Oops! Something went sideways.

Looks like the styling got goofed up. Sorry about that, unless it's what you wanted. If this isn't what you were looking for, try force refreshing your page. You can do that by pressing Shift + F5, or holding Shift and clicking on the "reload" icon. (It's the weird circle arrow thing "⟳" just above this page, usually next to where it says https://blog.unitedheroes.net...)

isn't quite ashamed enough to present

jr conlin's ink stained banana

:: A Few Degrees out of 360

Every year (or twice a year) i’m reminded that most of the employee review process was created by folks that are not introverts.

This is highlighted by things like 360 Reviews, where you’re asked to provide feedback on lots of folk, like peers, and managers, and co-workers, and strangers. For introverts, this is kind of the worst case thing they can be asked to do. It’s not only forced social interaction, it’s forced social interaction that will impact your livelihood and whatever tenuous co-working relationships you may have managed to foster. Pile on to that the fact that folks have MASSIVE imposter syndrome and it’s just the worst time.

This is not to say that i don’t understand the value of this process. Managers are busy people who have enough on their plate that they often can’t assess a subordinate’s skills correctly. Likewise, relying on the viewpoint of a single individual means that there can be things missed. Well rounded feedback is invaluable in that it’s the outside perspective that we may be missing. i don’t know when i am screwing up for reals partly because i’m convinced i’m constantly screwing up, so having someone else give good critique about it is, well, critical.

Of course, my paranoid brain also notes that giving negative feedback, particularly around review time, and in a channel that is used by management, means that management has lots of ammo available to shoot down reasons that you might get a raise / promotion / recognition / whatever. “Well, Bob, i see here that you resolved seven critical security issues and single handedly kept this pillar system operational, but Dave thinks you need to write better comments, so here’s a ${CURRENT_BASE_INFLATION_RATE – 1}%1 bump in salary. We’ll see what we can do about that comment issue next quarter, right?”

Added into the fun, folks are often asked to list all the people they worked with over the prior period. For introverts, this is going to be a small number. Maybe three or four if they’re feeling super social one week. It may be the folk that review their code, or folk that they might have talked about a project with, or just folk that they have a reasonable level of trust in. Which the other person may not realize. Thus the whole “from strangers” thing above.

Getting back to the top point, i get the feeling that whoever tends to design these things presumes that everyone has a rich network of connections and believes that all interactions are done in good faith. i understand that it’s impossible to address each and every persons broken psyche, but i do wonder if there might be a better way to approach this for folks that are not, let’s say, outgoing in the workplace.

Maybe ask them to put together a list of the folks they felt were meaningful (either good or bad) to them over the past few months. Maybe get in an introvert whisperer who will chat with folks to ask what about that person was meaningful and help craft a statement that the introvert can agree with. Point out that there might be things that the other person could do differently that might make working with them easier or things they do now that shouldn’t change.

People often say that introverts are socially awkward, but i’d argue that it’s because they’re hyper aware of social interaction. They are well, well aware of the weight that actions can take and they don’t want to cause undo damage. These sorts of requests are difficult to deal with because introverts are keenly aware of the sorts of outcomes they carry. For them, there’s no way to do this in a “light, casual” manner. They’re dealing with someone’s life and don’t want their misjudgement to be what ruins it.

Of course, i’m not a behavioral scientist, psychologist, or extrovert (regardless of how i may act), so Far Smarter People than i should probably work on this. i also wonder if it might be good if companies at least recognize this as a source of potential stress and at least give employees ways to either address, or help address it in their own ranks.

If not, folks are welcome to join me twice a year as i stare out into the endless sea surrounded by a dark cloud of anxiety and dread.


1 This is a pay cut.

  1. Dave Polaschek
    2021-11-18 18:57:17

    Part of the reason to retire: no more performance reviews!

    Well, except by the neighborhood dogs, who appreciate the scritches, but are vaguely disappointed that I never have treats. Arf!


Wanna join in?

Advertisers! Be sure to read our
Advertisement Policy!

:: Web 3. No

Recently i heard about Web 3.0.

Ok, not that recently, but like all such things, it bubbled up enough that i finally decided to pay some attention to it. Mostly based on this thread touting the glory that would be Web 3.0

Web 3.0 is a bit… i’m going to say nebulously… defined. The shortest answer is some hand waving about using blockchain to ensure that content remains distributed and not centralized like it is with Web 2.0. (Yeah, i know. Granted, i had thought that Web 2.0 was where every site had an API and you could use data however you wanted, and THAT got replaced by Web 3.0, but apparently i was jumping the gun a bit.) To be honest, i still haven’t found a good tutorial about how one goes about setting up a truly distributed node that is Web 3.0 compliant, but i found a bunch of articles that point to subscription sites where you can easily get going building your unique “Hello World” site, for reasons? Even those are mostly focused on instantiating identity (although those might be semi-disposable, and since there’s payment, i’m not going to use ‘anonymous’ because, yeah, they’re not at that point.)

i have questions and concerns about this proposed system. i mean, aside from the not insignificant concerns about block chains in general, i’m just going to focus on that whole “content” part.

