Asterisk astobj2.c: bad magic number for object 0x7ff6ac021888. Object is likely destroyed.

Recently we had 2 asterisk servers that were segfaulting, and of course when that happened, all current calls were lost.  This was very frustrating for our customers, our customer service reps, and of course for the us developers.  It was very hard to explain, there was not silver bullet saying “X” is responsible.

So, my boss Kevin and I spent time going through log files, analyzing time lines, researching on the Internet, etc…

Our conclusion is still dumbfounding.

We recently added a new outbound sip provider.  We started only giving them a small percentage of our overall traffic.  During this time we saw 0-1 segfaults each day.  But we didn’t even know about some of them because asterisk started right back up, and unless there was a complaint, we wouldn’t know.

Of course we got the occasional complaint, but we didn’t have an answer.  All of a sudden the last couple of days was showing 4-5 segfaults per day.  Some happening within 20 minutes of each other.  This was very unacceptable and we spent a lot of time trying to narrow down the issue.  It so happened that 2 days ago, we ramped up the amount of traffic this new provider was receiving, subsequently increasing the odds of segfaulting.

At this point, we still don’t know what actually caused the segfault.  We just know that removing that carrier has so far stopped them from happening.

Ugggg… what a PITA.

 

Should My Website Accept Bitcoins?

If you own a website that accepts money, you should be asking yourself this question.

To me, this is like asking if you should accept Yen, Euros, or Pesos.  The fact is, you probably already accept these other forms of currency and don’t even realize it.  Payment processors like PayPal or other gateways handle those exchanges for you.  You tell the processor you want $100 for some goods, the customer pays (currently 10172.00) Yen, and you do not know the difference.

Same thing happens with bitcoin.  Through a payment processor like Coinbase, you can easily accept bitcoin payments and immediately turn them into US Dollars.  The processing fees are so much lower as well, roughly 1%.  Compare that to the 3% that credit card processors charge.

Not to mention, the chance of chargebacks are absolutely zero.  Because bitcoin is a push payment, the customer has to choose to send you bitcoin.  You can’t take what you want, like you do with credit cards.

So the answer to “Should my website accept bitcoins?” is absolutely yes.

 

BitCoins: My Opinion

So, I first heard of bitcoins a few years ago and didn’t wrap my head around them at that time.  (STUPID ME)

I decided to learn more about them late last year.  I had lots of questions myself, and hear them from others, so I want to try and answer some of them from my viewpoint.

Questions that confused me:

  • What are they?
    • First, realize that they are not physical coins.  They are digital tokens (for lack of a better word)
    • These “coins” are generated through mathematical algorithms at a predetermined pace, currently 25 about every 10 minutes.
    • Over time, the amount created will be reduced.  Actually, they are cut in half every 4 years.  At the beginning, they were generated at 50 coins every 10 minutes.
  • How are they generated?
    • They are generated through “mining”.  It’s analogous to gold mining.
    • I recently heard a great analogy.  If you play Sudoku, you know that the puzzles can be hard to solve, but very easy to verify.  This is the key, hard to solve, easy to verify.
    • So every 10 minutes (or so), a kind of computer puzzle is generated.  Thousands of computers around the world try to solve it.  The first computer to solve it correctly, receives the prize (currently 25 bitcoins).  As computers get faster, the puzzles are made more difficult, to try and keep the rate at 1 puzzle every 10 minutes.
  • Should I get into mining?
    • As it turns out, the answer is really no.  Most miners are using very high end computer equipment, running specialized hardware for this.
    • If you do, you should participate in a mining pool, so even if you don’t solve the puzzle, you receive a portion of the prize.
  • If I don’t mine, how do I get them?
    • Turns out easily.  Buy them with USD.  Just like you get Japanese Yen, Mexican Pesos, Euros, etc…
    • There is an exchange rate, so you can exchange money for bitcoins
    • Barter or Sell stuff.  Just like other currency, it’s only worth what someone else will give you for it.

If you are a merchant selling good and services, why would you not accept this currency?  The most usual reason is that merchants don’t know what bitcoin is and they are concerned about the exchange rate screwing them up.  The fact is that as a merchant, you may already be dealing with this very issue.  Your payment gateway may accept Japanese Yen from your customer and turn it into US Dollars for you, without you even knowing.  You can do the same with BitCoin.  Coinbase is currently the largest exchange for bitcoin.  You can think of them just like PayPal, but for this new digital currency.

Furthermore, there are more and more businesses accepting bitcoin as a form of payment.  You can find local businesses through coinmap.org if you are interested.  I’ve seen articles from other people that have tried to live solely on bitcoin, and mostly successfully.  There are some obvious restrictions right now, as not everyone will accept them.

