Category Archives: business processes

Protecting the domestic LED strip industry – Icelandic super taxes

Blah, another post about excessive import duties.  Boring, sure, but as heavy and obnoxious as always, and writing them all down gives me a nice record of them.

customs-super-tax-ledstrips

73% net import tax on 1480kr purchase price.

Bought a 1m strip of WS2812 led strip lighting.  $11.11, including shipping, or 1480 kr at today’s rates.  10% import duty, not sure why _this_ gets a duty charge, and not other electronics.  It can’t be an ewaste tariff, because none of the other electronics I’ve imported gets it, so I can only presume it’s protecting the nascent (non-existant) icelandic led strip manufacturing industry.  25% VSK,  Ok, expecting this, that’s just what VSK is.  and then the glorious 550kr fixed handling charge.  Some parcels get this, some don’t.  No way to control it, so no way to know in advance whether you should buy more on an order or not.  Hooray for consistency.

Total sum of charges: 550+386+146 = 1082 kr giving us an effective net import tax of just over 73%.  Excellent.  I love inconsistently applied regulations.

Icelandic post handling fees

I’m against being charged an arbitrary handling fee for receving a parcel. I’m fine with paying the customs + VAT charges, but I hate having to pay a flat fee for “handling” on top of that. But, if you’re doing it, it should at least be consistent. I got a parcel recently, and the invoice stuck on the outside of the parcel showed the split charge of VAT and handling properly.

Split fees for handling and customs

Split fees for handling and customs

You can see why I hate the flat fee here, it’s more than entire sum of VAT, resulting in an effective import tax of >50% instead of 25% (961 kr fees on a 1712 kr value parcel). It comes down far too heavily on small imports

However, the receipt I got from the post office after paying this has split it differently, claiming it was “free” to deliver it to me, and lumping all the rest into one line item.

"free" delivery, merged customs and handling fees

“free” delivery, merged customs and handling fees

This receipt is weird. Why would you have a line item for “delivery” being free, and then throw away the prior knowledge of this as two line items, and merge them into one? Silly post office.

Who pays for shipping? FedEx, TI and overseas agents

Update: I lost this in my drafts folder for over a year!

I live in Iceland. It’s a nice place to live, but it’s small, so I often have to buy things from overseas, particularly in for hobby electronics gear, but anything small and cheap has this problem.

Now, let’s get this straight, I’m not complaining about customs or VAT. (Not today anyway) VAT here in Iceland is 25.5%, and is applied at the end, on top of shipping charges. Customs rate isn’t always as easy to work out.

Now, in this example, I bought a device from Texas Instruments, for $US4.99, or about 630 ISK. This was advertised as shipping included, worldwide. Add 25.5% VAT, 790 ISK. Not bad. So it arrived yesterday.

Now, what does that even mean? They’ve charged me ~473 ISK for “customs handling” It doesn’t seem to be anything like the VAT rate, or the VAT rate plus the customs rate. (FIXME – finish getting customs rate)

Customs officially don’t collect anything like this, they simply say that agents are allowed to charge for filing paperwork.

So, this seems to be some arbitrary amount they just felt like charging. Next we have 750 ISK for being “an unregistered customer.” Well, that sounds awesome. I didn’t choose this company, I ordered a product from Texas Instruments with shipping included. Who knows if it’s even possible to become a registered customer.

Then there’s VAT on those charges. So, a whole 120% charge (of original purchase) on being the wrong sort of customer and another 75% (of original purchase) for “handling”. I can’t actually see where they charge the VAT/Customs on the product itself, but the end result is that I’ve paid 170% of the original purchase ON TOP of the basic vat rate + the product price. (1345 ISK + 790 ISK)

How is this remotely reasonable for “shipping included” ? And who’s responsible? Texas Instruments clearly believes they paid FedEx, (or presumably FedEx wouldn’t accept the shipment?) I can only assume that FedEx delivers the package to Iceland, believing that they’ve been paid, but I have zero insight into what the deal is between the local agent (Hraðflutningar ehf)

I believe the party responsible is IceTransport. As they said earlier, local customs agents, defined here, are allowed to charge basically whatever they like. So they do. I presume they treat customers shipping outbound through them quite a lot better, but what are my options at the end of the day? I refuse to pay their arbitrary charges, they hold the parcel, and they’ve already been paid by FedEx/Texas Instruments? So they bin the package, and are already in front? Or do I just suck it up, and pay through the nose? They’re both distasteful.

