RedNectar’s guide to programming user interfaces

Posted on 2013/04/25 by

I recently made a flippant comment of the GNS3 forum:

Rule #27: RedNectar’s guide to programming user interfaces
Never state an option in the negative.

which prompted a request from Jeremy Grossmann

Can you share complete list of all your rules? ;)

So I thought I’d actually write down some of the principles I believe are important to writing programs with a easy to use user interface. This is not a complete list, and it is very GNS3 centric because I wrote it originally on the GNS3 forum. But here it is for what it’s worth. I didn’t quite make 27 rules, but here is a more manageable 7 rules:

Rule #1

Don’t add complexity unnecessarily.

In other words, try and work out the simplest way of achieving what you need to achieve. Also known as Ockham’s Razor or the KISS principle.

Rule #2

Try to predict how the user will intuitively know what to do.

This is the principle which made the iPhone so successful. I’ve also seen this written as “Write programs for people, not for computers”

Rule #3

Consistency

Have a standard approach to every Menu, dialogue and action. Hard to do if multiple people contribute to the development of an application. Even harder if your app is to be used on multiple platforms. Mac users are used to the idea that one an item has been clicked upon it is selected/chosen/applied/done/finished (play around in System Preferences if you don’t know what I mean). Meanwhile PC users expect to be able to click here and there before finally having to click OK before a choice is made – or click Cancel if they decide that they don’t want to change anything after all.

Rule #4

Keyboard First, Mouse Second
Every action that can be performed ought to be implemented via the keyboard. Then add the mouse actions. Not everyone agrees with me on this one, and is definitely one that could not apply to writing apps for a tablet. But I believe it is a rule that should be at least strived for.

This is one rule that is extremely lacking in GNS3 (How do I add a device to my topology without a mouse?)

Rule #5

Provide feedback

Every click that causes any change should provide some visible feedback, even if it is a simple status message on a status bar (GNS3 doesn’t have one of those – although the Console dock does a good job if debug is turned on). I don’t mean that another pop-up dialogue should appear that you have to acknowledge – that just gets in the way (I hope the Cisco UI designers are reading this), but something should happen. For instance, in GNS3 when you go to the Node Configurator and make some changes and click Apply – there is no visual feedback to show that this has happened. It could be something as simple as disabling the Apply button once it has been clicked once (which means that it would have to be re-enabled if another change was made), or a message under the Apply button, or a message in the Console dock. But remember Rule#3.

Rule #6

Warn users if changes will be lost

Similar to Rule #5 – but with more emphasis on confirming with a pop-up if you are about to exit a dialogue without saving changes. This does need some balance though. For instance, in GNS3 when you go to the Node Configurator and make some changes and click Cancel you should expect to loose your changes, you did just click Cancel after all. But if you go to IOS Images and hypervisors and make some changes then click Close then you should be warned that your changes will be lost if you haven’t already clicked Save.

Rule #7

Never state an option in the negative.
There is an option in GNS3 that states:

[ ] Do not use first NIC for connections with the host OS

This is too confusing.
I remember doing a course at uni that taught us how to write multiple-choice questions and test their effectiveness. One of the rules for writing effective multiple choice questions is also to never ask questions or pose options in the negative. And for good reason. This option would be far better written as:

[x] Reserve first NIC for connections with the host OS

Maybe one day I’ll add some more. But if I do that I may end up violating Rule#1.

About these ads
Posted in blog, Programming, User Interface | Leave a comment

IP Pie

Posted on 2013/04/11 by

One way of looking at how to subnet networks is the the IP Pie method. Dividing IP networks into subnets is as easy as pie.  All you need to do is remember one simple rule about how to cut the pie. IPPie

Posted in CCNA, ICND, ICND1, ICND2, IP, SUbnetting | Leave a comment

Damn you Microsoft and your forced reboot! HOW DARE YOU!

