iPhone 5s, iOS 7.0.4, jailbroken, and using Skype

I got a iPhone 5s recently, and took advantage of the evasi0n jailbreak. I got Cydia, and reinstalled pdanet for tethering. But.. Skype wouldn’t work. It sort of hung. Googled around a bit – needed to update Cydia substrate. OK – did that. Still didn’t work. I’d read someplace that ‘xcon’ did the trick. Tried it – it actually made it worse. Skype wouldn’t load at all – just crashed on boot. Uninstalled xcon – everything worked. I’d read somewhere to try that, and I did, and it worked great. Not sure what happened there, but if you’ve got the setup I have in my post title, try it.

MySQL speed boost

I hit a problem the other day with concurrent queries causing deadlocks.  Using innodb gives you a lot of protection with respect to transaction support, but it carries a moderate amount of overhead, and unless you’re aware of what’s going on, you may be paying a higher price which can eventually cause performance or deadlock issues.

FWIW, I thought I knew what was going on, and I *sort of* did, but not entirely.

This article at high scalability has some good introductory info, but I’ll cut to the chase as to what made a huge improvement for me.

Instead of standard BEGIN to start a transaction, I set a specific isolation level for just *one* query:


This took my combined queries from 18 seconds down to 3. In addition to the 18 seconds average time, those 18 seconds were often going to 30-60 depending on what other concurrent queries were going on. The default ‘REPEATABLE_READ’ transaction level in InnoDB does a lot of locking (or waiting to be able to lock) data, and this was the root of my problems.

You need to understand what transaction isolation levels are doing, of course, but changing some queries to READ COMMITTED is still pretty safe for what I was doing there, and made a *HUGE* difference in speed. Of course, your mileage may vary, but definitely something to research if you haven’t yet and are facing performance issues.

Facebook app permissions bummer…

When building any site that will interact with Facebook, you need to have a user connect their Facebook account with your site.  You create an app listing on Facebook, get some handshake tokens, put them in your code, then have a user initiate a connection between your site and their Facebook account.

The initiation is usually a button that says something like “Connect with Facebook”.  Behind the button is some code that indicates your token and what permissions your site wants from the requesting user.  Usually you’ll want your site to have their email address, maybe some permissions to read their wall posts or perhaps even post on their wall.  For many types of sites (like a couple I’ve worked on over the last year) you *really* are only using Facebook as an authentication system, and you’re not planning on doing any interaction with Facebook at all, so you don’t really want any permissions to their data or wall or anything else.

However… Facebook *requires* that you get access to certain aspects of the users’ data.  Even if you don’t ask for it.  It’s confusing, poorly documented, and certainly causes many people to abandon signups partway through the process.

Specifically, Facebook will always tell the user that your site/app wants access to the user’s friends list.  Always.

The Facebook developer guide says

“The public profile and friend list is the basic information available to an app. All other permissions and content must be explicitly asked for.”

But… it doesn’t indicate that there will be a popup asking for this.

Screen Shot 2013-10-11 at 8.06.37 AM












The only “permission scope” being requested is “email”.  But Facebook insists on presenting this warning that MY SITE is REQUESTING “friend list” permissions.  We’re *not* doing this – we do not want the friends list, but have no way of *not* getting it.

Even more confusing, really, is the Facebook documentation on this (their docs have always been an unholy mess, imo)

“When a user logs into your app and you request no additional permissions, the app will have access to only the user’s public profile and also their friend list.”

What happens when you *do* in face request “additional permissions” is that you still are presented to the user as asking for permission for their friend list.  I suppose the word “additional” has an implication there, but really, this is dealing with computery/programmery stuff – be explicit about what happens in both situations.

More to the point, give people a way to *not* have access to friend lists.  This is offputting to users, and in an age where privacy is a bigger concern than ever, requiring access to data that is not needed or wanted is negligent.  I suppose it would disrupt all the farmville and candy crush clones from making a living by not requiring people to spam their friends.

I know this has been dealt with on stackoverflow more than a few times, but feel compelled to add my 2c.


The indieconf story…

I’ve told people this story enough that I figured I should write it down for posterity.

I quit working a “regular” job in mid/late 2007 – just as the global economy was going in to meltdown.  :)  For the next couple years I networked, networked and networked trying to “work for myself”, all the while the economy was growing grimmer.  When I’d told people I’d quit my job earlier, it sounded ridiculous, and I got a lot of weird looks.

Fast forward to 2009/2010, as we were slowly starting to bottom out, I would meet people who’d say “wow, you survived all that”, and I’d say “yes, I did”.  Almost always, it was followed up with “I’d like to work for myself, but I’m just too scared – how do you find clients?”  or… “How do you handle taxes?”  or “How do you write a contract?”

I was certainly no expert at any of these issues, but gave my best answers.  After finding a pattern, I realized my answers weren’t as good as other experts I knew who focused on particular areas and/or had more experience than I did, so I began to reach out to those people for better answers.

