Tag Archives: web

Security Alert – iThemes account breach

TLDR: If you have an iThemes account (for “Backup Buddy,” “SecurityPro,” or their other plugins or themes), change your password now. If you use those same credentials at other sites, change those passwords now as well.

iThemes, a WordPress theme and plugin development company,  announced a security breach on Tuesday, and followed up with more details about that breach yesterday.

Continue reading Security Alert – iThemes account breach

Google Passwords Stolen!

Five million Gmail (and therefore Google Account!) passwords were stolen and posted online yesterday.

Use the site haveibeenpwned.com to check your passwords against this and other major breeches.

Protect yourself

This is a great time to update your password and enable two-factor authentication.

Also, if you don’t already do it, start using a password management system. I like using Keepass with DropBox (aff. link), but the most important thing is to start using long (like more than 17 characters!) passwords.

A Messy Breakup

It’s been a quiet, bitter fight, at least on my side of the fence. My friends either don’t know (well now they do…), or they make compassionate sounds while avoiding eye contact and tappy-tapping little notes to that bitch.

That vile, conniving, stalking, evil, self-centered, money-grubbing succubus of a mistress: Facebook.

Now let me tell you how I really feel:

Like all of these kinds of relationships, the golden overtones of early days faded into the hum of daily bustle. I sent small notes from time to time; she chattered about inane headlines that I just wouldn’t believe. I tried to catch up with my friends, but she wouldn’t let me go, instead trying to foist her pals on me.

We weren’t exactly happy, but we were making things work.

No longer.

She started telling me lies and screwing with my head; “Oh, my day was soooo bad and your friends are all depressed; How are you feeling?” And then, she issued an ultimatum. “You will do things my way, or I will cut you off.”

Anyone who knows me at all, knows that’s not the way to get me to play ball.

I moved out.

For the last six weeks, I’ve only seen Facebook when I can’t avoid her; mostly when one of you sends me a message through the FB interface.

For the foreseeable future, I’ll ask Facebook to let you know when I’ve updated my website, but that’s all I can stomach asking that fickle harlot for.

I look forward to the day I can put this nastiness behind me and even more so to sharing with you the name of a more more faithful, steadfast companion.

Until then, though, you can find me at my usual haunts:

Un-cool

I just checked on a site that I built — for free — for some friends who have a little non-profit organization they run. I redesigned their site from the ground up, I battled Yahoo! for six weeks to get their domain name released, I put the whole shootin’ match into a nice little CMS, and I hosted it for more than half a year, all for free, because they’re good people doing a good thing.

Except when they turn around try to screw me.

When I went to the site, I noticed that they had some other developer rebuild (again) their site. This hack person totally ripped off my design, put the site back in tables, and put his (?) name on it. At least it’s on his server. I’d like to send him (and CC my friends) a nasty-gram explaining in great detail what bad form it is to steal my work. I’d like to send my friends a slightly-less-nasty-gram asking them WTF?

I think I’m pissed off because I put a hell of a lot of time into this project, and to have this kind of outcome feels like I’ve totally failed. It feels like I’ve failed as a developer by making a site my clients (friends) weren’t happy with, and it feels like I failed as a friend by (apparently) screwing up what could have been a nice gift for them. I think the worst part is that they didn’t even bother to email or call me and say something like, “Gosh, aj, we really appreciate what you tried to do for us, but we’ve decided to go in a different direction. Thanks for all your work.” Even, “Man, aj, you suck! Go get a real job,” would have been better that the whole lot of nothing they gave me.

Any thoughts on how to approach this garbage?

NAGW Conference Roundup

Now that I’m back home, I figured I’d do a brief roundup of the NAGW conference, both for my own edification, and (supposing that Google will potentially work its connection magic in the fullness of time) potentially to help make future conferences better.

First, the good:
I had some totally awesome pre-conference sessions. The rapid prototyping session led by Marc Drummond was super-helpful and crammed with good ideas (even if I couldn’t remember his damn name for the first couple hours!). Bill Brown’s presentation on the Holier Grail was exactly how I like my technical sessions: hard-core, fast-paced, and full of useful information while leaving my brain feeling like deep-friend mush. Thanks and kudos to both of you!

The first day of the conference proper started out with a great opening keynote by Joe Rotella addressing the need to keep my sites’ users foremost in my mind while building my shiny toys. He also strongly suggested (is demanded too strong a word, Joe?) getting actual input from actual users, then following the time-honored creative writing tradition of Killing Our Babies (see I.6). After that, I went to a session led in part by Bruce Blood about the future of government websites. After framing the conversation, Bruce and his co-hosts turned the discussion over to the room. After an hour of give-and-take, the consensus was pretty much this: We all know how and (potentially) when to deploy all the cool tools out there; the sticking point comes with the legal aspects (particularly moderating comments vs. First Amendment protections).