Posted on 2013/04/04 by

I’ve just lost 30mins (at least) of work.  I was was in the middle of doing a complicated install of a virtual machine (I was installing FreeBSD on a QEMU virtual machine) and documenting each step.  All of a sudden, a message appears from Windows 8 telling me that my computer is about to reboot in 15 minutes.  There’s no way I can finish this job in 15 minutes, not carefully anyway.  However, I did rush to try and managed to get to the last step (although my notes were such a mess now that I’d still would have probably had to go through the whole thing again anyway) and bang! Microsoft whammied me!  It all gone.  Everything I was working on GONE.

I’ve now turned off automatic updates, but what a rude and totally unacceptable practice Microsoft has imposed on us. Shame on you MS

Posted in Microsoft, opinion, rant, Windows 8 | 4 Comments

CCNA Certification Changes 2013 Summary

Posted on 2013/04/03 by

On 26 March 2013, Cisco announced new CCNA certifications.. Here is my interpretation of the changes.

In a nutshell

ICND1 is now considerably harder, absorbing much of the ICND2 content (IPv6, ACLs, VLANs and OSPF) while ICND2 seems to be much leaner having lost most of its content to ICND1.

ICND1 now has more emphasis on VLANs and IPv6, less emphasis on WAN technologies. OSPF is now included as the routing protocol, and RIP can finally Rest In Peace. (RIP is gone). [Edit 2013-04-08. Curiously, the topic Link State vs Distance Vector  is still included.  One wonders...]

There is no content on Wireless in ICND1 or ICND2 and Variable Length Subnet Masking (VLSM)/route summarisation has moved from ICND2 to ICND1, so too has Access Control Lists (ACLs).

All in all, the new ICND1 now has more difficult concepts to handle than the old ICND1.

Opinion

From what I see in the industry, ICND1 is a better match to industry needs than it was previously, with the notable exception of WiFi.  Even the most basic home network has WiFi today, and ANY basic networking certification should include enough information to make graduates realise the limitations of deploying Integrated access points as opposed to planning a proper ESS.  The ICND2 exam topics unfortunately still include Frame Relay, but thankfully now includes PPPoE and FHRP

I am saddened to see RIP go, but only because it served as a simple example to explain other routing concepts.  I can live with that.  On the other hand, the move to include OSPF in ICND1 is positive.  I am surprised to see that Cisco didn’t take the opportunity to push EIGRP towards the earlier certification rather than OSPF, since EIGRP is Cisco’s baby (although now an open standard).  Could this be an indication that Cisco sees OSPF as the routing protocol of the future?  I think it does.

I am disappointed that Cisco couldn’t prepare their documentation better.  Having Exam topics like: [Edit 2013-04-08: Cisco has now updated the list of topics to be approximately three times as long!  Now I'm even more convinced the new ICND1 is much harder than before]

Configure and verify network device security features such as

with NO list of features following the “as” makes me hope like crazy that they have put more effort into the exam question preparation. I have found in the past that there have been questions on Ciso exams with the same level of quality control displayed in this example. Such poor quality frustrates exam candidates and devalues the whole process.  Sadly, the quality of the ICND2 topics is even more poorly prepared, with the topic Managing Cisco IOS Files is stuck right in the middle of the IP Routing Technologies section (a typo I’m sure) which again worries me purely form the viewpoint that the people who prepared this document so badly are the same people that prepare the exams. Worse still, there are topics as vague as:

Identify enhanced switching technologies

with no indication as to the particular enhanced technologies.  Previously this had been stated as:

Identify enhanced switching technologies  (including: VTP, RSTP, VLAN, PVSTP, 802.1q)

so candidates at least had some idea of what was expected.

ICND2 now includes FHRP, Syslog and SNMP components, and (at last) PPPoE implementation and troubleshooting.  IPv6, VLSM, VLANs and VLAN trunking and OSPF have all moved to ICND1, although OSPF is repeated for ICND2.  Frame relay still persists, in spite of the fact that the ISPs I deal with have had no NEW frame relay customers in years.

