JavaScript Specifics for the “Where do I go from here?” Question

This article is a continuation of the “Where do I go from here?” article with a focus on JavaScript (this is a frequent question I get from the students in my ‘Beginning Programming with JavaScript’ class ). If you haven’t read the previously mentioned article – you should do that first since it sets up the context for what I’m going to say here.

The usual disclaimer applies. This is going to be an evolving post because everything changes in software all of the time. Feel free to contact me with any questions, suggestions, and feedback.

Assuming that you are pursuing project focused learning here are some JavaScript related ideas/approaches.

The ‘no-frills’ project iteration

I suggest that your first iteration of the project use the JavaScript concepts that you just learned. This means using the JavaScript that you know right now. This no-frills iterations will help you understand the essence of your project.

You can continue with plain old JavaScript and an expansion of the ToDo project that we started in class. Or you can choose your own project. As you can tell based on my other article I’m a big proponent of choosing your own project – something that scratches your own (software) itch.

The ‘I must pursue the latest and greatest’ JavaScript ____ \ ____

Many feel that the pace of change in JavaScript (more specifically – the frameworks and approaches to JavaScript) is a never-ending race. It can feel like you’re Charlie Brown, the football is the current must-use/best/must-have JavaScript related technology, and Lucie is that ‘other’ developer who surfs on the bleeding edge with full understanding and a new Medium article about the best framework/approach/’awesomeness’ that you are not using:

This sort of view is known as “JavaScript Fatigue”, and it connects with the two views of JavaScript. The first is that “JavaScript is great!” and the second is that “JavaScript is a mess!” (the State of JavaScript Survey shows this quite nicely on its front page).

The long and short of it is that there is no magic bullet in terms of programming language, frameworks, and technologies. What’s popular today may be gone tomorrow. JavaScript has gotten large enough that you can pick something and specialize in it.

So pick whatever piques your interest. And if you don’t want to pick, then pick a project that interests you and start coding it in plain JavaScript.

There’s a great Theodore Roosevelt quote that applies to decision making:

“In any moment of decision, the best thing you can do is the right thing. The next best thing is the wrong thing. The worst thing you can do is nothing.”

What about bootcamps?

Programming bootcamps are a huge topic that is beyond the scope of this post. Some minimal suggestions:

  1. Figure out if you are the type of personality that would work well in a bootcamp (are you the type that jumps into a cold pool of water or do you slowy wade in?).

  2. They tend to be a large commitment in terms of both cost and time.

  3. Do your research very very carefully since there are lots of questionable ones out there.

  4. If you are seriously considering a bootcamp, you should try your hand with a free one called Free Code Camp. See how well you can commit to daily and weekly work.

I know of 2 students who went to bootcamps for a career change. They completed the bootcamps successfully and did the career change that they wanted. They also found out that the grass wasn’t greener on the other side. One thing about both of these individuals is that they were driven and would have succeeded even if they didn’t go through a bootcamp. In their case the bootcamps accelerated a trajectory that they were already on.

Additional resources

Conclusion

The JavaScript universe is huge. It’s a big mess of awesome. I think Steve Jobs said it best:

stay hungry, stay foolish


Thoughts? Feedback? Let me know: @eli4d


Advertisements

A Beginner’s Guide to How to Fly a Drone by a Beginner (with some specific instructions for LaTrax’s Alias drone)

Overview

Towards the end of last year I walked into my local Hobby People shop to find a drone. I walked out with the LaTrax Alias drone (they said it was awesome and they had a sale and I’m a sucker for a sale and a great piece of equipment).

In this article I cover some things that I learned on how to start and how to fly the Alias. I goofed up and mis-remembered the drone arming procedures many times (choosing to just “do it” rather than check YouTube). Luckily the fine folks at Hobby People helped me out every time (shout out to Mike and Richard). While there are tons of resources about drone flying, these are just some things I learned that may be helpful to someone who wants to just get going with a drone.

Alias What?

In case you wondering – no I’m not talking about Jennifer Garner’s character from Alias the TV show. I’m talking about the Alias quad-copter from LaTrax.

Alias What?

Support from LaTrax

LaTrax has a great deal of support for the Alias:

In spite of the videos and PDFs I had a heck of a time connecting the remote to the Alias (which had more to do with me rather than LaTrax’s instructions). Luckily the Hobby People folks were very (very) patient with me. This is one of the reasons why buying a drone from a local bricks-and-mortar shop makes sense, besides the fact that the there is very little pricing when compared to online.

How to Arm the Alias

‘Arming’ a drone refers to the process of connecting the remote to the drone. The Alias (like most drones) begins in a disarmed state. In other words, it doesn’t connect to the remote without specific user interaction. Otherwise, you might accidentally tap the remote and the drone would go flying haphazardly into your neighbor’s Bob yard and then Bob would claim it’s his drone and…well anyway.

The video explaining arming

LaTrax’s drone arming video is very useful in this respect. It’s good to start with this video. However, there is a subtlety in how you click on the throttle stick (which I’ll explain in the next step).

The video explaining arming

The subtlety of arming using the throttle stick

So as the video shows you pull down the throttle stick and then you “quickly press and release the throttle stick”. My problem was that I would press and hold the throttle stick and then this would cause the numbers on the remote to flash and go into its option setting mode. Additionally, this mode can cause the drone/remote to be unbound (the very opposite of what I was trying to do).

So what the heck does “quickly press and release” mean? Think of the volume buttons on your iPhone (or iPad). When you press the button to raise the volume by just one bar (so you’re quickly pressing the button on/off) – that’s the exact same action with the throttle stick. Another analogy – a letter on a keyboard – think of how you press a letter (quickly) on/off with no hesitations – this is the same thing.