In May 2010, at a Triangle JavaScript presentation, I was speaking with some of the folks there over dinner (at Trali, IIRC), and we got to talking about conferences.  The idea for a conference focused on web freelancers came to me out of the blue, and a few people said “sure, I’d go to that”, and the idea started to take shape.  I had a broader network of more experienced business and consultant folks who “knew the ropes” so to speak, and I asked some of them if they’d be willing to present.  When enough said “yes”, I started things in earnest.

The focus has always been on the non-tech side of working for yourself as a technically-oriented person.  Don’t let that scare you off – the conference is not just rooms of tech geeks – we have attendees from many backgrounds, but the common denominator is part or full time self-employment (or small team) working primarily on the web.  Developers, certainly, but graphic designers, bloggers, SEO and marketing consultants, drop shippers and more are part of the indieconf family.

What’s the ‘non-tech’ side?  Exactly what got the conference started: the business side of things – contracts, finances, marketing, personal growth and more.  It’s pretty easy to Google an answer for a troubling CSS question, but much harder to know if your pricing strategy is sound, or what your alternatives are.  Learning from experts who’ve “been there, done that” you can save yourself years of headaches and money problems by finding clients and projects that play to your strengths, and avoiding the “clients from hell” that almost every freelancer deals with at some point.

indieconf 2013 will be held November 23 in Raleigh, NC, with a full day of speakers, networking and learning to help build your business efforts to the next level.  Get your ticket today at indieconf2013.eventbrite.com

Freelance consultants, what is your site missing?

I attend a small business/network meeting every 2 weeks in town here, and have been doing some thinking about one thing many of the attendees can do to help increase their business.  Almost of them have some sort of website, but they’re all missing one common thing – a mailing list signup.  Honestly, even my main site doesn’t have that right now, although it probably will in the next few months, but I’m not in a position where I’m currently looking for work/projects – I have too much going on at any one time as it is.

What I do see many people doing is participating on linkedin as a primary form of networking and marketing.  While it doesn’t seem to do much in the software development circles I’m in (correct me if I’m wrong and it works for you!) it does seem to have some impact in other circles.  But I see that impact as limited, because the communication tools linkedin provides are themselves pretty restrictive.

The common approach in our group is for people to periodically post articles they’ve found in to LinkedIn groups, then engage in some discussion.  I get told “I get more views on my profile, I get more visits to my website”.  Great – more visits to the website… but then it stops.  There’s generally no way to capitalize on that *unless* someone needs you right then and there and happens to find your phone number.

If you have a website, adding a mailing list that people can subscribe to will give you permission to reach out to those people on a regular basis.  That may be monthly, or quarterly, or annually.  It doesn’t need to be daily or weekly.

Example: I have some lists I’ve signed up to which are blatant sales pitches every 3-6 months – I’m *fine* with that, because I think I may attend one of those workshops she’s selling next year, but it’s my decision.  Had I not been able to get on a mailing list, she’d have long since been gone from my mind.  Instead, I get these gentle reminders every few months – I bought a book from the same author because of those reminders making her ‘top of mind’ during a crisis last year.

When I talk to people about this, they seem to get that first part – getting some discussion going on linkedin (or maybe facebook), and that usually translates in to some direct traffic to their site, but then it stops.  Set up a mailing list for your website and start capturing some of that potential to be harnessed later.  If you’re not sure how to get started, give me a call at 919-827-4724 and I’ll help you get set up.

Event-driven MVC in ZF – a good match?

zf2_logoI’ve been working with ZF2 some the past several weeks, and have to say it’s a bit odder than I expected.  Beyond the verbosity of the standard directory layouts (“/modules/Foo/src/Foo/Controller/BarController.php”?  really? “views” not being under “src” by default bugs me too…), the ‘event’ system seems to be the preferred way of dealing with things these days.

However, we’re shoving “event-based” architecture with a more traditional web-MVC approach, and it doesn’t *feel* like this is going to be a good marriage.  I may be wrong, of course, and obviously things “work”, as in I can make a request and get a response. It is probably that ZF2 is simply a bit too new still – I’m not seeing a lot of good examples of “best practices” to follow, nor am I seeing a concise list of framework-provided events (googling for “Zf2 core events” wasn’t useful, for example).

Personally, I’ve tended to associate “event driven” with languages and platforms that were long-lived – being able to signal an event to something that was running in memory for hours or days, knowing it would be there after the current request had gone – makes more sense.  Event-driven in a language like PHP feels wrong, although I realize it’s in the context of ZF specifically, not the PHP language.

So…wWhat resources should I be looking at for ‘best practices’, and good examples of using event-driven thinking in MVC?

indieconf 2013 is open

indieconf 2013, the conference for independent web professionals, is open for business!  This is the conference’s fourth year, and we’re trying to keep it a mix of the best of past years along with some new faces and possibly a few new ideas – more to come on those as they roll out.

Our first batch of speakers has been selected and confirmed – we’re confirming another round in the next couple weeks, and should have the final set up by the end of August.

The conference is a one day, 3 track event (this *may* be expanded to a 4th track – we’re working out some feasibility on that) with 21 sessions slated, bringing you motivational, business, financial, legal, marketing and technical sessions to help you succeed as an independent.

