# 27 Jun 2017, 02:52PM: Learning To Get Around In Java:
One of Changeset Consulting's clients is working on modernizing a legacy web application; we're improving both its structural underpinnings and its user interface and outgoing APIs. It is like we are Chief O'Brien in the first season of Star Trek: Deep Space Nine, surveying and retrofitting Terok Nor. But that's not a fair comparison; O'Brien has to not only grapple with alien engineering approaches, but with the resentful and deliberate trashing the Cardassians inflicted on the station before handing it over. I haven't seen Stargate Atlantis but perhaps that's a better analogy; with every component of this long-asleep lost city that we resuscitate, a new console or room shimmers to life. Which is pretty rewarding!
The original authors wrote this application in Java. I've never worked on a Java application before, so the last few weeks have been quite an education in the Java ecosystem, in its tools and frameworks and libraries. We're improving the installation and deployment process, so now I'm more familiar with Ant, Gradle, Maven, OpenJDK, JDBC, Hibernate, and WildFly. I've gotten some API documentation in place, so now I know more about Spring and Javadoc.
As I was explaining to a friend this weekend, the overwhelming thing isn't Java as a language. It is a programming language and you can program in it, fine. The overwhelmption is the seemingly endless chain of plugins, platforms, and frameworks, and the mental work to understand what competes with, supersedes, integrates with, or depends on what.
Imagine you come to visit New York City for the first time, and wish to visit a specific address. First you need to work out where it is. But you do not have a map; there is no unified map of the whole place. Surely you can figure this out. Watch out: if someone doesn't tell you what borough an address is in, it's probably in Manhattan, but then again maybe not. There are multiple streets with the same name, and "31st Street and Broadway" in Queens is quite far from "31st Street and Broadway" in Manhattan. The avenue numbers go up westwards in Manhattan, eastwards in Brooklyn, and northwards in Queens. And so on.
You ask around, you see sketches of maps other people have made on their journeys, and eventually you feel pretty confident that you know the rough distance and direction to your destination. Now, how do you get there from your hotel room?
You probably don't want to walk all the way; for one thing, it's illegal and dangerous to walk on the freeways. This is why we have the subway (express and local), and buses (express and local, both privately and publicly run), and government-regulated taxis (street-hailable cabs and private car services), and bike rental, and commuter rail, a funicular/tram, car rental, ferries, and so on. Also there are illegal rideshare/taxi services that lots of people use. You try to learn some nouns and figure out what sort of thing each is, and what's a subset of what.
A MetroCard works on some of these modes and not others, and some transfers from one ride to another cost you nothing, and you can't use an unlimited-ride card twice at the same station or on the same bus within 18 minutes.* You can bring a bike on some MTA-run services but not all, not all the time. There are whole neighborhoods with no subway service, and whole neighborhoods with approximately no street parking. At rush hour the trains get super full. Service changes at night, on the weekend, and on holidays. Cars and buses get stuck behind accidents and parades. People and signs in Manhattan refer to "uptown" and "downtown" as though they are cardinal directions; they often correlate to "north" and "south" but not always. Metro North trains terminate at Grand Central, but Long Island Railroad trains terminate at New York Penn Station, which is named after Pennsylvania because it's where you can catch a train to Pennsylvania,** and there's a Newark Penn Station too but over a crackling loudspeaker those two station names sound very similar so watch out. And so on.
You're lucky; you find a set of cryptic directions, from your hotel to the destination address, based on a five-year-old transit schedule. It suggests you take a bus that does not exist anymore. Sometimes you see descriptions of travel that you think could be feasible as a leg of your journey, and you read what other people have done. They talk about "Penn Station" and "the train" without disambiguating, refer to the subway as "the MTA" even though the MTA also runs other transit, talk about "the 7" without distinguishing local from express, and use "blocks" as a measure of distance even though some blocks are ten times as long as others.
Aaaaagh. And yet: you will make it. You will figure it out. New Yorkers will help you along the way.
The decades-old Java ecosystem feels overwhelming but this application overhaul is like any other task. Things are made of stuff. Human programmers made this thing and human programmers can understand and manipulate it. I'm a human programmer. I made Javadoc do what I wanted it to do, and now the product is better and our users will have more information. And every triumph earns me a skill I can deploy for other customers and groups I care about.
