Author: Lisa

Potatoes!

We finally harvested our potatoes — we got twenty potatoes, so a good bit more than we started with … but no where near what I expected given the size of the plants. I think we planted too late because a lot of the roots had tiny little nubs that would have become potatoes in a few more weeks. Good to know for next year 🙂

Harvesting was fun — we tried pulling the plants, but only found five potatoes. So we started digging around in the soil by hand — got fifteen more potatoes that way, and Anya loved it.

Definitely planting potatoes again next year. Sweet potatoes, however, were a total bust. We had some decent sized vines, but nothing.

dsc_9934

Christmas Dress – Initial Planning

I purchased a really interesting book called the Building Block Dress. Ever notice a designer sells ten different patterns that are all tweaks of the same dress? Evidently that’s actually a thing in fashion design — you really do have a base pattern and all of your “looks” are modifications of this base. Makes sense from both a manufacturing and a design standpoint. Cars are designed the same way — there’s an underlying chassis upon which a lot of different variations are bolted. This book teaches you to make your own modifications. Which means you don’t need to buy the three different almost-the-same patterns, but rather you can purchase one and modify components as needed.

The book includes a “dress planning” template — for me, “planning” has generally been an e-mail to a few friends or a blog post about the pattern I’m using and the fabrics I am considering. Selecting different components and drawing the dress is new for me … but I’ve got my first dress planned! Now I just need to get Anya’s Halloween costume sorted so I can work on other projects 🙂

anyachristmasdress-buildingblockdressworksheet

Loopholes

When Mitt Romney was running for President, I recall some disclosure about his 401(k) value — something like 20-100 million dollars. The guy was like 65 years old. Even if he’d started contributing in 1978 & dropped in the full 30k you could do at the time … that’d be 1.2 mil in contributions over the course of his lifetime. Which is an amazing rate of return if you factor in normal market performance over the 34 years. Contribution limits sure aren’t 30k per year anymore! How do you get tens or hundreds of millions of dollars in an account? You get a special class of stock priced at one penny, put in 15k worth of it (1,500,000 shares) into your 401(k). And then revalue the stock at 10$ a share. Giving you 15 million dollars when there’s a 15k contribution limit.

Donald Trump’s billion dollar loss (great business acumen, huh?) — assuming it was a legit loss (and I think we know why the guy gets audited every year. If he’s still carrying forward his billion dollar loss … he’s got something funky on each return that may well flag it for audit) and it’s actually debt (not just loss of value) — where is that debt? That’s what reminded me of Romney’s 401(k) … if you are dealing with internal funny money, can you then proceed to buy that debt for pennies on the dollar (I’ll sell you this billion dollars of debt for a mere million dollars) and then never attempt to collect it? The debt still exists, your earnings are tax free as they are offset by that loss … but really there isn’t even debt.

Tax End Run

Donald Trump’s massive tax deduction explains why he so wants to get rid of estate taxes — you can take depreciation on buildings *but* you get bit when you sell the property (if I bought it for 1 million, took a quarter mil in depreciation, but then sold the thing for 2 million dollars … your net gain is 1.25 million dollars). Or when you die and it goes through probate.

*But* if we get rid of the estate tax … then someone without financial need to sell their buildings can avoid taxes due to depreciation, hand the properties over to their beneficiaries without incurring tax … and, bonus, those beneficiaries can continue writing off depreciation against their earnings.

Halloween Bag

Early this year, I purchased a kit to make a Halloween tote bag for Anya. I had tried piecing it together several times, but stitching a straight line at exactly 1/4″ is not my forte. My last attempt, though, used a sewing machine foot that has a guide for a seam allowance of exactly 1/4″. WooHoo! I was able to get the little blocks pieced together. I want to get some of the rainbow spider web fabric to make a Halloween skirt next year too.

Now I’m almost finished with the bag — just need to stitch the letters. I didn’t quite follow the instructions. Or maybe I just didn’t understand the instructions. It seemed to me like the exterior and the fusible fleece were quilted, but the bag interior was not. I sandwiched all three layers and did my quilting. I also used my serger to make the side seams. That seemed like a more durable solution.

Front (oops, I still need to remove the chalk lines I used to quilt the bottom portion!)

img_20160930_235405

And back:

img_20160930_235412

Non-solutions

This post takes as a priori knowledge (i.e. not something I necessarily believe to be true based on my experience) that white flight is still a thing – that African Americans primarily live in urban centers – and that these urban centers are an absolute wreck of violent crime and disintegration.