Etherchannel is specifically mentioned, but I suspect candidates are actually expected to understand the IEEE 802.3ad/ax Link Aggregation standard as well as/instead of Cisco’s old proprietary Etherchannel implementation of the protocol.  I think the inclusion of a topic specifically mentioning Etherchannel reflects Cisco arrogance – “We wrote the standard so we can call it what we like!”

Naming:

The certification is no longer called CCNA. It is now called CCNA Routing and Switching.
CCENT is still CCENT.

Exams:

The ICND1 exam is now 100-101. Previously it was 640-822. It is still 90 mins, 40-50 questions.
The ICND2 exam is now 200-101. Previously it was 640-816. It is still 75 mins, but has 50-60 questions rather than 40-50 questions.
The CCNA (combined ICND1 & ICND2) exam is now 200-120. Previously it was 840-802. It is still 90 mins, 40-50 questions.

The new exams are offered in English only. Previously these exams had been offered in English, Japanese, Spanish, French, Portuguese, and the 840-802 was also offered in Chinese, Russian, and Korean.

I expect this will change in time.

Content:

Here is the list of topics for ICND1 and ICND2. I have highlighted the new content in green, and the old changed content in light grey. The red strikeout content is from the old 640-822 which is no longer relevant and bold red content means I have no idea what it means!

ICND1

In summary:
More emphasis on VLANs and IPv6. Less emphasis on WANs. RIP is out and OSPF is in.

There is no content on Wireless but you will have to deal with more advanced topics such as Variable Length Subnet Masking (VLSM)/route summarisation and Access Control Lists (ACLs).

All in all, the new ICND1 now has more difficult concepts to handle than the old ICND1.

Operation of IP Data Networks

Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs.
Select the components required to meet a given network specification.
Identify common applications and their impact on the network
Describe the purpose and basic operation of the protocols in the OSI and TCP/IP models.
Predict the data flow between two hosts across a network.
Identify the appropriate media, cables, ports, and connectors to connect Cisco network devices to other network devices and hosts in a LAN

LAN Switching Technologies

Determine the technology and media access control method for Ethernet networks
Identify basic switching concepts and the operation of Cisco switches.
Configure and verify initial switch configuration including remote access management.
Verify network status and switch operation using basic utilities such as ping, telnet and ssh.
Describe how VLANs create logically separate networks and the need for routing between them.
Configure and verify VLANs
Configure and verify trunking on Cisco switches 

IP addressing (IPv4 / IPv6)

Describe the operation and necessity of using private and public IP addresses for IPv4 addressing
Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment.
Identify the appropriate IPv4 addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment.
Describe the technological requirements for running IPv6 in conjunction with IPv4 such as dual stack
Describe IPv6 addresses
Describe and verify DNS operation

IP Routing Technologies

Describe basic routing concepts
Configure and verify utilizing the CLI to set basic Router configuration
Configure and verify operation status of an ethernet interface
Verify router configuration and network connectivity
Configure and verify routing configuration for a static or default route given specific routing requirements
Differentiate methods of routing and routing protocols
Configure and verify OSPF (single area)
Configure and verify interVLAN routing (Router on a stick)
Configure SVI interfaces
Configure, verify, and troubleshoot RIPv2

IP Services

Configure and verify DHCP (IOS Router)
Configure, verify and troubleshoot DHCP and DNS operation on a router. (including: CLI/SDM)
Describe the types, features, and applications of ACLs
Configure and verify ACLs in a network environment
Identify the basic operation of NAT
Configure and verify NAT for given network requirements
Configure and verify NTP as a client
Enable NAT for a small network with a single ISP and connection using SDM and verify operation using CLI and ping

Network Device Security

Configure and verify network device security features such as ???
Configure and verify Switch Port Security features such as ???
Configure and verify ACLs to filter network traffic
Configure and verify an ACLs to limit telnet and SSH access to the router

