Dylan Tack's Blog

Mean Time Between Loss of Sleep

“MTBLS”: I first encountered this phrase on a New Relic blog. It's a half-joking reference to a concept used by reliability engineers, Mean Time Between Failures (MTBF). I was intrigued though, and thought it would be an interesting metric to track.

We have high-resolution data about our machines' health – down to the smallest minutia – but precious little about the health of our people.

By Dylan Tack, Director of Engineering
January 26, 2018

How to Integrate GitHub PRs with Bamboo CI

Bamboo / GitHub integration isn't perfect – perhaps because Atlassian wants to steer you towards Bitbucket (their GitHub competitor). Out of the box, there are several headaches. Below, I'll cover these, and how to solve each one:

By Dylan Tack, Director of Engineering
January 18, 2018

Grokking Bamboo CI/CD, for beginners

We are heavy users of Bamboo for Continuous Integration & Continuous Delivery (CI / CD). It's extremely flexible, integrates well with Jira, and elastic build agents make the most of AWS EC2 (even giving you the option of spot pricing for on-demand instances).

By Dylan Tack, Director of Engineering
January 18, 2018

Speed Kills: How Much does a Slow Web Site Cost?

In my last post, I wrote about the cost of tech debt, using a case study of skyrocketing hardware costs. Here's another, subtler effect of poor performance: impatient customers don't stick around when they experience slowdowns. However, choosing to prioritize speed can be hard to justify when the cost isn't quantified.

By Dylan Tack, Director of Engineering
November 27, 2017

Be a Partner, not a Vendor

Years ago, I received a frustrating email from a disappointed client. I was confused – from an engineering perspective, this should have been a model project. It nailed the requirements on time, under budget, with great documentation, full unit test coverage, and even included some cutting-edge original research and upstream open-source contributions.

Here's the email (emphasis added, scare quotes original):

By Dylan Tack, Director of Engineering
November 16, 2017

The High Cost of Technical Debt: A Case Study

Technical Debt: we all have it. Yet, this phenomenon remains poorly understood by product managers. Unlike financial debt, the costs are often hidden and difficult to measure. But the most dangerous aspect is that "Technical Debt items are contagious, causing other parts of the system to be contaminated with the same problem, which may lead to nonlinear growth of interest." [1]

Here's a case study of one such event; unmanaged tech debt caused interest costs to spiral catastrophically out of control.

By Dylan Tack, Director of Engineering
November 14, 2017

Q4 Hackathon Theme: Machine Learning & Data Science

I was dusting off my copy of Ray Kurzweil's The Age of Spiritual Machines today, and found a fascinating chart (adapted below). The book was written in 1998; it's interesting to reflect nearly 20 years later we're more or less on schedule. $1000 will buy you an electronic brain with a "thinking" capacity somewhere between a mouse and human.

By Dylan Tack, Director of Engineering
October 21, 2017

Origin Protection with AWS WAF & Shield

Amazon has been steadily improving their CloudFront CDN offering with WAF (Web Application Firewall) capabilities. This is a great feature, however it's ineffective if origin servers can be attacked directly, bypassing CloudFront. With a little extra work, access to the origin can be restricted. The solution is to add a secret header value at the edge, and configure the load balancer to block requests that are missing this secret. This is necessary because CloudFront distributions are not associated with security groups, nor are fixed IPs available (unlike higher-priced competitors like Kona Site Shield).
By Dylan Tack, Director of Engineering
October 12, 2017

Q2 Hackathon Theme: Internet of Things (IoT)

Metal Toad's second hackathon will be focused on the Internet of Things. Why IoT? Over the years we have accumulated broad experience in this area; we've built systems including analytics for solar and wind energy, backend services for wearable devices, and a vehicle telematics platform. Of course this is a growing field, and in addition to software and data analytics for IoT, this will be a chance for toads to get their hands dirty with a soldering iron.

By Dylan Tack, Director of Engineering
February 21, 2017

OAuth 2.0 and OpenID Connect: Now What?

A former Toad recently asked my opinion about this article:
OAuth 2.0 and the Road to Hell
The question is well-timed: I'm in the middle of a big OpenID Connect / OAuth 2 implementation.

That article was written three years ago, but I think Eran Hammer is essentially correct: the standard (especially OpenID Connect) is big, complicated, and enterprise-y.

By Dylan Tack, Director of Engineering
August 25, 2015