Category Archives: Uncategorized

The Funniest Thing I’ve Ever Seen From Congress

Possibly the first time I feel like I’ve truly gotten my tax dollar’s worth in pure entertainment:

Not only is this just an amazingly funny takedown of a breathtakingly stupid piece of proposed legislation–but it also introduced me to what is apparently a whole line of quite–umm–striking work from artist Jason Heuser, whose modern-day masterworks include:

George Washington wielding a mini-gun!
Bill Clinton, Lady-Killer!
Teddy Roosevelt Taking Down Bigfoot!
And George W. Bush with Twin Revolvers, Riding a Shark!

And here, of course, is the patriotic image which started it all:

Ronald Reagan, Riding a Velociraptor, firing a machine-gun, with a rocket launcher on his back.

Check out Jason’s Etsy store here:

Advertisements

Breaking HTTPPostAsync When Debugging in IIS Express, or “Wasting 5 Hours in Programming’s Version of a Really Crummy Escape Room”

It’s 3 AM, the day after Daylight Savings Time threw everyone’s internal sleep clocks into absolute chaos. (I say “chaos” based on both my own personal feelings, as well as the flood of fire service calls we’ve had today, including an overdose, a suicide attempt, and numerous other ways that our local residents have signaled their general lack of fervor at the idea of getting up tomorrow).

Worse yet, had it not been for the time change, I could have started this blog post with “It’s 2 AM, and the fear is gone” — and my opening would have been much cooler. Now I’m blaming Daylight Savings Time for writer’s block too. Way to go, DST.

But nevertheless, here I am, writing a pretty darned geeky blog with the hopes that some poor schmoe might stumble upon it in a session of mad Googling and save themselves some of the five hours I’ve just blown on one of the more painful programming pitfalls I’ve managed to stumble into in recent memory.

As part of a general modernization of ComicBase’s web APIs, we’re testing out a new set of calls to our servers which locate all the items you’ve sold on Atomic Avenue and let you deduct them from your inventory–as well as (minor spoilers here) finding all the comics you’ve scanned with the app while you’re out in the real world and which you now want to add to your desktop database.

Since it’s incredibly helpful to be able to watch the action on both the client and the server side of things when you’re doing work like this (and since it’s considered presumptuous for the programmer to set breakpoints on the production server which would stop the site cold), I’ve been working with a local copy of the ComicBase.com and AtomicAvenue.com sites, running under a development version of the web server software called “IIS Express” . Things had been going well, and I was watching the program carefully validate the user’s credentials, look up their databases, get the right data and post it back to the user–all the while checking for all the jillions of things that could go wrong in terms of bad passwords, invalid user accounts, lost network connections, and just about any other simulated problem you can imagine–trying to make sure we handled them all as gracefully as possible.

It’d been a long weekend on this project, but as I say down around 10 to finish things up, I was feeling pretty good about my chances to knock off early, grab a beer, and maybe even check out that crazy Polish cyberpunk video game I’d started a while back (Observer). All I really had to do was step through the different cases in the debugger, make sure they were being handled right, then remove the breakpoints and watch the whole thing run at speed to get a sense for how the system would feel in real use.

Everything was going well, but as I started tidying up and removing my breakpoints, breakpoints, suddenly I started getting bad data back from the web requests which were rock solid mere moments earlier.

So I put the breakpoints back and started single-stepping through them, puzzled all the server calls came back exactly as expected–only to give 404 errors moments later when I let them run at speed.

That’s when the night started to blur into one long slog which resembled nothing so much as an escape room whose puzzles had been planned by a madman. I’d check the code, it would behave. I’d set a breakpoint for a couple of lines after the call completed, and it’d work. But if there was ever a case where two web calls in a row fired off, the second one would always fail.

“OK”, I thought… It’s probably some sort of thread issue, which seemed all the more plausible that any call that I waited even a couple of seconds on before proceeding to in the debugger would run normally. Unfortunately, chasing down problems like this–whether they’re thread deadlocks or inadvertent calls to non thread-safe libraries–are a royal pain in the tucchus to track down.

