Performance Review

During my visit to New York, I also had the chance to have some interesting discussions with colleagues at the office. One of those conversations was with Stephan, the area director, about using SSH over a VPN, double encryption, and meet-in-the-middle attacks. That led me to study the subject more and learn why DES was extended as 3DES (or triple DES), instead of double DES. I learned about attacks on double ciphers and understood that breaking double DES is only slightly more expensive than breaking single DES. With triple encryption, that’s not the case.
Also in New York, a colleague taught me how to pronounce public key. I used to pronounce it in a way that made it sound like I was saying “pubic key” instead of “public key.” It must have sounded very strange to American ears, and I only caught on to how bad it sounded many years later.
I was back in Campinas, still working remotely part-time and doing the PhD. Life went on more or less normally, but I started to get worried about the difficulty of communicating with my new manager. He didn’t answer my emails and didn’t hand me tasks. Since it was my first job at a company, I even thought this was normal and that I needed to be more independent and define my own tasks. So I started being creative about what to do, mainly choosing activities I could carry out remotely and independently. There was some user support work I could help with, and I started spending a good chunk of my time analyzing firewall logs. From those logs, you could identify a lot of things on the network that weren’t properly configured and then contact the responsible parties to try to fix whatever was needed. Sometimes it was a system that needed some tweak; in other cases, it was the firewall itself that needed a change.
I spent days looking at logs on my screen, so much so that we joked it looked like The Matrix: I knew everything that was happening on the network from the characters falling down the screen. I also started identifying attack attempts against our network and began sending that information to the people responsible for those addresses. It was an era when you could still get replies to that kind of contact, though not always.
These log analyses, the results, and the attacks I identified were all reported to my boss, of course. But only in extremely rare cases did I get any feedback from him. I kept asking him to tell me what the priority tasks were and where I should focus, but he completely ignored me.
In the middle of this, in the second half of 2000, we found out Gisele was pregnant with our second child. At that point, we stopped to reevaluate our life and decide how we’d move forward, especially since the arrival of a second child would make our routine a bit more complicated. The decision was to go back to Belo Horizonte and continue both her master’s and my PhD remotely. Going back to BH would put us closer to family, and me closer to the Intelligenesis office — I’d even be able to start working full-time to increase our income. So we began the conversations and preparations for that move.
At work, the end of the year was performance review time. They did a kind of 360° review, in which we were evaluated by our bosses, but we could also give feedback and evaluate our managers. The situation with my boss wasn’t good, and I believe I made it clear in the review that I needed him to communicate with me and to respond to my emails. I never had access to the review he did of me, but I imagine it wasn’t good, because Cássio, the person in charge of the office in Brazil, became concerned about the situation. Having a boss who doesn’t like you is always complicated, because a boss has the power to help or hurt your career, including the possibility of firing you. In this case, I had the advantage that Cássio knew me well and had known me for a long time. Cássio, by the way, was an active part of the the story I told about creating the 2600 magazine meeting.
Cássio realized the situation wasn’t good, but he trusted my technical ability. That trust was my good luck at that moment, because, instead of simply following my direct boss’s wish to get rid of me, he decided to transfer me to another area. It was a way to work around the grudge my boss had developed against me (to this day I don’t know why), to give me a second chance, and to let the company take advantage of my abilities on another team.
With the team change, the type of work I did also changed. Cássio put me on the team managed by my friend Arnaldo and gave me the task of defining a secure communications protocol between the artificial intelligence instances the company would eventually produce. The idea was that, even though the AIs were autonomous, there would be a need for communication among them, and the company wanted to guarantee confidentiality and authentication in that process. In this second phase at Intelligenesis, I started working on defining and implementing communications protocols. The initial protocol design was quite simple: messages would be encoded in XML and transmitted over the internet in encrypted and signed form. It was pretty close to the idea of PGP’s digital envelopes. The company’s choice was to adopt a digital certificate model based on PKI, with a structure managed by the company itself, in contrast to the decentralized structure used by PGP.
With these basic definitions, I started building a prototype in Java, which was the language used at the company. At that time, the XML-based security and cryptography standards were still immature and had not yet been finalized, so we began to define our own standards. It’s worth remembering that XML was considered the state of the art at the time.
With the switch to a team focused on software development, I started having daily contact with new tools. We used a system modeling tool called Together and a new version control system called Subversion (or SVN). I also learned how testing is essential during software development, especially unit tests and integration tests.
Everything seemed to be going well in my new role, but, at that time, the so-called first internet bubble burst in the stock market. Several companies were overvalued, but had no revenue yet. They depended entirely on investment and, when the bubble burst, those investments were reduced or even dried up completely, and many companies couldn’t stay afloat. Intelligenesis still depended entirely on investor money: revenue didn’t cover expenses. Before the bubble burst, the company had been negotiating a new round of investment. With the crisis, all investors pulled back, and the company ran out of cash to pay the bills. On April 2, 2001, all employees got an email saying that the company had gone bankrupt and wouldn’t even be able to pay that month’s salaries (and it wasn’t a belated April Fool’s joke).
From that moment on, I (and every other employee of the company) was officially unemployed. But that’s a story for the next chapter.
Links:
- News about the Intelligenesis bankruptcy: https://www.wired.com/2001/04/intelligenesis-faces-dim-future/
Advice nobody asked for but I am giving anyway:
- A bad boss, or one who doesn’t like you, can be a drag on your career. A good boss can propel a career forward. In the case above, I was very lucky to be well-known and friends with many people at the company. My advice: run away from bad bosses, whether to another role at the same company or to another job.