Categories
Personal

Salting your WordPress keys

Did you know that WordPress provides a salt-generation engine with copy/paste ready text that you can use for your wp-config.php file to help make your WordPress installations that much safer from password cracking? If you aren’t familiar with the concept of salting cryptographic data, Wikipedia has a great entry.

The output of that URL looks like this (WARNING: Do not use these values)

define('AUTH_KEY',         'lsN32UCfT=-}ToXgR={6+OYzrV_!^qaZvQ$gQ&q?Rj#4lYpl-5r,(-k(b9^0M<C~');
define('SECURE_AUTH_KEY',  'O@$?-d^82Z1t+[V)+{ot6f./uR6nMppeI,IEB9Vbm]l^Vk6FS$04xt)lX:P!@9(G');
define('LOGGED_IN_KEY',    '&!0}EW$U5qCDo{3jFZV[!$;`t|0QN&DvO|>FC.{~V7~Yzq2HR2/wb:ZE&=TAjwK~');
define('NONCE_KEY',        '.Tx 2G+|)-@iI,74;M-2Aj+LdG@*SN|^D`|;^|0HJS`1V6FJ2`:oy2EQE|/;/vjz');
define('AUTH_SALT',        'qVK*v<Ehe_YW>#gKh>+aI9h@9&ZJB|D{is][raYOXS5,z0R3NWIT4fjWNiX3DG:5');
define('SECURE_AUTH_SALT', 't-Y;V9Wx7CK{T,_Y/{iUr[US?x_|@eZu6)O4 m{P`+n8xBkd.^9C{*$P`X|1xB!H');
define('LOGGED_IN_SALT',   ']V@Xh;|[EX81$n&Iaj>tXC5+WRW@Qk/D_BW TGzfj#I5+N3$2r96cKMXx$|[+pb*');
define('NONCE_SALT',       ':]+qOBD+h5pW4m |3,P5!mCXQ5]w~@7P>+#]gr,3NP/^8#;llu1v_l7 _fM1cnqa');

Take 5 minutes and go generate your own salts and update your wp-config.php file. It will greatly increase the security of your sites.

Categories
Digital Culture Personal

CES 2015 Planning

For the 6th year in a row, I will be attending CES in Las Vegas during the first week of January. For the uninitiated, CES is the largest consumer electronics trade show in the world, and where the world comes together to see what’s on tap for technology for the upcoming year. They reported that 2014 was the largest attendance yet for CES, at 160, 498 attendees…this is like a mid-sized city worth of technology to look at over the course of about 4 days.

This year, they have finally seriously outgrown the Las Vegas Convention Center, and have spread all around town to include exhibits at the Venetian and Wynn conference centers as well. I’m still planning a method of attack, but I expect that I’m going to be spending a lot of time looking at 3D printing again (the technology is changing so fast, I want to see what the newest printers can do). I’m also betting that this year is a huge explosion of connected household/Internet of Things systems, so that will be interesting to see what’s likely to be important in that area. And, of course, I’m expecting to see smartwatches hanging on every booth.

My coverage this go round is likely to be mostly video based, and my goal is going to be to get a video out every day of the show with summaries of what I’ve seen and what I think is important. I’ll be posting those videos on my YouTube channel, here on Pattern Recognition, and they are also going to be showing up over on the ALA TechSource blog. Any writing that I manage to do will be here as well, and I’ll be tweeting from the show like crazy if you want the blow-by-blow sort of take on CES. If you want to follow what I’m writing here, you can just save this search.

The biggest change in my coverage this year is in my funding model. In the past, I have done a variety of things in order to try and cover my costs for attending CES. For my first and second visit, my employer funded the trip. For the third, I was funded partially by my work writing for American Libraries and the Perpetual Beta blog. In 2013, I tried yet another method, actually crowdfunding the coverage by asking for donations and providing a central repository for all the material (video, photos, tweets, etc). For the record, that attempt went very poorly.

So for CES2015, I decided to try yet another way of covering the costs of attendance…selling ads in my reports. I approached four library vendors and gave them an opportunity to buy a variety of different ads, ranging from logo-only visuals to the reading of an ad in one of my video packages. Two of those vendors came back with a very quick “no”…one because it wasn’t the sort of thing they do, and another because I don’t think they understood what I was doing. 🙂

A third vendor countered, and asked if they could simply be the only sponsor for the coverage, covering the costs of my attendance while I included some very small mentions of them in the videos that I will be producing from Las Vegas. That sounded like a fantastic idea to me, and so my CES2015 coverage is going to be sponsored by Springshare.

