Tuesday, October 27, 2020

Autopilot Against Drug Testing

Drug Testing Lab

Autopilot Consulting, LLC. can NOT support mandatory drug testing. Autopilot was founded on the belief that a business could be both successful and ethical. I believe that mandatory drug testing is unethical and therefore we can not support it.

Autopilot's core values are:
Integrity above all else.
People matter
It can always be better
If it's complicated, it's too complicated

It's exactly these core values that have led me to the decision that as a policy Autopilot would not permit staff to submit to drug testing as a condition of working with Autopilot Consulting. Drug testing provides very little value to employers and can only harm employees and staff.

Drug Testing For Employers

Drug testing provides very little value to employers. Current drug tests typically address only a small subset of abused drugs, are not particularly reliable, and are widely regarded as poor predictors of on-the-job performance.

Prescription Drugs

Pre-employment drug screening often excludes legal drugs including prescription medications (when they do include prescription medications, you begin to approach the privacy concerns mentioned below). The Americans with Disabilities Act and the Equal Employment Opportunity Commission have strong guidelines to protect the privacy of those legally taking prescription medications.

These prescription medications are often abused and contribute to workplace safety concerns that are not readily addressed by common drug screening. Even when these medications are tested for, studies have found that the screening typically does not improve safety ratings.

Alcohol

Many pre-employment drug screens do test for alcohol. While these would provide valuable information in an after-incident exam, they're not particularly good at identifying people who abuse alcohol. Alcohol is detectible in urine for up to 12 hours. There are better tests for when alcohol consumption is completely prohibited, but in the typical case, if someone who is suffering with alcohol addiction can sober up for an interview, they can also sober up for a negative drug test too.

For perspective, a study in 2003 showed that people who consume alcohol on average three or more times per week had 3.2 injuries per 10,000 person-work-days vs 1.9 injuries over the same duration for non-drinkers. This 70% increase in risk is typically not predicted by pre-employment drug screens and many people don't consider this level of alcohol consumption to be heavy use.

Detection Times

Most drugs are detectible for only a few days. Marijuana can be detectible for 1 to 2 months for chronic users but is typically less than 7 days for infrequent uses. This means that drug users (except for some marijuana users) who are looking for jobs can easily pass a pre-employment drug screening by abstaining for only a few days.

Exacerbating this problem, drug tests have a 10 to 15 percent false negative rate. Some false positives are due to weaknesses in the tests, differences between the way different people metabolize drugs, volumes of water people typically consume, etc. Others are deliberate subversions of the test. While false-negatives probably have a less dramatic impact than false positives, this does greatly reduce the value of the tests in general.

Impacts of Drug Testing on Job Performance and Safety

Some studies have been able to show a relationship between drug use and job performance and safety. Many other studies fail to show any relationship. Most studies have failed to show a correlation between drug screening and job performance and safety with several researchers suggesting alternatives for safety critical positions like computer-assisted performance tests and non-punitive employee assistance programs.

The inability to test for several classes of drug abuse, the unwillingness to treat alcohol abuse with the same vigor other drugs, and the unreliability of drug screens as a predictor of performance greatly reduce the value of drug tests as a pre-screening employment qualification.

Drug Testing for Employees

Drug testing can only serve to harm potential employees. Drug tests have an unacceptably high false-positive rate, are privacy-invasive, and have been historically biased against poor and minorities.

Harmful False-Positives

While drug tests are generally unreliable as a measure of drug use in general, the false-positive rate is an alarmingly high 5 to 10 percent. That means that if I have 10 employees undergo a drug screening as a condition of a contract with an Autopilot client, one of them will likely with a documented positive drug test. It would be unethical to require my staff to subject themselves to a test with a 10% chance of harming them or their reputation.

Privacy

I have worked with and would like to continue working with people who live in (or travel to) states (or countries) where some drugs are legal. Because these drugs are also controversial, it is reasonable for someone to prefer to keep their legal activities private. If I permit some employees to submit to drug tests, I cannot protect the privacy of all of my employees.

For example, I could allow some employees an opportunity to opt out of drug tests. The problem is that through deduction, it's possible people will come to the conclusion (correctly or incorrectly) that someone is opting out of contract opportunities to hide drug use. It's less complicated and considerably more respectful of the privacy of my staff (and thus more ethical) to not permit any employees to submit to drug tests in the first place.

