ol.footnotes li {list-style-type:decimal;}

Installing Windows device drivers for absent devices


[This is really one of those "notes to myself that might benefit someone else someday", so please forgive the relative lack of formatting. If you have trouble following this, just leave a comment, and I'll happily expand the post for you and other readers.]

I wanted to set up a Windows server to accept login via my employer-issued smart card, but, as you might expect, the server has no smart card reader attached to it.

With no smart card reader, there’s no good way to get Windows to notice the missing device driver and grab it from Windows Update.

Happily, if Windows Update knows about a device driver, you can manually search it out and install it. Just go to Microsoft Update Catalog on the machine that needs the device driver and type the name of your device into the search box. (In my case, “Gemalto smart card” was what I was looking for.)

You’ll be presented with a list of drivers that Windows Update expects to work with your machine. Click “Add” by one of your favorites and then click “view basket” in the upper right corner.

Next, choose the download button, and select a folder to put the downloaded files into.

Uncompress the downloaded .cab file into a temporary folder.

Finally, fire up Device Manager, right-click your computer’s name at the top of the devices tree-view, Add Legacy Hardware…, Install manually, Show All Devices. (This should feel really familiar from the Windows 9x days, but probably something you haven’t had to do in around 10 years.)

Have disk…, Browse, choose the place to which you extracted the .cab file two paragraphs ago, choose the device that you’re trying to configure.

Voila! You should have successfully installed the driver that you’re trying to configure. In my case, this meant that the very next time I connected to the server over Remote Desktop, I could successfully authenticate with my smart card. Yippee!

Embedding Cordova (PhoneGap) in MonoTouch apps

MonoPlusPhoneGapWhen it comes to writing hybrid mobile apps on iOS today, you usually get to pick between two extremes: 1) primarily use web development technologies and host them in an enhanced WebView (such as PhoneGap), or 2) write a fundamentally native application (CocoaTouch, MonoTouch) and sprinkle in WebViews from time to time and write your own ad hoc gateway between the WebView and your native code.

Today, we’re going to talk about a way to embed a Cordova1 web view in a MonoTouch application. To get a high-level overview of what we’re going to be doing, you can look at the documentation for the Xcode and CocoaTouch version of this process.


FIrst things first. You’ll need to clone both of the following repositories from GitHub:

Implementation steps

I believe you’ll find it easiest to follow along with these steps if you at least skim through the Screencast that I’ve embedded below.

  1. Create a new Tabbed Application project in MonoDevelop.
  2. In your Project References, add a Reference to monotouch-bindings/Cordova/Binding/Cordova.dll (monotouch-bindings is one of the repos that you cloned during the prereqs step above).
  3. Use Cordova’s create tool in incubator-cordova-ios/bin to create a Cordova project (for example: ./create ~/src/xamarin/cordova-stub com.greenesse.cordova-stub CordovaStub)
  4. Copy Cordova.plist from your freshly created Cordova project’s cordova-stub/CordovaStub folder into the root of your MonoDevelop project. Note: be sure to set its build action to "Content" in MonoDevelop.
  5. Copy the entire contents of cordova-stub/www to a www folder in your MonoDevelop project. (I ran cp -r www ../CordovaTest/www from within the cordova-stub folder.)
    1. Be sure to set the build action for all of the files within your project’s www folder to "Content". I don’t like using multi-select in MonoDevelop for this, especially when there are crazy folder nestings and more than a dozen files, so I run the one-liner find www | awk ‘{ print "    <Content Include=\"" $0 "\" />" }’ to generate a bunch of lines for me to copy and paste into my .csproj file.
  6. In Interface Builder, delete the sample text from SecondViewControl.xib, and add a single View that takes up all of the space below the application’s toolbar.
  7. Wire the freshly added view to an outlet called bounds. Save your XIB file and return to MonoDevelop.
  8. Make the following code changes to SecondViewController.cs:


With that, you should be able to compile and run the application in the iOS Simulator, as well as on actual iOS hardware. You’ll notice that the second tab in the demo application does, indeed, now host a Cordova web view. You can add multiple CDVViewControllers, each pointing to a different WwwFolderPath and/or StartPage. The sky’s the limit!

