Posted on

5 Archetypes of Organizational Culture

According to Freire (2007) there are Five Archetypes of Organizational Culture. Naturally, these cultures are based on, developed and perpetuated by leadership. Those he names:

  • Customer-Centric - The Customer is everything
  • One-Team - Oneness is everything
  • Innovation - Learning is everything
  • Achievement - Getting the job done is everything
  • People-First - Our people are everything

Now at first the One-Team and the People-First look suspiciously similar, however the former has the people sublimating themselves for the organization, and the latter has the opposite.

Customer-Centric Culture

  • CEO spends a lot of time with customers
  • Effective listening is widespread
  • Client issues are part of every meeting
  • Top investments go to client initiatives
  • Untrained staff never put in front of the customer
  • People proudly share stories of exceeding customer expectation
  • Customer feedback integrated into everyone's compensation
  • Those closest to the customers know more about their needs than senior leadership
  • Are you really a humble organization?
  • Are you really a learning organization?
  • Is the relationship based on trust and reliability?
  • Is there arrogance and rejection of feedback?

One-Team Culture

  • Willing to sub-optimize subsystem to optimize overall system
  • Once agree on what is best for the firm, will follow decision
  • Work is done by one group on behalf of the whole
  • Remuneration encourages facilitating the work of others
  • Reporting lines and structures recognize dual-citizenship
  • Move people around through the organization to gain broader perspective
  • Most people have good motives
  • Generosity and sharing, trustworthiness, openness
  • Not territorial or silo mentality
  • Japanese style

Innovation Culture

  • Experimentation, risk taking
  • Experience is valued
  • Resources given to Research and Development
  • Lots of learning processes and meetings
  • A lot of rigorous measurement focused on continuous improvement
  • Curiosity, courage, openness, learning
  • If it isn't broken, break it anyway
  • Not risk averse
  • Shoot for the stars
  • We are not here to count the pens, we are here to change the world

Achievement Culture

  • Culture of accountability
  • Meritocracy, my word is my bond, truthfulness
  • Bottom 10 % needs to go
  • Clarity in communication of goal-setting
  • Healthy confrontation when excuses for nonperformance are given

People-first Culture

  • Encouraging people to grow
  • Give under-performers a second chance
  • Symbols of lack of hierarchy
  • A lot of training, workplace development
  • Believe in diversity, opportunity, trust
  • No distrust
  • Find people the right place in the organization

Organizational Cultural Change is Hard

Organizational change is a huge undertaking, and in many cases simply falls short. I appreciate that Freire says it takes about two years to shift cultural focus of an organization.

Also, though it really doesn't work well, Freire suggests it is possible to build all five cultures into a single organization. A well-rounded organizational culture is a fairly bland culture, but of course each of the types of organizational culture has elements that any decent organization should embrace. It is simply that one type needs to be primary.

But how can leaders change or enhance Organizational Culture?

Leaders Send Messages through Actions

  • How do you as a leader do things
  • Distance between walk and talk
  • What you do says what is important, role meeting
  • How do you run meetings, how much time in meetings are spent focusing on customers, change, etc.
  • Symbols are the calendar and the checkbook
    • Time spent on things shows value
    • Money spent on things shows value
  • Who gets promoted, why, office space
  • Role as storyteller, what are the stories? They show values
  • Planning and budgeting process
  • Compensating people based on achievement, learning, customer
  • What are people rewarded for doing?

Hofstede and Dimensions of Organizational Culture

Freire has a nice set of cultural types but the idea that there are only five types doesn't get at the why, the actual dimensions of organizational culture, and how to measure it. For that, Geert Hofstede is the best source.1

  1. I actually met Hofstede at the University of Hawaii in the mid 2000s. He had a connection with the university in the past, and on occasion would visit and give a lecture or two. He spoke at a seminar and was charming. I've also read in depth both Cultures' Consequences and his research on Organizational Culture and related publications. For a popularization of this academic research, see Cultures and Organizations: Software for the Mind

Posted on

Lex Titia – End of the Roman Republic

Movement from a democracy to an autocracy seeks legitimacy in legal and democratic terms. Because the transition is from democracy, there is either implicit or explicit democratic action that is taken to limit or essentially destroy democratic power. This is seen throughout history. Why an autocracy needs such legitimation is mostly an issue of propaganda, but it is universally sought.

The Lex Titia was a law granting the Second Triumvirate power over democratic laws and institutions. Typical means were employed to have such a law passed, mainly control over the military, death sentences on the killers of Julius Caesar (which was extended to political enemies), and of course bribery and intimidation, threats, lies, murder and corruption.

In Juntaland, the same thing applies, but of course at a much smaller scale (excepting the the bribery, intimidation, threats, lies, murder and corruption -- which are indeed first rank). The collusion of a few to effectively be permanently placed above the electorate and their political desires, well, that is where we are now with the draft constitution.

Pericles and Direct Democracy

While representative democracy seems obvious, there have been and still are more direct democracies. This indeed is really what is at stake and how a disdainful military conceives of voting.

