Saturday, January 21, 2017

Open source legal implications, licenses and their impact...

When you join a tech company, you usually end up signing some sort of employment agreement contract which, if you read carefully (you MUST read this thoroughly), probably states all sorts of restrictions on what you can or cannot do/own and the rights of the hiring company to own your work, whether it is during working hours or in your spare time including ideas you might have in the shower or anywhere else.  In many cases, this extends to open source contributions that you might make which might be unrelated to anything you do at work.

As we grapple with a rapidly changing software and hardware industry where the open source juggernaut slowly, but steadily, steam rolls over proprietary software, we are faced with difficult and contentious issues of what "belongs" to the company (a proprietary, closed mindset) and what "belongs" to the employee that they can contribute towards during their spare time.  Especially for contributions which are unrelated to the employee's day job.

So, it's imperative a developer/contributor understands the variety of open source licenses that exist, what they imply and how one should use them.

The choice of the open source license for a new project can directly or indirectly affect how it grows, how many contributors and maintainers it has, how it is used, whether people can make money using it commercially or not and, eventually, whether the project is sustainable.

Here are a few things to think about regarding licenses as you enter the world of open source:

  1. Talk to the open source office at your company and ask them for clear guidelines on what is your intellectual property and what is the company's.  If you don't have an open source office, locate the legal department and ask someone in that team.  If they don't know, talk to the legal department about your concerns and see if you can get some sort of guidance from them.
  2. Read and re-read your employment agreement to understand what the implications are for your ideas and contributions to open source.  Does the company own any contribution you make regardless of whether it's related to work or not?  Is it restricted to software, hardware, both?  What about blogs, presentations at external conferences where you are not sponsored by your company, published articles in journals or technical magazines?
  3. Read, re-read and completely understand what the different types of open source licenses are - start with this site  Also, look at
  4. If you create open source software or hardware, ensure that you are clearly stating what license is used for contributions to that project.  If you're unsure about what license to use, ask around, go to open source-centric meetups and talk to speakers to increase your knowledge and get help online.  Also, see
  5. If you contribute to existing open source software or hardware, ensure that you understand what license is used for your contributions and if you are allowed to share it, own it and use it as you and others intend.
Your choice of license (whether you started the project or are contributing to an existing one) can have a significant impact on the culture of the project.  MIT, Apache and BSD licenses are extremely open and allow contributors to share and contribute freely.  Projects that use these licenses might not, however, have stringent rules and oversight to vet the quality of the contributions since anyone can contribute - whether they have an appropriate background or not.  This could also lead to many new contributors asking for help and maintainers being overwhelmed (and, therefore, quitting).  If you go the GPL route, the various versions have varying implications and your contributor/maintainer profile and personality might be quite different. What if it's more litigious - is this what you want for your project?  Do you want your project to be commercially distributable with acknowledgement to the origins and contributions back to the original project?  

I tend to use the MIT or BSD licenses for projects - CodeChix Technical Curriculums contain a series of technical curriculums spanning mobile, security, NLP and Big Data under the MIT license.  We used the Apache license for the OFconnect SDN controller project.

But, that may not be the case all the time, depending on what makes sense and how I would want to structure the impact of the project and what I call the "target market" - as in what types of developers do I want to attract to the project.  I'm still thinking about this a fair bit and pondering pros/cons and what would be most beneficial for my "target market" - women engineers in industry who typically have very little "free" time and energy.

Monday, January 16, 2017

On open source - scratching the surface

At CodeChix, we have always been strong proponents of open source in all it's forms - software, hardware, design, photography etc. It's a fundamental requirement for all programs that we run (tech talks, hands-on workshops and hacking sessions) and our conference, DevPulseCon only accepts talks and workshops targeting open source projects.

Over the years, it's been an eye-opening experience for me that there are so many companies that tout open source support on their websites and marketing verbiage and, yet, when you look closely or instigate an open source project that might "compete" with a proprietary product at said company, all "open source goodwill" goes out of the window in a flash.

This happened to me when I was building the CodeChix team to work on the Open Networking Foundation's OpenFlow Controller international competition consisting of 4 fantastic women engineers from 3 different companies. One of the companies, a behemoth of networking software and hardware which proclaimed huge support for open source on their website etc., denied two of their women engineers (CodeChix members) on the team from working on this competition project. Their argument was it was a "competing" effort to their proprietary controllers and they would not allow these two women engineers to participate in this effort that was being run by CodeChix. Naturally, I pointed out the discrepancy between what they were touting on their website and what they were telling me. Which resulted in complete silence and I suspect my queries were relegated to the proverbial bitbucket.

