Half-Elf on Tech

Thoughts From a Professional Lesbian

Tag: essay

  • If You Call Yourself a Developer You Should …

    If You Call Yourself a Developer You Should …

    Sometimes people scare me. Mostly it’s people who start a conversation with some variant of “I’ve been a developer for X years and I’ve never experienced a conversation like this…”

    It tends to come up when I kick someone’s code back and remark “Remove your own jQuery, delete the demo folders, and your domain name is a problem so change X to Y.”

    They get upset because I’ve not spelled out, specifically, to the letter, what’s wrong and where. I’ve had those conversations with everyone from a mom-and-pop shop coder to Microsoft and it really only bothers me when people are running dev companies and ask things like “How do I find that?” or “Where is that code?”

    So here are my rules of what a Developer should know:

    Know Logic

    You should understand logic. Not Spock Logic. Math Logic. And Computer Logic. Don’t worry. I don’t think you need to be a math rock star to write code. I think that if you understand basic algebra, which you may be surprised to know you do, then you’re okay. But you have to understand the most basic of logic gates:

    The basic computer logic gates (1/0, Yes/No, Or/Nor, etc)

    Can you look at that and understand the differences? Great. Write some code. Understanding the elementary building blocks of circuits, the A or B, the Yes or No, is the crux of programing. If you can’t logic that out, you should stop and read up on it. Most self-taught programmers have intuited that, but at some point they had a class in Boolean Algebra and learned this. Maybe it wasn’t called that, but most of us had that class in at least High School. You’ll need it.

    Know Grep

    You need to know how to search all the files in your code. If you’re on a linux flavor, grep or ack are your best friends. So when someone says “I see you’re calling domain.com in your code, why?” you know how to find that, even if they don’t give you a line.

    Know What You’ve Got

    You need to know all the packages added to your code. Did you add a library or a sub-module? This is your responsibility to know what they are. That way, when someone tells you to ‘remove the X module’ you’re not surprised. If it’s in your code, you should know what it is.

    Know What You Need

    You need to know what those packages are adding to your site. Did you download a whole jQuery library with all the demo files and a version of jQuery and the help docs? Do you really need all that? Dollars to donuts, you don’t. Don’t let your code be cluttered by what you don’t need. It’s more work to maintain it, and if there’s a security hole in it, you still have to be aware of it. Save yourself time, effort, and a hack. Leave out what you don’t need.

    Know What To Use

    You need to know how to edit the various filetypes. Personally I don’t care what you use. I like Coda. My friends like Sublime. I don’t care. Just make sure you use something that works for you and helps you work better. While you can do all your programing in Notepad, I wouldn’t suggest it. You will need tools to help you keep track of the complex world you’re building. Sometimes you’ll have to use a specialized tool.

    Know How Your Tools Work

    Did you know Github makes a downloadable zip of your code? Did you know that zip doesn’t include submodules? Did you know Github forks aren’t searchable? You should. I have a few awesome tools, like Coda, which lets me search my repositories and find code. I use BBEdit to search zips. I use a new tool to compare folders when I don’t have version control (for whatever reason). But I know how they all work.

    What Else?

    What do you think is imperative for someone who calls themself a professional developer to know?

  • Update Fatigue

    Update Fatigue

    The week of April 20th saw a lot of WordPress related updates:

    1. WordPress 4.1.2
    2. WordPress plugins with a major security issue
    3. WordPress 4.2 and 4.1.3
    4. A bunch of themes fixing the same issue plugins had
    5. WordPress 4.2.1 and 4.1.4

    I don’t know about you, but even with automated updates, I was tired of all the updates. I was also tired of explaining to people that, yes, those security issues were a massive hole and yes, they did need to be patched. And yes, I know it’s annoying to get all those emails and have to test all the things because not every plugin or theme is created equal.

    In the midst of all that, I noticed one of my plugins had updated 6 times in ten days. That’s pretty much an update every other day and you know what? That’s way too much.

    If I have to update your plugin every few days for minor releases, I’m going to stop using it. Update when you:

    1. have a point release
    2. are fixing really important bugs

    Other than that, if you update every few days for minor changes, I really am stopping using your plugin because you are making my life annoying. You’re why people hate updating. You’re why they stop.