* Just long enough for you to enjoy a little break from the podcast you're making with President Nixon!
** Also see St. Petersburg's Finland Station.
# (2) 13 Jun 2017, 10:41AM: Transparency And Accountability In Government Forensic Science:
In February, I learned that the New York State Assembly was planning a public hearing on government oversight of forensic science laboratories, and then was invited to offer ten minutes of testimony and then answer legislators' questions. This was a hearing held jointly by the Assembly Standing Committees on Codes, on Judiciary, and on Oversight, Analysis and Investigation and it was my first time speaking in this sort of capacity. I spoke on the importance of auditability and transparency in software used in devices the government uses in laboratories and field tests, and open source as an approach to improve these. And I testified to the efficiency, cost savings, security, and quality gains available by using open source software and by reusing and sharing open source software with other state governments. Here's a PDF of my testimony as written, and video and audio recordings are available as is a transcript that includes answers to the legislators' questions. It is a thrilling feeling to see my own words in a government hearing transcript, in that typeface and with those line numbers!
As I was researching my testimony, I got a lot of help from friends who introduced me to people who work in forensics or in this corner of the law. And I found an article by lawyer Rebecca Wexler on the danger of closed-source, unauditable code used in forensic science in the criminal justice system, and got the committee to also invite her to testify. Her testimony's also available in the recordings and transcript I link to above. And today she has a New York Times piece, "How Computers Are Harming Criminal Justice", which includes specific prescriptions:
Defense advocacy is a keystone of due process, not a business competition. And defense attorneys are officers of the court, not would-be thieves. In civil cases, trade secrets are often disclosed to opposing parties subject to a protective order. The same solution should work for those defending life or liberty.
The Supreme Court is currently considering hearing a case, Wisconsin v. Loomis, that raises similar issues. If it hears the case, the court will have the opportunity to rule on whether it violates due process to sentence someone based on a risk-assessment instrument whose workings are protected as a trade secret. If the court declines the case or rules that this is constitutional, legislatures should step in and pass laws limiting trade-secret safeguards in criminal proceedings to a protective order and nothing more.
I'll add here something I said during the questions-and-answers with the legislators:
And talking about the need for source code review here, I'm going to speak here as a programmer and a manager. Every piece of software that's ever been written that's longer than just a couple of lines long, that actually does anything substantive, has bugs. It has defects. And if you want to write code that doesn't have defects or if you want to at least have an understanding of what the defects are so that you can manage them, so that you can oversight them (the same way that we have a system of democracy, right, of course there's going to be problems, but we have mechanisms of oversight) -- If in a system that's going to have defects, if we don't have any oversight, if we have no transparency into what those instructions are doing and to what the recipe is, not only are we guaranteed to have bugs; we're guaranteed to have bugs that are harder to track down. And given what we've heard earlier about the fact that it's very likely that in some of these cases there will be discriminatory impacts, I think it's even more important; this isn't just going to be random.
I'll give you an example. HP, the computer manufacturer, they made a web camera, a camera built into a computer or a laptop that was supposed to automatically detect when there was a face. It didn't see black people's faces because they hadn't been tested on people with darker skin tones. Now at least that was somewhat easy to detect once it actually got out into the marketplace and HP had to absorb some laughter. But nobody's life was at stake, right?
When you're doing forensic work, of course in a state the size of New York State, edge cases, things that'll only happen under this combination of combination of conditions are going to happen every Tuesday, aren't they? And the way that the new generation of probabilistic DNA genotyping and other more complex bits of software work, it's not just: Okay, now much of fluid X is in sample Y? It's running a zillion different simulations based on different ideas of how the world could be. Maybe you've heard like the butterfly effect? If one little thing is off, you know, we might get a hurricane.
# (1) 08 Jun 2017, 09:30AM: Trashing, Pile-ons, Accountability ... and AEDs:
I've written a new MetaFilter post, "Distinguishing character assassination from accountability", pulling out quotes from eleven writers from the past 40 years on how we take and charge each other with responsibility and power within communities, and in particular how we do accountability in progressive groups -- from Jo Freeman and Joanna Russ discussing "trashing" in the US feminist movement to people in the last few years and weeks talking about times to get on the phone, making trusting relationships for accountability, and lessons from Occupy. Perhaps the most immediately useful link in there is this "pod" discussion and mapping worksheet.
