Home

web development

Certification schmertification! Metrics schmetrics! Measuring the Drupal social/rockstar graph

5 October 2010 - 7:06pm | Laura Scott
Drupal disciplines Venn diagram

Certifications in software make me sneeze. Or roll my eyes. Or shrug. Yes, I'm a skeptic of certifications, and leery of motives of people pushing them. To me, certifications are a way to make money not from clients but from peers. It's like a tax. Do not pass Go. Do not collect $200. Instead, pay thousands to some firm so you can get that seal of approval. And in the end, does it mean anything?

And yet there is this obsession with measuring people. It's a way of gatekeeping, of creating scarcity, of one-upsmanship. I don't think such things are a measure of quality. They're typically market tools employed to help one group of people compete over another group. It's part of a "there oughta be a law" approach to life.

Goodness knows there are a lot of people out there who have no business building websites, yet do. Rare is the experienced Drupal developer/themer/site-builder who hasn't been shown some unsightly mess of an implementation that hardly works, if it does at all, with unmaintainable hacked code and untold violations of best practices. But color me an unbeliever when it comes to the salvation offered by some certification system. Certifications don't measure the things that are crucial to effectiveness. They don't measure ability to solve problems. They don't measure those intangible qualities that make people worth working with.

And they can't measure the unknown. Certifications look backwards, and tend to reduce the beautiful and complex to the dry and limited. Are certifications what we want? Really?

Is "Rockstar" measured in inches or decibels?

Certified to Rock attempts to bypass certifications by disrupting them using a mysterious automagical formula. The Certified to Rock algorithm is secret. That's purportedly not a flaw but a feature — presumably because if the algorithms were known, they could be gamed. The blithe response is "if you continue to rock it, your score will increase."

Of course, all this depends upon what you consider a "rockstar". Forget Ozzy and Rod and Moon and Mr Mojorisin. Unlike old-school rock stars, who burned guitars, wrecked hotel rooms, drove cars into swimming pools, bit heads off of doves and passed out on stage, and were paid millions for it, Drupal "rockstars" participate and engage in more socially constructive ways. Yes, baby boomers, the rockstar is the new square. But is your notion in alignment with the notions behind the secret CTR algorithm? Who can say?

I confess that when I first saw Certified to Rock, I thought it was a joke — a kind of frivolous, er, let's say extraordinariness meter for geeks to see how they measured up — "frivolous" because it claims to distill what is ultimately so vague and diverse and multidisciplinary and, well, human that applying a single scale is like comparing apples and cinnamon rolls. And machines are not good at vague and human.

This challenge is not unique to Drupal. Just last week this challenge of defining and measuring qualifications arose at a data science unconference:

One of the best sessions I attended focused on issues related to teaching data science, which inevitably led to a discussion on the skills needed to be a fully competent data scientist.

As I have said before, I think the term “data science” is a bit of a misnomer, but I was very hopeful after this discussion; mostly because of the utter lack of agreement on what a curriculum on this subject would look like. The difficulty in defining these skills is that the split between substance and methodology is ambiguous, and as such it is unclear how to distinguish among hackers, statisticians, subject matter experts, their overlaps and where data science fits.

What is clear, however, is that one needs to learn a lot as they aspire to become a fully competent data scientist. Unfortunately, simply enumerating texts and tutorials does not untangle the knots.

[The author, Drew Conway, offers up a Venn diagram of his own in an attempt to illustrate the complexity of the challenge. If you're interested in data science, data visualization or other big data challenges, the linked posts above are highly recommended.]

Today The New York Times had an article on the challenge of computers understanding humans:

Give a computer a task that can be crisply defined — win at chess, predict the weather — and the machine bests humans nearly every time. Yet when problems are nuanced or ambiguous, or require combining varied sources of information, computers are no match for human intelligence.

Few challenges in computing loom larger than unraveling semantics, understanding the meaning of language. One reason is that the meaning of words and phrases hinges not only on their context, but also on background knowledge that humans learn over years, day after day.

Knowing that CTR is likely not even a mapreduce kind of app, more of a simple query kind of app, one can only ponder its validity in the wild and wooly world of open source interaction development. But the concept has stuck around. And people are starting to cite CTR measurement as a gating criterion for hiring consideration. So there it is. And by that measure, it's worth a closer look.

How does Certified to Rock square that semi-amorphous blob that is a Drupal individual?

