Never heard the way cow roads were built?  My grandfather explained the concept to me.  A road engineer, before there was a Civil Engineer’s exam, would drive a cow forward with harness and leads.  Up hills, through valleys, to shallow fording a river and through deer trails.  A cow you see, is lazy and instinctively chooses the way that uses the least energy, employs the best advantages of terrain to advantage.  But cows get stuck in briers, lose their way in the forest, have to be rescued by cowboys when a nasty storm comes up?  These are true, a Cow isn’t smart, a cow is simply wise when it comes to being lazy.  The cow may lead you astray, but typically if you can’t get a cow to move up a mountain, after driving him forward, and she keeps lying down, rather than moving forward, it’s time to get the dynamite out and blow a pass through the mountains.

Programmers subscribe to the cow metaphor.  Follow the herd and lay gravel and then pavement behind you in a smooth grade that people can work through.  Find cracks or problems in the pavement?  Patch it, feature enhance it, and move on.  Given the Pigs and Chicken metaphor of Agile development, I think that the cow metaphor is also appropriate, despite the Zen master focus many attribute to the modern Agile developer, the lazy cow is still Zen, still in keeping with the mentality of clean, re-factored code that reads easily.

The Novelist is no less a lazy cow than the developer.  They research furiously for the route to a good manuscript and a way to tell their story.  Their outlining is akin to the planning session, their mandatory writing sessions like the developer’s quiet hours, while they try to focus on specific projects and get the work done.  While often, a novelist might sit on his warm rock and bask in the completion skills and efforts they have, the good novelist knows that they have to constantly change, learn and adapt themselves to the market and the endeavors they choose.

I comment on novelists, only as an outsider looking in.  While I’ve written several novels, I haven’t managed to publish them yet.  I write at least 1750 words a day on one of them, typing furiously to complete this or that story in the twenty minutes I throw at them.  At 190,000 to 250,000 words per novel and 360 days of honest writing a year, that’s more than 2 novels a year worth of writing, but as any novelist, even an amateur might tell you, there’s fat to be trimmed and set aside or thrown away.

Software development, especially on independent and open source projects learns much from these good habits.  Writing 1000 lines of code in an hour is actually quite easy once you’ve outlined your problems.  Many writers write with a solid outline and I know few developers who write their best code without the framework.

Clean code, a book I can’t recommend and both fight with my dying breath enough, has many examples for building solid code.  Early on they talk about functions or methods having and doing only one thing well.  I’ve read writing books that talk about the elegant, short sentence that does a dozen things, but is a singular focus and idea.  I think clean code was talking about that sort of thing.  If you write a beautiful method, that joins 4 methods together, has no technical debt, had the JUnit written first, and has readable variables and functionality that transfers the knowledge of what it says and does to any developer in less than a second, then you have achieved that synthesis of code that novelists call their golden sentences.

I’m rambling…

How can I sum up my first post about this topic?

Good Habits for writers and Novelists:

1. Set daily goals, for authors, at least 1500 words a day, for coders, make it a number of classes and or lines of code that at least amounts to an hour a day, every day, even on your birthday.
2. Write small, cow road sentences or functions, that do a lot, with a little, plow through where you need to.
3. Use dynamite when the problems are too big.  Ask for help, blow through your problems, get them done.

(Author’s note:  Some of my posts have been sitting in draft mode for several months.  I decided to release the last two, mainly because I commented about both of these as advice in the last week or so.  They’re not as polished as I’d like, but I’m hoping their serial nature will force me to come back and fix a few of these.)

As a Contractor you’re an at will employee and the first on the chopping block should a company feel any financial strain.  For that reason, most contractors I know charge a high rate to cover for the lean times should they not have a job in place to quickly fail over to.  Fail over jobs could be an entire post, but the short and long of it is that while you’re working for one customer, you have to at least remain friendly if unavailable to the next set of customers and be prepared to do small weekend projects if they come up, to keep a modicum of good will.  You need to clear these side projects with your current employer, before you take the jobs.  I know this sounds rough, but the typical arrangement is, “Hey boss, you know I’m a contractor, I need to slide some work in next week for an old client.  It will be strictly weekend and night stuff,” and move on.  They can say no, but they have to weigh that against the eventual end of your projects and what they’d feel like if they couldn’t get a hold of you to finish a few things for them.  If they start out with a “No” it’s usually okay to mention the complexities of the contracting world, and move on.

This leads me to how much to charge.  At various times in the tech industry, there have been soft and there have been lucrative times in the technology market.  Competition has appeared from global sources. In the United States, where I live, there’s an old formula for figuring out an hourly rate.

For W-2 Employment the equation is, how much do you want to make a year, divided by 2000, and you get your hourly rate.

