Half-Elf on Tech

Thoughts From a Professional Lesbian

Category: How It Is

Making philosophy about the why behind technical things.

  • On Trust and Money

    On Trust and Money

    So. Headway Themes. In the last two years, they’ve gone from being a pretty interesting drag-and-drop theme that I thought was cool but not for me to a disaster. With the recent posts by former employees, and the complaints of customers, I feel bad for everyone involved.

    But this is not about how another company could have handled things better. No, this is about trust.

    You see, with the debacle that ensued, while it was going on, I was looking at desktop clients for local development on my new Mac. I have DesktopServer (love it) and VVV (… love it …), but I’d been hearing about this new docker type image set up thingy called Pressmatic.

    My buddy Pippin loves it, and I trust him with a lot of things. Pippin and I hate doing things the hard way, and if he found this easier to use then awesome. There was just one teeny problem for me.

    You see, it was owned by one of the people behind Headway.

    Now I’m not trying to tell you not to buy software becuase of a previous situation. But like I mentioned (in passing), I still don’t like to use GoDaddy because I disagree with their ethics and marketing strategy. It’s not to say they’re right or wrong, but I don’t like it, and since I don’t have to use their products, I don’t.

    The big difference here, though, is that if you asked me “Should I use GoDaddy” I would tell you the truth and it’s this: Sure. Why not?

    It’s hard to explain this in 140 characters, or even a chat at a crowded bar with burritos and beer. I just feel there’s a big difference between the choices I make for me, and the choices you make for you. But there’s also a difference between the choices I make because I must, and the ones I have freedom on.

    There are a lot of things I personally don’t like. I had a terrible experience with United Airlines and now I don’t fly them unless I have to. I had a series of shitty discussions with Jeep and now I won’t buy them. I had a horrific Amazon shipment screw up where they wouldn’t refund my pre-ordered copy of a DVD that was broken on arrival, because the pre-order was more than 3 months prior.

    It took Amazon about seven years for me to get over that.

    I’m not quick to forgive, if you can’t tell.

    So when I tell you “I don’t feel that I can use [whatever]” and that isn’t followed by “And I hope you don’t either” then it’s really just me, having a personal moment where I don’t like a thing or a product or a marketing choice. Where I had a bad experience.

    Everyone is going to have a bad experience with something. People hate the bank I used to work for, and they hate the hosting company I work for now. It happens. People I like and respect hate choices my company has made, and I understand that. I don’t beg or plead or wheedle or even complain. I nod, I say I understand, and I ask if I can do anything to help them. Even if that helping is helping them move to a new web host.

    Trust is a thing that is given, and when broken takes a long time to re-earn. Right now, the situation with Headway gives me serious trust issues with Pressmatic, to the point that today I don’t feel that I can purchase what looks like a damn nifty product from them. And it’s not because I don’t think the product is good, or that I’m trying to punish them. It’s that I have doubts that they care about the little guy. Specifically, I doubt they care about their little guys.

    When I have the choice to vote with my conscience, I do. When I have the responsibility to vote for my fellow man, I do. And when I have the ability to use something that pleases my little hippy, communist, socialist heart, well god damn it, I am going to do just that.

    The converse is also true.

    I have freedom to chose. And so do you.

    Go use GoDaddy. I’ve heard amazing things about their managed service. And Pressmatic? It works awesomely! Jeep? The new ones are kind of great for off-road stuff and the heated and cooled seats are great in summer. United Airlines? They let me switch a flight around at the last minute for now fee when I had to fly them.

    But I won’t use them by choice right now. And that’s okay. Maybe one day that will change, but it’s not today. If you can’t stand those things, that’s okay too. I hope you dislike them for the right reasons, and I hope you can keep yourself away from hatred and anger, but I get that it’s hard.

    Like what you like. Dislike what you don’t. Vote with your feet. Trust the ones that you feel you can trust.

  • Review: Ninja Forms 3

    Review: Ninja Forms 3

    I wanted to have this out last week, in time for their release of Ninja Forms 3, but with WordPress 4.6.1 dropping the day before and me breaking the site I use Ninja Forms on, well let’s just say my week ran away with me. See the previous post about how lesbians eat data for more.