Disproportionate Impact on Poor and Minorities

One study, conducted by Yale University, found that 63% of black workers were employed in a workplace that performs drug testing while only 46% of white workers were. Further, 54% of blue collar employees were tested compared to only 44% of white collar workers. In further analysis, the study found that the racial discrepancy was true among executive, administrative, managerial, and financial workers as well as technician and support occupations.

Counterintuitively, the National Bureau of Economic Research found that places where drug testing is required tend to have more racial diversity. The author of the study suggests that these differences are due to biases in the hiring process because drug tests gives minority applicants an opportunity to prove counter assumptions and prove their innocence.

This is a bias that should be eliminated by ethical thinking rather than by putting a burden of proof on job applicants.

The same author has found that drug testing policies tend to correlate with a decline in employment for women as well.

TL;DR

Drug testing provides very little value to employers because these tests typically address only a small subset of abused drugs, they are not reliable, and are widely regarded as poor predictors of on-the-job performance. Drug testing has no benefit to potential employees because the tests have an unacceptably high false-positive rate, are privacy-invasive, and have been historically biased against poor and minorities.

Our specialty is building amazing software that delights users. We believe in the value of people and we're always working to improve ourselves and those around us. We would be compromising our integrity if we didn't join in taking a stance against privacy violations and discrimination.

It's for these reasons that we respectfully decline any contracts where mandatory drug testing is a condition of the contract.

Monday, October 12, 2015

Size Matters: Improve Productivity with Cheap Screen Real Estate

Common Screen Sizes

It's hard to hire developers, and technical resources are expensive. Everyone is trying to figure out how to attract top talent, reduce turnover, and increase productivity of existing staff without reducing their work/life balance.

Early on, I decided that if you're going to spend 8 hours a day 5 days a week for almost 50 weeks a year doing something, everything about it should be as pleasant as it could be. I bought a new Macbook pro and two thunderbolt displays. Those investments very quickly paid off.

Until recently, the benefits of large technology investments were just intuition. Last week, I realized how much more productive I was working remotely than when I'm onsite with the client. One reason is that when I'm remote I get a lot more flow, but another reason is that when I'm remote, I have a lot more screen real estate so I can see a lot more information at once.

I decided it was time to be more productive onsite too. This time, I wanted to have more concrete justification.

Screen Selection

A friend of mine and I did a fair amount of research picking out monitors that gave us the best bang for our bucks. I'm really happy with my Thunderbolt Displays. They're IPS and they're quite high PPI. This time, I wanted to try something a little cheaper and a little larger and I wanted to try a VA panel so I ended up getting a BenQ BL3200PT. This monitor, I think, has the same panel as the Samsung S32D850T, which has a slightly smaller price tag.

Screen Real Estate

When I talk about screen real estate, I'm not talking about the diagonal size of the screen; I'm talking about the resolution of the screen. Having a larger screen doesn't do anything for you (at least not in the sense of a computer monitor) with regard to how much information you can fit on the screen at one time. The difference between an HD 1080 screen at 27" vs. 32" is just stretching. Resolution, however, is how many pixels the screen has. The more pixels there are, the more options the computer has to present data (provided you have the visual acuity to perceive the data without scaling).

These displays are 2560 x 1440 or WQHD and are the same resolution as my thunderbolt displays, albeit over a larger surface area. Thus the resolution is not quite as crisp as my thunderbolts, but still these are very high quality screens. If you're into lower pixel pitch and higher PPI, I don't blame you. Higher pixel density screens are much more pleasant to look at, but they do come at a cost.

Comparing Resolutions

There are two very common resolutions in offices these days. An older WSXVGA+ which is an 8:5 aspect display at 1680 x 1050 pixels. HD 1080 is also quiet popular which is the 16:9 display at 1920 x 1080. The HD 1080 has about 17.6% more pixels than the WSXVGA+. By comparison, the WQHD, also 16:9, has 2560 x 1440 pixels (sometimes called 1440P). It has about 77.8% more pixels than HD 1080 and about 110% more pixels than WSXGA+. That is to say that if you have 1 WQHD display, you have more pixels than a dual screen WSXGA+ setup.