Want to make 200,000 a year?  100 dollars an hour will get you there.

Want to make 30,000 a year?  15 bucks an hour will make it work.

For 1099 Contractors the formula is a bit more complicated.  A simple conversion done by many is 16% greater than the W-2 rate.  This covers the 10% self-employment taxes and the 6% that the typical W-2 job pays for pitiful benefits.

Want to make 120,000 a year? divide by 2K, get 60 bucks an hour, multiply by 1.16 and you need to be charging 69.60 an hour to get close.  If you’re under 35, your garbage health insurance policy is 500 a month, not including family members, you’re paying 250 a month in disability and term life insurance(never to be discounted), and trying to squirrel some of this money away for the eventual lay off and/or transfer times.  Many Contractors find agencies, leagues or other groups to help provide insurance benefits.  While some folks can get group policies through their churches or civil work groups, I’m fond of Fractured Atlas a group I joined to support and promote some of my non-developer activities.  While I work to live in the technology sector, I do have those novels and screenplays in a drawer that I keep picking up, have a movie under my belt, and love my Bonsai.  Technology folks tend to have interesting hobbies and many of those hobbies have support groups or guilds that also provide access to decent insurance and benefits to help alleviate the costs.  As a larger note, contractors often should have a Liability policy, if they’re not being represented by a contracting firm.  The liability policy is not a sign that you’re weak and are going to mess up so badly they’re going to need to soak your insurance company for 2 million dollars to cover the hole.  It’s a sign to your employer that you mean business, and should you fail or flounder, you’re willing to pay for your mistakes and make things right, one way or another.

There’s hope though in the above configuration of benefits versus hourly rate.  Life and employers like round numbers when possible.  In negotiations, it’s best to chose numbers divisible by 10 and 25 for rates.  If 69.60 comes up in calculations, it’s usually okay to ask for 70 or even 75.  While it does not fully compensate for the level of quality collective bargaining provides, it does provide more money to even out the road.  That said, what’s better than 75 is 100.  Making 200,000 a year and spending like you’re making 120,000 a year is a great way to save money for lean times and grow your business.  Competition, however, will typically drive those numbers down.

The rate card, does not cover all instances, however.  Sometimes you need to charge for a piece of work, the installation of servers, migration to the  cloud, a redundant MySQL cluster, Data architecture modifications to prepare for a migration to or from PostGres to Oracle.  These are troubling bits based upon what the market will bear.  I like hourly rates, but if I’m leaving my programming comfort zone, and providing a framework of Java or PHP for someone to start their new company with, I like to shape the work and the money around what’s going on.  This part of bidding is more art than science, sometimes coming in at a little less or a little more than what the hourly costs would be.  A typical Spring framework, with spring security, a few portals and an adaptation for Jackrabbit, can run several thousand dollars, plus modification costs.  I might sell only one of these between Java Versions, so the work moving through and making the product both useful, feature rich and profitable depends on whether or not I had a specific customer paying for the initial development, or if I did the whole thing to keep my skills sharp.  In contrast, I’ve played with Grails several times now, but never managed to sell it even once.  I can’t go and charge the first guy on the block for 2 years playing with Grails, now can I?  I might make a bargain rate, hoping for more work and better days.

Well, I’ll probably add a few installments to this particular post.  Contracting is a rough, but rewarding business that has good times and rough times in it.  I know folks who will never settle down and those who have left the field in such disgust that they’ll never work for themselves again.  The back end is rife with accounting, bookkeeping, estimations and overall a drive to do good work and make it all fit together.

1. If I’m running Linux, sometimes I need to run Windows software, like a MS-SQL server or Visual Studio to complete my work on a specific target that only works on Windows
2. As Web development is one of my primary jobs, many times I need to test older versions of Internet Explorer, or even combinations of older versions of FireFox to insure cross-browser support.

Both of these can be handled in one easy Windows XP install.   Some might ask me, where do I get a Windows XP install, my install disks are old and worn out, or I’ve run out of licenses at home.  The answer here is actually that there’s rarely an easy fix, unless your workplace or you’ve kept a Windows XP license aside just for this occasion.  I purchased a license for XP nearly a decade ago, at retail prices when it came out.  This license still works, and I’m able to find install media for it through my MSDN license.  My MSDN also comes with licenses for installing test and/or development machines.  I use these sparingly as the licensing for these seems to be anathema to VirtualBox and virtual computing.

