Web3 development

Yesterday we had a party for Elder, since we were out of town for her birthday. Our quranteam came over, so all the kids were running around the backyard while we ate pizza and wings, and drank the latest batch of my homebrew. Missus even got me to break out my guitar and I spent a good hour playing and singing at the top of my lungs. It was good times.

I keep partying after the kids went to bed, and played video games until well after midnight. I paid for it this morning. There wasn’t much cleanup left to do from the party, but I wasn’t productive in the AM. I didn’t get much work done for Zombie, I pretty much just checked in with Boss and spent the rest of the morning looking at markets and reading.

I wound up buying an IXL subscription for Younger, and we spent some time working through some of that.

I decided to take a look at Flutter, and worked through the entire tutorial. It’s a very interesting project, like React, that allows you to create one project that will render on IOS, Android and the web. It’s pretty neat. I’m not sure how I feel about Dart yet, but I’ll probably dive into more later. The whole ecosystem is pretty interesting; Material probably deserves a closer look at some point also.

I’ve got to be careful though, cause I feel like my backlog is gonna quickly get swamped up at the rate I’m going. I also ran across Alchemy, which is a development platform for Ethereum, and I feel like I’m going to be spending a lot of time with that very soon.

It seems like there’s a whole lot of things to be built in the DeFi ecosystem, so having a good understanding of how to interact with smart contracts is going to be instrumental, as is being able to build dashboards like what Zapper and others are doing. I’m really going to have to have my work cut out for me. I love Python, but I’m going to have to work with some of these other languages if I want to be a world-class developer.

Tonight I think I’m going to spend some time working on Ethernauts. I need to make some adjustments to my Solidity workflow to make things work a little better, and it should give a better understanding how to interact with Ethereum programmatically.

Evening notes

Trade plan programming

I’ve been working on my trade planning Python module the last couple days, and already the project is becoming rather complex. I say it’s a trade plan module, but really it’s a capital preservation ‘brake’, if you will.

The basic idea behind the module is like this:

  • Get balance list and filter empty ones.
  • Get last symbol/BTC market price.
  • Calculate total BTC value of all holdings.
  • Get open orders for each market. For each, look for limit orders, and calculate the covered/uncovered amount in BTC.
  • Make sure that no uncovered position accounts for more than two percent of total portfolio value, and that no more than six percent of the portfolio value is uncovered. If they are, do not allow any additional buys.

The last couple days I’ve been slowly working through everything, following a strict TDD methodology to make sure the code is covered, monkeypatching and mocking calls and creating fixtures for the exchange data. Now I’m getting to the point where I don’t know how to proceed, and I’m getting frustrated.

I don’t know where the problem arises in times like these, but I have a feeling it comes from lack of proper planning. I start out with a few procedural calls, then I get to a certain point of complexity where I have to start refactoring classes. Or I don’t know what to do next, and so I cobble come code together without writing a unit test first, and start breaking my flow.

All I can do at times like this is take a break.

Binance token mooning

Binance token has been on a bit of a tear the last few days. Apparently they’ve launched their own EVM compatible Binance Smart Chain, and are hoping to go after the DeFi space. Good luck to them.

I took a look at the validator instructions earlier to price out the cost of being one. It costs 10,000 BNB tokens, or about 300 BTC ($3 million), and about $244/month in AWS costs. That’s still a magnitude cheaper than running a $30 million Serum DEX node, but shows the type of centralization that we’re going to be seeing with these projects. I’ll keep running my puny IDEX node, and work toward my 32 ETH so I can run a Ethereum 2.0 node.

I’ve actually been holding my BNB tokens for two years, and they just actually touched my cost basis after spending so much time underwater. Since I’m actually trying to follow my capital preservation rules, I’ve had to put a tight stop on this latest run. I’ll have to figure out how to account for entry cost in my trade plan program, as now I’m just looking at the percentage of total. This may not work well when things start mooning and I have to recalculate on the run-up.

