Wojciech Adam KoszekSoftware. Business. Design.http://www.koszek.com/blog2018-07-03T17:00:00-07:00Wojciech Adam KoszekSolution to an ugly cookie lawhttp://www.koszek.com/blog/2018/07/04/solution-to-an-ugly-cookie-law/2018-07-03T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>European Union has a law that addressed privacy issues of the Internet
users.
The law regulates a technology called
<a href="https://en.wikipedia.org/wiki/HTTP_cookie">HTTP Cookies</a>, which is a clunky but
necessary way of storing state on user’s computer.
There’s quite a bit of a background in here, and I don’t want to diverge
the discussion to technical topics too much.
To make it short: license plate on your car can be used for both identifying
you in front of the protected gate, making sure your car is operational and
registered.
Each time you come back to the gate, and either a camera or a security guest
sees your license plate, you’re permitted to go in.
But it can also be used to follow you on a highway and learn where
you live. HTTP cookie is that same for the Internet.</p>
<p>Casper clarified my understanding of the “Cookie Law”:</p>
<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">The “cookie law” is not about the cookies as technology, but about tracking people for “non-functional” purposes. So login and preferences is fine. Ads tracking not.</p>— Casper Bakker (@casperbakker) <a href="https://twitter.com/casperbakker/status/1014391738239258626?ref_src=twsrc%5Etfw">July 4, 2018</a></blockquote>
<script async="" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
<p>There are also fear that this law is a little difficult to understand:</p>
<blockquote class="twitter-tweet" data-lang="en"><p lang="en" dir="ltr">I do not say it is a great law or even effective. Only try to get this perception out that the EU is stupid because it is blocking cookies as a technology. That is not what the law is about.</p>— Casper Bakker (@casperbakker) <a href="https://twitter.com/casperbakker/status/1014434624494325760?ref_src=twsrc%5Etfw">July 4, 2018</a></blockquote>
<script async="" src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
<p>The reason is that the entry barrier to making websites has dropped.
It’s something people learn in school or from a popular press and books.
Publishing such websites should be possible immediately, and without
studying European politics.</p>
<p>My take is that the law was rushed, and made without consulting people who
could advise European commission on something that would solve problem in
a right way.</p>
<p>As a result, we end up with websites which work like this:</p>
<ul>
<li>Open website</li>
<li>Website looks beautiful.</li>
<li>There’s an really ugly pop-up window which consumes 30% of the screen, and
it states:</li>
</ul>
<p>Many websites just have “Allow” button, as they don’t imagine not tracking you.
Let’s take Wall Street Journal for instance:</p>
<blockquote>
<p>We use cookies for analytics, advertising and to improve our sire. You
agree to our use of cooking by closing this message box or contiuing to
use our site. To find out more, including how to change your settings, see
our Cookie Policy</p>
</blockquote>
<p>It is hard to opt-out here, isn’t it?</p>
<h2 id="user-point-of-view">User point of view</h2>
<p>Sad truth about modern Internet: the user has a decision to make:</p>
<ul>
<li>be tracked and visit the website</li>
<li>leave the website</li>
</ul>
<p>If you follow through all the steps with a set of dialog boxes, you will end
up tracked anyway. What it boils down to isn’t very hard to spot:
companies want to charge for
their content online, but have not yet found an effective way to do so.
It’s because users are accustomed to free content, and they can’t grasp the
idea of paying for reading.</p>
<p>And one needs to communicate to user: this content is paid and if you don’t
pay, you can’t watch. It’s sad for most users, I’m sure.</p>
<h2 id="continuous-improvement-in-technology">Continuous improvement in technology</h2>
<p>Technology is a hard thing to change.
Once deployed software lives in users computers and phones for a long time.
But there are examples of companies which brought very complex pieces of
technology in a seamless way.
By seamless I mean: user wasn’t aware that the technology switch had
happened, yet they immediately started to rip off benefits from an
improvement.</p>
<p>Notable examples are Google. Google Chrome browser is a battlefield for
testing new web protocols like <a href="https://www.chromium.org/quic">QUIC</a>.</p>
<p>Similar was Apple with an enforcement of encryption with
<a href="https://forums.developer.apple.com/thread/6767">Apple Transport Security</a>
. Apple announced it during
their WWDC conference that their software will start pushing developers
towards encrypted word.
Not forcibly at first: one would get a warning while accessing unencrypted
resources.
But after enough time has passed, and developers woke up, caught up with the
change and push required updates to the field, the switch was flipped.
If you want to build an insecure iOS application right now, you have to
explicitly tag it so, and let the operating system know which websites
you’re going to access in plain text.</p>
<p>Cookie law could be done the same way. Yes, it’s harder, but given the
dramatic impact on how all “Cookie warnings” made on the web, it should be
a logical next step.</p>
<h2 id="cookie-law-implemented-better">Cookie Law, implemented better</h2>
<p>European Union has a way to put pressure on certain Internet bodies which
can make Web changes be designed in a hollistic way.
One of the bodies that addresses the problems of technology used in the web
is W3C.
They design technology standards which companies like Google, Apple,
Microsoft and Mozilla could implement in their browsers.</p>
<p>Example of the standard could be: “W3C Cookie Privacy Standard”.</p>
<p>In this standard websites would have to publish an abstract on how they use
cookies.
It’s not very hard.
In the worst case machine readable file ‘cookies.json’ could be present in the top-most
directory with the website.
Upon fetching and reading it, the browser would get a hint on what each HTTP cookie does.
Or maybe each HTTP cookie name should indicate what it is: <code>cookie_auth_</code>
and <code>cookie_session_</code> would be the required ones, and <code>cookie_aux_</code> would
be the “other” ones.</p>
<p>User would select their privacy model once.
This choice would happen on a browser level.
In that sense, it’d be similar to the “green lock” which you get in the
address bar upon visit to the encrypted website.</p>
<p>Try it by yourself: <a href="https://www.bankofamerica.com">Bank of America</a>.
You see a green lock next to the URL?</p>
<p>There could be an indicator of the privacy level there too.
Upon the selection, users would either access the website without any more
questions asked each time, or get a popup that a given website doesn’t meet
their level of privacy.
Similar dialog you see if you enter websites that appear suspicious or those
which have broken encryption settings.</p>
<h2 id="summary">Summary</h2>
<p>I talked about <a href="https://www.koszek.com/blog/2015/08/10/non-continuous-innovation-is-dangerous/">bringing continuous changes into existing products before</a>
in a limited scope, but this is far more reaching than that.
I’m a little disappointed that a hard work of web designers around the world
has been distroyed by adding ugly dialogs everywhere.</p>
<p>I know that the law was required, and I believe it’s a law backed by a good
principle.
The solution was rushed and done without investigating
how things could be implemented with the collaboration of Web browser
makers.
There are only four of those, that amount to 99% of the Internet.
Having their experience and the EU principle would lead to something better
to what we have now.</p>
Don't Kid Yourself About Software Bootcampshttp://www.koszek.com/blog/2017/06/30/dont-kid-yourself-about-coding-bootcamps/2017-06-29T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>Don’t kid yourself about bootcamps. These intensive trainings last couple
of weeks and promise marvels. It’s not a good way to become a
software developer. It’s worthwhile experience and a good investment if you want to
start, but assuming you can become a “software engineer” or even “software
developer” during software bootcamp may end up in a surprise. I write this
because I met enough people <strong>discouraged</strong> by software bootcamps, since
they often end up disappointed and drop software work whatsoever. This is
bad, so below you have some suggestions about bootcamps.</p>
<p><strong>High-tech</strong> has this explosion of jobs which need people. There are
electronics jobs for electrical engineer, robotics jobs for mechanical
engineers and a lot of programming jobs for software engineers.</p>
<p><img src="/img/2017-06-30-dont-kid-yourself-about-coding-bootcamps/adam-sherez-190926_15p.jpg" alt="alt_text_1" title="Image_text_1" /></p>
<h2 id="everyone-know-shortcuts-dont-exist">Everyone know shortcuts don’t exist</h2>
<p>Now I’m sure you haven’t seen any bootcamps for <strong>electrical engineers</strong>. The
reason why is that it’s hard to become one: you need a blend of math and
physics with a great deal of effort put on practical implementation of
circuits, chips and design. If you attend the university to become an
electrical engineer, you’re not having a vacation for 4 years of your
bachelors studies. You’re being trained hard to become an EE engineer.
Assuming there’d be a magic shortcut to become an EE engineer in 12 weeks,
people would jump on it right away. I can guaratee you that.</p>
<p>Mechanical engineers are no exception. Frankly my university was famous for
mechanical engineering program. My father graduated from it in times when
Google and photocopiers didn’t exist, and people his age taught there. This
transpired to the quality of ME at my school. While during my CS studies I
had to take “Principles of Physics”, both part 1 and 2, mechanical
engineering people had parts 3, 4 and others. And while I had to take maybe
3 other similar classes (Solid State Physics for example), they studied this
all day long, for 4 years. Same here, if shortcuts for getting 90% of
mechanical engineering degree existed, I can easily name individual people
who’d pay $50k to just do it.</p>
<h2 id="everyone-says-shortcuts-are-possible">Everyone says shortcuts are possible</h2>
<p>When it comes to software, many people somehow assume that you can get into
software through a shortcut. That you can short-circuit normal engineering
study program to something really short. Something that would extract an
absolute essence, a golden rule of software, and just teach you that.
Examples I see around are bootcamps that last for 12–20 weeks.</p>
<blockquote>
<p>Think for a moment about your computer passion, interest and hobby as a
relationship. You want to get to know the person who you got attracted by.
Instead of committing 4 or 5 years of getting to know each other well enough
to survive normal day-to-day life, you decide to get into an accelerated
mode. A mode, where you spend 8 hours a day for 12 weeks with this person,
and keep asking all possible questions out there.</p>
</blockquote>
<p>Do you think that would work?</p>
<p>Medical industry in the US has the same problem as high-tech industry:
there’s just not enough people graduating to fill primary care physician
roles. The need for primary care physicians is so big that people look for
ways to shorten the usual five year medical school program and three years
of mandatory residency. But it’s at most shortened to four years. Not
several weeks. You wouldn’t want to be taken care of by a doctor after 20
weeks of schooling, wouldn’t you? Don’t expect that people with industry
software and production systems running and making money will let you
operate in their hospital.</p>
<p>In other words: while shortcuts can be taken, and study programs compressed,
there’s a limit. There’s a border which you can’t cross while attempting to
produce a human being capable of solving techical problems.</p>
<h2 id="do-you-need-a-bootcamp">Do you need a bootcamp?</h2>
<p>As I said at the beginning, bootcamp might be good for you if you know zero.
When you hear people getting into the software industry from a bootcamp, I
think they are exceptions. Probably they’re smart enough that they didn’t
need a bootcamp anyway. Maybe they were just too lazy to find necessary
books, materials and articles to self-study. You must remember that
survivorship bias is a serious problem during pros/cons analysis, and it’s
pretty common in many domains. We won’t know what happened with legions of
people who spared $5–$20k and didn’t get anywhere.</p>
<p>If you’re persistent and don’t want to invest so much into teaching help, do
know you can get into software industry by yourself. It’ll be hard and take
longer time, but will be more successful.</p>
<h2 id="do-this-instead">Do this instead</h2>
<p>This is my “no shortcut” list of getting more competent at software.</p>
<h4 id="books"><strong>BOOKS.</strong></h4>
<p>Learn enough to be able to program and start building software. The best
case is when you can show it.</p>
<h4 id="open-source"><strong>OPEN SOURCE.</strong></h4>
<p>Publish it on GitHub if possible. Don’t just
drop your program there–make it a product. Imagine that you’d like to
charge money for your creation. It has to have a name, a copyright,
well-written documentation. Everything must be well explained. If I go to
see your software, I must know what it is, how it works and why it’s there.
What problem it’s solving.</p>
<p>Bootcamps help here just a little bit, because they show you bite-sized
pieces that you can understand. The problem is that you’re solving someone’s
problem that you may not care about. It’s like any other assignment. The
studies on learning show you grasp concept fully if you work with them. Play
with some of your ideas in your mind, ask yourself if software could be a
solution to any of them. And if the answer is yes: act. Go and implement
some of your ideas in code.</p>
<p>I’ll be honest: even if your idea is simple, but is not a template from a
bootcamp’s assignment, I value it more. When I see a candidate showing his
“project”, and after searching in Google I see 97 other “real estate
catalog” project from the same bootcamp, I question whether it’s really a
“creation” or just a copy.</p>
<p>And by all means: make it work. If what you’re building is a website or a
web application, it must be up and running at all times. There’s nothing
worse than showing something that doesn’t work, and being questioned about
this later. This will cost you money (books, VM costs, bandwidth costs),
but treat it as a mandatory investment in yourself.</p>
<p><strong>ALGORITHMS, PUZZLES, INTERVIEW QUESTIONS.</strong></p>
<p>Want it or not, people will
interview you in one way or another. Interview hacks range from studying
from books like <a href="http://amzn.to/2sJZN6r">Cracking the Coding Interview</a> to just studying actual
algorithms <a href="http://amzn.to/2sK8nSx">Algorithms</a>. Next if I were to give you a life hack, I suggest
you interview with small teams, maybe startups. If possible, startups done
with first time entrepreneurs. In the ideal world, you want a person just
like you to interview you. This is one side of the scale. Another is an
interview at Facebook or Google, where people will ask you tricky questions
over the phone and figure out how much you know without even seeing you.</p>
<h2 id="summary">Summary</h2>
<p>You won’t be surprised to hear that there aren’t many shortcuts in getting
into one way or another. Make sure you study and do “high leverage” things.