I create a new VirtualBox instance, install XP with my install media, license the machine, and then decide if I’m going to accept the windows updates based upon the testing I intend to do.  I sometimes take a snapshot of this install for a backup.  Be careful here to make certain you run only one valid license of Windows XP at a time.  There’s no reason to run afoul of your license agreement over this one, and as long as you load only one instance of your saved session at a time, you should be in good shape.  Once upon a time I’d keep saved instances at service pack 1, 2, and 3, but I urge you to stick to just 1 and 3.  It will save vital storage space and speed load times when you do need to test.  I do however, load a SQL Server 2000 and a SQL Server 2005 image and save them aside for work, moving forward.

Because I’m a strict conservationist on hard drive space, all of my Windows XP licenses use 4 GB hard drives and I vary RAM between 512 and 1024 MB.  While a GB of RAM can be helpful, and more can be better, XP was optimized in these ranges, starting out needing only 128 in the early days and then ballooning in size as things moved along.  Because I’m prone to have both a Linux guest and an XP guest running at the same time, along side other work, I prefer to keep this as small as possible.

There are a few programs I prefer to have on all of my WindowsXP machines.

• 7-Zip: A universal and open source file compression utility, with both a command line and GUI client
• FileZilla: A fairly robust GUI FTP manager.  Very nice, especially when I need to pass large files to the outside world.
• Notepad++: A Gui text editor for when VIM just isn’t going to serve your purposes.
• VIM:  A text editor recognizable to anyone whose been in Computer Science for the last two decades.  VIM works because Typing and the Keyboard are the most effective means short of plugging your brain into your computer, to get data in and/or out.  The Mouse is a wasteful, nearly brainless device that has enslaved you.  Repent your evil ways and embrace VIM.
• SQL Server Management Studio:  This comes with a few strings attached with the developer documentation at MSDN.  There are a variety of ways to access this on the cheap or even free legally, but the best is if you have a legal SQL server, you have licenses to this development studio.  Use them wisely.
• putty and the other putty tools(especially pscp):  Putty is a terminal access program for ssh, telnet and rsh.  The other tools assist in generating RSA keys, in moving files securely to servers via command line and a host of other little tools and tricks you just need to get through the day.
• Cygwin:   I personally have a variety of tools I’ve helped compiled or have been compiled for me that make Cygwin a bit on the bulky and unwieldy side, but that package and the nonsense I have to go through to make it work are too troublesome for your average worker, and too long for this current article.  Cygwin helps the linux user bring to bear the many commands he/she already uses on a regular basis.  Cygwin works by giving you a Cygwin enabled terminal that you can run your commands within.

Now that I have my tools, I add my shared folders.  Exactly like my linux setup, I use the Work, Deploy, Longterm folders, mounted for share to my Windows Box.

An example work flow might be, I start a SQL server on my Windows Box, load a test DB, and then start my Jetty server on my linux shell that uses a JDBC connection pointed at my Windows Guest.  I do my primary development, testing with Chrome and Firefox(latest) on my main machine, and then test against IE 6 and an older Firefox on my WindowsXP slice.

Another example, I need to work on a Visual Studio C++ project on my Windows slice.  I check the code out to a work sub-folder, that’s effectively hosted on my main machine.  I complete coding and testing, and transfer the app and installer to my Deploy folder as part of my install.   I open a command prompt and pscp the finished file up to the QA server for testing, and then alt-tab over to Visual Source Safe or a simialr product, and commit my code.

All simple processes aided by a secondary host living resident on my machine.

Many others can give you a short tutorial on how to install VirtualBox and then install linux on that small server, but my short blog is about the tools you can then install on your VirtualBox in order to make it into an effective developer helper environment.

To that end, the above link will get Ubuntu up and running, and Ubuntu has an excellent repo install utility in apt-get, but I prefer the simplicity of the Yellow Dog Updater Modified, or YUM present on Red Hat Enterprise Linux, CentOS, and my favorite, Fedora.

Installing Fedora on VirtualBox is as easy as using the above tutorial and replacing the install medium with the most recent version of Fedora.  I typically give my resident operating systems a limited amount of resources to work with, not because I’m stingy, but because I like to run multiple Helpers at a time, so I can use some for Developer Testing and others for actual development and deployment.  You can change the RAM settings later, and if you’re sharp with Linux, you don’t need the GUI interfaces of Gnome to be able to use it, instead you use command line.

We live in a Windowsy world; in plain speak, Windows operating systems tend to be where we find our major IDE’s, our more widely popular Office suite and more software than you can typically shake a stick at.  I like to get as much RAM as I can on my Windows machine and then see what I can get away with in 1/2 a GB of RAM on my small Linux slice.  To that end, once I’ve got a terminal up for my small Linux host, I add in everything I’d need for normal web developer work.

yum install tomcat5 httpd mysql-server php java

Say yes to the installs, and you’ll get default locations and setup for Tomcat, Apache Web server, MySQL, php and Open Java.