Troubleshooting

Troubleshoot and correct common problems associated with IP addressing and host configurations.
Troubleshoot and Resolve VLAN problems
Troubleshoot and Resolve trunking problems on Cisco switches
Troubleshoot and Resolve ACL issues
Troubleshoot and Resolve Layer 1 problems

Explain and select the appropriate administrative tasks required for a WLAN

Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)
Identify and describe the purpose of the components in a small wireless network. (including: SSID, BSS, ESS)
Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point
Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)
Identify common issues with implementing wireless networks

Identify security threats to a network and describe general methods to mitigate those threats

Explain today’s increasing network security threats and the need to implement a comprehensive security policy to mitigate the threats
Explain general methods to mitigate common security threats to network devices, hosts, and applications
Describe the functions of common security appliances and applications
Describe security recommended practices including initial steps to secure network devices

Implement and verify WAN links

Describe different methods for connecting to a WAN
Configure and verify a basic WAN serial connection

ICND2

In summary:
This is a poorly prepared document, and extremely vague.  Topics like Identify enhanced switching technologies could mean anything from cut-though switching to Virtual Port Channels or TRILL or Fabric Path.  Who knows?  It probably doesn’t include those advanced topics, but candidates have a right to know if topics like VTP, Rapid Spanning Tree (aka 802.1D – 2004), 803.1ax Link Aggregation (aka Port Channel) and 802.1ad Provider Bridging (aka Q-in-Q) are included.  The old specification specifically mentioned VTP, RSTP, VLAN, PVSTP and 802.1Q.  The new document doesn’t.

All in all, the new ICND2 now seems simpler than the old ICND1, but because of the vagueness of the topics, I could be grossly wrong.  Many of the old ICND2 topics (IPv6, ACLs, VLANs and OSPF) have moved to ICND1.

LAN Switching Technologies

Identify enhanced switching technologies
Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)
Configure and verify PVSTP operation

IP Routing Technologies

Describe the boot process of Cisco IOS routers
Configure and verify operation status of a Serial interface.
Manage Cisco IOS Files
Differentiate methods of routing and routing protocols
Configure and verify OSPF (single area) [Edit 2013-04-08. However, this official document lists  Multi-area OSPF IPv4 Implementation as a topic added to the ICND2 exam]
Configure and verify EIGRP (single AS)

IP Services

Recognize High availability (FHRP)
Configure and verify Syslog
Describe SNMP v2 & v3

Troubleshooting

Identify and correct common network problems
Utilize netflow data
Troubleshoot and Resolve Spanning Tree operation issues
Troubleshoot and Resolve routing issues
Troubleshoot and Resolve OSPF problems
Troubleshoot and Resolve EIGRP problems
Troubleshoot and Resolve interVLAN routing problems
Troubleshoot and Resolve WAN implementation issues
Monitor NetFlow statistics
Troubleshoot etherchannel problems

WAN Technologies

Identify different WAN Technologies
Configure and verify a basic WAN serial connection
Configure and verify a PPP connection between Cisco routers
Configure and verify Frame Relay on Cisco routers
Implement and troubleshoot PPPoE

Posted in 802.1ad, 802.3ad, 802.3ax, ACL, CCNA, Certifications, Cisco, EIGRP, Etherchannel, ICND, ICND1, ICND2, IPv6, New CCNA certification, New Cisco certifications, opinion, OSPF, portfast, rant, rapid spanning-tree, RIP, Routing, spanning-tree, VLANs, VLSM, VTP, wifi, wireless network | 6 Comments

Dynamips/GNS3 Idle-PC explained. Finally!

Posted on 2013/02/24 by

Firstly let me say thanks to Jeremy Grossmann (principal programmer for GNS3) for helping me finally get my head around this concept. I have to admit that I’d I had only a vague idea of what was happening when I wrote this post on the GNS3 forum, but recently I decided I had to nail it.

