In Houston the Coronavirus (COVID-19) response has been quite aggressive. And as the third largest metro area in the US, it should be. I get it. Mostly we are quarantined in place except for grocery store runs and emergency needs. (And we can walk the dog, but that’s about it.)
The paper section in the Walgreens across the street looks like this
This led to research on what we could do and turned up two interesting pieces of knowledge about the coronavirus.
A) How long is the coronavirus contagious or viable by surface. As in how long can it be there and still infect you?
plastic = 3 days
Stainless Steel = 3 days
Cardboard = 1 day
Copper = 4 hours
Airborne = 3 hours
They don’t mention wood, which maybe varies by paint, varnish, etc.
Copper is the winner. Cardboard three times better than stainless steel is bizarre as well.
Next up, if you can’t get a mask for when you do go out, how do other materials compare to a medical mask?
Clean vacuum cleaner bags were a close second to surgical masks, but in the end they conclude you can barely breath through them so use two cotton “tea towels.”
Thus began an insomnia driven test to try and create a coronavirus diy mask from a tea towel with no power tools. It started like this:
Then the build process using paper as my makeshift mold.
The Ghirardelli chocolate and wine are a tip of the hat to my friends in San Francisco on complete lockdown. Those aren’t technically necessary to make the DIY coronavirus mask, although they do help.
In the above photo the template is overlapping and kind of mushed into the real mask so I could get an idea of the shape of the masks. They are not circular because your face isn’t a flat circle either.
Then a whole bunch of adjustments and cuts happened at the fabric level during hand sewing. The SINGER iron stick is a temporary way to hold fabric together, but definitely not strong enough to be a permanent join. But it’ll hold it together long enough for you to stitch it up.
The straps on my version are the edges of the towel because I didn’t have any elastic bands that long, and if people in countries with limited supplies available, the straps seemed more realistic.
It’s hard to tell in the photo above but between the two layers there is a small wire bent to the approximate shape of the bridge of my nose just like the more flexible one that comes on the real masks.
And the final result
It looks amateurish, I look ridiculous, but it’s waaaaay better than taking the BARTT in SF and wondering if the person coughing is giving you an infection.
Update: I received some questions about what I used for the metal “nose bridge” so I’m adding further details.
For me (easier way below) I go by autozone at the end of a rainy day and pull the broken / discarded windshield wiper blades. If you rip them apart there are two thin, but very sturdy, pieces of metal attached to the rubber part. (they make great tension wrenches.) mine looks like this when sewn in place in between the two layers of the cotton kitchen towel.
Easier alternative: bend paperclips like this:
Pro tip: when I do a DIY project like this I usually hand sew them using dental floss. Yes “Dental Floss” because it’s always around and stronger than most threads.
Disclaimer: I’m a programmer and an established businessman with a long history of accomplishments and contributions to the global community. But mostly to America as that is where I am a proud citizen. I’m an independent because I grew up on Army bases throughout the world and in the Military (I have *not* served, my parents and brothers have), we were taught to NOT be partisan. TAMU reinforced that. It forces you to THINK. I’m not allowed to be a sheep to any cult on either side. And because I LOVE my country, that’s how I roll. Deal with it or stop reading. For reference, eschipul on linkedin
Let’s start with this. TheUS Senate is about to take away your Second Amendment rights to bear arms. Yes, read that again. We are going to lose our right to bear arms. Guaranteed.
Why? Because we can’t just pick and choose which parts of the Constitution we want to follow. Logically, if you do that, when a new “King” takes over, they will strike through the articles and amendments that THEY don’t like.
Yes, the “conservative” party (a misnomer as neither party is conservative or liberal if you actually read their party planks) is missing the fact that if you ignore the part of the Constitution at the request of one branch of the government, then ALL of the constitution is subject to dismissal by future Executive Branch leaders.
If this becomes true, which we all hopefully pray it doesn’t, we will have become either a monarchy, a dictatorship, or an autocracy. (Think Cuba under Castro.)
Let’s start with “Freedom of speech.” That means if I start a company, and grow a following in social media or whatever, I can express my opinion, right? So this is me saying that Dr. Martin Luther King Jr. personified the leadership I expect of my elected officials. And he wasn’t elected – he was a LEADER.
Was MLK a perfect man? Of course not. But daaaaaammmnnn, he was patriotic. He understood that strong resistance to social injustice is STRONGER when it is done PEACEFULLY. That is strength.
Dr. King’s actions, peaceful and strong, are what makes America great. Not the valuation of the top 1%’s investments.
The American experiment is about PEOPLE. You, me, all of us. Together. As RFK stated.
Yes, obviously we must stand with a strong military behind a voice of reason. But that amazing power requires rational leadership. And real power comes from truth. To find truth, in a country ruled by LAW, you can’t ignore subpoenas. The Mafia does that.
On this day, on Martin Luther King Jr. day 2020, we encourage everyone to read Dr. King’s speech.
That is the end of the post on blog.tendenci.com, the company blog. It also ran as the masthead on https://www.tendenci.com yesterday and was posted to all of our social media accounts.
As a true patriot and believer in the American dream, I must speak out as I see bipartisanship and an American public accepting the replacement of the K-street swamp be replaced by an even more corrupt corporate swamp of national intrigue. I’m disappointed in us.
What do I ask of you? I have no authority or ability to ask anything of you, except rationality.
Understand this: if the Senate ignores the facts, refuses to hear the facts, refuses to read the documents, not only will you lose your right to bear arms, but the very fabric of our country will be shredded and we will truly be subject to tyranny of the majority.
And being raised Catholic, people who were also persecuted in the global tragedy of WWII, American “dough-boys” who literally saved the world, will have succeeded only briefly. Only to see our rights thrown out the window by a reality TV personality.
In closing: to those who think I am “flip flopping” – I am not. The data has changed. Only a fool doesn’t change their views when their data changes. I don’t suffer fools. Nor should you. We will not only lose lose our 2nd Amendment right to bear arms, but the supposedly conservative party will have distorted the constitution to make all rights “questionable.”
** The great fool is he in whom we cannot tell which is the conscious and which the unconscious humour; we laugh with him and laugh at him at the same time.
