Half-Elf on Tech

Thoughts From a Professional Lesbian

Category: How It Is

Making philosophy about the why behind technical things.

  • Software Death Isn’t New

    Software Death Isn’t New

    The answer, Jeff, is yes. But they’re weird and hard to find.

    Back around 2008 or so, my father published a paper on the death of Lisa Norris.

    Don’t know who she is? Don’t worry. Most people don’t. Norris died of radiation overexposure that was determined to be caused by a software issue. People hadn’t fully tested software changes. I only know who she is because I maintain my father’s website and converted all his PDF articles to posts. In doing so, I read them all.

    I’m not a mathematician like my father, and luckily he and I share a fantastic trait. We’re both used to explaining technical things to non-technical people. Or rather, we can explain the technical things to people who are cleverly technical in other arenas. Yes, that’s where I learned it.

    When I saw Jeff’s tweet, I asked if he was serious (as opposed to just ruminating on Twitter) and then directed him to two of my father’s articles. First I pulled up the one about Lisa Norris, since that stuck in my memory. But then I remembered he’d written an article for the Nikkei Asian Review that was more non-mathematician readable. Knowing that he’s written the first paper gives a little more credence to the statements he makes when he talks about Death by Software.

    The part that has always stuck in my mind is this quote:

    As Dr. Nancy Leveson wrote in her Therac-25 investigation report: “Most accidents are system accidents; that is, they stem from complex interactions between various components and activities. To attribute a single cause to an accident is usually a serious mistake. We want to emphasize the complex nature of accidents and the need to investigate all aspects of system development and operation to understand what has happened and to prevent future accidents.”

    When we talk about how software can (and will continue to) kill people, we get stymied by the considerably complexity of the question. Did Lisa Norris die because no human thought “This looks weird?” That is also why it’s hard to say “Give me the statistics on all people who died because of software failure.” We have to define what, specifically, is a software failure.

    In the book (and the movies) “Fail-Safe,” we face nuclear war because a light burns out causing a false-positive alert resulting in American bombers heading to the USSR. It’s very similar to the boom “Red Alert” (and of course the movie “Dr. Stranglove”). The failure is that our fail-safe measures, the steps we take to make sure that a machine (or computer) cannot make the situation worse is nothing more than a pipe dream.

    At its crux, the deaths by software are often the result of failure of imagination. I first learned of the phrase when reading about the Apollo 1 fire back in 1967. Astronaut Frank Borman spoke at the post-mortem hearings of how the deaths, the fire was born from our failure to imagine how things could go wrong.

    Why don’t we have statistics? We would have to be very specific in what we ask for. How many people have died because their GPS was wrong? How many people died because the software to handle Anti-Lock Brakes failed? We do not lump all software failures together, making the research mystifying and bewildering. This is not meant as an excuse, though even to me it feels like one. We should be more transparent in how our software kills.

    And rest assured. Software kills.

  • Coding My Own Dogfood

    Coding My Own Dogfood

    I say no to a lot of pull requests on code.

    This is because I write plugins, not something massive and monolithic and used on a million websites. I’m a sole developer for my code, for the most part, and while pull requests are always welcome, the main reason I reject them is because I eat my own dogfood.

    Back in March of 2015, I decided to start using CloudFlare because we, at DreamHost, parter with them, so I should, you know, use them. It’s the same reason I use PageSpeed so much. And WordPress. I use what I use because I need to use it to be good at it.

    You cannot possibly be expected to write code for WordPress and support it if you don’t use it.

    I say this over and over again when I’m training people on WordPress. If you want to get good at supporting and fixing WordPress, then you need to use it and fix it. A lot. Every day. You need to use it so you know where everything is and can recognize what it should and should not do. You need to fix it so you know how to make it go back to looking like it should.

    If you’re writing code for WordPress, you need to do that too.

    Here’s my bottom line. If I’m writing a plugin, it’s going to be because I need what it does. If I’m writing a plugin, it’s because I’m going to use it. If there’s a feature I disagree with, I won’t add it in. If it’s something I will never use, it’s not going in. If it’s code I cannot test, I will never, ever, add it.

    That last one gets people mad at me a lot.

    The reality is that if I add in a feature for you and it doesn’t work, I can’t fix it because I don’t have the access needed. I cannot reproduce the error. If I can’t do that, how can I possibly fix it? I’ll have to work with you, via posts and emails, if you can’t fix it yourself.

    Pull requests are a wonderful thing, but if you’re making a pull for a new feature that’s something I can’t validate and test, then you’re also taking on the responsibility I did for the community. You’re promising to help me test it, develop it, future proof it. You’re promising to be there when I want to release a new version for everyone else. You’re promising to help support it and help others debug it.

    Are you ready for that?

  • Underscores (A Plugin We Need)

    Underscores (A Plugin We Need)

    Look. I still hate Your frameworks.

