The Code Cave

It went something like this:

Be sure to join me live tonight at 9pm Eastern at http://www.RhettAndLink.com/live

This is one of the must usful features when using skype for business. Especially with an organization the size of b5media. I use shared groups to deploy blogger skype contacts to all of the b5media bloggers, the b5media Toronto Office and b5media Tech Team amoungst others. The blogger group is great becase when a new blogger comes on they instantly have access to dozens of other b5bloggers through skype.

I have personal Skype groups for b5 Third Party Contacts, for Rhett and Link, and others. The third party group is great because it contains both normal phone numbers and skype contacts. Since I have skype out, my laptop is my work phone.

This screencast demonstrates some of the features and asks some questions I don’t have the answers to:

Previous in series

Ok everyone loves to bash Vista. It’s the in thing. I get it. I run vista with the User Access Control (UAC) turned off. Once that is done, it is modern version of Windows XP with some nice features built in. Now some of these have been made available in a limited fashion in XP service packs, like this first example: the integration of the internet into the Open Dialog box.

This is one of my favorite Vista features.
I’ll demonstrate in this video:

I have been here.  I know  what both of them are feeling.

“I forgot all about the air hockey table….  ***aaaaaaahhhhhhhh***”

(It would have been so easy to drive overtop of my friend’s little Saturn when she was lead the moving van I was driving through the old brick streets of Pittsburgh’s south hills… It was sooo tempting…)

This is actually my second time co-hosting the WordPress Podcast.  Episode 42 had unexpected delays in post production and much to my own chagrin, I suggested that it was perhaps a but too dated and should be re-recorded.  It saddens be because 42 was such a perfect number to join the podcast on…

But now with Jonathon away for the week, I’ve had another chance to join my friend Charles Stricklin online.  Please join us and give the show a listen.  Here’s a link to share if you like it:  http://is.gd/GFG

WordPress 2.6 has been been trouble.  There’s been confusion about whether it would be out in July or August.  There was one date in the road map, and one in Trac.  On Sunday night, Charles Stricklin and I recorded episode 43 of The WordPress Podcast and I stuck with the August date that was in the Trac tool used for development. 

Then the next day Ryan Boren sent this reply to the WP Testers mailing list the next day:

On Mon, Jun 23, 2008 at 1:01 PM, Kirk M wrote:
> Do my eyes deceive me or am I seeing a due date of July 7th for the release
> of 2.6 with a fall back for July 14? Any reason for the releasing a month
> early? I’ve barely setup my test sites figuring I had a month to go ye;). 

[Ryan Boren Replied:]
There was some confusion because the roadmap had July and trac had
August.  Given that all of the features went into 2.6 early and that
its been running this whole time on wordpress.com and lots of our
personal blogs, a shorter beta seems doable.  I think we can launch
the beta cycle now, pound on it until the 7th and decide if it’s
ready.  If not,  pound it another week and decide of it’s ready.  I
merge 2.6 to wordpress.com almost daily and get tons of feedback in an
instant.  I’m pretty confident in being able to finish off 2.6 in a
few weeks.  We won’t be adding any more features to 2.6 so there’s no
need to linger for an extra month.  Also, a July 2.6 release allows us
to consider an early September 2.7 release that focuses on pulling in
some of the GSoC work.  That work would be too much to try to push
into an early August 2.6 release.

Ah, well you win some you lose some.  At least I wasn’t the only one who thought it would be August.

Since then a much more controversial debate has arisen.  Westi made the announcement that WordPress 2.6 would have the XMLRPC feature turned off.  XMLRPC is the technology that allows programs like Windows Live Writer, MarsEdit, ecto and other external blog editors use to communicate with your WordPress blog.  Here is what Westi had to say about it in his announcement:

WordPress 2.6 will be more secure out-of-the box including better support for running the admin over SSL and changes to disable the remote publishing protocols by default.

We have choosen to disable Atom Publishing Protocol and the variety of XML-RPC protocols by default as they expose a potential to be a security risk.  So from WordPress 2.6 onwards you will need to go into the Settings->Write page and enable them individually if you want to use them.

