Tech and interesting things

I heard this morning that Brett Solomon is leaving Getup.org. I'm a fan of Getup and how it uses technology to engage people. What strikes me most about Getup, and what I believe is the key to their success, is the focus of their vision. They do one thing - engage online activism - and the do it well.

The criticism of what I call micro-participation is that it only engages people in a way that does not take them out of their comfort zone - go online, make a comment, make a donation, get a bit angry, then get on with your life.

(warning: bleeting from a different generation) When I was an activist in my teenage years we wrote letters, by hand, to newspapers, letterboxed our local streets and went out on cold Tasmanian mornings for street protests or to get people to sign petitions.

Did we make any more difference than the 280k people on getup? Probably not.  The powerful probably take as much notice of an online petition as they ever did of a 50kg signed one. We worked with what we had, and today's activists do the same. More complex tools for a more complex world.

What Getup has been able to do is to engage support and focus it on very specific issues. They take the power of the people online and concentrate it into clever, well thought out media campaigns.

The Getup agenda is designed by Getup management. Curiosly, it's not a very democratic process. Getup 'members' are really names on a mailing list without any participation in the direction of the organisation. I'm not suggesting that it shouldn't work this way, democracy can interfere with focus, but perhaps 'members' is not the ritht term. I wonder how will the direction of Getup will change as the team changes.

For me the best thing about Getup is their use of technology to engage people. Their site is clever, snappy, simple and easy to use. Multi-media is hugely important and their ads are often what people visit for. There isn't much complexity and so people don't have to learn much to stay engaged with the technology.

Good luck, Brett - I hope you have as much success with the next big thing.

I've been thinking about advertising on Blogs. I don't have any and I don't really want any, and I probably don't get enough traffic anyway. But I do "advertise" Energetica on the blog.

Should I use my blog to crow about my team and talk about our projects. I can't help it really, it is what we do and Energetica and the team and our clients are things of which I am intensely proud.

There is also a bit of strategy. By blogging about our client sites they get a bit of web traffic and a bit of Google cudos.

One problem is that when we have a lot of launches on I don't get time to blog about other things, so it gets to look a bit stacked with new website announcements and how great we are.

Energetica has had a busy month. We launched another Joomla! website today. The Framework Convention Alliance for Tobacco Control asked us to build their new website for them. They have a lot of information and links about reducing the impact of tobacco around the world.

The Energetica team did another great job of pulling it all together for launch. It's another good cause and we are proud to be part of it.

Love the team, love our clients, love Joomla!

We use Joomla! for all our client websites and we love it. Last week a serious vulnerability was discovered, and reported. If you are interested in the development cycle and the process, here is the full story.

Essentially, the vulnerability allowed bad people to get access to Joomla! 1.5 sites as administrators. This was discovered on August 12 (US Time). The tested release to repair the vulnerability took 3 hours and 40 minutes from the time the development team were notified.

20-30 people worked on the process, many of those are volunteers. These are extraordinary statistics for a complex piece of software.

At Energetica as soon as we learned of the release we tested the upgrade, planned the implementations and had our client sites upgraded within 2 days. This includes testing components, templates and other site inclusions.

One of the things people often say about open source is: "If everyone can see the source, doesn't that mean they can find holes in it?"

The answer is "yes". But it is not the finding of the holes that you should be concerned about it is the fixing of them.

Anyone can find security flaws in open source is and anyone can help fix them. This means that the bad or good guys will find them, and good guys will fix them. With closed source, proprietary products, the bad guys find them and only a small group of good guys can fix them.

An important assessment tool in selecting open source products is how often there are security releases. It is a little counter-intuitive to think that a lot of security releases is a good thing. Does it indicate a flawed product? Maybe, but it also indicates an active and responsive development community, and a widely distributed product - these are good things for Open Source products.

 Any complex software system has many places for attack. Often vulnerabilities are discovered by the development team, sometimes they are reported by people who have the time to find them and report them (some people actually do this for fun!). Sometimes the bad guys get them first. The important thing is the response of the development community.

Yesterday we went to Newcastle to launch the Homelessness Information Clearinghouse www.homelessness.net.au at the Youth Accommodation Association conference.

 It was exciting for us that the Minister for Housing, Tanya Plibersek, agreed to launch the site.

We wondered what you do to launch a website. We were in Newcastle, on the harbour where boats were routinely launched by smashing bottles of champagne. That would hardly work for a website.

We wanted it to be impressive but risk free. I never want to rely on technology for presentations - theres a law of the universe that says it will go wrong. Techno magic can easily become tech no magic!

We decided that we would have the site up on the screen while the Minister talked about it and then get her to refresh the page. and voila:  a new news article about her launching the site with a pic that we took just minutes before.

It worked. The Minister was impressed, we were relieved and the site is launched.

This is a great project for us. We get to manage the site, source and create content and host it until 2010.

We built it in Joomla! so it is a great example of the strenght of open source systems.

The Energetica team have been fabulous. The amount of work they have done to get the site just right has been extraordinary. There are 400 pages and documents on the site already, and it looks terrific. We launched 2 weeks ahead of schedule.

 Energetica Press release on IT Wire

Ministers press release

Two competing ideas graced my power hungry computer screen this week. One is the idea of turning off computers when they are idle, the other is the idea of using that idle time for good.

 Thanks to Doug Jaquier for the link to Computers Off Australia. By turning my computer to power save mode I will save 78% of its power usage, and 662 lb(?) of CO2. Not sure whether that is per year or over the life of the computer.