Do gardeners working outside of the Parliament’s building or farmers know anything about democracy? Of course not. Don’t talk to me about citizenry. Those people only go to vote because they were paid. -- Prayuth Chan-ocha, 01 January 2016

Indeed, gardeners and farmers do know about democracy, in ways the so-called Prime Minister does not, though that should be obvious since the military is the one who subverts democracy every few years. The military may accuse the electorate of venality (even though demonstrably untrue), yet they are the ones who are disenfranchising the electorate, and at the same time running roughshod over human rights and denying individuals and communities their self-determination.

Posted on

WordPress Plugins Redesign 2017

If a phrase could sum up what we've seen so far in WordPress in 2017 it would be something like:

Bureaucratic nonsense, shitty design, tone deaf development.

The Core crew and their work on Plugins has recently turned from tragedy to farce. While these hardworking plebes have put in the hours, their result is, frankly, pathetic. They couldn't do much worse if they tried. They've broken search (which was crap to begin with, worse now), and their design is optimized for an ipad, nothing bigger or smaller. At every turn there has been scorn placed on requirements and suggestions proposed by developers, because, well, they are developers! And damned be the developers. (It has a kind of anti-Microsoft ring to it.)

Plugin Repository Redesign Fiasco

Before we start in on WordPress, and search, it is useful to understand my own background regarding WordPress, and search. I've used WordPress regularly since Kubrik (v1.2, 2005). My experience with the web, and search, was earlier. From 1999-2001 I took courses in old school library science, information science, newly spawned information architecture (a combination of library science and human factors, rebranded user experience), and the like. I graduated in 2001 with an MS in Information Management and Systems (a unique degree name, our gown color was from the more established MS in Information Science degree).

What brought me to the attention of the program, then named Information Management and Systems, hence rebranded the School of Information, was the book Information Rules by Carl Shapiro and Hal Varian. Hal had become the Dean of the School. I applied and two years later was a part of the third graduating class. (Hal later left and became the Chief Economist at Google.)

The school is the newest (and smallest) school at Berkeley. However, its roots at the school are ancient, and it is situated in South Hall, the oldest building on campus, constructed in 1873, and original home of the first Physics laboratory in the United States. Essentially it is a re-organized library school, with new faculty hired with dual appointments at several different schools across campus, including the Law School, Computer Science, Engineering, Economics, Public Policy, etc. This provides a necessary interdisciplinary and multidisciplinary orientation.

When I attended, it was as a former Berkeley grad in Interdisciplinary Studies Field, with a focus on literature and philosophy, who had become a network engineer in industry, over the previous five years since graduation. My interests were not so much with the data networking I had been doing, but the burgeoning startup scene (and incipient collapse). I was interested in programming, and developed some skills in that, but it turns out that the various courses available were intrinsically interesting and they provided a basis of modern education I use today, including:

  • Product Design (Mechanical Engineering course)
  • Intellectual Property (Law School course)
  • Internet Law
  • Information Classification
  • Usability and Interface Design
  • Information Retrieval*
  • Library Services*

*This last one was a surprise to me, and actually I don't recall why I took these old school courses from Michael Buckland, which turned out to be the most relevant, not least of all because these drive search on the Internet.

Information Retrieval and the Found Set

The two basic concepts, exploited to great effect by Google, is based on the human concept of relevance. Relevance is always what is relevant to a given searcher with a particular information need. Again, this is a human concept, and therefore can only be approximated by a machine, which ultimately needs human judges to evaluate its effectiveness at relevance approximation.

The human judges in terms of relevance, it turns out, are retired CIA analysts. The basic (human) search is as follows: given an information need, and a set of results (documents), which of those documents are relevant to the information need.

Before the use of computers, there was a mechanical use of cards (which held metadata about certain documents). These cards would have holes punched in them at various places in two dimensions. Those holes corresponded to certain categories. Rods could be inserted in these holes through a set of cards. The cards that stayed connected to the rods were the relevant ones, and those that were not were called the dropped set.

The initial categorization via hole-punching was replaced by a vector-space model determining the content (category, keyword) relevance of a given document to a given query. Conceptually this is still the same, though the algorithms are much more complex these days. And so, what is important is what can be known through metadata (title, description, age, etc.), document structure, and the content of documents (words, phrases, word count, other patterns). There is then a matching of a search term with related documents. This again is the found set, as above with cards.

Relevance Ranking and Signals of Eminence

Once a found set is known, the question comes (in an age of an abundance of information, but a deficit of attention) to ranking. For scientific journals, ranking and impact analysis was driving by work in citation analysis by Eugene Garfield in the 1960s and 1970s (but first posed in the 1950s), and enabled by increasing statistical analysis done by computers. Citation analysis across articles could attribute the impact of a given journal to what was published there. This meant that future articles in a given journal would have a higher or lower probability of citation, but also that it could clearly indicate which articles themselves where more more relevant.

