the plural sector; rebalance

Each of us personally, and all of us together, require attention to three basic needs: protection, provided primarily by our governments; consumption, provided primarily by our businesses; and affiliation, found especially in our communities.

With regard to the last of these, between our individualized and collective natures, we are social beings who crave human relationships: we need to belong and identify, especially in a world of so much isolated individualism. Accordingly, a healthy society combines respected governments in the public sector, responsible businesses in the private sector, and robust communities in the plural sector. Weaken any one of these and a society falls out of balance.

and

If the private sector is about individual ownership and the public sector is about collective citizenship, then the plural sector is about shared communityship.16

CIVIL SOCIETY – Time for the Plural Sector, Henry Mintzberg

django errors using boot2docker tutorial

If you are doing the docker-compose / boot2docker tutorial on the docker site at:

https://docs.docker.com/compose/django/

There are a few typos and items that will stop you, at least on a Mac although I suspect they are an issue on a PC as well. These are my notes, out of context but hopefully they will help someone else having problems with errors and configuration of Django Dockers for their dev environment.

boot2docker up
docker-compose up
# the following line runs it in the background
docker-compose up -d
To connect the Docker client to the Docker daemon, please set:
 export DOCKER_HOST=tcp://192.168.59.103:2376
# this tells you your environment variables
docker-machine env
http://192.168.59.103:5000/
# The following is incorrect in the docs
docker-compose run web python composeexample/manage.py syncdb

Rough notes, but hopefully enough to help you google for more if you are hitting the same wall I did with boot2docker and docker-compose for Django.

Update: also helpfule https://github.com/ambitioninc/container-transform

block wordpress page comment spammers

Over the last week the linkback spammers of the universe have started targeting pages on this blog as well as a few friends blogs. So, here is how to stop comment spam on wordpress blog pages.

The issue – many themes don’t have an option to turn off comments on the edit page for “pages” in wordpress. But, using “quick edit” you can turn off comments for a given page. Thus to disable comments on pages you need to:

  1. Log into the admin interface
  2. Select “Pages” from the left hand menu
  3. Hover over the pages shown and select “Quick Edit”
  4. Clear the checkbox on the right hand side the says “Allow Comments” for each page on your site.
  5. Click “Update” to save your changes.

I suppose this is a bigger issue for people using WordPress “Pages” as their CMS rather than as a traditional blog. As for this blog, it required editing just a few pages to turn comments off. Hassle gone.

#goodLuck! #fightTheCommentSpammers

Source: https://wordpress.org/support/topic/disable-comments-on-pages-1

things changed between triple crowns

The digital divide is not only between the digital natives and the elders, between the digitally enhanced and the not, between the glassholes and the blind, but also over time. There is a time we cannot imagine anymore and those from the past could not imagine accurately the future. Hence our (my?) love of Steampunk, historical visions of the future (past).

american-pharoah-vs-secretariat-crowds

The big divide occurred when a third “item to be carried at all times” was introduced, an idea that I cannot properly attribute as it has sunk into our consciousness so deeply the origin is now a mystery.  The third item? The first two “items to be carried at all times” being (1) something of value (cash) and (2) a method of accessing something of value (key, credit card, secret code). Every human has had these two on their person at all times without fail since the great leap forward, to quote Guns, Germs and Steel.

Within 25 years it has changed entirely. Now we all have a third item. (3) Our communicator from Star Trek. We all carry a mobile device.

More importantly, these devices don’t just facilitate communication; they change how we interact at a systemic experiential level. We didn’t just watch American Pharoah (sic) win the Triple Crown, we recorded every second of American Pharoah trotting around Belmont Park. Because…

“If you don’t have a pic, it didn’t happen.” – anonymous

Further irony? Here in meta-meta-meta-land, I took a picture of the HD TV of people taking video and pictures as American Pharoah’s victorious Triple Crown bid was broadcast into my living room. Then combined it with an image from google image search on my mobile device while waiting at a restaurant. To capture the right image I used a Tivo (now a generic word like Kleenex) to rewind and jump forward prior to the start of the race for half of this cell-phone-crowd-picture I first posted on Instagram.