Future exploration

Additional topics that we could explore in the future include:

  • Writing Cordova plug-ins entirely in MonoTouch.
  • Hosting a gallery of Cordova samples behind a native ListView.

Do you want to explore any of those? Do you have any other things we should dive deeper into?


Embedding Cordova (PhoneGap) in a MonoTouch app from Scott Blomquist on Vimeo.

  1. If you’re like me, when you see the word “Cordova”, you should think “PhoneGap”. The name Cordova refers to the Apache open source project born from Nitobi’s PhoneGap. When Adobe acquired Nitobi, they kept PhoneGap as a trademark for their own value-added products and services that are built around the Cordova core. []

Worst registration form on the internet? DZone.com

Among the sites that I check from time to time for interesting dev-centric links is DZone.com. It skews a little more toward enterprise than do Hacker News or Proggit, and, thus, provides a good way for me to keep my finger on the pulse of popular trends among enterprise developers.

They also have managed to put together some really interesting quick-ref cards that they market under the Refcardz brand. One day, I decided to create a DZone account so that I could download some Refcardz.

Turned that was much easier said than done.

They start by asking for entirely too much information, none of which is optional: Name, Address, Phone number, Company, Title, Size. But that’s not even the killer part. The worst thing was that no matter how many times I submitted my information and no matter what variations on spelling I tried, my request got rejected as “Invalid Phone number” and “Invalid Address”. Well, guys, I’m not even trying to give you crap information yet, and I’m pretty sure I’m more qualified to attest to the validity of my information than you are. What gives?

So I emailed them. Here’s what they had to say:

“We apologize for the difficulty, sometimes this happens.”

Wait—so it’s a known issue that sometimes your form rejects known-good registration attempts and your best fix is to ask for a screenshot? Oof. I left them that day telling them that once they fix their form I’ll consider signing up.

Fast-forward 4 months, I decided to try again. Failed again with the same validation errors so I emailed support again with a  frustrated request for them to fix their site.

This time they replied:

“I was able to find your registration attempt and it looks like the problem was your area code is from California and your address is Washington state. I overrode that requirement and finalized registration for you.”

Wait—the reason I was being rejected was that my area code wasn’t consistent with my ZIP code? Have they ever heard of cell phones? If they only want members that haven’t moved and kept a phone number the same, then I’m almost not sure I want to be a member.

A little bit of Stack Overflow irony

This isn’t all that important of a post, but the circumstances were a little bit shocking at first and then at least mildly entertaining to me, so I figure I’ll write down the story.

Sometime in the last week or so, I crossed the 10k reputation threshold on Stack Overflow. I’ve had my eye on that particular reputation level for quite a while, primarily because of the “View deleted posts” privilege that comes along with it. This privilege would enable me to browse such classic (deleted) questions as:

So after about a week of reading the Classics, I popped on to SO to do some question answering, and guess what? My reputation had blinked back down to 9969. With just a little bit of digging, I discovered that the question to which I had posted my most upvoted answer of all time had been deleted as off topic.

The most entertaining part (and it’s even properly ironic) is that since I had just lost enough reputation that I no longer had the “view deleted posts” privilege, I couldn’t directly browse the question to retrieve and preserve my answer. I actually had to have StackPrinter rescue it from its cached copy of the content.

Before long (probably even tonight), I’ll manage to scramble back over the 10k mark, and could once again see the content on Stack Overflow. But since the post has fallen down the memory hole for all practical purposes, I’ve included it here for posterity:

What’s the funniest bug you’ve ever experienced?

At Microsoft, there’s a hardware test lab that’s responsible for testing the zillions of webcams out there against each new build of Windows to make sure it doesn’t break anything. One of the webcams was rolling when the 2001 Seattle earthquake hit .

After that earthquake, every bug database in the entire company had a few bugs entered of the form “when I click on the Update button, the entire lab starts shaking”, or “when I deleted the file, things started falling off the shelves”.

Most of the bugs of that form were closed “not repro”.

How to neutralize office politics

nixon-i-am-not-a-crookEveryone I know hates office politics. Most folks can’t define it, but, in the oft-quoted words of Supreme Court Justice Potter Stewart, they know it when they see it. I’ve gotten to the bottom of what it is that we all actually hate, and I even have some easy to understand steps to take to neutralize office politics once and for all.