In a nutshell:

Without an Idle-PC set, dynamips attempts to emulate instructions one at a time as fast as it can, consuming up to 100% of the available CPU.
The Idle-PC is a guess at where the Program Counter might be pointing to an idle-loop in the emulated router.
When emulator has visits this PC value Idle-Max times, it suspends itself for Idle-Sleep ms to allow other processes to get on their tasks.

Details

To understand the dynamips/GNS3 Idle-PC concept, you have to start by looking at the way software operates.

A normal piece of software generally has one or more places in the code where the program just sits in an “idle” loop – say waiting for a key press. Or a message to arrive. Or for a timer to expire to remind it to send a message.

However dynamips is a different kind of program. It is an emulator. It takes a binary image of MIPS machine code and interprets each instruction one at a time and then executes that instruction on the host computer. The basic logic is something like this:

Set the program counter (PC) to 1
Repeat forever {
 Fetch MIPS instruction number PC
 Emulate it on the host computer
 Increment the Program Counter (PC++)
}

So there are no idle states – dynamips just screams through those instructions one at a time around and around – except that there will be many, many places where the instruction that is executed is one that changes the program counter, causing dynamips to extract the instructions in a non-linear sequence.

And some of those instructions will be be in little groups where the emulated router is sitting in an idle state – as in waiting for a packet to arrive or a key to be pressed at the console. The problem is, dynamips has no idea whether the current Program Counter (PC) is pointing to an instruction that is doing something important, or one that is just part of the few instructions that get repeated over and over in an idle loop.

Now if dynamips could somehow know that when the Program Counter (PC) was pointing to a certain pice of code that was just an idle loop, it could suspend itself for a while, so the logic would change to:

Repeat forever {
 Fetch MIPS instruction number PC
 Emulate it on the host computer
 Increment the Program Counter (PC++)
 IF the new PC is pointing to an idle loop {
   THEN have a sleep and let the host computer get on with something else
   ELSE continue
 }
}

But dynamips has no way of knowing “IF the new PC is pointing to an idle loop” - because dynamips cannot predict future instructions nor understand them. This makes it impossible to optimise the executed code like compilers do or to know if the instructions are worth being executed.

So we make some guesses at when the Program Counter MIGHT be executing an idle loop. We call this value the Idle-PC value.

If we guess at a place where the emulated router spends a lot of idle time, then the host computer gets lots of chances to get on with other stuff. If we guess a PC (remember PC=Program Counter) where the code is only executed rarely, then the host computer will spend 100% of its CPU executing the dynamips simple loop.

Since every Cisco router image has a different set of instructions, these idle lops will be in different places on different images. But once a good Idle-PC has been found for one image, it should be good for all emulations of that image – no matter whether you are running your dynamips on a Windows computer, and OS X Macintosh, a Linux box or an iPad :J

The only other issue then, is how long and low often should dynamips sleep for when it has found the PC for the idle loop? This is where the Idle-Max and Idle-Sleep values found under the Advanced settings of the GNS3 IOS images and hypervisors dialogue come in. (Note: This feature was added to GNS3 in version 0.8.4)

Dynamips doesn’t go to sleep EVERY time the PC hits the Idle-PC. It waits until it has hit the Idle-PC Idle-Max times before sleeping for Idle-Sleep ms. That way the router still gets a chance to do the things it needs to do between visits to the Idle-PC value. If you adjust the Idle-Max too low or the Idle-Sleep too high, your emulated routers will slow to a crawl, they will loose connections with their neighbours and bad things will happen. However some folk have had good success at playing with these numbers.

To summarise:

Without an Idle-PC set, dynamips attempts to emulate instructions one at a time as fast as it can, consuming up to 100% of the available CPU.
The Idle-PC is a guess at where the Program Counter might be pointing to an idle-loop in the emulated router.
When emulator has visits this PC value Idle-Max times, it suspends itself for Idle-Sleep ms to allow other processes to get on their tasks.

