Deirdre.net

My Coronavirus Playlist

by Leave a Comment

Coronavirus playlist of songs from my Apple Music library that are among my favorites, in no particular order except for the first song. I love the social distancing and, of course, the two goofballs (Ringo Starr and Harry Nilsson) in the video.

Principles of Determining Geolocation

by 30 Comments


In 2004-2005, I worked for Quova as a Network Geography Analyst.
As a practical matter, given that MLB was one of our largest customers at the time, this meant that we fielded complaints for people who were locked out of viewing baseball games where they should not have been, and a good chunk of my job was investigating those complaints.
This is intended for a mixed-level audience, so I’m going to skip deep nuance and detail.

Simple Explanation

  1. When you connect to the internet, whether through cable, your cell phone, whatever, you’re assigned an IP address, where IP stands for Internet Protocol. At the point in time you connect, your IP address has a fixed location in physical space: wherever you happen to be.

  2. Your device connects to another, upstream device, and depending upon where you want to go, it connects to a series of other devices until it arrives at your intended destination (say, Google’s web server). Each of those devices has an IP address, and each of those IP addresses has a fixed location in physical space.

  3. If you ask for a traceroute from a command line, it’ll tell you what series of hops it goes through to get from point A (you) to point B (where you want to go).
    $ traceroute 8.8.8.8
    traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets

    1. 10.0.1.1 (10.0.1.1) 10.938 ms 1.183 ms 1.032 ms
    2. 198.144.195.185 (198.144.195.185) 51.874 ms 52.194 ms 51.948 ms
    3. ge1-8.rawbw-demarc.sfo4.reliablehosting.com (216.131.94.209) 61.865 ms 57.246 ms 64.077 ms
    4. core2-1-1-0.pao.net.google.com (198.32.176.31) 52.671 ms 51.958 ms 55.120 ms
    5. 64.233.175.169 (64.233.175.169) 56.400 ms
      64.233.175.171 (64.233.175.171) 54.772 ms
      72.14.236.114 (72.14.236.114) 54.420 ms
    6. google-public-dns-a.google.com (8.8.8.8) 54.663 ms 54.480 ms 94.454 ms

    The first is my internal IP address. The second is our gateway address. The third is our provider’s demarc with their upstream. The fourth is where it enters Google’s servers.

  4. Network administrators, to make their lives easier, often label those intermediary hops with names. This is not required. Often those names have geocoding information. These are often names of cities, airport codes, weather station codes, neighborhood names, apartment complex names—all kinds of things. In core2-1-1-0.pao.net.google.com, “pao” is Palo Alto, California, which has an airport IATA code of PAO.

  5. If you’re very lucky, you will have a traceroute that shows very little router delay (like one hop in my example above). Then you can use actual physics to tell you where it must be in relation to the adjacent hop.
    Light (and electricity) travels 300,000 km/sec, or 186,000 miles/sec. Per millisecond, 300 km or 186 miles. It’s easier to multiply by 300 than 186 in my head, so I’ve typically stayed metric at this point, but I’ll give both. Besides, it just sounds cool to drop millilightseconds in a conversation.
    See that last hop? 54.420 -> 54.480 (using minimum to minimum)? That’s 6 hundredths of a millisecond, meaning the laws of physics say the packet traveled a maximum of 18 km or 11.2 miles.
    Except traceroute measures time there and back, so the real numbers are 9 km or 5.6 miles.
    Is it in Palo Alto? The end location is 1.808 ms from the stated Palo Alto location, which means it’s at most 262.35 km or 168.25 miles from Palo Alto. So almost certainly SF Bay Metro with some lag. This is where repetitive traceroutes at different times from different locations would be helpful. (I’d expect the location to be Mountain View, California, which is the city south of Palo Alto, and also Google’s HQ.)

That’s the Basics. Really.

So the real trick to geolocation is to have as many knowns as possible. This means having server space on fast networks around the world, being able to triangulate in on locations of interest, and getting different results over time.
You can read more about using millilightseconds in this humorous story of network diagnosis.
This four-part series about traceroute is quite good, and covers some of the wrinkles.

