The Pandemic Nightmare

Note: Typically, I don’t publish or discuss my dreams publicly. This one, however, I felt compelled to share.

I walk through the aisles of the Target store in Tulsa. (For those who live locally: 71st and highway 169.) It’s 11:35 AM, March 20, 2030 according to my iPhone. I push the cart down towards the pharmacy section. I put a bottle of Tylenol in the cart for my mother, who is at home. Then, I amble towards the counter.

The line is extremely long. There are about a dozen people in front of me. Some have carts, some do not. One is holding a basket with a vitamin bottle in it. The people filing out are repositioning their N95 masks. The line moves at a decent pace, about one person per minute.

Finally, it is my turn. A short Cherokee woman, about 5’4″ with long brown hair with blonde highlights, asks in a small voice, “what will it be for you today?”

She shows me a small printed menu. Chamomile, lavender, peppermint, honey, rainforest, spring blossom, … ah. There it is. Cinnamon bread.

“Cinnamon bread”, I politely respond.

“30 seconds for 4.00$, 60 seconds for 8.00$, or we can do the premium package for 10$.”

“Premium package?” I ask, being quite unfamiliar with more options than just duration.

“The scent will surround your whole body, instead of just being a scratch and sniff card,” she replied. “It’s an aerosol spray. You can turn around in the chamber for the entire duration, which will be 60 seconds.”

A full 60 seconds in the chamber… with the scent around my entire body, not just in a scratch and sniff card? How exciting!

“I would love the premium package. Can I still tap and pay with Apple Pay?”

“Yes, ma’am. Of course you can. Just tap, then follow me.”

I tap my iPhone against the reader, then walk behind the counter, leaving my cart in the waiting area. She leads me to a small chamber made of clear plexiglass. It’s just big enough for someone of my size. Next to it, there is a chamber that would be more suited for heavier set people.

She opens a small hatch and I stand inside. She closes the door. I take my N95 off. The smell rains down from the ceiling. I twirl around, closing my eyes and feeling warm and happy. I almost begin to dance, my arms flailing in slow, rhythmic movements as I breathe in deeply.

There is a slight ding. The scent stops. I walk out and take a quick gasp before putting the N95 back on. The inside of a Target store still smells how I remember it.

I look at the woman and quickly apologise. “I’m sorry, I know the mask has to go on as soon as the door is open, I just…”

“Don’t worry about it. Most of my customers enjoy the smell of the store, some more than the scent chamber itself.”

Just then, I see two uniformed Tulsa Police officers walking up the main aisle. I quickly run to my cart.

“Everyone hold it,” one of the two officers shouts. He’s a stern looking man in his 40s with visible stubble and a head suit covering his hair. His partner is younger, with thick glasses and a machine gun carried on his back.

The officer looks at the woman behind the counter. “Picking up a prescription, sir?” she asks, timidly.

“Ma’am, we have reason to believe you are running an illegal scent shop here. You know President Cornyn outlawed the sense of smell in 2029.”

“This is a pharmacy counter. That’s all!”

“Why is everyone fidgeting with their masks, then?”

I try to push my cart into the main aisle, towards the grocery section. The younger officer sees this, and immediately takes out his machine gun and points it at me. “HALT!”, he shouts.

“I just wanted to finish my grocery shopping,” I say in a breaking voice as I begin to cry. I reflexively put one hand to my head, desiring to survive this encounter. I use the other to hit the Emergency button on my iPhone, to clear all data from the past 10 minutes so they can’t use it to determine what I was doing.

“What were you doing at this counter?”

“I was… asking where the minerals and supplements were.”

“Then why were you going the opposite direction? Alright, hold it ma’am, you’re under arrest for suspicion of smelling!”

I awaken to my alarm. The sun is peeking out through the blinds of my window, and I can faintly hear Mum watching TV in her room.

This pandemic cannot end soon enough.

Libre software and moral absolutism

I’ve been pondering what to write in my blog now that I no longer lead Adélie Linux. There isn’t a great amount of things to write about around my day job making libre networking software, and there’s even less to write about my “spare time” projects. (Mostly because that spare time is spent playing with my cat, my Mum, or my video games.)

I had originally planned for this blog to cover travel and photography around Oklahoma in addition to tech. For obvious reasons, this isn’t something I’m able to do at this time. There are only so many ways I can photograph the gardens around my flat, and inter-city (let alone inter-state) travel is not exactly possible in 2020.