Mac software developer and MarsEdit creator Daniel Jalkut believes this to be a fundamentally wrong choice.  He’s said so on the wp-hackers list and on his website:

WordPress’s decision to shut off remote access by default is analogous to a bank offering unrestricted drive-through access to its cash machines, while requiring pedestrians to ring a bell and wait for a security guard to open the door to the machines.

Also worth considering: if a service is disabled by default for security considerations, what message does that send to people who choose to, or who are encouraged to turn the service back on? It sets up a perception of insecurity which may not even be warranted. If the remote publishing interfaces are insecure, they should be fixed, not merely disabled!

I think that’s somewhat misleading.  It makes people think that the switch has to be set  over and over again.  It is much more like, when you open a savings account, checking either the box that says you want an ATM Debit card and/or the box saying you want to access the account through the online site. Eliminating either of those options would make your money more secure.

I agree that there is an issue with people upgrading and finding that MarsEdit, Livewriter or whatever doesn’t work. That is easily solved by keeping the XML interface off by default on new blogs, but not changing the behaviour for upgrades.

But why not just “fix” the security issues?  Well the truth of the matter is that you can no more "fix" all security risk in xmlrpc than you can "fix" it in any software program.  It is a moving target.  New methods are thought of and software improvements introduce new avenues never thought of, even if there is a layer between the final interface and the database.  So even if WordPress was completely clean in 2.6, how can you prove that it is secure in 2.8 or 3.0.

Is xmlRPC secure in WordPress 3.0?  I don’t know it doesn’t exist yet.  But I do know if it is disabled for new blogs, that the new WordPress 3.0 blogs won’t face an XMLRPC security risk.

You’ve probably seen this by now and I’ll admit I watched it a few times to help me decide whether or not it was fake or not.  Here, I’ll let you have a go at it to see if you can spot anything,

I keyed in on the obvious, from my perspective.  I’ve never seen  someone as close as the fans were to that ball, not fling themselves out and almost fall onto the field to catch it. 

Those people hardly reached at all and stopped before the ball was really caught.

However the catcher is the clue to this one.  I’ll show you two frames and see if you catch it:

Catch it?  Kudos to the commenters on the original video (reached by clicking the embed above) who caught this.  If you go there you will see that the description of the video is “Baker [Smith] directed these viral spots for Gatorade from ad agency Element 79 and Partners.”  See the half empty Gatorade bottle by her chair at the end?

Friends don’t let friends double click…

Next in series

I am at SxSW for a week and the introduction of this session was so incredible I thought I would live blog it and share my notes:

SxSW using geolocation in games and online (03/08/2008)
11:48 So here I am at SwSW at the second session I’ve hit for the day. and So far this is a blast
11:49 This session doesn’t apply to my job directly but it is incredibly high on the geek coolness factor
11:50 I started describing old school geocaching from 2000 talking about how you used GPS to go and find “treasures” out in the woods
11:52 But there is now all sorts of cool stuff going on. Like zork based games where you get to a location and your phone/device/whatever gets messages saying “In front of you is an old man searching though a basket” when you get to the right location
11:54 They have also been covering things like vertical games where in a big city you have ppl up in a tall building guiding your team mate through a maze down on the city street.
11:56 Now there are also competions going on with things like Nike Plus which has run tracking, mileage and geolocation built into the shoe and ppl are competing with others for how far they go etc
11:57 So why can’t you do things with points as you are going. A little transmitter at different locations indicates that you get a power up or get extra points for the run.
11:57 This technology is really fascinating.
11:58 The idea of bringing movement into games has taken off with the wii and Dance Dance revolution

11:58 This brings things into a new level as it turns the real world into a game
11:59 New term I am “Geo Curious”

12:00 They are talking about how the iphone doesn’t have true gps right now
12:01 I am really glad that I flashed the leaked GPS enabled ROM to my Verizon Titan right now. I just wish I could pick up more satelites. I’m waiting for them to ask who has GPS on their phone
12:02 The fuzzyness of GPSa is causing difficulty in creating Zork based games
12:03 GPSa is where your phone determines location based upon the cell towers that you are talking too.
12:03 So right now rooms when you are making a phone playable game has to be 100mx100m

12:04 However with TRUE GPS you can have a game that is within 2ft
12:05 “Conquest” was a game that divided a city into 8 zones and as soon asa team was within a zone and then the could shoot the “semicodes”? (Zombies?)