Politics in the world

Let’s start by trying to simply define “politics”. The typical definitions deal with politics as the mechanism of collective decision making, and politicians as the executive agents within such a system. There’s nothing inherently worthy of our hatred in those pure definitions. For politicians in all but the smallest jurisdictions, the voters outnumber a politician so vastly, most of them cannot possibly know the politician personally and perception comes to matter more than the actual facts.  At that point, since it’s mostly a game of perceptions anyway, and if you’re guaranteed to have detractors no matter what, it’s best to simply embrace the game and behave in ways that strengthen positive feelings toward you with your supporters, even if it means stronger negative feelings among your detractors. Simplistically, if 51% of people have a strong to moderate positive perception of you, it doesn’t matter how much the other 49% of people hate you—you’re going to get (re-)elected, which is the entire reason you’re in the game to begin with.

Although I’m hoping that there is some good way to pull politicians back to selflessly fighting for justice and progress, Clay Shirky predicts that technology will make the asymmetry of fame even worse, which probably means we’ll have to make some very fundamental changes to the incentives around politics before we can get politicians to behave like real people instead of ruthless game theorists.

Politics in the office

“But wait!”, you may object—that analysis doesn’t map very cleanly to the workplace. After all, in the workplace, we don’t keep score at all like we do in the politics of government—instead of voters who have collective and indirect power to elect us or oust us, there are individuals who control our destiny much more top-down in the form of hiring, firing, and directing. While it’s certainly true that the scoring system is much different, it doesn’t change the human tendency to attempt to game the scoring system. In fact, with the hierarchical scoring system that exists in the office, it’s even easier for a ruthless game theorist to determine with whom he should focus his perception-management efforts!

Since one’s bosses and other senior colleagues have a disproportionate amount of control over one’s advancement and influence, it doesn’t take a game theory expert to figure out whose perceptions to spend time and effort managing and whose perceptions one can afford to neglect.

For those whose perceptions are not being managed, the office politician is perceived at best as an overrated, underachieving brown-noser or, more poisonously, as a conniving jerk. For those (probably managers) whose perceptions are being managed, the office politician probably looks like he is always doing exactly the right things in the right ways, is getting great results on everything worth measuring, and is otherwise a great guy who ought to be given even more responsibility.

The office politician’s legacy

So is the office politician actually Captain Accomplishment? or is he a poisonous jerk. In the short term, he probably really is getting great results—the fact that he’s improving all of the metrics that he’s been asked to improve isn’t surprising. After all, by virtue of his playing at politics, he’s already indicated that he’s at least a passable game theorist and what are typical business metrics but another scoring system to be gamed?

In the longer term, the respect that he’s lost from the group to whom he isn’t pandering (his direct reports and peers), will begin to blow back. His team will start spending time maneuvering around him, they won’t rally like they used to in tough times, and they won’t think twice about jumping ship for other opportunities—all because they’re collateral damage in the workplace politician’s campaign to manage perceptions upward.

And besides, nearly every one of us knows from direct experience that the office politician is a total downer. The fact that he can be so awful and still get every promotion contributes to a jaded outlook on corporate life worthy of a film noir gumshoe.

How to neutralize office politics

The good news is that for the same reasons that it’s easier to get started in office politics than in government, it’s easier for an organization staffed with sufficiently self-aware managers to spot and mitigate the impact of those engaged in office politics.

Here’s how:

1. Value Openness and Transparency from every level

Remember that the game of the office politician is one of asymmetric perception management. Unlike in the politics of government, there are very few companies that are so large that politicians are abstract, remote actors that have to be judged through the thin context of sound bites. Additionally, while the values and motives of the collective behavior of the electorate are complex emergent phenomena that can hardly be predicted, let alone fully understood, the values and motives of the relatively few central decision makers can be observed and reasoned about if they’re willing to participate.

Most organizations don’t prioritize making decisions in the framework of transparent values and motives because it’s easier for senior leaders to simply publish decisions in the form of an opaque and capricious decree along with a “trust us, we’re smart and we’re fair, but we’re too busy to elaborate”.

In a transparent organization that values openness, it’s both possible and extremely healthy for central decision makers to communicate early and often about the organization’s core values—what behaviors and results should those outside the inner circle expect will be recognized and rewarded? Why are those who are installed into leadership positions chosen and how will they be measured?