We all know what cyrpto currency assets are at this point, but to correlate current events with the role of International Central Banks and International Trade is indeed complex. This presentation was for the Luxembourg American Chamber of Commerce in New York City. It does assume a baseline understanding of international finance and the role of Central Banks, Securities and International Trade.
Some highlight slides followed by the embedded presentation from slideshare. Note: these are NOT all of the slides from the presentation, so be sure to view the embedded presentation on cryptocurrency on linkedin.
The following slide is CRITICAL to understand the differences between how Central Banks functions versus how Cryptocurrency functions. Although people are working on options that reduce the all-or-nothing nature of the change. (see slidedeck for more)
OK, WHAT IS CRYPTOCURRENCY?! Speak English Please!? This is the way I try to explain cryptocurrency in plain language so that normal people can understand it. This is the simplified explanation of cryptocurrency:
Where does cryptocurrency come from and why should I care anyway? Let’s start with the “who makes this stuff?” question. Because that is the important part. It’s all about CONTROL.
The headline is ridiculous. But I couldn’t make this up in my wildest dreams. Yes, cryptocurrency, blockchain, and association management systems (AMS) are all interconnected. And the primary connection is Russia.
Stay with me for a second, get a cup of coffee, and read on.
First cryptocurrency isn’t a thing. It’s two parts. I try to explain cryptocurrency like this:
BlockChain = Clipboard with a piece of paper. You check stuff in and out until you are out of paper. Some clipboards have more sheets of paper than others.
Scarcity – Scarce object = some mathematically difficult to produce number. Or controlled by an authority like the Private Federal Reserve in the US.
Picture a clip board. And you are checking in and out some token. That token only has value if it delivers value. And the best way to determine that is really a classic economics popularity contest.
These are not tulips. Blockchain is a tech that will disrupt everything from how we do a Turn-Around at the Olefins units at LyondellBassell, to how BP manages wind farms, to how carfax will be disrupted by a VIN blockchain startup.
What does this have to do with Association Management Systems?
If you can’t access the code, self host if you want, and export ALL of your data when you want, well, why not? Why does anyone in the NonProfit / NPO / NGO / Association Management space tolerate that in 2018? It is 2018, right?
If you signed up with a company where the deal was “too good to be true”…. um…. ya, think that one through again. They have to pay people, so they are either funded by someone, or they are selling your data.
YOU are part of the problem with InfoWars and Propaganda in the US. (is that too blunt? Nope.) For example: Wild Apricot / Personify.
Americans of all ages, all stations of life, and all types of disposition are forever forming associations… In democratic countries knowledge of how to combine is the mother of all other forms of knowledge; on its progress depends that of all the others.
– Alexis de Tocqueville – Book Two, Chapter V. (source)
This may sound philosophical, and we’ve blogged about this before, but it’s important for associations to remember just how much power they have. And with power comes great responsibility.
YOUR ASSOCIATION IS A HACKER TARGET
Why? Because it’s logical.
If you were a dictator in a country that had sanctions against it, I dunno, maybe they didn’t allow US Companies to help you drill for your oil reserves and you lacked the technology to do it yourself, wouldn’t it make sense to go after an association of accomplished professionals in that area?
It sounds horrible, but it is logical in a Machiavellian kind of way.
A story for y’all. I was talking to a client who had a Tendenci Open Source AMS site for a group of students at universities in the liberal arts. He said
“nobody is going after English majors“.
“Oh really?” I asked.
Then I asked If any of his students attended X University (really I could have picked any University). He said “yes.” I pointed out that exact University also has extensive Chemistry, Energy and Engineering programs that do cutting edge work.
My point was if you can do spear phishing on a student to get closer to an Engineering Professor with expertise in Directional Drilling, wouldn’t Russia be interested in that? Would North Korea be interested in obtaining information on the latest tech in chemistry? Of course they would.
My point was simply that if you can infect the computer or phone of one student, any student, then you can get into the network. And then move laterally. You are in.
Again – to the POWER of ASSOCIATIONS:
Americans combine to give fêtes, found seminaries, build churches, distribute books, and send missionaries to the antipodes. Hospitals, prisons, and schools take shape in that way. Finally, if they want to proclaim a truth or propagate some feeling by the encouragement of a great example, they form an association. In every case, at the head of any new undertaking, where in France you would find the government or in England some territorial magnate, in the United States you are sure to find an association. I have come across several types of association in America of which, I confess, I had not previously the slightest conception, and I have often admired the extreme skill they show in proposing a common object for the exertions of very many and in inducing them voluntarily to pursue it.
– Alexis de Tocqueville – Book Two, Chapter V. (source)
This is not to scare users of any association management software. It is pointing out facts and hopefully increasing awareness among NGO technology professionals, association executives, association leadership and in fact (hopefully) the whole country, that there is a serious vulnerability if not addressed seriously.
Nov 8, 2017. From the Reuters article regarding former CEO of Yahoo Marissa Mayer’s testimony before Congress:
WASHINGTON (Reuters) – Former Yahoo Chief Executive Marissa Mayer apologized on Wednesday for two massive data breaches at the internet company, blaming Russian agents for at least one of them, at a hearing on the growing number of cyber attacks on major U.S. companies.
Having spent the majority of the last three years doing almost exclusively InfoSec and Security on the Tendenci SaaS Cloud, not by choice but out of necessity, I do feel a bit of vindication as they confirm the facts. This is DATA people. Not opinion. I see it every day.
Tendenci has always kept logs, but never before have we had to have three (and sometimes four) sets of logs kept in different locations. Log verification, audit, cross references, searching through millions of logs DAILY. Just the expense … it’s frustrating for us in the security community for several reasons:
We can’t talk fully openly about it for confidentiality reasons
We sound kra-kra.
When we do, everyone thinks we are crazy and it’s a conspiracy theory.
It turns out reality is like an idiom, what everyone initially thought was wrong and like so many other things, people get silenced. That shit Cray . Oh, and that reference doesn’t mean what you think it means either. Because Jay-Z is smart as f*ck and he is making a damn point.
All I can say is … what he said. Because THIS shit is Cray.
Growing Tendenci – The Open Source AMS, has been eye opening. I didn’t realize fully why our clients were constantly being attacked. Even behind all of our firewalls, scanners, ACLs, malware, rootkit detection, antivirus, third party scanners, multifactor, use of Honeypots, we don’t store credit cards, and then still even more custom security measures we’ve developed in house.
