- Take ownership of the product and all issues related to it. This goes a long way, if you own the product, you are the first one looking for bugs, first communicating with users and first worrying about whether or not you got it right. You’re always first to volunteer to do the many varied tasks that go along with running a product/team like taking notes, sending emails to customers, filling things out, triaging bugs, or doing a quick mockup. Always start with: It’s not someone else’s responsibility, it’s your responsibility. When you do this, you’ll find #2 to be easier.
- Be incredibly persuasive. (I don’t really know how to do this one, but I see it done every day.) You want to get things done, but you are not in charge so to speak. None of the team reports to you and they really don’t have to do anything you say. You need to be convincing rather than commanding to get things done at Google. If you are doing #1, this is easier because everyone knows you are going to be in the trenches with everyone else if the stuff hits the fan.
- Be an engineer. I don’t mean that you actually need to be coding the product. I mean you should be curious about how the product is built as if you were an engineer. You should be interested in understanding how much something costs in engineering time, and why it costs so much. What algorithms are in use for that feature? Why is this page slow? Any engineer on the team will pay a lot of attention to big architecture decisions that affect the product and so should you. You should be able to explain the tradeoffs of major engineering decisions if you run into the founders and they want to know why something works the way it does. The best PMs at Google enjoy getting very technical whenever they can.
- Be endlessly positive. Your team is likely composed of engineers and some of us tend to be very cynical. A very positive PM can make a world of difference in the mood of the team. You may feel silly being so positive all the time, but it’s infectious and your team will feed off of it. Remember that you and your Tech Leads (lead engineers) may know of a million things to get you all down, but the rest of your team is likely not exposed to all of that. You help them do their jobs better by not wallowing in your worries because as the PM, you are the team’s window/messenger to the larger company. If you are negative, then that’s how the team will think the rest of the company perceives their work.
- Don’t self-promote. This should be obvious, but if you attempt to self-promote, it’s incredibly obvious and poisonous. Celebrate others on the team, you and the Tech Lead(s) are already the primary contacts for the project and you don’t need any promotion. If you are dragging around the hard work of others attempting to earn kudos for yourself, you’re doing it wrong and you won’t go far. Be inclusive. Whether it’s a blog post, or a launch video for a new feature the best PMs promote their team members. Take a look at the blogs for some of the best products at Google. You’ll find the blog posts are written by a very wide array of individuals and not always the product manager because they are actively promoting others. (Please don’t confuse my usage of “promote” with actual job promotion which is a different animal. BTW the latter is highly dependent on peer reviews.)
- Fearless. A better writer could explain this better, but you must be blind to titles. The best PMs will speak to the founders the same way they speak to engineers or designers on their team. If you freeze up when questioned about your product decisions by execs, you won’t be successful. Give succinct answers and be fearless when defending your team’s ideas.