Benefits of Screen Real Estate

The benefits of additional screen real estate, unfortunately, are easier to experience than they are to describe. Having additional real estate may mean that you will sense more data at the same time, but does not necessarily mean you will perceive these data. Similarly, having the ability see multiple windows does not mean that you won't just continue editing one file at a time in a full screen editor. On the other hand, not having the ability to optimize your workflow guarantees that you will not.

Anecdotes

I do have a few anecdotes that buttress my belief that having more screen real estate is inherently valuable. One time when I'm particularly keen to the benefits of higher resolutions is when I'm developing responsive designs. I'll often dock my browser's DOM inspector on the side and I'll slide the split pane to different responsive breakpoints watching the HTML/CSS changes flash in the inspector. The additional real estate means I can see meaningful data in the DOM inspector and the responsive design at the desktop breakpoint at the same time.

Another time I notice the benefits of having additional screen real estate is when working on native mobile applications. Native development often involves simulators and emulators. Scaling during emulation isn't always well supported. Thus, the additional pixels allows you to see the entire simulator at once.

Another example that I found particularly fascinating happened shortly after I took over a new project. I had been working on the project for a few weeks from the client site. One day, I was working remotely and I had my terminal window off to the left and I had the application in a browser to the right. This is a usual screen configuration for my workflow on my cinema displays. I had changed some code and the application reloaded. When it did, I noticed dozens of queries pop up in the log. None of the ORM queries had been optimized to prevent N + 1 queries. I spent a few hours fixing those, but may never have noticed them had I not had enough room on my screen to comfortably view the browser and the terminal at the same time.

Summary of Benefits

Typically on HD 1080 and especially on WSXGA+, I have only one window visible at a time. That's why I didn't notice the N + 1 queries until I was remote. There may be myriad other benefits of the additional screen real estate when considering looking at code in multiple panes, test driven development, debugging, guard and live reload, etc.

Costs

High quality screens can be expensive! The thunderbolt displays are almost $1,000 each. The BenQ was $550. The Samsung is $500. It's hard to imagine pulling out all of your existing displays and replacing them with displays that cost several hundred dollars. Heck, I spent hours justifying buying only one.

That's why it clicked. At some point I realized, it doesn't take much before the investment in display technology pays off. According to several job posting / salary research sites, the average developer in Atlanta makes about $120K per year. To keep the math easy, I'll call it $100K (also because I like lowballing estimates like this). Normally, overhead on a W-2 employee is roughly 25% - 50% of annual salary. If you have a very modest benefits package (and not a lot of PTO), then an average developer in Atlanta will cost about $125K per year.

Even if your organization buys these screens the same way I did (i.e., no sales tax and no bulk discount), then it'll cost about $550, or about 0.4% of the cost of an average developer. That means that if you bought 100 of them, it would cost less than half of the annual salary of your average developer for a year. Thus, if you have 100 developers and you get 100 screens and each developer is 0.5% more productive for the year, then you actually make money on the investment.

If the cost still seems too high, you don't have to get VA panels. In fact, 32 inch screens are pretty big (they take up a lot of desk real estate too). These 25" Dell U2515H IPS panels were only $350 at the time of writing. 100 of these would be less than 1/3 of the underestimated developer annual cost.

Recuperating Costs

The average American works 1,780 hours per year. To recuperate 0.28% of a developer's cost, the developer only needs to produce about 5 hours more per year. That could be working an additional 5 hours per year because work is more fun. It could be 5 hours saved by not having to tab between windows and the cost of brief context switches. It could be 5 hours not spent tracking down performance issues in production because some N + 1 queries sneaked through.

It could be 5 fewer hours spent recruiting great job candidates because the technology makes the company a better place to work. Developers with neat technology are more inclined to passively as well as actively recruit for you. This can bolster your recruiting efforts, also saving money. Similarly, developers with a satisfying work environment are less likely to leave their jobs reducing the high cost of turnover.

Studies on worker productivity show that American workers tend to have about 6 (and some studies show as few as 3) productive hours in an 8 hour workday. Better screens may improve ideal hours per day. That means if all of your developers show up Monday morning and find their brand new screens, and in their excitement they're productive for 8 hours on Monday and Tuesday (rather than 6) and 7 hours on Wednesday, then in the first 3 days, the screens have paid for themselves. I could be completely wrong about everything else and your net could still be more valuable somewhat liquid (they have good resale values) assets for free.