Jumping into the DeFi deep-end

I’ve decided that the opportunity cost for keeping my funds in BlockFi is just too great, and I’ve initiated some withdrawals. I’ll be putting the entirety of the funds set aside for my kids into the sBTC vault later this week, for a modest 40% APY. I must have stared at the withdrawal screen for five minutes before I could push the submit button. I must have read the wallet address over and over three or four times to make sure they were right.

It’s stressful, being your own bank.

Anyways, I’ve still made no decision on my cold storage funds. I’m risking way more than two percent on this vault, and any more would be irresponsible.

Famous last words.

No rest on Labor Day

Today is the first day of school for Elder, and one that will be entirely online. She’s got afternoon sessions, which means that Younger will be looking to me as a playmate. I don’t think I’ll be getting much, if any work done at all. We’re lucky she got the afternoon spot though, cause the eight to noon spot would be even worse.

Yesterday morning I produced a Labor Day Breakfast for the local political party. It was in Zoom, and they called me about three days out to put it together. I managed to use OBS as a virtual camera, and was able to queue up a half dozen videos in OBS so that we weren’t struggling with it using Zoom’s sharing capabilities. I just set the scene in OBS, put the spotlight on my video stream and hit transition. Voila!

It went really well, but was really harrowing. There was probably close to two dozen speakers, including our Senator, several Representatives, as well as numerous state officials. I managed to keep it on track, except for some of the speeches. By the end I was playing people off, Improv-style. The whole thing was about two hours. One attendee remarked that it was the best-run Zoom meeting that they ever saw. There was over one hundred people on it at one point.

Then as soon as I was done with that I had to get ready for a pool party, which meant I had to run to the grocery store for last-minute shopping. I only picked up a few things, but the store was crowded. As soon as I got back Missus loaded the kids up and we went to pick up her mom and headed off to the party.

I didn’t get to enjoy it for long.

About an hour after we got there, I got a message from a political committee member that the website had been “hacked”. I pulled it up and was met with the bare directory listing for the WordPress site. Index.php was missing, so my first thought was that it was a failed upgrade. I tried to pull up my management console on my phone to restore a backup, but the most recent one was months old. Oops. So much for relaxing.

I’m not going to get into the details of the hack or the recovery, I think this was a simple case of credentials being leaked. There were too many people that had access to it, and the committee secretary was given the site admin credentials to use to post on the page. Yikes!

I cleared that situation up with them and urged everyone to check their antivirus. One of the committee chairs was running a Mac with nothing but Malwarebytes on it. I swear. I locked the site down as much as I could with free versions of Securi and Ninja Scanner, so I think things are cool for now. This is the second time this site has been hacked though, so I’ll have to keep an eye on it.

I just checked the login attempts on the site, two attempts from Rio De Janeiro overnight.

Liquidity

Spent some time today delving into Uniswap. Here’s a couple of posts that have some good information:

Understanding Uniswap Returns

An Introduction to Automated Market Makers

I had a bit of a flash this morning that I should probably start exiting my IDEX position into ETH, specifically the yETH pool, but it turns out that Yearn has halted deposits on the pool. I’m glad i got my little test deposits in when I did.

Still, I was looking at the best way to exchange my tokens. On IDEX, obviously, but I have never actually used them since they implemented accounts, so I can’t trade there as of now. Binance has trade pairs to BTC, but that would involve another trade. Then of course, there’s Uniswap, so I took a look and found an IDEX-ETH trading pool.

The liquidity here is not very impressive. And I saw an opportunity for me to provide some, although I still don’t understand how the assets in the pool are being staked together. I would assume that the pool would need to be 1:1 in value between the pairs, but it actually looks to be about 1:2, as far as the USD value of IDEX-ETH. And I’m not going to put any more capital at risk until I understand what this “divergence loss” is and how I can keep from being affected by it.

I also spent some time looking for arbitrage opportunities. There was a bit of a price divergence between the IDEX exchange price and the Uniswap price, but the liquidity is so low that trying to take a large order would eat the price divergence back to par, and dealing with low amounts would have caused any profits to have been eaten up by gas fees.

