Honeypot.net

Good Project Managers are important. As an Application Programmer, they’re your Interface to the rest of the organization. They’re your API. Believe me, you want that interface between you and their managers, unless you like giving status updates and making projection reports to pass around.

In fairness to PMs, we engineers don’t make it easy for them to do their jobs. Does this sound familiar?

PM: How long do you think that’ll take?
Engineer: Oh, I don’t know.
PM: Can you give me an estimate?
Engineer: Uh, a while.
PM: OK. I’ll write “a while” on my report. I’m sure the CEO will love that.
Engineer: Fine. 2 months.
PM: Thanks!

Now, think of all the task management applications you’ve been asked to use. Each claims to be useful for engineers (“put all your requirements and future work in one place!”), but they’re also marketed to PMs (“be able to tell your manager how long the engineers are going to take!”).

Jira is one of these. It’s awful. It’s a code smell, and if you’re interviewing at a company that says “we track everything in Jira!”, ask a lot of follow-up questions to figure out if you genuinely want to work there.

Jira itself is… fine. In isolation, it’s neither wonderful nor terrible. It just is, like a rock, tree, or slime mold. Its main feature — and what makes it potentially evil — is its immense configurability that makes it irresistible to the wrong kinds of Project Managers. A good PM will see it, tweak a couple of knobs, and start putting stories in it for the engineers to hack on. A bad PM will see it, embrace every configuration option available, and saddle Engineering with a 23 step status workflow where each story goes from “Inkling” to “Idea” to “Rough Draft” to “Planning Review Meeting 3” to “Code Complete” to “Ready for Testing” to “Testing” to “Tested” and eventually on to “Done”, “Shipped”, “Finished”, “Announced”, “Demoed”, and then “T-Shirts”. The bad PM will love this because they can give reports like “this sprint is 43.8% done and we’re 97.53% likely to hit our target”, and the engineers will hate this because they’ll spend as much time updating story statuses as they do working. A good PM won’t care about all that and will prefer to use something simpler.

A useful task manager will be somewhat opinionated. It will almost, but not quite, do what everyone wants, and will annoy everyone equally with the few things they think it does wrong. A tar pit of a task manager will claim to be everything to everyone after customization, meaning that a few people will think it’s heavenly and everyone else will despise it with the heat of a thousand suns.

Jira is one of the bad ones. If you run across someone who adores it, tiptoe away quietly and quickly.

I’ve been using Obsidian lately for taking notes and I’m certain I’ll be saying more about that later. I’m a convert. It’s what I’ve wanted for ages: a pretty UI that sits above a folder full of Markdown files. This makes it trivially easy to share data between programs, and to manipulate Obsidian’s “vault” by directly tweaking those files with external programs.

In that spirit, I’ve released the scripts I use to automate my own workflows as the Glass Knife project. They’re not polished yet but I use them daily, and I’ll keep the project updated as I tweak them for my own use.

Today we released the first public version of “The Policy Wonk”, or just “Wonk”. It’s a nifty tool we’ve been using at Amino for several months to manage our ever-growing set of AWS IAM policies, and acts as a sort of compiler/optimizer to combine lots of them together.

Although it’s a young project, I’m proud of how it shaped up and I think it’ll be useful for lots of people.

I ordered a couple of Apple AirTags and keychain holders this weekend, and UPS dropped the package off on my doorstep a few minutes ago. The outer box had not been sealed in any way — no glue, tape, or anything:

The packages inside were bent on arrival, likely from the warehouse:

I hope this is an exception. If I were a new Apple customer, I’d be unimpressed with their vaunted first impression.

I want to like Snopes but I’m not convinced that they weigh evidence correctly. As a personal anecdote, I found what I thought was a problem with their debunking of the myth that Marilyn Monroe had 6 toes. To be clear, I don’t believe that she did. Or even care. But at the time, one of the article’s supporting “facts” was that if she’d had a toe removed, she’d have to learn to walk again because it would throw off her balance and ruin her gait. (Note: the article no longer includes this fact. It did at one time, though.)

