HTTPS Everywhere: Deep Dive Into Making the Switch

Submitted by Sam Moore on Mon, 03/06/2017 - 21:00

HTTPS image

Not only are some browsers now throwing flares when forms are presented without encryption, but Google is starting to notice as well.
Bottom line - it's time to get a cert and make your site work over encrypted connections.

Here's a detailed article that will take you through the steps required to get HTTPS working on your site(s).

https://www.lullabot.com/articles/https-everywhere-deep-dive-into-making-the-switch

 

Industry-specific pages debut on Drupal.org

Submitted by Sam Moore on Mon, 03/06/2017 - 15:59

Did you know 73% of the top 30 media companies use Drupal? Neither did I.

Drupal.org has 3 new industry-specific pages, offering case studies and talking points, like the one above, for prospective site builders who are considering Drupal.

The three market verticals are Higher Ed, Media/Publishing, and Government.

Having worked in all 3, I can attest there's lots of opportunity there. Hopefully these new pages will help get the word out.

 

https://www.drupal.org/association/blog/drupalorg-industry-pages-are-live

Signal v. Noise: Persistence is undervalued

Submitted by Sam Moore on Mon, 01/23/2017 - 21:11

People undervalue persistence. You’ve been told since you were a kid stories of trains getting up mountains with the power of persistence. Get up. Try again. And again. It feels like the most cliche advice there ever was: I think I can.

But still, we underestimate how beneficial that extra effort becomes.

https://m.signalvnoise.com/persistence-is-undervalued-d1f5a5a5fda2#.qzc8k0hyg

Hacker News: Thousands of websites still vulnerable to Heartbleed

Submitted by Sam Moore on Mon, 01/23/2017 - 12:03

Hacker news logo

It takes roughly three steps to remediate the Heartbleed bug.
 

  1. Patching: Update your software to the latest versions of OpenSSL; thankfully almost all organization have accomplished this step.
  2. Creation of New Private Keys: Creating new private keys will prevent an attacker, who already exploited the flaw before patching, from being able to spy on your encrypted.
  3. Reissuance of Security Certificates: This step will eliminate the ability of any attacker to spoof organizations and fool or phish their customers.

http://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html

Seth Godin: The candy diet

Submitted by Sam Moore on Wed, 01/04/2017 - 14:37

Even if only a few people use precise words, employ thoughtful reasoning and ask difficult questions, it still forces those around them to catch up. It's easy to imagine a slippery slope down, but there's also the cultural ratchet, a positive function in which people race to learn more and understand more so they can keep up with those around them.

 

http://sethgodin.typepad.com/seths_blog/2017/01/the-candy-diet.html

Films for Action: Richard Feynman's technique for learning new things

Submitted by Sam Moore on Thu, 12/29/2016 - 10:21

Here's a simple technique for learning something quickly - and I find, also deeply. If you can explain something in layman's terms to an intelligent novice, you will have assimilated the subject in a deep way.

By the way I was trained to teach meditation this way - avoiding spiritual jargon and Sanskrit terminology - and found it marvelously effective.

It is the process of thinking about an idea while teaching it that make the method so effective. Once you can explain an idea with simple language and create graphic analogies, you have deeply understood it and will remember it for a long time.

http://www.filmsforaction.org/watch/the-feynman-technique-3-steps-to-learning-something-new/

Vice: We're Getting Rid of Comments on VICE.com

Submitted by Sam Moore on Thu, 12/22/2016 - 11:05

As we all know, the comments section of many sites is simply an open sewer.
 

We don't have the time or desire to continue monitoring that crap moving forward. Besides, there are plenty of other ways for you to publicly discuss our work and the personal worth of our staff. We'll still be reading your thoughts on Twitter and Facebook, and we legitimately do enjoy getting IRL mail (no bombs) sent to our offices in Brooklyn.

https://www.vice.com/en_us/article/were-getting-rid-of-comments-on-vice

Krebs: $3-5M in Ad Fraud Daily from ‘Methbot’

Submitted by Sam Moore on Thu, 12/22/2016 - 10:57

As usual, Krebs has a much more detailed exigesis of how this thing actually works.

New research suggests that an elaborate cybercrime ring is responsible for stealing between $3 million and $5 million worth of revenue from online publishers and video advertising networks each day. Experts say the scam relies on a vast network of cloaked Internet addresses, rented data centers, phony Web sites and fake users made to look like real people watching short ad segments online.

https://krebsonsecurity.com/2016/12/report-3-5m-in-ad-fraud-daily-from-methbot/

AdWeek: Ikea Renamed Products After Frequently Googled Problems That Those Products Solve

Submitted by Sam Moore on Fri, 12/16/2016 - 09:30

Anyone doing Search Engine optimization will appreciate Ikea's clever play here - when someone searches for a relationship problem ("My partner is annoying"), their product pops up on the SERP.
Apparently only in Sweden, but still...

Conveniently, ...searches for terms like "He can't say he loves me" will lift Ikea's product ads to the top of the Google Adwords pile—a visibility coup so maniacally clever that it's hard to hold a grudge. 

http://www.adweek.com/adfreak/ikea-renamed-products-after-frequently-googled-problems-those-products-solve-175005