    There are valid reasons for multiple releases in a week, like bug fixes for 0-day security holes that have already been publicly disclosed. But in this case, it was all minor changes, like adding languages and so on.

    That was useless and pointless and annoying. Okay, fine. Maybe not useless or pointless. Those are important things to update. But when should you update them? Not every day, certainly, nor even every week. If you look back on my two simple rules for when you should update, consider them seriously.

    Is this a bug or a new feature?

    New features means new major revision unless there’s a reason not to. My plugin Genericon’d keeps pace with Genericons’ versioning, so while they’re on 3.3, I will update 3.3.1 with a new feature. The majors are at their behest, so I have to take control over minors only. It’s not ideal. I hate it but it’s the best way to make sure people know “Hey, this has version 3.3 of Genericons!”

    New languages aren’t bugs nor are they really features, but they should only be added if there’s a major release. Alternately, you can slip them into a bugfix, but they shouldn’t be your only fix. As for the person who really needs the language? Make them available on git or svn and tell them to download and put it in the /wp-content/languages/plugin/name/ folder. Not ideal, I agree, but it’s a majority/minority issue.

    How often should you patch bugs?

    Is it a zero-day exploit, released in the wild, bug that’s breaking sites right now?

    RELEASE THAT SUCKER!

    Is it a minor bug that annoys you but doesn’t cripple the site? Make a dev branch, fix it, but don’t push the release just yet. Wait until you have a lot of bugs fixed. Or wait until you have the next major release.

    Take a page from how WordPress.org pushes minor releases. Fix the bugs that need fixing. Solve the security problems. But updating every day? Not a great experience for anyone.

    Opps! You missed a critical bug!

    That happens. Update the plugin right away. Yes it sucks but see the bit I bolded above? That’s your exception. If you break something, fix something. We pushed 4.1.3 because we broke sites with 4.1.2. Period. Fix it.

    But you’re sure people really want this new thing!

    Maybe, but people also really don’t want to be hassled and you’re hassling them. People have (understandable) concerns about updates. They worry about bug fixes. They worry about how your change will impact all their other plugins and themes. Keep that in mind before you push a change or a fix.

    Did you update that changelog?

    It’s your code diary. For every good commit message there should be a good changelog entry. Just do it. You’ll be thanked.

  • Detoxify Your Website

    Detoxify Your Website

    The following are my speaker notes for WordCamp Minneapolis 2015. The slides are up at https://helf.us/wcmsp2015/:

    There Are Many Kinds of Toxic People

    • The hater
    • The know-it-all
    • The concern troll
    • The Pilkunnussija

    When your site gets popular, you get a diverse group of regulars. Not all are created equal. There’s the hater who hates you all, the one who knows everything, the one who CLAIMS to want to help but really derails you on small things, and then… Well you can google that last one, but the short version is the one who says “you spelled it T E H” in the middle of a passionate discussion about the next season of Sherlock, and Oh my GOD did that really matter?

    You Dread Your Own Site

    Where Did The Fun Go?

    You used to love your site, seeing the comments, checking out what the new people had to say. And now, thanks to those other people, those toxic people, you hate your own site and you’re pretty sure the community is going dark and twisted and you know what it’s time for?

    Cleanse Your Colon

    Keep your Community Healthy

    It’s time to give things a scrub. There are only four steps to being able to survive a successful blog cleanse. If you’ve ever tried those cleanse drinks, you’ll know that it’s not easy to make it through, but you can do this. Just … don’t Google Image search ‘colon cleanse’ please. I regret that.

    Step One

    Forget the First Amendment

    You know the one. The one people always throw out at you, that they have the “right” to say what they want? They don’t. They just don’t. They can shut up now. The site is yours, you bought the domain, you pay for the hosting. The First Amendment has never had any bearing on our blogs so don’t be afraid to delete comments.

    Step Two

    Be Consistent

    If you’re going to clean your site and make sure it’s what you want to be and do and work on, then you need to make your rules and stick by them. If a rule is “no talking about George Clooney’s personal life” then you have to be strict. Keep it solid and don’t waver, not even for yourself.

    Step Three

    Arm Yourself

    WordPress has some built in tools that most people use when thinking about spam, but what if I told you to use Comment Moderation on their key phrases. What if you took the people who slammed you and attacked you and put their emails in the block list? Done. Get them out of your life.

