WordPress Configuration for Security

WordPress security is important. Because of WordPress’ popularity, because it IS A GREAT PRODUCT, it is also targeted more than any other CMS on the web.

What to do? Let’s keep it simple and look at three easy things you can do in less than 5 minutes to increase your security.

  1. Install Jetpack from WordPress https://wordpress.org/plugins/jetpack/ and then remove all of the other individual plugins that overlap with the functionality of Jetpack.
  2. Make sure your wordpress site is set to automatically update to the latest version
  3. DELETE any non-active plug-in and any non-active theme from your site.
secure your wordpress site
3 easy things to secure your wordpress site

To up your game a bit I would add a few more items as “highly recommended”

  1. Test your site now with Securi’s free scanner https://sitecheck.sucuri.net/ and maybe consider purchasing one of their security plans https://sucuri.net/website-antivirus/signup
  2. Install an SSL certificate on your web site. These can be purchased from a number of sources like godaddy, free but short lived ones are available from letsencrypt. Or you can get really serious about it and work with a security professional like my friend Jason Palmer http://www.jasonpalmer.com/ .

Data on why you need to secure your site from the Securi blog at https://sucuri.net/website-security/website-hacked-report . Some graphical excerpts below:

securi-website-hack-report-q1-2016

not-patching-causes-most-infections

Security starts with the basics – use good passwords, use muti-factor authentication, keep your software up to date and have a plan in place to restore backups.

Why Tendenci Chose Python over PHP

This blog is a WordPress blog written in PHP. And WordPress, when secured properly, is a great platform.

So why did our team choose to rewrite Tendenci Open Source and in the Python Programming language? It is a question I get asked a lot. We’ve never been a company that likes to talk in the negative if at all possible, yet it is important to talk about the megatrends going on given we work with associations and nonprofits.

which_web_programming_language_is_the_most_secure_

Source: https://www.upguard.com/blog/which-web-programming-language-is-the-most-secure

security-report1

Source: http://info.whitehatsec.com/rs/whitehatsecurity/images/statsreport2014-20140410.pdf

security-report

Source: http://info.whitehatsec.com/rs/whitehatsecurity/images/statsreport2014-20140410.pdf

Popularity of a language is a trend, and what you want is as many developers familiar and liking the language of your open source project as possible. This means you have a better chance to have a secure web site and therefore a more secure future.

To be fair – as Disraeli said – “lies, damn lies and statistics” – so there is no one perfectly secure language any more than there is a perfectly “safe” hammer. There will always be operator error and programmers make mistakes.

So we’re not saying Python is perfect, and all of us have used most of the other languages on those charts at some point. We’re just saying we are pleased so many other programmers also like Python and Open Source. THAT is the best that can be done to secure your future online. Secure code that you can examine yourself and even host yourself!

.. A true veteran … 

“A true veteran might not agree with Colin Kaepernick, but a true veteran would fight to the death to protect his right to say what he believes.
You don’t like what Kaepernick has to say? Then prove him wrong, BE the nation he can respect.

It’s really just that simple.”

— Jim Wright

What is “x” competitor’s achilles heel?

tendenci-mobile-responsive-standard
In the course of owning a business you get a lot of phone calls from investors and venture capitalists. It’s a game, but a fair one if played correctly in that whatever your revenue, their criteria is just about twice yours. When we were 1M they were looking for 2M companies. When we were 2M they were looking for 3. When we were over 3 they were looking for 5, etc…. But they knew that when they contacted. So why?

Because knowledge is power. In an industry like membership management software there isn’t much transparency because so many companies are private. So they call. The calls are always polite. It’s important to remember they are frequently just due diligence by the firm as they negotiate to purchase a competitor in your space. Again, there is nothing wrong with this if knowledge is shared both ways.

Business Owner action item: as the business owner it’s up to you to ask the questions as well. Start with the simple stuff like “where do you see the industry going in 5 years?” etc. Trading information can be helpful, for both parties and if you are the smaller fish you better be more nimble anyway

How do most of the calls end? Typically the same and both parties knew it when the call started.

“well let’s stay in touch and touch base in a year.”

If you did your job and asked questions of them as well, then hey, that’s fair. In the VC world the “it’s not you, it’s me” breakup equivalent is “we are looking for someone a bit larger and with higher profits so call back”. But both parties knew that when the call started, it’s just the polite way to end the call. What highly profitable business owner wants to sell? Not many that I know of. It’s an attempt to be polite.