Google's Larry Page Rank derives directly from this, in terms of a link being a citation. There is obviously more noise (and opportunity and incentive for link-fraud than in scientific publishing), but the basic correlation remains. A large amount of variance in search results ranking is (still) explained by the number of domains linking to a given URL on the Internet, with attenuation based on the quality or authority of the linking domains.1

Google's Giant Feedback Machine

The thing about Google is that it not only has inputs, but can determine based on human behavior in clicking, what kind of modification of the initial results should take place. This is an extremely dynamic situation, where clicking on results, the use of the back button, and subsequent repeated searching can provide evidence of less relevance. Of course, and in addition, personalization is important and useful.

Simplicity of Search vs. Wall of Browse

Google's rapid popularity, when faced with incumbents such as Yahoo! with hundreds of humans (doing effectively the same CIA Analyst task previous to mechanization, computerization, and digitization), was clearly due to in some sense mastering relevance and deploying superior search algorithms. In particular, long-tail searches were famously rewarding, while short-head searches still occupied, well, the short-head (large search volume). Google could do well for both kinds of searchers, and those in-between. The I'm feeling lucky button meant to show that the number one result was within easy reach of most, yet slowly expanding searches were well supported. Additional parameters for constraining searches to particular file types, searching within a given domain, and date ranges helped increase the tools available.

Wither WordPress 2017

Faced with two decades of Google's search effectiveness and public facing search tools, WordPress began a project to revamp the search interface and search algorithms for their WordPress plugins. The first Plugin page revamp was rolled out in 2015. From the comments it becomes clear that things are being broken that people use. A 2016 Plugin Search prototype released to the public garnered the same kind of response, namely lots of things wrong with the new design, breaking things that worked before, minimal improvements, and generally poor reception.

WordPress Plugin Search User Interface

The search user interface, and in general the plugin repository user interface, in a word, suck. And the attempts to improve, over the past two years, should be considered a failure. This is not mere preference. Rather, the signs of failure are prevalent and are indicative of a greater problem, that of a lack of expertise at designing user interfaces for human use. I make this distinction for human use rather than simply user interface design because clearly there is some level of coding that is being implemented. CSS and PHP are indeed known and used. The search isn't broken in the sense of not working altogether, or returning nonsense. Search is rather not working in the sense of disempowering current users, making some rudimentary usability and human factors mistakes, and most important, the development team does not have an effective process for making the interface better for humans. Some basic errors:

  • Removing features people use and like, but that a minority use and like (apparently they don't matter)
  • Less information density
    • Less shown on a page, and less information about each item (e.g., last updated info removed on the results page, only present on each plugin)
  • Slower search results
  • Removing Ajax (saving data without refreshing the screen) from the liking function
  • Not accounting for screens larger than an ipad
  • Not including features people have been asking for, for years, such as sorting and filtering on search results
  • Never getting around to organizing plugins into categories, and instead keeping tags that are a free-for-all (now limited to five maximum)
  • Hiding information (mostly very little in each instance) with Read More links that are simply javascript
  • Removing the tabbed interface and requiring additional scrolling and Read More link clicking
  • Removing links to download earlier versions

WordPress Plugin Search Algorithm

Besides the user interface, adding, removing and rearranging various bits, there is the basic algorithm. Obviously, as per the previous history, it is important (or rather, the goal) to approximate human relevance. Relevance has to do with searcher intent, which is itself approximated by search terms, and searching behavior (clicking, back button, searching again).

So what does the WordPress team do in terms of ranking? Well, it makes the Last Updated date (more specifically, the tested with WordPress version) as a huge ranking factor. But this feature is one the community has no say over (meaning, it is not a feedback feature from actual behavior), and it is the easiest one to game (change a bit of text, resubmit plugin, repeat after each WordPress version release).

Ageism at WordPress

For Google (though indeed, it gets it wrong sometimes) age is a positive ranking factor. WordPress ignores this completely, and puts last updated as the only age-related factor, essentially the opposite of Google.

Exact Match at WordPress

We no longer have the exact match search in place. The new search is more relevant to current events. If you don't maintain it, it will fall out of rank. -Samuel Wood (Otto)

No exact match. Really. Actually. Honestly.

This is a huge problem for people looking for an exact match, that is, they know the name of the plugin. I searched for Post Tags and Categories for Pages and it came up on the 5th page of results. I guess I should count my blessings as there are 163 pages of results for that query. 163 pages! If someone knows the name of the plugin (who cares if it is 2 years out of date, the plugin still works and I use it on multiple sites), but can’t get an exact match, just exactly how are they supposed to find what they are looking for?

More relevant to current events shouldn’t destroy the relevance of historical events.2

The main response to this search problem that has been introduced, was simply repeating the demand that a new version and new tested to WordPress version be added by the developer. But this is a bureaucrat's argument (the plugin developer has not updated the form correctly, therefore your request for their plugin is not legitimate).