 

AngularJS + Phonegap Works In Browser Not On Device

I was going crazy for the past 2 days trying to get an Angular app running on my phone.  I had it working in Chrome the way I wanted for testing purposes, and just couldn’t get it onto the device.

Basically I would see the index page, but the app would never bootstrap and get going.  I tried with test apps, and it worked fine.  I tried a very basic app with just 2 way binding and that worked.

Solution ended up being not to use absolute urls.  For example <script src=”/js/index.js”></script> does not work.  You must us <script src=”js/index.js”></script>

The reason is that on the device, everything is accessed as a file, so file:///js/index.js does not exist.

Hope this helps someone not spend so damn long looking for an answer like I did.

 

My Drama Filled Day: How A Bad Remark About My SDPHP Usergroup Set Me Off

I had a bad day on Thursday, here’s why…

Just clearing the air here.  Ranting on my personal website, with views from the way I see them.

So I had some personal business to handle this morning and was gone for half the day.  I get back home and have to get to work done, so I get down to it and work with my boss to launch some new code and do other tasks.

I then find out that this morning there was a ton of drama due to the presentation on Laravel 4 at SDPHP last night.  The presenter Chris A Moore (@CAMDesigns) did an amazing job.  I told him right afterwards that fact, and he did what most presenters do and doubted himself.  There were a lot of questions asked, that for the most part he could handle.  There were a few that he didn’t know, and this bothered him.  I can appreciate wanting to be able to answer them, but it doesn’t always happen that way.

He then followed up with the creator of Laravel (@taylorotwell) to get the other questions answered.  Which is the right thing to do.  However, he made the mistake of saying he was heckled (which he definitely was not), and Taylor proceeded to call our group a “shit user group”.   This group means everything to me and for someone to put it down really offended me (and a bunch of my members).  I took this personally and proceeded to tell my friends… via twitter.

Did I over react?  Maybe…

Chris and I discussed this whole ordeal via IRC and he admitted to having been wrong, and he apologized to the group in IRC.  I appreciated it very much.

However, because I aired this in public on Twitter, I don’t think the drama is over.  And I am sure this post won’t help much….

 

Being a 1099 Contractor And Working From Home

I am very lucky in the fact that I get to work remotely from home.  This comes with pros and cons, but for me the pros far outweigh the cons.

I have a very supportive wife that understands that when I am in my office (at work), that I am working and not just hanging out at the house.  She doesn’t ask me to do chores, try to make small talk, or bother me in any way.  I hear from far too many developers that they couldn’t work from home because their significant other wouldn’t treat it like a job.

At the same time, you have to make an effort to separate work/home life.  You have to walk away for some time to clear your head and have family time.  Some people that work at home feel like they are ALWAYS at work, and get burnt out.

I am employed as a 1099 contractor, and wanted to share some things to consider for people new to it.

1. Make sure your pay level is equivalent to what  you feel it should be.  You will be responsible for additional taxes that you have not had to pay in the past.

2. Make sure your pay is high enough to cover your benefits.  As a 1099 contractor, you will probably not have any benefits being provided to you, such as health insurance, retirement, etc…

3. Talk to a tax professional right away.  Don’t wait for the following tax season, otherwise you will probably be faced with some penalties.  As a contractor, you have to pay estimated taxes 4 times a year.

4. Speaking of, make sure to put enough money aside to pay your taxes.  The pay you receive has not been taxed, so take time to put some money into another account automatically, so when if comes time to pay them, you are not caught off guard.  I have heard from some people that didn’t do this and they are paying penalties to the IRS years later.

 

 

Chrome Not Displaying All Flash Objects On My Page

So, I had a very strange thing happening only in chrome.  Phoneburner.com has a way for people to record voicemail messages that they want to leave while making phone calls.  On the page that lists them for the members to listen to before using, we do a simple object embed of a small flash player.

This has worked flawlessly for a long time.  All of a sudden, we noticed in Chrome that some would randomly not show.  In this one account, there are about 20 of these embedded flash players and only 3-5 would show up.  The weird part is that if I refreshed, a different mix of 3-5 would show.  Some would disappear, others would appear.

There were no errors in the Developer Console.  I played with the flash plugins and noticed if I disabled both, reloaded the page, and then enabled the plugins all would show up…

Debugging things that don’t make sense is VERY difficult.  So I went to the javascript console and decided to use jQuery to hide them all and then reshow.  Sometimes that worked.  Ok… getting closer, CSS may be the answer.  I then tried just showing, not hiding first.  Most would show, but not always all of them.  But if I ran it a few times, they would eventually all show up.  WTF?!?!??!!

So I added a dirty hack to make it work.