I’ll admit to being advantaged by a lot of implicit bias — I’m a grown up white person. A female, though … and a female in science/technology fields … so it is something I’ve experienced occasionally. The first major company for which I worked, a top-level manager in the IT org hired in a lot of his at-the-time girlfriends. The new girl showing up was assumed to be incompetent, and it is a lot harder to convince someone of your competence if they start out knowing that you are only here because you are sleeping with the boss. Frustrating, but nowhere near the level of “the cops got called when I was standing at my front door trying to find my key”.

My specifics don’t give me a lot of understanding of minorities who suffer implicit bias, racial profiling, and outright discrimination … but I cannot fathom how “stop and frisk” is meant to solve either problem. Even if 25% of the people who live here are degenerate criminals, 75% of the people aren’t. Statistically you spend a lot of time hassling innocents — who may well not consider it a worthwhile trade-off to eliminate one burglar.

The nearest analogy in my life-experience is DUI and seat-belt check-points. I remember being late to work one morning because a seat-belt check-point was on my route. Slowed down traffic quite a bit, stopped on the queue waiting for my turn. Plus it took a couple of minutes for the check itself (they were doing about the nosiest check-point I’d ever seen — basically taking as much time as they could to peruse the plain-sight contents of your vehicle, asking questions, etc). There’s a sanctity of human life argument that says that the potential to save one life has more weight than a hundred people being delayed for twenty minutes that morning. Which, as a one-off … whatever. How many times, though, could I be detained before *I* don’t care all that much about the life of some goober who intentionally refused to fasten their seat belt.

And there’s a difference between reducing and relocating crime. New York City got very “tough on crime” and was able to reduce crime significantly. But Philadelphia saw a dramatic increase in crime — NY didn’t stop people from committing crime, they just stopped people from committing crimes *in NYC*. I don’t see stop-and-frisk having the slightest chance of reducing crime. Relocating, sure, but not reducing.

PHP 7.0 and MySQL Libraries

At work, we have some servers running unsupported operating systems. New servers are being built, and applications are being migrated from the old servers to the new. I started with a fairly easy scenario – a PHP web site running on Windows 2008 is moving to 2012. The new web server was handed off to me, and I loaded PHP. With PHP 5.6 active support ending at the end of this year, it made sense to install PHP 7. Copied code, tested site. Umm, massive fail.

Way back in PHP 5.5, the ext/mysql stuff (ext\php_mysql.dll for Windows folks) was deprecated. And if you are like me, you had a lot of old code from back when that was the way to connect to a MySQL database. And as your MySQL was upgraded past 4.1, you had the DBA’s setting old_password on your ID so your code continued to work.  But the old mysql libraries have been removed in PHP 7… and you need to use MySQLi or pdo_mysql to communicate with your database now.

Which one? Depends on what you need – I’ve been using PDO because I don’t need a procedural API (MySQLi provides a procedural API, PDO does not). PDO supports a dozen or so database drivers, MySQLi is just MySQL … so I’ll be able to use the same basic code to connect to MySQL, MS SQL, Oracle, and db2 (plus a handful of others that I don’t anticipate actually using, but who knows what the future holds).

I found a site (http://archive.jnrbsn.com/2010/06/mysqli-vs-pdo-benchmarks) where the individual has benchmarked MySQLi and PDO and doesn’t find much difference on INSERT statements but does see a non-negligible difference on prepared and non-prepared SELECT statements. His post is fairly old, so I ran timed tests on my server using our existing data and found PDO was within a couple of milliseconds. Using either library requires some recoding, but it is fairly straightforward and I was using a script to rebuild my script with the new functions. So I have a nice new server with nice new PHP and nice new MySQL queries using PDO … hit the page to test it and I get a generic error. Add a few lines to my code so I get some sensible errors

     error_reporting(E_ALL);
     ini_set('display_errors',1);

 

Voila – umm, this is gonna be a problem:

Next PDOException: SQLSTATE[HY000][2054] The server requested authentication 
method unknown to the client 
in D:\vhtml\PKIHome\IssuedDeviceCerts\index.php:46

Stack trace:

#0
D:\vhtml\PKIHome\IssuedDeviceCerts\index.php(46):
PDO->__construct('mysql:host=acil...', 'uidsuppressed', 'pwdsuppressed',Array)