I’m an old perl, awk and SED guy though too, and I want to get the best text parsing I can get.  I add in a compiler here as well.

yum install awk perl sed gcc

Now, I want to mount shared folders for doing my work.  I typically make three folders in my Documents directory on my windows machine, and then mount them as specific directories on my Linux guest.

1. Work -  The Work folder is for text files I need to parse, including csv’s and other work that would be best handled by the superior command line tools of Linux.  I can’t tell you how many different times I’ve needed to edit up several lists of thousands of lines of text that I then wanted to break up into pieces, turn into excel spread sheets, and load into a database.  I mount a Work drive and make a soft link to it in my home directory for safe keeping.
2. Deploy- My deploy directory has an apache and a tomcat or jetty folder within it, so I can not only drop deploy my work for quick test on my webserver, when I use the faster Java build times on my linux system, I can simply pull the wars, jars, ears, etc out of that folder for use in windows development, sending along through our Windowsy mail system or dropping onto Windows secured file shares that require a bit more than Samba can pull off to connect.
3. Longterm- Is my last shared folder, mounted drive.  It’s a location where I put and file away my daily work that should be able to migrate between the two instances.  When work is finished it goes into a Longterm sub-folder that is named for the day I finished the work.  Folders are often named with Two letters for the name of the company I’m doing the work for (AC for ACME) followed by the full date format as YYYYMMDD (ex. AC20100807).  This gives me a simple sorting system in both Linux and Windows that lets me rapidly find my files.

An example work flow might be, I’m working on Flex in IdeaJ, my current working directory is called Project1 under the work folder.  Inside is my Subversion handled repo of code.  When I execute a build command from within IDeaJ, I have it use my build server on the small linux shell I’ve set up as my remote server.  The final process of my maven build script, dumps the war file in the deploy directory, and Tomcat or Jetty’s hot deploy solution is serving up my webapp to my local webserver.

Another work flow might be an excel spread sheet comes in with 10 tabs worth of massive data for me to crunch up and get to the DB ASAP.  Only problem is the file needs some massaging.  I save the file as pipe delimited from Excel, and massage the file with AWK and SED until I have a series of load files split into 10,000 line inserts into the DB.  I load them into my MySQL database from command line, then use the MySQL connector I downloaded from the website, to link the data elements of my excel spread sheet to my locally hosted MySQL database.

These are all specifics, but the key to this whole system is using the VirtualBox appliance and the installed Linux guest, as a way to get every advantage from working with linux and Windows simultaneously.

Basic setup of Jetty is fairly simple. You unzip it into a folder, and then modify the JettyRoot/etc/jetty.xml file. You don’t need much here, and in fact jetty has a bunch of maven plugins and other companion tools from along the way, including integration with Cargo that let you deploy on the fly, but for my first tests, figuring out what the Jetty.xml file would do was kind of the first step.

David Yu was kind enough to give a full sample config file and then a walk through of it here.
My only issue with it, was that this was stand alone, self-documented configuration, and I rarely have something that works straight out of the box. To that end, I’m going to cite David’s file here and show my modifications.

I was dealing with a local server to start but planned on putting some beefy, database intensive apps, employing hibernate on here. To that end, I wanted to up the thread count. David’s first section lists them. Thread count pooling is one of those things I did primarily on the Java machine setup. Here, you just edit these lines here.

The Keys to the kingdom are the core passwords and administrator passwords of any environment. I’ve seen password security schemes as simple as everyone used root, to as complex as each person has their own password into a password wallet that allows the user to login to specific systems. Since password security is such a large concept, I’m going to start with three concepts and maybe add a few volumes to this topic later on.

1. Administrator and root are not for daily tasks. These users are the Windows default and Linux default administrators respectively. Half or more of all abuses I’ve ever encountered from either employees or malicious attacks have come from people having and using these logins to do all of their work. I’ve seen Microsoft Report Servers running under the Administrator credentials, the SA password and account of a massive MS-SQL database cluster running as Administrator, I’ve seen Tomcat and Apache on the same web servers running as root. This is wrong. This is more wrong that young Connie picking up boys and men at the truck stop, but far worse than this, is giving these keys to everyone in your IT department.
Linux has a solution they prefer for this problem, called the Sudo command. Sudo is an implementation of Simon says for the root user. You can execute commands as root with the sudo command, but a strict stratification of who can use it can be established in the /etc/sudoers file of most distributions. It’s not a fool proof plan, but it means giving out root access willy nilly isn’t necessary. It allows the actions of the SUDO user to be tracked in a reasonable manner and if editing of the sudoers file is limited to a smaller subset of admin, and other permissions are further limited from the sudo users, then sudo becomes a good starting point for the most basic of server security.