But, sometimes something interesting happens. Specifically I had someone ask me an interesting question recently about a competitor. It was a bit out of the blue which tells me it was on their to do list more than mine. The investor rep asked:

What do you see as company-x’s Achilles Heel besides being on the Microsoft platform?

I have to admit that I wasn’t expecting the question and I prefer to not say bad things about competitors. Usually they are good people trying hard in a competitive environment. We hang out together at NTEN, SXSW and for some of us OSCON. They really are good  people. So I didn’t answer the “Achilles Heel” question fully. This is me correcting the record.

Yes, they have a problem. Why? Because in one of my History classes while getting a BS in POLS from Texas A&M University we studied Carnegie Steel. Given I like history,  let’s look at it through the lens of “what would Andrew Carnegie do?”

In 1870 Carnegie decided that instead of being a “capitalist” with diversified interests he was going to be a steelman exclusively. Using his own capital, he erected his first blast furnace (to make pig iron) that year and the second in 1872. In 1873 he organized a Bessemer-steel rail company, a limited partnership. Depression had set in and would continue until 1879, but Carnegie persisted, using his own funds and getting local bank help. The first steel furnace at Braddock, Pa., began to roll rails in 1874. Carnegie continued building despite the depression—cutting prices, driving out competitors, shaking off faltering partners, plowing back earnings. In 1878 the company was capitalized at $1.25 million, of which Carnegie’s share was 59 percent; from these policies he never deviated. He took in new partners from his own “young men” (by 1900, he had 40); he never went public, capital being obtained from undivided profits (and in periods of stress, from local banks); and he kept on growing, horizontally and vertically, making heavy steel alone. From 1880 onward, Carnegie dominated the steel industry.

Still with me? Because from that dominance he sat at the top of the food chain. And then inexplicably they poked him. Why? WTF?

Carnegie had thought of selling out and retiring in 1889: his annual income was $2 million, and he wanted to cultivate his hobbies and develop the philanthropic program that was taking shape in his mind. But the threats that now came from the West as well as the East were too much for his fighting spirit and his sense of outrage, and he took the war into the enemy camp.

Sooooo… Carnegie then did NOT retire but rather took the fight to them. He took the fight to them with the advantages and business knowledge of his industry that he possessed. Now back to our story…

He (Carnegie) would not join their pools and cartels; moreover, he would invade their territories by making tubes, wire and nails, and hoop and cotton ties and by expanding his sales activities into the West. He ordered a new tube plant built on Lake Erie at Conneaut, which at the same time would be a great transportation center with harbors for boats to run to Chicago and a railroad to connect with Pittsburgh.

The competition surrendered, but at a much higher price than they would have otherwise.

Thus originated the U.S. Steel Corporation in 1901, through the work of J.P. Morgan. The point was to buy Carnegie off at his own price—as he was the only disturbing factor that held back “orderly markets and stable prices.” The Carnegie Company properties were purchased for almost $500 million (out of the total capitalization of the merger of $1.4 billion); Carnegie’s personal share was $225 million, which he insisted upon having in the corporation’s first-mortgage gold bonds. At last Carnegie was free to pursue his outside interests.

Why, how, could the competition have so badly misjudged things? They missed the megatrends/macroeconomics and underestimated their competitor. Realize one dollar of capital in the hands of experience is far more powerful than ten dollars in the hands of bankers.

It’s quite simple really. Carnegie had lowered his costs and built up his capital to the point that the competitor’s moves were an “event” and his response was simply a “choice”. A freaking choice. If that doesn’t make you nervous then I didn’t explain it well.

From the start Carnegie was willing to pay the price to win. Who knows, maybe he was just bored? Regardless the competition was in over their heads with a combined company run by bankers without the institutional knowledge of a steelman.

The bankers accepted their losses. But their misstep meant they paid a significant price for not researching the market, researching the trends, and especially for not understanding the machine Carnegie had built. It wasn’t just the capital, it was years of best practices developed by Frick and Carnegie that allowed him to win. A business is complex. Business practices are maintained by people, not Viseo flowcharts or Powerpoint.

Pick your fights.