Remember, if you found this post helpful, you can make it easier for others to find by giving it a good rating, or by clicking on one of the sharing options.

Posted in dynamips, GNS3, idle-max, Idle-PC, idle-sleep, idlemax, idlepc, idlesleep | Tagged , , , , , , , , , , | 3 Comments

Cisco WAAS Transparent Secure Channel

Posted on 2013/02/07 by

I was asked to explain exactly what happens in the “Transparent Secure Channel” as described in the “Cisco Wide Area Application Services SSL Application Optimizer Deployment Guide“. Here is the section under discussion – I’ve highlighted in red the point I want to concentrate on.

[Note, this post assumes a familiarity with the operation of Cisco WAAS - if you are not familiar with Cisco WAAS I can recommend some great training sessions]

Cisco WAAS is an industry-leading, comprehensive WAN optimization and application acceleration solution. It now includes SSL optimization features that integrate transparently into the existing PKI trust model in customer deployments and can be easily deployed without compromising the existing data center key management security.
With Cisco WAAS, the SSL trusted model is maintained in the data center. Server private keys are stored securely on the core Cisco WAE and WAAS Central Manager and never leave the security of the data center. The temporary SSL session keys are distributed from the secure core Cisco WAEs to the edge Cisco WAEs over a secure HTTPS connection between an edge Cisco WAE and a core Cisco WAE. In addition, the Cisco WAAS SSL Application Optimizer operates in a transparent mode that does not require any changes to either the client or the server participating in the SSL connection. Figure 1 shows how Cisco WAAS SSL optimization integrates transparently into existing application key exchanges and preserves the trust boundaries of server private keys.
• During the initial client SSL handshake, the core Cisco WAE in the data center participates in the conversation. The connection between the Cisco WAEs is established securely using the Cisco WAE device certificates, and the Cisco WAEs cross-authenticate each other.
• After the client SSL handshake is complete and the data center Cisco WAE has the session key, the data center Cisco WAE transmits the session key (which is temporary) over its secure link to the edge Cisco WAE so that the edge Cisco WAE can start decrypting the client transmissions and apply DRE.
• The optimized traffic is then reencrypted using the Cisco WAE peer session key and transmitted, in-band, over the current connection, maintaining full transparency, to the core Cisco WAE in the data center.
• The core Cisco WAE then decrypts the optimized traffic, reassembles the original messages, and reencrypts the traffic using a separate session key negotiated between the server and the data center Cisco WAE.
• If the back-end SSL server requests that the client submit an SSL certificate, the core Cisco WAE requests one from the client. The core Cisco WAE authenticates the client by verifying the SSL certificate using a trusted CA or an Online Certificate Status Protocol (OCSP) responder.

Figure 1 (From http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/deployment_guide_c07-541981.html#wp9000151)

This is how it goes (at least, this is how I BELIEVE it goes – if anyone has more detail, I’d love to know)

To keep the discussion simple, I’ll name the main objects in the scenario as shown in (Figure 1) A, B, C & D:
A=client PC
B=client side WAE
C=server side WAE
D=server

What you have to remember is that there is a proxy operation going on between the two WAEs.

So (As usual, I’ll start at the beginning- SIP=Source IP Address, DIP=Destination IP Address):
A sends the initial SYN  SIP=A, DIP=D
B marks it with 0×21   SIP=A, DIP=D
C notes a half connection – but also realises that this is a SYN for an SSL session so proxies the session.  In other words it acts as a “man-in-the-middle”
D receives the SYN+opt0x21 SIP=A, DIP=D
D replies with SYN+ACK   SIP=D, DIP=A
C marks it with 0×21    SIP=D, DIP=A
B recognises this as the reply to an SSL initiation
A receives the SYN+ACK SIP=D, DIP=A
The final ACK of the TCP handshake is sent and seen by all SIP=A, DIP=D
A begins the SSL Session to D SIP=A, DIP=D
C intercepts this session, and masquerades as D to send replies to A    SIP=D, DIP=A
At the same time, C begins a “masqueraded” SSL Session to D, pretending to be A SIP=A, DIP=D
At the end of the SSL handshaking, C holds the keys to two SSL sessions that appear to be between A & D.  At this stage, one of these sessions is in reality between A & C, while the other is between C & D