    Step Four

    Trust Yourself

    If you get that feeling, that gut feeling that says “This is about to go wrong” then you need to believe yourself. Trust yourself. Have faith that you know the vibe of the site you’ve been working on all this time.

    WordPress Tips

    • Use the Comment Moderation and Comment Blacklist
    • Use plugins like Comment Probation to monitor new people
    • Watch their IPs

    Outside WordPress

    • Block them from your email
    • Use Twitter and Facebook’s block functions

    Don’t Give Up

    I’ve been wrangling communities online for a long time. I’ve faced burnout and exhaustion and pain. But I’m not alone. I have the other communities like mine to lean on. I have fellow forum mods to ask for backup. I have friends who tell me I’m going too far.

    Don’t give up. You’re not alone.

  • Hello, Mike

    Hello, Mike

    There’s an interesting thing when people think I’m Mike. Or perhaps it’s interesting when people think my name is Mike.

    My name is four letters. Three are the same as Mike. The last is an A, however. The best guess I’ve ever been able to make has been that people read ‘MIK…’ and their brains absolutely stop. This has been a problem my entire life, in and out of tech support, from school to work to everything in between. I was called ‘Mike’ at my SATs, much to the hilarity of my classmates.

    But I rarely correct people these days, certainly not when I’m online, because it’s one of those things that really only matters if we meet in person. In person, I will correct you. “Actually it’s Mika. With an A.” I’ll always be polite when you ask me how to pronounce it. The first time. The second and third time get you teased. At four or five, there will be serious remarks. At seven, I start intentionally mispronouncing your name.

    Since most of my communication, even with my own coworkers, is online, and since there’s a fellow named Micah (pronounced the other way), I really give people a pass with mucking up my name. It happens and if it’s not intentional or obstinance, I don’t mind.

    At the same time, I like to keep track of places where I’m more often called Mike. I try to make sense of the madness just to understand the world a little more. While all of this is anecdotal, and while I did make a scratch sheet where I tallied these things over the course of 4 months, this is not some government funded study. The numbers are also off if I’ve been talking to people from countries where Mika is a normal name, and moreso in Japan, where it’s a girl’s name.

    When am I Mika or Mike?

    So here’s the non-scientific notes I’ve boiled things down to:

    I’m Mike…

    • If I do technical things really, really well
    • When I talk code/development
    • When I talk about my wife
    • When someone is incredibly upset for whatever reason

    I have no name…

    • When I do technical things really wrong
    • When I disagree with developers
    • When I apologize to people

    I’m Mika …

    • When someone realizes they’ve been wildly out of line and apologizes to me
    • When someone has been really personable and polite the whole time
    • When I talk to someone who consistently uses proper grammar and punctuation

    What Does This Tell Me?

    It’s important to note that the ‘technical’ things I do well or not don’t actually have to be correct. Many times I do the code things really well and they just disagree. But if I’m perceived to be correct, I’m generally a Mike.

    When people are angry they tend to stop reading well, the comprehension goes out the door. That lends some credence to my theory that people’s brains stop. Strangely, though, when I get things really, really, wrong (or am perceived to do so), the use of any name in their replies plummets. Like I found three in a year. It’s possible that those people, still being angry, are reading my name as ‘Mike’ but cannot find it in themselves to be angry at a male name in the manner they’re about to be.

    As for me talking about my wife, that’s just heteronormativity in action, and for the matter of this study I ignored it. It skewed results. It’s the same with folks who are from Scandinavia, where Mika is a boy’s name.

    My Conclusion?

    People still often default to thinking everyone’s male.

    I too have this flaw, I admit. But seeing it in others and how it impacts me certainly makes me think about it more.

  • Learn Another Language

    Learn Another Language

    At WordCamp San Diego, someone asked how he, as the only English support tech, could help his coworkers learn English. I gave an answer (watch sitcoms with closed captioning on and try some software) but then I took the opportunity to remind everyone that was a native English speaker to learn a second language.

    Many people have thanked me for saying that publicly since then. For those who missed it, here are my thoughts on why and how we should do this.

    Learn Perspective

    All the BS about opening your neural pathways aside, it’s a good idea to learn another language. I picked French because my mother, father, and step-mother speak it. It’s one of the most commonly spoken languages, it’s useful in most of Europe. But more than just being able to communicate more with family, learning French puts communication in perspective.