Further – the only thing more complex than a business is communities of people like the open source community. You can’t buy them off or learn the social norms in a year or two.

[redacted]

Back to the phone call – in this case, the competitor the investor asked about is one we see occasionally in the sales process. They have some aggressive affiliates but I can’t say I’ve had a bad encounter with their CEO or one of their employees. So yes, I know them. I know how our product is differentiated with greater functionality. (having a better product does help – but they would say the same thing).

SWOT analysis if it got aggressive?

Well I can back into the competitors costs using the usual methods like salary survey sites and looking at their network. There are people who will research these things for a very reasonable price. Add to that the fact that they are proprietary AND require two year contracts just makes it easier. You wouldn’t want to sign your nonprofit up with a proprietary solution if you knew there was a better solution that was also open source, right? (data says 90% want use open source or “roll their own” – NTEN).

Maneuvering around their market positioning would be as strategically challenging as going around the Maginot line. Easy pickings – IF someone wanted a fight.

If this sounds arrogant, it isn’t. It is just me acknowledging how the future would put the very existence of our company in question if we hadn’t changed. I did what any self-aware responsible and knowledgeable CEO would do. We did a pivot. And WordPress and Drupal are great examples to follow.

The bigger question is why other leaders didn’t see open source coming?

Our competitive position – Tendenci has driven our costs down and gone open source in a group of competitors trapped with huge employee expenses, high proprietary licensing costs, shared servers which amplifies security risks, and constant turn over in their work force. Meanwhile hack attacks are sky rocketing and insurance and benefit costs climb.

Add to that programming isn’t something you can throw money at – it just takes time and adding more keyboard-monkeys just slows down the innovators.

To the person who asked the question – my answer is this:

Company X’s achilles heel is they exist at the whim of a better positioned open company with an aggressive strategy. You don’t have to win every prospect, you just have to force the competitor to sell below their cost. And wait.

The rest is details.

Tendenci will continue to rise because it is exactly what nonprofits and government agencies are asking for. Freedom. Respect. Dignity. Openness. Love.

Tools to help the cause first and our company second.

PS – if you are an investor in that company, don’t worry. I have no intention of implementing the above strategy right now as this is a case of “there is no spoon.” What is next is far more interesting to me. There is some amazing stuff on the horizon. I just wanted to come clean on how vulnerable some companies are. And yes, in a SWOT analysis or a prospectus, you should probably cross reference their technology with tech trends. I guess that is a question for the attorneys and IANAL.

A tribute to Stephanie Smither

smithersA tribute to Stephanie Smither who recently passed away. I met her doing volunteer photography over the years with the Orange Show and the Houston Art Car Parade. Normally I would say “we have lost a great one.” While that is be true, it seems far more appropriate to celebrate what she gave us when she was here. I’d rather say –

We have all gained and learned from Stephanie Smither. A person both kind and generous. A lady who was an example of how to carry yourself with grace but not be afraid to get your hands dirty building art and helping people. She had mettle. I am thankful for all she gave to Houston. A supporter of the arts in Houston, she was also a person you wanted to hang out with at the Orange Show Gala. She is a person who will be remembered for the good things she did. 

Yes Stephanie is leaving a great legacy in Smither Park.

smither-park-in-progress-schipul

As a photographer behind the lens, I can not say I knew her that well. My loss. Unless the saying “judge a person by their actions” is true. If so, then all of Houston knew her well. She even connected with my kids through Smither’s Park when we volunteered to do some aerial photography of the Orange Show when the Smither Park wall was first being built! She liked Oranges and Drones before drones were cool? Duuuuude.

smithers-drone-schipul-photos
Schipul Aerial photos of Smother’s Park at the Orange Show

I don’t think I ever saw Stephanie when she wasn’t smiling and laughing. I was usually hiding behind a camera lens, which sometimes is a great way to view the world if you are an active volunteer and have a history with an organization.

From the Chronicle:

About 400 people jammed the Menil Collection Thursday night to celebrate with donor Stephanie Smither the opening of an exhibition (As Essential as Dreams: Self-Taught Art from the Collection of Stephanie and John Smither) marking her gift of 50 important works of folk art to the museum.

Gift-from-Stephanie-and-John-Smither-to-Menil-Collection

Sunday morning, they were saddened by her death but also applauding her colorful life, lived passionately and well.

