Blog

Sep 16 2009

Blog Mothership

By: Leo | Leave a comment

Here is a good article discussing the importance of your company’s blog.

Since there are so many social media options available, it is good to maintain some perspective. The post provides a good mental image (for Star Wars/Star Trek geeks like me) to help you maintain that perspective:

Your blog is your mothership. Don’t neglect it for lesser tools.”

http://chrisguillebeau.com/3×5/the-unconventional-guide-to-the-social-web/

The post also provides some useful thoughts on how to maintain your blog as well.

Here is the link: Your blog is your mothership.

Posted in: Blogs

Tags: ,

Sep 8 2009

A Tale of Two Websites

By: Leo | Leave a comment

In what I hope is my last post (for a while) concerning website security, this is a tale of two websites. I know I have been writing about your website’s security, but this has been a growing issue for the (self-hosted) WordPress community lately. My intention is to make sure our community and friends are properly educated about some simple solutions to better protect themselves.

Website 1: Updated WordPress Version
This website owner updated their version of WordPress. A minor error in the administrative settings allowed a hacker to register as a user. Because the software was up to date, the hacker got no farther than joining as a subscriber. No damage was done, no reinstalling of files was needed, and no major overhauls were warranted.

Website 2: WordPress Was Not Updated
The WordPress admin for the second website did not upgrade their WordPress platform. The same minor error mentioned above allowed the hacker to register as a user. However, since the software was out of date the hacker was then able to change themselves to an administrator. They then added other fake users, hid new admins they created, and changed various settings. They also changed the permalink structure to redirect users to potentially harmful websites. An afternoon’s worth of work was required to completely sanitize the website to make it safe once again.

The Importance
Weeks ago, the WordPress community found a hole in the security and the issue was promptly fixed. Once it was resolved, an update was distributed. In fact, the past two software updates included this security patch. People who had not updated their software recently were exposed to the worm and a lot of website owners have been affected. They felt the affect of not staying on top of their updates. The rest of the community was more protected from the attack.

If you want to read more about the importance of updating your WordPress software, Matt Mullenweg wrote a good article on the WordPress blog.

Please let me know if you have any questions concerning your current version of WordPress or if you are confused about updating your version of WordPress.

Stay safe out there!

Posted in: Blogs

Tags: , ,

Sep 3 2009

Been Kinda Hacked? A Web Host’s Suggestion

By: Leo | 2 Comments

A few days ago I wrote about our website having been potentially hacked by way of our WordPress blog. After performing a couple of preventative measures I decided to contact our web host, Media Temple to see if there was anything else we could do.

Jeff’s Advice To Me… And You
Jeff, who provided excellent customer service, and I spoke about our situation. To help you with your website, here is the rundown I received.

  • Stay on top of your blog and its members. Try to catch possible issues early before users have a chance to do harm to your website.
  • If you can do it, turn off the “anyone can register” option under general settings of your WordPress blog.
  • Change your password frequently and use something alphanumeric with lowercase letters, capital letters, and typographical symbols.
  • Check out Google Webmaster Tools. In general they provide good information for your website. An added benefit, is that if you have any red flags from being hacked they will let you know here.
  • Run virus scans on your computer to make sure you do not have any viruses or spyware. This is a “just-in-case” measure for extra protection for you, your computer, and your website.

We Are Not Just About Security
I know a lot of the past few blog posts have been about personal, blog, and online security. Please know this is just a temporary subject given all of the things that have been happening around Triune Designs and the web in general. We should be resuming our “normal programming” quite soon.

Posted in: Blogs, Web Development

Tags:

Sep 1 2009

Whose Blog Is It?

By: Leo | Leave a comment

A while ago I read a blog post by a well-known blogger who was irritated by people commenting that they were unsubscribing to his blog. The readers were unsubscribing because they felt he was getting off track from the blog’s main focus. His response to them? “See ya. I am better off without you.” While he was at it, he also pointed out that the blog was his and he could write whatever he wanted.

For me it raised an important question: whose blog is it?

