I recently released two simple WordPress plugins:
This creates a simple pet adoption search form in a widget on your WordPress site. Once you enter a postal/zip code, you're taken to results on Adopt-a-Pet.com where you can look for a homeless dog, cat or other animal waiting for your love. (Yes, I've worked a lot in the past with Adopt-a-Pet.com, but this plugin is not affiliated with or endorsed by them, I just created it for fun and to promote pet adoption.) Pull requests welcome.
This creates a simple widget display of the current U.S. national debt, based on the latest data available from the U.S. Treasury. If you want you can animate the number so that it is increasing/decreasing on the page according to recent changes in the actual debt. Pull requests welcome.
Continue reading Pet Adoption, Debt Clock WordPress Plugins
You need to be using two-factor authentication (2FA) for your online accounts that matter.
In the past 2FA was a kind of geeky thing that only the most security-conscious would bother with. Today, it's essential that anyone storing sensitive information online or using online services for anything remotely important employs the use of 2FA.
It's an imperfect security mechanism and there things about it that are inconvenient, but for now it's the best intermediate option for protecting against unauthorized access to your accounts and your information. Using it is much less inconvenient than trying to recover from having someone take your money, abuse your identity, or access your private data.
Continue reading Two-factor authentication
As a part of trying to live a more paperless life, I'm determined to take notes electronically when I'm sitting at my computer, instead of jotting them down on scraps of paper and then putting them into a document later.
When a phone call comes in, I want to be able to start typing my notes about the call right away so that I'm not distracted as I'm switching over to my text editor, opening a new document, saving the document someplace to make sure I don't lose what I'm typing, and THEN being ready to actually take notes.
I've been using the OS X productivity app Alfred more and more lately, and so I decided to create a simple Alfred workflow that would let me get a phone call notes file up in front of me, ready to edit, with minimal typing.
I wanted to make sure that the resulting notes file was named in some reasonable way that I could find again later, and so part of creating the workflow was figuring out how to take a free-form description of the call that I'd be typing in as it started, and turn that into a filesystem-friendly name (sometimes known as a slug). I ended up using a simple Perl script to do that for me.
The Alfred workflow, then, is just a keyword and a script run:
Continue reading Perl script and Alfred workflow for quick call notes
I went looking today for tools to create an autoresponder for Facebook's private messaging functions. I try to avoid using Facebook's messaging whenever possible, but that doesn't stop someone who I'm connected to there from sending me a private message, which then most often sits unreplied for weeks or months. Having an autoreply that encouraged message senders to email me instead would save me some time and help make sure the contact attempt got through in a timely manner.
The bottom line is that the options are very limited and I may need to build my own if it feels important enough to pursue. In the meantime I thought I'd post my findings here in case there are others looking for the same, or who have new ideas to share.
Continue reading Facebook messages autoresponder
One of the main reasons I get excited about Internet technologies is that they amplify the power of the written word and other kinds of creative publishing. Modern online tools enable bloggers, software developers, poets, journalists, novelists, chefs, filmmakers, marketers, photographers, artists, scientists, organizers and many other kinds of people to bring their creations to the world, at a constantly decreasing cost. And even through all of the cultural transformations we've seen spurred on by the Internet, the power of the written word remains - publishing can still change minds, start movements, spark connections, capture beauty, reshape lives.
Next week I'm joining Automattic, Inc., the company that makes WordPress, runs WordPress.com, and provides a bunch of other publishing-related tools and services. I'm joining the WordPress.com VIP team as a full-time VIP Wrangler, where I'll be helping to provide support, hosting, training, and other services to some of the biggest and best WordPress sites on the web (NY Times, TED, CNN, Time and more).
There are many reasons I'm excited about this, including:
Continue reading I'm joining Automattic
Occasionally people ask me how I got started working in the world of computers and Internet technology. There were a lot of different factors - from my own curiosity to the learning and discovering my parents and teachers encouraged to the timing of what tools/tech became available as I grew up. I don't think I can hold one particular decision or moment up over another as key, but I thought I'd try to hit some of the highlights.
As a kid I was apparently very, very curious about how things worked, especially appliances and other mechanical things. I would take them apart to understand the innards, and then try to put them back together again more or less in the same working order. I was fortunate to have parents who let me do this exploring, and where they might have had good reason to be exasperated by having household fixtures disassembled and strewn about, they instead were supportive.
Continue reading How I became a computer geek
After ranting recently about the choices we make to give "big data" companies access to our private information in ways that might be abused or exploited by government eavesdroppers, I thought it would be worth sharing some of the options I've found for using "the cloud" while also retaining a reasonable level of control over access to the data stored there.
