Woo hoo!  I’m exited!  The latest version of WordPress, 2.3, is due out in late September.  This go-round, the principle architects of the WordPress thang have released the schedule by which the final preparations are being made:

» WordPress 2.3 Release Timeline boren.nu

WordPress 2.3 went into feature freeze last night in preparation for its eventual release on September 24th. From now on we’re concentrating exclusively on testing and bug fixing. We are scheduled to release the first public beta of 2.3 this coming Monday, August 27th. We’ll be doing a new beta release every Monday and bug hunts every Wednesday. On September 17th we enter a hard freeze and release the first release candidate. A calendar of these events is available here.

Of particular interest to fans of the WordPress platform is the new tagging schema, which is really much more complex than one new feature.  The database will now be structured to include a keyword table and a table that defines what those keywords can be called and used for.  A keyword like “PHP” could be used to define a Category, a Tag and even something else entirely that a developer creates in a plugin.

I’ve not had a chance to look at any of the release candidates since 2.2, but I’m hoping to find an hour or so to load a test blog and see how it works.  Or at least, just look at it.  I wonder when all this new stuff will make it’s way over to WPMU, but in the meanwhile, I want to bone-up on the way it works in advance to get a jump on it for DragonFlyEye.Net.

Powered by ScribeFire.

Share This

Having spent a number of years as a hardware tech support guy, I get a whole lot of questions about basic PC stuff, generally the same question over and over again. A big one in these days where we are becoming more and more involved in the Internet in both our work and personal lives is the question of password security.

Used to be that the very fact that you knew how to turn a computer on was more or less proof that you had a need to use one. Now, every moderately important function of the computer seems to include password protection and identity verification. Simple passwords definitely do not cut it anymore, even if some systems will allow you to set such a password: once you’ve set ten or fifteen passwords - probably all as the same password - you leave yourself open to a world of identity theft if you don’t use at least a semi-complex password. Social engineering will also sting you, if there are people out there that want to get the best of you, so setting your password to your wife’s name + 99 to make it complex will not do.

So, here’s a simple process you can use to make a password that is by far-and-away a better, more complex password which has the extra bonus of being easier to remember than most strong passwords. This is not entirely original, but I’ve embellished on an old trick and am going to walk you through it:

Step One: choose a song

That’s right, a song. Any old song will do, but preferably one you really dig. Find a line of lyrics in it that you find particularly inspiring and select the first letter of each word. For an example, I’m going to use Close to the Edge by YES, my favourite line and the first line of lyrics after the solo:

The time between the notes relates the color to the scene

ttbtnrtctts
Hmm. . . Well, right off the bat, no one is going to social-engineer that unless it’s on the poster tacked inside your cube. Even then, it’s going to be a pretty good guess, indeed.

But a strong password is one that includes at least one character out of three of the following four character types: lower-case letter (b), number(7), special character (!) or capital letter(D). So, let’s go back and see if there isn’t something else we can do to gussy up our new password. Pick from the following three steps to get your password.

Step Two: pick a capital

No, I don’t mean Washington. I mean pick a letter in the chain of letters we’ve created and make it capital. This could be any one of the characters, but for memory’s sake, pick the most significant word in the sentence, if that’s possible:
ttbtnrtCtts
As you can see here, I’ve chosen to capitalize “Color,” since that’s the most significant word in the sentence, or at least one of them. You could use more than one capital, of course. Another option would be to do CAP-lower-CAP-lower if you wish, but this is predictable and defeats the purpose. Capitalizing the first letter is also cheating, so don’t do that! We’re almost there, let’s keep going.

Step Three: character substitution

There are two types of substitution you can use: one is to change homophones like “too/to” and “2,” the next is to change letters into numbers that sort of look like the letter. Let’s try it here:
tt6tnrtC2ts
In our current example, I’ve substituted the word “to” with the number 2. Those ones are easy, but I’ve also substituted the letter “b” in the word “between” for the number “6,” which would be harder to remember but not impossible.

Well, this is looking pretty good so far! In fact, I could easily stop right here and have a nearly unguessable password. But in case one of the above didn’t fit, let me mention something rather obvious.

Step Four: put the punctuation back!

The natural tendency would be to eliminate the punctuation when creating the password. Did you do that? If so, put it back! Those are special characters and qualify your password as being even more secure. In my case, there really isn’t any punctuation to speak of. However, since the end of a line of poetry should end in a comma or a period (according to my eighth grade English teacher!), I’ll go ahead and add it by way of example:
tt6tnrtC2ts,
Viola!! There’s your password, as good as it gets. Now, even if you use it for all your passwords (unrecommended, of course), its about as secure as you’re ever going to get under the circumstances. I hope this helps a few people and I hope you found it enjoyable! Actually, when you do it this way, making passwords is actually a lot of fun!

