Misunderstanding Cookies

Example of Cookie Notification

In a recent column, Tracey Capen posits the reason so many sites are displaying the “This site uses cookies. Click ‘okay’ to continue” banner is because of Advertising—specifically because many people use ad-blockers so the advertisers want to still be able to track you.


Cookies in the EU

He almost accidentally mentions the actual reason for these banners: EU Regulations on privacy. Specifically, the regs state that websites must notify visitors before the site places cookies on the visitor’s browser, AND give them an option to opt out before that happens.

English: Tor Logo
(credit: Wikipedia)

So why do we in the non-EU part of the world see these banners? Because it is simply easier to display the banner to everyone, rather than by attempting to determine if the visitor is in the EU and displaying the banner IFF they are.

There are a myriad of ways to mask one’s location, such as using the TOR network, so the risks of failing to show the banner (and getting fined) versus just displaying it to everyone is a no-brainer.

But what about Advertisements?

Ads—and their ad-delivery network—use cookies in a variety of ways. Advertisers are charged by the networks for impressions (number of people to whom the network delivers the ad or CPM) and for the number of people who click on the ad (clickthroughs). The latter is more valuable to the advertiser and thus the networks charge more.

The ads aren’t directly loaded on the page without the network because there needs to be a system that counts the number of impressions, rotates multiple ads in the page location, and stops showing an ad when the ad’s CPM is exhausted. If an advertiser pays for 5,000 CPM, once 5,000,000 visitors visit the page, the next visitor will not see that ad.

When an adblocker runs it does at least one of two things: it blocks the ad code or (more likely) it blocks the ad delivery network code. What this means is the visitor’s browser doesn’t even request the code from the server; NOTHING from that server is requested. No code means the ad network can’t run and deliver the ads. Also, without a request, there is no cookie.

Even if somehow the site displayed the banner (“please accept our marketing/advertising cookie” Capen imagines them saying), the cookie can’t be added because there is no cookie. There is no ad network that loads. There is no ad to display.

If I’m going to hire you, I don’t want to read your resume

Well, I take it back. I want to remember your name, and I’m terrible at names. So it helps if I have your name in front of me.

Dead-Tree Resume
Dead-Tree Resume

“But,” you ask, “How will you know if the candidate has the skills and experience you need?”

Good question. Let’s look at the purpose of an interview.

The Two Questions

An interview must answer two questions:

  1. Can the candidate do the job now and in the future?
  2. Will the candidate be a good fit for the team?

Neither of these questions are answered by the candidate’s resume.

Wait a minute

Unless the candidate worked for a company doing the exact work, for the exact clients you have, their experience will not tell you if they can do the current job at your company.

Put it this way: would it make sense to compare your company to another in a different industry, with different customers and a different product, and then make a judgement about performance based upon that comparison?

Company Industry # Customers # Employees Product
MyCorp Pharmaceutical 3 7 Blue Pills
Acme, Inc Energy 150 70 Batteries
Initech Accounting Software 3,200 1,500 TPS Reports

We will investigate the 2 questions in a future post.

Adding defensive sanity checks

I recently needed to make a set of several favicons, so I went to the web to see if anyone had a script I could borrow steal.

Sure enough, I found one written by Joshua McGee: “Create a favicon with ImageMagick” (not reproduced here for copyright reasons).

It was a simple enough script, just a series of escaped commands. I noticed, however, that it assumed a few things:

  • An image file was specified on the command line,
  • The image existed, and
  • Imagemagik was installed.

In other words, the script was not developed defensively. This makes sense: it was just a bang-out.

The script had no inline documentation, and if a favicon file that already existed in the current directory would be silently overwritten—not good.

I’m clumsy: I delete and overwrite files all the time, so I could use a little help. Maybe I can tidy up the script? (more…)

Standalone CRUD

CRUD: Create, Read, Update, Delete; actions for managing data usually stored in a database.

Data model diagram picture of an EMPLOYEE data...
Data model (credit: Wikipedia)

A system I maintain has a very unusual quirk: when adding a new element (“blub”) to a list of elements (“blubs”), the system crashes with a generic error.

What this tells me is there is an unmet dependency, probably a join to another database table. I suspect the original developer (OD) created all the blubs manually, then later added in CRUD screens to manage them. For some reason OD never tested creating a new blub.

For any list of things, unless they are constants that will never be CRUDded (okay, reading is okay), the app should be able to Create/Update/Delete them without any manual steps.

Why? Because someday, some schlub who maintains your code is going to have to CRUD. And they will be screwed.

The importance of turning on debugging

Debugging a php script with emacs in geben mode.
Debugging a php script with emacs in geben mode. (Photo credit: Wikipedia)

I was recently testing some wordpress plugin code for an upgrade. As part of my testing, I turn on debugging to see if any errors or warnings show up.

Imagine my surprise when several errors appeared, many of them deprecation warnings. After troubleshooting to determine the source of the errors, I discovered it was coming from the theme I was using.