Let’s say you’ve created some bit of media. It could be a book, song, video, picture, or just a short, pithy message, but by God, it’s yours. You initialize a chain tied to yourself and the media and set it loose on the internet, and… well, then what? i’m going to presume that there’s some media amplification site. Some site where folks tend to already congregate and share quality content among themselves. A place where content may be suggested (or blocked) by some controlling entity based on either some set of rules or a set of, say automated processes that automatically highlight content of interest. Maybe you’ll use one or more of those. i’ll note that one of the BIG reasons that sites got away from having APIs is the general headaches they introduce for very little return value.

Ok, so now your precious media is gathering a bit of a following. Yay! So much so that you’re seeing your content duplicated, because the blockchain only protects the concept of ownership, not the content, and the media can be easily extracted using any number of methods, like screenshotting, or setting up an external recording device. Oopsy!

Right, so let’s now say that you’re a very large media company, one which has a VERY strong investment in media generation, management and control. Where Intellectual Property (IP) drives every decision. Obviously, you don’t want to just hand out your money source, so instead what you hand out are licenses that allow customers to consume your IP within the constraints they’ve paid for. For them Web 3.0 is awesome, because now there’s a hard declaration of who crafted the IP, who consumed it, and where it might go beyond that. Now you’ve got a super clear cut case if a content owner duplicates the data out of license, or shares it, or passes it along to unlicensed parties, or anything else you may not like, and you’ve got the legal trail to prove it.

Of course, users might try to bypass your protections in fun ways, so you implement fingerprinting systems to look for partial content and thankfully similar existing systems are flawless works of science that are never ever abused. Nor do studios ever bring charges against customers that are not grounded in hard evidence. i mean, the internet is a copy machine, and this adds a fun machine id code to everything.

So, yeah, that’s just one aspect of Web 3.0 that i started mulling over.

There’s a term i’ve heard recently that i like. Technologists tend to be blinded by Utopia. It fits in well with my theory of the Magnificent Hammer. (You’ve heard “When all you have is a hammer, everything looks like a nail”? Well, if you work in building, designing and selling hammers, suddenly hammers are the perfect tool for EVERYTHING. That’s a Magnificent Hammer.) Being blinded by Utopia means that folks become so enamored with their end goal and the wonders that it will bring that they completely miss the horrors that may accompany it.

Web 3.0 (as it’s defined here) is full of raging horrors and you really don’t have to look super hard to see them. i just picked one at random. i didn’t even get into the whole mess about how this destroys privacy, potentially limits access to just the rich, and all the other woes i can spot.

Just gonna pass on this one.

Hard pass.

:: Asteroids and Papercuts

i work on long lived projects. These are projects that tend to run for years, and might even be considered to be tech debt magnets. That’s pretty natural, but it’s interesting considering that the rest of the company tends not to really think that way. They are instead focused on “the next version” of a product.

Since i’ve got services that need to last for years, i’ve got to manage levels of tech debt that happen. Some of it for internal reasons, a lot of it for external ones. This is because i need to balance working on those services with new services we’re rolling out because we’re generally understaffed and have lots of priorities.

To that end, i’ve started classifying concerns into “Asteroids and Papercuts”, and i’m wondering if others might find the framework useful.

Asteroids

An Asteroid is a big, potentially civilization ending event that will arrive at a known time. It’s something you need to pay attention to now, but the date is still (hopefully) a way off. This can include things like:

  • The language your service is built on is no longer actively supported or receiving security updates.
  • You need to move your data from one, cloud based, proprietary data store to another cloud based, proprietary store for reasons.
  • A key individual who has deep domain expertise is leaving the company.

(All of those things happened at least once with projects i worked on, so yay!)

When dealing with an incoming asteroid, your priorities are:

  1. Knowing the date
  2. Knowing the damage
  3. Knowing the mitigations: Short term and long term
  4. Putting together the work load estimate that is based on worst case scenarios

That last one is the trickiest, and kinda requires your most pessimistic attitude. Basically, try to factor in the other things that can and will go wrong. It’s important to avoid jargon, undefined TLA (Three Letter Acronyms), and presumed understanding when writing each of those up.