Customs official answer on handling charges:

http://www.tollur.is/displayer.asp?cat_id=2816&module_id=210&element_id=10177

802.15.4 export controls

Export controls. Woo, yeah! The USA classed various encryption as a weapon for a while, and tried to prevent it from being “exported” This was relaxed 10-15 years ago, when they realised how absurd it all was. Now, you can buy microelectronics with encryption built in, for instance, and what i’m talking about here, 802.15.4 transceivers have AES encryption built in. It’s a required part of 802.15.4 support after all. However, the way the export controls were relaxed required lots of paperwork, and there’s still some restrictions in place. And the big electronics distributors like digikey and mouser have interesting approaches to following these rules.

Here’s a quick roundup of what I tried to buy today on digikey. Note that all of these parts include AES encryption, as they are all 802.15.4 devices. In some cases, these aren’t even made in the US, they’re made in europe, shipped to distributers in the US, then not allowed out again because of these awesome “export controls”

Note: I live in Iceland, which seems to have fallen into a paperwork crack at some time, most of europe can buy these devices, but not me :(

Microchip’s MRF24J40 modules

Digikey will not sell the MRF24J40MA module by itself, DK partno: MRF24J40MA-I/RM-ND
Digikey will sell the ZENA usb dongle, which is a MRF24J40 radio + USB interface, DK partno: AC182015-1-ND

Mouser will sell the modules.

Farnell said they would sell the modules, then asked me to fill out export restrictions forms (from the UK, not the US!) and has since not replied. (This was about 6 months ago)

ST’s STM32W parts

Digikey will not sell me the STM32W-RFCKIT, DK partno: 497-11406-ND
Digikey will sell me the STEVAL-IDZ401V1, an STM32W based USB dongle. DK partno: 497-12887-ND

Mouser wouldn’t sell me the STM32W-RFCKIT either

TI’s CC2531 parts

Digikey will sell me the TI CC2531 usb dongle, DK partno: 296-28921-ND
Digikey will also sell me CC2531 chips themselves

Freescale’s MC1322x parts

Digikey will not sell me the usb dongle, DK partno: 1322XUSB-ND
I didn’t try buying the parts themselves

Atmel’s range

Digikey will sell me the Raven RZ USB stick, DK partno: ATAVRRZUSBSTICK-ND
Digikey will not sell me the development kit, DK partno: ATAVR128RFA1-EK1-ND

So, awesome job there. I can still buy “restricted” encryption hardware, but only some of it, and only in certain shapes. Fucking ballsup. I’ve spoken to Digikey, (though not with such a list of contradictions) and they brushed me off with, “we just follow the export restrictions guidance from the DOJ” They might bend a bit more if I was ordering 10k units of course, and actually go and check the paperwork, but that’s no help for me today.

Mailers and attached patches

The patch submission policy to open source projects is about as diverse as the number of projects. One policy that comes up fairly often is, “Email submission to blah-developers@example.org. Entire message plain text only, with patch inline, not as an attachment.” Apparently this is so that someone, somewhere, using some sort of mail agent can review the patch while reading their email, and still save the patch cleanly to be applied.

Projects with this sort of policy tend to enforce it rather fanatically. It also means that the list is often covered in reposts of patches, and complaints, about, “Your mailer has mangled your patch (spaces to tabs or vice versa), please fix it and resend” or, “Your mailer has sent the patch as an attachment instead of inline, please resend.” or even just the friendly, “You’ve sent a html message, don’t do that

Really? That’s the world we’re living in? What mailer in the world won’t let you view a plain text attachment inline? We’re in some lowest common denominator worldview, where for half the people, the answer is NOT USE their email mailer, but an entirely separate program, just for sending patches. (git-send-email)

One the one hand, yes, this sort of policy keeps out amateurs. It also makes damn sure that no amateur ever gets any better. It makes sure that only previously established members can ever submit anything. It’s one of the least friendly ways of accepting work I’ve ever dealt with. And somehow this is OK. I say we’ve failed, and we’ve failed on purpose, and I don’t understand it.

Upgrading jBPM from 3.1.2 to 3.2.3

At work we have a running blob of code that was built by a predecessor on jBPM 3.1. It’s basically concrete and unmaintainable, but I decided to give it a good effort. First port of call was to see about upgrading to the latest, so that I could use the latest tooling for designing or editing the processes, and also to get the jbpm-console operational.

First, simply trying to drop the 3.2 jbpm-console war into the running tomcat fails wonderfully.

So, rather than outline each and every fix I had to make along the way, here’s a list of the notes I took while doing this. It was having to wade through this pile of shit that motivated me to get this blog up, something I’d meant to do for a while, as a way of returning the favour for some of the more useful tech blogs I’ve seen out there.