I mean seriously, it’s not like you’re going to scan a site we host and not have it logged and inspected and blocked aggressively when possible. Nothing is hack proof obviously. But our security practices are FAR beyond the norm.
I didn’t have the luxury of questioning the motive. We do.
When necessary, we have engaged authorities for assistance. So it was interesting to see this from former FBI Director James Comey’s testimony:
BURR: Okay. When did you become aware of the cyber intrusion?
COMEY: The first cyber — there was all kinds of cyber intrusions going on all the time. The first Russian-connected cyber intrusion I became aware of in the late summer of 2015.
BURR: And in that time frame, there were more than the DNC and the D triple C that were targets?
COMEY: Correct, a massive effort to target government and nongovernmental, near governmental agencies like nonprofits.
BURR: What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?
COMEY: It’s hundreds. I suppose it could be more than 1,000, but it’s at least hundreds.
Let me repeat that last part for emphasis in case anyone who works with Associations and Non Profits needs some ammo to take back to their board about why they can’t host for $10 a month on a cheap hosting site.
COMEY: The first cyber — there was all kinds of cyber intrusions going on all the time. The first Russian-connected cyber intrusion I became aware of in the late summer of 2015.
COMEY: Correct, a massive effort to target government and nongovernmental, near governmental agencies like nonprofits.
BURR: What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?
COMEY: It’s hundreds. I suppose it could be more than 1,000, but it’s at least hundreds.
Those words should weigh heavily on people in the NPO/NGO sector. It is worthy of mention to everyone using an AMS system. To be secure, you need to be able to inspect your own code if you host with us or somewhere else. Please do so with Tendenci at https://github.com/tendenci/tendenci/ . Security is a process, not a magic pill.
The motives for these attempted hacks are above my pay grade. Just know if you feel you are being targeted, well, it isn’t paranoia if they really are out to get you. And they really are out to get you.
And please don’t click that link in your email. Please. Just don’t do it.
Stay vigilant my friends.
PS – two other facts I can add. I can personally confirm it was in the hundreds just based on our client base. This does NOT mean they breached, but targeted? Yes. And second, by my estimations it started in earnest in 2013, not 2015.
PPS – and now we start the count down before they take my blog offline with DDOS again. Whoever “they” is. All I see is a matrix at this point… and I’m ok with that oddly enough. Because if the Zombie apocalypse is real in downtown SF, then everything else is possible too.
Disclaimer: This post is NOT about the President. Or about former FBI Director Comey’s testimony as it relates to our elected Zombies on both sides who vote party over the people they represent. No, this post is about a small part of Comey’s testimony that relates to Associations and Nonprofits. It applies if they use Tendenci or not. Whatever the motive of the Russian hackers, the fact is that associations and nonprofits are being singled out for attacks. This is a fact of your current reality.
In the course of owning a business you get a lot of phone calls from investors and venture capitalists. It’s a game, but a fair one if played correctly in that whatever your revenue, their criteria is just about twice yours. When we were 1M they were looking for 2M companies. When we were 2M they were looking for 3. When we were over 3 they were looking for 5, etc…. But they knew that when they contacted. So why?
Because knowledge is power. In an industry like membership management software there isn’t much transparency because so many companies are private. So they call. The calls are always polite. It’s important to remember they are frequently just due diligence by the firm as they negotiate to purchase a competitor in your space. Again, there is nothing wrong with this if knowledge is shared both ways.
Business Owner action item: as the business owner it’s up to you to ask the questions as well. Start with the simple stuff like “where do you see the industry going in 5 years?” etc. Trading information can be helpful, for both parties and if you are the smaller fish you better be more nimble anyway
How do most of the calls end? Typically the same and both parties knew it when the call started.
“well let’s stay in touch and touch base in a year.”
If you did your job and asked questions of them as well, then hey, that’s fair. In the VC world the “it’s not you, it’s me” breakup equivalent is “we are looking for someone a bit larger and with higher profits so call back”. But both parties knew that when the call started, it’s just the polite way to end the call. What highly profitable business owner wants to sell? Not many that I know of. It’s an attempt to be polite.
But, sometimes something interesting happens. Specifically I had someone ask me an interesting question recently about a competitor. It was a bit out of the blue which tells me it was on their to do list more than mine. The investor rep asked:
What do you see as company-x’s Achilles Heel besides being on the Microsoft platform?
I have to admit that I wasn’t expecting the question and I prefer to not say bad things about competitors. Usually they are good people trying hard in a competitive environment. We hang out together at NTEN, SXSW and for some of us OSCON. They really are good people. So I didn’t answer the “Achilles Heel” question fully. This is me correcting the record.
Yes, they have a problem. Why? Because in one of my History classes while getting a BS in POLS from Texas A&M University we studied Carnegie Steel. Given I like history, let’s look at it through the lens of “what would Andrew Carnegie do?”
In 1870 Carnegie decided that instead of being a “capitalist” with diversified interests he was going to be a steelman exclusively. Using his own capital, he erected his first blast furnace (to make pig iron) that year and the second in 1872. In 1873 he organized a Bessemer-steel rail company, a limited partnership. Depression had set in and would continue until 1879, but Carnegie persisted, using his own funds and getting local bank help. The first steel furnace at Braddock, Pa., began to roll rails in 1874. Carnegie continued building despite the depression—cutting prices, driving out competitors, shaking off faltering partners, plowing back earnings. In 1878 the company was capitalized at $1.25 million, of which Carnegie’s share was 59 percent; from these policies he never deviated. He took in new partners from his own “young men” (by 1900, he had 40); he never went public, capital being obtained from undivided profits (and in periods of stress, from local banks); and he kept on growing, horizontally and vertically, making heavy steel alone. From 1880 onward, Carnegie dominated the steel industry.
Still with me? Because from that dominance he sat at the top of the food chain. And then inexplicably they poked him. Why? WTF?
Carnegie had thought of selling out and retiring in 1889: his annual income was $2 million, and he wanted to cultivate his hobbies and develop the philanthropic program that was taking shape in his mind. But the threats that now came from the West as well as the East were too much for his fighting spirit and his sense of outrage, and he took the war into the enemy camp.
