Technical Leadership Summary #7

Another recap of a week’s worth of links, news, and discussion around technical leadership and technology; as usual, follow me of Linkedin if you want to receive a notification when I share a new link.

What I have been thinking this week

I am a long time subscriber to Safari Books Online (did they just rebrand to Safari Online Learning?), which I have been using consistently for years. I mostly use it to browse through technical publications, especially in my commute time, and I’ve tried their live online training on and off in the past two years.

After a hiatus of a few months, coming back to do some Golang live online training last week reminded me exactly why I’ve been using this feature so sparingly, and it comes down to how technical training is delivered.

This is a topic quite close to me: I started giving training/presentations almost twenty years ago in Italy when I founded a Java User Group in Milan, and I’ve been doing that for a long time; not to mention in my role I often organize internal trainings in the companies I work.

So what was wrong in this Golang training? It was following the tried and tested (and failed) method of “discussing one topic in deep at the time”. So the first 15 minutes talking about all the possible ways to declare variables, a few minutes on constants, then a discussion on structs, … and then I abandoned the course (I’m lying here, I didn’t even make to struts).

This is an approach that works for reference books, where the reader can skip, jump ahead and back between chapters to read any topic they want in deep, but it’s something that leads to uncontrollable boredom when adopted in live trainings. Do you think as an experienced developer you shouldn’t really go through 15 minutes explaining what is a variable and how to declare it? You are out luck, sit there and hope the next topic is more interesting.

What’s the right way to organize technical courses then? Here some ideas:

  • Define the context: you need to define a common context for attendees; having people in your course who never wrote a line of code together with experienced Java developers will inevitably lead to a poor learning experience for some (probably all) of them. You need to define clearly the prerequisites.
  • Bring the audience on a journey. Exposing people to a series of concepts one after the other is a sure way to lose their interest and attention, because you are discussing the details before they can fully understand how they all fit into the big picture. Not to mention, people will forget these details in two hours. Organize a trip for them instead: in a 2-day course you’ll probably organize a few trips, from “let’s develop a command line tool with Go”, to “create a network server”, to “how to make a distributed application”. Organizing a journey gives a sense of purpose to the listener; they know what’s the final goal, so they understand better why certain concepts/language constructs are needed
  • Explain the journey before starting. Explain to the listeners what they are going to see, learn and do, and the concepts they will learn during the journey
  • Take a break during the journey to explain concepts. Introduce new concepts only when they are needed during the journey. Take a 10 minute break from your “command line tool development trip” to explain Strings and string manipulation in Go, and then proceed. Be laser focused to explain exactly what the listener needs to know
  • Take a look back at the end of the journey. Once you’ve finished one application/journey, take 10 minutes to summarize what you have done and learned. This is also a good time to expand on some of the topics mentioned before, add a few details: just remember not to go overboard with that.

Topics I talked about this week

Hacking stories always get me hooked. We found a massive spam operation — and sunk its server tells how security experts hacked into a spam organization ElasticSearch server, and what they discovered inside. The Bayrob malware gang’s rise and fall reports the story of the rise of the Bayrob gang, who went from classic eBay scams to setting up huge networks of botnets for crypto mining.

Slightly more technical but still very interesting in the security area, How to perform the static analysis of website source code with the browser is an excellent starting point if you want to introduce Web security in your company. Dedicated and comprehensive dynamic/interactive scanners are great, but there’s a lot we can do with browsers and simple command line tools that help to create a secure mindset into developers.

Patterns for resilient architecture is an encyclopedic, 4-part blog series that is worth every minute.

Facebook is really getting into Machine Learning for improving their code and ensuring its quality and security. Is it really useful, or just a way to spend their excess money? Not sure, but it’s certainly cool. So after announcing GetAFix 6 months ago, now they are explaining how they built an intelligent code search engine to help developers to write better code (Aroma: Using ML for code recommendation).

Four more links to close:

Have a great week!