Welcome to the “Future” of App Deployments

Posted on July 18, 2024 by David K.

I’m sitting here watching the braintrust in our IT organization tell everyone about a NEW! “PRO!” product that will do database migrations with Jenkins, and I’m just sitting over here thinking about the native migrations available by default in Ruby on Rails since version 1.0, which I’ve been enjoying for the past 15 years. I’ve deployed Rails apps with Jenkins, but I still like Capistrano better, because it’s “native.” I’ve yet to fool with their new Docker-based deployment tool because cap works so well.

They showed a script to call the Jenkins API to do deployment jobs. Again, I’m just sitting here wondering what in the world they’re talking about. Jenkins literally does all of this for you. They seem to think that Jenkins can’t handle deploying to separate environments, and therefore you need to script it so that you can parameterize the deployment with tags that live in git. I haven’t used Jenkins for 1o years, but — without even looking — I’d bet my eye teeth that Jenkins can do this without needing a script to call its API.

They’re signing off their dog and pony by looking for volunteers to demonstrate new things in this space. I think they’d barf if I demonstrated my workflow with Rails and Capistrano, and by so doing, illuminated how much time, effort, and money is wasted on a default stack using Java, React, and Oracle. It doesn’t use any sort of middleware, and therefore doesn’t have any steps to sit and wait for rubber stamp approvals by useless middle managers who aren’t going to actually review the changes, so I’m sure it would go over like a lead balloon.

Posted in Programming | Tagged , , , | Leave a comment

I FEEL FANTASTIC

Posted on July 18, 2024 by David K.

So my new chronic pain doctor gave me a DNA test, and based on the results prescribed me several psychiatric drugs, not for the psychological effects, per se, but because that’s what my brain chemistry supposedly needs according to my specific genetic mutations. I admit the pain is a couple points better, generally speaking, but now I just feel dull and depressed, and taking all this stuff makes me think of this song.

Posted in Health Care | Tagged , | Leave a comment

The Six Dumbest Ideas in Computer Security

Posted on July 16, 2024 by David K.

The opposite of “Default Permit” is “Default Deny” and it is a really good idea. It takes dedication, thought, and understanding to implement a “Default Deny” policy, which is why it is so seldom done. It’s not that much harder to do than “Default Permit” but you’ll sleep much better at night.

Source: The Six Dumbest Ideas in Computer Security

This was from 2005, and if your organization’s approach was always Default Deny, then it’s a great idea. The problem with Default Deny isn’t the idea, it’s switching away from Default Permit after decades of acclimation. One comment in the HackerNews discussion about this article says it adds “three more steps” to the conversation with IT to fix your app after the change. I would argue that it’s a whole lot more than that.

A friend of mine has trouble running a very important vendor application used in his department. It stopped working some time ago, so he opened a ticket with IT. It was so confusing to them that it got to a point that they allowed him to run Microsoft’s packet capture application on his machine. He followed their instructions, and captured what was going on. But, despite the capture, they were unable to get it working through the firewall.

Out of frustration, he sent the capture to me and asked me to take a look. Even though our laptops are really locked down, as a dev, I get admin on my machine, and I have MSDN, so I downloaded Microsoft’s tool, and looked over the capture. It was a complicated architecture, using a client/server implementation on the local machine. The front end was working over networking ports to talk to its back end, and the back end was using other ports to talk to the vendor’s servers.

I knew what to look for because I had just undergone a lot of pain with my own development workflow, because the company had started doing Default Deny, and it was messing with my development workflow in several ways. Not too long before, they dropped the bomb that EVERY network communication through the firewall required the Cisco Umbrella certificate (so that they can intercept and inspect all traffic, despite SSL). I had to figure this all out on my own, based on the behavior I was seeing, but I was able to figure out how to download that cert and include it in the chain to work with both bundle and HTTP calls in Rails, and psql for Postgres.

Then they locked out Postgres’ default port entirely. They reopened it for me at my request at first. Then six months later, they closed it again, and told me that I needed to formally request permissions for that, which was going to be a many-years-long process. I “just” rewrote the functions I needed in my Rails app to use HTTPS instead of using a direct database connection.

