Smithsonian Magazine has a great article on Richard Clarke, the former counterterrorism czar, discussing Who Was Behind the Stuxnet Attack.
Liz Gannes writes for AllThingsD, Automattic Grows Up: The Company Behind WordPress.com Shares Revenue Numbers and Hires Execs. In addition to Stu joining as CFO and Paul as Consigliere/Automattlock, we’ve been on a hiring roll the past month or two with excellent folks joining at every level of the company, including two more Matts. If you’re passionate about Open Source and making the web a better place, like we are, there’s never been a better time to join. My favorite thing about logging in every morning is the people I work with. Friends say I work too much but it hardly feels like work at all. Update: Now in Techcrunch too.
The Janitorial team at Automattic spent a week in Seaside, Florida working on projects together, here’s one night we went out for dinner.
Users use the same passwords for multiple services. It’s a fact of life, it’s just so easy to that most people end up having 2-3 passwords they use everywhere, including one “hard” one for financial sites, etc. The downside is your password is only strong as the weakest link of where you’ve used it — when something like the Gawker hack happens there is a huge wave of compromised accounts that follow.
You can ask users not to use the same password, you can even encourage things like 1password (too expensive for many people I recommend it to), but what if there was a way to enforce that people registering for your site hadn’t used the same password elsewhere?
It actually wouldn’t be too hard, if you’re registering with firstname.lastname@example.org and the password “abc” when you register and the site hasn’t encrypted and stored the password yet it could try to log into your Gmail account with those details, and if it works force you to choose a different password. There’s no reason this has to be limited to email logins, you could put it against the APIs of WordPress.com, Twitter, Facebook, LinkedIn, any number of other services that expose simple authentication APIs and see where it works. Any successful logins, tell the user they need to pick something else.
Of course all that work and they’ll probably just put a 1 at the end of it.
I loved this comment on Hacker News, especially the last paragraph which I’ll quote here:
The question implicit in your comment is: Could we design a system that offers the ease of accessibility of the first few steps of a PHP programmer’s career but, as one climbs the learning curve, eventually blossoms into Python or Ruby or even Lisp? I wish I knew. My best guess as of this morning is that a demigod could design such a system, but it’s very difficult for mortal humans to do so, because once you know how to program it’s hard to avoid overdesigning, putting in things that will eventually be useful in year two but are discouraging in year zero. We make terrible pedagogical mistakes, like turning everything into an object. (Does your ORM seem intuitive to you? That is why PHP is beating your system in the marketplace.)
Pingdom writes WordPress completely dominates top 100 blogs. I’m quoted in the article saying that the 49% marketshare we have among top blogs will continue to grow, and I’d like to expand on that a bit because it’s a strong statement.
Typepad and Blogsmith, the two platforms that dropped the most over the past 3 years, are going to disappear either through blogs still using them losing relevance, or their active blogs switching away. Movable Type will likely follow suit, unless its now Japanese-led development makes a pretty drastic change in its product direction. (Consultants focused on Movable Type and Typepad have already started shifting focus to switching their clients to modern platforms to avoid losing the relationship.)
The other big shift will come from the ~22% on custom platforms — this is going to become as niche as writing your own web server instead of using Apache or Nginx. Some organizations like Huffington Post might continue to make the necessary investments of over 40 engineers to maintain a platform at scale, the rest will find better return investing those resources in editorial. Great stories find an audience regardless of their platform.
WordPress’ biggest challenge over the next two years, and where we’re focusing core development, will be around evolving our dashboard to be faster and more accessible, especially on touch devices. Many of our founding assumptions about how, where, and why people publish are shifting, but the flexibility of WordPress as a platform and the tens of thousands of plugins and themes available are hard to match. We might not always be the platform people start with, but we want to be what the best graduate to.
Paul Ford on Facebook and Instagram, hilarious and insightful.
You’ve heard of the placebo effect, how people can get better from a fake treatment, but did you know there’s also a nocebo effect? It’s just as strong: “More than two-thirds of 34 college students developed headaches when told that a non-existent electrical current passing through their heads could produce a headache.” (From Skeptic’s Dictionary.) Alexis Madrigal did a very readable feature about it for the Atlantic called The Dark Side of the Placebo Effect: When Intense Belief Kills. I found out about it from Olivia Fox Cabane’s new book The Charisma Myth. What you don’t know can hurt you.
In mid-January Mark Zuckerberg added me as a friend on Instagram (we’re also connected on Facebook), I grabbed this screenshot a few weeks later because I thought it might be interesting at some point:
Today the awesome news, for both Facebook and Instagram, comes that the Instagram team and product is being acquired. This is one of the first acquisitions (if not the first?) Facebook has made where they don’t plan to shut down the service, and it’s a testament to what Kevin Systrom, Mike Krieger, and his team have built. (Friendfeed is still running, but that doesn’t count.) It’s good to see old Pier 38 neighbors doing well.