The subtlety of arming using the throttle stick

What happens if you end up in the options mode

When I over-pressed the throttle stick (and it would go into its option setting mode), I would typically end up pressing anything else that I could find on the remote. This is definitely the wrong thing to do (but it seems really like the right thing when you’re following the “just fly already” mentality). If you end up in the options mode, then its best to turn off the remote and turn it back on and try again (flight stick down and then a quick push/release).

A note about binding/unbinding

If you press the throttle stick incorrectly enough times your drone may become unbound. So lets quickly cover this:

“Binding” is the process of making the controller (i.e. your remote) “talk” to the drone. Typically the drone (like the Alias) is bound to the remote but you cannot control the drone with the remote unless the drone is “armed” (per above steps). “Re-binding” is the process of re-connecting the drone and the remote so that they can talk to each other. Every drone will have it’s own re-binding procedure.

In the case of the Alias the rebinding procedure is as follows:

  1. Hold both throttle and flight stick at the same time until you hear a beeping sound and see options on the LCD screen of the remote.
  2. Tap the throttle stick to go through the different selection options until you see the ‘reset’ option (i.e. the word ‘reset’ on the LCD screen).
  3. Then you hold both sticks to selected and the remote/drone will reset and re-bind.

Note: I will have a link here to a video where Richard from the Hobby People will show how to do this (this is a todo on my side).

Because you’re not sensitive you need a hula hoop (i.e. how to practice flying a drone)

Why you’re not sensitive

OK – so I don’t know if you’re really sensitive/empathic/understand but when it comes to drone flying that doesn’t matter. What matters is your ability to use the remote in a way that doesn’t cause your drone to crash or fly away in a haphazard way. Initially, when you try to use the remote to control your control of the throttle and flight sticks will be out-of-whack.

Let me give you a gas/brake pedal analogy (the usual disclaimer applies – do not try this: at home, in your garage, on the road, etc…). Let’s say you’ve had the unfortunate circumstance of hurting your right foot (like fracturing your foot while walking off a curb because you were reading a for-sale sales flyer…but I digress). And you have to drive somewhere. So you get into your car and you have the brilliant thought “no problem – I can use my left foot for the gas/brake pedal”. So you put your car in drive (in a safe situation) and as the car begins to drift forward, you attempt to gently press the brake with your left foot. So what happens?

What happens is that you will stomp that brake pedal in the same way that Godzilla crushes cars with his feet. Your brain will tell your left foot to gently/slowly press the pedal but your left foot will be completely mis-synchronized with that request. Your left foot will Mr. Hyde to your right foot’s Dr. Jekyll. At this point you’ll realize that the sensitivity of your left foot is vastly different from your right foot and that it’s time to call Uber or Lyft.

This sort of brain/body sensitivity is what I’m referring to in terms of the drone’s remote control usage.

Photo credit: https://flic.kr/p/dDTryr

Why you're not sensitive

What you should NOT do first time with your drone

LaTrax has a video called “Episode 1 Making your First Flight”. In it they place the Alias in an open area (a good idea) and then they just start to fly it around (their flight expert John is flying it around…sheesh – what’s the point of having an expert fly the dang thing when a beginner is watching the video?). John flies the Alias perfectly because he has the sensitivity to do so but mere beginner mortals do not have this ability yet.

Note: the arming and positioning portions of the video are spot-on so the video is worth watching.

What you should NOT do first time with your drone

What you should do (in my opinion) – Step 1 – Get a Hula Hoop

First step is get a hula hoop. A small one is perfect but a large one is good too.

Note 1: Mike from the Hobby People shop told me about this approach to learning.

Note 2: A cat is not necessary for this step.

Photo Credit: https://flic.kr/p/5d1dxu

What you should do (in my opinion) - Step 1 - Get a Hula Hoop

What you should do (in my opinion) – Step 2 – Find an enclosed structure and put the hula hoop down

Find an enclosed structure. Maybe a small room in a home or even a garage. The key of course is that you don’t want anything breakable (just in case your drone or better said your control of the drone goes crazy).

Put the hula hoop in the middle of the room and put the drone in the middle of the hula hoop. Then step away.

What you should do (in my opinion) – Step 3 – Practice Hovering – Phase 1

The first step is to practice hovering. You want to practice hovering the drone at about 3 to 5 feet off the ground. The reason for this height is that you want to prevent the rotor updraft from causing stability issues (i.e. drone rotors push lots of air downards and hovering below 3 feet causes you to ‘fight’ the drone to keep it stable at a hovering position).

The practice steps:

  1. Drone in center of hula hoop.
  2. Blue LED pointing towards you and red/colored rotors away from you (in the case of the Alias).
  3. Use the throttle stick to lift the drone 5 feet off the ground.
  4. Use the throttle stick to bring the drone back into the middle of the hula hoop (you should not be using the flight stick at all if possible).
  5. Keep practicing steps 3 and 4.

Note: If the drone drifts while hovering and you’re not touching the flight stick, then you’ll need to bring it to a Hobby People type of shop for adjustment.

What you should do (in my opinion) – Step 4 – Practice Hovering – Phase 2

Once you feel comfortable with hovering you’re ready for the next exciting phase: step away further from the drone (a few feet back) and practice the same hovering steps again (from phase 1).

You may be wondering why you need to practice hovering again. The issue you’re addressing is one of perception and control. The further you are from the drone (both on a horizontal and vertical axis) the more different your perception and therefore the more different your control. What you’re practicing is getting a feel for controlling the drone from a distance and that’s very important when you fly it at much higher heights than 5 feet.