The ‘server requested authentication method unknown to the client” means that the new PDO and MySQLi (yes, I’ve tried both) cannot use the password as required for the currently running production code. And the library used in the currently running production code cannot use the password as required for PDO or MySQLi. I cannot just convert the code to the new method, drop it on the new server, cut over, and decommission the old box. There are two approaches that can be used:

**************************************************

#1 Recode against a development MySQL database

#2 Get new IDs using the new storage scheme

**************************************************

#1 If you have a development MySQL database, you can add a hosts file entry (or have your OS support team do so) to point your production database host to the development server. The development server should be refreshed with data from the production databases. The existing IDs that use the old password storage schema can be updated with the new password storage scheme (either you provide the current password or a new password can be set). You will then need to update your PHP code to use either PDO or MySQLi. The implementation CRQ to move to your new server then involves (a) having the DBAs update the production user ID to the new password storage scheme, (b) removing the hosts file from your server.

 

Advantage – You don’t need to change to a new user ID in your code.

Disadvantage – anything that uses this ID needs to be updated simultaneously. When the new password storage schema is used on the account, any client requiring the old password storage scheme will fail. If your ID is used for one specific application on one server, then this isn’t a big deal. If you
use the ID to write data from a batch server or middleware platform, and then read the data from a PHP site … you need to recode both to use a library that understands the new password storage scheme.

**************************************************

#2 The other option is to get a new ID created that uses the new password storage scheme and have the same permissions granted for that ID. You can then recode individual pages as they are moved to the new server, and the old ID can be removed when all of the sites using it have been moved.

 

Advantage –You don’t need to move everything at once.

Disadvantage – you are making more changes to your code and replacing all of your user IDs (if you have a MyODBC driver to link an Access table into the database or if you use the MyPHPAdmin site … you’ll need to remember the new account now).

**************************************************

This isn’t a fatal error that prevents the upgrades from being done, but it sure turned into more of an undertaking than I had originally anticipated! If you should happen to use PHP and MySQL using the old libraries and have a PHP 7 installation planned … it really isn’t just copy some files & update some function calls.

 

Knee-jerk reactions

Companies for whom I have worked have blown many millions of dollars on knee-jerk reactions to bad situations. Some of the biggest expenses never even addressed the problem at hand — but the business directive was essentially that we had a big problem and needed to be seen spending money “fixing it” even if a more nuanced study of the situation and solution showed a complete disconnect. No one outside the company could even see the details of Project CYA, and everyone inside the company was complicit in perpetrating the belief that Project CYA did whatever you needed it to do today.

I appreciate the need to do something immediately, but it seems more sensible to me that the immediate action be a stop-gap solution to provide time for a more thorough review of the situation. One of the most egregious examples was a situation where an employee was terminated under bad circumstances, drove over to one of our retail stores, and asked to borrow the logged on computer of a sales guy. Who let him use it. The guy then proceeded to credit thousands of dollars to his friends’ accounts. We spent a year and quite a bit of money implementing an identity management system — one that had many benefits, but didn’t stop an employee from letting someone else use their already logged on terminal whilst they went back and grabbed a cup of coffee. My proposal was a termination alert & photo e-mailed to all employees working within X miles of the terminated employee’s location code be sent for a few weeks while options (beyond the obvious “don’t let anyone use your logged on terminal – log off & let them go in under their ID) were explored. It would have taken a day of coding, but we already have each employee’s photograph in the security system for ID badges, a feed of terminated employees, and a work address for all employees. Sure, not everyone is going to read the message right away … but someone in the store is apt to have read it in the two hours between the guy’s manager bringing him in for the unhappy talk and the guy’s arrival at the retail store.

Reliance on knee-jerk solutions was the biggest fault I saw in George W Bush’s governance — the “trust my gut” and “go with my instincts” methodology. Without the hubris to come along later and analyze how those instinctive decisions worked out.

Trump makes George W seem positively restrained and self-aware. Beyond his constant self-aggrandizing, self-serving tax and regulation policies, and middle school bully approach to inter-social relationships … I cannot fathom how this man will lurch from manufactured crisis (the Iranians gave us the finger!?!) to manufactured crisis (Some world leader won’t meet me on the tarmac, I’m going home) to real crisis (Russia invades the Eastern Bloc, Pakistan and India decide to nuke each other, manufacturing continues to collapse even after illegal duties are slapped on everything brought into this country, Iraqis object to our plundering their oilfields and a whole host of other countries who fear the same thing join their defense against us).