Here is to history and a wonderful victory for American Pharoah winning the triple crown after a 17 year drought. And here is to the amazing human which adapts and evolves in front of our eyes in real time. We don’t have hover-boards, but the revolution is here and indeed it will be televised; on periscope.tv.

Now get out there and record something and post it to prove it happened and let your devices consume you. Because that is the future. It’s your destiny kid.

boot2docker – simplify working with docker containers on a mac

/Geek Warning – all others flee and hide to avoid boredom./

Boot2Docker is a wrapper that makes working with dockers on a local computer just a bit easier.

That’s the goal. Keep it simple and it works. If we really want to keep it simple we now have kitematic to run docker containers with a GUI.

GUI for Docker Container Development
GUI for Docker Container Development

Plus people in programming mode sometimes get insecure and like to (seriously) debate Vi or Emacs as if those who don’t know it are of a lesser kind. I believe in letting compilers deal with my long select-case/kwargs/collections/dictionaries/whatever you want to call them. Thus I LOVE seeing tools that make programming EASIER. Especially visual ones even though I’m back to preferring the command line.

But back to boot2docker for working with containers locally. On a Mac, it’s nothing most of us haven’t done already with Virtual Box (free) or VMWare (not free but faster than VB) sharing a local folder into the VM. We all do this so we can use our dev tools without even more junk into the VM itself.

Number 1 reason to use it if you use a Mac? It doesn’t make me install homebrew (not a fan – sorry) and mess up the $PATH on my Macs. And Containers are just cleaner than virtualenvs as there are no dependencies, only attached containers. ‘Tis beautiful.

OK, the point of this post – if you are having any problems installing boot2docker on your Mac as I did, first it probably is NOT your fault. OK, well maybe it is because we all like bright shiny things and have a ton of junk installed. For me I would install it and it just would not start up. I found the documentation sort of glazed over a few things. So here you go.

  1. Upgrade to the latest Virtual Box BEFORE installing boot2docker. For me it just hung and didn’t give me a clue what the problem was. Do this first.
  2. Let b2d put its .pem and other keys where it wants to. You don’t need to even put these in your .ssh folder either.
  3. I did put it’s three environment variables in my bash because I’m lazy.
  4. You don’t have to sudo when you call “boot2docker up”. It doesn’t like that.
  5. You don’t have to make an entry in your /etc/hosts file for the dev server. Maybe more convenient but the IP works just as well.
  6. SSH – I made this waaaay 2 complex. it’s like vagrant. Just type “boot2docker up” followed by “boot2docker ssh” and you are in.

boot2docker-self-sufficient-runtime

Again – keep it simple and don’t make life complicated like I did. Install the boot2docker app for mac from the site. Install the package for Mac. Then from terminal:

boot2docker init

You only have to run that once. Then from anywhere:

boot2docker up
boot2docker ssh
exit
boot2docker down

Of course you might want to try out some of the exercises after the “boot2docker ssh” line when you are in the environment. Just trying to keep things simple, but no simpler than needed.

How do you know _____? I’m not always sure…. it just happens

Every year at SXSW I feel a little older. It doesn’t help that right before SXSW 2015, where it was my privilege to be a speaker for the third time at the Interactive festival, that twitter sent me a notice congratulating me on being on twitter for 8 years.

8 years on twitter. At least I don’t post photos of every piece of sushi I eat. Although I almost posted a photo of the biscuits-and-gravy I ate this morning. (Shut it – it’s called “carb’ing up” for tennis tomorrow.) Anyway it’s all a blur although I know I can blame Erica O’Grady for getting me on twitter for sure.

But the iphone. It was 2007. Kool Aid? Check. And well….. In Adam Tow’s photo I’m the guy with the brown shirt and arm raised on the left hand side at the back. Yup that’s me. I haven’t always had a beard.