My Own Little Experience

I mentioned this on Twitter at the time it happened.
blog-hack-attempt
There are some interesting nuances here:

  1. I don’t have a user called admin, but that’s the default super user in WordPress.

  2. If you do a whois on that IP address, you’ll note it’s assigned to T-Mobile:
    NetRange: 172.32.0.0 – 172.63.255.255
    CIDR: 172.32.0.0/11
    NetName: TMO9
    […]
    Organization: T-Mobile USA, Inc. (TMOBI)
    Real hackers trying to crack into your web site will not be using mobile as a rule. This was personal, not a doorknocker.

  3. At the time, it showed up as being in LA. Once you get a dynamically-assigned IP address, such as a mobile address, to a metro area, there’s no guarantee you’ll get closer than that.

  4. I note that this screenshot shows 1) T-Mo; 2) LA, and my breakin attempt was a couple of hours after this was posted. Obviously, no proof, yada yada. Just: correlation.

Update to this section, May 2015: It turns out, and I’m thankful for this, that there is a far more ordinary explanation for what happened. I can’t prove it’s what happened in December, but it did happen last week. In January 2014, Rick and I were traveling and would be in some of the remotest parts of the world (in fact, we spent three days out of satellite range of Internet, believe it or not). I gave admin credentials to a friend who lives in the LA area to blogsit and make sure any security updates got applied while we were gone. It turns out that, since saving that password, she’d switched her mobile device from Verizon to T-Mobile, and I’d since changed the admin username. She doesn’t use mobile data much, so it didn’t try to access my site for a long time (or frequently). And there you are.
My apologies to Jaid Black for the insinuation.
Also, a better security method for dealing with this issue is to make a second admin user. Doh.

Quick Geolocation for Mere Mortals

Use the GeoIP Tool website.