Sooooo… Carnegie then did NOT retire but rather took the fight to them. He took the fight to them with the advantages and business knowledge of his industry that he possessed. Now back to our story…
He (Carnegie) would not join their pools and cartels; moreover, he would invade their territories by making tubes, wire and nails, and hoop and cotton ties and by expanding his sales activities into the West. He ordered a new tube plant built on Lake Erie at Conneaut, which at the same time would be a great transportation center with harbors for boats to run to Chicago and a railroad to connect with Pittsburgh.
The competition surrendered, but at a much higher price than they would have otherwise.
Thus originated the U.S. Steel Corporation in 1901, through the work of J.P. Morgan. The point was to buy Carnegie off at his own price—as he was the only disturbing factor that held back “orderly markets and stable prices.” The Carnegie Company properties were purchased for almost $500 million (out of the total capitalization of the merger of $1.4 billion); Carnegie’s personal share was $225 million, which he insisted upon having in the corporation’s first-mortgage gold bonds. At last Carnegie was free to pursue his outside interests.
Why, how, could the competition have so badly misjudged things? They missed the megatrends/macroeconomics and underestimated their competitor. Realize one dollar of capital in the hands of experience is far more powerful than ten dollars in the hands of bankers.
It’s quite simple really. Carnegie had lowered his costs and built up his capital to the point that the competitor’s moves were an “event” and his response was simply a “choice”. A freaking choice. If that doesn’t make you nervous then I didn’t explain it well.
From the start Carnegie was willing to pay the price to win. Who knows, maybe he was just bored? Regardless the competition was in over their heads with a combined company run by bankers without the institutional knowledge of a steelman.
The bankers accepted their losses. But their misstep meant they paid a significant price for not researching the market, researching the trends, and especially for not understanding the machine Carnegie had built. It wasn’t just the capital, it was years of best practices developed by Frick and Carnegie that allowed him to win. A business is complex. Business practices are maintained by people, not Viseo flowcharts or Powerpoint.
Pick your fights.
Further – the only thing more complex than a business is communities of people like the open source community. You can’t buy them off or learn the social norms in a year or two.
Back to the phone call – in this case, the competitor the investor asked about is one we see occasionally in the sales process. They have some aggressive affiliates but I can’t say I’ve had a bad encounter with their CEO or one of their employees. So yes, I know them. I know how our product is differentiated with greater functionality. (having a better product does help – but they would say the same thing).
SWOT analysis if it got aggressive?
Well I can back into the competitors costs using the usual methods like salary survey sites and looking at their network. There are people who will research these things for a very reasonable price. Add to that the fact that they are proprietary AND require two year contracts just makes it easier. You wouldn’t want to sign your nonprofit up with a proprietary solution if you knew there was a better solution that was also open source, right? (data says 90% want use open source or “roll their own” – NTEN).
Maneuvering around their market positioning would be as strategically challenging as going around the Maginot line. Easy pickings – IF someone wanted a fight.
If this sounds arrogant, it isn’t. It is just me acknowledging how the future would put the very existence of our company in question if we hadn’t changed. I did what any self-aware responsible and knowledgeable CEO would do. We did a pivot. And WordPress and Drupal are great examples to follow.
The bigger question is why other leaders didn’t see open source coming?
Our competitive position – Tendenci has driven our costs down and gone open source in a group of competitors trapped with huge employee expenses, high proprietary licensing costs, shared servers which amplifies security risks, and constant turn over in their work force. Meanwhile hack attacks are sky rocketing and insurance and benefit costs climb.
Add to that programming isn’t something you can throw money at – it just takes time and adding more keyboard-monkeys just slows down the innovators.
To the person who asked the question – my answer is this:
Company X’s achilles heel is they exist at the whim of a better positioned open company with an aggressive strategy. You don’t have to win every prospect, you just have to force the competitor to sell below their cost. And wait.
The rest is details.
Tendenci will continue to rise because it is exactly what nonprofits and government agencies are asking for. Freedom. Respect. Dignity. Openness. Love.
Tools to help the cause first and our company second.
PS – if you are an investor in that company, don’t worry. I have no intention of implementing the above strategy right now as this is a case of “there is no spoon.” What is next is far more interesting to me. There is some amazing stuff on the horizon. I just wanted to come clean on how vulnerable some companies are. And yes, in a SWOT analysis or a prospectus, you should probably cross reference their technology with tech trends. I guess that is a question for the attorneys and IANAL.
IF IN A SERIOUS SITUATION – CALL 911 IMMEDIATELY. OR CALL A PROFESSIONAL SUICIDE HOTLINE LIKE (800) 273-8255
Yes I realize I’m in dangerous territory. But I’m also old enough to have seen depression turn people into drugged out zombies or some who have tragically committed suicide.
Yes in 2015 I’ve lost a few friends to suicide. More than a few if you count aquaintances. It seems like more than usual. Given Tendenci is open source and intended for nonprofits and cause based membership organizations, it should come as no surprise that I’ve proof read a lot of text on sites like our client
Just to repeat, this is a personal post on my personal blog. I repeat, I am not trained and am in no way qualified on this topic. I only know the devastation left behind when someone makes a decision to leave. They can call (800) 273-8255 and begin the process of healing.
You know what doesn’t work? Telling someone at risk “Hey, just cheer up buddy!” That is truly as stupid as telling an amputee “Just try harder buddy!” without giving them a prosthetic leg.
Don’t do that shit.
If you don’t understand depression is physical then you have never experienced depression. And that is your blessing. You are one of the lucky ones. Yet please read this as perhaps you can be a part of the solution without being an *^*&@@#!
Yes, I realize I’m selfishly upset about losing so many brilliant minds in the tech and entrepreneurial community to death these last few years, for whatever reason. And I understand why the newspaper doesn’t report on self-taken lives as that has been proven to increase tragic clusters. I get that.
Let’s be productive, OK?
If you have a friend or even an acquaintance that you are worried about, maybe taking action is the right thing to do. This depends on your relationship with them. And that is a definite “maybe”.