12:05 However they players who knew more could cheat if they knew where the edges would be.
12:07 These games can be done by ppl txting a certain codes that are available only at certain places. I think they said “crossroads” did that.
12:07 The maze game I talked about before that was done from building looking down at a maze was actually called “pac-man(hattan)”

12:08 ppl were dressed in pacman suits and they were guided by their partners with their cell phones.
12:09 Lower tech games just had you call and say things like “I am the king of spain” but the one panelist dialed the wrong number and really freaked someone out.
12:10 So the terms are “Relative Location” “Definate Location” and “Fuzzy Location”
12:13 “Crossroads” used GPS and you were looking at the map on your phone. and using that on a virtual map to guide you around an artificial environment as you are working around the real world.
12:14 I totally love the idea of this walking over the goal that you have and suddenly your phone buzzes in your pocket and gives you your next goal
12:15 However as with many things the technology is not QUITE there yet.
12:15 We are sooooooo close to very exciting things.
12:16 ppl with the Titan/Mogal/XV6800 can get to within 2 ft and that is wondererful

12:16 But atm I am off the ivory coast since I can’t get any sats.
12:17 There are also other issues beyond technology
12:17 There is a social aspect that has to be considered.
12:18 In even just geocaching, while burying an ammo box in the woods is OK, using it as a geocache in timesquare is not smart. Neither is a metal pipe.

12:19 This also CAN be dangerous. in a game in a city ppl walking out into traffic with their heads down is a REAL possiblity.

12:19 Playing games in the street can be a real danger.
12:20 Some one from the Discovery channel is in the audience asking a question (OK someone lolkatz that)

12:20 She is discussing Shark tracking and other similar technology to improve this type of game “Shark Hunters” was the show they did on this…
12:22 BTW for those that don’t know http://GeoCaching.com is a great site.
12:25 Another question is about using this in the news media. Obviously tagging photos is one idea but if all published media had was tagged with a location the possiblty is incredible
12:26 Google and other search tools would bring news really directly to you things that really directly affect your world.
12:26 In the blogging world there is of course http://GeoRSS.org
12:27 There is also a website that I can’t think of right now that is designed to show the whole world in photo format with geo location as well. The never metioned it today but I’ve been to the site. It is @jeremywright’s twitter feed.
12:29 There is a question about whether a city planner or ski results person came to one of the panelist how would they respond. Could you work together to create an official map.
12:30 RFID is actually an tech that would work better for this sort of thing. It could be used to create a more persistant game board in a city. The idea is brilliant. Seatle shoudl do that to bring ppl in.
12:31 This would be a similar idea to the “Skateboarding in the city” movement

12:31
Links
12:31 WhereIgo.com platform for creating your own games
12:32 Areacodeinc.com
12:32 loki.com (spelling?)
12:33 And that wraps up this session. That was really neat.
12:41 This Live Blog has now ended.

CoveritLive is a 2008 CNET Webware.com Finalist!
Vote for CoveritLive

I was involved in an email discussion this morning and once again I realized that I’ve transferred my creative energies from writing new and interesting blog articles over to email discussions and forum posts.  So I’m sharing this with you and will hit post instead of send.  (Oh and btw make sure to save as a draft in Windows Live Writer before pasting from an HTML email.  Some formatting causes WLW to go into an infinite loop.  As a result you have to rewrite your brilliant and concisely worded opening paragraphs again.  And they are just never as good the second or third time through and your daughter will get upset because you told her you would do her swimming lesson at 11am and that is already well passed.)

At b5media, Inc. we no longer allow the use of copyrighted images unless the blogger has obtained permission from the copyright owner or a representative thereof.  The use of copyright images is not something that most Bloggers bother to think about.  If you see a neat wilderness photo you want to share, you post it.  If you see a picture of an actor doing something… unusual, you might just toss it up on your blog.  If you write an article about Steve Jobs or Bill Gates, of course you’ll want a head shot above their name.  If an image is used on another website, it is considered polite to copy the image locally to your account so that you are not stealing bandwidth.  Most people certainly want to respect the rights of a photographer and want photographers to be paid, but those thoughts usually don’t enter our mindset.