Here’s the clincher:
C starts sending packets “over its secure link to the edge Cisco WAE ” (as the article says).  In other words, C starts sending packets to B that are labelled as SIP=D, DIP=A

B replies with packets that are marked as SIP=A, DIP=D but are really from B to C – presumably there is some kind of key exchange to be able to encrypt the session key securely.

Related articles
Posted in Cisco, SSL, WAAS

How to win at Letterpress

Posted on 2013/02/04 by

If you are not yet addicted to Letterpress, then at least you should give it a try. I predict it will be the hottest mobile game for 2013.

Enough of the chit-chat. You can read the instructions on how to play on the Apple Appstore, the rest of this post is for the folk who know how to play but want a strategy to learn how to win. I have discovered a few home truths about winning this game since I became addicted found this game before Christmas 2012.

To illustrate, I’ll use the following sample game. Like chess, I’ll refer to the positions on the board as A1 in the bottom left hand corner through to E1 at the bottom right and E5 at the top right.

 Y O H R Y
 F K Q A N
 C T T A D
 C Z S O I
 D T E L R

Strategy 0. Use all of the remaining White tiles

This is really an underlying strategy – hence the number 0. What I mean is, if you can make a word using all of the remaining White tiles, you will probably win – or prevent yourself being beaten by a bigger margin. But usually you don’t have to think of this at the beginning of the game, but it needs to be stated first, because it overrides all of the other strategies discussed below.

Strategy 1. Lock in your tiles.

When you have your turn, don’t bother looking for the longest word. Look for the word that locks in the maximum number of tiles. You can enter a 10 letter word with letters all over the place only to find that you opponent has taken them all. Better to have played FOY using A1, A2, b1 and locking in the Y than to have played ANHYDRITES carelessly so as to not lock in any letters. But of course, given that there are two A’s, two Y’s, two D’s, and three T’s on the board, ANHYDRITES could be constructed 18 different ways. My point is that you should play your word so as to lock in the maximum number of letters. Challenge: What is the maximum number of letters you could lock in playing the word ANHYDRITES on this grid if it was the first turn? Here is what I would play:

ANHYDRITES 
Y O 
F K Q 
C T T A 
C Z   O 
D   L

Now this strategy may seem fairly obvious, but you have to discipline yourself to make sure you stick to the rule. If there were already letters taken by your opponent, you might be tempted to win them back rather than choosing the letters that win you locked letters. For instance, if your opponent had used the letter Y at A5, you might use it rather than the free letter Y at E5, reducing the number of letters you lock in from 3 to 0 – to which your opponent could play ANHYDRIDES and re-capture almost ALL of your letters.

Strategy 2: Work from the corners.

Since corner letters only have two neighbours, they are the easiest to lock in. Then their neighbours are next easiest and so on. The way I came across the word ANHYDRITES above was by working with the 6 letters around E5, ie the corner

H R Y
  A N
    D

Once I’d got past HANDY and RANDY and arranged them as ANHYDR, I just went looking for the other letters. As a matter of interest, I would probably rather play ANHYDRIDES, rather than ANHYDRITES, because it takes the second D in the A1 corner rather than using the less protected T at B1.

Strategy 3: Build on your strength.

Once you have locked letters, if you surround them with more locked letters then your position becomes even more powerful. In the move above, the Y at E5 is surrounded by more locked letters. Dwell on this fact for a second. It means that it is now very very hard for my opponent to capture that Y. They would first have to capture either the R on the N next to it, and to do that they would have to take one of the letters R, A or N next to them. This means that after my first turn, my opponent is at least three moves away from capturing that corner Y.