We finished off day two with a trip out for pizza at dinner, then beer around the fire ring back by the pool, during both of which the discussions and stories flowed freely. Very cool!

You’ve (probably) already ready about the Day Two Debacle (below), and I don’t really have anything to add but this: That’s the way the ball bounces sometimes; you just get unlucky with the choices you make. Oh well…

On day three, I decided to bail right after a breakfast session of geeking out with a new friend about custom ROMs for smart phones. The closing keynote was about “What we can expect with IE 8.” Considering I spent about 90 minutes the previous night fighting (and losing) with my computer to remove IE 8 and return to a working IE 7 configuration, I fell like I have a pretty good idea of what to expect. And I’m glad I did get out of town, too, or I might still be down there, doing the breast stroke.

The real sum, though is my answer to the key question: Will I try to go next year? Answer: Hell, yes. Especially because we’re supposed to meet in Galveston. During the peak of hurricane season.

Fer cryin’ shame

Today was pretty much a total frickin’ waste at the NAGW convention. I actually got “shushed” (seriously) by an uptight woman at breakfast when I was in the middle of a conversation with someone else, I went to three sessions which featured:

  • “CuttingEdge.gov” presented by a CMS vendor who, in the first paragraph of his presentation, mentioned how his showcase site “has dropdown menus.” Pardon me while I pick my jaw off the ground…
  • “An Introduction to Adobe Flex” which featured the presenter giving us a blow-by-blow account of application development. As he did it on the screen. For an hour. Ugh.
  • And finally, just to make me wonder what planet the hotel elevator took me to today, there was the old lady from Texas who (sort of) gave a presentation about how to build a website for free because “I spent $39 on my site in the last three years.” Boy howdy, did you ever. My favorite quote from her presentation, though, was definitely, “My city ain’t gonna give me money to piss away on something just ’cause I don’t wanna do the work.” That would have been right before she regaled us about how she spent all this last summer picking up and dropping off some poor high school kid who volunteered to be her “intern.”

I had so frickin’ after that session that I went cross country, through some parking lots and through a stream of pissed-off Chicago rush-hour traffic to get me some Chipotle lovin’. And then I had a beer. And then I skipped the NAGW award banquet because, quite frankly, I don’t think I’d be good company tonight.
The part that really gets me, though, is that the previous two days were so damn good. I’ve had a really useful session on prototyping, a pretty damn hard-core four hours of css presented by a genuine guru, a really inspirational keynote address by Joe Rotella, and some awesome conversations about where government websites are headed and how they’re going to get there. I’ve been out for pizza and beer with some new friends, and had more beer around a (gas fed; for shame) fire ring.

Maybe those first two days just set the bar too high…

ChiTown

I’m in my hotel room in St. Charles, IL, working on upgrading an ecommerce cart for one of my clients tonight. The cool thing, though, is that I’m attending the annual conference of the National Association of Government Webmasters. It’s a great smallish, youngish organization that I’m proud to be part of.

And it’s fun to get to go on a road trip, too, even if my brain suffered a meltdown in a hell of a CSS session this afternoon, and I’m hittin’ it hard again tonight. It’s all good. Especially with a little Sierra Nevada Pale Ale in the fridge. Who knew Target was so well stocked? I just went for a belt…

My Technical Bookshelf

I’ve had a subscription (via work; thanks boss-man!) to O’Reilly’s Safari Bookshelf for a couple months now, and I’m starting to think that it’s one of the Best Things Ever. I can read (online) pretty much all the xhtml/css/flash/php/MySQL/security/programming/certification/business logic pr0n I could ever want right there.

While I’m pretty sure they don’t carry a lot of private label training/certification labels, and though it seems like some of the publishers involved (SitePoint, for sure) hold back a few of their publications, I can get both high and mid-level information about any technical (read: computer-related) subject I can think of. Most of the time, I’ve been able to find something to help me get down and dirty, when I need it, too.

So, to recap: Safari Bookshelf = sweet!

Just updated WordPress

I just made the leap into (semi) uncharted waters with a development version of WordPress. When I saw that the cool cats @ HappyCog did a reimagineering of the WP admin interface, naturally, I had to see what kind of candy was in the bag. There are some really nice bits and bobs: admin navigation, tool-tips, and some little ajaxy-features really make everything feel new again. I’d say “spring fresh,” but up here, spring means that when you slip on the ice, you fall in the mud. Fucking spring. :-/

My only real complaint is that the happycoggers picked an obnoxious color of light blue for the main boxes and bars. As far as complaints go, that’s not so bad. And besides, that’ll just give me a chance to dig into a little cog code to change things. And see how they did what they did. And learn something. So maybe I oughtta even be saying “thanks” for the blue.