What you should do (in my opinion) – Step 5 – Practice the drone version of touch-and-go

At this point you’ll be practicing a drone version of touch-and-go. Here’s how to do it:

  1. Take off from the center of the hola-hoop.
  2. Go to the right and touch down outside of the hula hoop.
  3. Hover back to 5 feet and fly back to the center of the hula hoop.
  4. Touch back down in the center of the hula hoop.
  5. Do steps 1 to 4 by going to the left.
  6. Do steps 1 to 4 by going to the back.
  7. Do steps 1 to 4 by going forward (without hitting yourself 🙂 ).

What you should do (in my opinion) – Step 6

There is no step 6 and there is no spoon. If you’ve passed your drone sensitivity training then you’re ready for the great outdoors.

If you have an Alias then check out LaTrax’s YouTube channel for how to do flips, rolls and other awesome things.

Have fun and good luck!

Some additional information regarding drone training for kids

There are lots of (crappy) drones for kids. They’re cute and small and they breakdown really quickly. My wife bought one of these tiny disasters for our son during a trip and one of the motors quit fairly early and then the drone was useless and the boy was very frustrated.

I asked the Hobby People people on the best way to teach a pre-schooler to fly a drone. Richard had suggested that I get prop guards for the Alias. More importantly, he indicated that he could adjust the remote control (takes about an hour) so that the Alias control reactions are much slower. In this way, my pre-schooler can learn to fly the drone without destroying himself, the cat, the house, and the drone. He offered to do this adjustment (no charge) and I will take him up on it in the near future (have I said how much I like local hobby shops such as the Hobby People?).

If you’re interested in a post about pre-schooler drone training/flying – let me know via @eli4d.

Conclusion

While your impulse may be to fly that drone as soon as you unwrap the box, it is best to practice just a little bit.

That’s it. That’s the very little I know about drones. Hopefully you found it useful.

I welcome feedback at @eli4d.

Why you should (probably) NOT buy a timeshare (and the only question you need to ask when dealing with a timeshare salesperson)

Note: The usual disclaimers apply. I’m only relating my experience, and this post is more of a reminder to myself than anything else. If you find it useful – awesome, and if not then no worries.

A while back my wife called me to tell me that the timeshare company was asking for $1,200 to take the timeshare back from us. She had looked at the possibility of donation, but this still seemed like the best route to get rid of the damn thing. So we paid the $1,200 and considered ourselves supremely lucky to have a timeshare company (the only one we’ve come across) that could take this beast back. This marked the last timeshare payment that I would make and a lesson for timeshare ownership (I’m writing this post to remind me of this lesson).

Wikipedia does a good job of explaining the definition of a timeshare and all its problems. We bought ours while on a ski trip in the early 2000s. The sales pitch lured us in with a price ($7,800) that seemed reasonable and maintenance (about $400 per year at the time) that looked like a good deal for what we got.

The event that clinched the sale was not the salesperson but rather this family that we saw on the ski slopes. They had three boys and we just started chatting with them and mentioned the possibility of purchasing a timeshare. They said they had two timeshares, and it was a great thing to do when you have a family. The key point for them was that they could always vacation at a place with a kitchen and that this helped in making the kids comfortable. Event though we didn’t have kids at the time, it still sounded like a good idea.

For the first few years, it seemed to work for us. We ended up doing timeshare exchanges all of the time to go on a yearly vacation in Tahoe. Our unit was not in a good exchange zone (i.e. it was a great skiing unit for a week in the spring). So besides the Interval exchange fees and the Interval membership, there was also the issue that we couldn’t get great exchanges during the winter months. We did ok because our vacation time was flexible (before having a child).

As Wikipedia states about exchange timeshares:

Due to the promise of exchange, these units, called “vacation ownership” by the industry, often sell regardless of their deeded resort (most are deeded into a certain resort site, though other forms of use do exist). What is not often disclosed is that all differ in trading power. If a resort is in Hawaii or Southern California, it will exchange extremely well; however, those areas are some of the most expensive in the world, subject to demand typical of a heavily trafficked vacation area.

Most timeshares will have somewhat crappy trading power which means that you’ll be giving away money on a yearly basis to exchange companies such as RCI and Interval International beside your regular maintenance fees.

You may have significant flexibility when you are single or as a couple without kids. This means that you can choose a not-so-popular week for an exchange and get a location that you desire for your vacation. However, when you have kids, the timeshare equation goes from bad to worst. The problem is that dates for school breaks are common across most schools systems. So you end up competing for travel destinations that thousands of other families want to use, and you end up losing. Either you can’t find an exchange, or you end up with a really bad exchange. The most likely scenario, however, is that you can’t find an exchange, so you end up finding a hotel and vacationing in the very way that timeshares were supposed to help you. So now you’ve spent money for a vacation on top of the timeshare maintenance without even using the timeshare (crazy isn’t it?).

I’ve gotten tons of timeshare sales pitches. It seems that because I was a timeshare owner, timeshare companies seem to fall over themselves to give me their pitch when I’m visiting a resort. I suspect that their internal data indicates that timeshare owners are more likely to buy more timeshares.