Doing your own projects, publishing them and writing articles about your
creations I’d consider high leverage, along with the study for the actual
interviews. Just like a study with SAT or GRE exams, this will help you just
a little, but is more likely to score you an interview with a company that
would be your “foot in a door” of a software industry. Let me know if you
need any other advices. If you do, I may end up squeezing the topic of your
interest into my writing schedule.</p>
To actually ship software, add constraintshttp://www.koszek.com/blog/2017/06/28/to-actually-ship-software-add-constraints/2017-06-27T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>When you build <strong>your</strong> software, you don’t have the usual constraints
which you have at work: you don’t have a deadline, you don’t have specs, you
don’t have customers asking for features, no agile plan with stories,
sprints, points and tasks. You’re your own boss. You can do whatever you
want. For example: you can write your project in a niche programming
language maybe 500 people in the world use. <strong>And this is why programming is
great.</strong></p>
<p><img src="/img/2017-06-28-to-actually-ship-software-add-constraints/pawel-nolbert-291146_15p.jpg" alt="alt_text_1" title="Image_text_1" /></p>
<h2 id="problem">Problem</h2>
<p>The lack of constraints is <strong>disastrous</strong> for us.
As people we want more money, time or fame.
As software engineers we want faster processor, more memory, more bandwidth.
But constraints are what makes us going. They are here to be creative.</p>
<p>Let me give you a mental exercise here.
To benefit from it, done peak at further paragraphs. Just take your eyes of
the screen for a second and think. Here it is:</p>
<blockquote>
<p><strong>If I gave you right here and right now infinite amount of money, infinite
amount of time, ability to fly, read a human mind and teleport yourself in a
blink of an eye, what would you do RIGHT NOW.</strong></p>
</blockquote>
<p>Now the second exercise is this:</p>
<blockquote>
<p><strong>If I gave you $50 dollars, 50 minutes, and a nice shirt and pants, what
would you do RIGHT NOW?</strong></p>
</blockquote>
<p>Unless you’re extraordinary (in which case you can stop reading this –
better go save the world <em>right now</em>), I bet it took you less time to come
up with an answer to the second question.</p>
<p>Delivery of software is the same. With constrains it works much better that
without it. My take is this: impose constrains on yourself.</p>
<h2 id="root-causes">Root causes</h2>
<p>First problem is that software engineers are optimists. You like what you
do, you believe you can do it, and you start hacking things. When you
approach the problem however, you start to have doubts. It’s actually harder
the way you though. It’s actually massive. You find yourself reading three
times more than you wanted, and it looks overwhelming. What you could do
with your current knowledge is nothing compared to what was in your head.
You wanted a castle with an ocean view, and all you can do for now is a
wooden shack.</p>
<p>Second problem is that perfection and software want to go in pair. However
each date of the two doesn’t go too well. It’s as if one wanted every
painting of an artist to be a immediate hit. A masterpiece. That rarely
happens, and you get frustrated. You thing isn’t as nicely looking as the
source code you find around the Internet, so you stick it on the bottom
shelf of a desk and you forget about it.</p>
<p>Third problem is the freedom of making software. It can be disastrous, in
fact. When you attempt to “be on top” – follow the trends in fear of not
being able to catch up. <strong>This industry is so dynamic I can’t stop following
trends</strong>. My take on this is that it’s all crap.</p>
<h2 id="solutions">Solutions</h2>
<p><strong>As of now rule</strong>. Write the software however you can <em>as of now</em>. Learn as you go, and throw
new constructs, methods and functions as you go, but don’t reinvent things
in the middle. This works best if you have a product in mind, and you do
whatever is required to build this product. But even for just pure software
exercises I find it better to write crappy software version A, and then less
crappy software version B and take retrospective on the two and compare
them. And yes: this won’t be the greatest software on Earth. It won’t score
awards. But it’ll be working fine and will be consistent, and what’s the
most important: once you figure out your mind framework and your toolbox <em>as
of now</em>, you’ll be able to make progress quicker.</p>
<p><strong>Stick to what you know.</strong> To give you a practical tip on how to achieve
this, imagine you read a book. You’ve covered ‘if’, ‘else’, ‘switch’, ‘for’
and some basic structures. Design your program like this. And finish. By
the time you reach classes and inheritance, restrain from throwing them in
and removing the old code. Wrap up your program as it is, as long as it
works. And bum – you’re done. You’ve completed something from A to Z, and
it works. When version with classes arrives, you can compare the two and see
progress you’ve made.</p>
<p><strong>Stick to style.</strong> When asked, one of my mentors gave me
the advise: write a lot of code. When you start a project, pick its
technology. And style. And then stick to both of those.
And wrap the project up without modifying them.
You may be unhappy with your choice, but it’s much better to finish a piece
of imperfect software, then not to finish at all.</p>
<p><strong>Stick to frameworks/library choices.</strong> If after spending thirty hours you
realized that you’ve made a bad choice with a framework, library or a
framework: stick with it. Unless it’s absolutely impossible to progress with
your choice, stay with your initial choice. This is how most real-world
assignments will look like anyway: you’ll get to work on a huge body of code
written in technologies that are old or “seasoned” and you’ll have to add
new code there.</p>
<h2 id="time">Time</h2>
<p>The most important constraint is the time. Pick a timeframe for your
project. Partition it into hours of minutes. If you can spend at most 30
minutes every day on working on it, set your expectations straight: it’ll be
hard to ship an industry-grade code with 30 minutes a day, unless you stick
to it for an extended period of time. Time constraint is good, since again:
without a constraint, switching programming languages, programming style or
frameworks and libraries will cost you nothing, while in reality it’s
expensive. It’s like re-doing a brick house walls when the foundations are
already in place.</p>
<h2 id="pressure">Pressure</h2>
<p>Some of my best products and the worst code I wrote under time pressure.
When the thing you’re building <em>must</em> exist by next Thursday and you know
the damn thing isn’t yet building, not to mention of a notion of “working”,
you get pushed to the wall. Your adrenaline starts to work, and your brain
gets into a higher gear. At least that’s how I experience it. In situations
like this, I don’t deliver great software. By no means it could be shown in
a class as an example of the “industry practice”. But it works and gets me
further.</p>
<p>Impose the pressure on yourself and setup a deadlines. And meet
them. In case of getting close to a deadline, start cutting a scope of the
project. And never push the deadline. And keep the log. At the end of the
year, you can see how many of your ideas were actually completed on time,
and how many you’ve dropped.</p>
<p>Shipping is a success. Failing to meet a deadline is a failure. And remember
that any bad but working code is better than pristine clear code that
doesn’t nothing, or isn’t complete. In my case all “pressure code” could be
rebuilt and refactored later.</p>
<h2 id="give-it-a-try">Give it a try</h2>
<p>Before claiming rules above make no sense, give it a try. Next time you want
to backtrack on your choice of “fundamentals” of your project, think of what
we just covered and try to follow it. <strong>And then let me know how it went and
what the end result was</strong></p>
Hackers and Cooks: how building software really feels likehttp://www.koszek.com/blog/2017/06/26/hackers-and-cooks/2017-06-25T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>After a busy day of debugging you went grocery shopping. After starying for
eight hours straighs into the iTerm, being in the avocado section felt like
a breeze. And then you enter home.</p>
<h2 id="cooks">Cooks</h2>
<p>You enter the kitchen and it’s a mess. You’re scared of putting your bags
full of fresh, organic produce. Germs are everywhere, after all, and you
know it. The tabletop is sticky. Hard to be surprised–you can’t really
recall when it was last cleaned. Or who did it. For sure it wasn’t you. Not
since you started living here.</p>
<p>Stove has leftovers of soup. Or butter. Or a salad. Hard to say. This gluey
stuff around the electric spiral used to be something, for sure, but now
it’s just greese. It burns, smokes and smells each time you boil yourself
an egg, but normally it’s too late to do anything about it anyway, so you
just leave it like this. At this point it doesn’t matter–the walls around
and the ceiling look disguisting anyway. Since the last explosion of burning
oil and an accident with a blender it doesn’t make much of a difference.</p>
<p><img src="/img/2017-06-26-hackers-and-cooks/Dirty_dishes_25p.jpg" alt="alt_text_2" title="Image_text_2" /></p>
<p>You scrub a dirt from a floor with your left flip-flop, and put bags there.
Left hand close to the opened fridge, and right in a bag.</p>
<p>But wait.</p>
<p>Fridge is full. Not just full. Not simply full. Not full as in: I can’t
really fit my new grocery from the floor there. It’s full of things no
longer have proper name. Rotting vegetables, old cheese and sauces with no
due date. Were their yours? Or your roommates? I mean one of them might have
got them, but you don’t know which one.</p>
<p>That’s fine. It’s not the first time this happens.</p>
<p>Before groceries land in there, the fridge needs serious cleanup. You throw
bags of goo out, but since the trashcan is full and it’s too cold to go back
out now, you just dump the decomposting stuff into the sink. Just for now,
you kid yourself, but there’s no other way. You took the old soy milk
cartoon out, soon to realize it was there to hold a shelf.</p>
<p>You could in theory just ignore everything and screw a bolt in there to hold
the shelf, but who has time for this now. You just stick the old cartoon
back in there, but mark it as “DO NOT DRINK EVER”.</p>
<p>From fridge to sink. Now from bags to fridge. You just prevent yourself from
running into the same mistake, so things get labels: when you got them and
what’s the time by which to toss them away.</p>
<p>That’s it about the kitchen improvements here. The compost in the sink stays
there. You might manage to wash a piece of vegetable there on the side, and
with one eye on your freshly cooked vegetables and meat with sprinkling
olive oil, you manage to dig a place and clean a fork for yourself.</p>
<h2 id="hackers">Hackers</h2>
<p>Looking at <a href="HackerNews">https://news.ycombinator.com</a> and
<a href="Reddit">https://www.reddit.com</a> I have a feeling ninety percent of focus is
on software implementation, which is like cooking a dinner in the above
story. But every day is quite different: to be able to actually implement
a software product, you must first start from all the crap work that needs
to be done. Large number of people don’t see that, and if you do, you’ll
move ahead fast.</p>
<p>You’ll notice
that great software engineers can derive pride and some form of satisfaction
of just being in the
kitchen. The act of ripping the code apart and putting it back, better,
together is what makes them like software. And doing all these surrounding
activities is what makes a great cook great. Making yourself find at least
some joy in doing a full cycle of software development is important, since
otherwise the mental burnout happens. So try to get interested in testing,
release engineering, documentation, performance analysis and not just
writing code.</p>
<p>What I believe happens as a side effect of this process of “building
software” is that you start to appreciate all the people who do a tremendous
amount of crap-work and sometimes don’t get enough recognition. You see a
reliable unit-test suite in the product you’re contributing to? Well,
there’s this one person who might have put a huge amount of work to make it
work reliable. Always remember that.</p>
<p><img src="/img/2017-06-26-hackers-and-cooks/7735462760_1195e2d127_b_50p.jpg" alt="alt_text_3" title="Image_text_3" /></p>
Great Movies About Designhttp://www.koszek.com/blog/2017/06/05/great-movies-about-design/2017-06-04T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>Design is an overloaded word, but we all get it when we see or experience
it. For software design and achieving usability the basics of design are
indespensible. Understanding why things are placed the certain way and have
certain color is important.</p>
<p><img src="/img/2017-06-05-the-best-movies-for-designers/federica-campanaro-27450_15p.jpg" alt="alt_text_1" title="Image_text_1" /></p>
<p>Reading about it is great, and I highly
encourage you to buy <a href="http://amzn.to/2seIqyg">Non-Designers Design Book</a>,
but if you prefer to watch something in the moments of relative downtime,
below is the list of movies about design.</p>
<h2 id="objectified">Objectified</h2>
<p>Great movie for a general take on Design. Encouraged me to explore things
further.</p>
<iframe width="560" height="315" src="https://www.youtube.com/embed/Ty0fGn8fiUU" frameborder="0" allowfullscreen=""></iframe>
<h2 id="bbc---the-genius-of-design">BBC - The Genius of Design</h2>
<p>This is an excellent take on history of design, and I had fun watching all
five episodes of it. Here I’m linking only the first part, but just stick to
YouTube’s navigation and you’ll be able to get to four following episodes.</p>
<iframe width="560" height="315" src="https://www.youtube.com/embed/1ofW8yT6aoM" frameborder="0" allowfullscreen=""></iframe>
<h2 id="helvetica">Helvetica</h2>
<p>My interest in design comes from the need of building usable software
products, and you can’t really escape the typography for this.</p>
<p><a href="https://www.amazon.com/Helvetica-David-Carson/dp/B000VWEFP8/ref=as_li_ss_il?ie=UTF8&qid=1496813105&sr=8-2&keywords=helvetica&linkCode=li2&tag=wkoszek08-20&linkId=88c757d576caad74890210996437aa2d" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B000VWEFP8&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B000VWEFP8" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<h2 id="design-fundamentals-code-school">Design Fundamentals (Code School)</h2>
<p>Not a movie per-se, but it’s a video training with interactive exercises
about design fundamentals. It talks about things which you may not be aware
of, such as meaning and importance of color, fonts, placement.</p>
<p><a href="http://design.codeschool.com/levels/1">
<img src="/img/2017-06-05-the-best-movies-for-designers/typography_50p.jpg" />
</a></p>
<h2 id="summary">Summary</h2>
<p>I’ve identified just four titles so far.