Making even a small, but sustained, investment in outward flow of candid information will help tremendously with making decisions more understandable and predictable, and keeping upward and downward perceptions aligned. And it’s really just a matter of making it a priority for senior leaders to put in the effort.

2. Make sure feedback flows up at least two levels

In addition to communicating more openly downward, those near the top of the organization should make sure that candid information can flow upward as well. In an organization where everything a senior leader knows about their extended organization comes to them from only one level down, there is opportunity for perception management to emerge. If open communication downward brought downward perceptions closer to matching the complex reality of difficult situations, open communication upward is even more important in aligning upward perception with the spin-free truth. As a senior leader takes time to get candid feedback from those in his organization and even his organizational nephews and nieces, he should gather as much perspective on as much of the organization as possible—the primary goal being to learn how things appear from below, and sideways. He should further take the time to square what he’s hearing with what he hears from his directs and his peers. The political incentives are such that he and his peers are almost sure to be getting heavily biased information from their directs, but the truth surely lies somewhere in between.

3. Eschew zero-sum scorekeeping

With the first two steps addressing the cases where perception doesn’t quite capture the truth, there’s still at least one failure mode in the incentive structure that exists around a typical organization—namely that of zero-sum scorekeeping. Going back to the theme of politics-as-game-theory, if it’s possible to improve one’s standing by driving others down, the ruthless game theorist will occasionally make such a play. As a manager, this behavior can be moderated by encouraging collaboration—i.e. encourage folks in your organization to construct stories of the form “I and my peer over there worked together to do X” or “these specific individuals on my team improve Y—I simply enabled it”. Zero-sum scorekeeping discourages both of those templates, but if your organization makes it a conscious point to recognize and reward them specifically, it’ll go a long way to encouraging universally beneficial behavior inside your well-communicating company.

Now for the hard part

So you’ve read my rant about what defines office politics, what causes it, and even three easy-to-understand steps that can be taken to neutralize it. But the hard part still remains—actually executing on this theory. Remember that the reason office politics manifests itself in exactly the same ways in nearly every company above a certain size is that it naturally arises from the way we humans operate in an organization. Busy senior leaders find it difficult to make time to communicate downward or to spend time gathering high-quality feedback from deep within their organizations. It also takes effort for them to their directs to spend effort on making things better together with their peers. None of this behavior is natural in a typical organization, and may even be a net loss for the first to adopt them in the short term.

If you’re an individual contributor, ask for a monthly 30-minute 1:1 with your boss’s boss (perhaps clearing it with your boss first if you’re in that kind of organization). Make sure they hear your perspective on how things are going both in your immediate team and in peer teams throughout the organization. Make sure you ask questions about what thinking went into the recent big decisions that affect your daily work. Make sure they understand that you’re representing other opinions as well, and encourage them to get the answers out on their own so that everybody understands their perspective.

Whether you’re a senior leader, an individual contributor, or somewhere in between, the best way to make sure that your office transcends the noise of workplace politics, is to foster a company culture that values Openness and Transparency in all directions and recognizes and rewards collaborative behavior instead of falling into the usual lazy traps of communicating as little as possible and enabling zero-sum competition.

Dreading Apple’s upcoming sandboxing

Screen Shot 2012-02-16 at 11.55.08 PM

[Update: Apple gave us a 3 month reprieve. I'm still dreading this, though.]

I’m not looking forward to Apple’s impending move to sandbox all apps delivered through the Mac App Store. At the very highest level, I understand the technical motivation for doing it—one of the biggest reasons people don’t download software is that it’s nigh on impossible to know what software one can trust. And sandboxing makes the already well-policed App Store into an environment worthy of nearly implicit trust. The bottom line is that barring significant security defects, a sandboxed app just can’t do nasty crap to your computer. (Prior to the sandbox, an app only has to trick you personally, not your OS, before getting to do arbitrarily evil things.)