The Holidays Amplify Depression for Many People
If you have and urgent issue right now – do this:
Call the US suicide prevention hotline at (800) 273-8255 In Houston call (713) 468-5463
Why this post now? Well for whatever reason, depression is worsened for many during the holidays. Nobody has a solution for this.
But I can suggest spending time with that person. To just be with them. Or listen to them and if they say “no” then maybe the solution is to leave them the hell alone and everything will be cool. It’s an impossible balance, no that isn’t fair, nothing in life is fair. It’s all a gray area. Depression is definitely not fair either, so there is that.
MY UNPROFESSIONAL THOUGHTS THAT I HAVE SEEN HELP PEOPLE IN MY LIFE BUT MAY NOT APPLY TO YOUR SITUATION
Stay close to family and friends that you truly know and trust. If it’s your work-out friends at the gym, your weekly poker game, your church group, or even your local pub. Hang with the people who you know who you can trust to stand behind you.
Relatives – Don’t expect Santa to show up or your long lost family member to return. Be realistic and not overly optimistic.
My experience is fights between family tend to go up during the holidays between eggnog and family being together for the first time in a year. So don’t expect “White Christmas.” My family is more like an episode of Seinfeld or a Robert Earl Keen song
My family is a bit better than this video. But a few chords strike home. Worth a watch.
Robert Earl Keen song
OK, back to getting through the holidays for you and yours.
Volunteer – Give First
Volunteer to help others. This one is the one that helps me the most. Giving is the best gift you can receive. And yes picking up the neighbor’s paper counts. So does volunteering with the local homeless shelter or just walking the elderly neighbors dog. Ask the old Veteran down the street if he’d like you to fix his flag holder on his front porch.
Small things that reward you as well as the recipient. It ain’t about the stuff.
Call that coworker you know doesn’t have family in town and just say “Merry Christmas.” That’s it. Keep that shit simple.
Do something different, but not dangereous. Walk through the trails of that park you have been meaning to walk through for years. Adopt a pet. Put on those old shoes you are going to throw away anyway and walk into the marsh in Galveston just a little bit to see the fish. Then throw the shoes away.
Losing a Loved One During the Holidays
Losing a loved one during the holidays, as many of us have, simply causes us to think about them more.
So yes, definitely think about those you have lost, but try to find a way to think about the loving, funny and positive things that led you to love them in the first place.
When someone departs that’s beyond my pay grade and I’ll leave that to God. Remembering them with joy – I believe that is something we can all do.
Now, first I must confess that I have not achieved this goal.
But why oh why do we remember the date of our Father’s funeral but can’t tell you his birthday even faster?
“The Meaning of Life Conversations”
Your friends and family may want to have “The Meaning of Life Conversations.” As my friend says “Oy vey” you aren’t a trained counselor. Neither is anyone else after two glasses of wine. Listen if asked but think thrice before offering advice. If it’s serious, suggest they see a professional counselor. Keep an eye on your friends and call them a cab. Look out for one another but don’t try to solve it at the holiday party. If it’s that urgent, then both of you can leave the party in a cab and get a coffee at IHOP.
Family Gatherings – make something out of nothing. At a family holiday gathering in the mountains I once found a flat stone about the size of a saucer near the house. Brought it inside, cleaned it, and suggested all of the kids could use a sharpie and sign it so we could all remember that Christmas. It turned into a tradition. And I love that stone still displayed on our porch. It was genuine, beautiful, and it cost nothing.
Gifts? – I’ve given up on this one and unless I know, I either ask the person or ask their best friend. Or an Amazon gift card. If you’re low on cash, give away your airline miles. If you’re good with cars, give them a paper that says “one free car repair minus the cost of the parts.” Maybe just a Christmas card with the words “Love you” written by you.
Parties. For many of us these are terrifying. “zOMG, what is their name again?” But if you enjoy them, then go. If you don’t, then don’t go. Or go with a trusted wing-man/wing-woman who won’t abandon you. Stuck alone – pretend you have an urgent update to do on your phone and play a game. Fake it.
Photography at Parties – Yes be in the photos. Don’t make a scene. Do try to avoid holding a drink in your hand in the photos. Why? because if you are holding a drink and you blink when they take the photo you look hammered. Or you just learn to never blink.
Work & Entrepreneurs
Work – this varies. Some people like the time off completely. For me I use it to plan for next year while everyone else is napping. I just don’t talk about it with them. It’s just a great time to plan ways to help the ones you love by providing for them without the interruptions of the daily business.
Entrepreneurs and business owners don’t have work-life balance. They are planning like crazy, either on the web or in their brains. But they aren’t having the same thoughts you are going down the ski slopes in Aspen or putting together a 1000 piece puzzle of Santa.
Here is the deal, If you surround yourself with extreme risk-taking type A personalities, then don’t be surprised by their hard-wired risk-taking and constantly driven behavior. Huge victories followed by crushing defeats. Retreat into their cave to heal, and then for some dumb-ass reason go do it again. Entrepreneurs chose an activity with a 95% failure rate. The highs are very high and the lows are very low. Honestly I don’t know how you put up with us, but I do know I couldn’t live without you.
Trivial games – why not?
Play Cards – no, not Texas Hold’em. Ask your elders to teach you spades or bridge or spoons. There are games that aren’t as high stress as Risk or Chess that bring you together.
Penny Bags – over the year we collect pennies and we have a bag that they all get put in and all of the kids can reach in and take out as many as their hands can hold. It’s just fun. Sometimes the older kids will ask if they can pull for a younger and the younger one can pull for them. It’s cool.
Legacy and Meaning
This one I mean the most. Talk to your elders. And by “Talk” I really mean “Shut up and listen.” Example: Walk up to your Great Grandmother and ask her if it’s OK if you turn on “voice memo” on your iphone and ask her what it was like when cars were invented? What was your great grandfather like?
Treasure those memories. If appropriate post on www.geni.com so others will hear the wonderful and funny stories about the people that created you. It is a beautiful gift to future generations and my elders have always been honored when I truly want to listen to them. And I do. I wish I had done it more.
I’m sure this post is all over the place from an organizational perspective. From suicide prevention to how to navigating through the holidays for those with depression or memories of someone you lost in holidays past. I can’t help that.