If the last update date is all that matters (stellar reviews, large numbers of active installs, and exact match text matters little), then the preferences and activity of the community are shown no respect. The community does not have control over when a plugin developer can/will update a plugin, but they have control over the other factors (that is, installing, using, rating positively, and searching for a plugin by name). This is not an edge case, as there are many plugins in this situation. They should not be penalized. They should have exact match text respected, along with the other community factors.2

Tested Up To vs. Works With

There was a useful feature which allowed users to vote as to whether the most recent plugin version was working with a specific release of WordPress, or not. It was a simple does/does not work and a WordPress release version drop-down. It was community-driven information. And for some plugins (either newly updated, or not newly updated) it provided some information (though of course it could be inaccurate). Still, it was something, and there are many reports that the information helped. That feature was removed.

Now, when users complain about that feature being removed, they are told that people didn't use it (of course they did, you are hearing from them). And they are then told that the plugin developer should update the metadata of their plugin showing Tested up to.

This is purely bureaucratic thinking. But it is a valuable question as to who benefits from this situation. It can only be developers who want to promote their plugins that are otherwise being eclipsed by not or not-often updated plugins (usually the older ones).

Support Forum Use Requirements

If a support forum is ignored by a developer, woe unto them. Regardless of the relevance of support topics, if they are not managed quickly, and marked resolved, then that will impact the search rank. Again, more bureaucratic thinking based on rule-enforcement. These kinds of ranking signals can only be considered legitimate by other developers who wish to penalize those who do not follow their (the WordPress Core developers') rules.

First, not everyone knows how the support forum works. In many cases you see developers for whom English is a second language, forced to deal with questions in English (and with a Support Forum in English). Secondly, there are plugins like Contact Form 7 which as of 30 March 2017, has 141 out of 703 issues resolved in the last two months. CF7 is very well known, but the usefulness and use of the support forum for this, and other plugins is minimal at best.

The Support Forum for WordPress Plugins has always been a mixed bag. Some plugins simply have no one watching the support forum so there is no information (except perhaps that someone else might have the same problem). Sometimes other users help answer, but they have no ability to mark the issue resolved, as only the issue creator and the developer have that ability.

In many cases, developers state directly that they have a support forum at another location and to address questions there (which of course some people ignore and post questions anyway). Support Forum use should not be mandated, or used as a signal for relevance. Rather, it should (if kept) be optional to use, and either toggled on or off, with an optional URL pointing to an off-site support forum or simply an email address for support.

A Plugin Repository is not General Search

Certainly, search in a plugin repository is not general search, but rather should be a more organized, faceted classification (tags and categories). But this is not the case. Rather, this kind of metadata is not organized, but ad hoc, and determined by developers alone. In the latest version, there is now a limit on tags (up to five), but where did that come from? From the algorithm folks, who prefer to have fewer signals to deal with (and no actual user behavior involved).

A Lesson from An Electronic Cultural Atlas

To round out the UC Berkeley Ischool reminiscences, I recall vividly a talk by Lewis Lancaster, possibly the Platonic ideal of a gentleman scholar. He was someone people would do anything for, a truly magnanimous and gifted scholar. He saw clearly, decades ago, the need for interdisciplinary research in the humanities, and that technical skills are needed alongside that of the historian and cultural researcher, in order to present information in a way that provides original insight. Digitization is but the first step, information retrieval and visualization meant to show things that are otherwise hidden, that is the real feat. To which end Lancaster founded the Electronic Cultural Atlas Initiative.

The problem with WordPress Plugin development, that is clear to even the most cursory evaluation:

It seems like backend developers create such a design. Boring minimalism. ?3

This is the heart of the failure (or the failure of the heart of it), is that there is no cross-disciplinary team involved. There are essentially programmers doing the work that should be done by experts from other fields. The provisioning of human relevance needs more than PHP and CSS code wranglers. It will continue to fail without the fresh air of authentic collaboration with, and leadership from, those who are not developers first and foremost.

Facebook and WordPress interfaces are similarly bad, based on the same kind of DNA: Run by founders who are at base PHP coders, driving an engineer-centric culture, whose insular thinking continues to produce an unremarkable product (whose minimal progress occasionally goes in reverse).

Where to Begin Again, The Appstore

To begin again would be to first take people's lived experiences as a place to explore and respect, and their suggestions, to follow. Doing a redesign is all very lofty, but how about fixing what can be fixed easily first. For example, plugin screenshots have no lightbox, something simple to fix. Sorting and filtering search results by certain criteria, something asked for, for years, and ignored yet again.

Second, orient toward the kind of search that makes sense for a plugin repository, which is an appstore. Appstore search is difficult, as the atrocities that are Apple and Google demonstrate. However, there are some basic features that make sense: collections, categories, and the app (plugin) display page. These are all huge, low-hanging fruit for WordPress plugins. But of course, not sexy like search algorithms, to a back-end developer, so they play with search algorithms, while the user experience languishes and ticks down further.