    As I learned at WordCamp Tokyo, I need to phrase myself clearly and simply when I’m speaking via a translator, or with someone who does not speak English natively. Learning French is also giving me a great deal of sympathy for the people who get emails from me about Plugins. Here I have to talk about things in technical terms for which there are no decent simpler terms. When I connect that I’m talking to someone who’s ESL, I change how I explain things to try and make it easier to understand.

    Learn For Fun

    I sometimes set my phone to French. I watch movies in French (with subtitles). I read comics in French. Doing those things, forcing immersian for fun, makes me think harder and process. My phone in French lasted a brief moment before I realized I didn’t know how to ask what the weather was («Quel temps fait-il»). Having to both ask and listen to Siri in French showed me where the major gaps were in my skills. I have trouble thinking in French. It’s been a couple years since I studied it, though, and I only started studying again in earnest in February.

    Learn With Software

    We’re techs. I use Duolingo which is free and lets me ‘play’ in French on my iPad. I take breaks, I sit on the couch and give it 10 minutes of my brain, and I struggle with one stupid section.

    See? I’m learning French!

    I’m not very good, but it lets me keep trying. And I can use my iPhone, iPad, or browser. I can see where I suck and where I’m great. I can go back and take a test over again all I want, and no one cares but me.

    Having also used Rosetta Stone, I find this far less frustrating. Also did you know on the Mac keyboard you can hold down a letter to find the version with accent marks?

    Demonstration of how it looks when you can select your accented E

    Cool, right?

    Learn The Point

    English isn’t the majority language.

    WordPress (and many other CMS tools) are pushing Internationalization.

    Internationalization will be a big focus of the coming year, including fully-localized plugin and theme directories on language sites and embedded on dashboard in version 4.1, which is coming out December 10th.
    — Matt Mullenweg: State of the Word 2014

    Simply put, if you’re not getting yourself ready now, you’ll regret it later. Pick a language. You won’t get better until you start.

  • Mailbag: Self-Signed SSL

    Mailbag: Self-Signed SSL

    This was actually a tweet, not an email, and I’ll get to it later on in the post.

    Essentially, a weird thing happened.

    I’ve been setting up SSL for admin’ing my sites (because you should) and using a mix of Comodo SSL via Namecheap and StartSSL depending on the domain. But I also set up some Self-Signed SSL certs for other domains. In particular, this one.

    Now. SSL certificates provide encryption between the two ends using the certificate. That’s all. They’ve never been able to verify who the two ends are, and all a paid-cert does is say “And I paid these guys to prove who I am” so now you’re ‘trusting’ three people. Maybe. The point is that there’s nothing wrong with a self-signed SSL certificate in specific situations.

    If you’re messing with money or personal identification, you need to use a signed certificate. This isn’t even an option. But halfelf.org doesn’t do that and I really just wanted an SSL cert for a secure connection to my wp-admin dashboard. No big, right? So I did that, posted a new article the next day, and my buddy Mike said:

    hey there, clicking on the article title from the email notification tries to force https:// and throws privacy error warning

    What the what?

    For some reason, the setup I had that works perfectly fine, no errors on ipstenu.org wasn’t working on halfelf.org, and the only difference was that self-signed certificate. Apparently the emails sent by Jetpack grabbed the https URL and while the server was set to redirect to http, users still got that moment of “Hey, this isn’t a real certificate.”

    I know that a self-signed certificate means there’s no chain of trust, but it’s quite annoying that Google Chrome and other browsers flip out when you’ve done it. If it was just a warning “Hey, this site is secure but we can’t verify it…” that would be one thing. But what Chrome does is slap up a big fat warning and stop users, making it a double click through to get to the page, which forces them back to http anyway. Visitors may not trust my site to be safe, but frankly, that site wasn’t really meant to be ‘safe’ anyway. It’s safe on the back end for me. Not you.

    It’s a complicated mess, and I can’t wait for Let’s Encrypt to take off. I’ll be installing that on my server ASAFP because the ability to self-sign without making browsers flip out.

    To fix it for now, I turned off SSL over admin (which literally was all I’d done for WP) and picked up a legit certificate. But it’s rather stupid that the email sent from Jetpack decided it was meant to be https when it wasn’t, and that my site that forced http over https for non-logged in users wasn’t ‘enough to convince the browser they were in the wrong place.