Un-college

A couple of years ago, I was attending freshman orientation with one of my sons, who was just starting college. In the parents’ meetings, they described the health center, the counseling center, the health club, the dining halls, etc. It occurred to me that a lot of this infrastructure had nothing to do with academics, but was all about the fact that there were a lot of 18 to 22-year-olds living here.

In our society, people that age are not kids anymore, but they’re not quite adults yet. This is a time of transition and many of the facilities and services provided by colleges are supportive in nature, as opposed to academic.

It occurred to me that there are a lot of people that age who either don’t want or can’t afford to go to college but who would still benefit from this kind of infrastructure.

It gave me an idea of an “un-college”. At this point, it’s still just an idea – but I’m trying to figure out how to bring this to life. My mental image of it looks something like this:

An un-college won’t have:

  • Accreditation
  • Degrees
  • Grades
  • Traditional Classes

An un-college would offer:

  • Training in job skills
    • Hard skills (mostly technology related)
    • Soft skills (how to make yourself “hire-able”
  • Residence Life
  • Social interaction with other people of similar age
  • Mentoring
  • Connection opportunities with potential employers

The cost of college continues to rise. I think it’s inevitable that more people start to re-evaluate the attitude of “you’ve got to go to college to get a good job”. I think technology skills offer an alternate path. In my experience in the technology field, if you can do the more – most people don’t care if you have a degree.

Look for more information about this here going forward. If you’re interesting in discussing ideas, I’d love to hear them.

P.S. I know that careers in the trades are another alternate path. I think that’s a part of this discussion, but I’m a technology guy so I’ll leave that to others, like Mike Rowe and https://gobuildalabama.com/

Dip your foot into Continuous Deployment (CD)

DevOps is a big deal in software development right now. Continuous Deployment (CD) is a big part of this trend. (Not to be confused with Continuous Integration, or CI.) You can find more technical definitions of Continuous Deployment, but it’s really about automating the process of getting new code onto your production servers after it has been built, tested and approved. The goal is make this as automated a process as possible, because when people have to manually copy files and change configuration settings – mistakes happen, no matter how many checklists you have.

If you are a ASP.Net developer (Framework or Core) and you’re using Azure App Services to host your application – your App Service can build your Azure DevOps pipeline for you. What’s a pipeline? Here’s a good introductory video:

Azure DevOps is the re-branded Team Foundation Services and I think it’s really good. (It’s free to setup an account for 5 users, so – if you’re already using Azure, why wouldn’t you try this?)

In the video, he demonstrates setting this up in the DevOps console. If you start from your Azure App Service console and go to the Deployment Center – it will create a starter pipeline and release for you. (Azure DevOps isn’t the only one it works with. I’ve used the integration to GitHub and more are listed.)

It just takes a couple of minutes and you should have a working pipeline. If you’ve been publishing from your development computer’s Visual Studio, you’ll want to delete the publishing profiles to remove the temptation of pushing directly. Now that you have the pipeline, always deploy using that.

Grace

One of our family cars slid on a wet curvy road and took out someone’s brick mailbox. (Everyone is fine. No one was hurt.)

Talking with the affected homeowner, she said that was about the 8th time that someone had had some kind of wreck in her yard. I know she had to be thinking “Are you kidding me? Again?”

But what she did was offer a hug and say “I’m so glad that you are not hurt.”

She’s probably facing a couple of weeks of hassle to fix something that wasn’t her fault, but I was blown away by the grace she offered us. I would love to think that I would be as graceful as she was to us if the roles are reversed, but I’m not at all confident that would be the case.

At a moment when she had every right to yell and complain, she made a bad night a little better than it could have been by being human. It was really humbling and inspiring.

Grace is a really wonderful thing, if you can manage it. I hope to be able to pay it forward.

Authentication vs. Authorization

These aren’t just “10 dollar words” that both start with the letter “A”. If you have an application, you need to understand the difference between these two things.

Let me try to explain this way. Not too far from where I live is a semi-famous (infamous?) bar called the Flora-Bama, so named because it’s on the state line between Florida and Alabama. For purposes of this, imagine that the drinking age in Florida is 18 (it’s not) and that the drinking age in Alabama is 21 (it is). (The Flora-Bama is pretty big and I think there are bars on both sides of the state line. Let’s assume that’s true.) In this scenario, if you’re 19 – you can buy a beer from the bar on the Florida side, but not from one on the Alabama side.

Imagine the doorman out front is checking IDs and putting wristbands on everyone – yellow if you’re 18-20 and green if you’re 21+. That’s authentication. He checked your ID and identified you but didn’t make any decisions about what you could and couldn’t do.

If a yellow-banded 20 year old walks up to an Alabama-side bar, the bartender there will refuse to serve the patron based on the color of the wrist band. This is authorization. The bartender doesn’t check the ID again, but just makes an authorization decision based on the previous authentication.

You can (and in many cases probably should) outsource your application’s authentication function. When you see sites let you “Login with Google” or “Login with Facebook”, that’s what’s happening. They are letting Google or Facebook handle the authentication, but the actual site still has to decide what the user is permitted to do.

The simplest ramification of “outsourcing authentication” is – one less password for your site’s users to remember. More importantly, if you aren’t storing passwords – they can’t be stolen if your data is breached. Of course, you’ll need to decide if all of your users are likely to have a Google or Facebook account (or whatever service you choose to trust to authenticate).

