Because it is far more clever than anything I could do in Excel. And it doesn't require me to duplicate information all over the place. I'd rather have just one master source of data that I do all the calculations on.
If you're doing deep analysis on large historical data, then it's in essence a MIS system, and most businesses do (and should do) that outside of Excel.
But what the article is about, in a growing startup or a changing company (say, completely new product line) the 'one master source of data' is not in a database but the assumptions in your head; and any clever model based on your historical data will be either impossible or far more wrong than a simple order-of-magnitude calculation done on a paper napkin. And, well, Excel is more convenient than the napkin.
I would be curious to know for which sort of accounting things Excel is ideal?
Sorry, I could not comprehend the second paragraph.
Fraud has nothing to do with paper or computer based system. To minimize risk of fraud you need to implement proper sets of controls, like segregation of duties, etc.
As for Excel - Excel is a poor instrument for doing the accounting, therefore it shall not be used ... unless you have some kind of micro/nano business.
> I would be curious to know for which sort of accounting things Excel is ideal?
Well, let's see.
1. Preprocessing data for entry. This might be used, for example, if you want to depreciate fixed assets using a method your accounting software does not support.
2. Post-processing data. You might do this if you have a report from an accounting system but your final report needs to take into account additional factors. Some of my customers use Excel to turn trial balance data from their accounting systems into financial statements.
Another example of post-processing might be if you take aggregated sales reports from an accounting system and further process it by business folk who don't know the programming environment.
As for paper: Yes, separation of duties is a part of it but paper has an advantage that no computer system can match, namely that if you keep your books in indelible ink, then alteration of numbers is obvious on audit. This is a weak point of electronic media. You can lock it down, but it is always possible for someone to unlock it. So with comparable policies, paper wins out anti-fraud-wise.
Interesting, actually what you mention is not an accounting per se, but I agree with you, specifically
>> 1. Pre-processing data for the entry.
For this specific example if the accounting package does not support certain depreciation method (which rather rare), you can easily do this in Excel, both for financial modelling purposes and as a supporting document for the accounting entry.
>> 2. Post-processing data.
What you describe is not accounting. This is financial and management reporting. Yes, Excel is what is used by most everyone.
Perhaps I have a more expansive definition of "accounting" than you ;-) I do agree that Excel is not and never should be a primary tool for bookkeeping.
Julien, do you have any news to address this Adam's point:
>> So how do you run forward secrecy with several servers and support session tickets? You need to generate session ticket keys randomly, distribute them to the servers without ever touching persistent storage and rotate them frequently. However, I'm not aware of any open source servers that support anything like that.
Nginx has a patch to store them in memcache, for what it's worth. It's far from ideal, but at least it's not persistent storage.
The standard is still to point clients to a single termination endpoint, and do active/passive cluster, so that there's no need to share the session tickets.
I still believe that using PFS, even with this limitation, is safer than encrypting pre-master keys with a single private key that almost never rotates and is stored on plenty of servers.
>> I still believe that using PFS, even with this limitation, is safer ...
I definitely agree, the problem is that usually there is more than 1 web server :-)
>> The standard is still to point clients to a single termination endpoint, and do active/passive cluster, so that there's no need to share the session tickets.
Sorry, I did not understand (esp. the active/passive cluster thing) - could you please may be add some pointers (blog post, etc) with more details?
That's a good point about master keys. The state is pretty bad with Apache for example, and I'm not sure its much better with nginx at least by default.
I think that what he means is that you terminate SSL on the load balancers (= single termination endpoint), then have your cluster beneath it (non-SSL/TLS, or new SSL/TLS connection, thus different tickets)
In my humble opinion the guy is a great engineer who is bored (by lack of challenging projects) and discouraged (by less than stellar teammates).
It is rather easy to check though - you should forget about time spent on work and need to compare the outcome, i.e. result, of this guy vs every other engineer on the team.
If the check above shows that this guy is better than everybody else, than this:
>> Alarmingly often, he'd have hacker news, or dzone open and would be reading articles (I mean 50%+ of the time, not once or twice a day).
and this:
>> More than one of his coworkers have mentioned something along the lines of "can't we fire him 4 weeks out of 5 ?".
indicates one simple thing - he is not managed properly by his manager and by the company.
Founder here. Indeed an additional hurdle! It's probably the hardest part of setting up the website. Handled via CNAME (similar to Shopify), this way they can still control any other services (i.e. e-mail).
But why would you need this? You can do financial model in 1 hour using Excel...