Unfortunately, like many well-intentioned technologies, sandboxing comes with some trade-offs. The biggest one for me in this case is that certain Mac App Store software that I have purchased and love simply can’t continue to work. Case in point: Flexiglass. I absolutely love the powerful desktop layout management features that it provides. And I enthusiastically purchased it through the Mac App Store so that I wouldn’t have to worry about creating a user account with yet another software vendor and remembering how and where to go to download it when it’s time for a computer upgrade. None of those good parts matter because the application fundamentally needs deeper access to the system than even the most generous application sandbox could possibly provide. This means that I’ll have to switch to directly downloading Flexiglass from its author’s web site, if they even have a way for me to transfer a record of my purchase over from the App Store.

Another thing that isn’t yet clear is if Apple’s first-party App Store apps will be granted additional entitlements. There doesn’t appear to be any way for third party applications to allow plug-ins written by other developers. And I can’t even imagine how something as complex and permission-intensive as XCode could possibly do its job without special immunity from sandboxing restrictions. (There’s absolutely no doubt in my mind that now that XCode ships via the Mac App Store that it’ll continue to ship that way—the experience is just too good. And getting so much better with each release.)

So I’ll probably continue to love the improvements that the App Store makes when it comes to maintaining my software collection, but I really don’t think that I’m going to love sandboxing, at least in its first incarnation when it hits next month. In the end, though, I remain hopeful that we can find some sort of happy place here—Apple is nothing if not stubborn and opinionated, but they have showed at least a few times that they’re capable of working with developers when their usually well-intentioned policies get in the way of actual user experiences.

Will they compromise on sandboxing? (Can they compromise on sandboxing and still manifest the ultimate PC security that they’re fighting for here?) I’m not sure. But I’ll be watching, with baited breath, as this story unfolds. I can hardly wait to see where 2012 takes us in the tech world!

Python package management

Like most good geeks, there are a few things about which I’m a little bit obsessive-compulsive. The desire to bring order to chaos is probably the same thing that attracted me to software in the first place.

One of my strongest compulsions is to want to keep my hard disk squeaky-clean. Don’t get me wrong—I’m really bad at it just like everyone else. But I like to feel like I at least have control over what’s on my hard disk. Every time I install a new piece of software, something inside me worries about whether it added some untracked file that won’t be automatically cleaned up if I ever decide to uninstall the software.

I remember back in the old days, when this compulsion was even more, umm, relevant due to hard disk size constraints. The best you could do for installing the latest whiz-bang software from freshmeat.net was “./configure.sh && make && make install”. Good luck figuring out what files that sprinkled all over your file system, when the time comes to later clean them up by hand.

The General Rise of Package Management

The good news is that things have come a very long way since then. Most Linux distributions have package managers that can conjure up almost any software that you might want with just a few keystrokes. With approximately the same number of keystrokes, you can reverse the installation and rest assured that your disk has been restored to at least close to its initial state.

And it’s not just operating systems that have package managers these days. It’s becoming a de facto requirement for programming languages to have a solid package manager as well. Perl has CPAN, C# and the other .NET languages have NuGet, Ruby has gem, and Python has PyPI.

Every perl whiz knows about CPAN—it’s been around for more than 15 years, and is probably one of the largest contributors to perl’s historical success. Same for Rubyists and gem. Hell, most developers of any sort know about those two package managers even if they’ve never touched perl or ruby as languages. On the other hand, it’s shocking to me how often I encounter a python user who doesn’t understand all of the tips and tricks for making the best use of Python’s equally robust package management tools and distribution ecosystem.

Python Package Management, Specifically

Python has had its own package repository for a very long time.

There seem to be two widely used package management tools in the world of Python. easy_install is the better known one for at least two reasons: 1) it has been around longer, and 2) it is preinstalled with nearly every python distribution (for example, it appears to ship with Mac OS, and is available as part of a default python install on Ubuntu 10.10).

Despite its ubiquity, it’s disqualified from receiving my enthusiastic support because it is incapable of uninstalling packages. (Remember how I started this post off complaining about how that shortcoming makes me twitchy?)

Fortunately, there’s a package manager for Python that does support uninstallation in addition to installation. Its name is pip. (It looks like it may be the case that pip is good for other reasons, too.)

Using pip

To get started with pip, you probably first need to install it. To do that, you’ll bootstrap using the package manager that you probably already have installed:

sudo easy_install pip

Now that you have pip installed, you probably want to install a package or two:

sudo pip install simplejson

sudo pip install e

And to uninstall later if you decide you don’t want them:

sudo pip uninstall simplejson

(You should keep the ‘e’ package—it’s very slick! More on this later.)