So, I pinged the ONF Executive Director, Dan Pitt, about it and mentioned this dilemma - I couldn't build a team without these two engineers - they would be doing all the work in their spare time (nights and weekends) just like the rest of the team and I really needed them in order to meet all the submission criteria for the competition.

After several email threads with the ONF, myself and the legal department at the offending networking company, it was finally agreed that as long as CodeChix would open source all the work (of course, that was the whole point after all from my perspective), said networking company would be "OK" with the two women engineers working on this project. The whole process took about a month and half to get resolved. With a lot of angst and stress and juggling on my part. And the team took a big hit since we couldn't really be fully productive until both these team members had the green light to join and start their work.

The moral of the story being, never give up. And call out the industry when they try to ignore their own policies. I'm not saying this will always work - it helps to have a heavyweight organization to back your efforts. But open source is the future - for the women engineers who are truly dedicated, brilliant, persistent and resilient. It's not for everyone, I think. It requires a very different mindset and attitude from what traditional proprietary product development entails as far as processes, accountability, collaboration and effectiveness. In some cases, it's much more difficult to make a mark in open source and get recognition for it. It's not like you have a manager/boss who's watching you or assigning you tasks. You are your own boss and that can be a good thing or a burden - depends on your personality and motivation.

But, if it is in your DNA to run things, open source is a potential path to success as you choose to define it - whether it's for contributing to solving hard problems, improving the world or teaching/learning.

Saturday, November 07, 2015

Coder[xx] - a resounding splash in a rather still and brackish pond...

It's been about two weeks since the inaugural CodeChix hyper-technical conference (Coder[xx]).  And I'm still recovering from it.  To all the nay-sayers (both companies and individuals) who thought this is something that is not needed given the plethora of existing (mostly male) conferences - take a look, learn and rethink.  The data is very clear that this is an absolute need and so is the enthusiasm and response.

What an absolute pleasure to see such a huge demand from women engineers in industry (and a few students from SoCal and Sonoma) all over the bay area as well as some global travelers who happened to be in the bay area and joined us.   We were sold out and pulled off a conference full of technical content spanning programming languages, tools, technologies, maker-ism and a panel session on how to get ahead which was packed and electric.  All in 6 weeks.  With no prior experience in this sort of thing.  With almost no funding.

I set the tone of the conference in the beginning by welcoming everyone to a safe space, one that is open to women and all who identify as women (of which there were several attendees) and the supportive men who were there to help us succeed and to share their knowledge with us.  And that we were all there to learn, share and learn about each other and what we work on.

I also made myself abundantly clear on my take on recruiting at the conference - not allowed in any way, shape or form.  Including a promise of immediate, impolite and very firm ousting should I see this happen or hear of it happening.

It was, I thought, exactly the right size at almost a 100 headcount for what I had envisioned and made it easier for everyone to have a chance to actually meet/chat with a number of new people and establish connections.

Mary Lou Jepsen's keynote was absolutely fantastic and everyone who was able to find standing space (yes, we only had one large room so people had to stand) was inspired and she was mobbed for several hours afterwards answering questions and responding to a crowd of eager women surrounding her until I rescued her :).

The panel discussion on growing in your career took an absolutely candid look at the state of things as they stand from different perspectives (industry, some academia and freelancing) and hearing from an interested and engaged audience that started participating within the first 5 minutes or so.
No recording or social media allowed - this was a safe space panel and I wanted to have everyone speak freely with no chance of retaliation of any sort.  At least, that was my hope.

I couldn't have done it without the fantastic volunteers - both the core, dedicated team who helped with getting the conference organized and presented in 6 weeks to the day volunteers who stepped up to handle any minor hiccups and were there when we needed them !

Our surveys show an overwhelmingly positive response to our hyper-technical conference and we have already been bombarded with questions about when the next one will be.

Some of the survey comments:

" I think the conference was amazing! Hats off to the panel discussion!"

"i am so glad i decided to go to this event, although i didn't get to meet anyone new (introvert thing), i walked out feeling so humbled, and yet so inspired! both the codechix team and all the speakers are just amazing! a big thank you! i am looking forward to coder[xx] 2016 already!"

"Good talks and qualified, dedicated and passionate speakers, strong keynote Candid discussions, open career advice Good turnout for Sunday and possibilities of networking within engineers Helpful and dedicated organizers and volunteers Professional demeanor of speakers ,attendees , organizers and volunteers Overall very smoothly run conference- no major confusion or hoopla"

At present, we're trying to get all the videos wrapped up and posted on our CodeChix YouTube channel...

Stay tuned for 2016 events and the next hyper-technical conference from CodeChix - we've set the trailhead and cleared some of the route for others to follow...