Chinese translation:
有用户在Quora提问:优秀的Google产品经理需要具备哪些素质?前 Google 工程师 Edward Ho 回复了这个问题。伯乐在线编译 Edward 的回答,全文如下: 在 Google ,我和我所见到过的最优秀的产品经理一起工作过,我会根据自己的经历出一个列表。由于我不是项目经理,所以这些结论都是我在 Google 观察最优秀的产品经理后的结果。
1. 对产品以及所有相关的问题负责。这会让你积极主动,你是第一个寻找bug的人,第一个与用户沟通的人,以 及第一个担心产品是否合格的人。你总是第一个自愿为产品或团队做各种任务的志愿者,像是做会议记录、给客户发邮件、填补临时的空缺、为bug确定优先级, 或是快速做出一个实体模型。始终持有这样一个想法:这不是别人的责任,这就是你的责任。当你这么做的时候,你会发现第2条会更容易。
2. 具备难以置信的说服力。(我不知道这是如何做到的,但每天我都会看到)你希望把事情完成,但你不是负责人,所以只能去说服别人。没有哪个团队向你汇报,也没有任何人会按照你的说法行事。在 Google ,你需要通过使别人信服而不是发号施令来完成事情。如果你正在做第1条,事情会变得简单,因为每个人都知道如果有人攻击这个产品,你和他们会位于同一个战壕。
3. 成为一名工程师。我并不是说你真的需要为产品编写代码。我想说的是,你应当像一名工程师那样对产品的构造 过程具有好奇心。你应该了解产品功能在开发过程需要的成本,以及为什么开发成本会变得这么高。那个特性使用的是什么算法?为什么这个页面会呈现得很慢?大 的架构变动对产品会产生影响,团队中的每个工程师都会对此非常重视,你也应该如此。如果你遇到项目的负责人,他们想要知道一些具体的事情,你应该能够为他 们解释一些主要的工程方面的决定以及之前的利弊权衡。在谷歌,最好的的产品经理都会尽可能地变得更加技术化并乐此不疲。
4. 积极,再积极一点。你的团队很可能全部由工程师组成,并且中的一些可能非常愤世嫉俗。一个非常积极向上的 产品经理能够在团队中创造一种包容的氛围。尽管每时每刻都保持积极看上去很可笑,但是积极是有传染性的,你的团队会依赖上它。请记住,你和主要的工程师 (技术负责人)可能会列出百万种让你沮丧的事情,但是团队中的其他人不应该知道这一切。因为你是产品经理,所以不应该沉浸在自己的担心中,这样会帮助他们 更好地完成工作。你就是团队面向整个公司其他部门的窗口和信使。如果你变得消极,团队就会因此认为公司里其他人也是这么看待他们的工作。
5. 不要自我推荐。这是显而易见的,如果你这么做了,不但非常无聊而且对自身也有害。赞美团队中的其他人,你和技术负责人(们)已经是项目的主要联系人,因而不要做任何的推荐。如果你拿别人的辛苦劳动用来为自己博得赞赏,你不仅错了而且不会得逞。要心胸宽广。无 论是撰写项目博客,还是产品新特性的午餐视频发布会,最优秀的产品经理都应该推荐团队的其他成员。看看谷歌最优秀的产品博客,你就会发现这些博客的作者并 不总是由产品经理,反而会是团队中的各个成员。产品经理会积极推荐其他人。(请不要误解我这里所说的“推荐” promotion ,这和升职是完全不同的。顺便说一下,在谷歌升职是和绩效考核紧密相关的。)
6. 无所畏惧。这个名词如果是作家来解释可能会更好,但请你不要被字面意思所迷惑。最好的产品经理向领导汇报的内容和给团队中的工程师或设计师讲述的内容应该是一样的。如果你在被领导质问产品设计所作的决定时默不作声,你肯定不会成功。做出简洁明了的回答,并无所畏惧地为你团队的创意辩护。
Read from HSecurity at here. (PDF here)
Major issues regarding CA model: browser, CA, and domain owners are disconnected during SSL certificate validation process.
- End user (browser) cannot determine if a certificate was created legitimately.
- The domain owners does not know if a fraud certificate was created on its behalf.
Proposed Solution:
- Every publicly visible certificate should be published in a publicly auditable certificate log
- Every certificate issued must have an audit proof
- Web server must send the audit proof to browsers and browsers must valid the audit proof
- Domain owners should monitor the publicly auditable certificate log
- Installation
1. Download and install Python/ActivePython
2. Download Django and unpack it. Use a symbolic link “Django” to point to Django-version folder to simplify future upgrade.
3. Run “python setup.py install” to install Django to Python/lib/site-packages folder.
4. “import django” to test
- Manage Django projects
1 2 3 4 | # Create new application $ django-admin.py startproject myproj # Test new application at http://127.0.0.1:8080 $ python manage.py runserver [port] |
- Manage Database Connection
1. Update myproj/settings.py and set up database server connection.
2. Run ‘python manage.py syncdb’ to setup database. Assign a super user and password.
- Manage Django applications within a project
1 2 3 4 5 | # Create new application $ python manage.py startapp myapp1 # After define models in models.py for the application, display the SQL and syncdb $ python manage.py sql myapp1 $ python manage.py syncdb |
- Make Database Modifications
1 2 3 4 | # Install South from http://south.aeracode.org/ # After modifying models.py with new fields for a table , run $ python manage.py schemamigration myapp1 --add-field Table_name.Field_name $ python manage.py migrate myapp1 |
The following example list all users with Lync enabled. The catch is to include -IncludedProperties “Extended Attribute” when searching.