But if you or a friend are feeling sad. Accepting one another, the hug, the love, the phone call, even a text message. These are beautiful things you can do for yourself and your friends and family.
I wish everyone a Merry Holiday Season. Let’s just look out for each other, call an Uber, call a Cab, call a crisis hotline, use your love for each other and your common sense.
Actual Emergency? Do one of these two things.
Call 911 US suicide prevention hotline at (800) 273-8255
This post is based on the premise that 1) we have a serious security problem on the Internet and 2) money is the only (unnecessary) barrier to solving a large portion of it.
The Internet has fundamentally changed. It is so virus and malware infected that a normal human being can’t keep their own PC, Mac or Linux computer from being infected. In other words, the Internet is broken. And our devices don’t work if they aren’t connected to the Internet.
It’s just not right. Why should you have to become a security expert? And it DOES NOT NEED TO BE THIS WAY. There is no need for this. The powers that be over the Internet are CHOOSING this and you are the victim.
The (Partial) Solution
We can’t fix it all, but what if we could stop the bleeding by even 50%? Or maybe 30%. Or even 10%. It’s a start. These are our neighbors, our family, our friends and they are being victimized by identity theft because, well, because they are human. Well, reduce the crime? WE CAN! We just have to encrypt everything. By doing so, a large portion of the problem goes away.
Will there still be break ins? Of course. Frequency however will be radically less and you are far less likely to be a victim.
Why? Because the weapons of cyber-warfare are now out in the open to be purchased for as little as $500 on the forums. People are desensitized to it all and now just accept it.
As a company that hosts web sites, here is what I know to be true.
Clients will use weak passwords and we can’t audit that because WE encrypt the passwords in the database. So if a client uses “changeme” or “123456” of “washington” as their password we can’t see it, but when you login from the local hotel the wifi isn’t encrypted and bad guys can. We can’t detect or fix this because its encrypted on our side. But if you aren’t using SSL then it’s NOT encrypted when you send it over.
Clients and end users are faced with hundreds of passwords so they use the same passwords over and over. If someone gets one of your passwords, they effectively get everything.
With the proliferation of Open Source, as Tendenciis, developers will deploy a site for you, give it to you, and leave it to you to maintain. So are you running your security updates? Because that is your responsibility now.
Why don’t people encrypt their web sites? Because there is a $50 to $500 a year fee. Plus a hidden cost of updating it every year and paying your hosting provider to install your SSL certificate so the real cost is more like $250 to $1,000 a year.
Generating a certificate takes one (1) line of code. ONE LINE! Hosting servers to verify the certificates does come at a cost, but so does DNS and it isn’t anywhere near as expensive. Generating a key is technically FREE. Here – go do it for yourself.
The certificate you just generated is called a self-signed certificate. So if you visit the site from IE you get a scary message that it can’t be verified. BUT if you visit a site with no encryption, oh, then IE is completely cool with that. Onward thus. Proceed into into unencrypted unsafe territory with abandon. Do you see the problem here?
It’s just greed. But the cost is astronomical to the citizens of the world. It’s like a city not repairing roads and ignoring the cost the citizens bear fixing their cars which is so much more than the cost of filling potholes and installing stop signs. It’s pennies for lives. Hence, cities fix the roads (for the most part.)
What if we flipped it? Why don’t you have to pay $100 a year to NOT have your site encrypted? What if security was the default? What if encrypted email was 10$ a month but unencrypted email was 500$ a month? Would that get people attention?
We can self sign web sites and email ourselves. We don’t need no stinkin’ web authority to do it. It’s one line of code.
Oh wait. Stop. Idealistic guy trying to save the world with open source disclaimer. Why not? Because of the “man”.
The browser will give you a terrifying warning about that certificate not being “approved” and IE will flat out block it if you don’t pay up. No, you must pay “the man” which is in this case the Certificate Signing Authorities who are powerful enough to have their codes shipped with all of the web browsers. What would their cost be to include a public domain certificate authority, much like wikipedia is for information be? Um…. nothing. Zero. Nada. They just wouldn’t get a kick back.
It’s generating an “approved” key where the registrars make all of their money. It’s about the money. It’s greed. Even from foundations like Mozilla – they could easily solve this by endorsing a free and open certificate signing authority. They haven’t. I expect more from them. Some leadership in this would be nice. Where is Lessig on this? Why is there no outrage?
I’ll tell you why? Because it’s too geeky. Too technical. People zone out. zOMG, I like to create things. I bore myself talking about this crap. But it matters. Encrypt it all. Now. And do it for free. If my client buys a domain name why do I have to do ANYTHING to encrypt it? Don’t they deserve that? Should encryption be the default. I THINK SO. And I don’t think you should have to pay for it given it is as simple as DNS and could easily be included.
And yet the powers that be continue to be the “Certificate Authorities” and they continue to make money causing only 4 to 5 % of the web to be encrypted. So you and I continue to be the victim.
Please tell me someone out there is a little outraged by this? Not that I/we/you aren’t the problem as well…. read on …
To emphasize the point on weak passwords (again – this is YOUR responsibility, but irrelevant if on an unencrypted connection), these are the actual top 10 passwords used on Adobe logins (mind you this software costs thousands of dollars and this is the key to get it.) 1,911,938 of your fellow citizens chose “123456” as their password. Seriously. Another 345,834 people chose the password of …. wait for it …. “password.”
One simple solution that would significantly reduce network attacks. Encrypt every site. At no cost beyond the price of the domain name. Make it easy. And free.
Dear non-technical people – please stay with me for a moment. I know I have to use a bit of geek speak but I want to try to explain the ruse that is being played on you. That it isn’t needed. That the cost of certificates is almost non-existent and you are the victims.
Encryption explained in one paragraph (simplified)
If I give you the number 21 and ask you what prime numbers divide into it besides 1, there is only one way to find out and that is to try every prime number. But if I give you 7 (my “public key”) and you can verify very quickly that it divides to a prime. That’s it.
Solution – every web site is encrypted with SSL by default and you have to pay extra to NOT encrypt your website. Done.
Obstacles – the companies that sell SSL certificates don’t want that. I pay $300/year for our wildcard certificate and what I am proposing is that they be given away for FREE TO EVERYONE WHO GETS A DOMAIN NAME.