Anyway, I told my friend what ports IT needed to open, and how that he needed to explain to the vendor that they had to include the Umbrella cert in their chain on the back end, but he’s still having problems. Why am I being vague about the details here? It’s not because of confidentiality, though that would apply. No, it’s because my friend had been “working with IT” for over a year to get to this point, and this was two years ago, and I’ve simply forgotten a lot of the details.

“I said all of this to say” that saying it will take “3 extra rounds” is a bit of an understatement when IT starts doing “default deny,” at least in legacy manufacturing companies.

Posted in Programming | Tagged , | Leave a comment

Trump Lies

Posted on July 9, 2024 by David K.
Biden Broke up a Marriage

The kind of people who voted for Bill and Hillary Clinton, Barney Frank, Ted Kennedy, Willie Brown, Anthony Weiner, Eliot Spitzer, Bob Mendez, Andrew Cuomo, Rod Blagojevich, Charlie Rangel, and, yes, even Joe Biden all seem to suddenly have a problem with the Republican presidential candidate’s morals and ethics. Weird, huh? What, are you telling me that if Trump cleaned up his act and started acting differently, you’d vote for him? THAT’S your problem with him? Like the Democrats haven’t lied for years and years about the Steele Dossier or Hunter’s laptop, but, sure, Trump “lies about everything.” It’s all so relentlessly, unashamedly, performatively hypocritical.

Posted in Politics | Tagged , , | Leave a comment

Like a Booger you can’t Flick off your Finger

Posted on June 28, 2024 by David K.
For the love of God, please go away

Just so the Democratic Party is clear, and as a staunch evangelical Christian, I would vote for Satan himself before I’d vote for Hillary Clinton. She and Bill desecrated America and broke our political process, and I hate them for it. Look at all that they taught us:

  • Decades of allegations of rape and sexual abuse does not disqualify you from being President
  • Paying off your accusers isn’t an admission of guilt
  • Real estate fraud is just part of how you “get yours” in politics
  • “Pay for play” is how things get done in Washington
  • Having an affair with your intern is just cool, and totally none of your business
  • Being completely unaccountable for your campaign donations is fine
  • A trail of dead bodies of people who were implicated in your misdeeds is completely coincidental
  • Mishandling classified documents is not a big deal; everyone does it!
  • Leaving our citizens stranded in hostile territory to be killed “doesn’t matter”

And, after all of that, they’re STILL here, like a tick, stuck to our collective butt, ready to do it all over again.

Woodward and Bernstein made journalism the “good guys” by holding Nixon accountable for the heinous crime of… stealing a donor list from his opponent! The horror! Yet, in just a few short years, Clinton’s accomplices in the media turned the tables, and told Republicans and conservatives that none of these much more serious things mattered. “It’s the economy, stupid!”

Any Democrat who voted for EITHER Clinton has no right to lecture a Republican for voting for Trump. After 30 years of liberals demonstrating that “your” candidate’s morals and ethics don’t matter as long as you like their politics, you can’t be upset when the other side has finally learned the lesson too.

Posted in Politics | Tagged , , | Leave a comment

Pain and Treatments

Posted on June 21, 2024 by David K.

My health “journey” continues. I paid $500 for a genetic test that — of course — insurance doesn’t cover. I finally got the first half of the results.

I failed.

Turns out my body is deficient at basically everything related to my current condition… which is probably why I’m in this position. My genes make me both more susceptible to pain AND less able to deal with it, and I have no genes that would make therapeutic treatment of pain or depression easier. All of my mutations related to possible treatments are bad, and will have to be worked around.

NSAID’s are literally cancerous for me. Stunningly, I can’t process opiates. I’ve always thought that they didn’t do anything for my pain, rather just made me care less. Turns out that’s actually true, but I just thought that’s how they worked. No, they actually REDUCE pain for OTHER people (in addition to making them care less). But, hey, that’s OK. Not one of 18 doctors in three and a half years was willing to prescribe them to me anyway.

At least now we can get started with actual treatments, knowing what WON’T work? I guess? Doesn’t seem to leave me a lot of options, though.

Posted in Personal | Tagged | Leave a comment

Windows Being Windows, Shills Being Shills

Posted on June 20, 2024 by David K.

Windows stays prominent because Microsoft caters to corporations which abuse the poor, defenseless OS into doing things like locking users out of changing the desktop background and the sleep timeout. Until Apple offers power-hungry corporate IT middle managers the same level of user-hostile malfeasance in the name of “security,” Microsoft will hold the high ground in corporate deployments.

