Let’s encrypt

I got myself another hoster. Bluehost has gotten really awful, had to move. Right now, one of my mail accounts can’t be reached from the place where I work, so I have to VPN to my home net to check mail(*). They’ve also changed the mail management so I can no longer see how much data is in mailboxes, making moving them iffy (I don’t know if my users have moved out the email or not). And, obviously, I’m not going to go try to make tech support at Bluehost help me.

Oh, just for giggles, not a single way of trying to backup stuff from Bluehost works, neither for small nor for large backups. It’s all borked and tech support won’t even try to do something about it. The workaround is to export the MySQL databases manually, to export WordPress content through the WP dashboard, and to tar the site folders and FTP them out.

I’ve been setting up stuff on Dreamhost now for a week or so. It’s pretty enjoyable; everything seems to work. Dreamhost also has a working implementation of Let’s Encrypt which I’ve activated on everything in sight. So far on this domain, on vard-it.se, and on iota.pro, with redirects to https from http. You’ll notice that some pages still have mixed content, causing security warnings, but that’s because I can’t get WordPress to use https for all images automatically, and I don’t find it worth the effort to go through all old posts to update them all.

(*) Update: turns out the email thing was my own fault. I noticed I had used a server url on my laptop that I had changed in the meanwhile. That doesn’t change my distaste for Bluehost, though.

Our specialist who works on the trace rout department

So from last night sometime, I couldn’t get at my email server. Nobody here could. From another net it worked fine. So I figure I need to talk to Bluehost.com, the hoster. I had a chat earlier today that I had to cut short due to other things. And due to me being close to completely losing it. So this is act II. The only thing that kept me sane during this hour-long confrontation with inanity was the thought of publishing it here. So here you are. Bluehost support in all its glory.

Continue reading “Our specialist who works on the trace rout department”

Autoresizing text view in table cells

Continuing from the previous version, I upgraded to Swift 3 and Xcode 8 (beta 4). Most of the glitches are gone, but every now and then one shows up. So I’m not entirely sold on the whole thing yet. I’m still having doubts if it wouldn’t be simpler to just have the user enter text in a separate popup of some kind, and only display read-only views in the actual table. The problem with that is that it is a lot less intuitive and user-friendly. OTOH, it would work… I get a feeling Apple really doesn’t want us to do editing in text views in table cells. I don’t think any of Apple’s own apps do that.

Continue reading “Autoresizing text view in table cells”

Now with editing and rotation

I went on and extended the autoresizing table cells to handle interface rotation and table editing as well. In both these cases, the width of the table cell content view changes, so the height of the text view needs to be recalculated. To achieve that, you need to wait to measure the new width of the text view until everything has settled down, but this turns out to be surprisingly difficult. The only functions I found that were called late enough in the view update cycle to give me the new definite text view width were didRotateFromInterfaceOrientation in the controller for rotations, and didTransitionToState in the table view cell for editing state changes.

Continue reading “Now with editing and rotation”

Medical IT crap, the why

(Continuing from my previous post.)

I think the major problem is that buyers specify domain functionality, but not the huge list of “non-functional requirements”. So anyone fulfilling the functional requirements can sell their piece of crap as lowest bidder.

Looking at a modern application, non-functional requirements are stuff like resilience, redundancy, load management, the whole security thing, but also cut-and-paste in a myriad of formats, a number of import and export data formats, ability to quick switch between users, ability to save state and transfer user state from machine to machine, undo/redo, accessibility, error logging and fault management, adaptive user interface layouts, and on and on.

I’d estimate that all these non-functional requirements can easily be the largest part of the design and development of a modern application, but since medical apps are, apparantly, never specified with any of that, they’re artificially cheap, and, not to mince words, a huge pile of stinking crap.

It’s really easy to write an app that does one thing, but it’s much harder and more expensive to write an app that actually works in real environments and in conjunction with other applications. So, this is on the purchasers’ heads. Mainly.

A day in the life of “medical IT security”

This article is an excellent description of some of the serious problems related to IT security in healthcare.

Even though medical staff actively circumvent “security” in a myriad inventive ways, it’s pretty clear that 99% of the blame lies with IT staff and vendors being completely out of touch with the actual institutional mission. To be able to create working and useable systems, you *must* understand and be part of the medical work. So far, I’ve met very few technologists even remotely interested in learning more about the profession they’re ostensibly meant to be serving. It boggles the mind, but not in a good way.

Some quotes:

“Unfortunately, all too often, with these tools, clinicians cannot do their job—and the medical mission trumps the security mission.”

“During a 14-hour day, the clinician estimated he spent almost 1.5 hours merely logging in.”

“…where clinicians view cyber security as an annoyance rather than as an essential part of patient safety and organizational mission.”

“A nurse reports that one hospital’s EMR prevented users from logging in if they were already logged in somewhere else, although it would not meaningfully identify where the offending session was.” 

This one, I’ve personally experienced when visiting another clinic. Time and time again. You then have to call back to the office and ask someone to reboot or even unplug the office computer, since it’s locked to my account and noone at the office is trusted with an admin password… Yes, I could have logged out before leaving, assuming I even knew I was going to be called elsewhere then. Yes, I could log out every time I left the office, but logging in took 5-10 minutes. So screen lock was the only viable solution.

“Many workarounds occur because the health IT itself can undermine the central mission of the clinician: serving patients.”

“As in other domains, clinicians would also create shadow systems operating in parallel to the health IT.”

Over here, patients are given full access to medical records over the ‘net, which leads physicians to write down less in the records. Think this through to its logical conclusion…

Server-side Swift

This presentation from WWDC 2016 boggles the mind. It completely overturned all my concepts about server-side nodejs and javascript in general. If you’re into docker containers or anything of the kind, and you develop in Swift client-side, this must be seen.

Let’s hope the project doesn’t die. Let’s hope I didn’t overestimate this.

Somewhat dumb credit card region lock

Visa has a neat feature where you can determine in which regions the card can be used. In my case, it’s “internet”, “Sweden”, “Nordic countries”, “Europe”, “North and central America”, “South America”, “Africa”, “Asia”, “Oceania”. You can set these through the credit card app (mine is from Volvo, of course).

So I disabled all regions except “Internet” and “Sweden”, planning on enabling other regions when I travel. 

Today I got a message from Netflix that they couldn’t charge my card. No explanation why. I called the card issuer and after some digging they explained to me that since I disabled “Europe”, Netflix got refused. Turns out that Netflix charges from region “Europe”, not “Internet”. More specifically from The Netherlands. Once I reenabled “Europe”, the charge went through.

Now, there are several problems with this. First of all, an internet based service like Netflix should be in the region “Internet”. Secondly, if it isn’t in “Internet”, they should at the very least tell us from which region they charge. I had no idea Netflix charges from The Netherlands. How could I? It’s not reasonable to expect us to check with the card issuer every time this happens, and have them go dig through logs (took them 10 minutes to find, so it wasn’t trivial).

Worst of all, this kind of thing implies that you’d better open up a lot of regions you’re not travelling to, since you don’t know from which regions different internet based companies do their charging.

Having the card processor issue meaningful error messages, not just “sorry we failed”, would definitely help a lot, too.