Speaking of MetaFilter: after the US election in November, I decided to take some concrete steps to be a better neighbor, so I took a CPR and first aid class. In it I learned about how amazing and underappreciated automated external defibrillators are. I did a bunch of reading and wrote up this MetaFilter post:
If someone had a heart attack right next to you, could you get to your nearest automated external defibrillator, grab it, and use it within 3-5 minutes of their collapse? More and more, the answer is yes, because of Public Access Defibrillation (PAD) programs (that statement is from 1995; 2015 update to AHA guidelines).
In that post, I commented about how difficult it can be to get PAD data, in New York at least. I ended up sending in a document request to the New York State Department of Health, and need to review what they sent back to me. Also I happened to mention my amateur AED research while talking to my city councilmember at a local Democratic Club meeting, so he might be introducing a bill soon to make the PAD data for NYC more accessible? So that's cool.
On average, when a person in the US calls 911 because someone's suffered cardiac arrest, emergency medical responders get to the scene in 8-12 minutes (Red Cross) -- but for people suffering cardiac arrest, for every minute defibrillation is delayed, the chance of survival goes down about 7-10% (American Heart Association, PDF). Bystanders (even untrained ones) who use AEDs on victims can save lives; "Application of an AED in communities is associated with nearly a doubling of survival after out-of-hospital cardiac arrest."
But where's your nearest AED?...
# 31 May 2017, 12:18PM: Resilience:
Fifteen years ago, in my last semester of college, I was planning to set up my own desktop support business while supporting myself as a substitute teacher. I took and passed the California Basic Educational Skills Test, making me eligible to work as a substitute teacher. Then, in late May, just after I thought I had graduated, I found out that I'd made a mistake and I hadn't quite graduated, and to get my bachelor's I'd have to take another class. I took a six-week summer school class that met 4-6pm on weekdays. I started running out of money. I couldn't find temp work that would be fine with me leaving at 3:30pm to make it to class, and I didn't want to ask my parents or Leonard for more money. I started looking for jobs. I felt restless and embarrassed. In early July, I finished the summer school class, and on July 15th, I accepted a customer service job at a bookstore. I stayed there for about a year and then went to work for Salon.com, and I never got back to the teaching and desktop support plans.
Monday and yesterday, I was riding back home from WisCon with my friend Julia, and I was telling her this, and I was looking back and asking: why? Once I finished the summer school class, why didn't I go back to the plan that I had cared so much about and crafted with such ambition? Right now I'm fairly happy with where I am, but why did I give up on the thing I'd wanted to do?
I look back and I see that my mental health is better now than it was then, and I see that my parents -- though I think they wanted to be supportive -- didn't nudge and remind me, "hey, you can get back to your old plan now" -- Mom wanted me to find a way to regular employment, particularly with a government. And I so wanted to be independent of my parents and my boyfriend that a regular paycheck was so enticing -- and I didn't even consider using unemployment assistance or a credit card to give me more financial leeway. But more than all that, I just wasn't good at the skill of resilience when it came to big life plans and projects. I didn't feel like I was particularly in control of my own life, I think, and so when a big unexpected obstacle popped up, I just defaulted back to taking the opportunities that were in front of me instead of working to make my own.
This morning, catching up on friends' blogs, I see Mary Anne Mohanraj (whom I met eight years ago at WisCon):
...she thought the main difference between me and a lot of other people, is that when I want something, I tend to just try to do it, whereas she, and lots of other folks, would waste a lot of time dithering.
I think that's probably accurate. And I could try to unpack why that is, why I don't tend to hesitate, though I'm not sure I know. Some of it is base personality, some of it, I suspect, is cultural and class background -- being raised in a comfortable economic situation with parents who trained me to work hard, but also expected that I would succeed at whatever I put my hand to.
That gives me a baseline confidence that makes it relatively easy for me to try things, and even when I fail (I flunked calculus, I failed my driving test the first time, I have messed up far more sewing projects than I've succeeded at, I have plants die all the time because I forget to water them, etc. and so on), it mostly doesn't get to me. I can shake it off and either try again, or just move on to something else.
