$chickens--, a case study in physical security
I had thought that our fully enclosed chicken run would mean we would be free from successful fox attacks. This morning, at around 5am, I discovered that was not to be the case.

It strikes me that our situation is almost classical in the security world, except with chickens and foxes rather than machines and h4x0rs. The attacker only needs to find one hole to get through, so the defender needs to find and close all of them to be secure. When an attack is successful, it's important the vector is found and stopped, otherwise it will continue. Sometimes discovering the vector is hard.

As best as we can tell, the fox (after months of unsuccessful attacks) now has an excellent grasp of the physical properties of chicken wire. It discovered one location where the nails holding the wire to the fence were further apart, pushed its way down vertically, deforming the chicken wire. Once inside, it grabbed a chicken, and then appears to have squeezed out by pushing and deforming the chicken wire on flap designed to allow leaves to be washed off the coop's roof. No wonder we have the saying "as clever as a fox", and that foxes have caused such massive destruction to our local wildlife.

Today we're patching up the holes, adding more tensioning wire, and adding more nails and cable ties so there will be no locations that a determined fox can squeeze through. Will that fix the problem? Yes; for a while, until the fox discovers a new and completely unthought-of means of entry.

The correct solution to this would be "defense in depth", but even there we see the classical problem of security vs convenience. We could look the coop every night (as well as the run), but then we have to visit the chickens every day at sunrise to let them out. We could buy a dog that sleeps in the yard, but then we'd have to look after the dog. We could install motion-activated floodlights, but then we'd have spend quite a bit of time and money installing them, and the fox could just get used to the light. We could develop an amazing fox-killing robot warrior, but there's probably a council ruling against it. We could deploy a large moat of steaming acid, but then we'd need to refill the moat after rain and hot weather.

We could always buy our eggs from someone else, but I would hate to admit defeat.

O'Reilly Book Distributors
One of the problems with running a training business is getting one's customers to pay their invoices. It's not like we've had any bad debts, it's just that most of our clients are from "big business", and for an invoice to be paid it needs to be posted, sat on someone's desk for a month, mis-filed, resent in triplicate, routed to the wrong accounts department, resent again with a supplier contract, forwarded to the legal department because there may be IP issues, who forward it to risk management because there may be public liability issues, who forward it to HR because it involves training, who forward it back to accounts for payment. Eventually, some poor manager asks to pay it on their personal credit card so they can have it reimbursed later.

We tried to encourage prompt payment by offering a discount, but this ended up being more work as we had to issue a second invoice when the first wasn't paid in time. We'd then go through the same proceedure a second time.

Eventually we discovered a trick. Offer free books if the invoice is paid on time. Because this directly benefits the employee, the invoices start to become hot stuff, and we're seeing a lot more invoices being paid on time. That's a great thing, as it means we can spend less time chasing accounts, and more time writing new courses and presentations.

Unfortunately, there's just one small speed-hump, and as our business has grown the the speed-hump has got bigger and bigger. It's the actual process of ordering the books themselves.

We have an agreement with the Australian distributor of O'Reilly and many other technical publishers. We order the books with a significant discount, and they arrive either at our office or one of our training labs. Everyone's happy, or at least that's the plan.

In reality, our distributors have become increasingly more difficult to work with. We get a lot of conflicting information about whick books are 'in stock', or when books are due to arrive. We'll be told that all of our books will arrive at a training centre, only to discover that some are missing and have a 4-8 week delay.

One frustrating situation included the books being returned due to courier error. Rather than us being notified of the problem, the books were re-sold to another customer. It was only when we called to ask why our delivery was so overdue that we were informed as to what happened, and that for us to get the books we would expect another 4-8 weeks delay. We still don't have those books.

I'm at the point where I have no confidence that we can supply any of our customers with books in a timely fashion, particuarly if it's something that has been recently published such as Perl Best Practices. I don't mind if books come late, as long as we're told before-hand, rather than discovering on the day of a training course. Our distributors are quite aware that we're unhappy, but have not yet demonstrated any plan to rectify the situation. Apparently giving us a phone-call to let us know there are delays is completely out of the question.

The pain of ordering books is now starting to approach the pain of chasing accounts. Unless we find a new distributor (or our existing one lifts their game), we may have to reduce our book freebies to the two books we can obtain reliably (Programming Perl, and Perl Coobook), or worse still give away boring things like T-shirts or game consoles. I'd be very sad if it came to that, as I'd rather our freebies generate revenue for some of Perl's best minds, rather than for textile or electronics manufacturers.

Another trip to Sydney
A lot of people have been complaining recently that I don't write enough in my journal. While I'm quite flattered that anyone reads the thoughts I jot down here, there are usually excellent reasons why there are periods when nothing seems to happen. It's usually because I'm interstate, and working very hard.

Last week was no exception, with me spending a week in Sydney teaching more Perl. The courses went down very well, some of the feedback and testimonies were just wonderful. I was pleased to have such a curious class, I ended up staying back late at lunchtimes and afternoons to keep up with all the questions.

As part of my trip I gave my talk on conference presentation to Sydney Perl Mongers. It seems I actually started a minor kefuffle on one of the SLUG lists, as I was talking about mind control, which we all know is evil. I started my talk with a song reminding everyone to wear their tin-foil hats.

My actual talk went down extremely well. So well that I ended up giving it a second time a few hours later, after Andrew Savige gave a presentation on Perl Best Practices (including a plug for Damian's courses). I'm seriously considering expanding my talk to tutorial length for the conferences in 2006.

Highlights of the evening included meeting with Pia Waugh, of Linux Australia fame, and obtaining photographs and movies of last meeting's flaming drinks from Conrad. (Seen inline on the pjf.id.au version of this journal.)

Back from Sydney, but first...
I'm back from Sydney, and have many things to say about my adventures there. But first I thought I would share a small but somehow amusing request for a new Perl keyword, and its obvious solution.

Sydney Paul Mongers
I'm heading up to Sydney to present some training courses, and as it happens I'm lucky enough to have this coincide with the local Sydney.PM meeting. I got lucky and caught Sydney.PM the last time I was in Sydney, and also the time before that, and the one even earlier. Despite living in Melbourne, I consider Sydney.PM to be oen of my local perl user groups.

I'll be presenting at the upcoming meeting, with a slightly extended version of my Mind Control talk from SAGE-AU 2005. Attendance is free, so feel free to drop around if you're in the area.