There are actually a lot of tech subjects I would love to cover, but a lot of them revolve around non-libre software. After spending so many years in the communities I have, there seemed a very real sense of shame in the thought of writing about it. However, the more I’ve thought about it, the more I realise it is not shame I feel.

It is embarrassment. It is a sense of letting my friends and colleagues down by feeling anything other than contempt for running proprietary software.

But I do. I absolutely enjoy using my iPad Air 2. And I have dozens – maybe hundreds – of articles in me about retro computing with classic versions of Windows, Mac OS, and Solaris. Game consoles are another fun hobby of mine that I want to share more widely.

So this is the dilemma I face. To continue to write nothing but articles about Linux would be to hide a part of me that is real. Is that what I want from my life? I don’t think it is.

This is not a rebuke of libre software, nor is this some admission there is nothing left to write about it. The future will always be bright with libre software, and I have plenty of articles left in me with regards to libre software, I’m sure. But I think it’s about time for me to admit to myself, and the world, that I have other technological passions as well. And it’s time to stop being embarrassed about it.

Reckless Software Development Must End

On the 6th of November, 2019, I made a comment on Twitter:

Okay, so today’s news isn’t as dramatic as Uber killing a homeless woman by not programming in the fact that pedestrians might not use crosswalks, but it is based in the same mode of thought.

Today’s news is that the US state of Iowa has had issues with their election processes (processes that are a bit too complex for me to provide you an overview in this blog). The problem boils down to reckless abandon of software engineering principles.

As reported in the New York Times and The Verge, in addition to many other outlets, there were a number of failings in the development and deployment of this software package that would have been trivial to prevent.

My personal belief is that the following issues significantly contributed to the failure we have seen.

No test plan

There was no well-defined plan of testing.

The test plan should have covered testing of the back-end (server) portion of the software, including synthetic load testing. My test plan would have included a swarm of all 1600+ precincts reporting all possible data at the same time, using a pool of a few inexpensive systems running multi-connection clients.

The test plan should have also included testing of the deployment of the front-end (user facing) portion of the software. They should have asked at least a few of the precinct staffers to attempt to complete installation of the software.

Ideally, a member of the development team would be present for this, to note where users encounter hesitation or issues. However, we are far from an ideal world. My test plan would have included a simple Skype or FaceTime session with the poll workers, if face-to-face communication would have been prohibitive.

These sessions with real-world users can be used to further refine the installation process, and can inform what should be written in documentation to simplify and streamline the experience for the general user population. Then, users should be allowed to input mock test data into the software. This will allow the development team to see any issues with the input routines, and function as an additional real-world test for the back-end portion.

By “installation”, I mean the set up required after the software is installed. For instance, logging in with the unique PIN that reportedly controlled authentication. I am not including the installation of the app software onto the device, which should not have been an issue at all — and which is covered in the following section.

Lack of release engineering

Software must be released to be used.

It appears that the developers of this software either did not have the software finished before the Iowa caucus began (requiring them to on-board every user as a beta tester), or they did not intend to have a proper ‘release’ of the software at any time (meaning every user was intended to be a beta tester). I could write a full article on the sad state of software release engineering, but I digress.

The software was distributed to users via a testing system, used for providing pre-release or “beta” versions to testers. This is an essential system to use when you have a test plan like what I described above. This is, however, a bad idea to use for releasing software for production.

On Apple’s platform, distributing final releases via TestFlight or TestFairy can result in your organisation being permanently banned from accessing any Apple developer material. Not counting the legal (contract law) issues surrounding such a release, on Android this requires your users to enable what is called “side-loading”, or installing software from untrusted third-party repositories.

All of the Iowa caucus precinct workers using the Android OS now have mobile devices configured in a severely vulnerable way, and they have had sideloading normalised as something that could be legitimate. The importance of this cannot be understated. This is a large security risk, and I am already wondering in the back of my mind how this will affect these same workers if they are involved with the general election in November. The company responsible for telling them to configure their mobile devices in this manner may, and in my opinion should, be liable for any data loss or exploitation that happens to these people.