SpringyLogo600px

I will be mentioning Springshare and thanking them in the videos I produce, but it isn’t going to be like the Texaco Star Theater, I promise. Unless you really, really wanna see me sing and dance (protip: you do not).

I look forward to seeing what is coming in the next year in technology and reporting it out to all the librarians that I can. If you have questions, things you think I should pay special attention to, feedback from previous year’s coverage, or really anything else: please leave a comment or drop me an email. I’d love to hear from you.

Here are some blasts from CES past to whet your appetite:

CES 2010

CES 2012

CES 2013

CES 2014

Categories
Images

Metapho

Metapho_borderedHere’s one for the iOS users out there concerned about information security issues! I just discovered the app Metapho, which lets you view the metadata associated with the photos on your iOS device. More importantly, it lets you choose to share images without metadata, while maintaining the metadata locally. How does it do that?

It uses iOS 8’s new extensions feature to make itself available in the universal share sheet as a destination for photos. Choose it, and it gives you the option to share it further without metadata. Metapho makes a quick edit in the background, shares the photo to the next program (Twitter, Facebook, SMS, Mail, whatever) without any of the associated metadata, then keeps the file with metadata in the photo roll. So you get all the benefits of sharing photos, without the infosec leaks. I’ve tested it, and it seems to work just like it says.

3

I’m impressed, and happy to see iOS apps that are focused around giving people control over their data in ways that may not be obvious to most users. Metapho is free to download and view your metadata, $1.99 in-app purchase to enable removal and the share-sheet ability.

Categories
Evenly Distributed Personal

Starting 2015

IMG_5596

Here we are in the last gasps of 2014, and I feel like doing both a bit of retrospection and a look forward and what’s coming in the new year for me. Partially because I’m excited about the things I’m doing, and partially because I am looking forward to meeting awesome new librarians and attending some new conferences.

Looking back at 2014, it’s the year where my professional life changed completely. After nearly a decade at the University of Tennessee at Chattanooga, I left my position as a tenured Associate Professor and struck out on my own as a consultant, speaker, writer, and maker. I realize how unbelievably lucky I am to be able to do this, just the ability to take that risk is a privilege that I am aware of every day. I am thankful for the fact that it is going very well. In the last 6 months I have:

  • Completed my first major grant project (the LibraryBox v2.1 Knight Foundation Prototype grant)
  • Published a library technology report with ALA TechSource entitled 3D Printers for Libraries
  • Spoken at Warren County Public Library in Bowling Green, KY for their annual Staff Day
  • Attended an unconference for Code4Lib DC where I led an open hardware workshop teaching intro to arduino for librarians
  • Went to 3 separate Maker Faires (Nashville, Atlanta, and Chattanooga) where I talked to several thousand people about LibraryBox
  • Attended DLF Forum for the first time, speaking on a panel about Makerspaces in academic libraries
  • Won a consulting bid to help build a brand new public library, acting as the technology consultant for the project
  • Managed to make it way out west for LITA Forum 2014 in Albuquerque, NM and delivered a workshop on customizing and hacking LibraryBox
  • Presented a webinar for Infopeople on LibraryBox, focusing on the new code release
  • Completed a complicated analysis of possible areas of technology-driven collaboration for two academic libraries
  • Spoken at the Hoover Public Library Staff Day in Hoover, AL (a spectacular library and bunch of librarians, btw)

Even with all that, 2015 is shaping up to be even busier. Here’s what I’ve got on tap for just the first 3 months:

  • Once again attending and reporting from CES in Las Vegas from Jan 4-9! I’ll be posting soon about this, as I’m doing something slightly different this year…news on that in the next week or so.
  • On January 13th, I’ll be doing a webinar on privacy and information security and libraries…again, more news on that ASAP
  • I’ll be attending the ALA Midwinter conference in Chicago, and I can’t wait to see everyone there
  • I’m also attending my very first Code4Lib conference! This one I am particular excited about, as I’ve been involved with the community on and off over the years, and just never made it to a conference. This should be amazing.
  • Finally, rounding out the conferences for the first quarter of 2015 is The Collective, a brand-spanking new library conference being held just up the road from me in Knoxville, TN. I’m excited about what the organizers are trying to do, and am very happy to be supporting it.

And on top of that, I’ve going to be keynoting the New Jersey Library Association conference in April, doing a preconference at Computers in Libraries that same month, traveling to Idaho for the first time in May to help with a library-driven Maker Faire, and heading to Missouri in early June to keynote for the MOBIUS Consortium conference.