The typical timeshare sales pitch starts by asking you the value of your time. Then it proceeds with a pitch to your heart string about family, vacationing, and connection. The pitch is that you’re guaranteeing future time with your loved ones through a timeshare. And the older you are, the more the pitch tilts towards your child/children – “your child will have an asset and a way to vacation…you’ll be locking in these savings forever…don’t you want your child to be free of vacation burdens?” (the way I see it is that my child is free to vacation wherever, whenever and to whatever extent they can and mechanisms like Airbnb abound; besides this is leisure time and my child is responsible for their leisure time in the same way that they’re responsible to entertain themselves when they’re ‘bored’)

The sales pitch is very hardcore, and I would say it is much worse than the stereotypical used car salesman pitch (so if want to warm up for an upcoming timeshare sales pitch, then you should visit your local used car dealer and see how well you deal with that). At least with a used car salesman – you may end up with a car that isn’t a lemon. Furthermore, the used car dealer doesn’t send you a bill every year. With timeshare sales, you end up with something that keeps sucking cash out of your wallet on a yearly basis besides the initial up-front cost (don’t forget to add exchange fees if you’re trading for a particular time/destination). Wikipedia’s article hits the nail on the head with:

The industry’s reputation has been severely injured by the comparison of the timeshare salesman to the used car salesman; because of the sales pressure put on the prospective buyer to “buy today”. “The discounted price I quoted you is only good if you buy today”; is the industry standard’s pitch to close the sale on the first visit to the resort. Many have left a timeshare tour complaining of being exhausted by the barrage of salespeople they had to deal with before they finally exited the “Tour”. The term “TO”, or “Turn Over” man, was coined in the industry. Once the original tour guide or salesman gives the prospective buyer the pitch and price, the “TO” is sent in to drop the price and secure the down payment.

In a recent timeshare pitch the salesperson labeled my former timeshare as a “dinosaur” because it was an inflexible exchange week, as compared to the flexible points system that he was selling (in this case it was RCI Platinum Points). There was, of course, the $1,500 yearly maintenance fee besides the upfront cost of $15,000 and the fact that the points would never add up to a full week for the vacation times that we would take (again – based on school times).

The biggest problem that we had with our timeshare was that we had a tough time to get rid of it. The web is littered with timeshare sales. Desperate owners that want to get rid of this yearly liability. After all, if you stop paying that maintenance fee then you’ll get a collection company after you and you credit score will be hit (so good luck with good old home buying, car buying, or any other large purchases).

Wikipedia sums this up best:

  • From :

    However, the biggest complaint of all is the fact that timeshare re-selling by the private owner is almost impossible to do.[20] An owner looking to sell literally cannot give the timeshare away. Timeshare resale companies have sprung up that actually charge the owner to assume his/her timeshare ownership, using the excuse that the resale company must assume the maintenance fees until that burden can be unloaded to a new buyer.

  • From :

    It is more than likely that a new timeshare owner could have purchased the same product from an existing owner on the timeshare resale market for between 0 and 15% of what he/she paid from the developer, simply by doing a computer search. In many cases, the exact or similar accommodation purchased, will be happily transferred by an unhappy timeshare owner. The new buyer usually pays nothing, other than to take over the existing maintenance fees, because the existing owner can’t find a buyer for his/her timeshare without paying a resale company thousands of dollars to absorb it for resale. The reason for this anomaly is that the lion’s share of the cost of a new timeshare are sales commissions and marketing overhead, and cannot be retrieved by the timeshare owner.

You have to do your own research of course, but in my opinion – timeshares are a terrible use of money. They’re not an investment in any sense of the word. No matter the form and the sales pitch, they are a constant drain on your wallet. Year in and year out they’re pocket sharks that keep chomping away at your hard earned dollars.

Now if you do end up in a timeshare presentation and your emotions and sentimentality are put to the test, and you are desperate to get out of this sales-y tarpit – here’s a question that has worked really well for me:

“Your sales pitch sounds tempting but let me ask you this – if this timeshare doesn’t work out for me – will you take it back? Can I completely get rid of it? You’ve said it is an asset and a great thing to own, so taking it back shouldn’t be a problem…should it?”

In my experience, this is the question that no timeshare salesperson can spin or answer in a positive way. Typically the salesperson’s face turns just a little, he/she may even look away. Then they’ll quietly answer with ‘no’ and then enthusiastically they’ll tell you about the great deal that you are getting and how future generations will benefit from your wise choice.

Now I know – you’re thinking “wait…didn’t you just say at the beginning of your post that your timeshare company took it back?” And the answer is ‘yes’ – they took it back at this point in time. I was lucky and the company stated that they were looking to discontinue this option. So don’t confuse my dumb luck with the possibility of timeshare awesomeness.

If you’re looking for alternatives to timeshares here are some that come to mind (I’m sure there are many more out there):

  • Costco Travel: like all things Costco they have great and most importantly fixed pricing. What you see is indeed what you get with Costco.
  • Airbnb: I haven’t personally used the service, but it’s on my list of things to try.

Meditation and Mindfulness – a Book Review of “The Mindful Geek” and Some Suggestions for the Practice

Note: I have one Amazon affiliate link marked with (^a).

A Book Review of “The Mindful Geek: Secular Meditation for Smart Skeptics”

I just finished “The Mindful Geek: Secular Meditation for Smart Skeptics”(^a) and I found it to be both useful and enjoyable.

I first heard about Michael Taft’s book in David McRaney’s excellent You Are Not So Smart podcast – episode 061. I enjoyed the episode and Taft’s approach to mindfulness and meditation.

I’ve been a big fan of Thich Nhat Hanh’s books. When I read one of his books I typically feel that peace and clarity are within reach, but as soon as I put the book away I feel like I just experienced a magician’s puff of smoke. Or perhaps it’s more along the lines of the “then a miracle occurs” cartoon. Of course, this is likely more of a failing of mine than of TNH’s books.

And a Miracle Happens

Taft’s approach to mindfulness and meditation as a technology is quite refreshing. He approaches this technology in a somewhat computer sciencey way without being dry and boring. He alternates between an explanation of the how/why of meditation/mindfulness and the actual doing of it through specific practices. The meditation algorithm chapter is amazing, and it has an explanation with a flowchart…a FLOWCHART. This excites my geeky heart to no end.