For people to take the plugin store seriously, WordPress needs to take it seriously. In the face of requirements for plugin developers to regularly update their plugin (even when it is not needed) and babysit the required support ticket system, the ongoing force-feeding of a badly out-of-date plugin -- Hello Dolly -- is simply a joke.

Posted on

Shichida, Heguru, Right-Brain Scams

Shichida, Heguru and other so-called "right-brain" learning methods, to put it plainly, have no evidence for their efficacy, and in large part the theoretical statements they make about how the brain and learning works are largely discredited by current learning and brain development research.

These kinds of so-called "schools" should be considered scams for the middle-class and wealthy parents who are largely themselves ignorant about how learning works, and are unable to critically appraise the claims of these schools. At base there is the anxiety of parents for their children to do well, and a willingness to latch onto fantastical claims and pony up from hundreds to thousands of dollars for these kinds of classes. In some cases, there is actual damage done to children as the focus is so much on performance and achievement rather than exploration and engagement in general. In actual fact, these systems are largely the complete opposite of Montessori, which has strong evidence and is the only type of early childhood development program that is research-based:

Right-Brain vs. Montessori

  • Teacher-directed vs. Child-directed
  • Learning material without any research base, vs. research-based learning material
  • Drill and rote learning vs. material manipulation and exploration
  • Predominantly single pace-classrooms vs. predominantly individual pace-classrooms
  • Fantastical claims about every child being a potential genius vs. credible claims about every child being able to achieve self-development and above-average test scores
  • Focus on performance vs. focus on contentment

Critical Reception of Shichida and Heguru

There is very little critical reception of Shichida and Heguru, critical in terms of looking for evidence of claims, both positively and negatively. Essentially these methods and schools thrive in the gullible markets of Asian education hopes and aspirations of credulous, first generation middle-class parents who themselves have deficient education, and live in societies where magical thinking is still very much the norm.

Articles which show some Skepticism about Shichida

Gullible Parents, Wishful Thinking, and Websites that Make Money off of Them

How to Spot Fraud regarding Education Claims

The biggest clues to fraudulent education and learning claims are what is missing, and of course what is highlighted in place of the missing. Like with Sherlock Holmes it is the dog who doesn't bark that should be noted.

What you don't see in fraudulent claims

  • No reference to any scholarly or research articles or books
  • No association with research groups or organizations (other than one's own self-appointed research groups or non-research academic groups)
  • Lack of use of scientific or scholarly terms

Where the focus is for fraudulent claims

  • Media coverage (of any kind)
  • Photos or video of conferences or meetings
  • Single case examples of success taken as the norm
  • Non-scientific, non-experimental performances of individuals
  • Awards of various kinds from various (non-scientific) organizations

These are part and parcel the accouterments of status in the ream of education and professional development, and practiced to the extreme in Asian countries and cultures. Some organizations and self-promoters go to the extent of inventing their own awards, and then having a group award it to their members. A sure-fire piece of Asian-style public relations.

Media Coverage of Shichida Method Classes

Below is partially skeptical media coverage of Shichida classes in Australia, though I still think this is not nearly critical enough, no investigation of claims, just airtime to air them, sad.

Posted on 1 Comment

Notes on Sleep

Read This Book on Sleep (2020)

Bill Gates recommends the book Why We Sleep, and it is excellent. All of my notes above need to be revised with this book in mind. I highly recommend reading it, to get more science, less psychobabble.

How Much Sleep is Enough? (2018)

Now that my eldest son is 3 years old, there may be some changes to his schedule (he still takes a nap most days, but he is staying up past his traditional bedtime, so this became a question for me: How much sleep is enough?

Well, there is a range of answers, depending on ages, such as:

Mayo Sleep Recommendations

Age group Recommended amount of sleep
Newborns 14 to 17 hours a day
12 months About 10 hours at night, plus 4 hours of naps
2 years About 11 to 12 hours at night, plus a 1- to 2-hour afternoon nap
3 to 5 years 10 to 13 hours
6 to 13 years 9 to 11 hours
14 to 17 years 8 to 10 hours
Adults 7 to 9 hours

*Note that there are differences in particular circumstances such as illness, pregnancy, and the like.

CDC Sleep Recommendations

Age Group Recommended Hours of Sleep Per Day
0–3 months 14–17 hours
4–12 months 12–16 hours per 24 hours (including naps)
1–2 years 11–14 hours per 24 hours (including naps)
3–5 years 10–13 hours per 24 hours (including naps)
6–12 years 9–12 hours per 24 hours
13–18 years 8–10 hours per 24 hours
18–60 years 7 or more hours per night
61–64 years 7–9 hours
65 years+ 7–8 hours

Note on bedtime (2020)

The book Why We Sleep is excellent and one main point is to always go to bed and wake up at the same time. One cannot deposit or withdraw sleep from a sleep bank. When facing sleeplessness, there are some specific things to do (limit blue light, no active displays before bed (video, computer screens), don't eat before bed, bedroom cool enough, shower before bed (helps cool core temperature), darkened room, etc.).