Remember, you only need 5 additional productive hours per year to cover the cost of 1 high resolution display … and that's if you buy new screens every year. If you plan on keeping the displays for 5 years, it's just 1 hour per year.

Incredulous?

Let's consider a more pessimistic case. Let's say your staff, on average is pretty junior (and you're using technologies that aren't particularly backend heavy. If that's the case, your developers may cost you an average of $80K salary and per year and $20K in benefits, taxes, recruiting efforts, etc. Let's say they also take no vacation or sick leave and thus work a full 2,080 hours per year. Further, your staff is productive 100% of working hours.

In this case, you're paying an average of $48 per productive work hour. If you buy very nice displays at say, $960 each, then you need 20 additional productive hours to cover the cost of one display. Even in this very unlikely case, that's less than 1% per developer. And they don't need to work 2,100 hours in a year per se. They can be 1% more efficient. That means if they're writing 100 lines of perfect code per day, then to cover the cost of a new display, they only need to write 100 lines of perfect code per day (and on the tenth day, perhaps they write 10 extra perfect line of code . . . or better yet, they delete a line or two).

More likely your average developer is closer to $125K per year, they work 1,780 hours per year, and they are productive fewer than 6 of every 8 hours. Thus, their cost is $94 per productive hour. Also, it's very reasonable to get smaller IPS WQHD panels for $350 each (especially if you have a large team and get a bulk or corporate discount). So, you need fewer than 4 hours per developer or 0.3% more productivity. An average developer contributes 10 lines per day to the codebase (Mythical Man Month) so to break even on your investment, your average developer only needs to net an additional 3 lines of code every quarter.

n.b., I don't support using lines of code as a measure of productivity. It's merely illustrative of the relative scale of the cost of a display to the cost of a developer. Try your own calculations using bugs sent to production, mean time to defect resolution, etc.

Recommendation

I recommend making an investment to replace low resolution displays for developers and pairing stations (and I would consider broadening the reach really to non-technical employees as well) with high resolution displays. I think that the cost of the hardware would be recovered very quickly by improved developer efficiency and performance. The investment is low risk because the cost is relatively low and the displays are a moderately liquid asset.

If you have 100 developers on your team, it may be hard to get approval for the capital to buy $35,000 worth of displays. In that case, you can always hire another developer (well, you can try at least) for $35,000 per quarter.

Display Options

Dell P2416D 24 Monitor with QHD 23.8-Inch Screen, Black
Dell UltraSharp U2515H 25-Inch Screen LED-Lit Monitor
Dell UltraSharp U2715H 27-Inch Screen LED-Lit Monitor
BenQ BL3200PT 32-inch WQHD 10-bit USBx4 HDMI Monitor built for Creative Class
Samsung 32" WQHD LED Monitor (S32D850T)

Wednesday, June 10, 2015

Project Nostalgia: Warehouse Management

All Work and No Play

Early in my development career, I got a job at an entertainment company that rented party supplies like inflatable bounce houses, inflatable slides, human gyroscopes, etc. On my first day, I was introduced to my new boss, the owner of the company, on his way out the door headed to China for 2 weeks.

I introduced myself, thanked him for the opportunity, and asked what he wanted me to work on while he was gone. "You'll figure it out," he said, "make us some money." And out the door he headed.

Once I found my office and tracked down a computer, I sat down and thought, "what the heck am I going to do here?" Having just gotten my MBA, I decided I'd take a page from my business consulting class and just "see what my lantern shows me." I walked around asking my new coworkers what the company does, what they do, and what could make their lives easier.

There were the usual gripes, manual processes, duplicate paperwork, etc. One problem in particular, however, I found particularly intriguing. It turns out that the company had an uncomfortably high refund rate because they'd show up at parties and equipment would be missing. They also would only schedule a few parties a day, despite having plenty of equipment to spare, because it took so long to prepare for an event. Similarly, they required reservations be made a week in advance.

Shopping in Your Own Warehouse

If you're like me, when you make a grocery list, you write items down in the order you think of them. Then, when you go to the store, you walk up and down the items, grabbing things from the list and crossing them off as you go. Also, if you're like me, sometimes you pass an item and you have to go back. Or, you don't notice an item that you missed and you go home without it.