Microsoft has group security, and specifically has a group for Admins by default. While the default group may in fact have too much access, I have to give it to the folks at Microsoft, the system is fairly reliable. By default, you can’t change the Administrator password without installing a root-kit, direct physical access to the machine(traditional methods include the Knoppix boot to reset the machine administrator and or password crackers from boot) or the login for Administrator. The individual admins under that group can do a significant amount of damage to the system, but there’s logging and there’s reliable control, should the user need to be disabled.

Did I forget to mention that along the way? That’s the core reason you don’t give everyone the Administrator password. Eventually, everybody leaves and unfortunately, they don’t always leave on the best terms. The end comes eventually to all employment opportunities. One of the chief challenges of any IT team lead, CTO or Systems Administrator is making sure that people who are being laid off or fired are locked out of the system. Imagine for a moment though, that the person in the Boss’s office with the HR rep inside, is a System Admin him or herself? Imagine they were the system architect for your entire system! Think of all of the passwords they use on a daily basis! Now imagine that they’re a disgruntled employee and they want to lash out at your company and delete everything important and infect everything else with viral malware!
Now graciously realize that most won’t do it, you now have to treat them like they would. Too many horror stories in IT start with the words, “I didn’t think they’d do it…”

2. Have a plan to replace, remove and seal every and any system within your enterprise. Most security experts will discuss this as being several levels of security.

• 1. Password is the first and weakest.
• 2. Physical access is the possession of any company property, physical keys to servers and rooms and accepted credentials at server farms and co-location terminals
• 3. IP security is the integrity of your code, hardware designs and the legal contracts, trademarks, copyrights and patents you have protecting them
• 4. Network security includes your VPN, your edge to the Internet, Intranet and your publicly facing applications as protected by your Firewall, WAF, Routers, and Modems
• 5. Personal Security is related to physical security, but includes the basic security for each and every employee who is part of your organization. The classic example of the postman going in with a shotgun and shooting up his co-workers is a mean, unfair, but reasonably scary and in this case useful example of Personal security and the physical aspect of physical security.

I could write an article about each of these, and may come back and link to them, but there’s a basic strategy for each. The first is dealt with through a system that is planned from the beginning and mentioned above. The second is principally handled by a set of secure keys established for the on site assets, preferably an electronic key and a physical key that must be used in tandem or sequence. Often companies use biometric keys based upon the physiology of the user, but these are a bit pricier than a couple of secure keys or locks. When the employee goes into the office for their termination, have the boss collect their keys immediately. Give the termination officer a list of everything they need to pick up. Meanwhile, at their desk, have a sysadmin or support agent collect the laptop or desktop they’ve left behind. Don’t leave it in the cubicle or office when they return. Wheel up with a cart and a box, pick everything up, and take it out of the office for re-purposing. The last will help you to have the time to secure the equipment properly, will remove all access when the terminated employee returns to the office to gather their personal effects, and finally satisfies a complete disconnect from physical security. As a final note, many workplaces assign cell phones to their employees that support email and a host of other functions–make sure you pick that up immediately.

3. May require an attorney for most, but a lot of planning beforehand. Make sure you have a patent assignment agreement in force, a non-disclosure that can be enforced in your locale, and a separation agreement that covers all contingencies. These are the basics, more would require that attorney I mentioned.

4. I have read at least twelve books on Network Security, and while at least thirty pages were cribbed off each other or the industry standards, the simple fact is that Network security is a moving target that requires skilled employees willing to dedicate time and learning to this task. There’s very little basic support save, have a firewall, limit external access and limit internal abuse of equipment to prevent tangents through your security.

5. Is something I understand very little of. You might need a body guard armed with an assault rifle if your office is in downtown Baghdad or a similar war zone, but you might only need a receptionist watching the door or a key card entry system if you’re dealing with employees who aren’t going to go nuts. My concern is that they say “it’s always the quiet ones,” but I don’t want to be the exception should my limited judgment of a person’s character fail me. I like to think that since many terminations are a termination of the person after you misjudged their capabilities and attitude towards work. Do not allow that original mistake in judgment disarm you from a reasonable dose of caution.

Back to my top level of basic security, my third suggestion is simple. Change your system from time to time. Make incremental upgrades, someone with senior level security who left 8 years ago should not be able to approach and recognize all aspects of your security as being identical to what you had then. Make changes, you can read all of the advanced articles to find those.