Our children are now 3 and 5 years old, needing 10-13 hours of sleep including naps. They usually get 1-2 hour naps but sometimes no nap and sometimes 3 hours. Bedtime is 8pm, though it can be 8:30 or sometimes 9pm before they get to sleep (after reading stories, etc.). Wake up is at 6am or 5am for the older boy if he goes on an early exercise bicycle ride.

Sleep Training (2016)

With teeth and teeth brushing comes the need to sleep through the night, or at least change the nighttime feeding into nighttime watering. Turns out that this happens about the same time as toothbrushing should, or somewhat thereafter.

We are entering the zone of the final few months of the baby's first year. At 10 months, kicking dad throughout the night has gotten a bit old. So it is time to make several changes:

  • Co-sleeping
  • Nighttime weaning
  • More and better tooth brushing

The question is the correct method and also sequencing. Probably the most traumatizing should come first.

Resources for Sleep Training

These articles are from the very informative Dr. Craig Canapari.

Monophasic, Biphasic, Polyphasic Sleep (2012)

There will be sleeping enough in the grave. --Benjamin Franklin

Polyphasic Sleep is when sleep occurs at more than one point in the 24-hour cycle. Otherwise known as napping, it is possible to shorten the length of sleep for all sleep periods and end up with less time overall spent sleeping. The reason this is possible, is that the sleep periods (theoretically) become more efficient in delivering the kind of sleep needed for restfulness. Power-napping is another term for this, but the power part comes from a compression of sleep stages.

Some people are able to supposedly get by on 3 hours of sleep this way, and it has been ascribed to such people as Thomas Edison and Winston Churchill among others.

Benefits of Sleeping Less and More Often

The purported benefits besides an increase in available time (quantity) include as well quality indicators such as increased alertness, creativity and health. However these benefits have been (somewhat) debunked on Supermemo. The main issue that they take with this practice is that sleep deprivation is necessary in order to entrain one's sleep pattern.

Naturally Polyphasic

This is obviously true... Or is it? If my current sleep pattern is not actually natural (quite a bit of historical as well as EEG evidence that humans are naturally diphasic).

Extreme Sleep Conditions

In extreme situations such as battlefields and extreme adventure sports, sleeping less is mandatory for success. Enter the Uberman (aka Superman, Uebermensch).

Uberman Sleep Schedule

The rather heroic Uberman sleep schedule, which is 20-30 minutes of sleep every four hours, is not something I am going to try for. I don't need that much of a change and also, there doesn't seem to be much room for error there regarding the actual function of sleep. Instead, all I need to do as a result is one more hour of productivity without any loss of energy/alertness, etc. I intend to do more reading and more exercise during this time bonus, if and when it arrives.

Five Interval Sleep Phase

My initial experiment (beginning 11-AUG-2012) will be one hour sleep periods five times per day, at approximately:

  • 8am-9am
  • 1pm-2pm
  • 6pm-7pm
  • 11pm-12am
  • 3am-4am

This fits my schedule which is fairly flexible, but needs a 4am wakeup for early morning running, a 10am-12pm classes and 3pm meetings several times per week. This also allows me to have an early dinner (at 5pm) or late dinner (7pm+), and not need to sleep at night until 11pm. Also this would allow me to do a late night dancing from midnight to 3am (which my current monophasic sleep does not allow).

Updates on Sleep Experiment

  • Day 1: Took the naps during the day, and had more energy, but got tired (as always) later in the evening. Slept from 11pm-4am. Which means I had 8 hours of sleep (which is more than I usually do). Therefore slept more, ate more, and had more energy.
  • Day 2: Similar to day 1. Took naps (the 2pm was difficult, only 30 minutes and got back up). Instead of the 6pm nap, went for a two hour Thai massage. Then to bed at 10:30pm. Heard the 1am alarm but ignored it. Heard the 3am alarm (to nap again), thought of getting up, but didn't. Heard the 4am alarm and then stayed in bed. Got up at 5am for the run. This mean 8.5 hours of sleep. Even more!
  • Day 3: ...

Conclusion on Sleep

I've learned this isn't going to work out, I am sleeping more, not less. And there are times I put off the nap, can't get to sleep, can't wake up easily, and also the habit of sleeping through much of the night. However, my awareness of sleep and its effect has dramatically increased. There are some studies which conclude that modern man is basically sleep-deprived and this has disastrous effects regarding accident rates, attention in the workplace, not to mention basic physical well-being.

I've come to realize, especially at my advancing age in the upper 40s, that sleep and naps should be grabbed at every reasonable opportunity. Note: This is the same for early-to-mid 50s.

Posted on

PHP and MariaDB on Debian

Note: instructions for installing and configuring phpMyAdmin also included below.

