Where can one find/bid on professional-level "rockstar"-style programming that pays accordingly?

Lesislittleporom · 4 months

The best sources for new work are almost always past clients. Networker or not, any "rockstar" is going to have a rich history of clients and projects who would use him again in a NY minute.

Is he interested in working full time? If any of his past projects were big enough and his contributions significant enough to justify the "rockstar" label then it would be surprising if they wouldn't want and need to retain or hire someone that good.

TekTrixter · 4 months

Not sure if you already know, the term you should search for is digital asset management.

I don't think this is a space with an obvious winner, especially something affordable for a single user.

Windows and Mac filesystems and indexers both have support for indexing file metadata but they depend largely on the underlying file format having metadata (e.g. EXIF in JPEG).

jimdoescode · 4 months

Unabashed plug. I've been working on a time tracking solution that we think is a huge improvement over existing solutions.

It works by automatically building a journal of your activity from the systems you use and then organizes that into the different projects you want.

From there you can invoice it or export the time into other applications such as Quickbooks.

If you're interested please sign up for early access at http://www.crisply.com

It's free.

michaelwdotnet · 4 months

This is a low level bootloader. It ensures that only Microsoft can publish an operating system that will load on that device. It does this by requiring that the operating system be signed with a private key.

To be fair, this is not really different from what Apple already does with the iPhone. Both companies totally undermine your ownership of your hardware.

The rationale is that it allows the operating system to truly trust the hardware environment. No rootkits in this context. The UEFI spec allows for a scenario where physical control of the device (pressing some button or something) can be used to assert ownership and allow for installation of a different root cert or at least bypassing the code signing requirement. It's also possible that Windows 8 ARM will refuse to install on a device that does not have this (this is less likely).

Windows 8 for intel does not (yet) impose this constraint. The concern most people have at this time is more that this is a deepening of a bad trend. Cory Doctorow gave an excellent talk on this.

coderboy · 4 months

Late to the party here and a nice long comment too :)

Not only do I still fill out timesheets, I'm actually working on timesheet software.

It's been my observation that people who fill out timesheets fall into the following categories.

People who bill for their time This is obviously a case of people for whom the pain of tracking time is less than the benefit of getting paid :) These people have no trouble staying on the wagon because bad timesheets get questioned and no timesheets means no pay.

People who work on fixed price projects These people are effectively billing for their time. They need to track time in order to know how much they are actually billing and to adjust their estimates/bids in the future. They have the advantage of not needing perfect timesheets. Anything that averages out over time will be a good indicator. I like to think of these as time metrics.

People who want to measure their own efficiency For the most part these people are the equivalent of people making diet resolutions on New Year's Eve. There's just not enough incentive/pressure to stay on it.

People who need to fill out timesheets for some audit / accounting requirement This is the most common case I've seen in IT. This usually starts with accounting for capex vs. expense accounting but usually expands into something more like TPS Reports. I call these guys the Five Eights. The most important feature in their timesheet software is the ability to copy last week's timesheet blindly.

People who need to do resource management I think this is one of the most interesting use cases, especially in IT. An IT organization usually serves multiple stakeholders across multiple dimensions of work. It's very hard to plan resources so come budget time most IT directors find themselves making an informed guess. These guesses are usually based on the past month and the highlights of the past 3 months. Sometimes they just assume IT as a certain percentage of the rest of the business. Good time tracking by broad roles or apps can really help for resource planning at every level. Company growth, new apps, new business roles are all different but having historical data can be a real boon.

Plug: I'm working on software that will minimize the pain of filling out timesheets (no, we don't think little timer applets are the solution) and provide useful analytics for the scenarios that matter. Sign up for early access at Crisply

mreiland · 4 months

I'd like to know what your problems are with gmail's IMAP? Once you enable all folders it's pretty good. You can even get chat logs via IMAP now (finally).

If you're using Outlook then all bets are off. Outlook's IMAP implementation has been horrible for a decade and no end in site. Even Windows Mail is better. The problem is not GMail.