This post has information about tools and software you can deploy yourself to approximate some of the functionality that third party services might provide, but that might also make you vulnerable to privacy and security vulnerabilities. It's based on my experiences designing and implementing solutions for my own company, so it's mostly applicable to the interests of businesses and organizations, but may also be useful for personal projects.
A few important disclaimers: any time you make your personal or corporate data available on Internet-connected devices, you're creating a potential privacy and security vulnerability; if you need to keep something truly protected from unauthorized access, think hard first about whether it belongs online at all. Also, the tools and services I'm listing here are harder to setup and configure than just signing up for one of the more well-known third party services, and may require ongoing maintenance and updates that take time and specialized knowledge. In some cases, it requires advanced technical skills to deploy these tools at all, which is the reason most people don't or can't go this route. Hosting and maintaining your own tools can often have a higher initial and/or ongoing cost, depending on what financial value you assign to data privacy. Sometimes the privacy and security tradeoffs that come with using a third-party service are well worth it.
Still interested in options for using the cloud without giving up control over your data? Read on.
Email and Calendar Sharing
Need a powerful, free email account? Need robust calendar management and sharing capabilities? Everybody uses Gmail and Google Calendar, so just sign up for an account there, right? Unless you don't want Google having access to all of your email communications and usage patterns, and potentially sharing that information with advertisers, government agencies or other entities.
Continue reading Use the cloud, keep control of your data
If you own an ASUS router and you brick it while trying to upgrade the firmware or some other action, you'll probably find documentation saying you need to run a Windows-only firmware restoration program to undo this damage.
While this is apparently the only officially supported method for restoring firmware (the alternative being to ship the router to ASUS for repair, a 10+ day process), I found with some exploring that the Windows program is likely just a glorified tftp client, and that you can restore firmware using some more standard, non-Windows tools.
I'm listing below the steps I had to use today after trying to upgrade my RT-AC66U device from firmware version 184.108.40.206.266 to 220.127.116.11.270. (The release notes for the latter indicate a fix for a "live update related bug" which is what I suspect I encountered when I first tried to do the upgrade via the web GUI.)
I'm a Mac user, but these steps should work for other non-Windows operating systems such as Linux. It hopefully goes without saying that you should follow these steps at your own risk, and I make no claims or warranty about the outcome; you could end up worse off than you are now. You could set your router on fire. You could end up killing another version of yourself living in an alternate universe. Be careful.
Continue reading Recovering ASUS router firmware without Windows
I come to you today a recovering password management hypocrite.
I have over 190 accounts and logins for which a password or PIN is a part of my access: website tools, online banking, social media, email, internal company tools at Summersault, and so on. I used to pretend that I was maintaining the security of these accounts by having a reasonably strong set of passwords that I re-used across multiple sites, sometimes with variations that I thought made them less likely to be broken into if someone did happen to compromise one of my accounts.
But as I prepared to give a talk in December about email privacy and security issues, and really stepped back to look at my own password management scheme, I realized just how much pretending I'd been doing, and just how vulnerable I was making myself to the increasingly well-equipped and highly-automated attempts at compromising accounts, stealing identities and stealing funds that are being launched every day. I went and tested some of my passwords at the Password Strength Checker, and I was ashamed. The potential impact of this really hit home as I read Mat Honan's personal tale of woe and his follow-up piece Kill the Password in Wired magazine. Add in Passwords Under Assault from ArsTechnica and you'll be shaking in your boots.
So I decided that I was not going to be that guy who goes around telling people about how vulnerable they are with their simplistic password schemes while quietly living a lie in my own password management scheme. I might still be hacked some day, but I would not be found giving some teary-eyed interview to Oprah where I whined about how the pressure of the 190 accounts to manage just got to be too much and how I knew using a simple dictionary word plus a series of sequential numbers was wrong but I still didn't do the right thing.
That's when I found 1Password from AgileBits, a password management tool that alleviates the horrors of password management.
Continue reading 1Password alleviates the horrors of password management
Two years ago I compared Notifo and Prowl as tools for sending custom push notifications to your mobile devices. I ended up relying on Notifo quite a bit to send me mobile alerts about certain kinds of events that I might not otherwise notice right away - email messages from certain people, some kinds of calls or voicemails at my office, certain messages meant for me in the office chat room, etc.
(You might think all that alerting would get obnoxious, but having these notifications sent to me according to my preferences has meant I'm less likely to obsessively check email or other digital inboxes for something important I might be missing. The good/important stuff gets to me fast, the rest waits for me to view it at my convenience.)
In September 2011, the creator of Notifo announced that he would be shutting down the service. It's continued to mostly work since then without his intervention (a testament to the self-sufficient nature of what he created), but in the last few weeks I've seen increasing errors or delays in getting messages through, so I went in search of alternatives to Notifo.
Today I found Pushover, a really simple but elegantly done service that offers all the features I want.
Continue reading Replacing Notifo with Pushover