Smither, 75, died Saturday night at home in Houston, surrounded by her family. She had been in declining health since a double lung transplant two and a half years ago.

Paige Johnson, one of Smither’s three children, said her mother told doctors in January they needed to keep her alive until June 9 for the opening of the show, “As Essential as Dreams: Self-Taught Art from the Collection of Stephanie and John Smither.”

“It was her life’s dream to have her collection at the Menil, to have it recognized by such a beautiful and important museum,” Johnson said. (more)

From: http://www.legacy.com/obituaries/houstonchronicle/obituary.aspx?n=stephanie-smithers&pid=180330773

Stephanie Kerr Smither    1941-2016

Stephanie Kerr Smither, “Nana” will be remembered for her beautiful smile, loving her family, the marriage to her childhood sweetheart, inventive cooking, and always being the last to leave the party! She surrounded herself friends and beautiful objects, was wildly adventurous, fun loving, gracious and a courageous lady. Nana will be remembered for her big hugs, which she gave generously. Nana passed away June 11, 2016 at home surrounded by family and wearing her favorite turquoise rings.

Stephanie was born in Jacksonville, Texas, to Frankie Zou Gaston and Stephen Austin (“S.A.”) Kerr, May 4, 1941. Raised in Huntsville, Texas where her parents founded Kerr’s Department Store; she spent her days helping to run the store with the daddy she loved. As a young girl she learned the piano, enjoyed baseball and fell in love with her childhood sweetheart – John Henderson Smither. Their favorite place to “park” was Pritchett Pasture, now Interstate 45, where she helped John feed his cattle. Her sister Zou said, “it is hard to remember her before John!” They married while students at the University of Texas at Austin. John was in law school while Stephanie taught at the Texas School for the Deaf. Upon graduation, they moved to Stuttgart, Germany with their two children where John served in the Army. These were fond memories traveling Europe, in their VW bug with kids in the back. They settled in Houston and raised three children. Stephanie was active in the Blue Bird Circle, The Houston Garden Club and Westminster United Methodist Church, though what she enjoyed most was staying at home supporting John and her children with their endeavors.

Stephanie, a “sophisticated hoarder” or (consummate collector), was always on the hunt for handmade and one-of-a-kind objects. She was known for her bright orange lipstick and big jewelry, without which she felt underdressed. She was also known for her creative tablescapes, beautiful penmanship, and famous Smither Salsa. With her East Texas accent, someone said, “Stephanie was the only person she knew who said ‘hush’ in four syllables”. At Christmas her house was filled with carved Santas, her tree covered in her handmade needlepoint angels and the smells of homemade fudge and peanut brittle on the stove. Nana stayed busy all year making the grandchildren’s Christmas stockings and their annual needlepoint ornaments.

She and John loved hosting dinner parties and she delighted in cooking scrumptious gourmet meals. They always ended the evening with Stephanie playing the piano barefoot while John and their beloved supper club of 50 years sang into the wee hours. Stephanie thought if people left her house before midnight it was a bad party!

Her favorite activities included cheering for her grandchildren at sporting events, being a “mean” liar’s dice player, taking her grandchildren to exotic places, playing Mah Jongg, and spending time with family and friends at Sunset Lake in Huntsville, Texas.
The family wishes to express their gratitude to her generous lung donor and his family, Houston Methodist Hospital, Dr. Scott Scheinin, Dr. Osama Gaber, Dr. Thomas Kaleekal, Sydney Bridges and the staff for their heroic effort over the last 2 ½ years. She was able to fulfill her lifetime dream of overseeing the creation of Smither Park, gifting her art to The Menil Collection and completing a documentary about her years as a collector of Visionary Art. In addition, she was honored as one of Houston’s 50 Most Influential Women of 2015 by Houston Woman Magazine and as the 2014 Texas Patron of the Year by Art League Houston.

We know Stephanie would also like to thank all the sweet supporters of Smither Park and the artists who were so dear to her. Thank you also to the staff at The Menil Collection who were so wonderful to work with on the current exhibition.

Stephanie felt blessed to spend her last two evenings at the celebration dinner and opening of her collection at The Menil. She was radiant and so touched by the public outpouring of support. Afterwards, family and friends returned to her home for her famous SmitherRitas. She had one last toast, retired to her room, and eased into her final slumber surrounded by family and friends with the joyous sounds of the party below.