Related Artices in Debian Services and Applications - Debian on AWS Lightsail - OpenVPN on Debian + UFW Firewall - Nginx and Letsencrypt on Debian - PHP & MariaDB on Debian - Grav CMS on Debian

As of December, 2018 there are decent performance gains with the latest PHP and MySQL (MariaDB, not Oracle) versions. These are: - PHP 7.3.0 released 06 Dec 2018 - Next PHP release 7.4 likely out December 2019 - MariaDB 10.3.11 released 20 Nov 2018 - Latest MariaDB release 10.4 is in release candidate status as of May, 2019. It would be good to do a new version along with PHP when it's next is released, say Dec 2019/Jan 2020.

PHP 7.3 outperforms PHP 7.2 and earlier versions on nearly all real-world web cms platforms. At the same time, MariaDB does indeed have performance enhancements which generally make it faster than the Oracle offering. For MariaDB the performance advantages have been apparent since at least MariaDB 10.1 vs. MySQL 5.7 back in 2014.

This is no surprise, being that MariaDB was founded and developed under the direction of the original MySQL founder. The main advantages technically are better thread management and defragmentation of the MariaDB than MySQL databases. In addition, a larger variety of engines are available under MariaDB including NoSQL (Cassandra).

Set up PHP Repository and Certs

sudo apt-get install apt-transport-https lsb-release ca-certificates
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg
echo "deb $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list

Update and Install PHP

Currently this is the 7.4 branch

sudo apt-get update -y
sudo apt-get install -y php7.4
sudo apt-get install -y php7.4-cli php7.4-common php7.4-curl php7.4-fpm php7.4-gd php7.4-json php7.4-mbstring php7.4-opcache php7.4-readline php7.4-xml php7.4-intl php7.4-zip

Update and Upgrade apt

sudo apt update -y
sudo apt upgrade -y

Verify php-fpm status

systemctl status php7.4-fpm.service

stop injected data into server returns

sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.4/fpm/php.ini
systemctl restart php7.4-fpm.service

Edit php7.4 php-fpm conf file if needed, e.g., increase upload size variables.

nano /etc/php/7.4/fpm/php-fpm.conf

Make the following changes:

cgi.fix_pathinfo = 0
max_execution_time = 300
upload_max_filesize = 32M
post_max_size = 32M

MariaDB - Install cert manager, key, repository

currently 10.3

sudo apt-get install -y software-properties-common dirmngr
sudo apt-key adv --recv-keys --keyserver hkp:// 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] stretch main'

Then perform update and install mariadb-server

sudo apt update -y
sudo apt-get install -y mariadb-server
sudo systemctl status mariadb

Enable auth socket

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

Add plugin-load-add = in the [mysqld] section. Then save and restart MariaDB.

sudo systemctl restart mariadb.service

Secure the database

sudo mysql_secure_installation

PhpMyAdmin on Debian

Provided that Nginx and LetsEncrypt SSL is installed and configured. It is time to install PhpMyAdmin

sudo apt-get update
sudo apt-get install -y phpmyadmin

Add a symlink from /usr/share/phpmyadmin to /var/www/html or whatever directory for whichever website

sudo ln -s /usr/share/phpmyadmin /var/www/html

Note for security through obscurity, rename the link

sudo mv /var/www/html/phpmyadmin pma

Install and enamble mcrypt in php, and restart php-fpm

sudo apt-get install -y mcrypt
sudo phpenmod mcrypt
sudo systemctl restart php7.4-fpm

Test to see if it works


Limit access to /pma/ by ip address, by editing the nginx configuration

nano /etc/nginx/sites-available/default

Add the following line to the top above server:

geo $admin { default 0; 1; }

And put a nested statement under \.php as per this StackOverflow answer

location ~ \.php$ {
    location ~ (/phpmyadmin/) {          # add this
        if ($admin = 0) { return 404; }  # add this
        ## fastcgi parameters            # duplicate these lines
    }                                    # add this
    ## fastcgi parameters ##
Posted on

ufw, firewalld, iptables on Amazon Linux

ufw is known as a Debian (and Ubuntu) firewall, which is disabled by default but easy to use. There are some GUI front-ends which make it popular for Linux on the desktop. Coming from a CentOS background (RHEL/Amazon Linux AMI), ufw is not as common (as, say firewalld, or simply iptables, to which both ufw and firewalld are more or less interfaces).

Recall that netfilter is where the actual firewalling takes place, with iptables an interface on top of that, and ufw/firewalld as interfaces on top of iptables. Given this, there is no reason why ufw or firewalld cannot be run on any linux, provided packages (or compiling) are available.

Posted on

Debian on AWS Lightsail

This is a setup of several items, starting with Debian 9 on Amazon AWS Lightsail. This has server basics and apt, and then follows with links to additional articles. In general, after several years of running CentOS on Linode, and then Amazon Linux AMI on EC2 and Lightsail, I find that Debian 9 is simply faster, just as secure, and at least slightly easier to use.