The hours went by as I double-checked that all my async calls were properly awaited, that I hadn’t accidentally blocked them by calling “.result” at the end of any methods, and so on and so on with all manner of obscure programming lore. This was followed by endless googling on StackOverflow to see if anyone else had a similar problem or could suggest answers.

I tried removing the asynchronous calls; I tried marking all the relevant async calls with ConfigureAwait (False) to help them keep their context straight; I even tried rewriting all the HTTPClient calls in the old-style WebClient mode which allowed me to get rid of the mere idea of anything being asynchronous at all. Sure it’d mess up system performance and make the app seem slower to users, but as the clock edged past 2 AM and all the Fiddler packet traces in the world showed nothing useful, I was willing to try darn near anything to make some progress.

But even rewriting the whole set of web calls to be fully synchronous using the ancient WebClient routines was getting me nowhere. They ran great in the debugger, but immediately returned 404 errors when run without breakpoints set. What the living heck was going on?

So then–as much to make my Fiddler traces make more sense if I had to post the whole thing up on StackOverflow in the hopes that someone smarter than me could figure it out, I decided to move the new routines up to our production server and get a trace of them running there.

And they worked.

Perfectly.

With no debug points set.

Over the next several minutes, many curses were muttered as I leaned on the Ctrl-Z (Undo) key and watched the last several hours of my typing undone, block by block, until I was basically back where I was when I sat down to work tonight. The only real difference was that the code I was using to call the routines was pointing to the real server, running the real version of IIS instead of the IIS Express running on my development system.

And the whole darn thing was working right.

Sooo… what did we learn here? Well, there’s apparently a strange glitch in the behavior of the various web pieces of the Microsoft web client framework which keeps repeated calls to those routines from resolving properly when used on a Microsoft Visual Studio 2017 session on IIS Express. Basically, if you’re going to use the local server to debug, something may not resolve quite as fast as it should when it comes to the web calls, and if your calls start stacking up, you might want to try either slowing down your debugging, or moving some of the critical pieces to their final homes and testing there before you give up.

I also learned a lot of ways not to solve this problem, which has its own sort of value to programmers. And I would up learning about 4 entirely different techniques for making web post calls–all of which blew up in exactly the same way when run at speed on the development system. In a way, that’s what made me suspect that the problem may not have been purely code-related at all.

I also learned that I truly detest Daylight Savings Time. And now at 3:55 am, I am absolutely going to bed.

Aww! My first bomb threat–Spammers are soooo cute!

From my email yesterday:

From: Riley Mitchell <Marcel@virtualfirefox.com>
Sent: Thursday, December 13, 2018 11:59 AM
To: sales@comicbase.com
Subject: Rescue service will complicate the situation

Hello.  My recruited person carried a bomb (Hexogen) into the building where your business is located. My man assembled the bomb according to my instructions. It  is small and it is hidden very carefully, it can not damage the building structure, but in case of its explosion there will be many wounded people.

My man is watching the situation around the building. Ifany strange behavior, panic or policeman is noticed the bomb will be exploded.

I can call off my recruited person if you make a transfer. 20’000 usd is the price for your life. Pay it to me in BTC and I guarantee that I will withdraw my recruited person and the device will not detonate. But do not try to cheat- my guarantee will become valid only after 3 confirmations in blockchain.

My payment details (btc address)-1CF9VQhwjJutPxwVq5QLFA7j7baq4RDb3w

You must pay me by the end of the workday. If the workday is over and people start leaving the building the device will detonate.

This is just a business, if you don’t transfer me the bitcoin and the bomb explodes, next time other commercial enterprises will send me more bitcoins, because it is not an isolated incident.

To stay anonimous I will no longer enter this email account. I check my  wallet every 25 min and if I see the money I will order my man to get away.