Then there’s the “Reach Out with Your Feelings” chapter that really reaches into emotions – what they mean and how they can help. This is especially helpful for those of us that live more in our heads than in our hearts. Additionally, this chapter begins with a reference to Star Wars (so how could it not be full of awesome?):

It’s time for the Rebel Alliance to make their desperate attack on the Death Star. As Luke Skywalker rolls his X-wing fighter in toward the canyon-like surface of the battle station, the voice of Obi-Wan Kenobi speaks right into his head.

Of course at the end of the day meditation is all about doing rather than conceptually thinking about it. Taft hammers this home through the step-by-step directions for various meditation techniques. Not only that – but he also explains the reason for the specific practices. For each of these practices, he also has a guided audio track (a 5-minute version and a 30-minute version) at https://themindfulgeek.com/guided/. The audio is far from perfect, but that’s ok with me since it’s a guide for doing meditation and it reflects the imperfection of my practice. After all, the guided recordings are not the key; the key is to sit one’s butt down for a minimum of 10 minutes a day.

There are few books that I re-read, but this is one of the few that I will go back to.

You might find Taft’s book and approach useful if:

  1. You are someone that lives more in your head.
  2. You are looking to learn/practice mindfulness/meditation without any religious or philosophical dressing.

Some Suggestions for the Practice

Some additional resources that may be useful in regards to a meditation practice:

  • At the beginning of this year I tested various meditation apps on the iPhone in terms of the teaching of meditation practice and cost (Mindfulness Daily, Headspace, and Calm). I was planning to write an epic post about these apps but in case I never get to it – here are my conclusions:
    • Mindfulness Daily is the winner because it thoroughly teaches you meditation over 21 days and it does not demand a recurring subscription (unlike the other apps). It also provides various daily reminders to snap you out of the daily chatter of your mind.
    • On a daily basis I ended up using the GoodReader app to play Taft’s guided audio track followed by a 5 minute bell timer (below) GoodReader is an amazing app that is truly a Swiss Army knife for all kinds of media (whether reading/writing to PDFs, listening to audio, and so on). It is worth every penny.
  • Blissfully simple audio timers with a bell at the beginning and end: http://www.the-guided-meditation-site.com/zen-meditation-timer.html

  • Episode 82 of the Asian Efficiency podcast had an interview with an interesting guy (Dr. Andrew Hill) who in turn had a very nice (i.e. simple) way to practice meditation. You can find his practice on this page.

In Conclusion…

I initially wrote this article with the intent of just a book review. It ended up being a bit more than I expected.

Contact me via Twitter (@eli4d) if:

  • You’ve read the book and have ideas/opinions about it.
  • You found a great, simple, and effective approach to meditation (URLs to specifics would be very useful).
  • You want to say ‘hello’ 🙂 .

A Tiny Little Privacy Hack for Grammarly

Remember your English teacher in high school?

Do your remember THAT English teacher in high school? Well, I remember THAT one. Her name was Miss Johnson (I’ve changed this name of course :-)). I don’t remember much of Miss Johnson’s teaching, but I do remember one incident when I accidentally called her “Mrs. Johnson”. After uttering those two words, time stopped, the clouds darkened, and Miss Johnson turned around and became Voldemort. She yelled at me with a quiet hissing tone – “IT’S MISS JOHNSON, NOT MRS. – IS THAT SO DIFFICULT TO UNDERSTAND?” She then turned back and continued with the lesson muttering some other words under her breath.

I may have forgotten my grammar and my English, but I never ever forgot to use ‘miss’ when addressing Miss Johnson.

You don’t need a Miss Johnson – you just need Grammarly

I LOVE Grammarly. It’s an excellent English teacher without the attitude and embarrassment of dealing with a Miss Johnson. While the Grammarly site (https://www.grammarly.com/) explains all of the features, I think that the Grammarly magic can best be summarized in 2 steps.

You don't need a Miss Johnson - you just need Grammarly

Grammarly Magic – 1

Here’s William Ernest Henley‘s poem Invictus. It is one of those gritty determination types of poem that has been inspirational (at times).

Getting back to Grammarly – so notice that Grammarly flagged a grammar issue. Now looking at this, you would think “well – even Word can do this” and I would answer with “Yes but WAIT TILL STEP 2.”

Grammarly Magic - 1

Grammarly Magic – 2

By choosing to expand the explanation card, you get to see the Grammarly magic. It’s Miss Johnson without the terror and attitude. Here we get to understand why Mr. Henley should have used a comma (now granted – it’s a poem, so in a sense it’s an ‘anything goes’ grammar stew). My point is that Grammarly teaches you about grammar usage using the best relevant examples i.e. your day-to-day writing.

Of course, you don’t have to expand that card, and you can just go based on whatever ‘sounds’ right. But there’s something educationally magical to have this card explain the problems with one’s writing. And if I learn what’s wrong with my writing, I can become a better writer. Grammarly gives you the gift of education without the high school English flashbacks of Miss Johnson. This gift makes Grammarly fantastic!

I have yet to encounter another web service that does such an amazing job at teaching without seeming to teach.

Grammarly Magic - 2

Houston – we have a teeny tiny privacy problem with Grammarly

So hopefully I’ve established how much I like the service. However, like all things on and off the web, Grammarly has an issue when it comes to privacy of information. I’ll explain the problem by covering:

  • The two methods which Grammarly uses to check your work
  • Some fatal privacy assumption that we all make

Then we’ll cover an easy solution for one of the privacy issues.

How Grammarly checks your work – Method 1

The first method is to type/copy your words into Grammarly’s editor. Grammarly checks your words and shows you the errors.

You can do this on Grammarly’s web application (at https://app.grammarly.com/)) or through a native application such as Grammarly’s native Mac application.

Questions to consider:

  • On the web application – where does Grammarly store your document?
  • On the native Mac application – where does Grammarly store your document?