Uninstalling pip

I don’t really understand why you would want to do this, but because you installed pip using a package, you can use pip to uninstall it:

sudo pip uninstall pip

For bonus points, you can use pip to uninstall easy_install as well. (I understand even less why you would want to do this, but this actually came up on Stack Overflow.):

easy_install pip
pip uninstall pip setuptools
Other pip tricks
I’ve got a few other Python tricks up my sleeve in pip’s neighborhood (there’s virtualenv, and remember the ‘e’ package above?) which we’ll talk about next time.

Awesome referer hack

I was talking to Roy Leban the other day about how a particular domain registrar of his makes it check-box trivial to redirect from a naked domain (say example.com) to www.example.com, but doesn’t do anything whatsoever to redirect from example.com/someurl to www.example.com/someurl. I was teasing him about needing to get a real domain registrar, but it turns out he has a really slick hack to manage the redirect on the www.example.com side (which happens to be hosted on Google App Engine) since App Engine isn’t cool with naked domains.

What he does is this:

  1. checks the box on his domain registrar to forward from example.com/* to www.example.com/
  2. once the user’s web browser arrive at www.example.com, he checks the HTTP Referer1 header to see if the user came from example.com/something, and, if so,
  3. redirects the user one more time to www.example.com/something based on the Referer (in this case example.com/something).

I’m not sure that solution would have ever occurred to me, but I love it for the hack value.

  1. Merriam-Webster says that should be spelled “Referrer”, but RFC 2068 codified the misspelling “Referer” as the actual header name way too long ago to fix. []

A new kind of Browser compatibility pain?

It’s a pain in the butt to ship a web app that works in all of the relevant web browsers today. It seems that crafting stylesheets that works in all of them at once requires as much specialized knowledge today as writing a compiler did a decade ago.

As the rate that browser vendors are shipping updates keeps getting faster and faster, it’s becoming almost impossible for web developers to keep up. Despite that most of the browsers with fast release schedules are well-behaved and make every effort to be as standards compliant as is practical, each micro-release provides a moving target that requires attention and ongoing effort for each developer to keep in his sights.

As a developer, I’ve certainly been in a situation where someone’s platform changed out from under me, and it didn’t jump to the top of my priority list to fix whichever of my features they broke. Not that my customers care whether it was my fault or a platform vendor’s–I’m sure they were frustrated at me, not at Facebook or Microsoft or Google or Netflix or whoever just made the breaking change in question.

Even Google, who with their Chrome browser, set the bar for frequent, high-quality browser releases, is having trouble keeping up with Firefox’s Chrome-inspired rapid release process. I have two recent examples: 1) the Google Toolbar is not yet compatible with Firefox 5, and 2) Google Docs lost drag and drop support post Firefox 3.6, and they still haven’t fixed whatever broke.

I’m willing to assume good things about Google’s intentions here, and figure that it just isn’t a high priority for them to keep up with the Firefox release treadmill. Surely they’re not being proprietary buttheads and being intentionally incompatible in subtle ways with their competitors’ platforms. After all, that would be evil, right?

As browsers begin to ship faster than ever before in an effort to keep pace with the capabilities provided by iOS and other native platforms, we should, at least in the short run, expect to see much more churn and many more breaking changes (some accidental, some intentional). It’s unfortunate that the churn will be worst in exactly the features that are most interesting and innovative–the features most needed to bring web experiences up to par with their tightly integrated, and much more mature desktop application competitors. (The aforementioned drag and drop into Google Docs is a fantastic example of this.)

I don’t think there’s any perfect short term solution here–I think that we’ll have to continue to trade off which side of the “seamlessly integrated” vs. “web-style application delivery” chasm our projects will be built on. Meanwhile, we know that the browser vendors are (mostly) fighting to make web applications feel as native and integrated as possible, while the native platform vendors continue to snicker to themselves at our browser compatibility pains. Maybe someday we can have the best of both worlds.

Stale blog is stale

Hey, everybody. Been too busy between new kid, move to California, lots of fun work with Cooliris, move back to Seattle, and getting our house cleaned up to make time to get any blogging done. Well, I’m motivated to change that. I’ll have something interesting up by July 1. If not, please hassle me.