<a href="https://www.udemy.com">Udemy</a>,
<a href="https://www.lynda.com">Lynda</a> and other video
trainings must have great resources too, but I just don’t know them.
If you think there’s something else worth the time investment, let me know.
I’ll add it to this page and give you a credit.</p>
Which Open Source Projects Should You Contribute Tohttp://www.koszek.com/blog/2017/05/31/which-open-source-projects-should-you-contribute-to/2017-05-30T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>I don’t remember which audiobook I heard it from, but the author stated we
all seek and are directed by four things: status, power, money, and
popularity. Working on software is no different: people don’t spend their
private time in front of the computer hacking code without a reason.</p>
<p><img src="/img/2017-05-31-how-to-select-an-open-source-project-to-contribute-to/markus-spiske-109588_10p.jpg" alt="alt_text_1" title="Image_text_1" /></p>
<p>You must like to get critique from people who read your code, since it
improves your skills. After you bring changes and the people like them, it
brings all of your “ratios” higher too. Another example is when your
projects reach certain level on maturity and you get recognized by other
hackers (through GitHub stars) when they like the program you wrote or the
tool you’ve hacked. Personally I get a spike of motivation that way. It’s
one of the things that keeps me going with <a href="https://github.com/wkoszek">my Open Source</a>.</p>
<p>My view is that it’s positive–contributing to the Open Source makes sense,
after all. Most of the time. Here we will talk about projects which you
should focus on, depending on your goals.</p>
<h2 id="status-using-open-source-to-get-a-real-world-experience">Status: using Open Source to get a real-world experience</h2>
<p><strong>Example:</strong> <a href="https://www.freebsd.org/">FreeBSD</a>, <a href="https://www.netbsd.org/">NetBSD</a>, <a href="https://www.openbsd.org/">OpenBSD</a>, <a href="https://www.kernel.org/">Linux</a>, <a href="https://www.gnome.org/">GNOME</a>, <a href="https://www.kde.org/">KDE</a>, <a href="https://nginx.org/en/">NGINX</a>, <a href="https://www.apache.org/">Apache</a></p>
<p><img src="/img/2017-05-31-how-to-select-an-open-source-project-to-contribute-to/Freebsd-logo_75p.jpg" alt="alt_text_5" title="Image_text_5" /></p>
<p>For real-world experience, you must find big, well-established software
projects. They must have many people contributing. The structure of the
project must be figured out. The whole ecosystem behind the project must
look fairly serious. Very often on the website of this project you’ll see a
name of the foundation slapped somewhere down to the bottom.</p>
<p>Here’s the reasoning behind all of this: it must have signs of similarity
between typical commercial setting, where software engineers work for the
company. You’ll experience the same benefits and the same frustrations as if
it was your job. Examples of such problems are: responsible party doesn’t
like your code. Such person can be hard to get to, be busy, unwilling to
help you, have issues understanding you and your goals. These problems are
present in everyday life in the life of the software project, and if you
manage to handle all of it, it’ll be a good indicator on how you’ll like
working in a software company.</p>
<h2 id="power-expanding-computer-scienceengineering-knowledge">Power: expanding Computer Science/Engineering knowledge</h2>
<p><strong>Example:</strong> <a href="https://www.freebsd.org/">FreeBSD</a>, <a href="https://www.kernel.org/">Linux</a>, <a href="https://www.tensorflow.org/">Tensorflow</a>, <a href="http://llvm.org/">LLVM</a>, <a href="https://clang.llvm.org/">Clang</a>, <a href="https://gcc.gnu.org/">GCC</a>, <a href="https://www.gnu.org/s/gdb/">GDB</a>, <a href="https://www.postgresql.org/">PostgresSQL</a></p>
<p><img src="/img/2017-05-31-how-to-select-an-open-source-project-to-contribute-to/PostgreSQL_logo_75p.jpg" alt="alt_text_18" title="Image_text_18" /></p>
<p>For this you’ll seek software that executes a lot. Sounds funny? Well, the
truth about “normal” everyday software is that however you write it, it’s
likely to be fast enough. No optimizations, no special algorithms. Default
boring algorithms from the standard library of Python or Ruby will be fast
enough for 70% cases of your problems. These 25% of cases are where going to
something like Go, Rust, C++ or finally C might be worth. For the cost of 3x of
software productivity you’ll get something that is anything from 2x to 1000x
faster.</p>
<p>Finally comes something I’d call ‘5% software’: compiler, interpreter or
operating systems code. Code executed hundreds times a second, always, for
every program you run on your machine. This is where you’ll see fast
algorithms, multi-threaded code, a lot of performance hacks. Implementing those
here makes sense, since they’ll save you hours of computing time, if you look
at it in 8hr/day perspective.</p>
<h2 id="popularity-getting-recognition-through-open-source">Popularity: getting recognition through Open Source</h2>
<p><strong>Example</strong> any of the above, really..</p>
<p>To be able to get recognized in the Open Source community you’ll have to stick
to one thing, possibly for extented period of time. We’re talking years,
instead of months. This will require patience, and being able to:</p>
<ul>
<li>attract new users with your code (possibly making it solve their problem) and</li>
<li>being able to communicate well.</li>
</ul>
<p>Another idea is to get to the big project, figure out what the burning issues
are, and attempt to solve them. Another plus you get if this is something
boring or hard to do. Something other people aren’t willing to tackle in their
free, unpaid time. For example a large number of Open Source projects aren’t
doing a great job at testing, so if you offer your hand in testing the code,
people will be thrilled.</p>
<h2 id="money-getting-a-job-with-open-source">Money: getting a job with Open Source</h2>
<p><strong>Example</strong> <a href="https://facebook.github.io/react/">ReactJS</a> (FB), <a href="https://www.android.com/">Android</a> (Google), <a href="https://www.ansible.com/">Ansible</a> (Red Hat), etc.</p>
<p>In 2010 I’ve gotten a job because of a very little number of Open Source
contributions. The thing is that other people who applied had none, as far
as I was informed. Out of my commits which I could show, some of them were
commited to a bigger projects. I guess it was enough to show I’m capable of
reading large chunks of code.</p>
<p>Sometimes just mere interest in Open Source could help, because many
companies didn’t know how to handle Open Source software.</p>
<p>The yardstick may be higher for some companies though. Open Source infiltrated many
software houses after all, so
just showing couple of contributions to <a href="http://hadoop.apache.org/">Hadoop</a> when you apply to Facebook
may not be enough. But there’s another way…</p>
<p>Established software companies publish code. A lot of code. If I were an manager on a team
with some Open Source code published, my top priority during hiring would be
to reach out to my engineers and pick people who contributed to our GitHub
repositories. Why?</p>
<p>People who sacrificed their private time to come to our GitHub repository,
read the code, try it out and maybe improve it definitely have some skill
and, more important, some interest in what my team does.</p>
<h2 id="summary">Summary</h2>
<p>Hacking software long-term is a lot of work, and it’s nice to be concious
and aware how and why you channel your creative energy towards some things,
and not the others, and I hope this article was useful. Let me know if it
had influenced your decision in any way.</p>
15 Tips on Staying Productive Offline as a Software Engineerhttp://www.koszek.com/blog/2017/05/22/15-tips-on-staying-productive-offline-as-a-software-engineer/2017-05-21T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>Software engineer offline you can be more productive.
I argue that being offline actually helps a lot, especially with <em>focus</em>.
You may in theory waste your time becuase you’ll reimplement a function,
or done things suboptimally, but it’s not that much of a deal.
Below I tell you how to give it a try, and I walk you through the tools I use.
Why staying offline may help?</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/courtney-recker-190987_10p.jpg" alt="alt_text_0" title="Image_text_0" /></p>
<h2 id="no-distractions">No distractions</h2>
<p>When you flip ‘Wi-Fi’ off, <a href="https://hangouts.google.com/">Hangouts</a>, <a href="https://slack.com/">Slack</a>, <a href="https://www.hipchat.com/">HipChat</a>, e-mail notifications,
push notifications, iMessage and your other enemies stop to work. Do it
regularly and you’ll see its benefits.</p>
<h2 id="source-code">Source code</h2>
<p>Just fetch Git repositories upfront. You should have a directory on your
Desktop or a home folder, where you fetch everything (I call it ‘~/r’ for
“repositories). The reason for this is that a virtual machine started in “r”
directory will make these repositories show up in the VM’s filesystem, so
that you can safely play with source code and various versions of compilers
and interpreters.</p>
<p>Git works great by default, because it was designed for a distributed work.
Subversion and CVS on the other hand aren’t. You must have a direct access
to the server to deal with repos. As a remedy–fetch the code, and do:</p>
<div class="highlight"><pre class="highlight plaintext"><code>svn co https://svn.freebsd.org/base/head
cd head
git init
git add *
git commit -m "snapshot of the code for reading"
</code></pre></div>
<p>Many projects also have mirrors on GitHub, so check that first if you have
to.</p>
<p>When you’re on LTE or a crappy Wifi it’s much better to just SSH to your
remote box (you do have a remote box for your own purposes, right?) and just
<code>git clone</code> there. After cloning, you can always do:</p>
<div class="highlight"><pre class="highlight plaintext"><code>rm -rf project/.git && tar cJf project.txz project/
</code></pre></div>
<p>and download <code>project.txz</code> for bandwidth saving.</p>
<p>Nice thing about Open Source is that you can figure most of the things out
if you apply yourself. I’ve got much better at code reading thanks to
offline work, because instead of going to <a href="https://www.stackoverflow.com">Stack
Overflow</a>, I went to the
source code instead.</p>
<h2 id="todo-lists">Todo Lists</h2>
<p>During work on source code, post of the time I’m collecting notes.
Notes and ‘to do’ items land on my list, which helps me beeing productive.
To do when I work offline has a special task as well: I postpone visiting
the sites which I must visit. I wish <a href="https://pinboard.in/">pinboard.in</a> worked offline.</p>
<p>Writing to do lists and going through them is explained in Getting Things
Done.</p>
<p><a href="https://www.amazon.com/Getting-Things-Done-Stress-Free-Productivity/dp/0143126563/ref=as_li_ss_il?ie=UTF8&qid=1495640008&sr=8-1&keywords=getting+things+done&linkCode=li2&tag=wkoszek08-20&linkId=48dbe96f1769e5f30236381f3da83aef" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=0143126563&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=0143126563" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>If you have problems achieving your goals, I highly encourage you to get it.
It helped me a lot.</p>
<p>Without turning our discussion to “to do list app comparison”, I use
<a href="https://www.wunderlist.com/">Wunderlist</a>. You use something similar already, so done change anything here.
Microsoft recently acquired Wunderlist, so picking it up now may not be a
good choice. But it works in a decent way offline, and I’ve been using it
since 2014, so for now I’m stuck with it.</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/wunderlist_50p.jpg" alt="alt_text_39" title="Image_text_39" /></p>
<h2 id="development-environment">Development environment</h2>
<p>While <code>apt</code>, <code>brew</code>, <code>gem</code> and other distributed software is great, they
suck during offline work. You must arm yourself for offline work, so that
calling <code>apt</code> won’t be required. I do this with Vagrant. Before trips,
unless I already use a VM for my project, I’ll do:</p>
<div class="highlight"><pre class="highlight plaintext"><code>mkdir offline_project
cd offline_project
vagrant up ubuntu/trusty64
vagrant ssh
</code></pre></div>
<p>and then provision my development environment inside. There’s nothing more
frustrating than getting into the train, starting “rails server” and
realizing that some <code>.deb</code> packages of some Ruby <code>gems</code> aren’t installed.</p>
<p>The tools have their quirks, so while <code>gem</code> may install a lot of megabytes
of data, the Homebrew takes forever to run due to its default policy to
update on each run (use <code>env HOMEBREW_NO_AUTO_UPDATE=1 brew ...</code> instead).
In other words: have your tools ready.</p>
<h2 id="reading-long-articles">Reading long articles</h2>
<p>Read on Kindle, if you can. Install “Send to Kindle” Chrome extension, and
click it each time you stumble upon a website which is interesting. It’ll
get transfered to Kindle, and afterwards it’ll be available on it. Kindle is
great because of long battery life, but terrible if the text you want to
read has graphics.</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/kindle_75p.jpg" alt="alt_text_23" title="Image_text_23" /></p>
<h2 id="distraction-free-reading-websites-and-blogs">Distraction free reading: websites and blogs</h2>
<p>Nowadays there are few blogs that I really follow, yet if I like the
website’s content, I may subscribe to their RSS feed. I use <a href="http://www.vienna-rss.org/">Vienna
RSS</a>:</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/vienna_75p.jpg" alt="alt_text_35" title="Image_text_35" /></p>
<p>It works fine offline, so before long trips I’ll sync articles to it, and
then I can read them.</p>
<p>There are many more options such as <a href="http://reederapp.com/">Reeder</a> or <a href="http://readkitapp.com/">ReadKit</a>. They can sync-up with
<a href="https://getpocket.com/">Pocket</a>, <a href="https://pinboard.in/">Pinboard.in</a> and many other “read later” managers.</p>
<h2 id="reading-complete-collections-of-articles">Reading complete collections of articles</h2>
<p>There are companies like <a href="https://www.crazyegg.com/">CrazyEgg</a> or <a href="https://www.kissmetrics.com/">KISSmetrics</a> whose blogs are full of
valuable content. I’m experimenting with fetching these articles in a form
available to me online. I’ve made a primitive repository for scripts which
fetch stuff from websites and let me make PDFs for reading:</p>
<p><a href="https://github.com/wkoszek/stay_offline">https://github.com/wkoszek/stay_offline</a></p>
<p>Feel free to contribute your scripts.</p>
<p>In parallel I’m experimenting which
<a href="FiveFilters">https://github.com/fivefilters/ftr-site-config</a> and
<a href="https://feedhq.org">https://feedhq.org</a> which convert the websites to RSS
feed with essential content. This should work great for offline reading. I
just haven’t tried that yet. If you use them, let me know.</p>
<h2 id="reading-documentation">Reading documentation</h2>
<p>Reading documentation is another nut to crack, because this type of content
is very hyperlink-rich. You’ll find yourself reading 1/4 of a page of text,
and may need to lookup 3 more pages. Not only that, some documentation
package are big, in hundreds of MBs big. I use
<a href="https://kapeli.com/dash">Dash</a> for this.</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/dash_75p.jpg" alt="alt_text_11" title="Image_text_11" /></p>
<p>It’s an OSX
reader for offline documentation packages called ‘docsets’. Community
generates ‘docsets’ for particular technology, and we can read them offline.</p>
<p>Dash is good enough, so I paid $25 for it. If you’re offline rarely, it’s
free, with the exception that each time you switch a chapter in a docset,
you’ll have to wait 10s.</p>
<h2 id="writing">Writing</h2>
<p>Writing offline isn’t as much hassle as reading. Not much to cover here. I’m
figuring out my favorite stuff for this. After trying
<a href="http://happenapps.com/#quiver">Quiver</a> and
<a href="https://ulyssesapp.com">Ulysses</a>, mostly because I’m a fan of 3-pane mode,
as it fits a lot of data on my screen.</p>
<p>I also use <a href="https://www.vim.org">Vim</a>.