    Anyway. Ninja Forms 3. It took these guys a year to get it all right, and from where I sit, they did an amazing job. They managed to upgrade with minimal loss of data. And since we’re talking about forms, that’s a huge deal. You see, when you do a major overhaul of how forms are built, you’re changing how the data is stored. You’re also (possibly) changing the shortcakes in the posts where the forms are located.

    Making matters ‘worse’ for Ninja Forms, they have add-ons. Now they have to make sure these hundreds of add ons will work with the new version of Ninja Forms, and you can bet that not every developer will be responsive. I know that one for a fact.

    What they did was nothing short of phenomenal. You see, they ended up making two plugins and a migrator, wrapped it all up into one plugin, and released it. I cannot stress how incredibly hard that is. And they did it right and well.

    Here’s how it worked. I had version 2.9.x and I pressed that happy upgrade button to go to version 3. Nothing changed. I had an alert telling me that “3 is coming!!” which I knew, so I clicked on the link and was taken to a page asking me if I wanted to upgrade. Hold on a second. I was asked to use the new version.

    Right then and there I realized they’d not just included some 2.9.x stuff in the plugin as a fall back, no no. They had two plugins. That’s twice the work, but more to the point, they had an upgrader and a downgrade in there. I clicked upgrade, migrated my forms, and that was it. From the visitor’s end, nothing had changed, and that’s how we like it.

    For me though, using it was a mind trip. The very first thing I noticed was that it took up my whole screen. Now I’m not a fan of that in general. I want WordPress to look like WordPress. I want access to all my things so I can right click and open a link in a new tab and multitask. And worse, most full screen WordPress tools don’t look like WordPress. The disparity of those kinds of changes bothers me a lot.

    Shockingly, Ninja Forms felt like WordPress. It looked and felt like everything else in my dashboard. I’ve only seen this a few times, like with WooCommerce, where the ‘non’ WordPressy pages were still WordPress. This is hugely important to me. The more we make a consistent user environment for WordPress, the better we make the entire WordPress experience for our users.

    I hadn’t messed much with Ninja Forms since I first set it up but now I had all sorts of fun things to play with. The drag and drop interface was as slick as it looked in the videos. This has reinvigorated my interest in things and I’ll be adding some more custom forms to the site soon.

    Okay, so what don’t I like?

    The colors don’t match my site. This is so random, I know, but I like to use different WP Admin themes for different sites. This site is purple, another is blue, and the one using Ninja Forms is 80s Kids – bright blue and pink. I wish that Ninja Forms picked up my admin colors and used that to make their interface.

    I’m disappointed about tabbing as well. I can’t press tab and go between fields when I’m editing a form. I try to use my mouse as little as possible when I enter data. If I’m typing in information, like ‘term name’ and ‘value,’ then I want to press tab to jump to the next field.

    Finally, and this is going to sound weird, I don’t like that the form editor makes the rest of their settings pages look plain. They did such a kick ass job, I look at the ‘regular’ settings and think they missed something. I know, it’s petty.

  • What They Don’t Tell You

    What They Don’t Tell You

    I wear a lot of hats in the Open Source World. I help teams. I represent and direct others. I herd the cats of software. I allow my name to be known. People talk about how we’re doing a good job, working hard, working together trying to make things better. They talk to you about the wonderful feeling of success that comes with releasing a product. They tell you about the joy, the friendships, and the community.

    Well. Here’s what they don’t tell you.

    They don’t tell you about the bad days.

    They don’t tell you about the week you will spend being blamed and slandered and lied about in blog posts and on Social Media because people know half of thing.

    They don’t tell you about the fact that you can’t speak up and defend your actions because it’ll make things worse.

    They don’t tell you about the subtle misogyny that makes you wonder if it’s there at all.

    They don’t tell you about the gut churning nausea you’ll feel about turning on your email and watching wave upon wave of hate-mails come in.