The validity of something like CTR is impossible to check, except by anecdote. Like Diebold voting machines, you cannot review the code. Unlike in Drupal, or any open source software, there's no real accountability through openness. You just have to trust it, trust the people behind it, and hope their notions of "rockstar" make some sort of objective sense, their ideas of how to measure those attributes are sound, the metrics they choose to incorporate actually have relevance, the algorithmic factors and quotients employed are properly balanced, and the people behind the curtain stick to high values, integrity and selfless standards despite the obvious and apparent temptations to tip the scales or otherwise succumb to the conflicts of interest inherent in building a system that rates not only your peers but your business competitors.

Even ruling out the last part — and knowing and having worked with Greg, Ezra and Ben, I have no reason to doubt their sincerity or integrity with regard to CTR — that still leaves a lot of unknowns, a lot of uncertainties, a lot of fuzz out of which a single scale of numbers appears — numbers that, despite their vague provenance, are being embraced by some as qualifiers for hire.

So how does it work? The site itself lays out some general parameters:

  • It must be easy to automate. There are about 500,000 people on drupal.org and more every day. We can't add something to the system that is going to require much manual work. Certainly nothing that requires us to manually do a task more than a few dozen times. So, we could make a list of everyone who organized a DrupalCon and have the algorithm system use that because that's only a few dozen people (we don't currently do that and may never). But we aren't going to go through github, launchpad, and gitorious and associate people's ID on those systems with their drupal.org user ID and then have the system give credit to people who send lots of e-mails. That's not scalable. Pro tip: keep your work on drupal.org itself - if you don't like the way it looks/functions/whatever then help the redesign.
  • It must not encourage anything that is harmful to the community. This is somewhat tricky. If, for example, the system gave points to people who have a lot of projects on drupal.org then that would encourage the creation of lots of projects including a lot of really bad ones. That makes it harder for new users to find projects. Which is really bad. So, we don't use any metrics like that!
  • It must be balanced. One of the things we're really trying hard to do is measure skill and knowledge of Drupal in a way that is fair to people with different skill sets. Someone who is an awesome site builder (can't code much, can't design, but really can choose modules and configure them) should be on equal footing with someone who can design or who can code. This is...hard. In particular it is hard to measure the skill/contributions of designers/ux/ia people and site builders. So, if you have ideas on metrics that measure their skills, please share those ideas!

This last point is the hitch. It's the part that gets into the fuzzy logic of AI. How indeed do you compare apples with cinnamon rolls on a single scale? First thing, it seems, is to simply define the scope of what in fact is being measured. What makes a rockin' Drupalist (for lack of a better word)? Programming ability counts, but not if you don't appreciate the foundations of open source. Database fu is great, but is limited if you can't generate decent markup. Theming talent is fabulous, but it's only so much help if you can't build the site to theme. And none of this touches on the intangibles like professionalism, organization, collaborative skills, communication ability, sensitivity to project goals (vs nifty solutions), general mental health, etc. that are critical to effectiveness in a Drupal project.

And yet the machine measures something. What could it be?

Some objective metrics that might be incorporated into a certification algorithm for Drupal

Here are a few ideas (total guesswork on my part), any one of which would be of little use but could possibly be combined into some formula to measure a "rockstar" quotient. Note: These are in no particular order.

Top-Level Metrics

Simple numerical measurements readily at hand.