Whew.

If you are attending one or more of the things I’ll be attending in 2015, drop me a line, I would love to meet up and talk about librarying with you. And even with all of that above, if you are interested in talking to me about helping your library or conference in any way, please let me know. I am excited that I have some small part in trying to make libraries better everywhere.

Categories
Personal

New Theme, Same Blog

I decided after seeing some work that a friend was doing on their blog to take a closer look at this old thing. I’ve been blogging in one form or another on Pattern Recognition for almost 12 years, since February of 2003. I started blogging using Blogger, just prior to their purchase by Google. At that time, you could use the web interface of Blogger, but have it publish your blog to your own hosting space as just HTML files, which is what I did, hosting the resulting HTML at Ibiblio at UNC-Chapel Hill.

The first blogging software that I fell in love with was Dave Winer’s Radio Userland, an old-school bit of software that did all it’s work client-side on your computer and then published to your webserver when you wrote a post. I tried it out and loved it…I bought a license and it was a revolution. I don’t know exactly how to explain to those of you that didn’t experience that early web blogging boom, but to be able to just write something without worrying about code and then to just click a button and have it live on the web without fiddling with FTP was just fantastical.

And then there was WordPress. I moved over to a pre-1.0 version of WordPress after testing its predecessor B2. For years and years my WP database prefix was still B2- because of this…and once I was in WordPress, I never looked back.

I’ve changed themes a few times over the years, but had really settled in to my old one, creating a child theme and just customizing the heck out of it. But I have been thinking for a long time that it needed more polish than it really made sense to do, as the old theme just wasn’t modern enough to take advantage of a lot of the new abilities that WordPress has added under the hood. So I’m switching up, and I’m going to see how this one feels. If I keep liking it, I’ll start iterating on it to make it more my own. But for now, let’s see what it feels like for a few months. I’d love to hear feedback if you have any on the look/feel.

Categories
Hardware Personal Technology

Knight Foundation News Challenge Semi-Finalist

I found out this morning that my Knight Foundation News Challenge entry (Make the Things that Measure the Future: Libraries & Open Hardware) was chosen as a semi-finalist! Out of 680 initial proposals there are now 41 proposals left in the “Refinement” stage. We have a week to answer a new series of questions, along with responding to any comments or questions that were generated by our initial proposal.

The Knight questions are:

  • Who are the users of your project, and what have you learned from them so far?
  • What are the obstacles to implementing your idea, and how will you address them?
  • How much do you think your project will cost, and what are the major expenses?
  • How will you spread the word about your project?

I have good answers to all of these, I think, and will spend the next week making absolutely sure that the answers are as clear and precise as I can make them. What I don’t have just yet is a lot of comments to respond to from the public. This is where you, Internet people, come in. What feedback do you have about my proposal that needs comment, or questions that need answered? Please comment on the Knight proposal page, and I will take those comments and questions and use them to hopefully move my proposal forward into the next round!

Categories
LibraryBox

LibraryBox wins Excellence in Education at Chattanooga Startup Awards

CHA Startup Awards

Last night were the first annual Chattanooga Startup Awards, a part of Startup Week. About a week or so ago I got an email letting me know that LibraryBox was a finalist for an award, and could I please send them a logo and a song I’d like played if we won.

First: I got a theme song. That’s just cool.

Second: I assumed it was a formality that LibraryBox wouldn’t win. There are so many awesome companies and people doing stuff in Chattanooga that I was certain I’d go to the awards, talk to a few other nominees, and have a beer. The last thing I thought would happen was that LibraryBox would actually win one.

Color me surprised:

IMG_5264

LibraryBox won this:

Excellence in Education Award
This award may to go a person, teacher, parent, mentor or organization that has proven a commitment to educating and empowering the next generation of entrepreneurs.

I’m still befuddled at this given that among my competition were companies like Learning Blade, who are doing really interesting things with web-based learning.

I’m thrilled and humbled at winning any award for LibraryBox, and want to thank everyone that’s ever been involved in the project. There’s a lot more coming from LibraryBox in the near future…keep watching!

