Analysis Paralysis

What is it?

From Investopedia, “Analysis paralysis is an inability to make a decision due to over-thinking a problem.” This often happens when there are too many options, or too many variables surrounding the options.

Boomer comic courtesy of: https://www.aihr.com/blog/deal-analysis-paralysis/

This happened to me this week. For our capstone project, I am making the user authentication system. The login page starts by making a request to our API. In the API, after some verification, a token is made and sent back to the user. The question I was stuck on was regarding the token. Should I send a random string, or use something like a JWT? I could pretty easily generate a random string and use that for all session verification, but I couldn’t guarantee uniqueness. A JWT could do tha, but it may be harder to set up. Do I even need to worry about uniqueness? Can I use the same middleware in the frontend and backend? Are there security concerns with either one? Is there another option I’m not even considering?

As the questions keep coming, the answer became less clear, and I was further away from a decision than when I started. The analysis paralysis had set in.

How do I stop it?

I’m sure there are many ways to overcome analysis paralysis. The one that worked for me was hypothetically picking an option, and thinking through what that would look like. I started with JWT. If I used that, I would install some middleware. Then I would probably use some function like jwt.create(token) using the user’s email address. Then I could send it back to the frontend, where I would use the same middleware (hopefully) and then decode the JWT. From my experience in Cloud Programming, I knew that a JWT could expire, so that could be a good way to manage session timeout. And the implementation for verifying that would be relatively easy.

How would it look if I just used a random string? I would probably do the same thing in the API, just with a random string instead. The frontend would take this string and save it. But what happens then? If I wanted to verify its authenticity, I would have to make a call to the API and database every time the user wanted to access a protected route. This wouldn’t happen with a JWT. If I wanted to have an expiration… well I don’t even know. I didn’t get that far in my thought process. It was pretty clear to me at this point that JWT was the way to go.

The next step was actually doing it. I sat down at my computer and started overthinking again. Lots of “what-if” questions came into my mind. But I just said screw it, Googled “node jwt”, and found a middleware that looked like it would do the job. I started coding before I could get in my own way, and after a while, I had my API successfully sending back a JWT! Was this method guaranteed to work? Of course not. But if it didn’t work out, I could have just reverted my changes and tried again.

By walking through the process of each choice, I was able to decide on the better option. I didn’t let perfect be the enemy of good. Once it was time to enact my decision, I avoided self doubt by trusting my decision, and knowing that I could always go back if it didn’t work. The next time I’m faced with analysis paralysis, I’ll remember what I did in this scenario, and I’ll be able to more easily break free from it.

Posted in Career, School | Leave a comment

The 5 Types of Job Posts on Indeed

As graduation approaches, many of us are surely in the thick of our job search. Some of us may be leveraging connections, some are transitioning from an internship to a full-time role, and some (most, I assume), are trolling the job boards, looking for any new and interesting jobs to apply to. If you’re like me, you may have read so many job posts that you’ve started to categorize them in your head. If not, I’ve taken the liberty to do it for you — Buzzfeed style! Here are the 5 types of job posts that can be found when scrolling through Indeed.

1. The “Training Program”

You made it through high school. You worked hard in college. You had a quarter-life crisis and realized that the degree you got wasn’t getting you anywhere. You made up for it by getting another degree. Now, after all that education, some COMPANY has the GALL to suggest that you need more training! How dare they!

These jobs usually promise a 6 month, 18 month, or even 27 month training program to get you up to speed on a specific tech stack and development style. They are usually complete with group and portfolio projects too. Honestly, it would be a refreshing change of pace to get paid to learn for once. The problem with many of these jobs is that at the end of your training program, you are not guaranteed to be accepted as a full-time employee. Some may see this as high-risk/high-reward. I’d say stay away.

2. The Irrelevant Job that Seems Super Cool

So you’re telling me that I could work in a university lab and help study neutrinos? No way! That sounds so cool! What do I know about neutrinos? Uhhhhhh…..