Seriously, this isn’t a game people. YOU, as an individual need to not use dumb passwords. As programmers say, like it or not, “you can’t fix stupid.” Yet I do have sympathy given the average human has NO IDEA of the cyperwar that isnt pending, it’s happening NOW!
Thus WE, all of us need to have everything encrypted end to end to avoid the obvious. Occam’s razor.
Proprietary to Open Source: Giving Away $6M is Harder Than You Think
After 15 years running a successful business, Ed Schipul released the source code for his proprietary software, Tendenci, to the world. Foreseeing the impact the cloud, mobile, and GIS, Ed knew he had to change his business model or become irrelevant. Open source was the path to future sustainability and innovation.
There were however, seemingly insurmountable challenges. Tendenci 5, the first open source CMS platform for nonprofit organizations, had to be completely rewritten from .Net, ASP and SQL to Python, Django and PostgreSQL. From Github to cloud software, he had to choose all the tools to put in place to support his rewritten product and new architecture.
Lessons learned from the transition include the importance of testing and how to make your application’s architecture more scalable as well as what open source tools have proved to be most valuable. Ed will share his reasons for thinking that all of this is the best choice for both the product and the development community.
See more at: http://schedule.sxswv2v.com/events/event_V2VP29570#sthash.SM08HnZT.dpuf
After having recently moved google apps accounts from the domain schipul.com with an alias for our tendenci.com emails, to reverse it to be tendenci.com with aliases from the schipul.com domain, I wanted to help you avoid some pain.
First – there is no easy way to do this. There is a planning doc from google apps, but google apps and google analytics aren’t even on the same page. (Trust me, we got so frustrated that we finally conferenced google in with google and listened to two highly intelligent people contradict each other. #sigh).
I don’t intend this post to be a “how to migrate your google apps domain to a new one” but I can at least hopefully help you on a few particular items. Consider this a “stuff to look out for” post with the usual YMMV caveat.
There is no “switch” to change primary google apps domains.
As of January 2014, the only way to do it is to DELETE your primary domain and wait for google to “fully delete it” (whatever that means) and add it back to your new google apps domain. Probably best to keep a primary that isn’t on google.
Analytics is tied into a gmail, either gmail.com or google apps account. Given you probably don’t want to lose analytics and PPC for 1 to 5 days, move this one a week ahead of time at least. How? Get this.
—– to change google analytics master accounts you have to update each one individually. Really fun for an agency with a few hundred accounts under management. Thus DO THIS FIRST. If I could do it again I’d go with email@example.com and move everything over there instead of waiting out even the removal of an alias from the primary.
You have to remove the alias domain fully before you can add it as a new google apps domain. This includes removing it as an alias from deleted accounts, which requires restoring the account, removing the alias, deleting the old account again which resets the “up to a week to delete” clock for the deleted account. /~slams head on desk~/
Removing the alias domain is hard. Searching for the alias won’t show everything. you basically have to check every group, user, resource (shared calendars) etc to see if they have it as an alias. And they probably do because you set it to automatically add that alias to all resources in the domain like google prompts you to do.
First make a backup. More on that below. AFTER backing up the accounts, even if it doesn’t get docs and calendars etc, migrate. Well, sort of.
For us, we used backupify to move our google app accounts content
Side note I also used Backupify to backup my facebook pages before requesting a merge and that was also delayed. However, I believe Backupify rocks, but gmail and facebook don’t make it easy. I couldn’t find a better solution than backupify so they get a tip of the hat from me.
Back to backupify and google apps – it does NOT move the domain or create a new app account, it just moves “most” and “some” and “tries really hard” to move the data. Works fine for the young guns but if you have 15+years of emails it won’t move it all no matter how long you wait.
Out of sequence, but see the next post on backing up your google app emails for deleted accounts or your larger accounts as backupify can’t migrate those. You have to backup and restore. Or backup and don’t restore. A great chance to start over. See next post.
Some stats from the book Who Really Cares by Arthur C. Brooks:
Religion is the overwhelmingly dominant factor in predicting generosity “”religious liberals and religious conservatives are identical.
“Religious“ is defined by Brooks as individuals who attend worship service at least once a week (30% of the population) and;
“Secular“ is defined by Brooks as people either don’t believe in a deity, or attend a place of worship one or less times per year.
Religious people are 25% more likely to donate money than secular people
Religious people are 23% more likely to volunteer, and even within the population of people who volunteer, religious people devote twice as much time.
Conservative people give more money. Possibly a correlation as religious people are conservative.
Political Affiliation (e.g. Democrat vs Republican) itself isn’t the predictor.
I believe it is worth pointing out that the definitions of “Religious” and “Secular” are polarized on opposite ends of the spectrum. There are many who perhaps attend a religious service once a month who would not fit either category as defined by Brooks.
A little more than four years ago I wrote my first blog post. It was about the need for a form of Emergency RSS. We can share celebrity gossip headlines through feed readers faster than we could use technology to respond to a crisis. And this was an important point as I started blogging in 2005 right after and in response to a need to share after Hurricane Katrina. Crisis response and crisis communication has always been a passion of mine, and seeing our government’s mostly failed response in New Orleans compelled me to start blogging and contributing where I could.
Running the company I chose to stay in town during the Hurricane Rita evacuation. While Rita did not hit Houston, instead crushing the gulf coast near Beaumont with little news coverage in the wake of Katrina, we did learn from the Rita evacuation. We used a wiki page on Tendenci (our software) to track down all employees. Employees on the road, which for some of them was 10 to 20 hours during the evacuation, would text their manager’s who then updated the wiki to account for everyone. We quickly knew everyone was OK.
Then last year we prepared for Hurricane Ike which went over our town. When the storm hit the ONLY thing that worked was SMS messaging. No power, no water, no data, no TV. Just radio and text messaging. Luckily we had set up a product called Yammer, which is like Twitter for your company (and they have a business model) and we were able to keep in touch. Data services, which is what your cell phone depends on to get to web pages, went down. Voice went down. The only thing that allowed us to keep in touch with all of our employees and their families was text messaging sent directly and through Yammer.