  • Drupal UID [lower is better] — Some assumption of some degree of familiarity or knowledge could be applied based upon duration of membership in the Drupal community. On the other hand, plenty of people joined the community ages ago but haven't been very active. Or maybe you joined in 2003, tried Drupal and moved to Mambo.
  • Drupal.org number of posts [higher is better] — Because participation is good. But maybe you're a help vampire or offer not-very-helpful input.
  • Drupal.org number of comments [higher is better] — Because engaging in existing conversations shows interest in what the community is doing. But how many comments actually contribute to the conversation?
  • Drupal.org number of Issues [higher is better] — Because one can assume that people participating in the issue queues are more engaged in improving Drupal. However, if you're posting a bunch of duplicate issues or build-this-for-me tickets, maybe that's not helping so much.
  • Groups.Drupal.org number of posts [higher is better] — Because this shows engagement in more focused subject or regional areas. But if it's a bunch of job spam, who cares?
  • Groups.Drupal.org number of comments [higher is better] — Because commenting on existing discussions shows engagement with the community. On the other hand, chatty comments are common on g.d.o and do they make the "rockstar"?
  • Drupal.org number of documentation posts [higher is better] — Because if you can teach it, you probably know something. That is, if you do know something and aren't just adding cruft.
  • Drupal.org number of documentation revisions [higher is better] — Because making documentation better reflects some understanding of that Drupal subject. But some revisions are (sometimes incorrect) typo or grammar corrections, which speak to one's writing skills but not one's Drupal-fu.
  • Drupal.org number of Projects [higher is better, to a point] — Because maintaining a module, theme, feature or profile demonstrates a willingness to contribute, which is an important part of being a Drupal "rockstar". On the other hand, let's face it, there's a lot of crap contributed to CVS.
  • Drupal.org number of patches [higher is better] — Because if you're offering patches, your nose is not only in code, it's sniffing out actual solutions to make things better (hopefully). But if your patches are no good, or get ignored because someone can't be bothered, then what does number of patches prove?
  • Drupal.org number of core patches [higher is better] — Because if you're working in Drupal core, you're paying attention to the heart of things. There's no knocking this (Drupal core developers are my heroes), but there's a very great oodles more to Drupal than core code, so many are missed by this measure.
  • Drupal.org number of core patches in current and impending releases [higher is better] — Because working in the real world of today and tomorrow probably carries more relevance than working on the real world of five years ago or three years from now. Of course, this doesn't mean they're good patches … and the same concern above applies here.
  • Drupal.org number of commits by you [higher is better] — Because your projects are actively maintained, which shows engagement and desire to make things better. On the other hand, split out your projects into a bunch of files and you have more commits, and does that make you better, by definition?
  • Drupal.org number of commits by others of your patches [higher is better] — Because if others find your patches helpful, all the better. Undoubtedly this is cool, but narrowness of applicability is an issue.
  • Recency of all of the above [higher is better] — Because Drupal knowledge can grow stale fairly quickly. On the other hand, if you're really new to this, odds are you have a lot still to learn. (Don't we all!)

Reductive and Social Metrics

These are metrics that would need to be gleaned from some data mining more involved than your basic query. Quantifying these things is what is known as "hard to do":

  • Groups.Drupal.org up-ratings of posts [higher is better] — What do others think of your posts? Probably only of low value, as the more pointed remarks generally get the upratings, and this may not reflect any particularly deep Drupal knowledge or engagement at all.
  • Drupal.org and Groups.Drupal.org mentions of "thanks" and similar words with your username [higher the better] — This would take some Big Data-type parsing, but could yield some helpful social metrics.
  • Drupal.org and Groups.Drupal.org "+1" to posts and patches — This could be difficult to figure, though, as sometimes the +1 is for someone else's comment.
  • IRC "karma" points — Although this skews very heavily to the in-crowd, the inner circle talking to the inner circle, as many, if not most, people on IRC don't know about "username++", especially in #drupal-support and #drupal-themes.
  • Twitter tweets about Drupal — Because you are probably working with it if you're tweeting about it.
  • Blog posts about Drupal — Same deal.

Those Intangibles that Defy Measurement

  • How effectively the designer leverages affordances provided by the Drupal UI.
  • How well the architect matches Drupal solutions to project challenges.
  • How appropriately the themer uses clean html and semantic markup.
  • How scalable the developer's solution is in a high-demand application.
  • How efficiently the project manager directs resources towards needs in a Drupal project.

And these don't even touch the non-Drupal-specific intangibles that apply in every Drupal project:

  • How collaborative a person is.
  • How professional a person is.
  • How hard-working a person is.
  • How responsible a person is.
  • How intelligent a person is.
  • A person's work ethic.
  • A person's attention to detail.
  • A person's adaptivity to change.
  • A person's poise under pressure.
  • A person's values and empathy towards others.
  • Honesty.
  • Punctuality.
  • Reliability.
  • Focus.
  • Discipline.
  • Insight.
  • Critical thinking.

And so on.

How many is a flower?

I don't know the answer to that. Is orange greater than salty? Is platinum better than mitochondria? Yes. No. Maybe.

And?

Tags:
| Permalink

Web designers and developers, take the A List Apart survey

15 December 2009 - 11:54am | Laura Scott
A List Apart Survey

The more the merrier (or at least more accurate). Take a few moments to fill out the A List Apart Survey. This isn't just for designers.