I’m writing to you from Vim, in fact. Just an old habit.</p>
<h2 id="youtube-tutorials--documentaries--fun-stuff">YouTube tutorials / documentaries / fun stuff</h2>
<p>Use <a href="https://ulyssesapp.com">youtube-dl</a>.</p>
<p>This is my best tool for productive work, and I often use it
like:</p>
<div class="highlight"><pre class="highlight plaintext"><code>youtube-dl -a -
</code></pre></div>
<p>(I now paste the links of videos I want, and then press CTRL+d).</p>
<h2 id="watching-on-an-ipad">Watching on an iPad</h2>
<p>When I travel or go in nowhere land, I bring my iPad Pro. It’s as big and as
heavy as my Macbook Air, but also has a battery that can last for a long
time. Watching videos and trainings on it is great. I use <a href="https://itunes.apple.com/us/app/oplayerhd-lite-media-player-video-file-manager/id385896088?mt=8">OPlayerHD
Lite</a>
for this.</p>
<p>There are reasons why I picked OPlayerHD Lite over other players: after I connect
an iPad to my Mac, it makes the OPlayer’s folder visible in iTunes. So you
can drag & drop whole folders to an iPad.</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/ipad_75p.jpg" alt="alt_text_17" title="Image_text_17" /></p>
<p>Another reason: you can do it without cables. Either use iTunes sharing
through Wi-Fi, or via OPlayerHD: it has an HTTP server, so you can upload
files directly to it.</p>
<h2 id="podcasts">Podcasts</h2>
<p>There’s not much choice here. You should use iTunes. For sound podcasts,
it’s not much of an issues. For videos, just synchronize all
the episodes, and if required, copy them over to your iPad/iPhone. If you
don’t like iTunes, watch them in <a href="https://itunes.apple.com/us/app/oplayerhd-lite-media-player-video-file-manager/id385896088?mt=8">OPlayerHD
Lite</a>.</p>
<h2 id="dropbox">Dropbox</h2>
<p><a href="https://www.dropbox.com">Dropbox</a> is really bad for offline work. You must sync every file one by one
to get it downloaded for offline mode. For PDFs it’s terrible, since
included PDF reader doesn’t do a good job. But in the emergency situation it
should be fine to just see/read stuff. So just remember that “Make available
offline” optino it’s there (at least on the iOS)</p>
<p>My belief is that <a href="https://www.google.com/drive/">Google Drive</a> app is better, but honestly I’d like
something trivial, as: download all the cloud to my phone, and let me use
native apps for accessing content. For example: fetched PDFs I’d like to
read in iBooks.</p>
<h2 id="if-you-cant-go-offline---blocking-websites">If you can’t go offline - blocking websites</h2>
<p>Use <a href="https://chrome.google.com/webstore/detail/stayfocusd/laankejkbhbdhmipfmgcngdelahlfoji?hl=en">Stay Focused</a>
- Google Chrome extension which times websites which
you give it. If you give it Facebook, LinkedIn, Twitter and others, it’ll
time you and stop you from wasting hours in your social circles.</p>
<p><img src="/img/2017-05-22-15-tips-on-staying-productive-offline-as-a-software-engineer/stay_focused_50p.jpg" alt="alt_text_27" title="Image_text_27" /></p>
<h2 id="blocking-unwanted-traffic">Blocking unwanted traffic</h2>
<p>I need to figure this out. I’m not using anything now, but you and I should.
Especially on LTE, when a random program starts to fetch stuff in the
background.
Blocking all the programs for 40 minutes with the exception of your own browser would be
nice. <a href="https://www.obdev.at/products/littlesnitch/index.html">LittleSnitch</a>
program should be able to do it. I just haven’t tried that yet.</p>
<p>If you’re comfortable with <code>pf</code>, the OSX comes with a fully-featured BSD
<code>pf</code> network filter, and it should all be possible there.</p>
<h2 id="summary">Summary</h2>
<p>Staying offline should help you. Try the programs from above, and if you use
something better, definitely let me know. I’d like to give it a shot.</p>
What it's like to write software in the hardware industryhttp://www.koszek.com/blog/2017/05/13/what-i-learned-from-writing-software-in-hardware-industry/2017-05-12T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p><a href="https://www.joelonsoftware.com">Joel Spolsky</a> stated that as a software
engineer one can have a great workspace experience in the software company.
When I first read it, I worked for the hardware company, in fact, and it
took me a while to understand what he meant. Let’s say he was 50% right.</p>
<p><img src="/img/2017-05-13-what-i-learned-from-writing-software-in-hardware-industry/ST_Microelectronics_OSMLT04_H_mouse_sensor_chip_with_vertical_and_horizontal_illumination_15p.jpg" alt="alt_text_1" title="Image_text_1" /></p>
<p>What I share with you here is my experience is backed by one year of internship at
<a href="https://www.xilinx.com">Xilinx</a> in 2011, followed by
three year full-time 2012–2015. I worked for a hardware/software team writing
low-level drivers to the OS used for stress-testing of silicon. Such an
OS runs on a silicon prototype, and tries to beat your CPU and I/O subsystem
to death. This all is done in hope silicon issues will get exposed before
the chip hits the fab, which means huge money savings.</p>
<p><strong>Note</strong>: I was very lucky, because I joined an experienced team, and worked
with good people. Things like this you can’t really control upfront, and I
do agree that your experience may vary, depending on where you go.</p>
<h2 id="process">Process</h2>
<p>Every part of the tool chain in the hardware industry moves slower than in
pure software companies. I always give <a href="www.tcl.tk">Tcl</a> as an example, which <em>just</em> got
included in recent hardware modeling tools. On the contrary, people who
will enter workforce this year don’t even know what Tcl is. Other tools have
Motif-based UI and look like from previous generation. But since they are
mostly solid and stable, there’s no need to rewrite. There’s a space for
good software engineers, because semiconductors are transforming. New
expectation is that most of the platforms will run OS of some sort. Often
Linux. And for this there’s a lot of software to be written on all levels:
BootROMs, firmware, loaders, linkers.</p>
<p>You may like it. If you’re like me, you can pick up a technology and just
stick to it. The more comfortable you get, the more you forget it’s older
and maybe less fleshy, but you can get from A to B as well.</p>
<p>If you wonder where you can find long-lasting software, it might be a
hardware industry. Because some of the customers of big semiconductor
companies want to have 10–20yr guarantees on the supply of parts, all the
tools have to keep backward compatibility. Which leads us to…</p>
<h2 id="software-architecture">Software architecture</h2>
<p>As stated earlier, I was lucky: the OS I worked with had an outstanding
quality. Much better to what you can get in the Open Source, with coding
standards and conventions enforced in a much stricter way. You really sweat
during the code review and you can’t use any silly excuses.</p>
<p>To some extend it reminded me working on FreeBSD. The thing you build
support N different architectures, and if you want to change a shared piece,
it’ll mean a lot of testing.</p>
<p>You’ll get to see some ugly looking code too. Code written by hardware
engineers who never done any real software, for example. And you’ll have to
live with it. The value of the legacy code is just simply to big to throw
some of it away, and rewrite.</p>
<p><img src="/img/2017-05-13-what-i-learned-from-writing-software-in-hardware-industry/yung-chang-108329_15p.jpg" alt="alt_text_7" title="Image_text_7" /></p>
<p>This is what I believe was one of the major lessons: incrementally fix and
improve, instead of replace. Replacing too often ends up giving you
something only 5% better (or worse: 0 or -5% better), with no apparent
advantages.</p>
<p>There’ll be a lot of code written 7–10 years ago, and you won’t get a chance
to learn why things are done certain way.
My belief is that I picked up some code-reading skills too because of that.</p>
<h2 id="skillset">Skillset</h2>
<p>Unless you’ve worked at the hardware company, you will have a hard time
getting your hands busy with real computer engineering. During university
I’ve worked with assembly and <em>believed</em> I understood caching effects.
Only when you get to solve some real production issues do you get a
sense of what’s going on in the computer system. I always say that joining Xilinx was one of the
best decisions I’ve made in my life, since being able to reason about
software from the lowest-levels is very valuable going forwards with your career.</p>
<p><strong>Things you can expect to learn</strong></p>
<ul>
<li>how CPU works</li>
<li>how CPU and memory busses work</li>
<li>how switches and intelligent interconnects work</li>
<li>bringing analog and digital worlds</li>
<li>clockings and dividers of frequencies</li>
<li>true full-stack software architecture (how HDL code ties to assembly code,
how assembly ties to C and later what the impacts of these relationships
can be on the user)</li>
<li>physical and virtual memory management</li>
</ul>
<p>The good thing is that unlike schools which often give you a CPU simulator
or an abstract, simplified model of the CPU, here you have a real thing,
which is destined to hit a shelf and start shipping to the customers. And
it’s up to you to debug it, and the firm provides you whatever it takes to
narrow down issues.</p>
<h2 id="equipment">Equipment</h2>
<p>If you like gadgets and big electronic toys, this is the place. Agilent
logic analyzers are everywhere, together with multimeters, measurement
stations, soldering irons, etc. Labs are filled with top-notch equipment,
because during silicon debugging, you need all this stuff. The most
interesting toys are definitely full-system simulators, where you can
single-step the system <em>on the cycle level</em>. So you can take a snapshot of
signals at any clock cycle, look at CPU and memory buses. This is a lot of
fun if you’re into systems.</p>
<h2 id="speed">Speed</h2>
<p>In my opinion the speed of hardware industry is dictated by cycles. Cycles
represent the production of the silicon, and then the deadline of this are
near, everything gets very busy.</p>
<p>This is because we’re talking about manufacturing of real physical products,
with real tools for real money. You can’t say you’ll be delay, because
schedules for the fab, waver testing and finally tapeout are pretty scrictly
followed.</p>
<p>Know that semiconductor companies differ. For example, Apple, is is a
semiconductor company nota-bene to, is very busy always, since their
tape-outs every 6 months are tied to keynotes and new product announcements.
Every iPhone, iPad, AirPod and other products have custom silicon.</p>
<h2 id="methodology">Methodology</h2>
<p>I don’t recall anybody using agile methodology conciously.
For sure there were no “sprints”, no “backlogs”, no retrospectives.
But there’s a normal division of work: you get a ticket, you estimate it and
you work on it. I haven’t found it anymore chaotic than Agile. To be
honest, it was more figured out, since the dates and deadlines were known.
The chip structure didn’t change, so you know that e.g.: your team will have
to deliver five subprojects/pieces of code, and you all concentrate on it.</p>
<h2 id="money">Money</h2>
<p><img src="/img/2017-05-13-what-i-learned-from-writing-software-in-hardware-industry/fabian-blank-78637_10p.jpg" alt="alt_text_0" title="Image_text_0" /></p>
<p>One of the things which motivated me to move out of the hardware industry
was a pay. It’s generally underpaid industry given how much skill and
knowledge there is. Unless the connection of the hardware and software is
exactly what you want, you may be better of in some IoT startups. You may
get a chance to experience similar feel debugging microcontrollers, yet get
a decent paycheck.</p>
<h2 id="people">People</h2>
<p>One of the best parts of hardware industry are the people.