How Grammarly checks your work - Method 1

How Grammarly checks your work – Method 2

In the second method, Grammarly checks your work within your web browser. In this case, you need to have Grammarly’s plug-in installed for your specific browser (there are plug-ins for all the major browsers). In the example below, I’m writing an email in Gmail and Grammarly does the checks right on the web page.

Note: As an aside, there are certain sites/conditions where Grammarly will not work. For example, Google drive is not supported at this point.

Question: So in this case – where does Grammarly store your document? Or does it even store your document at all when you’re in something like Gmail?

How Grammarly checks your work - Method 2

Where does your work reside after Grammarly checks it?

As mentioned in the previous steps, a fundamental question is where is your work/data when Grammarly checks it?

The answers are as follows:

  1. If you’re on Grammarly’s web application, then your document is in your Grammarly account. Makes sense – right?
  2. If you’re on a web page (like Gmail’s “Compose an email” page), then Grammarly checks the document, but it does not store your document in your Grammarly account as a ‘document.’
  3. If you’re in a native application (like Grammarly’s Mac client) then Grammarly stores your document on your Grammarly account on the web.

Where does your work reside after Grammarly checks it?

Fatal Privacy Issue – Grammarly’s Native Applications

It is the native application (like the Mac app) that is troublesome from a privacy perspective. After all, if it’s a native application, you would expect the app to save your document on your Mac. If you pursue this assumption, then you would think that using the native application would provide more privacy than any other approach, and you would be completely wrong.

You might be thinking “well that’s not a big deal – Grammarly’s native application is just a wrapper to the web application”. Unfortunately, it is somewhat of a big deal. Consider these scenarios:

  • You are writing a sensitive vendor contract or HR document.
  • You are writing a sensitive internal email to an employee.

There are lots of scenarios besides the above two. The point is that you would not want your document to be stored on Grammarly’s servers (i.e. by being a ‘document’ in your Grammarly account) for sensitive documents/information. Consequently, using Grammarly’s native application could be disastrous from a privacy perspective.

Houston – we have a solution

Grammarly’s browser plug-in provides the solution for our teeny tiny privacy issue. The on-the-web page check is the only Grammarly method that does not store anything in one’s Grammarly account.

Note: There is still a period of time when Grammarly’s web service has the data for the in-web-page checks. I checked with Grammarly’s support folks and found out that “User Data is stored on our servers for up to 14 days. After 14 days, deleted user content is completely removed from our servers.” So if you’re dealing with extremely sensitive information that shouldn’t leave the premises of your network, then you should skip Grammarly altogether. The solution I propose in this section prevents your document from being stored on the web application side as a document. Of course, the usual disclaimers apply regarding anything that I state in this article and throughout my site.

Special Thanks to Kasey and Christine from Grammarly’s Support Team

I’ve come across many support teams, and there’s this very fine line between a ‘just stop asking me questions’ curt response and a sincere, helpful response. Grammarly’s support team goes beyond the ‘curt’ approach, and I really appreciate it.

Kasey answered my questions about the browser plug-in while Christine answered my data retention questions.

Solution Approach

My initial approach to prevent Grammarly from storing my words as a document on my Grammarly web account was to create a simple page with a textarea and no submit button. All I wanted was that tiny little green Grammarly refresh icon to show up. But I got nothing. So I contacted Grammarly support.

Solution Approach

My question to Grammarly support

My question to Grammarly support

Grammarly support response regarding textarea

In relatively quick order the fantastic Kasey responded with the answer. The moment I read this, I did an immediate face-palm – of course it couldn’t see a local file. So I had to put my super simple page on a web server somewhere.

Grammarly support response regarding textarea

Where to store my super simple html file?

I could, of course, spin up a Digital Ocean* droplet, but that would be somewhat ridiculous for one html page (it would be the equivalent of swatting a mosquito with a hammer). My K.I.S.S. (Keep It Super Simple) choices were either an Amazon S3 bucket or GitHub Pages. I ended up going with the creation of a GitHub page.

Where to store my super simple html file?

Here are the steps to the solution

You can find my tiny little Grammarly hack page at http://eli4d.github.io/tiny-grammarly-hack.html. You can use my page or create your own and toss it on a web server.

The steps are as follows:

  1. Get an account on Grammarly (you can get a free one or a paid one – up to you)
  2. Pick your least used browser (in my case it was Safari):
  3. Whenever you want to check a document (text only), just copy and paste it into the textarea box and click on the little green Grammarly refresh icon.
  4. After fixes to your document, make sure to copy everything from the textarea box back to your document.

Using the above steps you can use Grammarly without worrying that a document will be created and stored in your Grammarly account.

A reminder: As mentioned above – this method does not prevent Grammarly from storing your data (even this temporary data). In fact, according to Grammarly support you must assume that even for this sort of temporary check, Grammarly’s servers will hold you words for 14 days. That’s a bit crazy from a privacy/security point of view but this retention time is up to Grammarly’s management.

Here are the steps to the solution

Conclusion

Is Grammarly’s service awesome? Absolutely. It’s like having a nice electronic version of your high school grammar teacher (like Miss Johnson) minus the meanness.

Is Grammarly private? It’s as private as any web application that’s on the Internet (my assumption of course because I have not seen any architecture/security documents about their infrastructure). The steps I provide in this article related to preventing Grammarly from storing your document in your Grammarly account. So if someone breaks into your account on Grammarly, they won’t see anything. On the other hand, if someone breaks into Grammarly’s servers, then they could potentially get to any in-line checked user documents (even if the document is not saved in your user account) because of Grammarly’s stated 14 day retention period.

Personally, I find Grammarly’s service to be invaluable. I get to explore the quirkiness of my writing in conjunction with the quirkiness of the English language, and I get to learn to write better.