If an explosion occurred and the authorities read this letter: We arent the terrorist society and dont assume any  liability for acts of terrorism in other places.

Standing strong with heroic resolve in the face of this terrifying threat, I refused to negotiate with this international criminal mastermind. It was a tough decision, but these are the times where it’s critical to show these thugs what Americans are made of. 

I’m sure you’ll all be relieved to know that the building (my house) still stands, although frighteningly, we did lose Bob the Minion, one of our beloved inflatable Christmas decorations, whose lifeless body was found in the center of our lawn this morning.

I’m sure many in the sleeping outer world must think Bob’s death was a mere blower malfunction of a four year old $30 Christmas decoration. But we can now reveal that his demise was almost certainly an orchestrated hit job to let us know that These Men Were Serious.

But even as we mourn the loss of Bob–a faithful employee whose warmth and goofy appearance always brought a smile to all who knew him–we owe it to his memory to remain steadfast, and to never give in to shadowy forces such as these which would terrorize innocents in search of financial gain.

The Surveillance State of the Web (And A Better Alternative to Chrome?)

surveillance-1-fotoliaI don’t know about the rest of you, but I’m getting increasingly creeped out by the constant surveillance that we’re all under, particularly in the Google/FaceBook environment. To summarize but a few of the highlights:

  • Your physical movements are being constantly noted and aggregated via your phone’s GPS and location services–even when you seemingly opt out of those services.
  • Even if you’re not logged in to Google or FaceBook (or Amazon, or Microsoft), the tech giants are actively tracking your movements around the web by the use of omnipresent ad tracking cookies which their ad networks serve up on almost any major site you visit.
  • Every time you sign in to a site using social sign-on (that “Log in with FaceBook” or “Log in with Google” code that so many sites–and yes, even ComicBase and Atomic Avenue–use to allow you to avoid adding yet another password to your no-doubt huge list) your login is noted on FaceBook or Google’s servers–and the IP and tracking cookie information allows them to know that you’re the same person who visited any site where one of their ads appears–and now that formerly anonymous site usage is tied to a verifiable identity.
  • Everything you say within range of your Smart TV or Alexa speaker can be recorded and saved on their servers when they’re activated.
  • Every search you type in a search engine or browser is recorded, logged, and aggregated–along with your IP and device information.
  • Every time you call out “Hey Google” or trigger Siri, Cortana, or Bixby, your voice and search are recorded and stored.

And as if this wasn’t enough to complete the panopticon of your life, Google Chrome, the dominant web browser in the world today, recently released a change which automatically logs you in to help “sync” your information between devices.  Of course, keeping all your bookmarks current is the visible benefit to you–but firmly establishing your identity and correlating everything you do while using a web browser or mobile device is the true benefit to Google.

Unless you’re a noted crime figure, it’s likely you’ve never been under anything like the level of surveillance that you’re under today, courtesy of our web browsers and our smartphones. Note also that it’s enormously difficult to escape any of it, even using tools like VPNs, since there are so many redundant mechanisms and tripwires scattered around the web–all with the common mission of aggregating who you are, where you are, and recording as much of what you do and where you go as possible.

And it’s worth noting that all this is just the stuff that we personally signed up for by installing our various tech gadgets and apps, and by clicking through the “Agree” buttons on all those end-user licenses we never read. At the same time, actual law enforcement (and even private companies) are participating on a more global scale to monitor our every movement using everything from both fixed and roaming license-plate scanners and facial recognition, easy-pass toll devices, car GPS transponders, and wholesale processing of entire networks of internet and cellular data — no search warrants required, so long as a particular individual isn’t being targeted. All the information just sits there until it’s needed, which ever-cheaper storage ensures can be a long time indeed.

A Few Countermeasures

To start at the end: I don’t believe there’s a practical way to keep any real sort of privacy in today’s world, but there’s much you can do to at least staunch the river of information you’re constantly sending to the tech companies. Call it pure cussedness on my own part, but even if the battle to escape a surveillance state is a losing one, I see no reason to staff up my own Stasi command post with the personal mission of spying on myself.