There are always those jobs that sound so enticing. High security clearance government contractors, super cool astrophysics lab, high tech startup. Okay, this is where my Midwest bias comes in. Here in the Midwest, high tech startup companies are rare. While all of my classmates on the west coast are spoiled with job postings about “the next Friendster” or “Uber, but for pets”, I am plagued with a lot of run-of-the-mill, boring sounding jobs.

So that makes it all the more special when I find a job that isn’t only cool to me, but would be cool to tell my friends about. The only problem is that these jobs are almost always out of your skillset, the pay is criminally low, or the barrier to entry is too high. Still, that won’t stop me from reading the full job listing and daydream about what it would be like to work there.

3. The Job That Randomly Requires a Master’s Degree for Whatever Reason

Speaking of high barrier to entry, what is with the jobs that require a master’s degree for seemingly no reason? I’ll be looking through a job that looks good. Full stack web dev? Works for me. RESTful APIs? Check; Thanks CS493! .NET experience preferred? Check. Master’s degree required? Why??

I’m sure it’s one of those things where the company says “required” but they really mean “it would be super cool if you had this”. I might as well apply. But still, it’s weird. If nothing else, now I’m going to apply to the job on the off-chance that I get an interview, just so that I can ask them why a web developer needs a master’s degree. Maybe that’s exactly what they wanted me to do!

4. The Great Job That Gets Closed Right After You Save It

Oh wow! This job seems super cool. Tech stack is right up my alley. Good pay. Great benefits. Lots of room for improvements! I could totally see myself working here. Let me just save this job to apply later —

It makes sense that good jobs get filled right away, but sometimes it feel like someone is just waiting for me to find the job before marking it as closed, just to spite me. Maybe it’s just a sign that I should just apply right away.

5. The Perfect Job for You

Once in a blue moon, the perfect job comes along. It’s basically the same job as #4, but isn’t a tease. Everything is perfect on paper, and when you check Glassdoor, people actually like working there! It’s a short commute but that doesn’t even matter because they allow fully remote if you want, with optional office time. When you go to apply, their application software actually works and is a good experience all around! The problem with these jobs is that they’re so rare. Out of 100 jobs, you might get 1 or 2 of these good ones. But all it takes is one to like you, and you’re set for the next few years!

Or so I’m told.

Posted in Career | Leave a comment

The Pros and Cons of Remote Work

At the start of the pandemic, many offices around the country closed their doors in favor of working from home. Luckily for me, I already had experience with remote work through Oregon State. As I transition from a computer science student to a fully fledged (junior) developer, I wanted to look at my options when it came to remote work. Should I continute working remotely? Or should I try to find something in person? None of my observations are revolutionary. They have all likely been discussed more in depth and more eloquently than I ever could. That being said, I thought it would be good for me to lay out the pros and cons of remote work, so that I can decide where to target my job search.

Pros

The first positive that came to mind was the lack of commute. My company’s office is 45 minutes away from my home on a good day. If I had to work in person, I would be spending an hour and a half daily just sitting in traffic. Working remotely, my commute is a 10 second walk from my bed to the living room where my desk is set up. I doubt it’s even that long.

The next big plus of working from home is the freedom allowed. This can mean a lot of things: first, I am able to let my dogs outside periodically throughout the day, instead of them going crazy the minute I get home. Second, I can do dishes or a load of laundry throughout the day instead of wasting my lunch at the office doing nothing. Lastly, my kitchen is at home. I am able to grab a snack or make a good cup of tea whenever I want. No vending machine or crappy tea selection for me!

