Jeff Reifman http://jeffreifman.com Lookahead Consulting, Seattle, Washington Thu, 30 Oct 2014 17:21:08 +0000 en-US hourly 1 http://wordpress.org/?v=4.0 Huge WordPress Hosting Promotion at WPEnginehttp://jeffreifman.com/2014/10/30/huge-wordpress-hosting-promotion-wpengine/ http://jeffreifman.com/2014/10/30/huge-wordpress-hosting-promotion-wpengine/#comments Thu, 30 Oct 2014 17:21:08 +0000 http://jeffreifman.com/?p=4008 Visit WPEngine and use the code “WPESF14″ at checkout. – expires Nov. 2, 2014 at midnight CDT. The personal plan is only $40 annually, a fantastic bargain. Consultants can host 10 large sites for $61 monthly or 25 sites for $186 monthly. If you’re a blogger, WPEngine also has one of the best affiliate programs in the business.

The post Huge WordPress Hosting Promotion at WPEngine appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
Visit WPEngine and use the code “WPESF14″ at checkout. – expires Nov. 2, 2014 at midnight CDT. The personal plan is only $40 annually, a fantastic bargain. Consultants can host 10 large sites for $61 monthly or 25 sites for $186 monthly.

If you’re a blogger, WPEngine also has one of the best affiliate programs in the business.

WordPress Hosting at WPEngine

Huge Promotion at WPEngine

The post Huge WordPress Hosting Promotion at WPEngine appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/10/30/huge-wordpress-hosting-promotion-wpengine/feed/ 0
Followup Q&A to Geekwire Commentary on The Seattle Times and the FBIhttp://jeffreifman.com/2014/10/30/followup-qa-geekwire-commentary-seattle-times-fbi/ http://jeffreifman.com/2014/10/30/followup-qa-geekwire-commentary-seattle-times-fbi/#comments Thu, 30 Oct 2014 03:08:59 +0000 http://jeffreifman.com/?p=4002 I received a handful of good questions and comments in response to my Geekwire commentary: Outrage over FBI’s online tactics highlights knee-jerk Internet culture (also on Slashdot). I made some additional inquiries to Media Spokesperson Ayn Dietrich-Williams at the FBI about these and would like to respond to the most pertinent reader points below. Levi Pulkkinen at Seattle PI also wrote ...

The post Followup Q&A to Geekwire Commentary on The Seattle Times and the FBI appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
I received a handful of good questions and comments in response to my Geekwire commentary: Outrage over FBI’s online tactics highlights knee-jerk Internet culture (also on Slashdot). I made some additional inquiries to Media Spokesperson Ayn Dietrich-Williams at the FBI about these and would like to respond to the most pertinent reader points below.

Levi Pulkkinen at Seattle PI also wrote this detailed, informative piece which I recommend. For context, it’s helpful to know this case consisted of an ongoing series of bomb threats, writes Pulkkinen, “His threats had forced Timberline to evacuate daily for nearly two weeks. With police unable to identify him, the FBI fired up the spyware.”

Q: Did the FBI have a warrant?

A. Yes, the court approved a warrant for the FBI to deploy a CIPAV to the suspect’s machine.

Here’s what the FBI said the CIPAV would do (see page 12-13 here):

“cause the activating computer to send network level messages, including the activating computer’s originating IP address and MAC address, other variables, and certain registry-type information … it will conduct a one-time search of the activating computer and capture the information described … after the one time search, the CIPAV will function as a pen register device and record the routing and destination addressing information for electronic communications originating from the activating computer”

Q: If the FBI knew he had a Myspace account and had his MySpace ID (since, after all, they emailed him there), why didn’t they just ask MySpace (and by “ask”, I mean “force them to hand it over with no recourse to question the ‘request'”) to hand over IP address?

A: The FBI did. See page 12 again. The suspect was sophisticated enough to use compromised computers to mask his true IP address.

Q. Was The Seattle Times impersonated?

People were confused by initial tweets about this. While FBI agents in private emails used The Seattle Times AP content as a model, the times itself was not used in the operation in any way. There was no fake Seattle Times website or fake page.

Q. Was there a fake AP website?

A: A webpage was created with a fake AP article.  A link to this page was sent via MySpace email to an account holder claiming responsibility for the bomb threat. The link said “article” and the url did not include any words similar to The Seattle Times or Associated Press. The only way the public would have seen this fake site is if the suspect had shared the link on MySpace or somewhere else.

So, yes, there was a fake website set up for a known bombing suspect to visit.

But, no, there wasn’t really a fake website that the public would likely encounter – though it was possible – specifically if the suspect shared the URL on MySpace.

Q. Did the FBI agent impersonate the media in some other way?

A. The FBI can’t reveal anything else about undercover agent who sent the email or the details of the operation.

Personally, I think it’s most likely that the agent posed as another MySpace user who emailed the article link. I think it’s less likely the agent posed as a journalist.

Q. Does publishing a fake AP blurb on a web page that only a known bomb suspect sees qualify as “impersonating the media”?

A. In my opinion, only in the very slightest way. The PI quotes Seattle Times Editor Kathy Best as saying, “Small as it was, the fake report chips away at the media’s credibility, Best said. Enough chips, and the foundation might crumble.” I think that’s overly alarmist given the facts of this particular case. Journalism is stronger than this. Read more on this point further below.