I started this whole story with a ramble about Joyce Carol Oates and the probable murder of poor Connie. In the story, Connie is convinced to walk outside and accept her fate by the cajoling of her would be murderers. My metaphor may have been short in the center of my assessment for the most basic security, but I urge you to realize that it is not vigilance and defense that cost us, but our acceptance of our fates. A blind walk into the murderer’s embrace. Open your eyes, change the way you do things, and give the bad guys nothing. You may be a veritable babe in the woods of the IT security world, but with the basics you can at least avoid the most basic of weaknesses.

If you’re a developer, and if you aren’t this is still good advice, just not your metaphor, how many times, have you suddenly straightened your back and realized you’ve been starring and or typing for more than two hours straight? You’ve been largely motionless, extremely focused and blissfully unaware of the limitations of your body and spirit. You have been fixing things, making things and now you are suddenly aware of your bladder, colon, stomach, spine and eyes. It’s time to move and bend and be a human being again.

It’s taken me a long time to learn this lesson, but don’t work yourself sick. This is an interesting sentence with two meanings.
1. Do not, by the action of working, decrease your immune system, damage your joints or organs or tax your caloric reserves so greatly that a chronic or temporary illness is your reward.
2. When sick, you make more mistakes, are less focused less aware of your mistakes and thus unable to fix, respond to and solve the problems you have as readily. You can go the extra mile and check your efforts, and while this rule is like the saving your mule on Sunday proscription in the Bible, ie sometimes you need to work sick, the advice in this lesson is to save yourself the trouble it will take once healthy, to fix the problems you caused when sick.

Let’s discuss the items in Item One that need to be addressed.

A. Eyes: I like to keep a colorful picture, toy or other item to the right of my two monitors. About every fifteen to thirty minutes or so, I turn, face the object and go through a process that takes less than thirty seconds to complete.

• I try to smile at the object. My preferred item is a picture of my wife or a small list of Arthur C. Clarke’s Rules of Science Fiction my Grandfather gave me. I also have a USB rocket launcher I’ve used in the past, but that’s also a comedic release. I also like to keep house plants around, they make a huge difference on eye strain, especially if the plant is healthy.
• Blur and un-blur your focus 4-7 times. Your eyes need the exercise, you need the break and the consequences of your brief interruption are nothing short of miraculous. Eye strain is real people, and it hurts like a mother when your eye starts twitching uncontrollably.
• Count something about the picture, and I mean something greater than 3. I try to pick something different each time. This makes sure you’re recognizing the item in question and making a conscious effort to focus on it. For example, I count the number of r’s in the three laws.

B. Hands and Wrists: I don’t have to swing the dead cat in a room to find people who know about or have Tunnel Carpal. It’s the “And the Band Played On” of the IT world. The keyboard is the best input tool known to man. The Mouse is a crappy pointing device that’s a series of compromises. Using either or both will wear out your hands and your wrists if you don’t:

• Stretch your wrists and fingers. Cramps will happen, but there are better ways to handle this.
• Proper posture is proper hand position. If you’re perfectly comfortable, you’re probably not in the best position. It’s going to take some effort to get into the best position, but not too much.
• Take breaks.
• Play with Play Doh. Hear me out. oily, soupy starch will help you grind out the kinks in your hands. I put mine in a pair of sandwich bags, and knead it cleanly. I keep it in the side pocket of my laptop back pack if you need to borrow mine.

C: Spine: Odds are high that you didn’t get to buy your own chair at your workplace. I’ve been able to buy two of mine, and both were mistakes. My home chair right now is a good compromise, but it’s no Aeron chair. If you can’t get the chair you want, follow these steps.

• Stand up and pace when you don’t need to type or read to figure out a problem.
• proper posture, proper posture, proper posture. Imagine that there’s a jug of water on your head.
• Set a reminder of some kind, and ever hour on the hour, do some simple neck exercises to loosen tension in that melon supporting structure. Your Axis and your Atlas will thank you for it.

D: Get some sleep. I suffer from insomnia when a big project is due or when something is on my mind. Lack of sleep leads to a depressed immune system, poor regeneration and eventually to mistakes…. Oh the mistakes I could have prevented had I slept more, gotten sick less and healed faster. I’m still learning on this one, so no more tips.

2. Always, always, always assign variables with the nullable exclamation mark.
$some_variable versus $!some_variable

Why? Imagine for a moment that you realize that no matter how good you are, how long lived and how perfect your product, that someone else will work with it. They will change the code and someday, $some_variable may accidentally be deleted. If you check the logs for why your pretty page isn’t loading or why something is choking or see in glaring font on your production environment the variable $some_variable staring back at you from the page, you’ll know that by not adding a single exclamation mark (bang) you messed up the whole page from whenever and wherever in antiquity you wrote it.