If you want to try an experiment (actual or thought), commit to going to the grocery store and getting everything on your list in the order it appears on your list. You'll probably find you forget less stuff, but you do a lot more walking around the store. It's not a particularly efficient way to organize a shopping trip. If you implement this in, say, a warehouse you may issue fewer refunds but you can't increase the number of events you can service in a day.

I'm sure by now, you're imagining myriad ways to organize a list of grocery items so that, if nothing else, at least you have some consistency. You could organize them alphabetically. That way, your items on your list will follow more or less the same pattern visit to visit. That may or may not be better than in the order you thought of them (assuming you remember grocery needs that are grouped together).

Imagine, however, that you can't sort your grocery list in the order you think of it. Imagine you can't even sort the list alphabetically. In fact, your only option is to sort the items on the list in the order the item first appeared in your grocer's inventory. Imagine how nonsensical it would be trying to track down where all of your groceries were. How much you'd forget (or perhaps even leave deliberately). That's what we had.

A Guided Tour

I printed our inventory list and I walked around the warehouse writing down the exact coordinates of every product and every component we had. I also estimated the volume, weight, and stack-ability (if you will) of the item.

Hoping to get a cheap win and to prove that it could make a difference (some of the guys in the warehouse weren't interested in their inventory lists being optimized), I got a few of the guys to agree to try it out for 1 day. I entered my data into the inventory table and sorted the inventory list by aisle, bin, then level. That was it. Only took a few minutes, was easy to revert if it failed, and I could switch it based on the user.

When I got back from lunch, one of my coworkers who sat outside my office said, "hey, warehouse really wants to talk to you … they've been in and out of here constantly since you left." I thought, "oh no . . . I probably broke something and they can't print inventory lists at all now."

I headed out to the warehouse preparing my apology. I had barely walked through the door when someone said, "hey Patrick, check this out?" There were several palates stacked with boxes and party equipment distributed along the loading dock. "What's up?" I asked.

Turns out my first sorted list was such a hit that they decided to start racing each other to see who could fulfill the inventory list faster. They had not only prepared the next days events, but several days after. I know it doesn't sound like it should take that long, but this warehouse typically had 4 or 5 people preparing 10 or 15 parties a day give or take.

A Deliberate Solution

Feeling I'd created some real value, I went back to my sorting. I updated the logic so that bins were in reverse order on odd number aisles (they started at the end of aisle 1, went to 2, the back up 3, and so forth). I sorted the items so that, given close proximity, the larger or heavier items would appear in the list first so they'd be on the bottom of the cart.

In the display, I grouped the items by aisle. Once I did this, I realized I should start at the end of the first aisle that had equipment on the list, then continue on the beginning of the next aisle with equipment (rather than just naively going up and down each aisle). With the help of the warehouse team and some statistics I pulled from the historical invoice data, we also started physically grouping items based on how frequently they were pulled on the same list.

Some of them were obvious. If you ordered an inflatable, you'd likely also get a blower. People who rent tents also rent chairs. Some were less obvious. People who rented dance floors typically didn't rent inflatables but did rent a bar and concessions. Once we established that not only could we control our own inventory but that we can control our own reports, it became a game to optimize the process.

In the end, it only really took 1 person to run the entire warehouse, though we staffed 2 because people liked working together. The rest of the warehouse team got promoted. It was actually something of a coveted job to get to deliver the equipment, spend some time outside, visit with the people having the party (partying people are usually pretty happy people).

We also started booking more parties. We even booked parties same day if we had the equipment and the people available. I'm sure there are COTS products that are really good at solving this very problem, but solving a real business problem with feedback from the people who were most impacted by it and seeing measurable gains in revenue was well worth the effort. It also help build some relationships and establish a collaboration they'd never had before (I was the first developer who worked onsite).

Sunday, May 24, 2015

Remote Interview Pairing Challenge with Cloud9

Cloud9 IDE

My interview process typically involves just trying to get to know someone to see if we're a good match culturally. After all, if you have a good mind for development, I know you'll be great if we can put you in the right environment with the right culture. As a result, I tend to spend a lot more time talking about what kinds of problems a developer finds interesting, what sorts of roadblocks she finds frustrating, and what technologies we have in common.