Learn more, or get your ticket today!

Recruiters’ missed opportunity

I’ve been looking in to the recruiting industry a little bit recently; specifically, the tech field.  I’m going to suspect that my observations hold true for the wider industry.

Having recently built a job application tracking system (still in early stages, but it’s working for the first level of functionality), I started looking at the emails that I get from recruiters.  Many are obvious form letters, some are a bit more handcrafted.  Many are sent via larger systems – I’m assuming prospect management systems of some sort.  I’m still trying to figure out who the players are, if any, that I can recognize in my emails – maxhire.net is the only one I’ve seen repeatedly.

I was actually more than a little surprised that none of the emails I’ve received have any sort of tracking/analytics code in them.  I’m getting full HTML emails – with extremely bloated HTML to boot, but no tracking whatsoever.  No, I take that back – the ‘opt out’ link is encoded and is tied to me somehow.  So… they know if I opt out of ever getting anything from them again, but they don’t know if I got the mail, did I open it, did I view their website because of it.  All the things you’d think they’d want to know – what subject lines work best, etc.  This seems to be totally missing from the recruiter practices that I’ve seen.  I’m not suggesting it doesn’t happen at all, but I’ve not seen it in the mails I’ve received.  You’d think that having statistics about which types of mails are more likely to be opened would be golden, but maybe not.  Maybe there’s such a ‘fire and forget’ mentality that there’s simply no real incentive?

Why is this?  It’s not that hard to do.  And, honestly, it’s never struck me that the majority of the (tech) recruiting industry is all that concerned about their long term image (I’m speaking as a whole – I know individuals who are great, but the practices of the many often tar the whole industry with a bad brush).


Looking for feedback on job tracking service – appliedto.com

The title says it all – if you are job hunting, or freelance gig hunting, please checkout appliedto.com, and send me some feedback.  This is something I’d meant to build for myself about 8 years ago, and didn’t, and got the urge recently to do this, integrated with gmail.  I added yahoo mail so it wasn’t a gmail-only service, and I may rant about the convolutions of oauth at a later date for fun.

You will notice that the system asks for broad permissins – essentially, you’ll be giving this app unlimited read/write permissions on your gmail or ymail account.  I can’t say how sorry this makes me – neither service give a limited “send-only” or “send X emails” permission – it’s all or nothing.  That said, the code only sends emails you direct it to, so try to not worry too much.   As an added bonus, you should be asked to re-auth often – we don’t get long-lived auth tokens, from what I recall.

So… if you’ve made it this far, what does appliedto do?  Think of it like a CRM for your job search.  Add info about a job that you’re applying for, keep notes for yourself, and send emails (via appliedto directly through your webmail account, hence the need for permissions).  We’ll track which emails were opened and which links were clicked, and how many times, and report on that for you.  I’ll be adding the ability to upload and manage multiple resume files to send along with your emails, and the ability to track downloads/views on those as well.

Other features you’d like to see?  Let me know.  Now… go check out the first version.

Google’s brain teasers don’t work – or so they say

A recent announcement confirms what some of us suspected a while back: brain teaser questions don’t really size up a job applicant very well.  In fact, “We found brainteaser questions a complete waste of time“.

So… brainteaser questions are a waste of time.  Google’s rep went on to say that GPA and test scores were a waste of time (and only requested now for recent graduates).  So what do they claim is the best indicator of an applicant’s potential?  Asking candidates how they solved a difficult real world problem.  Actually, more to the point,

.. this has the added benefit of showing the interviewer what the candidate considers to be a difficult analytical problem “rather than having each interviewer just make stuff up,” says Bock.

As intuitive as it sounds, especially for those of us who’ve been on the receiving end of stupid brainteasers and interviewers ‘just making stuff up’, is it true?

Call me cynical, but why should we trust Google?  They’re in a massive war for talent, and it may very well be that something else works pretty well for them in hiring – are they going to divulge that secret sauce?  I would not be one bit surprised if this is some strategic disinformation meant to cause dozens/hundreds of second and third tier companies to abandon their hiring practices and chase the latest Google bandwagon.

“You’re just being cynical! Of course it’s obvious that asking candidates to describe their past work achievements and how they solved difficult problems is the best way to hire!”  Well, yes, of course, but I was saying that 5 and 10 years ago, but that wasn’t the way the world saw things.  Large (and small) companies jumped on the Google/Microsoft fadwagon, and jumped applicants through hoops that even the hiring managers didn’t always quite understand.  So now we’re being told “no, that doesn’t work, this other approach is better!”.  Well.. it might be, for Google.  Or it might not be.  It’s in Google’s interest to hire the best workers for Google, not to tell everyone else how to hire.  It’s actually in their best interest to have weaker candidates working for competitors, and if they follow this advice, that’s what might happen.

Yes, a common rubric to measure all candidates against is probably an optimal balance.  There are likely many companies that aren’t sophisticated enough (or have the resources) to enact this policy, so in some sense, it doesn’t matter too much if they ‘give away the secrets’.  But many of their competitors for talent do have the resources to follow suit.  And they may be hoping that competitors do just that.