Another pro is that there are a ton of opportunities for remote work. Maybe this isn’t the case in Silicon Valley, but in the Midwest, the local in-person opportunities pale in comparison to the remote offerings. If I work remotely, I don’t need to be restricted to jobs in my area. There are great jobs around me, don’t get me wrong. But it’s a finite number. Plus there is a rumor that there are some places that don’t adjust salary to cost of living, so you could get Silicon Valley figures on a Mississippi River CoL. I’ve never seen someone in real life that’s been lucky enough to get that deal, but I’ve been assured it happens. (Okay, probably not the best reason to work remote. It’s just fun to think about)

There are many more reasons why it would be beneficial for me to work remote. Offices are either too noisy, or so quiet I feel uncomfortable talking. My home doesn’t have this issue. I have room to spread out at home, instead of being confined to a small desk in the middle of a giant room at the office. Speaking of that, I don’t have to worry about the annoyances of open-office plans at all. With all of these reasons, there is one that beats all others: I don’t need to worry about getting sick from my coworkers. With offices starting to open up again, it seems like many companies forgot why they went remote in the first place. I will never understand why offices shut down at 20,000 daily cases nationally, and then open again at 800,000 daily cases. Ever since I started working from home, I have gotten sick maybe once (not covid). It’s just not something I need to think about when I’m at home.

Cons

The major downside to remote work is that it is much less social. I have never met most of my coworkers in person, and I see them mainly as boxes on my screen. There could of course be scheduled events, but there will never be an impromptu beer at the end of a long day behind the keyboard.

Along with that, collaboration presents a large challenge. Long meetings over video chat just aren’t same as getting together in a room with a whiteboard. Every communication over text needs to be double-checked for clarity (at least in my case). It’s much easier to convey an idea in person as opposed to through text, and it’s easier to say something quick in person as opposed to having to schedule a call or video chat when working from home.

Lastly, there are fewer learning opportunities, which is especially detrimental for a fledgling developer. Like I mentioned before, asking a quick question to a coworker can turn into an ordeal when not in the same room. I could ask a question and have to wait an hour for a response. This isn’t the other person’s fault; I understand that they’re busy. But there’s no way for me to tell, so I may end up waiting longer than necessary for an answer to a supposedly quick question. There is also no opportunity for pair programming. It is hard for me to see how more seasoned developers think through problems and go about implementing them.

One quick aside, the logistics of working from home can also be difficult. I am fortunate that I was able to move my desk into a separate room from my fiancée’s desk. That way we can work and have meetings without worrying about disturbing the other. I recognize that that is not easy for everyone. People in 1 bedroom or studio apartment and people with children face additional challenges when working from home.

Conclusion

Based on the overall content of each section, it is pretty obvious that the pros outweigh the cons for me. If I were further in my career, I would push to never go into the office again. However, I want to ensure I learn as much as possible, especially earlier on in my career. It makes a lot of sense to work in an office for the training opportunities alone. My ideal situation would be a mix of both remote and in-person. I would like to come into the office on some days for training/assistance and the social aspect, but I would also like the choice to stay at home. Ultimately I will look at both remote and in-office during my job search, but will likely favor local companies for now.

Posted in Career, Internship | Leave a comment

My Story So Far

After telling a story about my internship last week, I realized it would probably be beneficial if people knew a bit more about who I am. Since we haven’t started development on our project yet, this week is a good time to do just that.

The Before Times

I grew up in Minnesota, in a northern suburb of the Twin Cities. I went to college at the University of Wisconsin-Madison, where I majored in Pharmacology & Toxicology. Becoming a Badger was one of the best decisions I ever made, and I loved my time in Madison. I did not, however, love the world of academic research as much as I thought I was going to. With a degree in a narrow scientific field, there were only a few industry options for me. After graduating in 2018, I decided to become a research technician at a contract research organization, but I knew I eventually wanted to do something else.

Making the Change

I spent a long time after graduation trying to decide where to take my career. My job as a research technician was fulfilling, but not sustainable in the long term. I spent time looking back at the classes I enjoyed the most over the years. In high school, I was a big ol’ nerd and really enjoyed math, especially calculus. Turns out that there existed a job adjacent to math that had many job prospects, exciting projects, and plenty of perks and benefits (I wonder what it could be)! Before I took the plunge to change my career, I wanted to make sure programming would be something that I enjoyed. I got two books on learning Python: Automate the Boring Stuff and Python Crash Course. I absolutely loved programming. It was a perfect combination of logical challenges and creative freedom.