Geek Humor

by Leave a Comment

The Seventies: Getting into Programming

by Leave a Comment

Note: this is part of a much longer piece I’m writing, which I’ll announce later. I thought you’d enjoy this first draft excerpt.
I took my first programming class in the summer of 1975; I was 15 when I started. The programming lab was in the math and science building of Saddleback College. Back in those days, they had a Data General Nova 3 minicomputer with 64K of core memory (not RAM) and 64K of floating point core. Now, those of you who’ve never seen core memory, each bit is a magnet on a larger lattice framework and 64k of core took up a significant amount of space, though what we had, both floating point and regular memory, probably fit into less space than that photo I linked to.
Saddleback’s Nova did have a hard drive that was about the size of a washing machine, with one fixed platter set and one removable one. I don’t remember exactly how much drive space it had, but let’s just say it was a handful of megabytes.
I grew fascinated with the computer lab. The smell of the oil on the paper tape drives, the sound of the hard drives seeking, the gentle clicking of other switches and relays, the drama when the multiplexer melted over 4th of July weekend. I loved every bit of it.
My dad had said, “You like puzzles, you’re good at math. You’d be great at this, and you might actually enjoy it.” Back then, programming wasn’t a big industry, so he didn’t actually expect it to be a field I’d really go into. It was more one of those parental “hey, check it out” things.
At the time, I was extremely shy, and screwing up in front of other people, or where other people could watch, was my least favorite thing ever.
So, even though I considered it impersonal, that was precisely why programming worked for me. If I couldn’t figure something out right away, the computer would tell me I was wrong and I’d suffer in silence. I’d work at different approaches to the problem until I understood it well enough that I’d have the solution worked out.
Because of my immersion into computers and programming, when there was an opening for a lab assistant the next term, I was offered the position, and accepted. I learned more about the Nova minicomputers and read the entire thick manual on operating it, trying to understand the relationship between assembler (which I had not yet taken, but could read through simpler bits of) and the binary it translated into.
The minicomputer took up about half a rack, and its hard drives cabinets were about the size of a modern washing machine. The entire thing needed enough power that it had to have a raised subfloor, quite common in computer rooms of the day.
When booting the Nova every morning when the lab opened, someone had to hand-check the paper tape driver in binary using the front panel switches. Now, one of the beauties of core memory is that it’s non-volatile, so that usually translated to three things: 1) checking that the sequence was still correctly in memory, fixing it if necessary; 2) going to the memory address where the driver started, then 3) start the system running from there. Eventually, I memorized it enough that I could check the entire sequence without thinking. It just became a familiar pattern of numbers.
Saddleback offered a single class in Basic programming (that everyone took first) plus one in Assembler and another in Fortran. All three were taught through the Math department. You had to do the lab work for Fortran at UC Irvine, which was about 15 miles away. The fourth class offered, Cobol, was taught through the Business department, and you had to do the lab work at Cal State Fullerton. This was the one class I never took, though.
That’s it. Four total classes, plus any independent study opportunities.
At the time, there were zero Computer Science degree programs in the United States, so far as I knew. You could get an Engineering degree with a Computer emphasis (EECS), or a Math degree, or a Business degree, but no standalone degree in Computer Science that wasn’t primarily about another discipline. That had yet to be invented.
So if this happened to be your thing, as it was mine, it was a tough field to enter back in 1975. You didn’t really learn enough at the community college level to do it full time in industry, but how else would you learn enough? The four-year programs weren’t much better.
These days, you’d buy a computer and work from home on various projects, perhaps open source ones.
Back then, a computer cost on the order of a year’s rent (at least by the time you got enough doohickeys to make it actually useful for anything) and required being soldered together. Of course, this was the kind of project that friends would help you with. In fact, four of us did exactly this for my high school physics project the following year. Having helped my father solder together the parts on a Heathkit oscilloscope, I did an awful lot of the soldering on that project.
Effectively, the price and difficulty barriers meant no one had a computer at home in that era. Computers like the original Apple I were just starting to become available.
One day, the lab got a request for a job interview from a local business, BasicFour, headquartered on the Irvine/Costa Mesa border near South Coast Plaza. They’d asked to interview a more senior lab assistant. He was 17, had a few months more experience than I did, but he’d also recently accepted a job offer.
The lab manager handed the information to me and said, “This could be a great opportunity for you.”
I called and got an in person interview. I was so excited that it wasn’t until after I’d gone home that I realized no one had asked me any programming questions. I was given a tour and offered an alternate, lesser position.
“Normally we start women out in a data entry position,” the man in the suit said. It paid less than half as much money. Since data entry positions have largely gone away—the position was for a glorified typist, still very much considered “women’s work” at that time. If nothing else good ever came of the Internet, at least women don’t have to put up with men feigning being too good to type their own crap.
I turned it down, but gave no reason.
Dejected, I almost didn’t go back to the Saddleback lab the next day. I considered calling in sick. When I did go in, I reluctantly walked over to my boss’s office.
“How’d it go?” she asked.
I told her what they’d said, then I told her that I’d turned them down.
“Good,” she said. “They shouldn’t have done that.” She asked me what I wanted to do, ensuring that I knew that I could report what they’d said.
“Find a job with a company that treats people better.”
“Good idea,” she said, then said she wouldn’t be sending anyone else to interview there. Ever.
At that time, I wasn’t willing to write off BasicFour, even though I probably should have. They were a local employer. They gave me an interview. It didn’t matter that they screwed up so badly. I figured—perhaps correctly, perhaps not—that they may change their minds later. Given limited opportunities at the time, I didn’t want to alienate them. It hadn’t occurred to me then, but would now, that some of the people in charge of that policy would later become involved in other local ventures, so that was probably a wise choice. Unfortunate that I had to even think about that, then or now.
I was sixteen years old, I hadn’t even had a programming job yet apart from some work I’d done for my father, and I was already worried about being blacklisted.
Heck of a way to start a career.

Programming Sucks & Why I Quit

by Leave a Comment


This “Why I Quit Programming” page is consistently one of my top ten web hits, partly because of its strong Google ranking.
This “Programming Sucks” rant has become one of my three favorite rants about software ever written.
The other two are Benji Smith’s “Why I Hate Frameworks” rant and Andrew Clover’s (bobince’s) extra special response about parsing HTML with regex.
Once upon a time, a former coworker had left software engineering entirely and was having money problems. I asked why not go back into programming? It had paid former coworker well.
Former coworker replied, “It’s not what I do after hours.” No interest in writing software outside the scope of a job.
I didn’t understand the idea. At all.
One of my life sayings is: “You don’t get to choose what you do (or don’t) care about. What you do get to choose is what you do about it.”
I vowed that if I ever felt the same way my former coworker felt about software, I’d give up writing it for a living.
I’ve been there for some time. For a while I thought maybe it was burnout, but it’s not. It’s a fundamental change.