    They don’t tell you about the dick pics and come ons.

    They don’t tell you that even when you can explain yourself to your friends, you’ll have to make sure they know not to speak up on your behalf because it won’t help.

    They don’t tell you that you can make it worse by being outspoken.

    They don’t tell you that crying will make people feel they’re right.

    They don’t tell you that people won’t even consider that their words cut you to your very bone.

    They don’t tell you that even if a great many people respect you, it doesn’t make you feel any better.

    They don’t tell you that someone will say ‘it’s all in your head.’

    They don’t tell you that you will have to wait it out.

    They don’t tell you that you will have to suffer.

    They don’t tell you that the phrase “Just joking!” doesn’t ease the wounds.

    They don’t tell you that even with all the support in the world, there are days you will feel absolutely, 100%, alone in your community.

    All those good and wonderful things? They’re true. And I wouldn’t change the past if I could. Contributing to open source has enriched my life in many ways. It’s taught me more about myself that I could have imagined. It’s taught me how much I can stand and take though. It’s taught me that sometimes, somedays I will stand with my name and my work being spoken ill of, with my actions being second guessed and criticized, and I will have no succor or recourse.

    I will have to stand there and take it and wait and say nothing and do nothing except the best I can do.

    What’s the point of this? There isn’t one. This post isn’t a cry for help or a request for my friends to come to my defense. It’s a reminder for all of us that these things happen, and there will be days we feel worthless. Where we feel beaten down and angry and that we want to cry or do something and we just can’t because we know in our hearts it will make things worse.

    But maybe the point is this.

    I feel that way too. Everyone does.

    So you’re not alone at all.

    Comments on this post have been disabled.

  • The Time and The Place

    The Time and The Place

    It was the day of a big release. A major release. A release that had been announced weeks, if not months, in advance. Everyone who was anyone knew that today was the day. So why not publicly drop the news of a major issue with the project in the middle of that release?

    It was the middle of the development meeting. Everyone was talking about issues with a part of the project. They were deep into the hell that is debugging and backtracking and arguing if things should be fixed or simply noted. So why not ask for help about an issue one user was having?

    This is not about WordPress. Well. It is and it isn’t. It’s about understanding who you are, where you are, and what’s going on around you. It’s about awareness and acceptance. It’s about being a part of something greater than yourself.

    This is about common sense.

    In Festivus, there’s a time and a place for the airing of grievances. In Judaism, we have a time and place for atoning for sins and forgiving others. While you certainly can do these things at any point in time, the purpose of having set and established periods for them is to prevent people from being derailed, to stop breaking the flow.

    The time to report a security issue (which should never be ‘in public first,’ IMO) is not the middle of the release meeting. The time to report petty theft is not while your Manager is giving an announcement. The time to tell everyone that Beyoncé’s video was better is not while Taylor Swift is on stage giving her acceptance speech.

    Those moments are rude, inconsiderate, and disrespectful.

    It doesn’t matter if you’re right or not because yes, Single Ladies was a magnificent video and Beyoncé was robbed, it matters if the right people will be able to address the issue without causing harm to everyone else.

    No one is more or less important than anyone else. Saying ‘everyone’s special’ is just another way of saying no one is. As painful as that can be to hear, it’s true. Instead of arguing that ‘us’ are more special than ‘them,’ which is purely subjective anyway, we should look at the magnitude of the work we do. Who will be harmed by the choice to publicly state something now?

    The good of the many often is more important than the good of the few, or the one. That doesn’t mean you should not confront people in public. It means you should not do so recklessly. It means that you should not speak up without consideration of who you are, where you are, and when you are. It means you must be prepared to accept the consequences of your actions.

    If you decide the best place to speak up against a politician is at his rally, you must accept that you may be throw out. You must accept that protests may end with your arrest. You must accept that being vocally against a decision or an action may result in you being publicly talked back to and possibly shunned.

    At the same time, you cannot be afraid to do these things. You should speak up against wrongs. You should speak up against bad decisions. You should tell your manager that they’re making a bad choice. But you cannot do those things blindly or ignorantly.