So for now, I’ll take no action while I wait for a bit of a price recovery on IDEX and explore other opportunities. I’ve given up trying to get the Monero blockchain running locally, and have it syncing in a cloud server. What was taking over a week with my SATA stripe array looks like it’ll take a few hours on cloud.

Other than that, I’ll be working through Mastering Ethereum, trying to understand these smart contracts, and hopefully figure out how these smart contracts work, how to design my own, and how to build programs to interact with them.

Generating spelling flash cards with RemNote

Making alphabet and spelling flash cards with a little help from regex

I’ve been getting used to RemNote for a little over a week now. I haven’t really gotten too much into yet, just taking notes and trying to link things up. I haven’t played with the spaced repetition features yet; I’ve used Anki in the past to get through an accounting class a few years ago, but I haven’t really felt the need to use it much for anything I’ve been dealing with lately. I may start using it for certain CLI commands at some point, we’ll see.

I did start trying to use it for Younger and Elder, though. I set up a document for the alphabet and filled it out like so:

A:: A
B:: B
C:: C

And so on. It doesn’t look like there’s a way create these cards without having something on either side of the double colons, so I just filled it in with the letters on each side. Of course, Younger can’t do these by herself, so I have to sit there with her and push the answer buttons for her. It’s been working ok so far, it takes a couple minutes, and the app makes a nice little fireworks display when you hit your daily goal. She loves it. It of course makes her big sister a little jealous so I had to find a way to do one for her as well. We settled on third grade vocabulary words.

I found a couple lists online, but I wasn’t trying to copy and paste two hundred words into the proper format, so I did what any programmer worth their salt would do: regex.

Take a list like the following:

additional	event	region
agreeable	examine	repair
argue	example	ridiculous

We want to separate the non-whitespace \S from the whitespace \S, into two ( ) groups : (\S+)(\s*). Then we can substitute, using \1 as shorthand for the first group: \1::\1\n. This gives us the following output, which exports perfectly into RemNote:

additional::additional
event::event
region::region
agreeable::agreeable
examine::examine
repair::repair
argue::argue
example::example
ridiculous::ridiculous

Now while this works fine from a technical perspective, it’s a bit flawed in execution. Elder can’t see the words that she’s trying to spell, obviously, so I have to read them to her while she sits across the room from me. It causes her to miss the reward, the fireworks, and caused a bit of distress on her part.

So here I am now, brainstorming ways to generate audio files for these words so that I can put them in with the cards. Do I read a list of 200 words, and then go through the editing process to separate them into individual files and attach them to the proper file, or is there a way to program and automate all this.

Of course there is. There’s a Python module for the Google Text to Speech library, so I could literally generate the files in a few minutes. Then it’s just a question of importing them into RemNote. Unfortunately, RemNote doesn’t seem to support uploading or local audio files, so I would have to either upload them somewhere like an AWS bucket, or just use something like Anki, which supports audio within the card decks themselves. We shall see.

I’ll have to keep quizzing Elder on my own now, she seems to do better with the one on one time anyways. I’ll be sure to share any updates.

Storm watch

Hurricane Isaias is making itself known. Wind gusts are pounding the house, making it shake like a freight train. The girls are up, Missus let them start a movie this morning despite my protests. She woke up early because of the storm and apparently isn’t planning on doing any work till later this morning.

Alerts have been popping up on my phone all morning as our managed servers have been going dark across the board. Internet and power have been dropping across the region as the storm makes its way across the area. It’s not really that much more work for me, since there’s not much I can do about it. Hopefully I’ll be able to get some work done on my two main goals at work: converting a client over to Microsoft’s mobile device management, and building a C++ build pipeline for some embedded controller software.

The RMM vendor that we work with integrated IBM’s MaaS360 product into their offerings two years ago, and we signed on one of our clients for it. It was a bit more involved than we expected for such a small deployment. We had to get a management certificate issues from Apple, which wasn’t too bad, but then we had to manage eleven Apple IDs, one for each user, before we could even enroll the phones. This involved downloading a special management app and profile. The client wanted content filtering on the phones, which meant the deployment of MaaS’s Secure Browser, which involved several more steps. Then we thought we were done, and I just ignored the deployment until about a month ago.