1 2 | PS> Add-PSSnapin Quest.ActiveRoles.ADManagement PS> Get-QADUser -SizeLimit 0 -IncludedProperties "msRTCSIP-UserEnabled" | where {$_."msRTCSIP-UserEnabled" -eq "True”} |
Click to view on Center for Internet Security
1. There is a change management in place.
2. There is an active and shared repository of hardware, software, accounts, permissions, tickets, etc.
3. There is an open and shared Knowledge base with full-text search function.
4. Accounts and some file systems on heterogeneous systems are integrated together.
5. Mature system Development and version control.
6. Fully email and ticket driven.
7. IT Security have support from top-down.
- Generate self-signed ROOT CA
3 4 5 | $ openssl genrsa -aes256 -out server.key 2048 $ openssl req -new -key server.key -out server.csr $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt |
- Generate client certificate
3 4 5 6 7 8 9 10 11 12 | # Generate client key file. Give no password or a password to protect private key $ openssl genrsa -aes256 -out user.key [ -passout pass:PASSWORD | -nodes ] 2048 # Remove password for shared password if required $ openssl rsa -in user.key -out user_nopass.key # Generate CSR $ openssl req -new -key user.key -out user.csr [ -passin pass:PASSWORD ] [ -config user.txt ] # Combination of above steps $ openssl req -out user1.csr -new -newkey rsa:2048 -keyout user1.key -config user1.txt [ -aes256 | -nodes] [ -passout pass:PASSWORD ] # Use root CA to issue the certificate. NOTE: the option is case-sensitive. $ openssl x509 -req -days 365 -in user.csr -CA server.crt -CAkey server.key [ -set_serial 01 ] -out user1.crt [ -passin pass:PASSWORD ] -CAserial file.srl </code> |
- Convert between certificate formats
3 4 5 6 7 8 | # Convert DEM certs to different formats $ openssl x509 -inform der -in user.crt -out user.pem # Convert PEM to DEM $ openssl x509 -outform der -in user.pem -out user.der # Convert PEM to PKCS#12 $ openssl pkcs12 -export -out user.pfx -inkey user.key -in user.crt -certfile server.crt |
- Setup Id tag: Add $Id$ to the header of the file first.
$ svn propset svn:keywords "Id" filename - Set HeadURL tag: add $HeadURL” to the header of the file first.
$ svn propset svn:keywords "HeadURL" filename - Set multiple keywords
$ svn propset svn:keywords "Id HeadURL" filename - Check out a repository
$ svn co file:///opt/svnroot/systems/REPO_NAME LOCAL_FOLDER - Export
$ sudo svnadmin dump /path/to/repository > repository-name.dmp - Import
$ cd /path/to/new-repository $ svnadmin create repository-name $ svnadmin load repository-name< repository-name.dmp
- Install Cygwin installer. Make sure vim, sshd and rsync are included.
- Run “ssh-host-config” to configure SSHd,
- Should privilege separation be used? yes
- new local account ‘sshd’? yes
- Do you want to install sshd as a service? yes
- Enter the value of CYGWIN for the daemon: ntsec
- The script plans to use ‘cyg_server. Do you want to use a different name? no
- Create new privileged user account ‘cyg_server’? yes
- Please enter password: use a long random password
- Run “cyglsa-config”, say “Yes” and reboot the server. “CYGWIN sshd” service should be started automatically.
- Note: When creating cyg_server on domain controller, the account will be created as domain account.
$ sudo env EDITOR=vi crontab -e 