She treasured her children and their spouses, John Kerr Smither, Ashley and Curt Langley, Paige and Todd Johnson, and her grandchildren who affectionately called her Nana: Amon Smither; Austin, Madison and Jack Langley; Wells, John David, Pierce, Hill and Blake Johnson; her sister and brother-in-law Zou Kerr and Boyd F. Cherry; sisters-in-law, Martha Smither and Trudie Smither, nieces and nephews, Robert Smither, III, Sallie Crotty, John J. Smither and Mary Kate Jefferies; great grand nieces and nephews Kate and Stephen Crotty and Cole Smither. She was preceded in death by her parents S.A. and Frankie Zou Kerr, her husband John H. Smither and two brothers-in-law Robert B. Smither, Jr. and Wilbur L. Smither, III.

The memorial service celebrating her life is Thursday, June 16th at 10 a.m. at St. Luke’s United Methodist Church, 3471 Westheimer Rd, Houston, Texas. The graveside service will be held at 5:00 p.m. in Oakwood Cemetery located at 9th Street and Martin Luther King Drive in Huntsville, Texas. It was Stephanie’s wish that everyone celebrate her life by wearing a bit of her favorite color, orange.

For those desiring, contributions in Stephanie’s memory may be made to: Houston Methodist Hospital Foundation, P. O. Box 4384, Houston, TX 77210-4384 (in honor of Dr. Scott Scheinin for transplant research; Nora’s Home for transplant patients and their families, 8300 El Rio St., Houston 77054 http://www.norashome.org, Smither Park, 2402 Munger, Houston, Texas 77004 http://orangeshow.org

Published in Houston Chronicle from June 15 to June 16, 2016

Here is to the power of the Orange Show, the people and the place, to bring people together. Thanks y’all. I’ll be back out there when I get a camera again.

orange-show-drone-photo-schipuls

My Final Thoughts – like so many other great people in Houston, I wish I had gotten the chance to truly know her beyond photography. Running into Stephanie, whatever the event from the Art Car Parade, to the Art Car Ball, to an Orange Show event or at an event commemorating her donations to create Smithers’ Park next to the Orange Show Monument. Smiling.

She was consistent – she was generous of her time and money, she was true to her word, and by God she loved the color Orange! And the color Orange not only looked great on Stephanie, I am quite sure it loved her back.

I predict Orange will be very big this fall.

#peace

 

Thank you Bruce Lee Williams – You Made a Difference

We lost a truly great person on May 22nd 2016 when Bruce Williams passed away in San Jose California. Bruce was just awesome. He personified the quiet leader who spoke with actions and few words. I learned a lot from the little time I was able to spend with him. And I’m grateful and humbled that he shared that time, wisdom, advice, humor and a beer with me.

bruce-lee-williams-office-of-silicon-valley

The backstory – our company’s employees are mostly in Houston, Austin and California. As a virtual company when you expand you still need a physical space to “go to” and to “meet” when you travel. Coffee shops only go so far. So when April Kyle expanded Tendenci west to California she carefully chose just such a place – The Office of Silicon Valley in Sunnyvale.

It is easy to think of an office as a physical place. But they are so much more. And this becomes even more important when physical interchanges between employees are fewer because we’ve moved to Zulip (or Slack) and online ticketing system, github, gitlab, redmine, tendenci (we use it ourselves too), gmail, skype and a few other open source tools that hold our company together. And trust me, you still need a few trusted physical spaces.

And if those physical locations are run by a trusted and wise elder who is humble but wise, then you have truly found a diamond.

That diamond – his name was Bruce Lee Williams and he was welcoming and supportive when we expanded to California far far beyond what any typical co-working space that I have experienced is like. His depth of knowledge was astounding as were his connections, but you only knew this if you asked him as he was respectful to everyone and sometimes entrepreneurs are too knuckle-headed to ask for advice. Luckily our team isn’t like that.

Bruce helped me personally in so many ways, sometimes in a 5 minute talk, sometimes giving me 2 hours of his time on the spur of the moment. That time had value, which he and I both knew and, well maybe I’m repeating myself, but this is a man I truly respected. He was the real deal and while the world may not know his name like they know Steve Jobs’ name, I assure you this humble man had as much impact on Silicon Valley over the years as anyone I can think of. He spoke softly. And people listened. I listened.