When I heard about iphone dev camp, by rss feed of course, I was on an airplane. My first iphone was purchased by proxy by a great friend named Imelda who was willing to get me one on the first day given I was flying someplace else on the day they were released. We registered on a wiki because what could go wrong, right?

iphone dev camp 1 wiki 2007
iphone dev camp 1 wiki 2007

Screen Shot 2015-03-20 at 7.20.15 PM

In the end there I was at iphone dev camp 1 when apple didn’t even have an SDK yet. But I was there in San Francisco in 2007. Right after Adam took his photo I had to run around and take my own photo to post to my flickr set from iphone dev camp 2007.

When I got back to Houston I had a bunch of new friends and wound up presenting at Netsquared Houston on the iphone and the good the bad and the ugly. I’ve left the iphone, come back, left again, came back again and right now I really enjoy the camera on my iphone 6. In 2007 this was my presentation on the iphone at netsquared.

At SXSW this year I saw a lot of these folks, but not enough. It’s a marathon and not a race. Now I’m more excited about hexacopters, remote work environments, how best to give people meaningful work, create a great product, and keep our clients not just happy but evangelists. A lot has changed.

There are too many names to even begin to give credit to for these adventures and the fact that they have resulted in tangible benefits that went right back to our employees in profit sharing and training and benefits over the last 17 years since I started the company in 1997. Yet “I” didn’t start the company, I jumped off the cliff and my family and friends were like “well look what the hell he did now? Guess we gotta help him till he comes around.” And they did.

Here’s to the crazy ones.

Then. And now. Here is a humble thank you to those who keep us alive, pick us up when we fall, put up with us working three days straight without sleep when we get in the zone. And still love us.

Here’s to the ones who love and care for the crazy ones, because we are nothing without you. And I say that with the utmost humility. I am no Steve Jobs. I am not Rosa Parks. I’m a person who is terrified yet at the same time resolutely certain of the outcome.

“Remembering you are going to die, is the best way I know to avoid the trap of thinking you have something to lose. You re already naked. There is no reason not to follow your heart.” – Steve Jobs

“Stay hungry. Stay Foolish.”

Thank you. And thank you Steve for the inspiration….

In closing…. “Tendenci – we just want to change the world. What’s so hard about that?

#peace

Proprietary to Open Source: Giving Away Six Million Is Hard

I have the privilege of speaking at SXSW tomorrow morning at 9:30 AM. I first gave the talk on converting our software from proprietary to open source at SXSW V2V in 2014. While much of the message is the same, I’ve been through more, learned more, made even more mistakes and learned from them, and I’d love to help other leaders AVOID my mistakes.

Proprietary to OS: Giving Away Six Million Is Hard

http://schedule.sxsw.com/2015/events/event_IAP42324

GoingOs

The journey for Tendenci going to Open Source seemed like it was going to be simple. Nothing could be further from the truth. It was very hard, and a cost me a lot of relationships, friendships, employees whose potential I felt we hadn’t even begun to push yet. And as I type this Tendenci is emerging from a crisis with EOL (End of Life) for our old proprietary version – the last cord that needed to be cut. We just thought we would dictate the timeline when in fact that hasn’t been the case.

There is a huge gaping hole in the market for The Open Source Solution for Associations, non-profits and NGOs. Because internationally price is a very real issue and if we want to make change, there has to be a free option that is multi-lingual and multi-cultural and affordable. Yes there is still a TCO to FOSS software, but nothing like the costs of proprietary software. And in my opinion Linux is more secure than the competition which isn’t just a benefit, it is a crucial requirement if you are using the software open source in a different country that snoops on your communications.

You must control your data. And over the last several years we have seen our P&L dip negative for the first time and now slowly come back up into the black. And the trend continues as you simply can’t compete with passionate people working on a solution and sharing resources.

But my talk tomorrow is about the transition. What have I learned that I can help others with. That is my goal. To serve the audience. To help you be smarter than me when it comes to navigating through the transition. Because it isn’t “going open source”. It’s taking a “proprietary mindset” and changing it into an “open mindset” and that can, quite frankly, be terrifying to many of us.