    It’s human nature to want to be a part of a group. We’re herd animals. We like the safety it affords us. We like the security. We crave it. So when we achieve acceptance into an ‘inner circle’ we want to protect our standing and not be cast out, and that can cause a bit of a Status Quo mentality.

    Some members of the group will always be the ones to shake things up. They will be the ones to speak against the majority, to stand up and say “This is wrong and here is why.” They’re the ones who are brave enough and strong enough to accept the consequences of their actions. They don’t walk into a room, interrupting everything and everyone, to announce something. 

    They don’t get a free pass, however. They accept the consequences. And the effective ones make sure that when they choose to speak up, they do it in the right place, at the right time, with the full respect given to their group and community. And if they don’t, well again, they know what they’re getting into.

    I can’t tell you to speak unafraid. That would be incredibly unrealistic. But I can say to speak boldly and to think about the consequences of your actions. And I can tell you to ask. “Will there be a post-mortem of this deployment where we can talk about improvements to the process?” Ask. “I know this is a meeting, and I apologize for interrupting, but I have a security issue. Where would be the right place for this?” Ask.

  • Dog Shaming Disclosure

    Dog Shaming Disclosure

    You’ve probably seen this. A dog with something around their neck saying “I ate the carpet.”

    We think that it’s funny because the dog often has no real idea what they did wrong, and we’re embarking the absolute absurdity of the moment. At the same time, we’re terrible people because we’re mocking a creature who can’t understand what we’re doing. So we’re pretty shitty people.

    This is not about any one specific company or group or person. This happens weekly. I see people tweet and post and point fingers in public well before they ping people privately or directly. I see people come into Slack and announce “This is vulnerable!” I see people post in forums the same thing. Some of these people don’t know any better, but worst is when they do know better.

    While we bandy about the need for responsible disclosure of security issues, and the need for quick resolutions, I feel that we are often too quick to point and shame and accuse. We want to get the news out about a problem so fast, to get people’s eyes and attention, that we forget about the humanity behind the product.

    Also we forget how hard we hit.

    Public Embarrassment

    When someone screws up in public, they are shaming themselves. Like the Olympic diver who belly flopped, or the hurdler who ran right into the first hurdle, when gaffs are televised world wide. They go on YouTube, they’re tweeted and pointed at for years. We will remember them for a long time. But that is embarrassment someone has done to themselves. People are people and release press notices too soon, push code early, and make mistakes. When someone does it to themselves, it’s galling and embarrassing, and they feel terrible. Their friends tell them it happens to everyone, and to learn from the mistake and do better next time.

    Public Shaming

    On the other hand, there is the ‘friend’ who publicly shouts that someone screwed up. They are metaphorically hanging a sign around someone’s neck and saying they suck. To the world. Now yes, they screwed up, but a human’s natural reaction to that is anger, pain, and a lack of desire to fix it because they’ll just screw up again.

    To make this more simple, public shaming creates a bad environment. It discourages innovation with fear.

    Responsible Disclosure

    Two years ago, Andrew Nacin talked about how security is nuances.

    There will always be individuals who want everything to be fully disclosed, and there are some great arguments for that. I’m not trying to sway you one way or the other. But if you’re trying to do the right thing — you’re doing full disclosure in the interest of users, possibly even providing a patch or steps to mitigate — working with the vendor is a good way to ensure you haven’t missed anything.

    Unlike Nacin, I do want to sway you to one side. I want to sway you to the side of communication.

    If you find a security hole in a product, the first reaction should be to reproduce it as best you can, write up exactly how it can be exploited with examples and Proofs of Concepts, and then contact the developers/vendors about it. Give them some time to reply. Ask them what they would agree a reasonable disclosure timeframe could be, talk and negotiate what would make sense for the product, the situation, and the developers. I want you to think about when releasing the information will harm the fewest people.

    Being responsible means thinking beyond the simple “This should be fixed for people.” It means “This should not put more people in danger.” It means you have to look at the big picture. Is it reasonable to expect people to update right away and, thus, you can release full disclosure with the update, or is it more realistic that it may take a while? What about bundled products? Will they get the alerts timely or not?