However, my wife’s a podiatrist. Part of her job is amputating parts of feet when they’re damaged or infected beyond repair. I asked her what it’s like for an otherwise healthy adult to recover from a pinky toe amputation, and she said it’s a matter of waiting for the wound site to heal and then they continue with life as normal. Even a big toe amputation isn’t all that disruptive. A vestigial 6th toe hanging off to the side? You’d never notice it was gone except that shoes would fit better.

I emailed Snopes and said that while I agreed with their conclusion, this particular supporting fact was invalid as explained by an expert in the field. They replied, in essence, that I was an idiot for believing she had 6 toes, and they left the article as-is.

That’s not at all what I thought. I just didn’t like that they were using incorrect facts to support their argument, and especially that they reacted poorly to a well-intended correction.

I’ve been skeptical of Snopes’s fact checking since then. Although I think they’re likely right most of the time, that left a bad taste in my mouth. Are other people sending them corrections about their own fields of expertise and having them rejected? I’d never know.

I greatly appreciate fact checkers and the organizations that rely on them. For instance, I might not agree with the conclusion of an article in the New York Times, but because I trust that their reporting is factually correct, I can rely on those bits of information to form my own opinions. I think Snopes means well and tries hard to do good work for a largely thankless job, and that they mostly succeed at it. However, as with Wikipedia, Snopes is a solid starting point for doing your own investigation and shouldn’t be considered authoritative. Use critical thinking skills and follow up on their sources when the subject of an article is personally important to you.

GoDaddy gives Texas abortion website notice: Find new host ASAP:

The highly controversial and regressive Texas abortion law went into effect on September 1. With the law comes the Texas Right to Life group’s website where anyone can submit allegations that a woman had an abortion past the state’s six-week cutoff mark. The state’s new abortion law also allows private citizens to target anyone accused of helping facilitate an abortion.
[…]
Amid the hacktivism is an outcry directed at GoDaddy, the company that hosts the website. Many have called on the company to cut off its services to Texas Right to Life, a call that has been heard. According to a statement GoDaddy provided to The New York Times, Texas Right to Life has been given 24 hours to find a different host for its website.

Even GoDaddy, of creepily sexy advertising fame, knows the Texas neighbor-stalking website is immoral.

I don’t ever want to hear another word about “government overreach” from the Texas GOP. Not a word.

As someone who deals with HIPAA’s privacy compliance as part of my job, I don’t ever want to hear the word HIPAA again from someone who isn’t adjacent to healthcare. Almost no one understands what it is, but a hundred million people are explaining their wrong ideas of it to each other in a giant game of telephone.

Here’s a short summary of HIPAA’s Privacy Rule, as described by the U.S. Department of Health & Human Services:

Who it applies to: a healthcare provider such as a doctor or hospital, health plans, their business associates, and other people who manage patients’ healthcare information.

What it does: limit the information a covered entity can share about their patients to fulfill specific medical and business requirements.

What it doesn’t do: apply to anyone else except those covered entities; prevent you from sharing your own information; prevent others from asking you about your health, including vaccination status.

Anyone who says that doesn’t allow you to ask whether they’ve been vaccinated, or prevents them from answering, is factually wrong.

By today, July 29, 2021, Intel has shipped the last of its Itanium processors, the last holdout of a rough decade of their history. You’d be forgiven for not having heard of this unusual CPU as they carved a niche of a few supercomputers in the early 2000s and some legacy mainframe holdouts.

In 1994, Intel and HP looked around and saw a wide variety of successful server CPU architectures like Alpha, MIPS, SPARC, and POWER. This annoyed them and they decided to make a new CPU that no one would want to use. To these ends they invented an instruction set architecture that was impossible to program efficiently, planning that future compilers would be clever enough to make software run acceptably well. (This never happened because it turned out that anyone smart enough to write these compilers would rather be doing almost anything else.)

In 2000, Intel launched the NetBurst Pentium 4 CPU. It had serious design compromises that would hypothetically allow CPUs to run at upwards of 10GHz. Since these beasts could fry an egg at 3GHz, it was good that they never came anywhere near 10GHz as the heat would likely be sufficient to induce nearby hydrogen atoms to fuse.