And I’ll leave with a photo from Austin from last night as SXSW is many things, and one of them is beautiful. Hopefully my talk will add to everything that is sxsw as that is my goal. It’s corny, but I really do want to make the world a better place.

#peace

The Internet has Fundamentally Changed – Here’s One Partial Solution

This post is based on the premise that 1) we have a serious security problem on the Internet and 2) money is the only (unnecessary) barrier to solving a large portion of it.

The Problem

The Internet has fundamentally changed. It is so virus and malware infected that a normal human being can’t keep their own PC, Mac or Linux computer from being infected. In other words, the Internet is broken. And our devices don’t work if they aren’t connected to the Internet.

Screen Shot 2015-01-23 at 4.43.01 AMIt’s just not right. Why should you have to become a security expert? And it DOES NOT NEED TO BE THIS WAY. There is no need for this. The powers that be over the Internet are CHOOSING this and you are the victim.

The (Partial) Solution

We can’t fix it all, but what if we could stop the bleeding by even 50%? Or maybe 30%. Or even 10%. It’s a start. These are our neighbors, our family, our friends and they are being victimized by identity theft because, well, because they are human. Well, reduce the crime? WE CAN! We just have to encrypt everything. By doing so, a large portion of the problem goes away.

Will there still be break ins? Of course. Frequency however will be radically less and you are far less likely to be a victim.

Why? Because the weapons of cyber-warfare are now out in the open to be purchased for as little as $500 on the forums. People are desensitized to it all and now just accept it.

As a company that hosts web sites, here is what I know to be true.

  1. Clients will use weak passwords and we can’t audit that because WE encrypt the passwords in the database. So if a client uses “changeme” or “123456” of “washington” as their password we can’t see it, but when you login from the local hotel the wifi isn’t encrypted and bad guys can. We can’t detect or fix this because its encrypted on our side. But if you aren’t using SSL then it’s NOT encrypted when you send it over.
  2. Example top 100 passwords used on Adobe after they were hacked. http://stricture-group.com/files/adobe-top100.txt
  3. Clients and end users are faced with hundreds of passwords so they use the same passwords over and over. If someone gets one of your passwords, they effectively get everything.
  4. With the proliferation of Open Source, as Tendenci is, developers will deploy a site for you, give it to you, and leave it to you to maintain. So are you running your security updates? Because that is your responsibility now.

Why don’t people encrypt their web sites? Because there is a $50 to $500 a year fee. Plus a hidden cost of updating it every year and paying your hosting provider to install your SSL certificate so the real cost is more like $250 to $1,000 a year.

So why?

Generating a certificate takes one (1) line of code. ONE LINE! Hosting servers to verify the certificates does come at a cost, but so does DNS and it isn’t anywhere near as expensive. Generating a key is technically FREE. Here – go do it for yourself.

openssl genrsa -des3 -out server.key 1024

The certificate you just generated is called a self-signed certificate. So if you visit the site from IE you get a scary message that it can’t be verified. BUT if you visit a site with no encryption, oh, then IE is completely cool with that. Onward thus. Proceed into into unencrypted unsafe territory with abandon. Do you see the problem here?

So what’s the motive? Why? Because of the cash machine. The certificate authorities want to charge you for their certificate chain saying that you are legit. But GoDaddy charges $270 for a wildcard SSL? Or Network Solutions can offer the same wildcard ssl for $494 with a 5 year contract.

So I guess if you aren’t rich your voice isn’t as legit as someone else’s voice? The bottom line is the certificate authorities want your money. Now, DNS service providers usually charge 10 to 15 a year to resolve your domain name. Tell me again why an SSL certificate is $50 to $500 or it gives a browser warning that terrifies people? It’s not a new debate, it’s a license to print money that deters security on the Internet globally.