There is, however, still the necessary evil of seeing how far along the candidate is on the programming journey. To that end, I usually try to do a very basic code challenge. Normally it's something simple enough that we can still have a healthy conversation while we solve it together as a pair, and it's not so academic as to be useless in real life. Mostly, I just want to pair together to solve a problem.

I give the candidate the opportunity to select the language of her choosing and typically I'll know it well enough that we can pair to solve the problem. I explain the challenge, we set up unit tests, write a failing test, and make it pass. Sometimes, if I don't feel like I know enough, I'll change it a little and we'll try to adapt to the changes together.

This has been such a positive experience for me (and for the candidates I've talked with after their interviews), that I've spent a fair amount of time practicing the process. As I recently discovered, it's such a fundamental part of my interview, that I was completely unprepared when a client asked me, at the last minute, to step into an interview to do a pairing challenge with a candidate . . . who was remote!

Remote Pairing Interview

We tried to come up with a few options for doing the code challenge. After all, our shop pairs pretty much all the time and we try to be supportive of remote work. I mean, we've solved this problem before; however, it's seldom without hiccups. I know that candidates are usually nervous in an interview and I feel a lot of responsibility to help set their minds at ease. To that end, I like to appear calm, collected, and organized.

We considered using tmate and vim. We talked about screen sharing with TeamViewer. We also thought about just letting this candidate work on a harder challenge, maybe something from Hacker Rank or Project Euler, and email us the solution.

Shortcomings

Each of these had a downside. Tmate would give the dev access to my machine and I wanted to let them do whatever they wanted without putting my machine in his hands. Alternatively, his machine could host but I wanted to be able to get to the solution later. Screen sharing with TeamViewer isn't as responsive as I like when pairing, especially if I want to be able to help out rapidly. Also, I type in Dvorak and sometimes that's an issue (turns out he does too . . . by the way). The async challenges, while good, don't let us know if we'll enjoy pairing together.

Enter Cloud9

I remembered, a while back, running across Cloud9 and playing with it a little bit. I thought, "hey, what if we just try this?" Cloud9 would give us a sandbox that we can work in with a full ubuntu virtual machine. The candidate can do whatever he wants to it, we can code, install tools, whatever. I said, "hey, give me a second . . . I'm going to try this Cloud9 thing . . . go ahead and get your account set up and I'll invite you to a project."

In about 5 minutes, the candidate, my co-worker, and I were pairing and running tests on our Cloud9 workspace. There were no security concerns, communication was simple, we still installed and used tmux and vim, we had a sandbox, I was able to save the code. It was a really great experience. Not only did we offer a position to the candidate, but the candidate has been happy on our team ever since. I consider it a sign of a good interview when a candidate takes a position and I think that Cloud9 had a lot to do with this one.

Next Steps

I've not used Cloud9 (or any web based IDEs for that matter) on day to day work. Unfortunately, I'm not really in a position to try it out on the free tier. At some point, I want to go ahead and get a subscription and see how well it works out for me. I certainly see the value of cloud based IDE services and I like the idea that the most expensive development hardware you need is a Chromebook.

Okay, so maybe that's a little hyperbolic, but not for long. We have pairing stations that we treat like cattle rather than pets. We can wipe it completely clean and have it up and running again ready to go in just a few minutes. The hardware isn't commodity, but it could be. In fact, it could just be a web interface to a virtualized instance and why couldn't that be accessed from a Chromebook, pairing station, laptop, tablet, or . . . maybe in a pinch . . . a phone? Personally, I like it and hopefully I'll get a chance to push Cloud9 beyond "hello world."

Wednesday, December 31, 2014

Our 2014 Charity Picks

Charitable Giving

We feel lucky every day. Our community has provided us with a great place to live and work. Our kids can grow and learn in safety and comfort. We're surrounded by opportunities personally and professionally.

For that, we are eternally grateful, and we like to give a little bit back to our community. We work hard to research the charities we choose to support and to make sure they're doing the greatest good with their contributions.

Here are the charities we selected for 2014

Episcopal Relief and Development

Episcopal Relief & Development works to save lives and transform communities worldwide. They rebuild after disasters and empower people to create lasting solutions that fight poverty, hunger, and disease. They working in 40 countries impacting the lives of nearly 3 million people around the world.