For the first time running a conference (the first of it's kind),  the feedback is clear - women engineers need this, want this, will flock to it and this could be the catalyst for much-needed change.

The question remains - will the companies, who are mired in their introverted, ethnocentric outlook and bottom-lines, look up from their myopic viewpoints and see this?  And, will they support it?

We'll see how this plays out over time...

Monday, October 19, 2015

On Code Reviews - Part 1 of 3

I've been pondering writing about this topic for a while and never really had the time to corral my thoughts and write it up.

Until I flew to GHC and had time at the airport and on the plane :).

This is not an exhaustive coverage of code reviews and is meant as a basic understanding and guideline for engineers.

It amazes me how many engineers (both young and old) still don't know much about code reviews and I have encountered some who have been working for several decades and have never had to do a code review (begs the question what sort of architecture/design/implementation have they produced?).

Some, usually the latter category, are vehemently opposed to having their code "poked" at by others and believe that they are entitled to writing/designing whatever they choose regardless of what others might think.  Generally, one tends to avoid working with such engineers, but, they do seem to pop up rather alarmingly frequently.

So, in short, code reviews are essential and all good software (and hardware interface engineers, if applicable) perform them religiously.

NOTE: A basic requirement for code reviews is to "Check your ego at the door".  Your work is going to be reviewed/dissected and comments will arise that will not be easy to digest.  This is a good thing.
A code review is not about you, it's about the code/product quality.  And you won't be the only one  - everyone has to go through it.  So, deal with it graciously, be thankful that you have good reviewers and that you are, eventually, going to become a better engineer because of it.

What is a code review?

A code review is quite literally a reading/understanding and critical thinking process that is applied to programs/code that either needs to be shipped as part of a product or used internally by developers to build products.   Written and/or oral feedback is given to the author on whatever is being reviewed so that s/he can incorporate the feedback and improve things before checking in the code into mainline or a branch.

By no means is this an exact method for eliminating all errors in a given piece of software, but, it is reasonably effective (if used properly) at identifying errors, potential errors and, eventually, providing quantitative and qualitative feedback to the author about her/his technical approach and implementation.

The review might also include architecture/design of the component that is being reviewed as a background for the reviewers, particularly if the code is a critical path in the product and/or interfaces with other critical paths in the product.

There are a whole host of other definitions for a code review, but, this is the one that makes most sense to me.

Why do we need code reviews?

Code reviews are and have been one of the few ways of mitigating programming and design risk associated with a product - early in the development cycle.  Usually, it is a human process to understand and evaluate architecture, design and programming paradigms as well as algorithms in order to visually and conceptually understand how a given piece of a product works and is implemented.

In the end, code reviews help a developer/engineer become a better developer/engineer and, also, establishes technical standards within a group of developers/engineers, resulting in a better product in the end.  It also provides a way for a team to understand and evaluate code that they might not otherwise know, should a bug in that piece of software appear in the field, and the original author may not be available to triage and fix it.

Apart from that, code reviews help developers identify integration issues well before the code is checked in and this alleviates the burden on QA/QE and, eventually, results in a better product in the end (again).  The entire goal is to create a more robust, well-architected and well-designed product that has few bugs in the field and happier customers.

Leading to more money so you can afford that ridiculous mortgage and send your kids to a decent school...  (I see this among all my married w/ kids friends).

Coming next...... Types of code reviews and pointers on how to conduct them effectively

Saturday, October 17, 2015

My dream coming true... fingers crossed

A dream and a hope that I had 4 years ago is finally coming to fruition - all due to the gumption and hard work of a handful of volunteers who all decided at the end of July that they would really like to make my dream come true.

And that they really didn't have any truly technical conferences for women to go to.  
We had gathered for a volunteer appreciation lunch and 5 of us decided that this would be worth it for all of us - Anne, Sushma, Deepa, Blythe and myself.  

Blythe signed up to be the conference chair and I signed up to be her mentor/guide/instructor and whatever else was needed.  And we formed the conference committee, recruited Val and Whitney for the website and graphics and we were on our way. 

That was 2 months ago. 

And so, on the heels of the Grace Hopper Conference this year, we, at CodeChix, are one week away from our first technical conference - Coder[xx] - Unleash the engineer within you.  To be held at the illustrious Computer History Museum in Mt. View on October 25.  

Coder[xx] is pronounced "Coders" and the double-x stands for the double-x chromosome.

And we are almost sold out.  Thanks to PayPal and Deepa Dhurka for getting us some funding but we are pretty much running this conference on ticket sales.