His Blog
It should be noted that his blog is a semi-personal one and not a business blog like this. (However, since he makes part of his living through his blog I am counting it as part business/part personal.) With that said, though, the blogger is right. It is his blog. He can shut it down whenever he wants. He can decide to go in a completely different direction and start writing lemur-themed haiku posts. The same is true for this blog. If we decided to only write about the benefits of oscillating fans during the summer there is not much you could do about it. Or could you?

Your Blog
While the audience cannot completely control the website owner’s actions, the audience does have some power. They have a voice. As was mentioned above, their voices come in two primary forms: (1) commenting and (2) unsubscribing. Voicing displeasure on comments is a great way to provide feedback to the writer(s). In a blogging community (like a business blog should support), responding to feedback is vital to a blog’s health. If there is no response then that blog community moves on to step two: mass exodus. If large masses of people leave your blog then your revenue streams and/or marketing opportunities dry up. That is bad for business.

So, for me, the answer to my question of “whose blog is it?” is simple. The blog is both of theirs. That particular blogging community has part ownership with the final decision-making power lying in the hands of the writer himself.

And, if the blogger wants to go in a completely new direction. He will just have to understand that they might have to find a brand new audience.

Posted in: Blogs

Tags: , ,

Aug 31 2009

Writing the Right Things For the Wrong People

By: Leo | 1 Comment

Oh, the search engines. I think they are my best friend and my worst enemy at the same time. Writing posts that might ring true for people engaging in this blogging community and with people cruising along on the search engine highway comes with a slight risk. The wrong people will also find this blog.

I have two examples come to mind.

The Iconic Symbol
The first is with a blog post I did on Twitter a few months ago. I had a good conversation with some readers and got a few links coming to the website. Awesome… and then the junk came. Apparently, the icon was picked up on Google images… and a few bloggers liked the it enough to steal bandwidth hotlink the image. I assume a few of them did it by accident, but either way it was pretty annoying and required a bit of angling so they would not use my resources.

Please Hammer, Don’t Hurt Me
The second example brings us to today: our blog kind of got hacked yesterday. I believe it has to do with some of the recent blog post about web security. So far, I cannot tell that anything actually happened, but two “people” registered on the blog as subscribers. They/he/she did this despite my not having user registration access on the main part of the website. After a quick Google search I found that one of the email addresses is associated with a person who uses that newly acquired access to break into the website and do (presumably) bad things.

I guess I might have to try and increase the security on the blog. Between that and prayer, hopefully nothing bad will go down on the back-end of the website. Stay tuned!

Posted in: Blogs

Tags: , , ,

Aug 28 2009

Where Is Your Community

By: Leo | Leave a comment

The Jeep Community
Last fall, my wife and I bought an old Jeep Wrangler. Our thought was that it would be a fun vehicle that our family could enjoy driving. (Ah, driving with the top down and the doors off – awesome!!) Little did I realize that we were joining a community. Having only owned 4Runners, Civics, and Explorers in the past, I was never truly exposed to communities built around cars.

Our Jeep - The Jeep Community

Driving around, I immediately started to notice people in other Jeeps waving to me. After a while, I began waving back when people waved at me even progressing to where I was the initiator many times. I noticed other occurrences of the Jeep community. Other Wrangler owners began talking with me when I parked. Friends who own Wranglers offer to help me with various repair projects on the vehicle – more so than when I worked on my previous vehicles. And I am just touching the surface leaving out Jeep festivals, off-roading gatherings, etc.

I have learned that people are passionate about their Jeeps and this passion has developed a great community.

Communities All Around
What is great is that there are communities all around us and oftentimes we never see them. Some are obvious – motorcycle riders have an avid member community; some are not – have you ever seen the Mazda Miata community? Believe me, it is there (one of my old roommates, Chris Crumpton showed me that). And these examples are just dealing with cars, there are thousands of other communities out there centered around church, sports, computers, movies, occupations (just to name a few).

The definition of a community is a group of people with common ownership, common agreement as to goals, or a body of people in a learned occupation. I argue that a community is also built around people with a common passion.