3. Extend the Velocity Template, do not mess with the base source. This wasn’t my mistake, but my lesson. Do not meddle with the base code unless you plan on submitting it to the Velocity source project and are fairly certain they’ll adopt your solution. Velocity is going to change. It’s going to grow and adapt. Keep your code out of the base and don’t force others to carve through your hack.

4. Try not to build a Constants file out of Velocity. If something needs to be constant, set it in a flat text file. If something needs to be dynamic, don’t name it or add Constant to its name. This is a paradigm shift.

5. Keep your style out of Velocity, unless Velocity is being used to make your style sheets. Treat Velocity like it’s a sub-textual language to CSS and HTML. If you’re going to use Velocity to write both, keep them separate. Let Velocity write out your CSS and then let Velocity write out your html, but for the same reasons squared, don’t mix style in with your Velocity driven html. Keep them separate. Why? Because you’re going to some day want to skin this. The average corporate website gets a makeover every 18-26 months. If you work for a start-up, that change may occur every 6 months. Your masterpiece will find it hard to keep up with the styling of the next great Graphic artist unless style and function are kept in as separate a pen as possible.

6. Build it once, build it small, and then make it a self-sufficient include. Velocity is about templating, so if you’re going to build a table and use that table and its attached styles a billion times, make the table a function that incorporates a sub-template, do it once the right time, and dear God try to avoid cutting and pasting the same logic elventy billion times in your Velocity. Small, efficient, elegant and easy to debug!

7. Based off of number 5 and number 1, as much as possible, keep your Velocity driven Javascripts outside of your Html driven velocity. Javascript can be one of the biggest bears of any interface to debug. Thanks to firebug and other tools you can step through it all and find problems, but if a Javascript problem is caused by your velocity, find that out directly, not indirectly in a 40,000 line Velocity that includes html, javascript and about 5000 includes.

8. Start simple, keep it simple and as it grows, realize that it was always supposed to be this way. In other words, each time you do something where you follow the rules, remind yourself of why you obey them. If you’re up at 4:00 AM in the morning, and haven’t slept in 72 hours, and are about to break a rule, stop for a moment and appreciate all of the times you didn’t break the rules and choose not to. The developer who follows you will thank you for it.

The process is fairly straight forward.  You start by buying seeds.  A few months ago, I bought seeds from two vendors, the first of which is Dallas Bonsai.

Dallas Bonsai sells Japanese Bonsai tree seeds in Japanese packages with English translations of the directions attached.  I’m raising Acer Palmatum, both Red and Green.  I started by soaking the seeds in the packages in a small cup of warm (exactly 120 degree Farenheit) water, for 48 hours, to remove the seed coating used by most seed packagers to help delay the germination of seeds in transport.  This process is called Scarification and has absolutely nothing to do with Scarification.   The temperature also activates the fungi attached to the seed, awakens the chemicals within the nascent seed, and prepares for the successful Stratification of the plant.

There are two major types of Stratification:

Warm Stratification

Here are 76 individually bagged Japanese Red Maple Seeds, in the warm Strat phase

Warm stratification is where you provide the seed the impression that it is awaiting a warm season.  This precedes a Cold stratification, which simulates a short winter, and convinces the seed that it is time to start growing.

Cedrus Brevfolia completes Cold Stratification in the Refrigerator.

When Cold Stratification ends, I’ll plant these seeds in their desired growing medium, probably a soft clay mixture, and I’ll try to germinate the seeds.  Germination is the process where the plant will emerge from its seed and grow to a seedling.  As the seedling grows, a character will be observed.  With these batches, I intend on choosing those that seem to have the best chances of becoming good Bonsai trees and modifying them to the Bonsai lifestyle, of just enough, and cultured growing. In a few years, with care and attention,  the Maples will be a small forest.  The remaining trees, rather than merely discarded, will be grown into healthy young trees, and given as gifts to friends and family.  With any luck some of the Bonsai tree seedling too will be given to others.

Cyberstalking is old though.  I remember early days in the Internet, when chat rooms and bulletin boards would use personal information about another person to count coup or settle flame wars.  The solution I set on was to have a mostly public persona.  If nothing they could know about me could threaten me, then I was fine, right?

Oh the lessons I had to learn.  those lessons form the core to a concept term I’d like to coin called “Counter-Stalking.”

1.  You are never anonymous on the Internet, so don’t bother saying anything you wouldn’t want known by your worst enemy or your most prudish of relatives.  Figure out who you are, figure out why you believe and would say what you say, and be prepared to defend it and modify it graciously.  It’s a big world out there, and the Internet is a great place to discuss some of it, but certain taboo, sensitive items or even guilty pleasures or fantasies, should remain in the dark if you want to avoid them being used against you.