Programming Sucks: The Web Edition

One day, I walked into the break room and heard a coworker say, “The Web is an error condition,” referring to the deplorable state of code out on the Web. I think that was the end of the end for me, because it just depressed me. It depressed me not because it was untrue, but because it was so perfectly true.
Honestly, I miss the days when Netscape Navigator would just halt rendering in the middle of your page, saying, “No, I will not parse any more of your shit until you fix it.”
Then IE came out for free. Suddenly, the game of web browsers changed from paid apps to supported by advertising and search revenues. The only way to get users to use your browser (and thus get more money to develop with) was to parse all the shit you used to reject.
The web became a co-evolution of crap and trying to render crap. (It’s gotten more complicated since then, but because there’s been a habit of rendering crap, no one suddenly wants to stop.)
Don’t believe me?
Copy the URL to some web site who should be able to afford first-class web developers into http://validator.w3.org.
CNN.com’s home page just resulted in this crap:

Errors found while checking this document as HTML5!
Result: 349 Errors, 104 warning(s)

NYTimes.com’s home page just resulted in this crap:

Errors found while checking this document as HTML5!
Result: 605 Errors, 32 warning(s)

You don’t get that bad by accident. You get that bad by deeply not giving a fuck.
But, hey, it’s HTML5, right? No, they just dressed up the pig that was HTML 4.01 Transitional and still have crap that hasn’t been valid on any newer spec than the one published in 1999. Last Millenium. (No, I’m not counting XHTML, why do you ask? Okay, even if you grant that XTHML is a good thing, the reasons the above two pages don’t meet the HTML5 spec are also why they’d fail the XHTML spec.)
I’ve had code that flew into space that didn’t have 605 errors in its entire fucking lifecycle. Yeah, okay, it was a digital tape driver I had to squeeze onto a smaller PROM, but still. Can’t just send that sucker into space with that many errors.
I’ve been paid to program in twenty-six different languages. I’ve written code to reduce power plant emissions. Space and power plants I did before I was twenty, and continued the latter for several more years. I’ve written code to help manage whole blood inventory for anti-D injections (so Rh- mothers can safely have Rh+ babies).
I’ve done a lot of other things, too, from writing database apps for mailing list companies to writing commercial Mac software for calendaring to working on the Safari team at Apple to writing an App to help the Omidyar Foundation invest its money. I’ve worked on a Jabber client for Be, I’ve worked on the TiVo service, I’ve worked on software for companies big and small.
I’ve worked hard and had my vested shares undergo a million-to-one reverse split. Rounded up. At that point, it’s not worth sending me the damn paper that’s required. As Rachel Chalmers says in her excellent piece for Model View Culture, “No face-saving exits for them.”

The Biggest Reason Why I Quit Programming?

Quite a few years ago, I realized that I knew how to approach essentially any programming problem I cared about. It may not be the best approach or the one some other person would pick, but I could write a working implementation of anything I chose to.
The catch is, I kept choosing to do other things.
It’s not to say that I have no interest in software. Of course I do. I’m an introvert and a numbers geek, and it’s served me very well as a career for thirty-eight years.
What I mean is that I can’t do it for someone else the way I used to.
Instead, I need to pick projects that I care about and not spend long stretches of time on things I don’t.
I have some ideas of what I want to do software-wise, but I’m not ready to announce them yet. It’s got to fit in between my other plans.
Part of it will mean needing to do some real design work using stuff like Illustrator. In amongst all this software writing I’ve done, I’ve been putting off learning Illustrator since I opened the Illustrator ’88 box in, uh, 1988.

