Kindle Statistics

Ideas,

Dear Kindle Team, one of my favorite features of Google Reader has always been its “Trends” or more simply its statistics that give you insight into your reading patterns and volume.

As the Kindle has become a bigger and bigger part of my life, much of my reading time has shifted from RSS-based sources to content on my Kindle, but I’m really curious how much time, how many words, at what times of day, etc I’m consuming all this new content. I think providing stats would also encourage people to read more, and highlight to them how the Kindle has changed their habits.

Forty!

Birthday

Birthdays are so great because they’re about generosity.

The act of giving, helping, is so generative.

It’s what we can all do for ourselves and each other.

But accepting is really hard, too! Gosh! Let it in.

Sometimes we don’t let the gifts in.

Approaching forty has felt impossibly light and heavy at the same time for me.

It’s so cool to be typing this into something we made together. I want you to really think about that. Ponder the enormity of all that came before that allowed you to be here today, and I want you to get a little bit excited, in that sacred hidden part of your heart that yearns for more.

Let’s keep doing that. And let’s make it better and share it so everyone can enjoy it. We make the world.

I’ve been enjoying so much all the posts coming in for the birthday gift. I’m reading them as fast as I can.

Specifically, my failure mode is I share too much. I’m too generous. I like to err on the side of open. Here’s some amazing code I wrote that you have a legal license to use however you like. If you ask those closest to me how I mess up, it’s that I over-extend myself and try to do too much.

I’ve never shared this publicly, but when the Bay Lights wasn’t going to make it the first time, I mortgaged my apartment and used that money to get it over the line. My personal finances were messy for years after that. I think a lot about being impeccable with my word.

I want people to give the smallest $10 donation to the Bay Lights and encourage others to do the same so that we can all share in feeling that together, we can build things. And every time you see the light or bridge or think of San Francisco, you’ll think of that sacred hidden part of your heart that yearns for more, wants to leave everything better than you found it.

Add some light.

Let the gift in.

This is the part where the sounds come in and you hear it’s the remix.

I find myself returning, again and again, to the Automattic Creed, especially the first line:

I will never stop learning. I won’t just work on things that are assigned to me. I know there’s no such thing as a status quo. I will build our business sustainably through passionate and loyal customers. I will never pass up an opportunity to help out a colleague, and I’ll remember the days before I knew everything. I am more motivated by impact than money, and I know that Open Source is one of the most powerful ideas of our generation. I will communicate as much as possible, because it’s the oxygen of a distributed company. I am in a marathon, not a sprint, and no matter how far away the goal is, the only way to get there is by putting one foot in front of another every day. Given time, there is no problem that’s insurmountable.

I’m having the most amazing day reading everything that people are sharing. I want to re-share the quote I shared on Tim’s podcast from Will Durant:

Health lies in action, and so it graces youth. To be busy is the secret of grace, and half the secret of content. Let us ask the gods not for possessions, but for things to do; happiness is in making things rather than in consuming them.

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40.

iPad 3 Launch Experience

Meta

I’m in New Orleans for a few days and, long story short, although I pre-ordered the New iPad it’s arriving to an address I won’t be at for a while, so since I was up early this morning thought I’d go to the nearest Apple store in Metairie and see if I could pick one up, or at least be part of the excitement that always accompanies Apple launch mornings.

The store had opened at 8, but I arrived at about 8:55, and the scene was not at all what I expected. There was a crowd outside the Apple store, but it was of blue-shirt employees, I walked up and said I was there for a 64GB white AT&T iPad, the fellow handed me a card, and 5 minutes later I was checked out. No line, no waits, no anything! Here’s a picture of the front of the store, at 9:20am.

Line at Apple Store

The woman who checked me out said there had been a bit of a line that morning at 8, but just about 20-30 people and she thought that most people didn’t know they were opening at 8 that morning instead of the normal 10.