For instance you’d want to write up a summary that clearly specifies the problem, includes dates and provides a reasonably terrifying summary of why this is really important. So for something like a language going EOL:

This is something that will probably require at least a day or two of focused effort.

If you can’t get the time to do that from your management, be sure to get that in an email or document so that when the service fails, you have proof that you were told what you work on isn’t critical. (You don’t have to be snippy, just a quick email saying

If the manager insists on doing an in person meeting, take notes and feel free to send a follow-up email that includes the points of discussion and resolution, and ask that they confirm that this is correct.

Also start looking around for a different team/org/company because this is bullshit politics and your manager is setting you up to be the sacrificial offering when it all goes to hell.

Once you have a plan, treat it as a high priority task and get your various product people aware of it and working toward it. Make it a banner line on your weekly reports. Time is your asset and enemy because it will go faster than you expect, particularly if you have other priorities, and you will have other priorities.

Papercuts

Papercuts are smaller annoyances. Things like blocked library updates or significant bits of notable tech debt. The thing about papercuts is that while they’re small, if you get enough of them, they will kill you. (e.g. Death by 1,000 Papercuts)

While these tend to sit in the backlog forever, it’s important to track them because they can also fester and turn into significant events. Each papercut can be a unique thing, so it can be hard to come up with as clear strategy as for an asteroid, but you should have one in any case. Fill out the bug/issue/ticket with details for future you. Note the relationship a given papercut has internally in the project or across the org. Show not only that it’s important, but how a delay on fixing it impacts the bottom line. Basically, present it so that someone who has no understanding of the tech or why this is important can understand why this is important.

Of course, there are lots of other issues that you can address, and lots of ways to categorize things. Not everything is or should be an Asteroid or Papercut. There will be some things in your backlog that are there to die, neglected and alone, but there will always be things that are more critical that you need to pay attention to. Your team and mileage will vary, but hopefully you now have a framework to help present critical issues up the chain if you didn’t already.

:: Getting HomeAssistant 2021 Running on Docker and a Raspberry Pi 4

Home Assistant is a marvelous app that makes your home smarter. It’s also a raging pain in the ass if you’re an early adopter and actually have set things up already. This post is not only a helpful guide for how to update and use the latest flavor of Home Assistant, it’s a lovely well for me to scream into instead of yelling obscenities at the squirrels in the backyard.

A lot of this is going to be date dependent, so denizens of the future you’re probably going to have an easier time of things.

Recently, HomeAssistant has gotten a lot of work done (i’ll blame the pandemic and idle developers, which are sometimes the devil’s playground). To that end, it requires Python 3.8+.

Problem #1: Debian & Python 3.7

As of this date, if you’re running Raspbian/Raspberry Pi OS on your Raspberry Pi, the underlying system you’re running is Debian Buster1. That means the Python you’ve got installed is Python 3.7.3. As of December 2020, HomeAssistant considers Python 3.7 obsolete and stopped supporting it2. You could download the source for Python, and compile it locally. You could also walk from Utqiagvik, Alaska to Tierra del Fuego. You might want to consider not doing that though.

When a version of python becomes obsolete, it’s not the main program that breaks. No, that honor goes to a percentage of the many, many small libraries that the software now uses and drags in like a hoarder at an unguarded Costco. For me, it was about two months in when i discovered that one of my webcams no longer worked.

Fortunately, there is a solution, kind of. The HomeAssistant folks offer multiple ways to install, including an SD image (or if you’re like me and you have other programs running on your Pi, because, well, you can and HomeAssistant isn’t THAT big of a pig), you can run it inside of a Docker image.

Docker is free (regardless of the impression you get from the site). And while you can install it using apt, i’d actually encourage you to install it using the (ugh3) docker install script at https://get.docker.com. If you prefer a few more steps, you can also follow the Debian instructions.

Problem #2: Docker

Docker is clever because it uses a combination of virtual images in order to run applications in a sandbox. It makes up for that cleverness by eating disk space and being horrifically obtuse about how it should be used. Suffice to say that you have images which are the bits of stuff that get run to do things and containers which are the actual, running programs. That will become important in a bit, but it’s also worth noting that you really need to keep an eye on how much space the images are eating up. There are lots of documents you can read, but suffice to say that

$ docker container prune
$ docker image prune

are your bestest friends4.

Problem #3: node

Ah, but wait! There may be something else you’ll need before you can get going. HomeAssistant has moved onto a more modern (pronounced: “sÉ™-pôrt′-ed“) Z-Wave integration system called “ZWave-js”. This is a node.js app. Again, the Debian default is going to be old. So, instead, grab a copy from the download page (for Raspberry Pi, you want the ARMv7 one). Once you have it, you can tar -xvf node-*.tar.xz which will extract node into it’s own directory. You might also need to sudo apt install xz-utils to get the xz decompression tool for tar. You can move that wherever (i usually keep those in $HOME/app). You may also want to add $HOME/node-v-linux-armv71/bin to your $PATH, since you’re going to need those in a bit.