Bruce – I appreciate everything you did to help my team, to help us continue to grow Tendenci. I appreciate the meetings you set up for me on a moments notice when I flew into town unannounced. I appreciate that you let my team bring their dogs to work. I appreciate the epic ping pong battles and the creativity of your own company. You are missed. You are legend Sir. Legend!

From: http://www.darlingandfischerchapelofthehills.com/obituaries/Bruce-Lee-Williams-2842612690/#!/Obituary

bruce-lee-williams-office-of-silicon-valley

Obituary for Bruce Lee Williams

Bruce Williams passed away surrounded by loving family and friends on the evening of Sunday, May 22. Bruce fought a valiant fight against the ravages of pancreatic cancer for 18 months. He fought hard and with his typical upbeat and positive nature, more worried about how his disease was affecting others than himself.

Bruce was born in St. Charles, MO on July 7, 1950 to Frank and Gladys Williams. He graduated from William Jewel College in Liberty MO and served his country in the United States Navy during the Vietnam War.

In the early 1990’s he founded Westminster Promotions and was the driving force in its success. Surrounded by a dedicated group of individuals, Westminster is the quintessential small business where its employees are family and Bruce loved and valued them all.

Bruce truly was “one of a kind” and he “never met a stranger”. He had the unique ability to make those he came in contact with feel like they were the most important person in the room, and it was genuine – to him they were! He loved people and was interested in their lives, hopes and dreams. He never saw himself as a mentor and yet that is exactly what he was. He mentored so many people and led by example, demonstrating a determination to succeed, a loving heart and an unparalleled zest for life.

Bruce is survived by his loving and heartbroken wife, Kathryn Williams, his children Courtney Williams (Montique), Brian Brown (Kelly) and Matthew Brown (Kristin). He will miss the opportunity to watch his six grandchildren grow and thrive under the legacy he leaves – Jaelyn, Nate, Evelyn, Nora, Landon and Ethan. He will be missed by the “sister he never had” Diana Elizondo and brother-in-law, Larry Elizondo. He is survived by his brother Doug Williams (Elma), and loving nieces, nephews and their families. And finally he leaves behind the friends who weren’t related by blood, but by love, and were considered family members – you know who you are. He was pre-deceased by his brother Frank and they are probably up there somewhere sharing a thermos of gin and tonics and shooting a round of golf.

A Celebration of Life, followed by a party he Bruce would have loved, will be held on June 4th at 3:30 at the Williams’ home, located at 20890 Hidden View Lane in Saratoga. Because parking is extremely limited, a shuttle will be provided from Saratoga Elementary School, 14592 Oak St. Saratoga, beginning at 2:30. Return shuttle will be provided until 7:30.

Donations in Bruce’s name may be sent to The Helen Diller Family Cancer Center at UCSF.

——————-

From his bio on his company’s site at: http://westminsterpromotions.com/about/bruce-williams

bruce-williams

Bruce Williams

Founder, Westminster Promotions

As founder and CEO, Bruce has consistently led the company for the past two decades with vision and purpose.  His keen eye for talent has allowed him to assemble a strong group of professionals who exhibit their considerable skills to insure the client is highly satisfied with the end result.  His extensive background in sales has provided him with the ability to clearly understand the needs of the client and to guide them to the best solution.  Bruce brings exuberance and passion to the job and coupled with the seniority and wisdom of a Silicon Valley veteran, that makes for an unbeatable combination.  Clients have included AT&T Labs, TiVo, PalmSource, NetApp, National Semiconductor and many other Silicon Valley heavy hitters.

Mentor

With many years of experience, who better to guide this team of creative professionals?  Our fearless leader is in the office every morning by 7:00 and doesn’t leave until the job is done and done right.  Need advice?  Call Bruce.  Don’t understand a business acronym someone just threw at you?  Call Bruce.  Need a laugh?  Call Bruce.  There’s a reason the name Bruce is nearly always associated with “The Boss”.

Weekend Warrior

When he is not in the office you can find him wrangling his small herd of grandbabies or perhaps poolside playing bartender.  Bruce is ever the gracious host and makes a mean Cosmo although recently he’s been dabbling in the world of Margaritas.  He plays just as hard as he works and we love him for it.