My release plan document would have involved clearly defined milestones, with allowances for what features would be okay to postpone for later releases. This could include post-Iowa caucus releases, if necessary — the Nevada Democratic Party intended to use this software for their 22nd February caucus. Release planning should include both planned dates and required dates. For example:

  • Alpha release for internal testing. Plan: 6 December. Must: 13 December.
  • Beta release, sent for wider external testing. Plan: 3 January. Must: 10 January.
  • Final release, sent to Apple and Google app stores. Plan: 13 January. Must: 20 January.
  • Iowa Caucus: 3 February (hard).

Such a release plan would have given the respective app stores at least two weeks to approve the app for distribution.

Alternatively, if the goal was to avoid deployment to the general app stores of the mobile platforms, they could have used “business-internal” deployment solutions. Apple offers the Apple Business Manager; Google offers Managed Google Play. Both of these services are included with their respective developer subscriptions, so there is no additional cost for the development organisation.

Lack of security processes

Authentication control is important in all software, but especially so in election software. This team demonstrated to me a lack of understanding of proper security processes by providing the PIN on the same sheet of paper that would be used on the night of the election for vote tallying.

I would have had the PIN sent to the precinct workers via either email, or using a separate sheet which they could have in their wallet. Ideally, initial log in and authentication would have taken place on the device before the release, with the credentials stored in the secure portion of device storage (Secure Enclave on iPhone, TrustZone on Android). However, even if this is not possible, it was still possible to provide the PIN to users in a more secure manner.

Apparent lack of clearly defined specification

I have a sneaking suspicion that the combination of these failings mirror the many other development organisations who refuse to apply the discipline of engineering to their software projects. They are encouraged by bad stewards of engineering to “Move Fast and Break Things”. They are encouraged by snake-oil peddlers of “process improvement” that formal specification and testing are unnecessary burdens. And this must change.

I’m not alone in this call. Even the Venture Capitalist section of Harvard Business Review admits that this development culture is irresponsible and outdated. Software developers and project managers must be willing to #Disrupt the current industry norm and be willing to Move Moderately and Fix Things.

Libre software funding and market abuse

I’ve just read a troubling article from the developer of Aether.

What troubles me is not so much the differences we have, which likely stems from being in vastly different segments of libre software (he’s doing social media, and I’m in low-level systems). What troubles me is that he claims that it is an economic imperative to work at FAANG or a Silicon Valley startup for a number of years before working on libre software full time, and all of this on a false pretense.

Encouraging someone to have a long-term savings and funding plan is a good idea, perhaps even a great idea. It falls apart when he states that working for startups or FAANG are the only or best way you can earn that money — and then claiming that you could make 250,000 USD per month working at them[1]. This is flawed mathematics at best, and actively malicious to society at worst.

Most people are going to have to work at a company before founding their own, unless they have funding from external sources (be it angel investors, VC, inheritance, family and friends, etc). This is not what I take issue with. This issue I have is this false dichotomy that you can only make good money by working at FAANG or an abusive startup. As someone who actually has worked at two different startups in their life, I take personal issue with the way startup culture exploits its workers, investors, and society at large. This doesn’t even go in to how startup culture can also be bad for business.

This abuse is ingrained in to most, if not all, of the industry of Big Tech, ala FAANG. You might be able to wrestle some division of Apple, or the security research division of Netflix, out of this hole and point to them as an example of where I’m wrong. Oh, dear reader — even if you have the privilege of working in an area of the company that isn’t abusing its workers, you’re still complicit in that abuse by furthering the company’s mission and control over some part of the industry at best, and indirectly engaging in it yourself at worst.

It’s time for the computer industry to rise up and work at companies that respect their workers, and society. Quit FAANG like a bad habit, and find a company to work for that doesn’t trade in the abuse of power and users as its main product. And where those don’t yet exist, it’s time to found some. At the end of the day, we are all defined by the actions we take — which side of history do you want to be on?

[1]: And I quote, “If you can make $10,000 a month from donations doing open source work, I can guarantee you that your salary in any large tech company (or even startup) would be much more — to the tune of 10x to 25x.” The firm Indeed claim, at time of writing, that the highest paid research engineers at Google make about 246,000 USD per year; other companies pay even less. That’s 20,500 USD per month, or just about twice the amount he claims you might be able to make on donations doing ‘open source work’. And this doesn’t require you to further Google’s surveillance state.