    I really do. They’re a decent idea with a terrible reality. The concept of ‘a plugin to build other plugins’ is nothing at all like a Parent Theme. A plugin that builds other plugins is synonymous with a theme framework or, perhaps you’ll understand this better, a starter theme.

    Have you met _s?

    _s (aka underscores) is a starter theme. Themes are built from it. In and of itself, it’s not a theme you’d see on WordPress.org because in and of itself, it’s useless. It’s not a parent theme, it’s not even a ready to use ‘drop this theme in and you have a site’ sort of thing. No, in fact if you installed it, it would look terrible.

    Because the point is not to use it as a theme, but to use it to build your theme. No one in their right mind uses Underscores as a parent theme. No one uses it as a drop-in to their themes. It’s a, literal, framework where you say “This is my Theme Name, this is my slug.” And then it drops out the code for you to start plugging into.

    What do the existing framework plugins do?

    The problem isn’t what they do it’s how they do it. They’re not frameworks. They’re libraries. A library is like the AWS SDK library. It’s a vendor based addition to your code that enables it to do ‘a thing’ but, in and of itself, doesn’t do anything. A library is a great tool and lets you include code that you’re going to use but don’t want to reinvent the wheel. I love them. Another example would be that Font Awesome is a library.

    But we don’t allow libraries, themselves, in the repo. That means if you write a Font Awesome plugin, it has to actually do something besides just include Font Awesome.

    And the point here is that a plugin, like a theme, has to be usable. It has to stand up on it’s own and do something.

    Is a library perfect?

    Once you take your framework plugin out of the repo, how do you handle upgrades?

    Obviously you can run your own upgrader (which we’d encourage) but if the plugin is folded into another plugin, you’re not able to just upgrade YOUR portion. So you have to wait (and trust) the plugin dev will update their plugin and include your latest version.

    Mind you, this is an existing problem with plugins and libraries and, in a way, is related to why we don’t allow you to use your own copy of jquery. Conflicts! Yay!

    How does _s handle updates?

    This is something Konstantin’s thought about before. Funny thing, Underscores is versionless and it doesn’t update often.

    Here is a list of reasons why you should not update your _s-based theme with our changes to _s:

    • Most likely your theme code will have evolved to a degree where merging _s changes would lead to conflicts. They also won’t be applied to anything you created on top of it.
    • We are in the unique situation to not having to worry about backwards compatibility when we commit changes. And we don’t!
    • Once you release your theme, you’ve probably fixed all the things in _s that needed fixing for your case. Just because we push an update to _s, it does not necessarily mean it applies to your theme.

    Basically there should be no updates to your framework.

    And that terrifies a lot of people. Because the extant framework plugins update a lot. In fact, some of them want to be in the .org repository specifically because they update a lot.

    They shouldn’t. And that’s why I think they’re doing it wrong.

    Be a Starter Plugin

    Stop trying to be a framework. They don’t work, they’re not sustainable, and they’re problematic.

    Be a starter plugin. Be a plugin that I can download. Use that underscores form so I can download everything set up for ‘me’ right away, no search and replace needed. Have a template settings page that creates basic options, just like a theme. Except that plugins are not themes. And there’s the real issue. A theme is ‘easier’ (and this is subjective) because it only has one interface: The customizer.

    Plugins can add a menu section, they can add an option to an existing area like discussion, they can be silent and have no information and just work. Plugins can do anything and in any way. There’s not a ‘standard’ because there really can’t be.

    Is There An Answer?

    I think the starter plugin would work, if it came with options. It would more likely be a workflow. Where do you want your menu? Will you connect to an API? Will you need settings?

    If someone can boil that down, it would all be better.

  • 2.2 Million AOL Dialup Users

    2.2 Million AOL Dialup Users

    InfoSec Taylor Swift tweeted about how a man using AOL’s dialup and AT&T got charged $24,000 for the number he dialed.

    My take away?

    https://twitter.com/Ipstenu/status/593236980848164864

    You see, I read this line and did a double take.

    Eighty-three-year-old Ron Dorff of Woodland Hills is one of the 2.2 million remaining AOL dial-up customers.

    2.2 million people are still on AOL dialup.

    Most of my Twitter followers took my shock the wrong way. Folks, I know that there are many reasons for this. I know that folks in the sticks don’t have other options. I know that it’s cheaper than satellite for people on a budget.

    None of that was my point.

    Or rather, it was but not the way people seem to think about it.

    Woodland Hills is in the LA Metro area. He has other options. Still not my point.

    No, my point is something Eric Mann said at WordCamp Portland 2013 that stuck with me (and my wife). My point is that if only 50% of phones in America are smart phones and that if 2.2 million people in the US use AOL dialup, that’s a lot of people.

    50% of America is 159.45 million.

    2.2 million people is 0.69% of America.