(And in case you were wondering – yes – I did use Grammarly on this article, but I choose to ignore some suggested fixes and keep my quirkiness)

How to Use your Amazon Prime No-Rush Credits

Overview

In this post I cover how to use Amazon Prime’s no-rush credits. This applies if you’re an Amazon Prime customer. I’ve gotten burned several times because the credit expired or when I tried to use it when it didn’t apply to the item that I was purchasing. I’m writing this post to remind myself how to do this and for anyone else that has wondered about this credit usage.

And to Amazon support: You’re welcome – feel free to extend my Prime Membership at your convenience 🙂

It begins at the checkout screen

What’s that you say Amazon? Get $1 if I don’t use my Amazon Prime two-day shipping? Sure – why not.

It begins at the checkout screen

What’s that – get a $1 credit for a purchase of what item?

So what are those details?

What's that - get a $1 credit for a purchase of what item?

The “Details”?

So what are “select eBooks…”? It seems simple but nothing tells you exactly what you can purchase 😦

The "Details"?

So when you choose the no-rush shipping option…

Lets say that you love David McRaney’s podcast (the cookie eating segment is the BEST) but you don’t need the book right now. So you choose the no-rush shipping and initially nothing happens. You don’t get any information about the $1 credit until the book ships (which makes sense if you think about it – why give you the credit until your item is being shipped via the no-rush date).

When the book ships you get

When the book ships you get

Clicking on additional information once again

So here’s another explanation of the credit and what you can purchase.

But what can I purchase Amazon? I want to use that $1 wisely!

Clicking on additional information once again

So what does this mean?

Q: It sure feels like I can use this on whatever Amazon sells – right?

A: Wrong!

I ended up contacting support regarding this and I got the scoop, skinny, and explanation.

The EXPLANATION with a delicious Hunger Games example

A very nice Amazon support associate called me back when I asked for help through the website. I told the lady (lets call her Jane) that I purchased an ebook and my dollar credit didn’t kick in. Jane empathized with my frugality based sadness. She told me that the “credit only applies to items sold by Amazon Digital Services”. I asked her for an example. She told me to look up the “Hunger Games” books. She said that the key is the “Sold by” area. If that has Amazon Digital Services then the credit applies, otherwise you’re out of luck.

She told me that I should start any search with “Amazon Digital Services” and narrow my query parameters from there.

I thanked Jane for her clear explanation and help (marking the feedback email with AWESOME).

The EXPLANATION with a delicious Hunger Games example

Time to search for “Amazon Digital Services”

So first step is the general search query of “Amazon Digital Services”

Time to search for "Amazon Digital Services"

Lets narrow it down based on department

Choosing “Books” for example from the department drop-down.

Lets narrow it down based on department

Narrowing the department choice further (Books in this case) using the left-side choices

The left-side menu is THE way to narrow the search criteria within a department.

For the Books department I typically use the:

  • Type of book (1)
  • Book format (2)

    These choices are quite useful if you’re a Kindle book hoarder 🙂 .

Narrowing the department choice (Books in this case) using the left-side choices

It’s time for some sweet Space Opera Kindle Books

Here’s an example of search narrowing using the left-side choices.

It's time for some sweet Space Opera Kindle books

Use the credit right away

To each his own of course but due to a fairly quick expiration date on the no-rush credits I suggest that you use the credit right away. Just bookmark your search query with your narrow criteria and you’re on your way.

Conclusion

So there you go. Maximum use of Amazon’s no-rush credit.

Enjoy!


Please let me know via Twitter (@eli4d) if you found this post useful.

Notes on installing an FTP server on a Digital Ocean virtual machine running Ubuntu 14

Overview

These are some quick notes/lessons related to vsftpd installation on Ubuntu 14. My reason for creating such a server was that I wanted to collect photos for an event (from the guests that came to the event). I had originally thought this was going to be easy with my 1 TB Dropbox account. What I didn’t realize was that in order for anyone to upload to a shared Dropbox folder, that person has to have an account on Dropbox.

So rather than hassle people about creating a Dropbox account, I figured that a temporary FTP server through Digital Ocean* would be easier. While I deployed the server and got it working for my needs I later realized that I was trading the ‘you need to create a Dropbox account’ hassle with ‘you need to upload using a FTP program’. I realized that this was a bad approach too since I was dealing with users that had a wide (wide) range of technical comfort and knowledge.

* Note that my Digital Ocean links in this post are referral links – they’re a great service which I really like and I definitely recommend.

Creating a virtual machine on Digital Ocean

Creating a virtual machine (i.e. a ‘Droplet’ per Digital Ocean’s jargon) on Digital Ocean (DO) literally takes 55 seconds (which is pretty amazing). DO’s support center (https://cloud.digitalocean.com/support/suggestions) walks you through clear instructions on doing this.

I went with Ubuntu 14,04 because it is an LTS version and was likely to be quite stable. Of course I didn’t need long term support for such a short-lived server but I figured the stability would be worth it.

Creating a virtual machine on Digital Ocean

SSH Keys

DO will email your root password or you can create SSH keys and put the public one on your instance for easy log-in.

I used the https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys–2 instructions for ssh key association with my droplet. This line from the instructions did not work for me:

 cat ~/.ssh/id_rsa_digitalocean.pub | ssh user@123.45.56.78 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

So I ended up destroying and re-creating my droplet and pre-associating the public key that I had just generated. Since it’s really fast, there was no big negative in doing it this way. Of course I could have used scp to the copy of the public key too if I didn’t want to re-create the droplet.

Installing and configuring the FTP server (vsftpd)

Installing vsftpd

I found pretty good instructions on https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-on-ubuntu-12-04 for the initial installation.