Tags:
| Permalink

A cautionary tale regarding theme download sites

7 April 2008 - 9:12pm | Laura Scott

Via GigaOM:

Back in November, we looked at WordPress themes being distributed by third parties who’d embedded hidden code to allow the insertion of arbitrary content. Now a rash of sites are reporting that their blogs have been subverted....

...There are lots of reasons a hacker may want to inject code into a page:

  • To infect visitors by exploiting a browser vulnerability
  • To place ads they can then get revenue from
  • To embed links to blogs they own, improving their page rank
  • To entice people to click on links that lead them elsewhere

The clever thing about the WordPress hack was that it would check for code to insert into a page each time it was loaded, but if none was available, it would just sit there quietly.

It's all too easy to compromise a website's security via the theming layer. Malice is just one possibility. There are also hacks and vulnerable code gimmicks pursued amateur theme developers who just don't know better. It's not just a Wordpress thing -- it's all websites, whether built on open source or proprietary platforms (though not static html sites, which presumably are as safe as their servers).

In this context, the question for the website owner is whether you want to buy a theme (or download a free one) from an un-vetted vendor. Sure, if you are an adept coder, and/or know the proper API calls to protect your site from things like XSS, you can just clean that up and enjoy the design that attracted you in the first place. But if you don't know those vulnerabilities, you could be opening your site up to ill-will or novice mistakes. Caveat emptor. Don't end up like Deep Jive. Ouch.

Tags:
| Permalink

Firefox 3 making online life much nicer

24 March 2008 - 8:32am | Laura Scott

Today I downloaded and installed Firefox 3 Beta 4. I could not do it before, but now that the Web Developer tools are updated and Firebug has a 1.1 beta that works in FF3, that's enough for me.

I don't know about you, but on both Macs I use regularly, Firefox 2 was crashing all the time. Last night, while writing a blog post for BlogHer, my browser crashed at least a dozen times. On my Mac Pro, Firefox completely melted down -- twice -- requiring complete rebuild from the start, manually adding one plug-in at a time. But I had to stick it out because I need those developer tools. I cannot imagine working without Firebug.

The new UI is clean, and seems to take up a bit less space. And so far FF3 is fast. Me likes.

Tags:
| Permalink

On the frontier, not everyone knows their way around

6 October 2007 - 11:26am | Laura Scott

While I was laying in bed last night, I found myself questioning my post yesterday and the attitudes reflected in Joe the Peacock's mocking of what appears to be a rather clueless potential client.

He seems to have struck a nerve, judging by Joe's forums:

Yes let us hear the douchebag please!

I think Joe's got to have at least a little bit of masochist in him to be a consultant, especially an Internet consultant. Sir Geek and I did it for several years and listening to the clients blather on about what they think they want/need is enough to make your brain explode.

Freaking hysterical.

Okay, at first reading of Joe's rant, I confess I did laugh a little. It certainly was outrageous enough to inspire me to post a link.

But to publicly share such mean-spirited attitudes towards potential clients strikes me as rather sad, and what I would consider unprofessional. Now maybe the person on the other end of the line was a jerk. I certainly have encountered my share of jerks.

But Joe mocks this "potential client" for his (?) ignorance.

We in web and software development live in a world that is scarcely understood by most of the people who use what we produce. That's all the more true in the corner of that world where I spend my time: open source, which is a community-of-a-commons concept that seems to elude even the majority of folks in Silicon Valley (who are much more attached to that other source, "outsource"). Quite often we are in the business of educating and enlightening the client, sometimes seemingly as much as we are developing for the client. It comes with the territory. After all, clients come to us, in large part, because we are knowledgeable in things which they are not.

Hello?

Jerks have what's coming to them, imho. But calling someone a "dipshit" for simple ignorance? That's ignorance.

I suppose it's natural that such cynical attitudes will bleed into all areas of business, even this "new economy" we're all a part of that's supposed to, you know, change (read: "improve") the way business is conducted in the world. People are people, and cynical contempt is all-too-common a human attitude. Just don't count me among its willing practitioners.

Then again, Joe is a writer so maybe it's all just fiction. If so, never mind. I'll just walk slowly away from the computer and sit down for another viewing of Office Space.

Tags:
| Permalink

This is almost too sad to be funny

5 October 2007 - 2:11pm | Laura Scott

An unordered list of thoughts I had during a conference call with a potential client today. Dear dear!

[Update: I posted some more thoughts here.]

Tags:
| Permalink