Communities & You
As a small business, you are very passionate about what your company creates or sells. So, use this passion to your advantage and help build a community centered around your business.

You have two options for building a community. You can either get involved in existing communities that are related to your your passion (and/or business) or create your own. There are people who are passionate just like you, it is just a matter of finding them. Once you are involved, you can help that community develop. The other option is to build your own community (using platforms such as blogging, Facebook, or Twitter) and begin showing your passion. Make it easy for other like-passioned people to join you and help the community grow.

Have fun with your passion-based community… and if you happen to see me driving around in my Jeep make sure to give me a big wave. I will throw one back at you.

Posted in: Extras

Tags:

Aug 25 2009

Protect Yourself

By: Leo | 11 Comments

Bank Vault Photograph by Anonymous Account on Flickr A few weeks ago I read The Anatomy Of The Twitter Attack on TechCrunch. All I can say is wow!!

In case you have not been following along on TechCrunch (TC) lately, let me fill you in. The online tech publication recently received over 300 documents from a hacker who retrieved sensitive business information from the executives at Twitter. These documents included Twitter’s financial details, executive-level meeting notes, and various documents outlining Twitter strategies, goals, and processes. Using this information, TC wrote a series of behind-the-scenes articles about Twitter and their plans for the present and future.

Security Holes
The Anatomy article reveals exactly how the hacker gained access to Twitter’s sensitive information. Hacker Croll (HC), as he wanted to be called, gained access through a Twitter employee’s Gmail account.

  1. HC accessed Gmail for a Twitter employee by using the password recovery feature that sends a reset link to a secondary email. In this case the secondary email was an expired Hotmail account, he simply registered it, clicked the link and reset the password. Gmail was then owned.
  2. HC then read emails to guess what the original Gmail password was successfully and reset the password so the Twitter employee would not notice the account had changed.
  3. HC then used the same password to access the employee’s Twitter email on Google Apps for your domain, getting access to a gold mine of sensitive company information from emails and, particularly, email attachments.
  4. HC then used this information along with additional password guesses and resets to take control of other Twitter employee personal and work emails.
  5. HC then used the same username/password combinations and password reset features to access AT&T, MobileMe, Amazon and iTunes, among other services. A security hole in iTunes gave HC access to full credit card information in clear text. HC now also had control of Twitter’s domain names at GoDaddy.
  6. Even at this point, Twitter had absolutely no idea they had been compromised.

Your Security
In terms of online security and privacy, this is a horror story at its finest. Jason, Freddy, and all the others would be jealous.

Web developers are always a little paranoid of security and (hopefully) try to minimize the number of security holes on a given website. This mindset should apply to everyone, though. As more of our (and our companies’) information heads on-line we need to stay mindful of keeping our data more secure.

Quick Security Tips
Here are a few quick tips for increasing your security.

  • Have a different password for every on-line account.
  • Change your passwords regularly
  • Keep your password retrieval options up to date.
  • Consider changing your security questions to things that are not true, but that you will remember.
  • Keep all of your on-line apps and computer software up-to-date. (i.e. make sure you are running the latest WordPress version available. Make sure you are running the latest version of Internet Explorer, Safari, or Firefox.)
  • Always be careful with email and any attachments. This is especially true if the email comes from an unknown sender or from your bank, credit card company, etc.

If you have any other online security suggestions please throw them down in the comments.

Many Thanks
Thanks to TechCrunch, Twitter (reluctantly I am sure) and H. Croll for providing us with this great example our fragile online security.

The bank vault image is courtesy of Anonymous Account and can be found on Flickr.

Posted in: Extras, Web Development

Tags:

Aug 19 2009

Two Becoming One… Website

By: Leo | Leave a comment

This morning, I read a Seth Godin blog post about the difference between fidelity (extraordinary experiences) and convenience. Seth’s argument is that the best products deliver one or the other. He also argues that companies run into problems when they muddy the waters and try to provide both at the same time.