Writing and the Critical Path

by 2 Comments

As someone who’s spent my whole life working mostly on one large project after another, you’d think novels wouldn’t be as hard for me to write as they actually are.
I had this glimpse into why: I generally had a sense, at all times, whether something was on the critical path—or not. There were desired features and planned expansions, but building them wasn’t part of my initial task. So there were clearly things on the critical path—and not. Generally, there was at least something of an order: I need to get pretty far along in X before I can test Y, so let’s write X first. I can work on Y if I’m stumped on X.
In a novel, generally all of the planned scenes need to be written because they’re interwoven. It’s all on the critical path.
Non-fiction’s different: some items may be optional. If they’re not written for the book itself, they can be re-used in other ways, like website content or newsletter content.
So I don’t necessarily have a sense of what I should work on next. The list is too large. Since I write out of order frequently that makes the problem set too large.
I’m going to have to think about this.

Box.com: Using My Powers for Good

by Leave a Comment

Four months ago, I posted this commentary and critique of Box’s “Working at Box” page.
It got back to me that it created quite a stir, but I hadn’t checked back on the page recently. I have noticed incoming links to that blog post, so I wondered what was up.
Credit where due, Box has revised the underlying page.
Thank you! Nice improvement.

The Sort Implementation Interview Question

by 4 Comments

I’m going to go out on what seems to be a wildly unpopular limb here and say this: asking a developer to write an implementation of a sort algorithm is almost certainly a bad job interview question.
Why? Because you’re likely not hiring someone to write implementations of sort algorithms. Even if you were, they probably would not be writing optimized code in a job interview situation, so what’s it really testing?
Problem solving skills aren’t universal, nor does the ability/inability or inclination/disinclination to solve one kind of problem necessarily reflect one’s overall skills. Or lack thereof.
Remember that the person being interviewed is also interviewing you and deciding whether they want to work with you or not. If you ask a coding question that’s more directly relevant to the job at hand, then they will have a better sense of what it is you do every day—and whether that’s something they want to do, too. You’re engaging them in your problem space, not asking something they may or may not warm to even if they’d love the job you’re interviewing for.
For example, in an interview I went on once upon a time, the interviewer said, “We have this problem, and I’d like to see how you approach it.” So it was a supportive, shared, coding question. I had questions about some aspects of the requirements, which the interviewer then answered. That was a great interview approach.
I’ve come to dread the sort interview questions. Frankly, it’s not a part of programming I enjoy. I like the fact that other people think about sort implementations. Yay, diversity.
I remember once, I think it was 2005, having re-reviewed all the common sort algorithms, then flown to a job interview. The question: “How would you write a shuffle algorithm?”
I remember that instant of total frustration far more than anything else from the interview.
My answer was something like: create a hash of something like a random seed from the current time plus some aspect of the information you had about the song (since it was about shuffling songs) like the title, and then sort the hashes. I have no idea if that’s a good answer, but it’s what I came up with at the time.
Meanwhile, I’d much rather focus on whether we need this column or not, whether that schema is better suited for the project than this other one (and why), can we produce the desired page with less HTML/CSS markup? And how much can/should we shunt off to JavaScript? How much jQuery do we need? Does this page degrade gracefully without JavaScript? What pieces of this should go in the controller vs. the model or the view (and why)?
Using a different field, asking someone who’s applying for a general application programmer to write a sort implementation is like interviewing for a job as a Cosmo article writer and being asked to produce a sonnet in the job interview. (With the added bonus of live critique questioning your choices.)
Now that’s not to say that knowing how to write sonnets isn’t a cool skill. It is.
But let’s look at what an article writer needs skill at that a sonnet writer doesn’t:

  • Ability to write whole sentences
  • On time
  • Correct length (sonnets have a lines/syllable count, but what an article writer needs is correct amount of space on the page, which is an entirely different form of length requirement)
  • On correct subject
  • Supports advertisers
  • Current and relevant
  • Literal language

What skills a sonnet writer needs that an article writer doesn’t:

  • A feel for syllables
  • Exhaustive vocabulary (because poetry readers will look up words but Cosmo readers almost certainly won’t)
  • How to write something timeless
  • The ability to fiddle until it’s “just so”
  • Metaphorical language

99.9% of all people making their living as writers aren’t writing poetry. 99.9% of the rest write greeting cards for money. The other two are poetry professors. Random aside: did you know Cupertino has a poet laureate?
99.9% of all software engineers making a living as such aren’t writing implementations of sort algorithms or developing new sort algorithms as their job.
Ask more relevant questions.