The client contact me about installing a new service app on the phone, and after figuring out how to login to the management portal I found that nine out of the elven mobile devices hadn’t checked in, some in over eighteen months. After contacting my RMM vendor for some support and getting frustrated at their lack of knowledge, I started searching for solutions. I new Microsoft had been offering some options through O365, and since most all of our clients are 365 clients, I thought that any solution that can be managed through it would be a plus. What I found is that the latest MDM offerings, included free with O365, actually gives us a lot of what we need, which is security profiles on the device itself, and the ability to control the software installed on the device. I did a quick test with our O365 tenant and my personal device, and I’ve been holding on to a client phone for about a week to test and document procedures so that they can setup the rest of the devices. I’ve been talking to other MSPs in our network, and let me say that there’s a lot of interest in the fact that I’ve been able to setup federation between O365 and Apple Business Manager.

The other project I’m trying to work on involves setting up automated deployments for a development project. The developer workstations are based off of an Ubuntu 16 VirtualBox image with a custom IDE and hardware libraries installed. The process to setup runs about five or six pages, and hasn’t been replicated by the client, so I’m hoping to go through the document and create a full script that can be replicated to set things up for new employees, or whenever the developer config changes. I’d like to get them up to Ubuntu 18, at a minimum, but the eventual goal is to make sure that we have a build process that exists outside of the IDE and can be automated via a build job as part of the version control process.

The problem I was running into is that my own computing resources are kind of limited right now. I already run my Windows workstation in a Ubuntu KVM instance, so running another VirtualBox wasn’t really an option. So I decided to use some of my Azure credits that I get from my Microsoft Service Provider benefits. I recently used an Azure VM to stage an on-prem domain deployment, scripting it out using Desired Configuration State (DCS). I was able to validate my AD and DHCP scripts on the Azure server, then copy the files down to the on prem server, run them, and have my deployment up and running in about an hour. The scripts will need some improvements before it’s really useful, but it’s a start.

So before I got started yesterday, I decided to explore deploying my VM via the Azure CLI. I went through a couple exercises yesterday to practice, and today I’m ready to get started with the actual projects.

A couple days ago, a marketing employee at Zombie made a comment to me that they were thinking about becoming a technician, and I told her to look at cloud engineer tracks, cause AWS and Azure jobs are among the highest paying and in demand, besides data scientists. Spurred by my own comments, I started exploring the training options for AWS, and started going through the AWS Cloud Practitioner track. The exam is only $120, and why not. I actually prefer AWS over Azure cause of the pricing — good luck finding a $15 a month Azure VM! — and want to really have a handle on it since that’s where I’ll probably be focusing my own entrepreneurial projects. I’m still locked into Microsoft at work, so learning Azure is going to help me, but everything Microsoft does is convoluted and complicated.

Will having a handle on both AWS and Azure make me a double threat? Doubtful, since I wager most large shops will use one or the other, not both, but that’s just my situation now. So I’m stuck between the two. Jack of all trades, master of none.

Fast, good, cheap

Pick any two

It’s been a little over one year since I started blogging in earnest. I’ve been taking a look at the archives from last July to see what I was writing about back then. When I started, I think I gave myself a three hundred word target, just to get in the habit. Today, these posts routinely run two to three times that length, and with some posts in excess of fifteen hundred words. The content of those early posts were more focused; I had the habit of writing a post for every book or magazine that I read, but today these posts are mostly journal exercises for the most part.

My most popular posts have been on technical issues, two about a WordPress hack and an Windows server issue seems to drive most of the traffic here. My exploration into Facebook’s Prophet machine learning tools gets another trickle. I’ve yet to find a focus for this blog beyond whatever strikes my fancy for the day, and I’m content to continue with it as is, making small adjustments as necessary. However, they say that no one ever got where they wanted to go without a plan, so some critical fascimilie of a plan might have to come together at some point if I want this to be a part of a long-term career strategy.

