Friday, October 5, 2012

Scrum and Story Points, what's the story?

After working with scrum for a while and watching this debate of time vs story points I came to a personal conclusion that helped me to make better estimations and use the story points at their best value.

  In my opinion story points best measure risk. You estimate this risk taking into account your proficiency, overall experience and the expertise in the technology, the project and it's business, the dependencies involved that you need to rely on to move forward (could be external systems/teams, business analysts, other people availability) and your average capacity of solving problems in a given time.

  So when it comes to estimating a user story you should ask yourself: “what is the risk of this story?” I would categorize the risk vs story points as follows:

1 point - Virtually no risk, insignificant work doable in a very short time

3 points - Extremely low risk, know all about it can do it quickly, probably a matter of 1-2 hours

5 points - Low risk, know most about what I need to do, probably can fit in few hours to one working day

8 points - Medium risk, know quite well about what I need to do, I might have some unexpected obstacles and maybe some dependencies on other (external) resources, but I am confident I can do it in 1-3 days.

13 points - High risk, there are aspects about I have no idea on how to tackle, have external dependencies about that I am worried, it might take half of a sprint to get it done.

21 points - Highest risk, I have right now no knowledge about the subject and no idea of how to do it, there are lots of dependencies on other (external) resources that I cannot manage, I am not sure I can solve it in a sprint so that story becomes demoable. Then you should ask yourself: is this really a good story or rather an epic? Shouldn't  it better go into a research spike first so that we gather more knowledge about how to do it?

However, when you estimate always take into consideration collateral aspects such as unit/functional/integration test writing (that can take as much or more than time need to code functionality), team communication, code reviews and other things that should be part of your development process.

What do you think?


Tuesday, September 25, 2012

Always Elevated Privileges in Windows 7

As a developer I usually need to execute lots of commands and programs that require administrative privileges. Although my Windows user is in the Administrators group I always needed to do "Run as administrator" on command prompt, text editors and other applications that required privilege elevation, even if they were created by me or by programs that I launched!
After digging a little through Windows permissions system system I found out that in order to improve security and minimize virus propagation risks, the windows team has decided that even if you are in the administrator group, and even if you are the Administrator, there is better to explicitly grant yourself the rights to do elevated privileges in an interactive way, so that underground malicious programs would not be able to go through without you knowing this.
That said, I am quite sure that an experienced user can do fine even without this kind of assistance, especially in corporate environments where almost everything is filtered and secured.

So, to grant yourself elevated privileges without prompt you need to:
1. open security policy configuration, by typing in the command prompt:

%windir%\system32\secpol.msc /s

A window titled "Local Security Policy" should open as below:

2. Navigate to the Security Options node:

3. On the right side click on the "Policy" table header at the top to order alphabetically the entries so that you shall have all entries starting with "User Account Control" easy to spot.

4. Select the entry called "User Account Control: Run all administrators in Admin Approval Mode":

5. Here it is all. When activated, this option instructs Windows to ask for your permission every time when elevated privileges are required, even if you already own them. Double click on the entry and set this option to Disabled. It will require you to  restart Windows in order to get effective:

As a bottom line, be sure that you know what you are doing, as this will downgrade your system's overall security.

Good luck!