Share This

I’ve been on vacation all week, and after returning from Florida on Wednesday, have spent my remaining time working on making the switch from the older version of DFE to the new one.

The first step in this exercise was to condense and enhance the webspace situation. Until recently, I’ve had three separate accounts with 1and1.com, each for a different domain. I did a bit of math recently and realized I’m screwing myself when I could as easily be using one account with WAY more space and features. But of course, all that means transitioning everything over from the old accounts to the new one, and that’s no easy feat.

Unfortunately, one of the major sticking points happens to be phpMyAdmin, which seems to have an undocumented cache limitation. Beyond a certain size, no .sql file will actually generate any kind of query. That makes restoring a database to a new database something of a pain, and in the case of the very large DFE database, neigh on impossible. Even to transition this relatively small web space required me to make XML files of the different blogs through WordPress’s Export function and then reimport them here. That worked quite well, actually.

But it doesn’t cover the wp_options table, which is a problem. My biggest concern is how my ability to upgrade to the new platform will be hindered by the sheer time required to do the project.

I’ve setup my server such that the old system will be housed on an /archive directory and the new one will be located in a /current directory.  That way, if the doo-doo hits the fan, I can always bounce back to the old platform.  Also, I can have the new platform working on a subdomain with its own database and leave all the old options unmolested.  Still another benefit will be the ability to use mod_rewrite to bounce any requests for old pages on the non-WordPress side to the /archive directory, thus saving me the trouble of having to import all those old articles into the WPMU database.

This also saves me the trouble of having to figure out what plugins to load and where while my system is temporarily disabled.  I’ll have the plugins where they need to be and I can throw the switch while they’re still in Dev.

The nice thing is: I installed my blog in the old schema under the subdirectory /blog, which means that the native setup for WordPress MU will put all my posts back into what I believe will be precisely the same permalink structure as what I’ve already been using.  I’ve toyed with the idea of going live with the new platform but only using it for my own blog, however, this has been junked in favour of switching directories to make the cutover.

But there’s no getting around the fact that, if I want to transition the old platform to the new environment, I’m going to need to manually jerk around with a lot of SQL queries to make that happen.  Again, I’d toyed with the idea of just switching to the new environment when I’m ready to go with the new platform, but that’s been nixed because there won’t be a way to switch back.

Wish me luck.  This is going to get complicated. . .

Share This

Wired.com has a great article in it about the problems associated with what are the most popular social networking sites out there, Facebook and MySpace:

Slap in the Facebook: It’s Time for Social Networks to Open Up

Social networks like Facebook and MySpace are taking the web by storm because they make it easy to manage your personal data and keep in touch with people you know. But to get value out, you have to put something in — photos, contacts, appointments, lists of your interests and your blog musings.

Therein lies the rub. When entering data into Facebook, you’re sending it on a one-way trip. Want to show somebody a video or a picture you posted to your profile? Unless they also have an account, they can’t see it. Your pictures, videos and everything else is stranded in a walled garden, cut off from the rest of the web.

I use both services to promote my main website.  This is largely out of necessity, inasmuch as both services provide quick and easy ways to reach people in my target audience (young, liberal and living in Rochester, NY).  But the one-way communication that they present is only part of the problem.

With MySpace, it seems relatively inexperienced and unprepared techs put the site together without planning for the future.  When MySpace bloomed out of control, they started shutting down the ability to incorporate your own stuff because they can’t seem to control all the spam.  Rather than deal with spam directly, they restrict user’s ability to embed Flash, JavaScript or even a large swath of HTML into their own spaces.  Despite having made a play for musicians, comedians and politicians all to spend their time on MySpace and get the message out, MySpace’s engineers have done nothing whatsoever to help people using those services effectively manage their “friends.”

I mean, what is the point of inviting your entire 1000-person friends list to a concert in Buffalo if only twenty people on your list live in the Buffalo area?

My current experiments in WordPress MU land are directed at creating something social like MySpace, only social enough that you can do what you like with it.  I’m creating a site to allow users to blog on issues concerning Rochester, NY, each on their own private blogs, and then give them the option to rate other people’s blog articles to allow the most popular content to reach the top of the front page.  I’m also working on having “featured bloggers,” those being people of interest in the various content areas of the site that get their stuff featured throughout.

Many of the experiments happening on this site happen for the sake of the other.  Hopefully, if all goes well, people in Rochester will have something worth talking about and a model to be emulated elsewhere.

I’m wondering what XFN plugins are available for WordPress and what they do.  Perhaps with a little bit of thought, I might come up with one of my own. . . .

Technorati Tags: Design, Web2.0, Social Web, Social Networking, FaceBook, MySpace

Powered by ScribeFire.

Share This