Because I like to work with people who are smarter than me, hardware
environment was perfect. Filled with people who graduated from EE and
physics, made me learn thing which otherwise I’d not have known about.</p>
<p>The median age in the semiconductors is higher, so you’ll work with older
folks, which is great, since you get to understand the background behind
certain technological and strategic decisions. I’ve always had lunch with
people with 20+ years of experience of building chips.</p>
<h2 id="summary">Summary</h2>
<p>If you’re interesting in a long-term career in computer or software systems,
getting your hands dirty with the hardware might be advised. If you start to
like and enjoy it, consider doing an internship in one of the semiconductor
companies. If you’re naturally drawn to things lying “underneath”, and you’d
rather understand the bits and pieces, than to wire big blocks of existing
abstractions, the hardware industry may be for you.</p>
Treat Continuous Integration as your virtual userhttp://www.koszek.com/blog/2017/05/07/treat-ci-as-a-virtual-user/2017-05-06T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>Ninety five percent of professional software engineers use <a href="https://jenkins.io">Jenkins</a> as a <a href="https://en.wikipedia.org/wiki/Continuous_integration">Continuous Integration</a>. The rest are consumers of <a href="https://www.travis-ci.org">Travis-Ci</a>, <a href="https://www.circleci.com">Circle CI</a> and many other
hosted CI platforms. None of these platforms are opinionated. They are just a little
smarter replacements of <code>cron</code>, allowing you to simply throw many commands
into the flow to build your software. We use these tools in a dump way, I
argue, and it wastes the time of customers of our software.</p>
<p>My view is that you should use Continuous Integration server as your virtual
user. Your testing buddy. He watches over your arm and sees you pushing new
changes to the repository. The moment you finish, he goes and fetches all
your stuff tirelessly. And the flow of this virtual user should be <em>the
same</em> as your normal user.</p>
<h2 id="problems-with-existing-continuous-integration-platforms">Problems with existing Continuous Integration platforms</h2>
<p>All CI solutions <strong>make it hard</strong> to structure your CI jobs as a virtual
users. Because they are flexible, they let us stick many commands and flows
into their configuration. In the case of Jenkins it’s <code>Jenkinsfile</code>, in case
of Travis-Ci it’s <code>travis.yml</code> etc.</p>
<p>Sometimes I see people using two systems for testing. Instead of converging
the configurations, they develop them independently. So you’ll see many,
many steps in <code>travis.yml</code> and <code>cicle.yml</code> that are fairly <strong>different</strong>.
That’s a mistake. <em>Don’t do this</em></p>
<p>The issue I have with these solutions is that once you put your logic there,
you’ve just made your flow better for nobody else, but yourself. Neither
Jenkins nor Travis-Ci flows can be reproduced easily. Users can’t replay
these files, so all the knowledge you stick there is useless, or hard to use
at least.</p>
<h2 id="alternative">Alternative</h2>
<p>Alternative solution is simple. Follow
a <a href="https://www.koszek.com/blog/2017/04/29/single-command-principle/">Single Command Principle</a>.
Automate your build, test and installation stages through a script, and then
just use it on your CI server. <strong>The very same script</strong></p>
<p>At most, your CI job should have 1–3 commands. Again I know it’s hard,
since things like shipping secrets and SSH keys to your CI server may be
very specific to the platform you use. I get that. But remember that
everything what you do in CI server configuration can be done in a normal script,
and I’d rather see that. Make it adjust accordingly depending on whether
it’s a Travis-CI builder, or an unknown host.</p>
<p>This way the code fresh out of the repository can be both continually
tested, but also <strong>delivered</strong> to the user – a thing that we really care
about.</p>
<h2 id="summary">Summary</h2>
<p>I would like to see your Continuous Integration best practices and how you
handle managing them in your environment.</p>
Single Command Principlehttp://www.koszek.com/blog/2017/04/29/single-command-principle/2017-04-28T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>You should follow the <strong>Single Command Principle</strong> of software deployment.
A customer takes your software from the repository, looks at the <code>README</code>
file and sees a single command. A main entrance to the whole “software”.
Stuff is built and starts to just work in five minutes. This saves time and
effort.</p>
<p><img src="/img/2017-04-29-single-command-principle/ales-krivec-2859_10p.jpg" alt="alt_text_0" title="Image_text_0" /></p>
<p>This command should either run your software with safe defaults, most common
configuration or something that shows that the run is successful.</p>
<p>It should bootstrap whatever is necessary on the client’s computer too.
This is the experience you should strive for.</p>
<p>I call it a follow the “Single Command Principle” rule in your software
deployment methodology.
It’s important, because people easily give up while trying to bootstrap
solutions that work. I wrote about this
<a href="https://www.koszek.com/blog/2015/08/26/how-do-you-evaluate-new-technologies/">earlier</a>.</p>
<h2 id="background">Background</h2>
<p>In <a href="https://www.koszek.com/blog/2016/04/11/dont-document-automate/">“Don’t document. Automate”</a>
we talked about the importance of
automating steps for your workflow. Here we want to push it further: make the
most common flow available with a <em>single command</em>. <strong>Impossible?</strong></p>
<p>It’s hard. I admit. If writing a tutorial or a good <code>README</code> is one on the
scale of difficulty, then writing a fully automated solution is 3x the
effort.</p>
<p>But it’s worth it. I’ll quite likely pick a solution that just works over
the one that is better, since most of the time it doesn’t really matter
(it’d have to be 3x better, faster, more secure etc.., and “competition”
rarely is <em>that</em> different)</p>
<h2 id="how-i-read-documentation">How I read documentation</h2>
<p>When you’re building software, you’re mostly hearing in your head voices of people
whom you’ve worked with and who made an impression on you. You also hear my own
inner voice. During figuring out how to build and deploy a bigger chunk of
software you’re not familiar with, it’s typically:</p>
<p>“Just give me the darn command to run.”</p>
<p>“I don’t want your documentation or explanations. I don’t want your manual pages.
Just let me run the damn thing.”</p>
<p>“Maybe it’ll work, and if it does, I’ll just tweak it a little or not at
all, if it works”</p>
<p>“Please, don’t make me select and paste these random commands I have little idea
about. Just give me a recipe to try this damn thing out”</p>
<p>As you see we’re big fans of Plug an Pray model, or OSX DMG model. Stuff
just works, you can try it without installing. If you like it, installing it
is easy.</p>
<p><em>Try to follow this principle</em></p>
<h1 id="safe-defaults">Safe defaults</h1>
<p>When you build software, we see all the problems and parameters. Stupid
example: when you build a real estate program, you can guess the most common
case of usage. Like: how many
buildings will be in a database, and how many appartments will be referenced
through the index and all other possible implications.</p>
<p>If you write an end product, it’s easier. It’s harder if you build
infrastructure, and it can handle anything from 1 to 1B of items. But these
cases aren’t that common.</p>
<p>Just pick the most common configuration, call it “default” and make sure it works out
of the box.</p>
<p><strong>Make common case fast</strong></p>
<h2 id="deployment">Deployment</h2>
<p>Use virtualization and separation for deploying with 1 command. It’s the
easiest and best way to deliver any piece of software. Vagrant or Docker for
desktop/development software and tools. There isn’t anything easier that
<code>git clone ...</code> and a single <code>vagrant up</code> executed in a directory.</p>
<p>Second choice would be native package managers. For
example, if I run Ubuntu, doing <code>apt-get</code> with your package name is the
easiest for me. If you’ve packaged your software correctly, not only it’ll
get installed, but also wrappers like <code>systemd</code> startups scripts. This is
very convenient and I like it, since it fits into my system model nicely.</p>
<p>Other examples are <code>Homebrew</code>, <code>RubyGems</code>, <code>Python pip</code>, Node’s npm etc.</p>
<p>Otherwise I need to write these boring pieces, which I don’t like.</p>
<h2 id="continuous-integration">Continuous integration</h2>
<p>Whatever you do, wire it in the continuous integration system.
If it’s Travis, I’d expect it to maybe have 3 commands at most.
Anything more means your customer will be typing or copy and pasting a lot
of stuff, which is always bad. Make it very short.</p>
<h2 id="summary">Summary</h2>
<p>Make it work out of the box, preferably with one command. Document the
tuning system, not installation system. The less tunables and mandatory
changes or adjustments, the better.</p>
<p>Take one of your projects and see how much it’d take to accomplish “Single
Command Principle” there. Let me know how it went.</p>
SSH VPN on OSX with SSHuttle in 3 minuteshttp://www.koszek.com/blog/2017/04/09/ssh-vpn-with-sshuttle-in-3-minutes/2017-04-08T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>You will learn how to setup SSH VPN with
<a href="https://github.com/apenwarr/sshuttle">sshuttle</a> <strong>quickly</strong> here.
SSH VPN people say is “poor man’s” <a href="https://en.wikipedia.org/wiki/Virtual_private_network">VPN</a>, but I view it
as a great tool, since you can’t always spin OpenVPN easily. If you have the SSH
keys installed on the server, there’s no need for any other configuration.
No certificates, no drama. I’m using OSX for the purposes of this article.</p>
<p><img src="/img/2017-04-09-ssh-vpn-with-sshuttle-in-3-minutes/rishabh-varshney-138805_5p.jpg" alt="alt_text_4" title="Image_text_4" />
<br />
<small><small><small>
<em>(Photo by <a href="https://unsplash.com/@rishabh">Rishabh Varshney</a> via <a href="https://www.unsplash.com">Unsplash</a>)</em>
</small></small></small></p>
<p>SSHuttle helped me tunnel over SSH the traffic to a XenServer instance which
I share with a friend of mine. For some reason, Open Source parts of the
Xen(Server) ecosystem don’t concentrate on encryption. I tried fog and
added the SSL encryption there,
<a href="https://github.com/fog/fog-xenserver/pull/68">https://github.com/fog/fog-xenserver/pull/68</a>
and <a href="https://github.com/jonludlam/vagrant-xenserver">Vagrant XenServer</a> seems to support SSL, but when I tried packer, once
again, it didn’t seem to have SSL support. So I gave up on patching it, and
just used VPN.</p>
<h2 id="quick-start">Quick start</h2>
<p>Install SSHuttle with <a href="https://brew.sh/">Homebrew</a>:</p>
<div class="highlight"><pre class="highlight shell"><code>brew <span class="nb">install </span>sshuttle
</code></pre></div>
<p>For some reason the <code>pip</code> version, which SSHuttle advertises on its website
didn’t work for me.</p>
<p>Run it like this:</p>
<div class="highlight"><pre class="highlight shell"><code>sshuttle <span class="nt">-r</span> user@server 0/0
<span class="o">[</span><span class="nb">local sudo</span><span class="o">]</span> Password:
</code></pre></div>
<p>You’re asked for the local <code>sudo</code> password since <code>pf</code> also known as “Packet
Filter” is a privileged thing: only root can modify it.</p>
<p>Upon the successful connection you should see:</p>
<div class="highlight"><pre class="highlight shell"><code>client: Connected.
</code></pre></div>
<h2 id="how-to-validate-vpn-connectivity">How to validate VPN connectivity?</h2>
<p>Go to any “what’s my IP” service (or type “what’s my IP” in Google).
It should be your server’s IP.</p>
<div class="highlight"><pre class="highlight shell"><code><span class="nv">$ </span>curl <span class="nt">-s</span> <span class="nt">-o</span> - https://jsonip.com | jq <span class="s2">"."</span>
<span class="o">{</span>
<span class="s2">"ip"</span>: <span class="s2">"88.129.122.7"</span>,
<span class="s2">"about"</span>: <span class="s2">"/about"</span>,
<span class="s2">"Pro!"</span>: <span class="s2">"http://getjsonip.com"</span>
<span class="o">}</span>
</code></pre></div>
<h2 id="how-it-works">How it works</h2>
<p>The SSHuttle doesn’t really explain how it works. So I’ve dug into it. On
OSX it uses a <code>pf</code> filter in a way where all your traffic from the network
you specify in the command line is being channeled through SSH’s port to the
remote machine.</p>
<h2 id="summary">Summary</h2>
<p>Let me know if it helped you, and maybe which VPN service/solution you use
right now.</p>
How software engineer should invest in career growthhttp://www.koszek.com/blog/2017/03/31/how-software-engineer-should-invest-in-career-growth/2017-03-30T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>This post is for people who look for ways to spend money on personal growth,
as a software engineer.
Previously I covered <a href="https://www.koszek.com/blog/2017/02/06/how-much-software-engineer-should-invest-in-career-growth/">how much one should spend to growth</a>.
Here let’s talk about the best resources you can invest in.</p>
<p>You should seek for ways of saving your money and after-tax earnings.<br />
Before you apply any of the suggestions, remember to ask your school or
employer about them.
They have a way to bring resources to you, because funds for training and
growth are specially allocated in big institutions. Let’s start from the
cheapest to the most expensive.</p>
<p><img src="/img/2017-03-31-how-software-engineer-should-invest-in-career-growth/oscar-nilsson-1860_25p.jpg" alt="alt_text_2" title="Image_text_2" /></p>
<h2 id="books">Books</h2>
<p><strong>Price:</strong> <code>$1</code>–<code>$100</code></p>
<p><strong>Risk:</strong> <code>low</code></p>
<p><strong>Benefit:</strong> <code>high</code></p>
<p>Books are pretty cheap, assuming you understand what you’re
getting for the price. Lets take the $40 book, for example.
If you live in the US, you have the natural perspective on what’s worth $40;
of what this money can give you. Forty dollars is several coffees and couple
of beagles. Maybe one visit to the cinema with your second half.
Or maybe three lunches, if you eat out.</p>
<p>Yes, I do know forty dollars is a lot of money in most parts of the world.
I’m from Poland originally, and the currency ratio makes $40 be
approximately four times as much.
But by buying books you buy yourself a leverage against all the people who
you meet, interviews you take and all the business opportunities.</p>
<p>Let me give you an example here. I remember paying $70 for a fourth edition
of the <a href="http://amzn.to/2nTRxik">Computer Organization and
Design</a>. It was around 320PLN (Polish Zloty), amount
equal to my monthly stipend from my school’s dean. When I told my friends I got a book for 320PLN,
they couldn’t believe it.
They didn’t know you can buy a book for this much.