For now, it serves enough for it to be a place where I practice my writing muscle. If I write, I am therefore a writer, so it goes, and every day that I write the better I get. I’m closing in on three hundred posts here, including ones older than a year old. (This count doesn’t consider the archival posts that are monthly roll-ups from the previous incarnation of my WP database.) I’m hoping that by the time I reach five hundred I’ll be even better. We’ll see if the traffic to this blog increases along with it. Time will tell.


The kids have been incredibly difficult this morning. We all got up pretty much at the same time, and I was unable to get much done till after they left for their grandmother’s house. Younger has been especially sensitive this morning, but both of the girls seem intent on making a sport out of disobeying me. I was unable to get either of them to do their studies this morning, and at one point I had them both taking timeouts in the kitchen, which they made into a game where they tried to laugh at each other while I made lunch. I shouldn’t be mad but I did lose my temper briefly from having to repeat myself whilst being ignored repeatedly. Hopefully they’ll be better behaved when they come back.


I’ll admit that part of the reason for the discord here in the house is due to a text I got from my WordPress client basically firing me from the project. When we had set out, I thought I had made perfectly clear that this was going to be done quickly. I believe my exact words were something to the effect of being on the cheap and good areas on the project triangle, and that if we needed to move to the fast that they should let me know. As we entered the third month of our engagement, they let it be known that they were frustrated with the pace, and that I had expressed some doubts about my ability to deliver the project. I had expressed some frustrations about the work that I had inherited. This was mostly due to the amicable arrangement that we had started out on.

I think one of the major mistakes I made taking on this project was not properly scoping it and setting expectations. Another WP developer in my area charges twelve hundred dollars for a basic, four or five page WP site, and this project involved a major redesign and restructuring of an existing site. Easily a six month project at the rates I was charging. That obviously wouldn’t have flown if I had proposed that at the beginning.

I did identify several aspects of the redesign that I wasn’t going to be able to deliver on my own, mainly image assets. I was having a hard time gathering stock photography to match what they were asking me for. When I made this clear to the client, and told them that delivering everything I felt needed to be done within the accelerated timeline was going to be difficult, they told me that they had other developer resources that we could bring in. I said by all means.

This hasn’t been going quite the way I hoped it would turn out. In anticipation, I wrote up a project summary, invited the outside dev to my Basecamp, where I had all of the project notes and tasks, and spent several sessions building out a backlog of things that needed to be done. I told the dev, a PHP and Laravel dev from Pakistan, that I needed their assistance with one particular task: setting up the MemberPress plugin for us.

It doesn’t seem that any of that has even been considered. When I got the text, to the effect that development would proceed from scratch due to the difficulty in determining what I had done, I checked logs for the staging site and saw that no one besides myself had even logged into it. So something else appears to be going on. I suspect that besides the English language barrier, the outside dev might be more of a Laravel developer than a WordPress one. And I find it highly ironic they’re starting from scratch, when I literally spent two months trying to figure out what the last dev did.

I’m trying to tread a fine line here given that this engagement is with someone I consider to be a friend. We had gotten into some heated discussions about this, and you know the old saw about mixing business with pleasure. Still, my friend is enough of a intrepid entrepreneur that I considered this a baby step into what should be the start of a mutually profitable enterprise for both of us. When they broached the subject of terminating the arrangement with me a few weeks ago, I was so held by a sense of honor that I basically volunteered to finish the work for free. That’s why this morning’s message stung so much.

I replied back with as much tact as was possible given the cortisone flowing. I told them that the outside dev hadn’t even given a cursory look at what I had done, and I asked that they take another look at the progress I had made in the past few days before they pulled the trigger on a redesign. Further, I said, even if they did insist on moving forward with a new project, I intended to continue my development on the staging site until I was satisfied that I had fulfilled my promise to deliver the redesign and the membership features by the end of next week.