Note: as of Sep 2020, Debian 10 is now available on Lightsail

I will update this soon (mid-2020) to Debian 10 - Bullseye (stable) on AWS and Debian testing on the desktop. I consider this combination to be very good for intermediate users as it keeps them up-to-date on the latest testing build (when things break, that is a learning opportunity), as well as having access to most recent versions of applications, utilities and support libraries. Debian is a huge linux ecosystem which is generally well-supported by a very large community. For one's production desktop environment, Debian testing is an excellent balance of up-to-date application availability and community supportiveness. Together with the extremely stable desktop environment using Openbox/LXDE, very low system requirements are needed.

To be honest, once getting the hang of Openbox/LXDE, I do not see any advantage to Linux Mint or Ubuntu, for that matter (besides the personal repositories). Cinnamon (available on other distributions than Mint) is buggy, memory hungry, and requires a bit of customization. Openbox/LXDE offers nearly the same kind of required customizations, but demands many fewer resources and is nearly crashproof. In my opinion, the good parts of Mint do not include cinnamon, rather applications such as Nemo and Pix, which can of course be installed and run without Mint or Cinnamon.

Continue reading Debian on AWS Lightsail

Posted on

Amazon Lightsail

Amazon Lightsail is a VPS services offered by Amazon that competes with the likes of Rackspace, DigitalOcean, Linode, etc.

Note: As of mid 2018 AWS effectively halved its prices on Lightsail. This means there is a $3.50 USD/mo. option and the $40 option listed below (4gb ram/2 cpu/60gb ssd/4tb xfer) is actually only $20 now.

Compared head-to-head the Lightsail option is a middle-of-the-road offering. However, compared with AWS and including the highly optimized nature of running Amazon Linux AMI (and not overselling with bullshit numbers like some providers), Amazon Lightsail is an extremely attractive VPS.

S3 snapshot backups and other aspects of high reliability make this a go-to package for the VPS market.

Lightsail Specifications

See the Amazon Lightsail FAQs

The various sizes of Lightsail are (as of July 2017):

  • $5/mo. - 512mb ram, 1 core, 20gb ssd, 1tb transfer
  • $10/mo. - 1gb ram, 1 core, 30gb ssd, 2tb transfer
  • $20/mo. - 2gb ram, 1 core, 40gb ssd, 3tb transfer
  • $40/mo. - 4gb ram, 2 core, 60gb ssd, 4tb transfer
  • $80/mo. - 8gb ram, 2 core, 80gb ssd, 5tb transfer

Note that transfer allowances are half of the above, for Mumbai and Sydney currently.

Lightsail vs. EC2 Pricing

The real genius in Lightsail is the pricing. Compared with a 1 year reserved T2.Nano instance, a $5 Lightsail would be as follows:

Total value of $8.13-$98.04 in value (depending mainly on data transfer).

However, if you had only a single zone, a single IP, 8gb of disk (smallest available), and under 1gb of data transfer, then the value is $4.74/mo., which is within 5% of the cost of a $5/mo. Lightsail.

That said, it is not clear how the vcpu works under Lightsail vs. EC2. However, since this is a single infrastructure, likely the performance is similar, and AWS is just going after a different segment of the market (one that is price-conscious).

Lightsail Docs and CLI

Lightsail has docs and a cli.

Lightsail Tasks

  • Create zone(s)
  • Create and download SSH Cert
  • Log in from command prompt with
    • ssh -i /path/to/.ssh/key.pem ec2-user@server.domain.tld
  • Operate under root rights with sudo su

Lightsail Control Panel

Lightsail is not integrated into the rest of AWS, though it is possible to see some aspects of it (perhaps storage?) from the console. Definitely it is managed separately from EC2 and Route53.

This lack of integration is a bit of a pain, but likely it will go away (slowly and partially) over time (perhaps).

Securing Lightsail

Depending upon one's security requirements, it might be useful to create a new user and disable or remove rights to the ec2-user account.

The steps to create a user with the same rights as ec2-user are:

  • create the account useradd username
  • set a password for the account passwd username
  • add the account to the sudo group usermod -aG wheel username
  • log in with the account su - username
  • create a .ssh directory mkdir .ssh
  • set security on the directory chmod 700 .ssh
  • log out of username exit
  • now back in root, copy the authorized_keys file to username
cp /home/ec2-user/.ssh/authorized_keys /home/username/.ssh/authorized_keys

Log all the way out of the system, and try and log in with the username, and same public key.

Once logged in invoke sudo su to ensure it has the correct rights. There should be an error message.

The last step is to replace ec2-user with username in the file: /etc/sudoers.d/cloud-init

If this works, then you have a new account with the same priviledges as the ec2-user (and you have also removed ec2-user from the ability to become root) and can safely delete (or ignore) that account.

Lightsail Limitations

Lightsail has a few limitations, including no tools for transfer or resizing, though in late 2018 an ability to export snapshots to EC2 was added. In addition, Lightsail cannot port filter at the IP address, only at the port level. And for DNS management, CAA records are not supported (as opposed to Route 53 where they are).