest to them that they use Flatpak or the other similar thing. They are the ideal use case for secure cross-distro Linux software distribution with a containerized security model. If they jump on that train early, they could set the tone for a lot of security-conscious desktop proprietary software on Linux, I bet.