“Why don’t you just torrent it?”, “Why don’t you
just print it?”</p>
<p>This book let me ace an interview for a <a href="https://www.xilinx.com">Xilinx</a> internship couple of years
later. I’m highly confident I wouldn’t have had enough computer
architecture/Verilog/C fu to pass it without studying from this book.</p>
<p>My intern’s salary made the return on investment
for this book alone be somewhere between 100x and 500x.</p>
<p>Taken into perspective, is $40–$70 book still expensive?</p>
<p>If you want to learn how to make good book picks, you can take a look at my
<a href="https://www.koszek.com/blog/2017/01/17/reading-for-software-engineers/">Reading 101 for software engineers</a>
<a href="https://www.koszek.com/blog/2017/02/06/how-much-software-engineer-should-invest-in-career-growth/">Previously</a>
I talked about looking at your learning as a business, and
it’s inevitable to make mistakes on your R&D budget.</p>
<h2 id="library-membership">Library membership</h2>
<p><strong>Price:</strong> <code>$0</code>–<code>$500</code></p>
<p><strong>Risk:</strong> <code>low</code></p>
<p><strong>Benefit:</strong> <code>high</code></p>
<p>Libraries are great. I still can’t believe libraries exist and are free.
You should use the library to read, study and proof-read books and do work.</p>
<p>In the US libraries come with several perks. One of them is <a href="https://www.safaribooksonline.com">Safari Books Online</a>
available at no cost. Others are programs for
audio-books like <a href="https://www.onedigital.com">OneDigital</a> and <a href="https://www.overdrive.com">OverDrive</a>. You can “borrow” an
audio-book for two weeks, listen to it, and then “return” it. It simply
disappears from your device after these two weeks. Cost is similar: zero.</p>
<p>Libraries are probably the cheapest co-working spaces out there.
When you’re sick of being at home and need more focus, go to
the library. Everybody is studying and working there. So will you.</p>
<p>Many books aren’t great and library helps with those. No need to buy them, if
you only like one chapter. Three week lease term is fine because it brings
focus and motivation (“I need to finish this book first to be able to get the
next one”)</p>
<p>University libraries prioritize students. For an unaffiliated person it’s $80 for 3
months or $200 for a year to be able to just enter the library, sit and read. It
can be as much as $500 for a year to be able to borrow books.</p>
<p>Kindle isn’t great for technical stuff, but you can also borrow Kindle books.
Graphics and diagrams looks bad on Kindle.
No more comment here: I have yet to see a decent computer title to look
decent on a Kindle.</p>
<h2 id="magazines-journals">Magazines, journals</h2>
<p><strong>Price:</strong> <code>$10</code>–<code>$40</code></p>
<p><strong>Risk:</strong> <code>low</code></p>
<p><strong>Benefit:</strong> <code>medium</code></p>
<p>Magazines and journals have a function of keeping you in touch with science
and the industry. It’s less of a solid block of knowledge, and more about
juicy pieces you may have not heard about yet, but should.</p>
<p>There are good “popular” tech magazines nowadays, I’m sure, but I just don’t
know any. I saw several issues of <a href="http://www.codemag.com/Magazine">Code</a>
and it was decent. I may subscribe to it.</p>
<p>Around twelve years ago I used to spend quite a bit on <a href="http://sdjournal.pl">“Software
2.0”</a> magazine (now: Software Developer’s Journal) and
<a href="http://www.linux-magazine.pl">Linux Plus</a> (now: Linux Magazine). They cost
30PLN in Poland (around $10). They were “extremely expensive newspapers” as
my parents referred to them. One special edition of SDJ titled “BSD systems”
introduced me to FreeBSD, which changed my life. I still have this edition
of a magazine. One day, I’ll frame it.
So yes, magazines can have an impact on your career. Don’t feel bad if you buy them.</p>
<p>If you have scientific interests, there are plenty of good journals.
Just visit <a href="http://www.acm.org">ACM</a> and <a href="https://www.ieee.org">IEEE</a>.
You’ll have to become a member to get them, and I think it might be worth it, if that’s
your thing.</p>
<p>ACM is $99/year, which isn’t bad. I’m an ACM member. I like their <a href="http://queue.acm.org">ACM
Queue</a>. It sums up to $8.25/month for a printed version of the
magazine, which isn’t bad. You get free Safari Books Online access, and
some additional perks. In fact I joined an ACM because of the conference
discounts they offer to members.</p>
<p>IEEE has <a href="https://www.computer.org/web/computingedge">Computing Edge</a> magazine, but I never fell in love with it.
IEEE is also expensive: $200/year.
Future of my IEEE is unclear, since the benefits are actually duplicated
with ACM. Being a member of both doesn’t give you much.
Let me know what’s your IEEE membership reasoning.</p>
<p><a href="https://www.usenix.org">USENIX</a> looks great. I’m thinking of becoming a member of USENIX.
UNIX systems and software systems are my major interests though.
If that’s not your cup of tea, maybe evaluate this before.
Their <a href="https://www.usenix.org/publications/login">USENIX ;login</a> magazine looks great.
I’d subscribe just to get it in a printed version.</p>
<h2 id="online-classes">Online classes</h2>
<p><strong>Price:</strong> <code>$1</code>–<code>$200</code></p>
<p><strong>Risk:</strong> <code>medium</code></p>
<p><strong>Benefit:</strong> <code>high</code></p>
<p>Online learning is really appealing. Having an expert in the field introduce
you to difficult topics is very convenient. What I like is an ability to
stop, rewind, watch the same difficult piece several times. To me it’s very
valuable and the real live lecture doesn’t offer that. What online class
doesn’t provide is the ability to interact with other students and having a
discussion, but I believe online learning is getting there.</p>
<p>Online classes are probably the second cheapest after books to benefit
from. They cost anything from $0.99 (for 3-month <a href="https://www.skillshare.com">Skillshare</a> account)
through $29/month for <a href="https://www.codeschool.com">Code School</a> and <a href="https://teamtreehouse.com">Treehouse</a> up to $200/month for
<a href="https://www.udacity.com">Udacity</a>.
Authors and companies try to compete to make their name in the
education industry. That’s how you get a great content for little money.</p>
<p>To people who wonder why it’s worth to buy a training instead of watching
YouTube videos I need to answer: “you get what you pay for”.
At least that’s my experience, and while I think there are some great
resources (<a href="http://web.stanford.edu/class/cs193p/cgi-bin/drupal/">iOS class from Stanford</a>), you shouldn’t
feel bad about spending on online education. It pays of.</p>
<h2 id="boot-camps">Boot camps</h2>
<p><strong>Price:</strong> <code>$2000</code>–<code>$20000</code></p>
<p><strong>Risk:</strong> <code>medium</code></p>
<p><strong>Benefit:</strong> <code>medium</code></p>
<p>I never participated in a boot camp.
The idea you can start from zero, go to a twelve week boot-camp and get some
knowledge to get you jump started sounds fine.
The idea of getting a job afterwards sounds a little bit unrealistic.
You should study first, so that you’re not a total newbie by the time you
go to the boot-camp.
Then do it. Afterwards try to do as many projects on your own as
possible.</p>
<h2 id="meetups">Meetups</h2>
<p><strong>Price:</strong> <code>$0</code>–<code>$80</code></p>
<p><strong>Risk:</strong> <code>low</code></p>
<p><strong>Benefit:</strong> <code>low</code></p>
<p><a href="https://www.meetup.com">Meetup</a> is where interest groups are organized. <strong>Example:</strong> People who program in C++
will have a monthly or bi-weekly meeting scheduled. You can come, interact
with people, talk C++ and learn.</p>
<p>My first contact with Meetup was a <a href="http://www.forth.org/svfig/">Silicon Valley Forth Interest Group</a>. It was great.
Organized every month at Stanford, was very well prepared, with speakers
every time, group discussion. Everybody was a Forth expert with many years
of experience. I loved it.</p>
<p>Most meetings aren’t well organized. People come to eat and drink for free.
Sometimes organizers are bigger companies, and they flash perks in front of
you, because they want you work for them. Then they sit. Speaker, who is
there just to be able to list his/her presence on the meet-up flashes slides
quickly. And then there’s the end. Little interaction, little discussion.
This is a mistake in my opinion, and you should refrain from those. It’s a
waste of your time. Go to the library and read a book for two hours. You’ll
benefit more.</p>
<p>There’s a little quirk here: pick a Meetup with $10–$20 fee, and it’ll be
fine. Or better: $60. Those are mostly financial/entrepreneurial meet-ups.
Only people who really care go to those. It’s a great crowd. I went to maybe
three of those Meetups, but investment was worth it. Advice I’ve gotten
there I still remember till this day.</p>
<h1 id="conferences">Conferences</h1>
<p><strong>Price:</strong> <code>$0</code>–<code>$5000</code></p>
<p><strong>Risk:</strong> <code>medium</code></p>
<p><strong>Benefit:</strong> <code>medium</code></p>
<p>Conferences are good, if you know what you get out of them.
To me, it’s more about networking with people; talking to others from the
same field and learning what they use to solve problems which you have as well.
It’s less of a solid knowledge transfer. Think of a conference as a source
of hints.</p>
<p>Scientific conferences are where the real fun is. You have academics
competing with each other for attention from professors and PhDs. Everything
is peer reviewed, and after the presentations you’re the judge. Audience
and reviewers will often vote for the best paper and presentation. This makes scientific
conferences to be great. You go there and see that people actually <em>work</em>
and <em>learn</em>. Unfortunately these aren’t common, and you have to be a part of
the circle: do a PhD, be a student or a professor. Focus is narrow, so you
may end up not understanding anything otherwise.</p>
<p>Technical conferences are good if you want to understand what the top
of your field is doing, and what direction you should take for your career.
You meet with other people who paid their own money for the conference
(typically several hundred dollars), paid for the flight and a hotel. It’s
good in the sense it’s, in theory, all people who do the same. You can
brainstorm.</p>
<p>Picking a good conference is hard. You’ll have to burn some patience and
study reviews before you go to any. Unless you want to waste your time.</p>
<p>It gets worse for commercial conferences. People will try to recruit you. To
sell you something. To get your e-mail and subscribe you to their mailing
list. Once you get your badge scanned, and your e-mail stolen, you’ll be
unable to unsubscribe from all the lists you’ll become a part of. If you
reveal your mailing address, they’ll be sending you offers and invited for
expensive classes.</p>
<p>On those, you get employees of the companies are participants.
They didn’t pay anything–they were sent there, sometimes against their
will, by their companies.
Or they volunteered to have a day free of work.
They’re there to have fun, not to learn.
You will talk to some people from the industry.
You’ll get some LinkedIn contacts.
But that’s it.
It’s a waste of time.</p>
<h2 id="college-classes">College classes</h2>
<p><strong>Price:</strong> <code>$300</code>–<code>$100,000</code></p>
<p><strong>Risk:</strong> <code>high</code></p>
<p><strong>Benefit:</strong> <code>high</code></p>
<p>College is good if you like structured study program.
If you’re a student already, and can afford it, don’t resign from college.
Pick good, difficult classes about topics which are hard to learn.
Examples: operating systems, networking, compilers.
Do complex projects whenever possible.</p>
<p>Some countries make colleges accessible and free.
In Poland you could drop in to the class, sit and listen.
No need to be a registered student.
If there are enough sits, you wouldn’t get kicked out.
Some, like the US, have colleges that are very expensive.
I don’t know if you can drop-in for a class here.</p>
<p>One unit of class in the US can be $1300 dollars, so three-unit class is around $4k.
Being able to say you’ve graduated from a Stanford or Berkeley class has
some charm. This is one of the things which are hard to quantify.
It’s possible that your future employer will scan your resume, Stanford name
will stand out, so you’ll get the call.</p>
<p>Practically, it’s hard to say if this happens. For sure you can get the same
amount of knowledge cheaper. It’s likely it’ll take longer to assimilate the
knowledge, but you’ll get there.</p>
<h2 id="summary">Summary</h2>
<p>My attempt was to help you understand where the biggest benefit is.
With books and online classes, you’ll get the biggest bang for the buck.
In terms of the rest of the ways to learn, it all depends on your
conditions.
Let me know if I missed anything. I’d like to pick up some of your ideas for
learning.</p>
Are you a good Open Source contributor?http://www.koszek.com/blog/2017/03/28/are-you-a-good-open-source-contributor/2017-03-27T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>Most likely you aren’t a good
<a href="https://en.wikipedia.org/wiki/Open-source_software">Open Source</a>
contributor. Most people aren’t.
Let’s look at it a bit closer.
Below you’ll find a scale which will give you the sense of how the
community of Open Source is structured. Where do you fall in it?</p>
<p><img src="/img/2017-03-28-are-you-a-good-open-source-contributor/volkan-olmez-101863_15p.jpg" alt="alt_text_7" title="Image_text_7" /></p>
<p>By community you can understand several things, but to simplify things:
think of <a href="https://www.github.com">GitHub</a>.
Don’t worry too much GitHub is an actual company.
In your head <a href="https://git-scm.com">Git</a> and GitHub are synonyms of the Open Source already,
because they have
the biggest number of software repositories, the biggest number of users, and
they provide everything that a modern software project needs.
Their community is the most vibrant, and they host the most important OSS projects.</p>
<p>Let’s refer to your advancement in the Open Source as levels.
Let’s discuss good and bad sides of each level,
and let’s talk about steps which will lead you from one to another.</p>
<h2 id="you-are-an-unaware-user-of-open-source-level-0">You are an unaware user of Open Source (level 0)</h2>
<p>You don’t know you’re using Open
Source. You start Open Source programs like
<a href="https://www.mozilla.org/en-US/firefox">Firefox</a>,
and often go to
<a href="https://www.wikipedia.org">Wikipedia</a>,
but have not a slightest idea what that is, how and who makes it.</p>
<p>Is it terrible?</p>
<p>People can’t ask you for help.