On Quark XPress's Demise

by 1 Comment

Back in the day, I used to write Quark XPress XTensions for a living, so this commentary (and linked article) about Quark XPress’s demise was fascinating.

One of those involved revamping and revising a significant (and sluggish) XTension to add new features.

I remember contacting Quark because of a problem we were having with so many boxes being laid out on the page (the XTension was for television listings, so there were often 600+).

They said, and I quote:

But why would you want to do that?

So I explained it to them, and they said:

Huh.

Here’s the thing. No matter what kind of program you write, someone will use it (or want to use it) in ways you don’t expect. You can learn to roll with that, or you can ignore it.

They chose to ignore it, as they chose with other customers.

And that is why oh so many of us no longer write Quark XTensions.

Why I Wrote the Calcumatic

by Leave a Comment

Bonjour to all my Francophone visitors!

A French site has linked to my E-Book Royalty Calcumatic, and there are a couple of points I wanted to address.

First, it is US-based, and it is my intention to expand it to other regions and vendors. It’s not my intent to be exhaustive, though.

One of the comments on the above link says (Original in French first, then a rough translation):

Etant donné que les ventes sont imprévisibles et aléatoires, ça en fait un outil complétement inutile!

Given that sales are unpredictable and random, that makes this tool completely useless!

Okay, it’s a fair point. Let’s look at why I did write it and get back to what it does and doesn’t mean.

There were a few reasons I wrote the tool the way I did (remember, I first wrote it in 2011):

  1. I worked on the Safari team at Apple and there was a cool new input element—range sliders—in HTML5. Every new toy must have a use case, right? This was mine. (I’d really love to have a pie chart slice draggy thing, honestly, but I’m not going to write one.)
  2. I wanted to convince some friends not to leave money on the table. Specifically, as someone who uses the Kindle format as my “last resort” choice, I wanted to convince them not to leave my money on the table. To this day, some people still only publish through Kindle’s program. Look, I get that there are compelling reasons for introducing books through Kindle’s store and giving them a 90-day exclusive. Truly I do.
  3. I figured I might actually educate some people who were readers, not writers—people who might think to take that extra moment to get the book from a different source that pays the authors better next time they were purchasing a book and had a choice of vendors.

However, there are always things you can’t control, right?

  1. You can’t control whether someone buys your book. Or not.
  2. You can’t control where someone buys your book (unless you sell it only in one place, which is a poor choice).

There are things you have some control over, though.

  1. You can put your book in multiple bookstores.
  2. You can preferentially feature stores that offer you better deals on your website. You don’t have to list Amazon first. (Yeah, I used to work at Apple, but this is just me being me, not me being an Apple alumna.)

See, I read in iBooks. I only read in iBooks.

Why? I think the layout and rendering is the best there. I like Apple’s choice of fonts. Iowan/Night theme gal, here. I like having all my books together in one big happy library.

I have a handful of Nook books. They are now in iBooks. I have a handful of Kindle books. They are ignored.

If you want me to purchase and read your book, you’ll put it somewhere in an EPUB. It’ll be available without DRM or it’ll be available in the iBooks store.

I don’t mind going to Smashwords to buy your books if I know they are DRM free. Heck, I’ll buy them off your website if I want to read the book and you sell direct. It doesn’t cost me anything extra, but you get paid faster and more money. Sounds like a win win to me.

Just don’t send me to the Kindle store, because you’ll lose the sale. Well, unless you write something so spectacular (like QF32) that I can’t resist buying the book. Still haven’t read it, though. But—you go ahead and land the biggest passenger airplane after an engine blows out and I’ll go to the Kindle store to buy your book, okay?

For years, I didn’t read The Hunger Games. Not available non-DRMed or on the iBooks store. Same thing with The Girl with the Dragon Tattoo when it was hot. I think we actually bought that one in paper—and Larsson’s heirs lost a few bucks accordingly.

I’m sure there are people equally fervent about their reading app of choice. Sell to them, too.