I think Seth is right to a point. Either that or there are a few exceptions to his rule. One such exception to this is the creation of a website. Clients who want a website developed want both fidelity and convenience.

Web Design: Fidelity
From a website design perspective, clients want the extraordinary experience. I have always joked with web designers, I work with, that they are the ones who truly sell the company. Why? I have never heard someone approach us and say “I just love your code. The HTML and CSS that makes the website run is awesome!” It is always the opposite. The design is what makes the largest impression on a client. They want the wow factor for their web design – they want the extraordinary experience.

Web Development: Convenience
If design is the fidelity side of the equation, then web development is the convenience side. From a development side, there is not much in the way of a wow factor for the average web user. Customers want convenience. Whether they use a content management system or ask a company to provide updates (quickly), it is all about updating the website with great ease.

For the web user, it is all about the website loading properly and quickly. If the website takes too long to load the convenience factor begins to decrease.

Your Thoughts
Are fidelity and convenience intertwined in website design and development? Does website design have a convenience factor to it? Does website development have a wow factor to it?

Posted in: Web Design, Web Development

Aug 18 2009

Things Coming Down the Pipe

By: Leo | Leave a comment

So, I have an apology to everyone out there in Triune Designs land. We have been a little bit off track the past few months in terms of writing for this blog.

The sabbatical has been semi-intentional. In all honesty, things have been busy around here and somehow writing for the blog got pushed to the back-burner. I know, I know – for shame!!

But that is not the only reason for the dry spell. Another reason is that we have been talking about the vision and growth for Triune Designs. Part of the discussions have included where this blog is headed and what discussion topics are more appropriate in this arena.

While we are not completely finished reassessing our company’s direction, I hope that the blog can get a kick in the butt and get going again.

Until the next time… Leo

Posted in: Extras

Jul 22 2009

Top 4 Twitter Applications

By: Leo | Leave a comment

David over at Web Ink Now wrote about his top five Twitter applications. He then challenged his readers to provide a list of their top Twitter apps.

So, here are my top Twitter applications.

Twhirl LogoTwhirl (for my Mac)
TweetDeck seems to be the choice of Twitter power users everywhere; I am not a power user.

After trying out a few different apps for my Mac (including TweetDeck), I finally chose Twhirl. Twhirl has all that I need in a nice clean interface. Twhirl allows me to have multiple accounts up at the same time so I can easily follow what is happening in my personal and business tweetstreams. I also like the Growl notifications, which allow me to follow along without having to to constantly switch over to see new tweets.

Birdfeed LogoBirdFeed (for my iPhone)
I have tried five or six different Twitter apps for the iPhone. A while ago I read about BirdFeed on TechCrunch. They spoke highly about the new app so I thought I might give it a chance. I have been using Birdfeed ever since.

Birdfeed has a simple and clean interface, it allows me to easily see mentions/replies, and it provides easy access to retweeting or replying to other people’s tweets. Birdfeed also bookmarks my Twitter time line so I can easily refer back to a recent tweet I want to see. Finally, I like how the interface looks similar to the iPhone texting (or iChat conversations) interface.

Flickr LogoFlickr (for sharing photos)
Flickr was a little late to the Twitter-picture game, but I am glad they are here. Facebook and Flickr are the two places I share my photos with the world. Since I am already adding my photos to Flickr, it makes things easy for me to reference my “photo” tweets through them instead of worrying about another website.

FriendOrFollow LogoFriendOrFollow (for a bird’s eye view of my Twitter community)
FriendOrFollow easily allows me to keep track of my Twitter community. On their website, I have three options. I can see who is following me (with no love in return), who I am following (without reciprocation), and who are my friends (those who follow me and I follow back).

The benefit of using FriendOrFollow is that I have a better idea of who I am actually engaging with on Twitter. The information is used (in conjunction with other criteria) to allow me to make more informed decisions on who I should continue following.

Your Favs
There are my favorite Twitter apps, but I am more interested in you. What are your favorites?

Posted in: Web Marketing

Tags: , ,