    Interestingly, a Pew survey determined that 3% of Americans use dialup at home. That’s 9 million people.

    My ‘terrifying’ moment had nothing to do with the fact that people are on AOL (though I admit I thought AOL had canned dialup). My moment was entirely because we, the creators of the internet, are making a poor experience for about 9 million people. Realistically, we’re probably making the internet suck for a lot more, with our heavy websites that do a million things and are slow.

    In our push to go forward, we forget about the past, and we forget to take care of the past and degrade nicely. We can’t always support everyone, but 3.18% of Americans on the internet use IE8 (according to statcounter). If we still care about IE 8 (and yes, we do), then we should care about the 3% who use dialup, and the more who are stuck on their cell phones (check out the 7.9% of users who are on the ‘other’ OS for phones, I bet they’re the ones on non-smart phone).

    It’s terrifying how, in our push forward, we forget them.

    The video is 5 minutes. You can watch it.

    InfoSec Taylor Swift favorited my tweet about AOL having that many users on dialup

  • If You Call Yourself a Developer You Should …

    If You Call Yourself a Developer You Should …

    Sometimes people scare me. Mostly it’s people who start a conversation with some variant of “I’ve been a developer for X years and I’ve never experienced a conversation like this…”

    It tends to come up when I kick someone’s code back and remark “Remove your own jQuery, delete the demo folders, and your domain name is a problem so change X to Y.”

    They get upset because I’ve not spelled out, specifically, to the letter, what’s wrong and where. I’ve had those conversations with everyone from a mom-and-pop shop coder to Microsoft and it really only bothers me when people are running dev companies and ask things like “How do I find that?” or “Where is that code?”

    So here are my rules of what a Developer should know:

    Know Logic

    You should understand logic. Not Spock Logic. Math Logic. And Computer Logic. Don’t worry. I don’t think you need to be a math rock star to write code. I think that if you understand basic algebra, which you may be surprised to know you do, then you’re okay. But you have to understand the most basic of logic gates:

    The basic computer logic gates (1/0, Yes/No, Or/Nor, etc)

    Can you look at that and understand the differences? Great. Write some code. Understanding the elementary building blocks of circuits, the A or B, the Yes or No, is the crux of programing. If you can’t logic that out, you should stop and read up on it. Most self-taught programmers have intuited that, but at some point they had a class in Boolean Algebra and learned this. Maybe it wasn’t called that, but most of us had that class in at least High School. You’ll need it.

    Know Grep

    You need to know how to search all the files in your code. If you’re on a linux flavor, grep or ack are your best friends. So when someone says “I see you’re calling domain.com in your code, why?” you know how to find that, even if they don’t give you a line.

    Know What You’ve Got

    You need to know all the packages added to your code. Did you add a library or a sub-module? This is your responsibility to know what they are. That way, when someone tells you to ‘remove the X module’ you’re not surprised. If it’s in your code, you should know what it is.

    Know What You Need

    You need to know what those packages are adding to your site. Did you download a whole jQuery library with all the demo files and a version of jQuery and the help docs? Do you really need all that? Dollars to donuts, you don’t. Don’t let your code be cluttered by what you don’t need. It’s more work to maintain it, and if there’s a security hole in it, you still have to be aware of it. Save yourself time, effort, and a hack. Leave out what you don’t need.

    Know What To Use

    You need to know how to edit the various filetypes. Personally I don’t care what you use. I like Coda. My friends like Sublime. I don’t care. Just make sure you use something that works for you and helps you work better. While you can do all your programing in Notepad, I wouldn’t suggest it. You will need tools to help you keep track of the complex world you’re building. Sometimes you’ll have to use a specialized tool.

    Know How Your Tools Work

    Did you know Github makes a downloadable zip of your code? Did you know that zip doesn’t include submodules? Did you know Github forks aren’t searchable? You should. I have a few awesome tools, like Coda, which lets me search my repositories and find code. I use BBEdit to search zips. I use a new tool to compare folders when I don’t have version control (for whatever reason). But I know how they all work.

    What Else?

    What do you think is imperative for someone who calls themself a professional developer to know?

  • Newsletters Are Still Cool

    Newsletters Are Still Cool

    It started with a mention:

    And I went and looked up TinyLetter

    It’s simple. It’s as easy as writing a blog post and boom, you’ve sent a mail. In so far as that goes, it’s awesome.

    It’s too simple. There isn’t a way to really automate it.

    It’s really cool. It just works and sends out a nice, easy to read, email.

    It’s really annoying. You have to get folks to sign up.

    I really want to like it and use it, but I’m not sure I have a use case. Thanks to Jetpack, I push to LinkedIn, Facebook, Twitter, etc, and my family sees the things. They sign up to Jetpack emails for in-boxes.

    But if I needed a newsletter, I’d use TinyLetter.