$().ready(function()
{
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
$(“object”).css(‘display’, ‘inline’);
});

 

Encryption: Trust The Experts, Don’t Roll Your Own

I recently practiced my Tek13 presentation at my SDPHP user group.  What I really like about user groups is the interaction and discussion that often ensues about the given topic.  At the time, one of the members asked me about trying to outdo your adversary with what amounts to “Security by obscurity”.  He was asking about MD5 hashing multiple times to throw off an attacker.  My response was not a good enough reason, but it was the best I had at the time, which was “it’s not a good idea, it won’t do you any good.”

After thinking about it, I have a good reason why now.  I will try to put it into words here.

First, security algorithms are all about best practices and trusting the experts.  Meaning, everything we use today is open source and has been tested by the brightest. Encryption algorithms are very hard to understand, so we shouldn’t try to do it ourselves.

Now for the real explanation.  Hashing just gives us a value, also called a digest.  At the end of the day, at least when it comes to passwords, attackers just want access to the system, not necessarily the password.  Sure, they would love to have that as well, but it’s not necessary.  Attackers can also rely on hashing collisions to give them access.  Let me try to demonstrate.

A hash collision is when two different strings give you the same digest.  So trying to secure your passwords by obscuring the method used, doesn’t really help you here.  All I need to do is find any string that when hashed gives me the proper value.

In the end, follow best practices and use bcrypt now.  Don’t try to make md5 or sha1 work for you in this scenario.  Trust the experts… rolling your own is a bad idea in this area.

 

Tek13: My Goals Realized

I just left Chicago after attending my favorite conference, php|tek.  This is an event that has become near and dear to me, and I am so grateful that the musketeers have stepped in to make sure that it continues running.

I first attended back it 2010, and have continued to grow ever since then.  When I say grow, most people will immediately assume that I have become a better developer, and while that is true, I have grown in more important ways.  I have become less introvert (notice I did not say that I have become an extrovert).  But I have learned to not shy away nearly as much.  I have grown to respect myself enough to know that I am more than I think I am.

In 2010, I decided that I wanted to speak at a conference one day.  I feel I did it the right way by starting off with my local user group.  I didn’t jump right in and try to tackle a conference.  Starting with the user group gives you a great intermediary step.  You probably know many of the members in the group, and it is usually smaller than a conference.

I was privileged enough to give two presentations this year at tek.  My first one, which I felt more prepared for was a little shaky, and I knew it.  :(  I did not take any offense to some of the criticism that I received.  I blame it partially on being the first time I have used a mic, and hearing yourself and knowing that I did not want to over modulate, I tended to speak more monitonely.  I am upset with that fact… I also tended to go through my slides faster than I should have.  I just needed to take more deep breaths and slow myself down.  Overall, I am pleased with the results, and on a scale of 1 (I passed out) to 10 (I knocked it out of the park), I would give myself a 5.1.  I know there is a ton of room for improvement in my public speaking, and I will do that.

My second talk was much better for the most part.  I did no use a mic this time, as the room and number of people were much smaller.  I am very happy that Beth Tucker-Long, joined in for a couple of reasons.  She was the only one to tell me that I needed to speak up.  It’s very easy to start off talking strong and projecting, only to end up trailing off into a conversational voice.  My overall energy level during this talk was much better, and I felt like I was having a conversation.  I hope I was less monotone, and better paced.  What I really like about presenting is the ability to have a conversation with the entire group where I get to learn as much as I may have taught.  If there is one thing I know, it’s that everyone has something to share.  Just because you go to a class to learn, there is probably something you know that can help the entire class (including the teacher).

I set some of my personal goals down on paper last year, and at this point have realized almost all of them.  I have been published in a PHP magazine (twice I may add), I have lost a bunch of weight (2 pounds to reach the goal I set), I spoke at a conference, among others.  Time to break out the pen and write some more down.  Beth and I discussed this and she mentioned maybe adding “book author” to the list…  Intriguing.

Thank you Musketeers.

 

Learn To Know What You Don’t Know

One of the greatest lessons I have learned over the last few years was to “Learn to know what I don’t know”.

This seems like an impossibility on the surface, but digging into the details I found that it didn’t mean to learn everything at once.  The important piece is to know what is out there in general.  It’s important to immerse yourself in your community and keep your ears open.  Listen to what people are talking about, so that in the future, those little snippets may help you.

I’ve attended many user group presentations, and while I don’t always get it completely, afterwards I at least have a clue.  I attended a presentation about Continuous Integration once.  The presentation was over my head at the time, and I wasn’t in a place to put that topic into practice.  A few months later, I knew I was ready to make a change and I remembered the basic principles of continuous integration.  Because I knew about it, I was able to do the research to truly learn about it and put it into practice.

Without having heard that presentation, I may still have been in the dark and would not have been able to implement that simple piece of tech.