My Goals

Just so you know what I was trying to achieve, I wanted to upgrade a running 3.1 jbpm app to 3.2, then try and add the jbpm-console web app alongside for some better management.

Database upgrade

The documentation here is terrible. The section of the userguide on database upgrades (for 3.2) still refers to how to upgrade from 3.0 to 3.1. This is bug JBPM-1689 over in the jboss jira. But at least I found out what I was meant to do. (oh, and the script in the release notes doesn’t have ; characters at line ends, so you’ll need to edit it before trying to run it)

Compilation breakages

Where’d my code go? We were using timers extensively, though looking at some of the examples now, I don’t actually know why. Still.

  • scheduler.exe.Timer -> job.Timer
  • SchedulerSession -> JobSession
  • saveTimer -> saveJob
  • deleteTimer ->deleteJob
  • timer.isDue() -> timer.getDueDate().before(new Date()))
  • timer.execute() -> timer.execute(jbpmContext)

Spring and other XML config

We were using spring-modules, and had the jbpm config loaded up at runtime. So, our hibernate context, which included the links to all the jbpm hbm.xml files needed to be updated with the new Job.hbm.xml file, the new locations of the Timer, and remove some of the dead ones.

your web.xml that may have referred to the DeployServlet and UploadServlet need to use the ProcessUploadServlet now.

Your jbpm.cfg.xml needs to be updated to include the tx service (Line 5)

1
2
3
4
5
6
7
8
  <jbpm-context>
    <service name="persistence" factory="org.jbpm.persistence.db.DbPersistenceServiceFactory" />
    <service name="message" factory="org.jbpm.msg.db.DbMessageServiceFactory" />
    <service name="scheduler" factory="org.jbpm.scheduler.db.DbSchedulerServiceFactory" />
    <service name="tx" factory="org.jbpm.tx.TxServiceFactory" />
    <service name="logging" factory="org.jbpm.logging.db.DbLoggingServiceFactory" />
    <service name="authentication" factory="org.jbpm.security.authentication.DefaultAuthenticationServiceFactory" />
  </jbpm-context>

At this point you should have your existing jBPM app running with the 3.2 jars, against a 3.2 db. yay.

Making jbpm-console play with others

At this point you can actually deploy the jbpm-console.war into your container (I’m using tomcat) and it will load up, and give you a login and everything. (Once you sort out jar hell. I had to copy plenty of jars from my webapp to the jbpm-console lib folder, and then add the extra ones that jbpm needed. This is a straightforward, if tedious game of adding jars until you don’t get ClassNotFoundException anymore. (antlr, commons-logging, commons-collections, hibernate, jsf, asm, cglib, bsh, dom4j, jta, and a jdbc driver)

Once it’s unpacked, you need to edit the WEB-INF\classes\hibernate.cfg.xml file to match the connection used in your main webapp.

And now, even more importantly, you need to turn off the job runner that’s included (for god knows what reason) in the console. Edit the web.xml file to remove/comment out the following…

    <!-- Job executor launcher (begin) ==>
Turn this off so that your app doesn't clash with this one picking up Jobs/Timers
    <listener>
        <description>
            Starts the job executor on servlet context initialization and stops it on 
            servlet context destruction.
        </description>
        <listener-class>org.jbpm.web.JobExecutorLauncher</listener-class>
    </listener>
    == Job executor launcher (end) -->

Note: You can still use the console to signal tokens and so forth, this doesn’t stop that, it just stops it from picking up jobs.

Usernames and login

Running on tomcat there were some issues where I couldn’t actually login to the console. http://wiki.jboss.org/wiki/JbpmOnTomcat has some words on this, but what I found was simplest was to edit the jbpm-console.war::web.xml some more. My tomcat app was already using a couple of usernames and passwords, so I just told jbpm-console to use them. The <security-constraint> section needs to use a role (<role-name>) that’s already in your tomcat-users.xml file, and the roles listed in <security-roles> need to match as well. You can also take the approach they recommend and set up the ID tables, and add all sorts of other users and stuff, but some of that seems to be just so that the _examples_ run, whereas I was trying to retrofit the jbpm-console and the 3.2 code to an existing app.

I’m almost certain that this will _still_ not cover all the pain _you_ will go through, but hopefully it helps a bit.

I’ve still not got to actually using the 3.2 designer to make changes to this chunk of legacy yet, but hey, running the latest version sure seems like it should help. And now we have the jbpm-console giving us a bit more control of things when processes go astray.