This project has taught me a lot already, both about WordPress development, but aslo about managing client expectations. I have got to spend more time focusing on the business side of the relationship, and establish some formal contracts and work blueprints so that expectations are better managed up front. For now, I’ve got about twenty hours of work left in the month in which to deliver and salvage this project. Failure is not an option, and neither is ruining this friendship.

WPStagecoach saved my life

pink carriage with brown horse

Quit messing around with lesser staging processes and get the real deal.

I don’t mean to be too glowing or make this seem like some infomercial endorsement, but I do really think it saved me from having a heart attack the past couple days. I’ve been using InfiniteWP to manage most of my stable of WordPress sites, and it’s served me well for managing updates and backups, and is even handy for migrating websites from one host to another. It’s well worth the $120 or so that I paid for it a few months ago. It’s staging features aren’t really that great.

Part of the problem is that it only wants to install the staging site as a subfolder of the main site. It also makes a copy of the database on the production database, it just uses a different table prefix. I shouldn’t have to tell you why this is not great from a performance and quota standpoint. The other problem is that it doesn’t provide much information when things go wrong. Ideally, I want my staging sites in separate subdomains, but IWP just can’t do this. And the documentation is very mum about this. I have a support ticket open with them right now to figure out why I was unable to clone a particular client site, and to make sure that this paragraph is correct. What I can tell you is that I spent days trying to get a proper staging site setup for my client using IWP.

It’s not all their fault. I’m taking over a project that seems to have been abandoned by the original developer, and there were many problems with the site that may have contributed to the problems I’ve been having, as we shall see shortly. IWP has three staging options, on the original site, on my configured staging server, or custom FTP. I was able to clone the site to my custom staging server, but the theme didn’t operate properly. I believe this may have been a problem with hotlinked theme assets, I haven’t figured it out yet.

I literally spent days trying creating subdomains and updating DNS on the client site, and couldn’t figure out why IWP kept giving me “error: check your hostname” when I tried to update things. I figured it was a DNS propagation error between the server hosting my IWP and the client’s host. I usually only work on sites I host directly, but this was the first time I actually had to use the staging features. I was getting very anxious. I had wasted several days was already dealing with an irate client, and was starting to get a panicked feeling when working on the project.

So I decided to go another route and explore some other options. I read through several blog posts on WordPress staging sites, and one name that came up several times was WPStagecoach. And it was only $12 for a month, so I signed up for a trial and had the staging site up in less than an hour. No kidding.

The setup process was impressive. Getting the plugin installed and activated was pretty standard, and creating the staging site was very user friendly. It started off by scanning the site for large files, and found a backup archive, which it asked to exclude. Then it starting creating a tar file of the site to move to staging, and showed me a status percentage as it did so. This was very much needed considering IWP had been “working” for hours without so much as a log update. After the tar process was completed, I did get an error that the archive was missing files, and was asked whether I wanted to abort, retry, or “proceed fearlessly.” I retried, waited another five minutes, and got the same error, so I went ahead and pressed proceed. Another five minutes, and BAM. There was my staging site, and it looked perfect.

And one thing that really impressed me was that after the creation of the staging site, I was given a list of errors that WPS had found, mainly places where the site’s URL was hardcoded in the theme templates. These are likely why I had the rendering issues on my previous staging attempt. So now I have a list of files that I need to target, as hard coded URLs will play havoc with my development environment as well. And this feature really shows how WPStagecoach really shines as a specialized product.

WPS hosts the staging site on their own servers, giving each site their own subdomain. I got ten with my account, which is way more than I’m going to need anytime soon. So now I can proceed with the next step on this project, which is getting our MemberPress module up and running. Then I’ll be able to see if pushing changes back to the live site is as easy as creating it in the first place. If my experience so far is any indication, it’ll be a sinch.

IT fiction:The Phoenix Project

Thoughts on the first half of the business book

I’ve been reading The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win the past couple days. It’s an interesting book that takes a fiction approach to teaching “the Three Ways”, which are some devops patterns and principles. It’s really interesting, although some of the setup seems a bit contrived, the writing is good enough that I found myself blowing through half the book in two days, and found myself reading it through past my bedtime last night.