This strategy is probably the most important of all the attacking strategies.

Strategy 4: Look for compound words and extended endings.

Recall I said that I started looking at the puzzle and seeing HANDY. Now if you start playing with that, you might see that you could actually form the word HANDICRAFT, but don’t stop there. Look for extensions. HANDICRAFTS is easy, but HANDICRAFTER and HANDICRAFTERS are even longer. Sometimes, you will get the letters FUL or NESS or ING, which are useful extensions. In the case of this game, even though HANDICRAFTERS uses 14 letters, it is nowhere near as powerful as ANHYDRIDES because the best you can do is lock in one of the D’s (either one, depending which way you play. I would go for locking in the D at A1, because it is easier to build from a corner.)
Recall that ANHYDRIDES locks int three letters, and in the cae of the Y – it is doubly locked in!

Strategy 5: Attack your opponent from the flanks.

So far I have only discussed defensive strategies. Like any campaign, you have to balance attack and defence at the same time! So, while looking for letters to play, check out what your opponent has played. If they have any locked letters, you must do your best to capture at least one neighbouring piece for each locked letter. If your opponent has no locked letters, then look for places where your opponent could easily lock letters next move, and try and take from the middle of those.

Strategy 6: Gravity theory

The key to understanding gravity theory is to choose letters, not words. Then try and make words from your letters.
The idea is that some letters are more “attractive” than others. So “attractive” letters have gravity, and you want to choose letters on the spaces NEXT to the attractive letters. The more attractive letters that gather in a group, the greater “mass” they have, and hence greater gravity, and therefore attractiveness. (Remember Strategy 1.) The letters with the most gravity are the Dark Red ones – the ones that your opponent has locked, which mean that the tiles next to them will be Light Red. Next most attractive are tiles that would make one (or even better – more than one) of your tiles Dark Blue. After that, go for Light Red corner tiles, followed by White Corner tiles, then Light Red edge tiles and edge White Tiles. Next is Light Red tiles followed by White tiles. Dark Red and Blue (Light or Dark) are only used as a means of making the other letters into a word – notwithstanding Strategy 7 coming up.

The idea is, you choose the most desirable tiles on the board, and try and make a word out of them, or using as many of them as you can, keeping in mind that there are probably a couple of these tiles that you really MUST use. If you can see most of a word using these letters – check the remaining tiles to see if you can find the missing letters – but do not be distracted from trying to consume as many of the most “attractive” tiles as possible.

Strategy 7: The rules change near the end of the game – conserve White tiles.

As you get closer to the end of the game, Strategy 0 becomes more important. You must not use a White tile if that would leave the possibility of your opponent consuming all of the remaining White tiles and finishing the game. Unless of course you have 13 Dark Blue tiles already, in which case all you want to do is defend them and use up al the remaining White tiles as quickly as possible.

Strategy 8: Enjoy the game

This game is so much more strategically based than simple word games, so when I coma across an opponent that clearly knows the strategies, I revel in it and take my time with my turn. Although I have to admit that sometimesI really enjoy the really fast games, where your opponent comes back in under a minute each turn – in this case I try and match them is as fast a time. In some ways it is a pity there is not a “timed” option so that if you don’t submit in say 2 minutes, you forfeit your turn, or a random word is chosen for you.

Footnotes:

Confession: I looked up the spelling of ANHYDRITE and found that ANHYDRIDE was also a word…

For the uninitiated, Letterpress presents the player with a 5×5 grid of 25 fairly random letters that you use to make up words. There is always at let a couple of vowels, and at least some uncommon letters, like j, z, x and q. There is not always a u to go with the q, so you quickly learn new words like qi and sheqel.

Your opponent is some other online player, picked at random, or someone you invited to play. There are no time limits on how long you take to make your move, so games can last from a few minutes to a few weeks.

Posted in opinion