I've all but given up resisting even though I really really don't like the idea of having too much on google. I've found the IMAP implementations provided by typical ISPs like dreamhost and mediatemple to be OK but kinda slow and usually cantankerous. My iPhone still can't delete messages on my mediatemple account even though I've told it which folder to use for trash.

I also want more than squirrel mail for webmail but less than the usual crapware php imap clients.

The ideal would be something I could self-host.

BroPaterno · 4 months

Why thank you sir. I must of course say that I do not work for the CIA. The only proof I can offer is Fjilwrusdf7³ aer774 sdaflasd663 nvnqe373 8alj84373

BroPaterno · 4 months

You're probably right but that doesn't mean he can't try to talk the doctor off the cliff.

BroPaterno · 4 months

Upvote for correctness but I stand by my original response. The OP should not attempt any home grown solution more complicated than remote desktop access or a VPN and even that is risky.

He would be far far better of actually paying someone for a complete solution.

BroPaterno · 4 months

Wow, what a target rich post! :) Where to start?

tl;dr don't do it

The "problem" isn't that HIPAA describes strict regulations. The problem is that the doctor has decided to place their convenience above those regulations. Are those regulations practical for every scenario? No, it's a huge PITA but there are very good reasons for this and circumventing them for convenience is a terrible idea.

The fact that you self-describe as new to network security is a noteworthy. The first rule of security is to assume that you are complete fool and that everything you do will be compromised by someone more experienced, more intelligent and more devious than you. In case I wasn't clear. You should not attempt this. No matter how much advice you get you'll make horrible mistakes.

Still here? Still want to go on? There are almost certainly specialized, expensive, cumbersome solutions in the health care space for exactly this scenario. Your doctors need to man up and pay up.

Haven't given up yet? Still think you can do this? OK, here we go.

It's all about risk management. The more devices, the more transports, the more systems you use to make this work the greater the risk of leaking data.

Any security strategy needs to understand the attack vectors and build a defense in depth against those. This means layers and layers of defensive policy, all of which will be perceived as inconvenient by the end-user.

For some context, none of the hospitals I've worked with allow patient data on to personal computers or devices that can leave the facility. Physical security is remarkably effective. The only way for remote access at these facilities is via some kind of VPN or Citrix portal. This solution works remarkably well, even for iPads. I would suggest this as an alternative to storing data on a home computer.

If the doctor insists on carrying around patient data on a device that is significantly more likely to be lost or stolen then you need to think about the entire stack.

I'd say the most secure solution is a VM that runs from an IronKey USB stick. Synchronize only when in the office and do regular inventory checks on the IronKey.

I wouldn't use Dropbox for medical data if you put a gun to my head. Dropbox explicitly tries to share your data's storage with other users. Dropbox has a history of somewhat loose encryption.

If the end-user insist on synchronizing files between multiple devices then prepare for a lot of pain.

Truecrypt is fine for storage assuming that you've got a nice painful password and Truecrypt is configured to unmount the drive whenever the computer goes to sleep and the computer is configured to both sleep and lock quickly.

Then you need to think about how the user will access the files on that Truecrypt drive. Once the drive is mounted any malware has full access to all the data. Is your user prepared to work with a fully locked down computer? Perhaps a separate user account that is only for viewing patient data and is hardened more than would be convenient for typical use? Do any of the applications used to access or manipulate the patient data create temp files?

Then there's the transport problem. How will you move data between systems. The least insecure solution is to require that the device be at the office in order to synchronize. As part of the defense in depth I would leverage PDF encryption/DRM solutions on each document above and beyond the encrypted storage. Different passwords of course.

You mention tablet PC and ssh. Are you talking about a Windows Tablet PC or an Android/iOS tablet? There are perfectly good ssh solutions for Windows. While there are also solutions for Android you would have to be batshit crazy to try to build a home grown secure device solution on Android or even iOS. While I'm sure it's possible it's not turnkey.

michaelwdotnet · 4 months

Was that the Canadian branch of Universal Exports?