Part one of the book is a journey into enterprise IT hell, as our hero, Bill, is promoted from his small operations group to IT director for the large automotive parts company that he works for. They’re in the midst of preparing for a huge software rollout, which is bound to fail, and Bill struggles to get a grip on things before things inevitably crash and burn. In short it it’s a trainwreck, and the authors start introducing the reader into change management devops concepts.

I think anyone who’s ever worked in an enterprise environment will have PTSD from reading this, I know I sure did. Although it’s aimed squarely at teaching workers in larger firms understand these best practices, I think it may be useful to smaller operators and teams like the one I work with. The book was written more than six years ago, which seems like a lifetime ago in IT, but it doesn’t get into the details of any actual tech tools, instead focusing on the process. In fact, the change management process they use in the book is literally postcards on a whiteboard, and the description of the rest of the environment is literally generic enough that it’s irrelevant.

Part one ends with Bill quitting after too many of his warnings are unheeded by the CEO, and part two starts with said CEO seeing the light and bringing him back in as they struggle to work together and save the company.

I’m already thinking that this will be one of those books that I recommend to all my IT colleagues. I may buy a few copies and send them to a few people I’m working with. I think it could be a valuable book for people who haven’t actually operated in a large corporate environment. It may be good for stakeholders as well. Hell, it might actually be good to give a copy out as a sales tool next time we have a big prospect.

One thing that I’ve taken away from the book so far is the breakdown of four types of work: projects, internal IT tasks, changes, and unplanned work, which I’ve always referred to as firefighting. They describe it as anti-work, which is an apt description, and I’m going to be more cognizant about the type of work that I’m doing from day to day.

The Phoenix Project falls in an interesting class of book that I haven’t run into before, business fiction. I’m curious if there are any others that are similar. I’m sure that the situation told within it is real enough, probably culled together from various real experiences, names changed to protect the innocent and all that. The first-person voice used by the authors is a style that seems familiar from many business books going all the way back to Dale Carnegie, but I don’t think I’ve ever seen it deployed in quite this way, with the book as one large case study.

Besides the operational side of things, there were a couple of work-related things that struck out at me like a sore thumb. During the failed deployment of the new software product, the entire core project team is forced to pull an all-nighter trying to restore operations, and then spend many long days during the following weeks trying to shore things up. After Bill’s promotion to IT director, he seems to lose all grasp on work-life balance. He’s reading a story to his kid and means to lookup something about Thomas the Train when he gets drawn into a work email and then another call. The situation completely disrupts his family life. Another employee at the firm, Brent, the key-man with a hand in seemingly every system at the company has gone years without taking a vacation without being on call.

Apparently these two issues will somehow be resolved as Part Two progresses, but there was one detail about Bill’s circumstances that really had me shaking my head. Near the end of Part One, as he’s fretting over losing his career, he questions how they’re going to pay off their second mortgage and start saving for their kids’ college. Apparently they were just treading water, and the unexpected promotion has finally put them on the right track. This detail caught me, and I found it interesting. Perhaps to appeal to a broader base of people, or elicit sympathy, but to me it struck me as slightly incongruent with the rest of Bill’s disciplined personality.

Maybe I’m reading too much into it. If anything, The Phoenix Project has reminded me of the life that I don’t want. I spent four years working in an enterprise firm, and I came out of there in a rough way. I’m going to need to think long and hard before I think about getting back into a leadership role at a large firm where I have the type off responsibility where I’m going to be on call for emergencies in the middle of the night, or get sucked into some project deployment that’s going to require anything resembling a war room.

I’ll find out how life changes for Bill and the employees of Parts Unlimited soon, as I’ll probably wrap the book up over the next day or two. I’m looking forward to getting copies in the hands of a few more people to see how they like it, and, more importantly, to see what effect it has on our operations and service delivery.