Customers begged Intel to release a 64-bit Pentium-compatible CPU. They refused because they knew this would canibalize Itanium. Why write software for a weird and uncommon architecture if you could use something like the terrible x86 instruction set you already knew, but better?

In 2003, AMD launched their 64-bit, but Pentium-compatible, Opteron CPU. Everyone stopped buying Intel CPUs for a while. Within a few years Intel made their own 64-bit, but AMD-compatible, CPUs to avoid entirely losing the desktop and small server market. They were right earlier: almost everyone immediately embraced AMD’s instruction set and no one but HP wanted anything to do with Itanium.

And then, for a long time, nothing much happened. That’s happy news when you’re talking about earthquakes or tornados, but not so hot when you’re talking about sales of processors you spent a few billion dollars developing.

In 2015, HP admitted defeat and launched a line of mainframes using AMD’s 64-bit instruction set so developers could write and test software on systems that cost both over and under a million dollars.

Intel was contractually obligated to keep Itanium limping along but it was apparent their heart wasn’t in it. In 2019 they accepted the inevitable and announced that Itanium would be officially dead as of today. The final batch of CPUs was built on a 32nm process when everyone else was on to 10nm, 7nm, and 5nm designs.

Goodbye, Itanic. You were a strange, unloved little detour, better known for the good designs you killed than for any successes of your own. Few will miss you.

Ironically, in 2020 Apple launched their own desktop-class CPU that wasn’t compatible with more common Intel or AMD designs. The difference was that Apple’s M1 was actually nice and fast, both for developers and end users.

Someone invented a new standardized way to opt out of telemetry for command line applications. This is a horrid idea.

The existence of the setting establishes “tracking is OK!” as the default, and makes opting out the responsibility of the end user. With this in place, if a company collects the names of all the files in my home directory, it’s my fault for not tweaking some random setting correctly. (For technical types: don’t forget to set the “don’t track me!” variable in your crontabs, or else they’ll run with tracking enabled! Be sure to add it to your sudoers file, or now root commands spy on you!)

If this should exist at all, it should be in the form of a “go ahead and spy on me!” whitelist, with all telemetry and other spyware disabled unless explicitly enabled. Then it becomes the responsibility of each application’s author to encourage their users to enable it. Or better, get over the bizarre and radical notion of enabling spyware in command line utilities.

It seems like Intuit is never any the news for anything good that benefits normal people.

Previously: “Inside TurboTax’s 20-Year Fight to Stop Americans From Filing Their Taxes for Free”.

For more than 20 years, Intuit has waged a sophisticated, sometimes covert war to prevent the government from doing just that, according to internal company and IRS documents and interviews with insiders. The company unleashed a battalion of lobbyists and hired top officials from the agency that regulates it. From the beginning, Intuit recognized that its success depended on two parallel missions: stoking innovation in Silicon Valley while stifling it in Washington. Indeed, employees ruefully joke that the company’s motto should actually be “compromise without integrity.”

We would have had free websites that allowed taxpayers to easily file their returns if Intuit hadn’t spent a fortune to block them.

Yesterday: “Intuit sabotages the Child Tax Credit”.

I have done web-design for large government clients. I understand that there are constraints that can reduce the quality of the final product. But Intuit isn’t your average IRS contractor – they’re a company that was caught bribing, intimidating and poaching IRS employees.

It should have been easy for low income families to apply for the Child Tax Credit they’re entitled to, but Intuit botched the application website.

Today: “Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax”.

“Your employees may need to verify their income and employment info when applying for things like loans, credit, or public aid. Before, you likely had to manually provide this info to lenders, creditors or government agencies. These verifications will be automated by The Work Number, which helps employees get faster approvals and saves you time.”

In other words, Intuit “helpfully” exports their customers’ payroll information to a monstrosity called The Work Number that lets other entities stalkverify employment and salary information for most Americans.

It’s always something with this crew.