2.  There are no Miranda rights on the Internet.  You have the right to remain silent, but everything you say, do or take a picture of is out there to be digested, criticized and manipulated in GIMP, Photoshop or even Premiere.  I have friends who have lost jobs for blogging about their employers, parents who have grounded their children after finding sexually suggestive pictures of their children on Myspace and Facebook and even had an employer who made me take my personal website down to the bare bones, to prevent me from casting a “bad” image on the firm.  preparing to go out there in the open, requires an understanding of who and what you’ll share.  Anything you share should be almost if not completely harmless, and the consequences of that information, like I said in number one above, can be used against you.

3.  Your life and/or the lives of your loved ones are the most precious possession(s) you have.  There are nutbars out there who use the internet like a take out menu, and their goal is to take you out.  Your goal moving forward, out in the open, should be to take the necessary steps to defend yourself, prepare for the worst, and have a game plan should the nutbars come looking.  People who are prepared, can often be confident, and preparation can actually lead to enough caution to stay away from the bad people and the bad places they go, or once you identify a bad person can lead you to who to notify in the event of a disaster.

4.  I am not above the law, but the laws are written for my safety.  Staying inside of the law, avoiding things like piracy, hacking, the trade of viruses, the distribution of illegal content and the investigation of illegal substances is a good way to stay out of harm’s way and to practice safe internet tracking.  You can research the effects of Marijuana on Wikipedia, but joining a site and requesting info about where you can score some weed, makes it that much harder to put the insane drug dealer who likes your picture on Facebook in jail, and you outside and not joining him.  Follow the law, abide by the law, and then the law will protect you, will serve you in those sticky situations when someone steals your identity and builds a house from your credit card debt.

5.  Nothing financial is irreparable, but identity theft is one of the hardest monsters to recover from.  Protecting your financial identity is usually the number one reason you don’t give any personal information out.  Early on in your internet career, establish financial habits that are positive, gain a habitual need to check your credit scores, and keep your credit spotless and you can dodge the worst fall out.  The more vigilant you are, the safer you are.

6.  Invest in virus scanners, install Spybot Search and Destroy (turn on the tea timer), keep your machine up to date, and avoid seedy sites if at all possible.  Keeping your machine clean of malware will make it relatively easy to control the flow, in and out of your personal information.

7.  Be a responsible, reasonable person, who argues eloquently and effectively.  Knowing the basics of the English language or your Internet navigation language of choice is critical in presenting a good face to the world, but there are other elements key in becoming a safe and effective player.  Concede points that deserve conceding.  Shy away from flame wars that have no reasonable point or ending.  Change your language, even if terse to be effective and respectful.  Use your brain, not your caps lock key to add emphasis.

8.  When things get bad, the smart document everything.  It’s going to come up.  Some nutbar will threaten to kill you, and you’ll laugh it off, but do me and the rest of the Internet world a favor and treat threats like that like they’re real.  Document it locally, try to get the police to document it, and follow through with the site admins.  If on a social networking site like Facebook, report the comment, the poster and get him deleted.  Ban him/her from your personal networks, and encourage your friends to do the same.  Do not respond contact.  Don’t give them the satisfaction of knowing they’ve reached you.

9.  Use a strong, non-predictable password system.  I used to use 1337 passwords or ROT13 my conversations, but nothing was as effective as choosing a password system that was hard to break, and security questions that do not follow the norm.  I never put my real High School in security questions that ask for them.  I’ve put the building I was currently working in before.  I don’t put my mother’s maiden name down for my bank info.  My passwords are sometimes in different languages, requiring special keyboard combinations to input the characters.  Your accounts should be safe.  A friend of mine lost his wife in a horrible car accident, and his wife’s estranged sister stole his wife’s accounts, including their shared Verizon account.  The nutjob even had a conversation with the widower, using his dead wife’s Instant messaging client, for the first half, claiming to be her dead ghost!!!  People are messed up, and estranged relatives are going to know the correct answers to the normal questions.  You may think your family would never do this, but imagine you have a life insurance policy as I and many other men do, and then imagine that some relative wants a piece of it, and wants to take advantage of my widow.  Makes you angry doesn’t it?

10.  Learn the basics of the internet.  All current communication travels over TCP/IP.  The simple concept you all need to know is that means everyone connecting to the internet has an IP address provided by either a proxy or their Internet Service provider (also a proxy actually).  These addresses can resolve to specific transactional data between a machine and a host.  When possible, when dealing with nutjobs, gather as much info, including the IP, as possible and add it to your documentation.  When it’s time to report these nuts to their ISP’s and the authorities, this info will be invaluable.

11.  If you don’t feel safe, talk to someone and get some help.

These are my short lessons so far.  I may update this one fairly soon.