The key is to install vsftpd and configure /etc/vsftp.conf:

 apt-get install vsftpd

When looking at vsftpd’s configuration – Vim drove me a bit batty with the built-in color syntax-ing (tons of dark shades of unreadable color) and I had to turn that off. The instrutions at http://vim.wikia.com/wiki/How_to_turn_off_all_colors explained how to do this (just put these at the end of the .vimrc):

 syntax off
 set nohlsearch
 set t_Co=0

550 error

My initial run of vsftpd per the tutorial that I found yielded a 550 error. This was one of a cavalcade of errors when testing different vsftpd configurations. The long and short of it is that the ftp server can be configured in different ways (anonymous download only, download and upload, etc…). Each of these possibilities yields different permutation of options in /etc/vsftpd.conf and the potential of other supporting files (for example – virtual users need more configuration files).

My configuration goal was a single user that could upload files to his home directory. This was going to be a shared user among different people that attended the above mentioned event. My assumption was that each would put their photos in a sub-directory that I created for them (see “Conclusion” section of this post for why this was a poor assumption).

So…I needed a chrooted ‘regular’ user for this configuration. Below is my final /etc/vsftpd.conf configuration and here are some useful sources of information.

550 error

Creating the ftp user – 1

I created the user using:

 useradd ftpuser

How-To Geek has a good article about useradd. Ubuntu also has an adduser command too. Both do the same thing but I found useradd to be easier to use.

After creating the ftpuser I decided to give my ftpuser a brilliantly simple password and it was ftpuser.

 passwd ftpuser

My intent was to make it easy on my users. This was a fatal (and dumb) security mistake. I am well versed in the stupidity of security by obscurity and I fell for it thinking that ‘no one is going to find the ip of this droplet’. I cover this lesson in the “Conclusion” section of this post.

Creating the ftp user – 2

One initial issue with my user and vsftpd was this error:

 500 OOPS: vsftpd: refusing to run with writable root inside chroot()

The problem was that ftpuser’s home directory didn’t have proper permissions for chroot to work correctly. Basically, the home directory of ftpuser cannot be writeable but sub-directories need to be writeable. So I did the following:

 As ftpuser within ftpuser's home directory:
 ftpuser@myawesomedroplet:~$ chmod 755 ../ftpuser/
 ftpuser@myawesomedroplet:~$ mkdir _test
 ftpuser@myawesomedroplet:~$ chmod 555 ../ftpuser/
 ftpuser@myawesomedroplet:~$ touch test
 touch: cannot touch ‘test’: Permission denied
 ftpuser@myawesomedroplet:~$ exit
 As root:
 root@myawesomedroplet:/home/ftpuser# service vsftpd restart

The _test directory is where I would have my logged-in user put their photos (well something better than _test)

For more info on this see: http://askubuntu.com/questions/239239/500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot-keep-user-j

Some insecurities

Everything looks good but…

After the above configuration for both vsftpd.conf and my local user I was all set. I tested logging-in via an ftp client, changing to _test and uploading a file and it all worked swimmingly. Then the next day I tested the exact same thing and I couldn’t log into the ftpuser account. I changed the password back to *ftpuser* and in 24 hours the exact same thing happened.

Well maybe it’s a security patch thing

I thought that perhaps my system wasn’t sufficiently patched (the magical thinking trap kicking in). So I went ahead and patched it. I also used the script from https://www.digitalocean.com/community/questions/updating-new-ubuntu-droplet-security-updates to make it easier on myself.

Chris Fido in his Servers for Hackers has an even better approach to get automatic security patches using cron and the specific Ubuntu distribution.

Nope it’s not a patch thing

My ftpuser kept being inaccessible after a few hours passed since changing its password to my brilliant password of ftpuser. So I decided to ask my question on askubuntu.com:

http://askubuntu.com/questions/691375/on-ubuntu-14-04-3-something-is-changing-regular-users-password-within-24-hour

Nope it's not a patch thing

Vincent Flesouras rocks!

I got a fantastic answered from a gentleman named Vincent Flesouras.

The short answer: security by obscurity doesn’t work. I feel like Bart Simpson at the black board repeating this sentence over and over again.

Vincent Flesouras rocks!

Next action

The next step would be to throw away my Digital Ocean droplet and re-create it with something like Ansible. Since Digital Ocean charges me based on an the existence of an instance (whether it’s online or shut off it still costs), this would also save my some money and create a repeatable virtual machine.

I stopped here because I realized that the FTP server approach was the wrong approach for my audience. I think a better solution would be a webserver approach for easy upload of files (perhaps Caddy with some Golang goodness) but this will have to wait for another time because I’m out of time.

Conclusion

I learned the following lessons:

  1. Before diving into something, make absolutely sure you know how your least technical user will use your product/creation/monstrocity. I had assumed the built-in pervasiveness of ftp clients within all web browsers. The problem is that this is true but in the wrong direction for my use case. Most web browsers can connect to an anonymous ftp server to download files not upload them. Of course there are plenty of web based ftp clients, but then I’m giving a third party access to this ftp server with personal items (i.e. photos) on there. So…an ftp server was the wrong solution for this problem to begin with.
  2. Never ever ever use a super simplistic password relying on the obscurity of your server (i.e. ‘just’ an IP without an associated domain). Rationally, I knew this to be the case but there’s nothing like your brand spanking new user account on a brand spanking new virtual machine changing passwords ‘by itself’ every day.
  3. I should have used Ansible or some such orchestration software for the creation of the server. It would have allowed me to quickly and cleanly destroy/create server instances. This would have helped with testing of my server’s configuration (security and otherwise).

This was definitely a learning experience both about vsftpd and security.