I have no doubt this post does not give proper credit to the amazing man that Bruce was. Bruce was not only humble and very influential, but also quiet like many of us. He didn’t share his troubles and his passing caught me off guard. All I can say is, and I think he would agree with this statement, great people are all around you. Hug them now because life is short.

I am thankful for your positive influence on my life and for the help you went above and beyond on for our company. You rock Bruce. And you are truly missed already.

In closing, all I can say is what Bruce would say. GO SHARKS!!!!!

go-sharks

Win one for the Gipper y’all.

PS – once the Sharks win their first NHL Championship, which I guarantee Bruce is watching right now, then the ping-pong leader board in Heaven will have a new competitor. A soft-spoken, strong competitor and leader.  Rock on Bruce. Rock on.

don’t use .local as an internal TLD

As this VMWare security advisory reminds us, buy a valid top level domain name for use as your internal DNS name resolution to avoid a future TLD being issued which might allow MITM or DNS poisoning attacks. Examples to definitely not use are .dev and .local which directly contradicts years of best practices. Although .localhost seems to still be OK

Via https://isc.sans.edu/ which links to https://isc.sans.edu/forums/diary/Stop+Using+internal+Top+Level+Domain+Names/21095/ . Note the VMWare advisory isn’t zero day technically but it was released today May 25 2016 if you are unsure of the relevance and ongoing threat.

So what is the best practice for internal network routing? Reasonably I suspect .priv .localhost and .local may be safe for a while but they are not best practice. From wikipedia:

https://en.wikipedia.org/wiki/.local

We recommend that you register DNS names for the top-most internal and external DNS namespaces with an Internet registrar.

Major take away – subscribe or at least check the Internet Storm Center’s site on a regular basis. https://isc.sans.edu/

Lastly note the anemic list of reserved TLDs from the RFC.  https://tools.ietf.org/html/rfc2606

                   .test
                .example
                .invalid
              .localhost

Note that none of those make sense to any experienced devops or a client. So you’d have to map them to a valid TLD regardless as a client can’t grok that .test will be remapped to .com on golive. Just one more thing about the Internet that is broken IMHO.

We are the refugees. And why are there Nike’s on your doorstep?

The refugees are us.

We in America do not have a spotless history or a moral fall back to point to manifest destiny as a justification for our historical actions. Nor can we claim they are purely in the past given the racist and misogynistic vitriol of the current election season. In 2016 we still see these words and actions come up. As Passover is upon us, it is clear we have reached a physical place of bounty, but not, regardless of beliefs, achieved

As described by Wikipedia:

So when Jews retell that story at the first night’s traditional festive Seder, “these are not ancient, crumbling dusty issues that don’t have relevance today,” says Rabbi Eric Greenberg, a spokesman for the Multifaith Alliance for Syrian Refugees. “We can see this is actually happening now to many people, including the Syrian refugees.”

It’s a connection that resonates for Shadi Martini, 44, himself a Muslim Syrian refugee who now lives in Farmington Hills, Mich. A hospital manager in Syria, he had to start over after leaving in 2012. In the U.S., he began supplying humanitarian and medical supplies to those in need in Syria.

“We worked with everyone who offered help, and some NGOs were from Israel, and that was a big surprise,” says Martini, who is currently senior Syria adviser for the Multifaith Alliance. In Syria, which is in ongoing conflict with Israel and today has only a tiny Jewish population, he had no exposure to Jews. It was also a surprise to learn that welcoming and coming to the aid of the stranger “was a pillar of the Jewish faith,” he says.

Rev. Channing E. Phillips, (left) Rabbi Arthur Waskow, and Topper Carew on April 4, 1969, the night of the first Freedom Seder.

In Freedom Seder, Jews And African-Americans Built A Tradition Together

The connections between the journey of the ancient Israelites and of refugees today are being emphasized in online readings from American Jewish World Service, whose mission is to end poverty and promote human rights in the developing world, and HIAS, formerly known as the Hebrew Immigrant Aid Society, a nonprofit that focuses on protecting and aiding refugees around the world.

Since the Seder is famous for promoting discussion, including the four questions, it was natural to ask four questions for 2016.

Why should we add readings?