Categories
Books Legal Issues Library Issues Technology

Adobe Digital Editions and infoleaks

Eliminate DRMThe online library world exploded today over the revelation that Adobe Digital Editions, software that is required for many library-focused eBook services, evidently leaks like a sieve when it comes to our user’s information. The TL:DR version of the story is that ADE appears to be sending in plain text to Adobe’s servers information such as: the book you are reading, title, publisher, which pages you have read and which page you are currently on. Much longer discussions about the leak and potential fallout here:

Andromeda and Galen then both went on to touch on some of the core problems with this leak, focusing on the conflict between Adobe’s action and the ethics of librarianship, and the possible role that ALA may have in bridging the gaps in libraries’ knowledge of these actions.

There are a few things I wanted to emphasize about this situation. The first is that several of the reports have noted that earlier versions of Adobe Digital Editions didn’t seem to “spy on its users” in the way that the most recent version (version 4) does, and recommend using earlier versions. The truth of the matter is that of course the earlier versions are spying on users…they just aren’t doing it in as transparent a manner as the current version. We need to decide whether we are angry at Adobe for failing technically (for not encrypting the information or otherwise anonymizing the data) or for failing ethically (for the collection of data about what someone is reading). It’s possible to be angry at both, but here’s a horrible truth: If they had gotten the former right and encrypted the information appropriately, we’d have no idea about the latter at all.

I think that Andromeda has it right, that we need to insist that the providers of our digital information act in a way that upholds the ethical beliefs of our profession. It is possible, technically, to provide these services (digital downloads to multiple devices with reading position syncing) without sacrificing the privacy of the reader. For example (and this is just off the top of my head) you could architect the sync engine to key off of a locally-hashed UserID + BookID that never left the device, and only transmit the hash and the location information in a standardized format. This would give you anonymous page syncing between devices without having to even worry about encryption of the traffic, as long as you used an appropriate hash function. I would prefer this approach, because (as mentioned above), if the entire communications stack is encrypted, it’s a black box for anyone attempting to see inside and verify what the vendor is actually collecting. There are answers to this as well (encryption keys that the vendor never sees at all, for example, and are totally local to the user’s device a la Apple’s latest security enhancements).

There are technical solutions that satisfy our ethical concerns. We need to insist that our vendors care enough about our ethics that the technical answers become a market differentiator. We need to insist that this is important and then we need to make them listen.

Categories
Personal

Support the Ada Initiative

Ada-Initiative-color-stickerLike many librarians, today I’m blogging about a fundraiser for a group that I think does incredibly important and useful work in the technology world: The Ada Initiative. Named after one of my heroes, Ada Lovelace, it is a group that is dedicated to supporting women in technology. They do this in a variety of ways, from advocacy, to the development of codes of conduct and the promotion of safe spaces for women, to education for organizations and individuals about gender diversity and the skills needed to support these efforts.

The Ada Initiative can only do these things through the support of people who believe in their efforts. For the next 5 days, there is a $5120 matching grant opportunity for librarians that give to the Initiative. This is the first time that the Ada Initiative has focused on librarians, and I for one want to show them the degree to which librarianship believes that diversity in technology is a necessary thing, and that we desperately need to provide safe spaces for women in tech spaces of all types.

eliza with arduino

I also want to ask that you think about the amazing women that you know in librarianship and technology, and consider donating as a way to honor them. I’m donating to the Ada Initiative as a way to help ensure that the next generation of women in technology don’t have to fight the same fight as this generation. I’m also donating so that just maybe Eliza can continue to be interested in science and technology and not be discouraged or dissuaded by the sexism of the world around her.

If you’d like to join me in donating, please use the below link to do so, so that your donation is counted for the matching grant.
 

DONATE!

 
Donate to the Ada Initiative
 
Thanks to the Ada Initiative for all that they do to support gender equality in science and technology.

Categories
Apple Digital Culture Personal

Apple’s September 9th 2014 Announcement Predictions

promo_live

Over the years, I’ve become known as a fan of Apple’s hardware and software solutions…and it’s true, I am overly fond of the way they do things. This isn’t to say that I’m not critical of them, as I do think they make mistakes (iPod HiFi anyone?). But I’ve been following them for many, many years and have a good understanding of their predilections.

On September 9th, Apple will be holding a press event that is promising to be one of the most interesting in many years. September is always their biggest press event of the year, as it’s when they introduce the newest model of iPhone, by far Apple’s most important and popular product. There have been lots of rumors and discussion around the Internet that seem to point to this year being particularly revolutionary. We don’t have the whole story yet (no one holds their cards closer than Apple does) but here are a few of the things that seem like good bets, and that might be interesting to Libraries and Librarians.