Without turning on debugging, the site appears to behave normally, which is problematic. One of my objections to many languages and frameworks is that they hide problems from the developer. In many cases, for example, deprecation warnings don’t mean much—except they’re a ticking time bomb. At some point in the future, the code is going to break. Better to fix it now while it is easier to do, than scramble to diagnose and fix lots of code just after an upgrade.

In the case of WordPress (or PHP in general), it would be helpful if the admin area showed everything – bugs and warnings. For novice admins, of course, this would be a support nightmare, as they would have little clue what was going on. The upside is (hopefully) sloppy coders would fix their stuff promptly. Nothing will get a plugin/theme pulled faster than getting an error right after installing it.

Development Languages are not Just Syntax

I recall a conversation I had with a coworker years ago. This fellow mentioned he thought differences between languages (e.g., Perl and PHP) were simple syntax.

example of Python language
example of Python language (Photo credit: Wikipedia)

This is true, sort of. The nuts and bolts for each language (displaying a variable’s value and the like) are same in concept and similar in construct.

<?php =someVar ?>


<% puts someVar %>

You get the idea.

The difference (and where the coworker was wrong), is the concept of how the data flows through the system and which pattern(s) are encouraged/discouraged.

Some languages encourage MVC, whereas others encourage spaghetti and still others encourage a hybrid (or something else entirely, like modules).

What is a language best at?

Going beyond this, what is the language best at doing? Is it installed in places you want to host your code? Do you have data structures/stores that fit better with one language than another?

Picking the best tool for the job is important in delivering a quality product. Choosing which language to use isn’t trivial and can make it easier—or harder—to deliver the solution.


Goals differ from intentions or ideas in several key aspects.

Every goal:

  • Has a deadline
    • A goal is achieved at some point in the future. By having a deadline, the goal is focused, even if the deadline is not specific: “next week”, “next year”, etc.
    • A goal without a deadline is an intention.
  • Is measurable
    • One or more conditions that indicate when the goal has been reached, such as “built my house” (the house is ready for occupancy); “completing a course” (I passed the final / learned the material); “saved up to buy a car” (I have enough money to buy the car)
  • Has an owner
    • The person responsible for moving work forward to achieve the goal; may not be the same person as the one who does the work.
  • Must be reviewed on a regular basis
    • Conditions and people change, so it is important to review every goal to determine if it needs to be adjusted to fit reality.
    • Sometimes goals may no longer be necessary so continuing to pursue them is time better spent in other ways.
    • Some questions to ask about every goal:
    • is it necessary/desired?
    • is work on track to finish by the deadline?
    • is the deadline still applicable? and
    • is it still achievable?

Bulk process RAW image files

Recently I had to convert about 250 RAW image files to PNGs. For neatness, I wanted to convert the upper-case filenames the camera assigned with a lower-case name.

A little bash script-fu is all it took:


# Extract from SD Card
for i in /Volumes/SDCARD/DCIM/100ND40X/DSC_0*; do
 filename=$(basename "$i")
 lower_file="$(echo $filename | tr '[A-Z]' '[a-z]')"
 # verify it doesn't already exist
 echo -e "Processingnt$i tont$newfile"
 if [[ -e $newfile ]]; then
  echo "****SKIPPING"
  convert "$i" "$newfile"

echo -e "Detoxing..."
find . -iname "*.png" -exec detox "{}" ;

echo "Procedure complete."

(“SDCARD”, etc is the path to the source files)

Once the script was up and running, it took about 1/2 hour to process all the files. Meanwhile, I was off doing something else!

How to prevent duplicate directories in your path

Forest Path

Forest PathWhat happens with the Path

The path is set via a myriad of config files. It is very easy to accidentally add the same directory to the path, and there is no built-in mechanism from preventing this situation.

While it has no impact on performance, it does make reading the path more difficult (for example, when trying to see if a particular directory is in the path).

Easy Fix

When you find your path cluttered up with duplicate directories, it is relatively easy to correct this. Simply use pathmunge to add directories instead of the typical

export PATH=/fizz/buzz:$PATH


First, edit your /etc/bashrc (or equivalent) and add the following function:

pathmunge () {
  if ! [[ $PATH =~ (^|:)$1($|:) ]] ; then
    if [ "$2" = "after" ] ; then

Now you can call this function in your ~/.bashrc, ~/.bash_profile, or wherever you need to add a directory to the path. There are two ways to do this.

Insert at the beginning of the path


pathmunge /path/to/dir

is the functional equivalent of

export PATH=/path/to/dir:$PATH

Append to the end of the path

pathmunge /path/to/dir after

is the functional equivalent of

export PATH=$PATH:/path/to/dir

In either case, the directory won’t be added if it already is in the path, preventing duplicates.

Technique credit: Sam Halicke and Christopher Cashell at Serverfault.

Enhanced by Zemanta