Mobile Device Management

two black smartphones

Small business deployments are still too cumbersome

Today is going to be a busy day. We’ve got a small party to attend to host, so I’ve got to do a bunch of household cleanup, roast a pork shoulder, bake a cake, and then host seven or ten children plus parents in the backyard. If that wasn’t enough, I’m behind on both my WordPress project and the Substack post for Monday, which is about bitcoin.

Work picked up a bit last week. I’m helping roll out Git best practices for a software development firm, which is the kind of challenge I’m looking for, and dealing with a failed mobile device management solution (MDM) that I rolled out several years ago and which has been summarily ignored since then. It’s not what I’d rather be doing.

Microsoft’s MDM, Intune, has evolved over the past few years, and like most Microsoft services, has gone through several iterations and is a maze of admin dashboards, documentation, and licensing products. It still seems vastly superior to the product that we’ve been using from IBM, called MaaS360. Still, figuring out the requirements for a small business client is a huge pain. We’ve been dealing mainly with Apple devices, which means managing all the end user accounts. Getting the devices enrolled requires managing a signed certificate from Apple (another account), and then deploying the device requires not only a configuration profile on the device, but additional apps on the device for it to work.

For our initial deployment MaaS360, requirements were pretty simple, the customer mainly wanted to lock down the browser on the phones for content filtering. It was an arduous process, even for a first-time deployment. Setting up the device profiles and testing took me several hours, then another associate of mine had to go through each device, setting up iTunes profiles for each user and downloading our management application. Then, after we deployed it, we discovered that GPS tracking wasn’t working. Permission needed to be granted individually on each device.

This initial deployment went unattended for almost two years. We got a request to pilot a new service app on one of the phones, and when I went back to check the tenant, all but two of the phones hadn’t checked in to the portal in over six months, more than half in over a year.

By some stroke of luck one of the two belonged to the individual who was selected to pilot the new service app, so I was able to proceed with the planning for that. I spent the rest of the morning trying to acquaint myself with Microsoft’s MDM offerings. Since most of our clients are on O365, it makes sense to take advantage of whatever is available through the platform. I was able to get a device policy setup under our partner account, but wasn’t able to get my personal iPhone to report into the console, even after several attempts connecting it to my O365 Exchange account.

Then, several hours later, after getting a Teams notification, I was prompted to install the device management profile, as well as two other apps, one for a “company portal”, and the Microsoft Authenticator app. Then, I was prompted for a managed Apple ID, and that’s where I stopped for the day.

I decided that if I was going to be forced to redeploy management to a dozen or so client devices, that I had best start communicating with the client, so I spoke to them. There had been numerous personnel changes in the past few months, and a lot of other processes were being re-evaluated, which meant that it was a good time to put some processes in place. First off, a freeze on any device purchases or equipment transfers without keeping me in the loop. (Outsource IT is usually an afterthought when it comes to hiring and firing.) Second, we were going to audit all existing devices, and make sure that we have a record of which devices we think we have, and who they belong to. That would give us some time to evaluate whether we can move management over to O365, or redeploy with the current solution.

I pulled some spreadsheets down from the management portal and dumped them into the client’s SharePoint site, then scheduled a Tuesday meeting with the pilot user for the new app.

Next week, I’ll have to do some investigation into Apple Business Manager, to see if it allows us to manage user IDs as well as the devices. We can barely depend on this firm’s employees to manage the one AD accounts, let alone another set of Apple IDs. It’s management hell. I’ll also have to draft some written policies for device and user onboarding and so forth. Eventually, I’d like to enroll the client firm in the carrier’s device provisioning program, to get them enrolled with minimal supervision. That will likely be a slog for this small firm.

On the brighter side of things, this may force me to develop some concrete MDM deployment best practices that will make me a superstar. I’m not aware of any Powershell tools that can be used to automate any of this process. Even turning on MDM within O365 requires clicking a box in the admin portal, and the Apple Certificate provisioning requires setting up accounts and downloading a file from one portal into another. Drafting an SOP for the entire process start to finish would be valuable.

That will have to wait till next week, because today, I have a party and very special birthday girl to attend to.