Because the stories of today’s refugees echo the long history of Jewish stories of being expelled throughout history, says Ruth Messinger, president of AJWS. That history includes being forced from Spain in 1492 and from Nazi Europe in the 1930s. All these instances, past and present, have to do with “individuals and groups asserting their rights to be and live where they are” and remind us of times and places “where the government is saying we will deprive you of the rights that other people in this country have.” When the Haggadah, the text that is read at the Seder, instructs us to remember that we were strangers in a strange land, she says, that means it is “our responsibility” to reach out to refugees in need.

What are the modern-day plagues?

The Haggadah lists the 10 plagues visited upon Egypt as the Pharaoh refuses again and again to let the Israelites go. To provide insight into what displacement means today, the HIAS supplement lists “10 Plagues Facing Refugees in the U.S. and Worldwide.” The list — which includes violence, dangerous journeys, poverty, lack of access to education, anti-refugee legislation and loss of family — is accompanied by facts and figures.

Have we done enough?

Another seder favorite is the song Dayenu, whose refrain proclaims that any single one of the miracles that led, step by step, to the exodus would have been dayenu — Hebrew for “enough.” “It’s a great lyric” that speaks of gratitude and appreciation, says Messinger. The AJWS version provides a different twist, which acknowledges that in addition to appreciating what is being done, there is still more work ahead. One verse goes, in part:

If the world responds only to the cries of the wounded, but does not stay to help them heal…
It will not be enough.

However, if we sustain our support until stability, peace and independence have been attained…Dayenu! Then it will be enough.

Why is there a pair of Nikes on your doorstep?

In a new ritual, HIAS asks Seder participants “to place a pair of shoes on the doorstep of your home to acknowledge that none of us is free until all of us are free and to pledge to stand in support of welcoming those who do not have a place to call home.” This acknowledges that “we have stood in the shoes of refugees, and as we’re celebrating our freedom we are committing to stand with today’s refugees, and take a stand,” says Rabbi Jennie Rosenn, vice president of community engagement at HIAS. You can choose your own moment to place shoes at the door, but one possibility is at the Haggadah passage that reads, “My father was a wandering Aramean.” This suggests “the essence of the Jewish experience: a rootless people who have fled persecution time and time again,” says the HIAS supplement. “When we recite these words, we acknowledge that we have stood in the shoes of the refugee.”

Upgrade Linux kernel on Ubuntu 14.04.3 to Mainline v4.3.4-wily

linux
The Linux Foundation

Upgrade Ubuntu 14.04 LTS to the newest kernel just in case you want to play with later versions of Dockers or systemd on an LTS release.

DISCLAIMER – MESSING WITH THE KERNEL CAN BE BAD. RUN YOUR BACKUPS AND SNAPSHOTS AND DON’T PLAY WITH LIVE AMMO!

Step 1 – First check “kernel.ubuntu.com/~kernel-ppa/mainline” to find out the current mainline kernel. As I type this it is 4.3.4 but you may not want to copy and paste these as it has probably changed by the time you read this. It is software, right?

sudo su
 mkdir -p /home/ubuntu/kernels
 cd /home/ubuntu/kernels/
 wget kernel.ubuntu.com/~kernel-ppa/mainline/v4.3.4-wily/linux-headers-4.3.4-040304_4.3.4-040304.201601230132_all.deb
 wget kernel.ubuntu.com/~kernel-ppa/mainline/v4.3.4-wily/linux-headers-4.3.4-040304-generic_4.3.4-040304.201601230132_amd64.deb
 wget kernel.ubuntu.com/~kernel-ppa/mainline/v4.3.4-wily/linux-image-4.3.4-040304-generic_4.3.4-040304.201601230132_amd64.deb

sudo dpkg -i linux-headers-4.3.4*.deb linux-image-4.3.4*.deb
 sudo reboot

NOTE: I have hit an error on this upgrade several times similar to this:

Errors were encountered while processing:
linux-headers-4.3.4-040304-generic

The fix was to run these

apt-get -f install
apt-get autoremove

Next you MUST REBOOT.  Then log back in and check what kernel you are running

uname -a

# from that you get a long string and in the string you should see something like this:

4.3.4-040304-generic

Keep googling for more, or duckduckgo-ing. My biggest advice would be to create a throw-away VM in the cloud to test this stuff. VMWare isn’t great for networking by “sox” imho.

Ubuntu Linux
Linux of the Ubuntu variant

Web Marketing, Sociology, Photography, Programming