Well for a blogging network of well over 300 blogs, image concerns are amplified.  Respecting creative rights and intellectual property is extremely important to us.  Heck, we make our living from IP too.  OK and yes, admittedly the $20K fine for each image in violation of the law could add up to a sum that would leave anyone weak at the knees.  So, liability is of course a concern.  If b5 takes a hit, that could affect the livelihood of hundreds of Bloggers.   So this is matter we take very seriously.  We have to. 

There’s been some discussion by our Bloggers and Channel Editors this morning on the subject of image use and here is my contribution:

COMMON SENSE DISCAIMER: Everything in this email/post is only the personal opinion of a geek and is not said in my capacity as a b5media employee. It may or may not be the opinion of the powers that be in b5media, inc. Therefore, nothing in this email has any relation to b5media, Inc. policies. Anything that you believe says or implies otherwise should be ignored. 

“creator’s date of death plus 70 years”

BTW you can thank Disney for that stupid law. It irks me because it means that rare recordings of things like the Danny Kaye performances I like cannot legally be shared and so they become rarer and rarer parts of collections and eventually parts of our culture are lost. Why should a 65 year old scratchy recording of someone reading a story about an inchworm be unsharable? It’s all so that we don’t send around copies of a horrible black and white cartoon of a poorly drawn mouse driving a steam boat and so that stores on the beachfront in Miami can’t airbrush said mouse onto a shirt (or wait does that happen already?). The law in Austrailia is a generous 50 years and the US is trying to push the Ozz to move to 70 years as well.  We have made other countries do this already. And 70 is just a “Magic Number” anyway and one should always avoid “Magic Numbers”.  (A principle I was taught early on in my coding carreer.) 

Yes this is a hot-button issue for me J

Links:

An interesting article on the 2002 case that extended this law.

WikiPedia’s discussion on the various “free license” differences out there. It will be helpful for those put their own pictures on the various hosting services out there. 

The relevant part is here:

For image creators:

If you are the creator of an image, you can choose any acceptable free license. You can multi-license your image under different licenses, if you prefer. The license must not prevent commercial reuse or derivative works.

GNU Free Documentation License - GFDL-self - Written by the Free Software Foundation. People are required to attribute the work to you, and if they make changes or incorporate your work in their work, they are required to share their changes or work under the same license.

Creative Commons: Attribution-ShareAlike - cc-by-sa-3.0|Attribution details - This is one of several CC licenses. This version permits free use, including commercial use; requires that you be attributed as the creator; and requires that any derivative creator or redistributor of your work use the same license. The desired attribution text should be included as a parameter in the template.

Creative Commons: Attribution - cc-by-3.0|Attribution details - Similar to the above, but does not require that derivative works use the same license.

Free Art license - FAL - A copyleft license for artwork; modification and commercial use are allowed, provided derivative works carry the same license.

Attribution - Attribution - The copyright holder allows anyone to use it for any purpose, provided that the copyright holder is properly attributed.

Copyrighted Free Use - CopyrightedFreeUse-Link|[http://www.yourwebsite.com/ Your website] - Same as above, but attribution is not required. However, as a courtesy, you would appreciate a link back to Your website.

Public domain - PD-self - The creator permanently relinquishes all rights to the work.

NOTE (TO B5 READERS): b5media does not fall into the same business category as Wikipedia. Should you see “fair use” stuff on various Wikipedia pages, just be aware that various points may directly contradict our policy. I personally wouldn’t try to argue using Wikipedia’s “fair use” policy after violating b5media’s image use policies.  That’s why I didn’t like to their policy. ‘nuff said.

Also the Electronic Frontier Foundation (EFF) http://www.eff.org/ always has interesting reads (like this http://w2.eff.org/bloggers/ ) and advocate changing the laws rather than breaking them. I don’t always agree with what I read there, but it is always interesting.