All this reflection is bouncing around in my head, jarring loose thoughts on adaptability, confidence, entrepreneurship, Ramsey Nasser on failure, saying no, danah boyd on the culture of fear in parenting, Jessica McKellar on why she teaches people to program, the big and increasing emphasis Recurse Center puts on self-direction in learning, etc. Love and strength and fear. You know, the little stuff. ;-) Onwards.
# 18 May 2017, 08:59AM: She's Out:
Tomorrow is a highway broad and fair,
And we are the many who'll travel there.
Tomorrow is a highway broad and fair,
And we are the workers who'll build it there;
And we will build it there.
Come, let us build a way for all mankind,
A way to leave this evil year behind,
To travel onward to a better year
Where love is, and there will be no fear,
Where love is and no fear.
Now is the shadowed year when evil men,
When men of evil thunder war again.
Shall tyrants once again be free to tread,
Above our most brave and honored dead?
Our brave and honored dead.
O, comrades, come and travel on with me,
We'll go to our new year of liberty.
Come, walk upright, along the people's way,
From darkness, unto the people's day.
From dark, to sunlit day.
Tomorrow is a highway broad and fair
And hate and greed shall never travel there
But only they who've learned the peaceful way
Of brotherhood, to greet the coming day.
We hail the coming day.
("Tomorrow Is A Highway" -- words by Lee Hays, music by Pete Seeger)
We didn't know how it was going to turn out. We thought she'd be in prison for decades more. And then, even after President Obama commuted her sentence, I remained privately worried that something would happen, some snag or tragedy. Yesterday she got to have a hot slice of pizza -- so a few people gathered at my apartment and shared pizza and toasted her release. It was so good to have something to celebrate with friends.
I've been listening over and over to "Tomorrow Is A Highway". It's got some lovely stark lines, like "leave this evil year behind." Time and space have unified ; it doesn't say that we'll walk into the future, but rather, that the future is this journey, and there are only two time durations in this song, days and years -- tomorrow is a highway upon which we'll travel to a better year. And it's sort of a mix of prescriptive and descriptive, prophetically defining us as the people who are making this tomorrow. This song does not explicitly say "this might happen" or "we should hope for this to happen"; instead it combines "this will happen" and "let's make it happen". It's less a song of hope, and more a song of faith and promise and invitation.
It can be hard to let go of hope, and it can be hard to let go of dread. I can stop holding my breath now. She's out. We've moved from promise to fact.
I can't seem to find my copy of Ursula K. Le Guin's The Dispossessed at the moment -- did I lend it to you? In it, Shevek thinks a few times about how our conception of time and promises and intentions work together -- a coherent future doesn't just happen, it's intentional human actions that make a "road" and breaking promises denies and breaks that "road" connecting past, present, and future.
I have been feeling as though nothing is solid under my feet. And part of that is that I couldn't trust that she'd really get to be free. But now she is. And for the sake of my own forward motion I shall work as though the next stretch of the road exists too -- perhaps every step is in some measure a leap of faith.
# 16 May 2017, 05:56PM: PyCon & WisCon:
I just updated my "Talks" page -- I'll be at PyCon May 19-25, to represent Zulip at a booth and then to help run the Zulip development sprint. I will likely also have a new zine to share!
And then I'll fly straight from there to Madison for WisCon. I am not on any panels at WisCon this year but I'm the auctioneer for the auction benefiting the Tiptree Award. This year's auction includes a signed first edition hardcover of Octavia Butler's novel Wild Seed, an "Elect Alison Hendrix" pin from Orphan Black, an art print of "Aswang, at Night" by M Sereno, and a bunch more.
(As much as I love Open Source Bridge, I won't be there this year, and I won't be at Worldcon 75 (Helsinki) either, in case you're wondering.)
# 10 May 2017, 09:59AM: OSCON, For a Single Day:
I'm going to be at OSCON in Austin, Texas to represent Zulip in the Open Source Alley tomorrow (Thursday) 10am-4:30pm. Please consider coming by and getting a demo, or just talking with us about Python 3, mypy, and how we help new contributors (especially those who have a hard time setting up development environments on their own machines).