In any case, I always turn off my computer when it is not in use and I use green power so the CO2 is irrelevant. It is still a good exercise to see the impact of idle computers.

On the other hand, I was invited to join the Australian BOINC challenge. BOINC is the exceptionally geeky name that has become the centre of the distributed computing movement.

Started with SETI (Search for ET Intelligence) and now has grown to help find the cure for cancer, do climate prediction, solve mathematical conundra and unlock the secrets of the universe.

Back before my computer got old and grumpy I was doing a lot of SETI, contributing my spare processor and memory to creating the ultimate X-file.

Both these strategies for computer idle time are good. One reduces power usage, one makes power usage productive. I think that my computer will continue to go off when not in use. But our server, which is on all the time, might find better uses for its idle time. I think I like the irony in using idle power for climate predictions.

(And before you pick me up on it - I know that processing uses more power - but it is more efficient use of the baseline)

I love the title of this article When Worlds Collide. I'm a big fan of old sci-fi.

Microsoft supporting Appache is an interesting development but not unexpected. Microsoft adding its weight to the Open Source community.

As the article notes there are open source supporters inside Microsoft and the extraordinary growth and strength of the Open Source Community couldn't be ignored forever.

There are people who will think this is a pact with the devil. I think it is a positive move. The open source community has enough structure and credibility now to stand its ground. It's a movement that won't be compromised and will continue to gain strength. The move by Microsoft actually strengthens the open source movement and adds value to it.

The future of software is not one or the other between proprietary and open source. It will continue to become a blending of both and customers will drive the balance.

For sophisticated systems the best option might be a custom system that integrates a proprietry system with an open source system. These integrations are already commonplace. Everywhere you will find proprietary systems running on Apache servers, or open source applications running on Windows OS. Future integrations will be more tightly coupled, customised for particular customers.

The choice for customers is no longer one of philosophy or brand loyalty, its about picking the best systems for the job and making them work together.

Microsoft took a version of Vista, pretended it was Mojave "The new Microsoft Windows", showed it to "ordinary people" and filmed the result when they told them it was actually Vista. Microsoft Candid Camera.

This is the Mojave Experiment. It seems that Microsoft marketers are up to the same page as me in "Make to stick".

Its marketing. A clever idea, but in the end 20 people paraded by Microsoft won't counter the mass of people spontaneously airing their views about Vista.

Curiously, the site is an overdesigned, flash file that takes ages to load.

Over the past few weeks some of our clients have been caught by email configurations that become a nuiscance if not a serious issue.

Most of the issues are a result of anti-spam setups that simply get in the way of message distribution.

Some of our clients can't send to us because our servers check that the user name is valid on the domain it comes from. Some mailbox setups return negative to this. That is a problem at the sender end.

We have a setup where our incoming mail and our outgoing mail are from different servers.  Some mail systems don't like this and we can't send to them.

These problems tend to pop up or disappear when something changes, such as hosting provider.

The one that had us most stumped this week is a doosy:

Some anti-spam scanners will trace links in email messages to make sure they are not spam sites. This is a good thing except when the link is an activation link. Curiously it is often anti-spam measures that create activation links in a message. This is how the problem can occur:

1. You subscribe to a website, or your website informs you of an event that you need to approve (such as approve a post or content change). The site will send you a message with a link in it. This is to ensure that you asked for the subscription of approve of the event - good anti-spam practice.

2 . Your anti-spam software follows the links on the message before it delivers it to your mailbox. However, by following the link it performs the activation, so you are subscribed before you know it, and your post is approved, unnapproved or deleted (depending on the order in which the links are activated).

You can whitelist your messages, but you are unlikely to do that if you are just subscribing to a newsletter.

So a confluence of anti-spam measures can get you into quite a pickle.

It's been a week of scam and malware attempts. Not me attempting a scam, but people trying to scam me.

In the post I got an official looking letter from the WorldWideWeb Register. As the registrar of a domain my details are available. I could pay to hide them, but there isn't a lot of point. As the company owner there are plenty of ways to find my details.

This one is a very legal looking contract  in duplicate that says I need to sign up if my "website address as specified is updates".

I sign. They (apparently) publish me on a register and I pay them for each time the create and "edition" the sum of 877 euros. To cancel the contract "mutual concent will be necessary". I can see them giving that!

Its an elaborate scam. Whether they publish me or not isn't the point. It relies on people seeing a very official looking legal contract and simply signing it without reading the very dense and fine print.

If they send out 100k of these and get a .1% response (thats 100 people) they make 87700 euros.

I didn't buy it, but I know things. I understand the way that domain registries work and I know that they don't work like this. Its my business to know these things, but I'm betting that .1% of people don't know this stuff.

SCAM 2 for the week.

Not a scam really, a virus attack that very nearly worked.

We ordered a package of things from the US last week and they sent a messages with a UPS tracking number. I love these tracking systems where I can see where my package is. It adds to the anticipation of the arrival of goodies. (I'm easily amused).

Yesterday I got a message from UPS with a tracking number saying there was a problem with the delivery. It attached an 'invoice' zip file and as it turns it contained a trojan. It seems to have escaped the several levels of virus scan I have in place.

Normally I would have seen this for what it was. It was the coincidence of the virus delivery with our expected UPS delivery that let me drop my guard.

I didn't open it in the end. But it was close.

Virus protection will go so far. Knowledge and vigilance have to do the rest. This stuff interests me on a professional level so I have the knowledge and with knowledge it is easy to be vigilant. For most people this stuff is as interesting as reading the phone book. The scammers/spammers/bad guys count on this and the percentages. They get better at it too.