It’s been months since I uninstalled the constantly-snooping FaceBook app from my mobile devices, and try to make sure I “log out” whenever I (more and more rarely) visit the FaceBook web site. But this is merely Orwell’s equivalent of blocking the hidden camera in the television when Big Brother has dozens of other listening devices hidden around your house, as well as thousands dangling from street lamps.

Also, do yourself a favor and take a trip over to the Google Privacy Settings and FaceBook Privacy Settings–particularly the deeper “Profile” and “History” sections. After you get over the shock of seeing that both sites can meticulously trace that road trip you took in 2015 down to pictures of the lunch you had at that out-of-the-way cafe, do yourself a favor and delete it all, and turn off as much of the tracking as you can. Then come back every month or so and do it all over again, as you’ll discover that any number of things you did–as simple as putting in a direction request in Google Maps, or buying concert tickets to a show–will continue to add new information to your personal dossier. I’d personally never assume that anything deleted is gone forever–backups often exist, after all–but it’s a start.

Log out of Google, Bing, and other search engines whenever possible, and turn off their “sync” options. Yes, it’s less convenient to check your favorite news sites this way, but remember that–as currently implemented–anything you sync, like your web history–is also synched to Google’s servers.

(And speaking of Google’s servers: all those saved passwords are being backed up too–and the passwords to your local wifi networks are apparently saved as clear-text on Google’s servers. Even when data is encrypted, however, it’s a safe bet to assume that the people doing the encrypting have a copy of the keys.)

 

Giving the Brave Browser a try

brave-logotype-full-color

Since the recent Chrome sign-in fiasco (which Google is currently backing away from slightly), I’ve decided to see what else I can do to stem the flood of personal information to the Silicon Valley tech giant. On a recommendation, I recently gave the Brave browser a shot, and I like what I’m seeing so far.

Built built a crew led by ex-Mozilla chief and Javascript inventor Brendan Eich, it’s a browser that embraces the clean design of early Chrome, while combining it with very smooth and user-controllable privacy settings which seem to do an excellent job of blocking intrusive ads, tracking cookies, and the like. Best of all, by getting rid of all this surveillance foo, it seems to load and display pages noticeably faster than any of the more established alternatives like Chrome, Safari, and Edge.

Eich and the crew over at Brave also seem to be rethinking the whole online ad ecosystem. Since the ability to block ads also threatens to undercut the financial basis that supports the sites you use, they’re trying to rebalance the financial incentives by letting you directly support sites you visit using cryptocurrency-based “Basic Attention Tokens” or BATs, which act to funnel your voluntary donations to the sites you view the most. I’m not sure how I feel about the whole scheme at this point (and I’m more than a little skeptical of cryptocurrencies in general), but I do appreciate that the Brave crew is thinking about the overall problem, and I applaud their view that we ought to be moving beyond the place where we, the web’s users, must effectively become the product to be sold in order to provide all the great “free” new and information the web provides.

For now, however, I’m giving Brave a spin, and so far I’ve been impressed enough to make it my default browser on both my desktop and mobile devices. Here’s a decent video review of the whole thing by ThioJoe.

Uh Oh…

High Court: Online shoppers can be forced to pay sales tax

https://apnews.com/332abb7455cb4b60b2effc0852ff3c89/High-Court:-Online-shoppers-can-be-forced-to-pay-sales-tax

For anyone but the very largest retailers (think: Walmart, Amazon), this has the potential to unleash an absolutely ruinous storm of neverending tax paperwork on us from literally every state (and possibly county) in the country–all of which would likely require their own filing processes, tax rates, rules, and potentially auditing facilities.

We got a tiny taste of this when we used to exhibit at the Chicago Comic-Con, where our (then California-based) company had to apply for an Illinois sales permit each year and do separate sales tax and use filings (as well as deal with the inevitable bureaucratic foul-ups and notices) just for the purpose of being able to sell during a 3-day comic book show. Imagine every small company with an internet presence having to do this every quarter for virtually every tax jurisdiction in the country.