The only thing left was to learn everything else.

Luckily for me, there was an online Post-Baccalaureate Computer Science program that was specifically geared toward working professionals. It was right up my alley. I enrolled into Oregon State’s program in 2019, and my CS knowledge has grown exponentially since. Because of the program, I was also fortunate enough to land an internship which taught me how to successfully work as a software engineer in a professional environment.

And that pretty much bring us up to present day. I am currently in my last class of the program and am planning on graduating in March. It has been a long journey and I am excited to take my last step toward making my career change official.

More About Me

As much as I love CS and Software, they aren’t the only things I have going on in my life. I currently live in Minnesota with my fiancée, two German Shepherds (Valley and River), two cats (Misty and Fraser), and 4 snakes (Casanova, Annie, Rumour, and Celeste). My hobbies include brewing beer, playing video games and board games (currently loving Spirit Island), and taking our dogs to sporting events (They both love Barn Hunt). I am also a big fan of the Timberwolves, and have loved watching them this year.

River (left) and Valley (right) enjoying the cool October air
Posted in Career, School | Leave a comment

Google Twice, Code Once

Being an intern is easily the best way for students to gain experience in software engineering. What is perhaps not so obvious, is that many of these experiences can be incredibly frustrating while going through them. Especially if you have nobody to blame but yourself.

During my summer internship, I was tasked with making a number of improvements to our web application to make it more mobile-friendly. One of these improvements was to allow for a passwordless login so our users could log in faster. This is a simple task for native apps, but can become a bit more involved for Progressive Web Apps. The main tool for this feature is a frontend API called WebAuthn. For the uninitiated, WebAuthn allows a PWA to take biometric data (like a fingerprint or face scan) and turn it into a unique key. This key can then be used instead of a password.

WebAuthn requires that your app performs many security checks in the backend to prevent malicious behavior. This is an easy task if your backend is in Javascript. The company with which I interned used .NET framework, and it was impossible to find a library to perform the required security checks. Correction: It was impossible for me to find a library. What was a poor intern to do? I bravely decided that I, a CS student with only 4 weeks of professional experience, would write a library in C# to perform all the proper security checks required for WebAuthn to function.

Did I say bravely?

I meant stupidly.

I spent about a week and a half trying to figure out the ins and outs of encryption, hashes, credentials, and other security mumbo jumbo that I understood like a toddler understands time dilation. I dutifully followed The Documentation™. I did everything I could to duct tape together a backend that would properly communicate with WebAuthn. I just couldn’t get it to work. Things were moving at a snail’s pace. Between working with against legacy code, a relatively new language, and an overwhelming sense of imposter syndrome, I realized that I just couldn’t do it.

Frustrated, I started searching for alternatives, hoping against hope that my Google-fu had simply failed me the first day I looked for a library. Well it turns out it had. After simply searching “webauthn net library”, I found my answer. Literally the first result. I felt a solid 50/50 mix of rage and relief. After congratulating myself on properly typing 3 words into a search engine, I got to work. All I had to do was download a package, and all the backend work sat at my fingertips, waiting to be implemented. It was still work to get everything set up properly — I had little experience with typed languages and encoding at the time. But it took a fraction of the time that it would have taken for me to implement everything on my own. And boy was I ecstatic when I first saw the final credential properly formatted and printed out on my console window.

There are many things I can learn from this mistake. “Measure twice, cut once” is good for carpentry; the software equivalent could be “Google twice, code once”. That’s the first takeaway. Second, if you’re looking for a library for the most used web authentication platforms, then it probably exists. Lastly, it’s okay to throw away code that you have put hours of time and effort into if it just isn’t working (as long as you find a better option). I am very thankful that I was able to struggle so that I could learn for the future.

But if I ever see the words WebAuthn and .NET put together again, I might just scream.

Posted in Internship | Leave a comment