Node helpfully includes npm or the Node Package Manager. This nifty little tool allows you to install packages. What it doesn’t make frightfully clear is that the packages npm installs go into `pwd`/node_modules so you can wind up creating lots of node_modules directories as you try to figure out where the hell things are installed. For now, go to your home directory and run these there.


$ npm install zwave-js
$ npm install @zwave-js/server

This should install some programs and in node_modules/.bin/ there should be a zwave-server.

Yay.

Well, sort of “yay”.

zwave-server needs the device address for your ZWave USB dongle. You can get this from your old .homeassistant/configuration.yaml file. For me, it’s under

zwave:
usb_path: /dev/serial/by-id/usb-0658_0200-1f00

Yours is probably under something like /dev/ttyUSB0 or /dev/ttyAMA0 or something more sane.

Once you have the device path you can then fire up
$ node_modules/.bin/zwave-server /dev/serial/by-id/usb-0658_0200-1f005

and be awestruck by just how chatty this thing is. You’ll then kill it and add 2>&1 > /dev/null & to the command so that it runs in the background and all the chatter goes to /dev/null, because there’s a lot of it, -h and --help do nothing, and i just want to get things running.

Problem #3: ZWave

Wait, didn’t we just solve that? We solved about half of that.

The old ZWave config system is deprecated. While zwave-js does an amazing job recovering and loading devices so you don’t have to re-sync them, there are a few things you still need.

  1. Your system security key. If you have a security key (because you have locks or garage door openers or something) you’re going to need the code for it. Hopefully you have it, still. You can sometimes also get it out of the zwave logs.
  2. Your friendly device names. HomeAssistant’s integration doesn’t use the friendlier device names when listing things out. You will probably have to reset them based on the device node-ids or device ids. Both of these are in the old configuration data. You can also fire up the old version of HomeAssistant, grab a notepad and take notes.

Once you’ve got your list of ZWave things, drop the old, deprecated ZWave integration. Comment out the old zwave: section from the configuration.yaml file.

Now you should be able to get HomeAssistant started.

To start the HomeAssistant docker run

$ docker run \
-rm \
-d \
--name="home-assistant" \
-v $HOME/.homeassistant:/config \
-v /etc/localtime:/etc/localtime:ro \
--net=host \
homeassistant/home-assistant:stable
Remove the container once it exits
Run in the background (daemon)
Name the container “home-assistant”
Link the config directory as /config
Link the time to the system time
Use host networking
What you want to run

Give that a few and you should be able to bring up the admin panel on port :8123 like before. You’ll need to enable the ZWave-JS integration under /config/integrations. If the zwave-server above is running, you should be able to just connect to the default websocket port. Once that’s done and the device list is loaded, simply walk the displayed list setting each entity id back to whatever you had originally set it. They should show up on the Lovelace UI, work in scripts and all the other joy, just like before.

There may be a few other things you’ll do, but it’s getting late and my tequila bottle is empty and i need to go make some tacos for dinner, so you’re on your own.

Footnotes & snark

1Debian is stable. It wants to be very stable. i’m talking “fixed to the bedrock” stable, and much like the bedrock, it tends to move at a geological scale. This means that stuff on Debian tends to be a bit “legacy”, and they don’t release new versions very often. It’s rumored that they only do so once the magic smoke released from overclocking a VT-100 terminal is white.

2 One might ask “wait, why did HomeAssistant basically drop support for Raspberry Pi?” It’s a good question, but basically works out that 3.7.3 was releases mid 2018 and there’s a fair bit of cruft in it compared with later releases. i’ll note that 3.7.3 is still supported until 2023, and just dumping support for it is kinda rude to folks, but they do suggest docker and docker adds a fairly minimal amount of overhead. At this point, it’s looking more and more likely that running apps in some sort of sandbox, be it docker, flatpak, snap or something else will probably keep OS’s secure enough from devs that want to play with all the shiny, new toys.

3 Yes, i get it. Giving folks a clever shell script they can run in sudo sure is a fun and easy way to get things done. It’s also like tossing a stranger the keys to your car so he can go get your take-away order. It’s usually safe, but there’s the off chance that he runs over a kindergarten class or uses it in a bank heist.