This is bad news for small businesses (meaning anyone without hundreds of millions in annual revenues). I can’t wait to see what inventive solutions the government will now cook up to make the problem even worse…

Things I Can’t Live Without: Drawer Boxes

There are some times when you just need to stop and say “Thanks!” to the people who invented and brought to market some of the amazing things that make your life awesome.

I’m reminded of one of these people–Rich over at Collection Drawer Company–every day I go down to the garage to file comics, or pull a comic order from Atomic Avenue. Rich is the inventor of a thing called the “Drawer Box” — basically, a two-part comic book box which consists of a “shell” which holds the box’s place in a stack, and a “drawer” (much like a heavy duty long box without the top) which holds your comics, and slides into the shell. The net effect: comic boxes you can stack six rows high, while still letting you access any one of them just by pulling on the handle of the appropriate “drawer”.

As soon as I saw Rich demonstrate the drawer boxes at Comic-Con about a decade ago, I knew I needed to put in a large order to store my 50,000+ comic book collection. In the years since, the boxes have shown remarkable durability with near daily use, and they’ve–well, I was about to write “saved me countless hours”–but the real real truth is “made it possible” to work sensibly with my comic collection. Simply put, there’s no way I’d be able to keep a collection of this size–or even a tenth of the size–in any sort of order if I couldn’t easily get to any comic in question without needing to constantly rearrange and restack boxes.

Instead of having a nicely organized collection where I can access any comic in 30 seconds or less, I’d have long ago tired of the sheer work or lifting boxes out of each other’s way and started dumping all my new comics at the end in a set of “to be filed” boxes. From there, it’s a short step toward, “well, I think that comic’s in here someplace” which inexorably leads to, “man, do I have a problem here!” Because let’s face it–not being able to quickly lay your hands on an item in a large collection is virtually identical to not having that item at all.

The sheer density that the Drawer Boxes afford is remarkable. All 57,000 of my books (and counting!) can be stored in two “aisles” (one against a wall, the other with back-to-back drawer boxes, like the way you’d store books in a library) in my two-car  garage. The boxes are just five high, allowing me to easily reach any comic without a ladder, and I can store other assorted shipping boxes and other garage foo on top of the boxes as well.

Are there any downsides? Well, the initial investment–around $10/box plus shipping–less if purchased in pallet quantities–seems considerable. But it’s negligible when considered in light of the comics they hold, or the long, tortuous hours moving boxes around in order to access your collection that they save you from having to cope with.

The two major pieces of advice I’d give to someone considering Drawer Boxes to hold their collection would be to:

  1. Absolutely use the “box locks” (plastic fasteners which can hold a row of boxes together–it not only solves any potential tipping issues, but also makes a massive difference in the stability and longevity of the boxes. Yes, it’s a pain to install them (After a lot of practice I average about a minute a box to get the four locks snapped together), but it’s absolutely crucial if you want things to hold up over the long term.
  2. Do everything you can to ensure the straightness of your stacks, and to protect the ends of the stacks from tipping or getting off center. Most of the load-bearing strength of the shells is in the verticals, and it’s important to keep those aligned with each other (again the box locks help here greatly). Beyond that, there’s the danger of tipping: Stacking your boxes against, or between two walls is the obvious answer, but for times when you need to leave a stack open, I’ve found that box-locking groups of four or more boxes at the end ensures that the whole thing can’t move or tip.

If you’ve got a serious comic collection and haven’t tried Drawer Boxes, I’d strongly urge you to give them a shot. Due to the weights involved (they’re made of heavy-duty corrugated cardboard which isn’t the lightest thing in the world), expect to take a hit on shipping unless you’re lucky enough to live near a reseller who carries them. If not, my advice would be to contact Collection Drawer Company directly and put in a large order–enough to justify freight shipping–as it’ll dramatically cut down on the overall cost vs. smaller shipments which would go out via UPS.