    Forget First, Embrace Most

    But above all else, we have got to stop this behavior of ‘First!’ Because that’s what’s going on. People are in a rush to be the first to report a problem or an issue, and in doing so they forget who they’re doing this for. Forget being first. Start caring about the people you’re posting the information for. Is this helping the most people?

    Publicly dragging someone through the muck, starting a witch hunt, just because they screwed up doesn’t help anything. It makes for an unhealthy developer community, and it makes for user base that cannot trust the developers.

  • Long Term Vision

    Long Term Vision

    Say what you will about Jetpack, the plugin serves a great purpose in a few major ways.

    1. Once you register for the API, you never have to again.
    2. Everything is easy to find to update and configure (Menu -> Jetpack).
    3. New Features are added and you don’t need to install a new plugin.

    Now look at something else. A company released over a dozen Facebook plugins. All the plugins required you to connect via their API (a separate connection in each). All the plugins required you to use their admin panel to set up a per-plugin configuration. All the plugins deleted those settings on deactivation. Or how about a WooCommerce related set of plugins that all required the use of their API (legitimately) but all the plugin did was connect you and send you to where that specific plugin part was configured?

    Got that in your head? Good. Now what if Jetpack did that? What if to enable aspect of Jetpack you had to install Jetpack Stats, Jetpack Comment Form, Jetpack Subscriptions, etc etc etc.

    You’d hate Jetpack. And worse, the Jetpack developers would too. They’d have to work extra hard to ensure all the suite of plugins conformed to style and protocol. Shared libraries? Gotta update them in all of the plugins. Oh and don’t forget to make sure they’re all backwards compatible in case someone updates one but not another. Figure out which one takes priority, make sure someone else’s changes on Stats doesn’t break Comment Form, and on and on and on.

    There’s a reason Jetpack works as well as it does, and it’s not just because Automattic is behind it. Jetpack has one sign up, one registration, one setup for the connection. Each sub-app is toggled via Jetpack. New additions, when the main plugin is updated, are all easily checked for backcompat and everyone tests together before pushing out.

    So why do I call this the long view?

    Because the long view considers not just adding new users to your system, but keeping them in a way that makes them happy. The long view looks at the reality that your developers will leave. The long view thinks about the easiest way to maintain a lot of code. The long view makes sure that introducing old users to new things is easy.

    And that means, the long view would look at your 15 or 20 plugins that all use the same ‘base library’ and tell you it’s a shitty plan. It’s more hours on more code with more potential conflicts. It’s less cross-code checking. It’s more testing. It’s more unit tests that have to be repeated over and over.

    The biggest reason I see people argue that 18 plugins is better than 1 is ‘SEO.’ The quotes are there on purpose. Because it’s bullshit. Anyone who thinks 18 plugins will net you better SEO than one, well written, well curated document file on the master plugin has failed at SEO school and needs to meet Ted. Ted is a 12 inch lead pipe that the boss keeps in the top drawer of his desk at DreamHost. No, not really. But the point remains, they’re not an SEO Expert.

    Content is king. Remember that? Duplicate content is bad.

    However, in some cases, content is deliberately duplicated across domains in an attempt to manipulate search engine rankings or win more traffic. Deceptive practices like this can result in a poor user experience, when a visitor sees substantially the same content repeated within a set of search results.

    That applies to your code too. Duplicate code, duplicate functionality, is bad.

    Now there is always a time and a place for multiple separate plugins. I only want to use Easy Digital Downloads extension for Stripe, not any other payment gateway. So I don’t need the extra plugins in a ‘payment gateway suite.’ But there, EDD cleverly has all the base code in their plugin and the add-ons just enable more features. Yoast’s Video SEO is similarly an add-on. They didn’t waste time making a dupe of their main SEO plugin just to add in videos.

    I hope the point is made. You can make your code simpler, easier to maintain, and easier for your users to find the new things if you keep it all in one. And that is a win.