You aren’t bothered.
Good thing, right?
Not really – developers can’t make your own tool better.
It’s like sabotaging your own house you’ll live in for twenty years.</p>
<p>If someone asks you for money to support their project, you can go away; user loyalty is low for unaware users.
We are all greedy, so you and I like free stuff.
We don’t just throw money out for donations
We need to be <strong>forced</strong> to
donate. You and I sometimes forget that running an Open Source project may
incur fees. Hosting, domains, bandwidth, CPU cycles all cost money. We’re
just blind. We don’t want to see that cost.</p>
<p>If you’re reading this post and you’re at 0th level, you’ve just earned
yourself a pass to level 1. You may read Wikipedia pages about Open Source,
<a href="https://www.freebsd.org">FreeBSD</a>, <a href="https://www.gnu.org">GNU</a> and
<a href="https://www.kernel.org">Linux</a> and get to know them more.</p>
<h2 id="you-become-an-aware-user-level-1">You become an aware user (level 1)</h2>
<p>You’ve reached a status of an aware user of Open Source Software. Congratulations!
Think of it as picking the right pill when you’re being offered one by a guy
in dark glasses.</p>
<p><img src="/img/2017-03-28-are-you-a-good-open-source-contributor/513910667_1280x720_50p.jpg" alt="alt_text_3" title="Image_text_3" /></p>
<p>You know that Open Source is there. You know which software came
from it. You like it and you use it. You’ve never contributed, never
submitted a bug report, never participated in a discussion, never argued,
and never had to convince anybody about anything when it comes to software.
That’s fine on this stage.</p>
<p>Perhaps you know how to program, but you’ve never “starred” a GitHub project,
never <strong>liked</strong> any users/developers, never followed or thanked them?</p>
<p>No e-mail with “thanks” has been sent from your account. At least none that
you know of.</p>
<p>This is a good start for planting in your head that Open Source is made by
humans for humans, and that at some people want to get compensated.
Somehow. Compensation isn’t only about money. I know very small number of people
who started doing Open Source for money. Consulting or just working
full-time job are far better ways to achieve that.</p>
<p>People whom I’ve talked to work on Open Source because:</p>
<ul>
<li>it’s interesting</li>
<li>it’s technically challenging</li>
<li>it lets them work remotely</li>
<li>you get to work with experts</li>
<li>you build your online ego</li>
<li>build portfolio</li>
<li>learn new technology</li>
</ul>
<p>But I feel humans are selfish in nature, and they write and publish software
because they feel good about it. They didn’t make it to Hollywood, but they
want to be stars. So they go and hack the code. The better it is, the more
famous they feel they’ll become.</p>
<p>You’re not there yet, but might get there one day.</p>
<p>To get you out of this state you must take an active step. Yes. Right now, as you
read this article.</p>
<p>Nothing prevents you from showing appreciation for stuff you like
and use. Do you use <a href="https://www.ruby-lang.org">Ruby</a>? <a href="https://golang.org">Go</a>
and press “star” on GitHub. You like <a href="http://rubyonrails.org">Rails</a>? Go
and do the same. You’d really like stars on GitHub, if you owned a project
there.</p>
<p>After discussion with a friend of mine I know that for the Apple
Store around ten percent of people bother to leave the review.
He did a really successful app; it was in top-20 best selling apps in the US
at some point for a short time. <a href="https://www.quora.com/What-percentage-of-iPhone-app-users-leave-reviews-in-the-App-Store">Other people report much worse numbers</a></p>
<p>Review means more work than clicking a button, but I’d be surprised to see that this
number would be bigger than 10–15%. Getting a star next to your project is nice, since I
like to imagine that for every <code>N</code> stars I had potentially <code>10N</code> users who
inspected and evaluated the repository and maybe used the code.</p>
<p>Step to next level? Increase your engagement. Algorithm is
pretty simple: for each visited repository, if you like it, press the “star”
on GitHub. If you don’t like something, e-mail the author. If you do it
three times, you can read on.</p>
<h2 id="you-became-an-engaged-user-level-2">You became an engaged user (level 2)</h2>
<p>Engaged user is a great OSS user, and you just became one. You’re watching,
communicating with authors and trying to help out. Maybe you’ve replied
“Yes, this bug impacts me too” when someone reported the issue on GitHub.</p>
<p>This is where the sense of community starts. It’s a really good and strange
feeling at the same time, because there’s this body of knowledge that you
can contribute too, and if enough people see value in what you do, they’ll
help you.</p>
<p>Engaged users are great, since you can throw them an e-mail and
ask the question.
Or maybe even ask them to test something.
Engaged user understands that, in most part, making good software is a
shitty job, since testing and debugging are, let’s be honest, awful.
Engaged users take some of this away.</p>
<p>There’s nothing terrible about engaged user. You can stay on this level if
you want. However you can do better than that: become an active user. Step
between engagement and being active is pretty small: if you don’t like the
documentation, report an issue. Maybe try to change something.
<a href="https://www.koszek.com/blog/2016/04/11/dont-document-automate/">Automate the flow</a>.
Spotted a
typo? This is a great way to start and get familiar.</p>
<p>Ticket to the next level: figure out what bothered you in your favorite
Open Source project. If it’s a bug, fix it. If you don’t know how, try to
ask how this could be fixed. Try to reach out to developers and ask if they
need help. Let them know how advanced you are, and most often you’ll get
tasks adjusted to your skill level. To progress to the next level, try to do
this at least three times.</p>
<h1 id="youre-an-open-source-contributor-level-3">You’re an Open Source contributor (level 3)</h1>
<p>Welcome, Welcome.</p>
<p>You’ve made first steps to become not only engaged user, but engaged
contributor. Well done. But what does it mean?</p>
<p>That you reported an issue? You complained about documentation? Or maybe
some missing feature? No. It means that instead of complaining, you’ve
taken a control over the situation and decided to step up, roll up your
sleeves and do some real dirty work.</p>
<p>Typically you’ll get here through finding a problem. There will be a audio or
graphics or Internet program of some sort, and you’ll use it every day. And
every day you’ll hit some annoying issue, where you have to restart some
chunk of work, because the program had crashed. Or something similar. Annoying
pain that pisses you of. You get the point.</p>
<p>Afterwards you’ll start to think that instead of dealing with this nonsense,
you can actually save time and effort and fix the problem once and for all.
You’ll get the program source, build it by yourself, and then start looking
inside, under the hood in hope you can fix it. Often it requires learning
new technology, <a href="https://www.koszek.com/blog/2017/02/13/learn-programming-self-study-guide/">new programming language</a>, new domain-specific knowledge.</p>
<p>Failure after failure you will start to understand just about enough to
shoot an e-mail to the author:
klayout: post</p>
<blockquote>
<p>Listen, I’m using your program X. It worked fine two months now and I
upgraded my computer, and I think you expect me to have the directory
“Projects” on my desktop. I don’t have that now, and the program crashes..</p>
</blockquote>
<p>This is good stuff. Once you become more advanced you’ll start making your
fixes. You’ll go, clone the code, make a branch, make fixes, and commit the
code. You’ll then <a href="https://www.koszek.com/blog/2017/02/18/making-pull-requests-that-merge/">make the pull request</a> to the original author. Explain why
you made changes, and then maybe argue a little. Maybe a bit of back and
forth. But in general: you’ll get your code merged in for the benefit of
future generations.</p>
<p>This is good level to be at. You’ll start to feel good here, since
getting comfortable with the code is a good experience, since it gives
you the control. You’ll be contacting unknown people around
the world, collaborating with them and fixing their code.</p>
<p>Contributions sometimes are hit and miss. Not always will your changes be
merged. That’s fine. Each time this happens, you will feel good.
You will get a spike of endorfins after your accomplishment.</p>
<p>Well done. I think once you’re here, it’ll be inevitable to progress to the
next stage: contributing your own inventions and programs.</p>
<h1 id="youre-an-open-source-author-level-4">You’re an Open Source author (level 4)</h1>
<p>Open Source authors are like contributors, but they put out their own tools.
The tools you can publish are basically anything that you’ve made.
Feel free to be inventive and creative.</p>
<p>Shell script? Automation framework? Piece of Python, Ruby, AppleScript?
Anything works.</p>
<p>To be a valued Open Source author you can’t however push a total crap in the
world. Code that doesn’t work, doesn’t compile, doesn’t explain itself is a
terrible addition to the community. It also isn’t very valuable if you don’t
explain through the documentation what your code does and how to use it.</p>
<p>Strive for good enough code quality. Not perfect, because I think perfection
is an enemy of the invention. Try to make it good enough. Something that
maybe wouldn’t give you A+, but maybe around B+.</p>
<p>This is critical, because getting to A+ is hard for the first time, and is
likely to lead to not publishing code at all. This is good, if the result would
be a total crap that doesn’t build and just pollutes the GitHub. But in principle it’s
bad, since who knows – perhaps you’ve solved a problem many other users
struggled had with?</p>
<p>As an author you’re almost like a chief of command. Once your code is
baked, you must serve it. You should try to make some noise about it.
Otherwise nobody will know that you’ve built something. Use LinkedIn,
Twitter, Facebook, GitHub, mailing lists, IRC. Let interested parties know
you’ve built something and invite them as testers.</p>
<p>And if it gets at least one GitHub “star”, well done. You’ve unlocked yourself
gates to the very next, and last, level.</p>
<h1 id="youre-an-open-source-maintainer-level-5">You’re an Open Source maintainer (level 5)</h1>
<p>Open Source maintainer.
Unlike other levels, here I
don’t know if I should congratulate you, or feel sorry for you.
This is the most prestigious role which you’re punished with.</p>
<p>You’ll get bug requests from angry users. Users, who don’t pay you anything,
but have requirements. You’ll handle broken builds. Builds, which worked
fine in the past, but don’t anymore, because software has been updated, and
old axioms no longer hold true.</p>
<p>On purpose I mention the maintainers last, since this stage takes forever.
<a href="https://www.koszek.com/blog/2017/02/28/whats-the-most-expensive-stage-of-software-engineering/">I already covered it in the past</a>, but I’ll rephrase: maintenance is
expensive, and people doing it for free must get recognition.</p>
<p>Maintenance requires a lot of effort. If you wrote all the code, that’s
easier. Bigger collaborative projects are worse. You’re read the code written many years
ago by other people. This is hard, most of the time. No documentation,
nobody to ask. You’re basically exposing yourself to go through the pain
which the original authors endured. This knowledge isn’t captured anywhere
most of the time (sometimes it is: in the unit tests, but that’s very rare
to have a good unit tests.)</p>
<p>There’s set of activities that are really boring, but necessary that the
maintainer does: reply to e-mails, reply to issues and bug reports, review
code, make sure no regressions are introduced. The last one is especially
hard, since you don’t know who downloaded the code and is using it
somewhere. This is really bad about the Open Source: usage metrics are hard
to get. You also can’t break that code.</p>
<p>In general however I find the maintainer job to have some charm, at the end
of a day. Why? Because this is where I believe you shine as a software
engineer. Taking care of the whole stack of issues and finding ways to
manage them: this to me is the level of performance you should strive for.</p>
<p>This is also where proper methods excell. If you get emails and bug-reports,
you’ll find that unit test suite actually really helps. And it’s nice to
codifying your knowledge as tests. Got a bug report? Can reproduce it? Great.
As a part of fixing it, put the unit test reproducing the problem first.
Then fix the problem and make the test pass.</p>
<p>Overall I think maintainers don’t get enough credit. Send kudos, e-mails,
cheers, tweets and other forms of appreciation to maintainers of your
favoring projects.</p>
<h2 id="summary">Summary</h2>
<p>Where are you on this scale? I bet somewhere around 0–2.
People around level 3-4 are seeking ways of improvement, so they <em>might</em>
somehow find this article in Google and maybe bleed through it one line at a
time.
I doubt anybody at the 5th level listened to what I had to say here.
If you did, shoot me an e-mail.
My hope is that you’ve found it helpful and maybe got a little bit of
distress.
A bit of motivation, and that you’ll enter the Open Source ladder
and start climbing up. Good luck and e-mail me about how it’s going.</p>
Movies every software engineer should watchhttp://www.koszek.com/blog/2017/03/13/movies-every-software-engineer-should-watch/2017-03-12T17:00:00-07:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>This is a live list of movies I enjoyed. They assist
me till now. I often think of scenes from some of these titles.