LieutenantDave · 4 months

Ex-Microsoft engineer and Program Manager.

CTO at a software consulting firm. Usual gigs are running some project either one we're doing for a client or stepping in as a the interim CTO or head of engineering.

Also doing the impossible and converting the consulting firm into a software product company. Don't try this at home.

joeyjojo667 · 4 months

I can't think of a more perfect example of why freelancing is all about your client network.

If you have no other employment then your time is currently cheap or free. All the time you spend developing a network of clients has low opportunity cost.

Of course once you actually start doing work then your yield will depend a lot on well you can keep your billable hours pipeline full.

If you have other work then you need to grow your client base incrementally until you are confident that it will generate enough billable work for you to do it full time.

If you can get to about 50% yield, meaning that over time 50% of your 40 hour work week is billable then you're probably doing OK.

The best way to start is to approach potential clients, especially those for whom you have written before, and offer your services for money. That alone will give you a very clear picture of how viable freelancing writing will be for you.

To be blunt, it doesn't sound like you'll be able to do this full time just yet.

Hyperdrive_Initiated · 4 months

This. The Master Services Agreement can specifically state that additional work specified via an SoW can be mutually agreed upon via email and that'll do it.

This kind of arrangement has the benefit of lowering the per project costs for your client. They'll be much more inclined to use you again than to negotiate a new contract with a new vendor.

If the trust relationship between you and the client evaporates no amount of printed paperwork is going to help anyway.

michaelwdotnet · 4 months

Flat rate is great when the client have enough shared context and the definition of the work is super clear to both of you. Of course in those cases your hourly estimate is probably very accurate too.

More often than not, flat rate projects are about risk management. If you end up holding the risk then your compensation should reflect that. Because of that clients that have developed trust in me prefer hourly billing.

michaelwdotnet · 4 months

I don't make up my time but I don't let it get too granular either. It's all about the opportunity cost. My time is not available by the minute or even by the hour. The ideal is to bill by day. I do that when a client asks me to come in for a short engagement. Even if I'm not billing by the day I try to bundle the client work to big fractions of a day. No timer needed to determine that worked all morning on Project X. Instead I make sure to have a nice detailed activity journal of everything I did.

Interrupts, especially those servicing ad hoc client questions, are not desired but they are a part of working. As long as they are small and infrequent I consider them to be overhead and will typically estimate a total time to subtract from the daily total.

Many clients seem to think that they can have access to me anytime they want but only pay for the time they use. That's insane. A 15m urgen phone call in the middle of another client's hour represents a much higher opportunity cost than the actual time spent.

Don't get sucked into being a mythical man minute resource. Letting clients commoditize your time is a slippery slope.

eviluncle · 4 months

Chuckle Have an upvoat sir. I remember VHS rewinders. How long before the context for this joke is too obscure for it to be funny? I give it 10 years.

eggo · 4 months

Why is paper out? This isn't going to be a directly usable form no matter what. It's going to be something that you convert into current systems.

I would print on paper in several forms. One form in "normal" text that is human readable with wiki syntax (and an explanation of the syntax). Another form explicitly designed to be recognized and parsed by a computer. Something like bar codes and QR codes but designed with a lot of redundancy in mind.

There are optical media that are intended for longer life. The problem is that you'll have a hard time getting the redundancy you want at the disc level. Some guy once built something for doing RAID like striping across multiple optical discs but I can't remember the specifics.

k-splotion · 4 months

Obama's signing statement is not law. Future presidents will be able to interpret the law in their own way. This law isn't even "temporary" like the PATRIOT act.

WaywardWit · 4 months

It's hard to imagine a more attractive and liquid asset. It doesn't even need to go on eBay. Someone else's girlfriend is thanking them for the gift right now.

If your girlfriend had email configured to automatically update from GMail, IMAP or POP then you can get the IP address to get a very rough geographic area until the new possessor bothers to wipe it.

michaelwdotnet

TROPHY CASE

you'll need to login or register to do that

create a new account

login