It’s just greed. But the cost is astronomical to the citizens of the world. It’s like a city not repairing roads and ignoring the cost the citizens bear fixing their cars which is so much more than the cost of filling potholes and installing stop signs. It’s pennies for lives. Hence, cities fix the roads (for the most part.)

What if we flipped it? Why don’t you have to pay $100 a year to NOT have your site encrypted? What if security was the default? What if encrypted email was 10$ a month but unencrypted email was 500$ a month? Would that get people attention?

We can self sign web sites and email ourselves. We don’t need no stinkin’ web authority to do it. It’s one line of code.

Oh wait. Stop. Idealistic guy trying to save the world with open source disclaimer. Why not? Because of the “man”.

The browser will give you a terrifying warning about that certificate not being “approved” and IE will flat out block it if you don’t pay up. No, you must pay “the man” which is in this case the Certificate Signing Authorities who are powerful enough to have their codes shipped with all of the web browsers. What would their cost be to include a public domain certificate authority, much like wikipedia is for information be? Um…. nothing. Zero. Nada. They just wouldn’t get a kick back.

It’s generating an “approved” key where the registrars make all of their money. It’s about the money. It’s greed. Even from foundations like Mozilla – they could easily solve this by endorsing a free and open certificate signing authority. They haven’t. I expect more from them. Some leadership in this would be nice. Where is Lessig on this? Why is there no outrage?

I’ll tell you why? Because it’s too geeky. Too technical. People zone out. zOMG, I like to create things. I bore myself talking about this crap. But it matters. Encrypt it all. Now. And do it for free. If my client buys a domain name why do I have to do ANYTHING to encrypt it? Don’t they deserve that? Should encryption be the default. I THINK SO. And I don’t think you should have to pay for it given it is as simple as DNS and could easily be included.

And yet the powers that be continue to be the “Certificate Authorities” and they continue to make money causing only 4 to 5 % of the web to be encrypted. So you and I continue to be the victim.

Please tell me someone out there is a little outraged by this? Not that I/we/you aren’t the problem as well…. read on …

To emphasize the point on weak passwords (again – this is YOUR responsibility, but irrelevant if on an unencrypted connection), these are the actual top 10 passwords used on Adobe logins (mind you this software costs thousands of dollars and this is the key to get it.) 1,911,938 of your fellow citizens chose “123456” as their password. Seriously. Another 345,834 people chose the password of …. wait for it …. “password.”

Rank	Count	Actual (no really) Passwords
---	-------	------------
1	1,911,938	123456
2	446,162	123456789
3	345,834	password
4	211,659	adobe123
5	201,580	12345678
6	130,832	qwerty
7	124,253	1234567
8	113,884	111111
9	83,411	photoshop
10	82,694	123123

One simple solution that would significantly reduce network attacks. Encrypt every site. At no cost beyond the price of the domain name. Make it easy. And free.

Dear non-technical people – please stay with me for a moment. I know I have to use a bit of geek speak but I want to try to explain the ruse that is being played on you. That it isn’t needed. That the cost of certificates is almost non-existent and you are the victims.

Encryption explained in one paragraph (simplified)

If I give you the number 21 and ask you what prime numbers divide into it besides 1, there is only one way to find out and that is to try every prime number. But if I give you 7 (my “public key”) and you can verify very quickly that it divides to a prime. That’s it.

Solution – every web site is encrypted with SSL by default and you have to pay extra to NOT encrypt your website. Done.

Obstacles – the companies that sell SSL certificates don’t want that. I pay $300/year for our wildcard certificate and what I am proposing is that they be given away for FREE TO EVERYONE WHO GETS A DOMAIN NAME.

Seriously, this isn’t a game people. YOU, as an individual need to not use dumb passwords. As programmers say, like it or not, “you can’t fix stupid.” Yet I do have sympathy given the average human has NO IDEA of the cyperwar that isnt pending, it’s happening NOW!
Screen Shot 2015-01-23 at 4.42.20 AM
Thus WE, all of us need to have everything encrypted end to end to avoid the obvious. Occam’s razor.

Web Marketing, Sociology, Photography, Programming