ERD has a high rating on Charity Navigator. While we typically seek a higher rating, it's very close to the highest it can be and we have close personal ties with the organization.

One thing we love about this program is you get to donate specific needs to the communities you're supporting. This is certainly the first time we've donated a cow and chickens. We also funded farming tools and community gardens, prenatal and postnatal maternity care, and 1 year of education for 5 girls.

Tiger Flight Foundation

A little closer to home, the Tiger Flight Foundation, base in Rome, Georgia inspires kids to be "Pilot in Command" of their own lives. All donations go toward the motivational and character development programs.

My relationship began with Tiger Flight as a volunteer pilot. I had a young man in my plane and as we taxied out, he said, "I've never been in a plane before." I asked him what was his favorite place to visit. He told me he'd never been out of Rome, GA. He was nervously excited as we started rolling down the runway.

We had barely left the ground when he could no longer contain his excitement and he looked at me almost teary-eyed and said, "I feel like I can see the whole world from here!" I thought, "from here kid, the whole world is in front of you . . . and I think you'll see it."

Friday, December 5, 2014

Secure Foscam IP Cameras with SSL on Raspberry PI and NGINX

Foscam + Raspberry Pi = SSL

When my first kid was born, my wife and I wanted a convenient, cheap, but externally accessible way to monitor our daughter. Thus, the usual baby monitors wouldn't do the trick. We ended up getting a really handy and super cheap Foscam FI8910W IP Camera.

Everything about it is pretty great … except security. For that reason, I never poked a hole through my firewall so that friends and family could peek in on Piper from time to time. I could always access the camera over VPN, but nobody else could ('cause I'm stingy with my network access).

When I found out I had another one on the way, I decided that not only did I need another camera, but I needed a more convenient way to securely access my cameras from outside my house. I decided I to pick up a Raspberry Pi and expose an https endpoint that could reverse proxy requests to my ip camera. This way, I have a secure connection into my house. It's still plain text between the camera and the pi, but that's inside my network and I'm less concerned about it there.

In any case, I picked up a Raspberry Pi Starter Kit which I recommend for your first pi. It'll come with the components you'll need to get set up. The second time I did this (for the sake of recording the steps to write this blog, I just formatted my own noobs card and I used the wifi dongle from the previous pi kit.

I tried to install noobs lite on an 8gb microsd card I got from the Raspberry Pi Downloads page, but noobs lite didn't work with the wifi dongle so I recommend plain old noobs. For the second time around, I just downloaded Raspbian and used dd to image the microsd. Again, I recommend noobs (and I recommend the starter kit) unless you feel pretty comfortable with command line utilities. If you are, use the instructions for installing operating system images from the raspberry pi site.

Pi

That being said, with noobs, you just format your micro SD card with FAT and copy the contents of the noobs zip to the sd card root. Put the SD card in the pi, connect the mouse and keyboard, connect ethernet or the wifi dongle, connect some video output, etc. Then, plug in the device.

The first thing to do is get connected to wifi. It's easier to do in the GUI so run startx, configure your wifi network, and log out.

Enable SSH in sudo raspi-config.

Using SSH to administer a box is kind of a pain without tmux so get that. Also, vim is awesome so get that too. Finally, we're going to be using nginx as our reverse proxy so install that as well.

sudo apt-get update && sudo apt-get install tmux vim nginx
To make SSH even easier, scp your public key to your pi's ~/.ssh folder and cat it into authorized_keys.

If you are using wifi, you'll find that wifi is disable after rebooting until the dongle is removed and re-inserted. You can change this behavior by executing

sudo vim /etc/network/interfaces
and changing
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
to
auto wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

You'll want nginx to start automatically on reboot too probably so execute

sudo update-rc.d nginx defaults

Router

Give your pi a static ip address. My router lets me map static ips to mac addresses. DD-WRT lets you do that too. If you can't with your router, configure a static ip address following the Debian Network Configuration Instructions.

Give your router a static ip as well.

Forward port 443 (the default SSL port) to 443 on the pi's IP address

Get a dynamic DNS account that's supported by your router. If your router doesn't do dynamic DNS (and you can't install a decent firmware that does, you can use ddclient on your pi instead.