You can reach Collection Drawer Company at www.collectiondrawer.com or just give them a call at 303.368.7873. Rich and his crew are a great bunch, and they’ll take good care of you.

 

The Analog Studio Fire Sale

music_gear

When our house in San Jose didn’t immediately sell when we put in on the market, I decided to take the heartbreaking step of demolishing the 3-room recording studio I’d painstakingly built in my garage, restoring it to a plain-old two-car garage. Whether due to chance, or (I prefer to think) since it opened up my home as a potential purchase to folks who had no idea what they’d do with a recording studio, the home sold soon afterward.

Although Carolyn and I definitely worked hard to cull the herd of our possessions before making the move to our new home near Nashville, most of my former studio gear made the trip–even though I don’t have a studio in the new house. As I try to piece together my new office and work area, however, I’m starting to think that I made a mistake in hauling most of the analog studio gear across the country.

Starting tomorrow, everything from my treasured 32-channel Mackie mixing board, to my vintage Kawaii R-100 drum machine, to a rack full of effects processors is going up on eBay. And my old studio furniture–custom-designed for my control room–is heading for the dump. The mere thought of doing this is killing me, but I’m increasingly convinced it has to be done.

Music Gear vs. Technology: Fight!

Whereas classic instruments and microphones can hold or even increase in value over time, the same is almost never true of electronics. Many a musician gets a thrill playing with the controls of an original Linn drum machine, or listening to unforgettable sounds of a Roland D-50 or Korg M1 synthesizer. But now, modern musicians can simply load up the sounds and characteristics of these old pieces of gear into their DAW (digital audio workstation) instead of maintaining a private museum of vintage gear.

My rackmounted effect units weathered the test of time even less well. The effect processing powers have improved massively in the past many years, to the point where even famous effects–e.g. a Lexicon reverb–can no longer compete with the algorithms and processing that powers a modern computer-based DAW.

Perhaps more to the point, my analog effect units are starting to no longer fit into the modern recording process.

Most older rackmount effect units typically processed analog signals (such as the input from a microphone or guitar), giving out an altered signal (i.e. adding reverb) over the rack effect’s (analog) outputs. If you wanted multiple effect processing on a signal–e.g. adding a delay, some reverb, and a chorus effect to a guitar tone, mixing it in with the bass and drums, then routing the result a compressor to smooth out the dynamics of the resulting mix–you’d accomplish all this by patching the whole signal chain through numerous effect units, effects returns, and submixes, adding a little bit of distortion each time the signal had to be converted between analog and digital.

In the modern world, once a signal is digitized, it’s typically processed entirely in the digital realm, where it’s immune to the noise that comes with analog combining, as well as multiple trips between the analog and digital worlds. Instead of chaining together several rack units using patch cables, a DAW lets you create a virtual patch bay allows the musician to chain together as many digital effects as they want, while keeping the resultant output entirely digital–right up to the time it’s mixed, mastered, and pressed on CD or distributed over the internet.

In a world where you can do all this digitally, why use analog effect units at all? Possibly the best reason comes down to the ease of doing a simple effects chain by just plugging in cables and twisting knobs. But when sound quality is critical, or the effects chain gets complex, digital wins hands down. My old rackmount effects have some good tricks up their sleeve, but at some point they become John Henry working against an infinite number of steam shovels.

In a new home, without a dedicated performance room and control room, I’ve got to be able to do the entire recording and performance job in a relatively compact space. Switching entirely to a digital recording chain just seems to make the most sense at this point, even though I’ll definitely miss the immediacy and tactility of working with dedicated sound and effect units vs. the rather abstract nature of a DAW.

So, it’s with real sadness that I’m preparing to bid farewell with what are truly some of my most cherished possessions. If you’re the sort of person who loves classic gear, check out eBay in the weeks ahead for some real bargains.