The first is the new iPhones. Yep, that’s plural, since it appears that Apple will be launching two new phones, for the first time in two different screen sizes. All of the rumors point to Apple releasing a 4.7 inch version and a 5.5 inch version of the iPhone this time around, marking only the second (and third!) time they’ve changed screen sizes with their phone. The original iPhone through the iPhone 4S were all 3.5 inch screens, the iPhone 5, 5C and 5S are all 4 inch…and now it looks like we’ll get 2 phones that are larger than that. This isn’t a huge surprise, as the overall cell phone market has been growing their phones for years now…the newest Samsung Galaxy 4 has a 5.7 inch screen, for instance. For Apple, growing screen sizes is harder, because the iPhone human interface guidelines insist on appropriately sized touch targets for the interface, and increasing the screen size while also increasing the pixel density can be hell on developers trying to make apps that work for every device. The best guesses yet for the resolution of these new phones comes from Apple blogger/journalist John Gruber, who puts the 4.7 inch screen at 1334×750, or 326ppi, with the 5.5 at 2208×1242, which works out to an incredible 461ppi, more dense than a printed magazine page.

The new phones will also undoubtedly be thinner and faster, most likely running a new A8 chipset that was designed by Apple. The A7 that debuted in the iPhone 5S is a remarkable processor, giving an insane amount of processing power at efficiencies that are hard for other devices to match. If they’ve improved on that, the A8 is likely to be a breakthough, giving desktop-level processing power in a mobile package.

It also appears that there is something happening with the new iPhone and a payment system for the real world. Bloomberg and others have reported that Apple has reached some type of deal with all of the major credit card companies (Visa, Mastercard, et al) and the rumor that they will finally be including some type of NFC technology in the new phones (my money is on a new, software-based system that allows for on-the-fly programming of the NFC communications protocol) that would allow for tap-to-pay interactions at all of the vendors that support such.

Add all that (new sizes, payment system, new processors) on top of the announcements that they made back at WWDC regarding iOS 8 and the massive changes that it will bring to the platform…it’s gonna be a big day for the iPhone. iOS 8 brings the most radical changes to the platform since the introduction of the App Store, including the introduction of true inter- and intra-app communication abilities (to the extent that apps can even have functionality that extends INTO another app, for instance one photo app “loaning” a filter to another totally unrelated app for use). It’s not exaggerating to say that iOS8 will change how the iPhone can be used by people, adding huge amounts of additional functionality. I’m perhaps most looking forward to custom keyboards (one of the aspects of Android that I most miss on the iOS platform), but I’m excited to see what developers come up with, because Apple is handing them a whole new suite of toys to play with.

If that were all that Apple was announcing and showing off, it would be a huge deal. But it seems like they may have finally chosen this as the time to announce their Wearable computing platform. Exactly what that means, only Apple really knows, but all of the rumors seem to point to some sort of wristwatch-like object that does…something. It’s really a mystery, but one Apple reporter quipped that the so-called iWatch is going to be a watch in the same ways that the iPhone is a phone. Whatever it is that they announce, it’s almost guaranteed to be interesting.

The other thing that’s pointing towards this being a big day for Apple is the choice of venue. Apple is using the Flint Center for this announcement, which they have only used 3 times in their history. Once was for the original announcement of the Macintosh in 1984, and once was for the return of Steve Jobs and the original iMac. To be fair, the third was for the iMac SE, which was a much smaller deal, but the two others are among the biggest announcements ever from Apple, ranking with the launch of the original iPhone in how important they were to the history of the company. It appears that Apple has built an entirely new building just for the announcement of their new products at the location of the Flint Center, and this is shaping up to be quite the September for Apple.

iOS8, two new iPhone models, a wearable device of unknown purpose and type, something that requires an entire building to show off….this Tuesday is gonna be really interesting. Join me at 12pm Central on Twitter @griffey for the annual live-tweeting of my thoughts. See you then for all the excitement!

Addendum

One of the refrains I often get in the library community when I do posts like this that focus on gadgets, especially specific gadgets, and even more especially Apple’s specific gadgets is “But how does this relate to libraries?”. As if libraries didn’t, oh…help patrons navigate their gadgets every single day or have dozens of electronic resources that need to interoperate with these devices. Perhaps there are even a few librarians that use these devices to help patrons in the real world. I don’t really have a single answer as to why librarians should be interested in the most popular hardware that runs the second most popular operating system used to access the Internet. Perhaps not all librarians need to be completely aware of this stuff, but someone certainly does, hopefully someone in your library or library system.