This becomes a self-perpetuating cycle of not-so-micro-aggressions, as the corporate use of Windows continues to skew all the Microsoft-bought-and-paid-for industry polls that show how much more prevalent Windows is over OSX, and self-justify corporate America that they’re doing the right thing by continuing to stick with it. This, in turn, leads to an entire sub-industry of corporate “security” software which must be installed on Windows, because, well, the bought-and-paid-for auditors told them they had to.

Thus, I wind up with a corporate laptop with 3 different “endpoint” security products installed on it, and something like 30-40 different scripts and checks that run almost by the hour to make sure that the inherent weaknesses of Windows hasn’t compromised our precious meeting PPT’s, which #CorporateIT apparently considers as sensitive as the US nuclear arsenal codes.

Apple offers an alternative to this madness, and I’m very glad they do. In my experience, almost no one runs Windows personally, except for gaming purposes. Numbers like StatCounter vastly over-report Windows usage, because everyone working for a large corporation and in the government is forced to use Windows.

I wish someone would produce a market share report that 1) separates corporate purchases and 2) includes phones as primary computing devices. I think we would see that the “computing world” is vastly different than Gartner would have us believe.

Posted in Technology | Tagged , , , , | Leave a comment

The Harry Potter “Community”

Posted on June 20, 2024 by David K.

I picked up the video game Hogwarts Legacy on sale for the PS5. Despite never having read a Harry Potter book, or ever watching one of the movies all the way through, I’ve enjoyed the game, and I love the imagination of the world. But a very large, very vocal “community” of die-hard Harry Potter fans have been waging a continuing cultural war with J. K. Rowling over her position on transgender women.

I cannot fathom why someone would make Harry Potter their entire personality, and then fight with the person who created the world, as if they could divorce the two. People: just do what everyone else has had to do for decades with Hollywood movies that star people who are political lunatics (right AND left) when the cameras stop rolling. Disconnect the product from the producer. Enjoy what you want. Ignore what you don’t.

It’s not like they’re going to change the situation, trying to embarrass or harass a literal billionaire into changing her mind or forcing her to stop commenting about the topic. She has reached the point of being untouchable by any mechanism they have at their disposal.

Until she decides she’s done, and “George Lucases” the franchise to Disney, they’re stuck. But if that does happen — I mean, who could have foreseen that Lucas would sign away Star Wars? — they’ll be ecstatic. The milieux will be destroyed, but it will go down checking all of the boxes they care about.

Posted in Entertainment | Tagged , | Leave a comment

Church Embezzlement

Posted on June 20, 2024 by David K.

There were a lot of stories in the 80’s about Jim and Tammy Baker embezzling millions from their church. Closer to home, there have been stories about UPCI preachers embezzling hundreds of thousands of dollars from their local churches. When I hear stories about church embezzlement now, as someone who has been deeply involved with a church for 30+ years, I’m realizing that it’s not just about the money that was selfishly and illegally extracted out of the church. There’s an additional “opportunity cost” of what that money could have done in the mission of the church: more staff, more programs, more outreach; more of the work the church is supposed to be all about. And as someone who supports the idea of the mission, it’s an added disappointment to an already-dismal occurrence.

Posted in Religion | Tagged , | Leave a comment

Big Companies

Posted on June 17, 2024 by David K.

Have you ever worked in a big company? Say, more than 1,000 people? I’ve spent the majority of my 30 years so far working at three Fortune 250’s.

Have you ever seen a manager do things that promoted their personal success, knowing it was at a cost to their peers or their subordinates? Have you ever seen decisions get made that you know are going to hurt the company in the long run, and which run counter to the company’s stated goals? Have you ever watched people do things to better their careers and boost their compensation packages, and then exit the organization, and leave a giant mess for everyone else?

Boy, I sure have. I’ve actually seen this sort of thing A LOT. I could write a book about it.

With all of this in mind — and while still trying to make sense of some recent events in my life — it has occurred to me that every corporate church organization is — at its core — just another big company.

Oh, wait, someone already wrote that book: https://www.ribbonfarm.com/2009/10/07/the-gervais-principle-or-the-office-according-to-the-office/

Posted in Religion | Tagged , | Leave a comment