We learned a lot about the role of tech in a crisis combined with human behavior. Example – an employee’s cell phone would die. They would use someone else’s cell to text a message to their manager saying “we are OK and staying near College Station”. Except that is ALL they would say. We didn’t recognize the number and had no idea WHO sent it! The solution was to train all of our people to put their NAMES at the end of each text message. Seems like a small thing. It is. But it makes it possible to do a head count!
Now I need your help. I’d like to continue the dialog on Social Media and Emergency Response. What IS the role of twitter beyond updates? What are the alternatives for Yammer? Is there a cost effective solution for businesses and families? We have come a long way, so let’s talk about it.
PLEASE VOTE AND COMMENT on this SXSW Panel I hope to moderate. Without your vote and your comments the panel might not make. And I believe in this topic too much to see that happen. Spare a minute? Please VOTE!
Are you and the people you care about prepared? Our panelists will share their crisis stories and tell you how to be ready, both online and offline. PFIF, Yammer, Facebook and iPhones ““ the technology and strategy is there and getting better, so let’s take it to the next level.
How does emergency response and communication relate to the Web? Do developers and small business owners really need to care about Crisis Communication?
How can our emergency teams (fire, ambulance, police, etc.) benefit from standardized data sharing? What can I do about it?
What does the rise of Mobile Web mean for the next natural disaster or other catastrophe?
What tools (Web, mobile and otherwise) are out there right now that my family, friends and company should be using now?
As a geek, what are 5 things you should do TODAY to keep your family safe and your business running when disaster strikes?
If practice makes perfect, what kind of drills and regular training should your business be doing right now that won’t break the bank or kill your billable hours?
What are some of the technical lessons we learned from Hurricane Katrina?
Tech and communication stories and lessons from Virginia Tech, Hurricane Ike and beyond…
What is a crisis to you and how do you strategically and technologically deal with it internally and for the rest of the world to see?
How can you best identify your strongest and most reliable communicators and rock stars during times of crisis? How do you deal with employees that book it and vendors that disappear?
Why am I doing this?
Well, it isn’t for business as I have no financial ties to yammer or twitter or any other messaging services. Tendenci is a content management system that powers associations and sites like the Houston Red Cross, but they are already customers. And ANY emergency response technology must be open source for maximum adoption long term. I just believe passionately in our need to share information and I think technology can help with crisis communication. Social media sites like Facebook and Twitter bring a lot to the table. If you, like me, are passionate about this, please vote for the panel “DON’T PANIC ““ The Geek’s Guide to the Next Big Crisis” and I hope to see you in Austin next March!
I hope to make it on Saturday and hope to see y’all there too! From the announcement:
And a special thanks to the party sponsors step up to offer things to donate and would love to show them some love, including Riazul Tequila, Sweet Leaf Tea, Saint Arnold, 29-95.com, Tacos A-go-go, Danton’s Gulf Coast Seafood, and Aztec Party & Tent Rental.
Don’t Fight It will DJ and the illustrious (you)genious will serve as MC.
Houston Green Scene will be providing the party favors: 2″ biodegradable peat pots with organic potting soil and planted daisy seeds.
Amerigo Bonasera sat in New York Criminal Court Number 3 and waited for justice; vengeance on the men who had so cruelly hurt his daughter, who had tried to dishonor her. (pg 3)
The two young men who did this were set free by a corrupt judge. Amerigo Bonasera, the Sicilian Undertaker, concludes “For justice we must go on our knees to Don Corleone.” The formal American system in this fictional book has failed our Undertaker. So he reaches out to the informal system in his community; Don Corleone. When they meet on the day of Corleone’s daughter’s funeral, a day “that by tradition no Sicilian can refuse a request” (pg 17), Amerigo asks the Godfather to have the men killed. Corleone refuses and rebukes Amerigo for basically being a rainy-day-friend. Corleone says:
“…until this day you never came to me for counsel or help. I can’t remember the last time you invited me to your house for coffee though my wife is godmother to your only child. Let us be frank. You spurned my friendship. You feared to be in my debt. … Now you come to me and say, ‘Don Corleone give me justice.'” (pg 21)
“Why do you fear to give your allegiance to me? … if you had come to me, my purse would have been yours. If you had come to me for justice those scum who ruined your daughter would be weeping bitter tears this day. If by some misfortune an honest man like yourself made enemies they would become my enemies” – the Don raised his finger pointing at Bonasera – “and then, believe me, they would fear you.”
“you shall have your justice. Some day, and that day may never come, I will call upon you to do me a service in return. Until that day, consider this justice a gift from my wife, your daughter’s godmother.” (pg 23)
Justice is delivered on page 53 “… they seemed to be pulps of human beings. Miraculously, said the News, they were both still alive though they would both be in the hospital for months and would require plastic surgery.” – And the Undertaker owes the Godfather.
All of us can relate to this story, particularly if we have children. “I don’t need you! I’m (an adult/in high school/have my own job/etc/etc) now! I can do it on my own!” But really NONE of us can do it on our own, with any level of success at least. It takes support from both formal and informal systems. Success requires support from family, the rule of law, the employer and these days more and more success requires the full support of extended urban tribes.
For Public Relations folks, I like to bring up the shift from formal distribution (traditional mainstream media) to informal distribution (bloggers, youtube, twitter brand attacks). In my opinion, many people in PR and in media DO understand the shift from centralized to distributed (long tail, small pieces loosely joined) media. Yet what they potentially don’t fully understand is the shift in authority from the police to the Don Corleone’s of the world. And let us not forget the Godfather wasn’t exactly a saint, collecting protection money, bribing the police and “knocking off” the competition.
For public relations professionals, the bloggers are hidden (no Bacon’s directory! gasp!). And bloggers are completely biased and proud of it. And have authority far beyond what a small olive importer should have. From the bloggers perspective the world is finally acknowledging their informal system of authority. About time.
Just an observation about the shift from formal authority in the media to a more informal system. And we all need to get to know and be friends with the new kids in town. With respect.
On a side note, I have noticed that as I have gotten more active on flickr, facebook (gah I hate their ugly URLs) and twitter, indeed my blogging has diminished. I still want to blog, I still like the "home base" aspect of having a blog. But the immediacy of twitter is so much more compelling and somehow the time to blog is reduced. So if you are wondering where I have been these days, follow me at the above links and we can stay tight, cool? Thanks!