4 i am absolutely not kidding about this. Dockers default setting is to fill your disk with old crap. Calling prune goes through and can delete gigabytes of old image data. You want to do that before your computer locks up because / is out of space. Hell, you want to keep a close eye on things using docker image ls -a because docker doesn’t always show you everything, and docker can keep lots of old versions of packages lying around for reasons.

5 So, yeah, fun fact. If you try to later switch to a different ZWave controller USB, it won’t work because the devices and protocol specify the controller, not the local settings. Oh, but it may screw up your local /dev list forcing you to do crap like this because the /dev/ttyUSB0 device is now pointing to an invalid endpoint and something keeps resetting it. It’s super annoying.

So, one of the HomeAssistant folks reached out and asked “Why aren’t you running the Home Assistant Operating System, which handles a fair bit of this for me.

The short answer is mostly FUD on my part, since i’ve not dug super deep into the OS option and been burned by similar things in the past, but a bit more than that too.

i may convert everything over to HAOS (trying to backronym a C to the start of that for some reason), but there are a few personal caveats:

  1. This would basically be a from scratch rebuild. Much of my HASS is still YAML based, so to do this right, i’d have to rebuild it all in the native UI. Not impossible, but a lot of work.
  2. i run a few things on this machine. It’s my understanding that HAOS is basically Alpine running a slew of Docker images, and it’s fairly easy to convert things into Dockers to run on it. This may mean rebuilding stuff like PiHole, as well as my semi-hacky python scripts, and whatever other bits i might need. Again, not impossible, but a lot of work.
  3. Much of the logging does not get written to the SD Card. i’ve gone in and softlinked much of it to write to a USB3 drive attached to the Pi. This is because Linux is “write heavy” and that can burn through SD card write cycles pretty quickly. Again, not impossible (since i can probably mount the USB drive and alter Docker files configs to use that drive), but … well, you can see the pattern emerging.

i have no doubt that things would be a lot easier if i were to have started from scratch yesterday. i didn’t. There’s definitely sunk cost at play here, but sadly, i can’t ignore it because it’s actually functional.

:: Ec-COVID-Nomics

SARS/Corona Virus 2019 (COVID19) is a terrible disease, on a lot of fronts. The thing i really can’t get over are folks that say stuff like this:


A NextDoor post where someone proudly claims their going to a 40-50 person gathering because the disease has a \

i mean, sure? If you’re young-ish and fortunate, you do have a fairly good chance of getting through it alive. Hooray?

Of course, that’s not really the problem, at least, that’s not the most significant problem you face in the US.

Let’s consider what you face if you get the disease.

First off, there’s dealing with the disease itself. For some folk, it’s nothing. As in they have no symptoms what-so-ever. Other folks require hospitalization. How your body reacts to COVID is pretty much anywhere in-between, and there’s no knowing what it will be. There are also potential long term considerations as well, since it’s still quite a new disease and nobody is quite sure how it will impact everyone.

You may only be “sick” for a few days get “better” and since you got the ‘rona, feel you don’t need to worry about wearing a mask. You’re now a spreader since you’re still contagious since the virus is still very much present in your system. (You could also be asymptomatic, which means you have the disease, but aren’t showing or feeling any symptoms. Feel free to read up about “Typhoid Mary” if you want a nice, historical record of how this could happen.)

But let’s say you’re unfortunate enough to actually require hospitalization. Because we’re America, once you’re released, you’re looking at a bill of anywhere from $32,000 to $73,000 (depending on how good your coverage is). It can also be a whole lot more than that, depending on where you get your care.

i don’t know if you’re able to buy a car right now out of pocket, but that’s kind of the numbers you’re looking at. If you’re not, you’re going to have to figure out where to get that money. Again, since we’re America, you’ll probably turn to the age old practice of finding someone to sue. If not you, don’t worry, your insurance company will probably do it for you. They don’t want to spend that sort of money either, so if they can find someone who exhibited clear, reckless behavior, you bet they’ll be right on top of that.

Of course, if you’re in the clear and someone you’ve contacted afterwards develops COVID, well, let’s just say that announcing your open defiance of strongly suggested health guidelines may not be quite as bold as you had thought.

(i honestly believe that this is the major reason that the US has not implemented Contact Tracing like Canada has. i’m pretty sure someone figured out that having a clear path between litigant and plaintiff may not be fantastic.)

What’s more, again, since we’re America, and our health providers don’t like pre-existing conditions, this is something that could actually come back to haunt you years from now.

So, yeah, that’s why i have zero intention of going to large gatherings so long as COVID is still very much a thing.

Blogs of note
personal Christopher Conlin USMC Henriette's Herbal Blog Where have all the good blogs gone?
geek ultramookie

Powered by WordPress
Hosted on Dreamhost.