I walked back outside and grabbed a water bottle from the big pallet they had of them (for the expected line) and a Verizon employee accosted me to show ask if I had gotten AT&T or Verizon. When I replied “AT&T” he said “oh man!” and showed me the speed tests he was getting on his iPad 2 tethered via wifi to a Droid device he had, an impressive 20mbps down. “Think how fast it’d be going direct to an iPad.” (I agree, but I already have a Verizon Nexus device, a T-Mobile Blackberry, a Sprint iPhone, so I wanted to complete the quartet with another carrier and ensure I could have coverage anywhere.) I decided to celebrate with some beignets across the food court from Cafe Du Monde:

Celebratory Breakfast

So why the lack of a line? Perhaps it was mix up about store opening time, as they suggested. Maybe New Orleans is a Samsung town. Perhaps Apple just did a better job with the pre-orders arriving on launch day, so people didn’t feel the need to go to the store. Maybe people weren’t as excited as I was about the new launch. All in all, it doesn’t matter to me. The screen is gorgeous, it’s restoring now from iCloud backup, and I’m pleased as punch to have one on launch day and I’ll probably spend far too much time today staring at the amazingly high resolution. If you were waiting because you thought the stores might be crazy today, maybe head to them half an hour after open time and skip the queues.

Intensely Automattic Change.gov

Automattic,

Everyone is honored and excited today that Change.gov, the website of President Elect Barack Obama, has turned on IntenseDebate comments to discuss things like health care.

Micah Sifry has an excellent write up of the topic.

Imagine what happens if those numbers–on not just any “centralized site” but the one that symbolically and perhaps literally has the attention of the President-elect–start climbing into the five- and six-digits. Before our eyes, we are witnessing the beginning of a rebooting of the American political system. [emphasis added]

[…]

By using IntenseDebate (and the OpenID framework), the Obama transition is actually enabling a lot of interesting community development to start happening beneath the surface of a threaded discussion. Users get their own “commenter profile” on IntenseDebate, along with reputation points, and they can carry those profiles onto other sites that use the same system. Users can also choose to follow other IntenseDebate users, so if someone is really diligent they could start to gather a group or a crowd around them.

It has even started to make the cable news, as evidenced in this clip.

Pretty exciting! And it’s also a reaffirmation of Automattic’s platform-agnostic approach to Akismet, Gravatar, PollDaddy, and IntenseDebate that although Change.gov uses Expression Engine for their CMS they’ve chosen IntenseDebate for their comments.

A Bank Website on WordPress

WordPress

There’s a thread on Quora asking “I am powering a bank’s website using WordPress. What security measures should I take?” The answers have mostly been ignorant junk along the lines of “Oh NOES WP is INSECURE! let me take my money out of that bank”, so I wrote one myself, which I’ve copied below.

I agree there’s probably not a ton of benefit to having the online banking / billpay / etc portion of a bank’s website on WordPress, however there is no reason you couldn’t run the front-end and marketing side of the site on WordPress, and in fact you’d be leveraging WordPress’ strength as a content management platform that is flexible, customizable, and easy to update and maintain.

In terms of security, there are a two simple points:

  1. Make sure you’re on the latest version of core and all the plugins you run, and update as soon as new version become available.
  2. Use strong passwords for all user accounts. For extra credit you could enable a 2-factor plugin, use Jetpack’s WordPress.com login system, or restrict logged-in users to a certain IP range (like behind a VPN).

If your host doesn’t handle it, make sure you stay up-to-date for everything in your stack as well from the OS on up. Most modern WP hosts handle this (and updates) for you, and of course you could always run your site on WordPress.com VIP alongside some of the top sites in the world. If you use any non-core third party code, no harm in having a security firm audit the source as well (an advantage of using open source).

For an example of a beautiful, responsive banking website built on WordPress, check out Gateway Bank of Mesa AZ. WordPress is also trusted to run sites for some of the largest and most security-conscious organizations in the world, including Facebook, SAP, Glenn Greenwald’s The Intercept, eBay, McAfee, Sophos, GNOME, Mozilla, MIT, Reuters, CNN, Google Ventures, NASA, and literally hundreds more.

As the most widely used CMS in the world, many people use and deploy the open source version of WordPress in a sub-optimal and insecure way, but the same could be said of Linux, Apache, MySQL, Node, Rails, Java, or any widely-used software. It is possible and actually not that hard to run WordPress in a way that is secure enough for a bank, government site, media site, or anything.