I had instructed Whitney to create a logo with the Andromeda Galaxy (I like stars/space) and with the slogan "Unleash the Engineer within you" and she, once again, created an amazing logo and banner.  And it sports our well known VT100-inspired color-scheme of black and green which I had originated in 2010.

And none other than the pioneering Mary Lou Jepsen is our keynote speaker !  I am so happy and grateful to her for accepting my request.

If you are a woman engineer who is serious about her career, you should come to this conference.  And if you have a daughter, bring her !  I feel that both daughters and sons need to see their mothers in their element - being fantastic engineers and being serious about their professions.  That is why, I created the "Mother & Daughter" ticket - for all the awesome mothers who need to show their daughters (we'll open it up to sons next year) how great they are.

This is the banner Whitney created per my specifications:

Thursday, August 20, 2015

KQED Newsroom

Here's the video.  No, that's not me in the first picture.

Friday, July 31, 2015

On panels and interviews...

I was on a panel interview today regarding the topic of "Women in Technology"/"Diversity".

And it reminded me why I stopped doing interviews and panels altogether.

It was nerve-racking.  I had lots of make-up on (necessary according to the really nice woman who did my make-up), bright lights, no idea what questions would be asked and which direction the conversation would go (always dicey with me given my strong opinions and my dual-role as full-time engineer as well as a Founder/Exec. Dir.) and one never knows which bits of conversations might be used out of context etc. in the far future.  Stressful.

But this panel was special - it was at one of my favorite public media organizations  - KQED.   I love NPR, have always listened to NPR for as long as I can remember (yes, even when I was little and my dad would put on PRI every morning on the ancient radio that we had) and donated whenever I could.  The quality, breadth and depth of KQED/NPR programs never ceases to amaze me and I was honored that they wanted me to be on a panel.

So, I HAD to break my "no interviews" stance and go.

Not to mention, it was a chance to promote CodeChix in the hopes that maybe, someone who cared (enough) would donate substantial funds and we could actually become a non-profit organization that would have funds to actually make a difference.   Hey, I can hope :).

The entire panel discussion lasted about 14 minutes (did I mention nerve-racking?), and I managed not to say anything too controversial :) - I think.  My fellow panelists were great and their banter made it easier for me to relax a little.  Sophy Lee from Shuddle (who brought her Public Relations manager with her), Cecilia Stallsmith from Bessemer VP (it's a venture capital firm).

We were shown a video of 3 women (all working in San Francisco, I believe) who spoke about the dearth of women engineers in the field, cultural barriers and how great coding was.  I couldn't tell how many years of developer experience each of the three women had and whether their developer experiences were purely web development (typical for SF jobs).  Guessing at their ages, it seemed like they were all pretty young (20's, maybe early 30's).   It made me feel very old :).

Following the video, we were asked about our thoughts on the video and, then, Thuy Vu, our moderator, (who, by the way, is fantastic, as is Monica Lam, the producer), asked us questions about what we perceived regarding the retention and recruitment of women in technology.  Not particularly specific to women engineers persay.

I talked about CodeChix and what we do and what I want to achieve through the organization.  And quoted some numbers which I thought I remembered from this article and, of course, got it wrong (sigh).   I managed to mention something about "background radiation" towards the end when we were asked about Ellen Pao (all of us were a bit startled by that question) including mentioning that I was "cautiously optimistic" about cultural change.

Cool picture of the KQED Newsroom tech - not sure what all that equipment is (other than the monitors)

To be frank, it all went by really quickly and I don't quite remember all the things I said and what all the questions were.  But, it did make me realize that there needs to be a panel or some such discussion somewhere *just* focused on veteran women engineers/developers, particularly ones who work outside the "SF Bubble".  And the unique issues that occur with our kind (especially the ones that have been around for a while and have seen many changes and have had many good and bad experiences).  It is a controversial area and, unless it's talked about and pushed in front of people, the question of why the needle isn't really moving in the right direction, is going to continue to come up.

These are women engineers that built the long haul networks that carry cell/home/video data across continents, that built systems to distribute satellite video to thousands of households, that make the software that runs fortune 500 companies via virtual machines, that build gadgets that transform industries.  They are the unsung heroes - and they should be heard (if they want).  By the world.  They are the ones that inspire and show us the true essence of grit, brilliance, handling the "background radiation" with balance and grace, and shining against the odds.  Because the odds are not going to go away anytime soon.  They might reduce a bit, but, that, too, is to be seen.

I am privileged to know such women - they are few and rare.  They tend to shirk publicity (almost like the plague), but, I think I can convince them if the opportunity arises.

I haven't seen the video or audio recording of the panel yet.  It's supposed to air at 8p tonight on KQED newsroom.