They spark my imagination, and bring some smile.</p>
<h2 id="triumph-of-the-nerds">Triumph of the Nerds</h2>
<p><a href="https://www.amazon.com/Riding-the-Bear/dp/B01N6AJPQA/ref=as_li_ss_il?s=instant-video&ie=UTF8&qid=1489978286&sr=1-1&keywords=The+Triumph+of+the+Nerds&linkCode=li2&tag=wkoszek08-20&linkId=270c3ffee65cb42a91b011b40dfffc08" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B01N6AJPQA&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B01N6AJPQA" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Very interesting documentary on Silicon Valley history.</p>
<h2 id="something-ventured">Something Ventured</h2>
<p><a href="https://www.amazon.com/Something-Ventured-Nolan-Bushnell/dp/B00WJT5ZBE/ref=as_li_ss_il?s=instant-video&ie=UTF8&qid=1489976556&sr=1-1&keywords=something+ventured&linkCode=li2&tag=wkoszek08-20&linkId=7bb336ee8d1789529454a5a10de5111a" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B00WJT5ZBE&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B00WJT5ZBE" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Silicon Valley is made out of a mix of investors and engineers, and this
movie shows this real tight collaboration between the two. It has some
computer legends, and I can’t speak highly enough about it.</p>
<h2 id="pirates-of-silicon-valley">Pirates of Silicon Valley</h2>
<p><a href="https://www.amazon.com/Pirates-Silicon-Valley-Noah-Wyle/dp/B0009NSCS0/ref=as_li_ss_il?_encoding=UTF8&psc=1&refRID=8GCMZ6H1MD34RED8V71P&linkCode=li2&tag=wkoszek08-20&linkId=f4f98ec46c1d330c62d81761b09945eb" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B0009NSCS0&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B0009NSCS0" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Steve Jobs #1.</p>
<h2 id="jobs">Jobs</h2>
<p><a href="https://www.amazon.com/JOBS-Blu-ray-DVD-Digital-UltraViolet/dp/B00BEIYLAW/ref=as_li_ss_il?_encoding=UTF8&pd_rd_i=B00BEIYLAW&pd_rd_r=BSVNM28G5HGA2AFCS5WV&pd_rd_w=heczN&pd_rd_wg=KouOy&psc=1&refRID=BSVNM28G5HGA2AFCS5WV&linkCode=li2&tag=wkoszek08-20&linkId=540760151fe82c3b810ffd3f35bf1c91" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B00BEIYLAW&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B00BEIYLAW" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Steve Jobs #2.</p>
<h2 id="hackers">Hackers</h2>
<p><a href="https://www.amazon.com/Hackers-Jonny-Lee-Miller/dp/6305047456/ref=as_li_ss_il?ie=UTF8&linkCode=li2&tag=wkoszek08-20&linkId=72f64c2f914a0d940b5110f2136e3251" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=6305047456&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=6305047456" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Classic. With Angelina Jolie. Need I say more? My journey with computers
started from security, and this movie is what I believed hacking is like.
Watch at least once.</p>
<h2 id="terminator-2">Terminator 2</h2>
<p><a href="https://www.amazon.com/Terminator-2-Judgment-Arnold-Schwarzenegger/dp/B000JNN0SM/ref=as_li_ss_il?s=movies-tv&ie=UTF8&qid=1489976382&sr=1-1&keywords=terminator+2&linkCode=li2&tag=wkoszek08-20&linkId=f954637e6cd44dc4e389bbc4d8afe329" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B000JNN0SM&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B000JNN0SM" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>When I think science-fiction, I think Arnold Schwarzenegger as a humanoid robot. I
think of a picture of a cyborg crushing a skull. I think about 6502 assembly
language snippets printed out on the inside of my glasses.</p>
<h2 id="the-social-network">The Social Network</h2>
<p><a href="https://www.amazon.com/Social-Network-Two-Disc-Collectors/dp/B0034G4P7G/ref=as_li_ss_il?ie=UTF8&linkCode=li2&tag=wkoszek08-20&linkId=3c51c50d8affe429dc2e135be82fefd6" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B0034G4P7G&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B0034G4P7G" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>Many people, many mixed opinions. Judge by yourself.</p>
<h2 id="matrix">Matrix</h2>
<p><a href="https://www.amazon.com/Matrix-Keanu-Reeves/dp/B000HAB4KS/ref=as_li_ss_il?s=instant-video&ie=UTF8&qid=1489978381&sr=1-1&keywords=the+matrix&linkCode=li2&tag=wkoszek08-20&linkId=884c478794eefe8ca533b552bdebda88" target="_blank"><img border="0" src="//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B000HAB4KS&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=wkoszek08-20" /></a><img src="https://ir-na.amazon-adsystem.com/e/ir?t=wkoszek08-20&l=li2&o=1&a=B000HAB4KS" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p>The first part of the trilogy is the best, in my opinion, but it’s in the
“The Matrix Reloaded” that Trinity is using <code>nmap</code> for hacking.</p>
<p>If I’ve missed any movies, definitely let me know – I’d like to
watch them. And if I like them, I’ll add them to the list.</p>
How to use Ansible Vault with LastPasshttp://www.koszek.com/blog/2017/03/05/how-to-use-ansible-vault-with-lastpass/2017-03-04T16:00:00-08:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p>There are several competitors for password managers.
I use <a href="https://www.lastpass.com">LastPass</a>, because it has an Open Source <a href="https://github.com/lastpass/lastpass-cli">command line client</a>.
This is an officially supported tool, maintained by the LastPass itself.
I haven’t audited the code; I have just looked at several <code>.c</code> files, and
it seamed decent. Code has been around since 2014, so in the last three
years I suspect both good and bad guys had a chance to find issues.</p>
<p><a href="http://docs.ansible.com/ansible/playbooks_vault.html">Ansible Vault</a> is a <a href="https://www.ansible.com">Ansible</a> solution for managing secrets. Principle
is similar to LastPass: you have a blob file protected by a master password.
When you deploy code to the server, this blob is unencrypted and passwords
are put in the right place of your choice. So for example <code>database.php</code> may
have a database password placeholder, and Ansible will put a password there,
but just during deployment. The code in Git won’t have this password in
plain-text. People use Vault because “blob file” can be checked-in to the
Git repository. It’s secure as long as your master password is very strong.</p>
<p>Here I will show you how to keep this Ansible Vault password strong by using
LastPass, its command-line client, and the <a href="https://github.com/wkoszek/lastpass-ansible">lastpass-ansible</a> tool which I
wrote.
At the end, your flow will enable you
to login to LastPass from the command line. You’ll do it just once, during
your work session.
Then, you’ll be able to keep using Ansible Vault with your passwords
automatically channeled from LastPass.</p>
<p>This is a sister-tool to <a href="https://github.com/wkoszek/lastpass-ssh">lastpass-ssh</a> which does the same thing for SSH
key passphrases.</p>
<p><img src="/img/2017-03-05-how-to-use-ansible-vault-with-lastpass/james-sutton-187816_10p.jpg" alt="alt_text_0" title="Image_text_0" />
<br />
<small><small><small>
<em>(Photo by <a href="https://unsplash.com/@jamessutton_photography">James Sutton</a> via <a href="https://www.unsplash.com">Unsplash</a>)</em>
</small></small></small></p>
<h2 id="how-to-install">How to install</h2>
<p>You install the tool in the terminal:</p>
<div class="highlight"><pre class="highlight plaintext"><code>gem install lastpass-ansible
</code></pre></div>
<h2 id="how-to-use">How to use</h2>
<p>You must point Ansible to use <code>lastpass-ansible</code>:</p>
<div class="highlight"><pre class="highlight plaintext"><code>export ANSIBLE_VAULT_PASSWORD_FILE=`command -v lastpass-ansible`
</code></pre></div>
<p>Now assume you’re in your web application directory:</p>
<div class="highlight"><pre class="highlight plaintext"><code>cd ~/Projects/my_web_app
</code></pre></div>
<p>To initialize everything, do:</p>
<div class="highlight"><pre class="highlight plaintext"><code>lastpass-ansible --init
</code></pre></div>
<p>This will create a new 30-character long password and put it in
<code>Ansible_Vault/my_web_app</code> LastPass hierarchy. If you want to “transfer” your vault
file <code>secrets.yml</code> to <code>lastpass-ansible</code>, copy the new password to clipboard:</p>
<div class="highlight"><pre class="highlight plaintext"><code>lpass show -c -p Ansible_Vault/my_web_app
</code></pre></div>
<p>And just re-key (change password) for your existing vault:</p>
<div class="highlight"><pre class="highlight plaintext"><code>ansible-vault rekey secrets.yml
</code></pre></div>
<p>Type your old password, and paste your new password.</p>
<p>File <code>.lastpass-ansible.conf</code> has been created along with the password. You
can remove this file if the hierarchy <code>Ansible_Vault/....</code> is fine with you.</p>
<h2 id="more-details-and-custom-settings">More details and custom settings</h2>
<p>If you’re a picky person and you don’t like <code>Ansible_Vault</code> OR you want to
point <code>lastpass-ansible</code> to an existing hierarchy of your passwords, just stick it
to <code>.lastpass-ansible.conf</code>. It’s format is very easy:</p>
<div class="highlight"><pre class="highlight plaintext"><code># lastpass-ansible configuration file. For more details read:
# https://github.com/wkoszek/lastpass-ansible
MyWebSites/my_web_app
</code></pre></div>
<p>The order of lookup for this LastPass site name is:</p>
<ol>
<li><code>.lastpass-ansible.conf</code> file</li>
<li><code>LASTPASS_ANSIBLE_NAME</code> environment variable</li>
<li>Name guessed based on a directory: “Ansible_Vault” + name</li>
</ol>
<p>It should be safe to commit <code>.lastpass-ansible.conf</code> to your repository.
If you’re paranoid, just use <code>LASTPASS_ANSIBLE_NAME</code> environment variable
for passing this name. Otherwise just use the guessed name. I think it’s the
most convenient.</p>
<h2 id="summary">Summary</h2>
<p><strong>Shoot me an email if this flow worked for you</strong>.
I used a shell-based equivalent of this flow for some time and it worked all
right. The <code>lastpass-ansible</code> is my attempt to bring it to more people to
help with productivity. My hope is to improve this method by
exposing it to people and getting some criticism. Let me know if you find
bugs or issues here.</p>
<h2 id="github">GitHub</h2>
<p>It’s maintained in this GitHub repository:</p>
<p><a href="https://github.com/wkoszek/lastpass-ansible">https://github.com/wkoszek/lastpass-ansible</a></p>
<p><a href="https://travis-ci.org/wkoszek/lastpass-ansible"><img src="https://travis-ci.org/wkoszek/lastpass-ansible.svg?branch=master" alt="Build Status" /></a></p>
What's the most expensive stage of software engineering?http://www.koszek.com/blog/2017/02/28/whats-the-most-expensive-stage-of-software-engineering/2017-02-27T16:00:00-08:002020-05-12T04:49:50-07:00Wojciech Adam Koszek<p><img src="/img/2017-02-28-whats-the-most-expensive-in-software/pandu-agus-wismoyo-196366_10p.jpg" alt="alt_text_0" title="worker" />
<br />
<small><small><small>
<em>(Photo by <a href="https://unsplash.com/@kangterbang">Yatesndu Agus Wismoyo</a> via <a href="https://www.unsplash.com">Unsplash</a>)</em>
</small></small></small></p>
<p>Imagine we’re starting a software project together this year.
It will run in production, and serve a large amount of live customer
traffic.
Its lifespan may look like this:</p>
<p><img src="/img/2017-02-28-whats-the-most-expensive-stage-of-software-engineering/sw_graph_50p.jpg" alt="alt_text_3" title="Image_text_3" /></p>
<p>If this cycle of maintenance is long enough, it can overweight the cost of
all previous stages. I <a href="https://travis-ci.org/wkoszek/">do have projects</a>
which are considered “finished”: all the features are there, and as much as
you can’t make a hammer any better, neither can I any of these projects.
But for the most part, the software story is a little different: it’ll
always be a recipe, but the kitchen, ingredients, pans or people will change over
time. These adjustments cost money.</p>
<p>My guess is that with the majority of production software, the graph from above is true.
We put a lot of effort upfront and make something that works well. And then we
keep running it, patching bugs, enhancing it, patching bugs in these
enhancements, and so on. We do it forever. Or at least, for a very long time.
People who wrote the code may not be around anymore, so you need to train
new people. <a href="http://www.popularmechanics.com/space/a17991/voyager-1-voyager-2-retiring-engineer/">Not only NASA</a>
has this problem.</p>
<p>The <a href="http://www.netbsd.org">NetBSD</a> and <a href="http://www.freebsd.org">FreeBSD</a>
repositories you can see that people patch bugs which are fifteen year old.
How much money do you think it’d take to add a new feature in PostgresSQL?</p>
<p>In that sense software is a complete opposite to computer hardware.
A supercomputer <a href="http://techland.time.com/2012/06/19/what-exactly-is-a-supercomputer/">can cost $100M</a>,
but energy to keep it alive is $10M a year. You only run it for maybe three years, it becomes too slow and you
decommission it. Supercomputer lifespan ruled by the aging of the silicon is
the same as your smartphone. Two years and we get bored.</p>
<blockquote>
<p>You should focus on optimizing maintenance</p>
</blockquote>
<p><a href="https://en.wikipedia.org/wiki/Lockheed_Martin_F-35_Lightning_II">Joint Stike Fighter</a>
is close to what software maintenance is about.
The cost estimate for the JSF program is $1.508T dollars, where $379B is development. The
$1123B is maintenance.</p>
<p><img src="/img/2017-02-28-whats-the-most-expensive-in-software/sw_main_75p.jpg" alt="alt_text_5" title="Image_text_5" /></p>
<p>Life expectancy: till 2070.</p>
<p>Next time you stick five incoherent lines into your code with hopes that “we
will fix it later”, imagine how “later” will feel like for someone who will
look at your code. Fifteen years from now. Or fifty.</p>
<h3 id="you-may-also-like">You may also like</h3>
<ul>
<li><a href="https://www.koszek.com/blog/2017/02/18/making-pull-requests-that-merge/">Pull requests that merge</a></li>
<li><a href="https://www.koszek.com/blog/2017/01/17/reading-for-software-engineers/">Reading 101 for software engineers</a></li>
<li><a href="https://www.koszek.com/blog/2016/05/16/use-as-few-tools-as-possible/">Use as few tools as possible</a></li>
</ul>