If you wanted any help on this feel free to reach out to Automattic as well, we have a decade of experience now dealing with high-risk, high-scale deployments, and also addressing the sort of uninformed FUD you see in this thread.

If you’ve developed a major bank site in WordPress leave a link in the comments.

So I’m 20

Birthday

This is it. Last year my birthday was loud and surprising, this year it was chill. Both have their attraction.

WordPress Birthday logo

Awww thanks. 🙂 Mad props to Craig for the WordPress header (currently in rotation).

While I’m here I’d also like to wish a happy birthday to Dave, who had a birthday a few days ago and didn’t tell anyone. 😉

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40.

Thirty-Two

Essays

My thirty-second birthday has arrived after a whirlwind year, probably my most challenging and rewarding. It went faster than any year I can remember, absolutely flew by. Luckily it was capped at the holidays with a precious few weeks of downtime in Houston. Now I’m back to work in Cape Town and just finished a lovely day of great food, wine, and conversation with colleagues who are here for a meetup starting tomorrow.

Since I started tracking, 2015 was the first year that I traveled fewer miles than the year before, clocking in at 398k, down 27k. (398,553 miles, 111 cities, 20 countries.) In 2016 I’m going to try and get that even lower. It was also one of my best years for blogging on this site, with the most posts (252) I’ve made since 2008, and the most words (24,605) since 2005. (If anyone is curious, I wrote about 60k words over the same time period in Automattic’s internal P2s.) In a weird omission, though, it’s the first year since this site started in 2002 that I didn’t post a single gallery of photos. I’ve developed a mental block around processing and posting the fancier pictures, even as I carry hundreds of gigabytes of them around the planet several times over. Hopefully this is something I can get past in 2016.

I ran 163 miles in 2015, more than I did the year before, and I think that trend will continue. Last year I talked about habits and small actions, and a daily todo list with some small items to nourish the mind, soul, and body has become central to my routine. I dyed my hair (grey) just for fun and also to show the rest of Automattic they could too, how you look doesn’t matter one iota. My restaurant quest has continued, and I’ve now been to 38% of the current top 50 list.

More so than before, I really don’t know what’s around the corner. While there is a lot in motion, there is even more still being defined and started. There’s freedom in the groove, to reference Joshua Redman’s great album, and I’m getting a lot more comfortable with ambiguity and the faster pace of life in general. More than ever, I consider myself incredibly lucky, so it’s exciting to make the most of the opportunity that the volatility, love, loss, glory, failure, inspirations, and setbacks that 2016 will bring.

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40.

Love and Hate

Spam

One of my favorite funny graphics from the on-hiatus Creating Passionate Users was this one from the entry Be brave or go home. Because on this entry on my blog a few days ago the part of the blogosphere that makes money from ad-embedded themes has been viciously attacking me personally. Attempted assassinations are never fun, at least for the person on the receiving end, but overall I’m happy for a few reasons:

  • Some of the paid links in themes are to the same URLs I see in Akismet, so I know that there is at least some overlap between the people financing these themes and attacking our blogs, and any way we can fight them is good.
  • I know that this is something the majority of the WordPress community has voted for.
  • I am hopeful we’ll stop seeing threads like this in the support forum. “I installed the ecologici theme found here [link to wordpress.net] I customized it, no problems. I went to add my scripts to the footer and found this code…”
  • The attacks sting less when it’s from people who have significant financial interests in seeing sponsored themes continue. They’re just trying to protect their money.
  • That they’re making so much noise is an indication we’re doing something meaningful.
  • The attacks sting less when they’re from people with questionable personal practices. [1]

Still, there is a lot of hard work ahead.

[1] For example one attack post from “Franky” on a blog called Wisdump (didn’t that used to be run by the awesome Paul Scrivens?) I noticed it was loading a little slow, then I saw pingomatic.com in my address bar. I looked at his source and saw he had embedded a 1×1 pixel iframe loading the ping page for Ping-O-Matic on every one of his pages. I must admit this is clever, it utilizes the distributed network of everyone who visits your site to attack Ping-O-Matic and spam the ping servers, and of course IP blocking is useless because it’s coming from the regular folks on your site. But it is also extremely skeevy. (And I believe a little bit of JS on the ping page should fix that right up.)