Domain

You'll need a domain name that you own to get an SSL certificate. Register one.

In your domain's DNS configuration, create a subdomain with a CNAME record pointing to your dynamic DNS domain.

SSL

Get your SSL certificate from Start SSL (the free certificate will be fine). You'll have to validate your domain. The process is pretty straightforward.

Download your certificate, key, and the intermediate certificates and make a unified certificate:

wget http://www.startssl.com/certs/ca.pem
wget http://www.startssl.com/certs/sub.class1.server.ca.pem
cat ssl.crt sub.class1.server.ca.pem ca.pem > ssl-unified.crt

SCP the key and the unified certificate to the pi's /etc/nginx folder (I like putting my certs in a subfolder)

Configure nginx

Create a configuration file called /etc/nginx/sites-available/ipcams

server {
  listen 80;

  server_name your.domain.com;
  server_name your.pi.ip.address;

  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl;

  ssl_certificate /etc/nginx/certs/ssl-unified.crt;
  ssl_certificate_key /etc/nginx/certs/ssl.key;

  server_name your.domain.com;
  server_name your.pi.ip.address;

  location /front_porch/ {
    proxy_pass http://your.porch_cam.ip.address:80/;
  }

  location /baby_room/ {
    proxy_pass http://your.baby_cam.ip.address:80/;
  }
}

Remove the default symlink from /etc/nginx/sites-enabled and add new symlink

cd /etc/nginx/sites-enabled
sudo ln -s ../sites-available/ipcams ./ipcams

Restart nginx:

sudo service nginx restart

Summary

So, now https requests to your subdomain are resolved by your dynamic DNS to point to your IP where your Pi is. Your Pi gets an https request and forwards it inside your well protected network (in plain text) to your camera. I keep my Pi wired to cut back on the wireless traffic that happens in plain text. In any case, this way you can get from outside your house to inside your house over an encrypted ssl connection.

Friday, November 14, 2014

Refresh/Update jQuery Selector after Ajax or other DOM Manipulation

jQuery Logo

I'm working on a more or less single page app right now. As such, there's a lot of dynamic DOM manipulation. Sometimes, we need to re-evaluate a jQuery selector to get the new set of objects after the DOM has changed.

Typically we've solved this problem by always using the selector to find the children. This became really frustrating in my Jasmine tests where I found myself doing this a lot!

    it("toggles the display of an element", function() {
        var $togglableItem = $('.togglable');
        expect($togglableItem.length).toBe(0);
        
        $button.trigger('click');  
        var $togglableItem = $('.togglable');
        expect($togglableItem.length).not.toBe(0);
        
        $button.trigger('click');  
        var $togglableItem = $('.togglable');
        expect($togglableItem.length).toBe(0);
    });

Even in production code (outside of tests) that can be kind of a pain. I wanted to be able to do something more like this:

    it("toggles the display of an element", function() {
        var $togglableItem = $('.togglable');
        expect($togglableItem.length).toBe(0);
        
        $button.trigger('click');  
        expect($togglableItem.refresh().length).not.toBe(0);
        
        $button.trigger('click');  
        expect($togglableItem.refresh().length).toBe(0);
    });

A Common Solution

I've seen some implementations of a jQuery refresh plugin that look like this:

(function($) {
    $.fn.extend({
        refresh: function() { return $(this.selector); }
    });
})(jQuery);

I have two problems with this approach. First, I don't always have my elements attached to the DOM when I want to do a refresh. In fact, typically in testing, I don't add my test elements to the DOM so I can't just reuse the selector. The selection depends on the parent jQuery object.

Second, I also really enjoy the fluency of jQuery and often make use of .end() method when it makes sense. The approach above flattens the selector stack and .end() returns the default jQuery object.

Preferred Approach

To maintain the fluency of jQuery and allow the refresh, here's what I'm proposing:

(function($) {
    $.fn.extend({
        refresh: function() { 
            var $parent = this.end();
            var selector = this.selector.substring($parent.selector.length).trim();
            return $parent.find(selector); 
        }
    });
})(jQuery);

Caveats

I haven't used this in the wild yet. I know .selector is deprecated, but it's the best I could find for now. It does, however, work pretty darned well in my Jasmine tests. :)