Comfort Zones

A few days ago, I was walking into the downtown Chick-fil-A close to where I work. Outside was a man in a wheelchair. At first, I thought he was a panhandler, but then I realized he had a sign hanging on his wheelchair with a web address. This caught my attention.

His name is Donnie. Turns out – he has cerebral palsy and sells candy to support himself. (This is his web address if you want to find out more about him. If you’re so inclined, consider supporting him.) I was very inspired by his story.

As I was thinking about his story and how he probably got started selling candy, one of the things I was struck by was “he doesn’t really get to have a comfort zone”.

It made me realize what a luxury having a comfort zone is. A luxury is something that’s nice to have, but that you don’t need. I wonder what we all (especially I) could accomplish if we realized that we don’t have to stay in our comfort zones.

WordPress plugin for Google Analytics

I’ve used WordPress for years. Everytime I’ve gone looking for a plugin to include the tracking code for Google Analytics, what I found was overkill so I wrote my own.

It adds one field to the General Settings screen to let you enter your Google Analytics Tracking ID. That’s all there is to it.

You can download it from https://wordpress.org/plugins/technicality-google-analytics/ .

Pronouns

I’ve noticed that frequently when communication is unclear, the problem is pronouns. More specifically, the pronoun not having a clear antecedent.

“It’s not letting me …”

I work in technology and many times, clients and end users don’t know the correct name to call something, so I hear a lot of “it” used to describe something without it being clear what “it” refers to.

I understand not knowing the correct names of things. When I take my car to the mechanic, the shoe is on the other foot. I try to make up a term (“the curvy thing”). Even if it’s not the technical name, that’s a better antecedent than just saying “it” without context of what you’re referring to. Frequently, there have been several things mentioned earlier in the discussion and “it” isn’t clear enough.

Adventures in phone number porting

We were recently helping a client port some numbers from a traditional telecom carrier (Spectrum) to a VOIP carrier. The scheduled time for the transition came and the PBX was configured to receive calls from the new VOIP trunk. We tested calling the phone numbers and they showed up in the PBX as expected, so all seemed OK.

A few days later, the client (a medical imaging center) called and said “a referring physican is trying to fax something to us and they’re saying that our number is out of service. I called the number and got fax tones so I assumed the doctor’s office just made a mistake.

But – this kept happening. After days of troubleshooting (the client is successfully receiving faxes from other senders all during this time), I was finally able to reproduce the problem calling from one particular phone line. It finally occurred to me that the line I was calling from was a Spectrum line and we had just ported the number away from Spectrum. We checked with the location that was having trouble faxing our client, and – sure enough, they had Spectrum phone lines as well.

Apparently when Spectrum ported the number out, it worked for the rest of the world but if you were originating a call inside the Spectrum voice network – some configuration hadn’t been changed so from that point of view – it thought this was still an “internal” (to the Spectrum network) call but there was no active line there. Hence – the “this number is out of service” recording.

It took a couple of weeks of working with different people at Spectrum to get this corrected, but they finally did. This definitely falls in the Murphy’s Law category (“whatever can go wrong, will go wrong”). I didn’t even know this was a thing that could wrong.

Posted in IT

AWS Load Balancers and HTTPS

I was helping a client with his web server that is hosted in AWS (Amazon Web Services) EC2. He had gotten a certificate to enable HTTPS but it wasn’t working.

AWS offers free certificates, but you can’t install them into the EC2 web server. In this case, he had set up a load balancer in front of the web server and the Certificate Manager certificate was set up there. This means that when the end user browses to this website, the browser is really talking to the load balancer and load balancer is talking to the web server and passing information back and forth.

I made some assumptions about how he had set up the load balancer forwarding so it took me awhile to get my arms around what was going on. I was configuring the Apache web server to do redirects in the .htaccess file. He wanted to force browsers to use HTTPS and wanted to make “www” his “authoritative URL”, meaning if someone typed “domain.com” into their browser, it would redirect them to “www.domain.com”. (This is a good idea for SEO. Google doesn’t assume/realize that domain.com and www.domain.com are the same website.)

http://domain.com was redirecting perfectly to https://www.domain.com, but http://www.domain.com was not redirecting to https://www.domain.com. I finally realized that the load balancer forwarder was configured via HTTPS and incoming HTTP and HTTPS traffic was forwarding to the webserver over HTTPS, but the load balancer was communicating back to the browser on whatever protocol they came in on. I set up the load balancer to communicate with web server using HTTP and then the redirects flowed properly back to the browser.

It’s easier to configure the load balancer to communicate with the web server using HTTP and just handle the encryption in front of the load balancer.

Posted in IT

Hosted PBXs require fine-tuned firewalls

I’ve been working with a client who has moved to a cloud based VOIP PBX server. In general, I’m a fan of this (and just about anything “cloud”) – but, there are a lot of firewall configurations that need to be just right to make this work well.

This is particularly true if you only have a single server at the hosting data center. Multiple phones at your physical location talking to a server on the other side of your Internet connection is tricky.

A better configuration involves a secure VPN connection between your physical location and your hosting provider. If they’re offering is a single server, they may not be set up to do this. Take a look at setting up a small network inside Amazon Web Services (AWS), Microsoft Azure, or Google Cloud. You should be able to setup a VPN between your physical location and any of these. Once that’s done, from your PBX and phones’ point of view – they are communicating on the same network which is much more straightforward.

Explaining NAT (Network Address Translation) is beyond the scope of this article, but that’s the complicating difference that the VPN eliminates.

Posted in IT