Geekwire commenter Rick said: “the main issue is that the FBI did not get permission from the AP to use their name. Impersonating someone without letting them know is an ethical no-no, it doesn’t matter how you slice it.”

I disagree. I think this is the kind of smart police work we want to see. I think it’s well understood by the public that catching bad guys requires cleverness and some level of subterfuge. We accept the concept of undercover agent. Would we eliminate all undercover agents purporting to be something they are not?

On Twitter, the ACLU’s Christopher Soghoian and Freedom of the Press’ Trevor Timm posted a few questions and comments.

Q. Does the fact that the FBI kept the judge in the dark about how they planned to deliver their malware change your analysis? The court had no idea the FBI would impersonate the press. The search warrant application doesn’t mention that.

The FBI said that it does not disclose details of its operational or deployment tactics in affidavits for search warrants. While not transparent, this is understandable; lest the bad guys learn their tactics.

My understanding is that the agent must appear before a judge and sign the affidavit in front of them. The judge has an opportunity to ask questions of the agent but there is no public record of the content of this discussion.

So, we don’t know what the judge knew or didn’t know. In the absence of information, even with as much faith as I’ve lost in Congress and the Supreme Court, I generally will give the benefit of the doubt to judges to be smart and responsible.

Soghoian: you won’t find the word “hack” or “exploit browser flaw” in any of the FBI’s malware warrant applications.

On Twitter and in online discourse – people often want to shout their views and convince everybody that they’re right and the other is wrong. It’s really okay for us technologists to have different views and values on issues such as these.

I personally am okay with the government exploiting technology to fight crime. I also understand that transparency can’t always be provided in these circumstances. But, I’m a believer that government should offer as much transparency as it can and a lot more than it does today.

If you want to dive into specifics on which technology exploits are okay and which aren’t – that’s fine – but I was only calling attention to the issues of this case.

Again, the judge would likely have had a chance to question the merits and details of the warrant request.

Soghoian: The type of case doesn’t matter. Impersonating the press, clergy or doctors should be off limits to the government.

Timm: some good points, but i think the main issue is impersonating news orgs not that they were targeting him.

Again, I think it’s okay for us to have differing opinions – and to support making space for  different opinions in our online discussions.

I’m not going to accept black/white thinking on the issues of press, clergy or medical impersonation. I know the damage caused by the CIA using vaccinations as a guise to surveil Bin Laden’s compound in Pakistan. I’m not sure I’d condemn the tactic in that case. A different tactic might have been better but I don’t think I’m in a place to make a clear judgment. Remember in the Soprano’s when Tony would go to his doctor’s to talk to his mob family to avoid surveillance? I’m not willing to draw a black/white line on this either.

Scott Greenfield tweeted this today in response to Soghoian: “Why binary thinking may be fine for geeks but monumentally bad for humans.” I agree with him here.

I personally think it’s smart, effective government/law enforcement when these tactics are appropriately applied … and I think this particular case showed checks and balances involved (the court warrant), restraint (the operation was escalated after other avenues were exhausted) and it was an appropriate use of technology (it was precisely targeted) to catch a perpetrator of a series of serious threats.

I’ve worked with journalists off and on since 1995. I’ve spent time in a number of newsrooms. I’ve been a three time grantee of the John S. and James L. Knight Foundation, a journalism foundation. I’ve written three cover stories for Seattle Weekly. I care deeply about the fourth estate. I’ve also found that journalists tend to be self-important blowhards (update: this was perhaps too harsh – instead, I’ll say many have a tendency towards self-importance). They’ll call for a ban on government impersonation of themselves and then they’ll go off and write listicles or delay vital information for “news at 11”.

What GeekWire cut from my piece was this paragraph: Anyone that’s followed The Seattle Times over the years knows that it’s hardly a consistent site for journalistic integrity. In 2012, the paper gave more than $75,000 in free advertising to Republican gubernatorial candidate Rob McKenna in the guise of marketing its advertising business, it’s editorial page has been a long time critic of the estate tax on behalf of its billionaire publisher and it chose not to report on Microsoft’s billion dollar Nevada tax dodge while making the director of the company’s tax dodging operation a Seattle Times Luminary.

The failures in ethics at The Seattle Times hasn’t managed to destroy journalism in Seattle. Nor has the existence of Fox News. Good journalism cannot be undermined. It wins on its merits. I have complete faith in this.

One person said I was “Astroturfing for the FBI

I contacted the FBI. They didn’t contact me. Just to be super clear, this is called journalism not astroturfing. Here are my past disclosures (sorry, I know they are a bit out of date – but I have no relationship with the agency).

I thought the outrage at the FBI was misplaced and out of scale for what happened in this case. Given the mass unconstitutional blanket NSA data collection that most of us are outraged and fighting against – I think it’s important that we pick and choose our battles carefully and not make mountains out of molehills; lest we be seen as crying wolf.

I think what happened in this case is an example of the precision police work we should be encouraging – the kind of smart tactical work the NSA should be doing instead of its blanket data collection.

 

The post Followup Q&A to Geekwire Commentary on The Seattle Times and the FBI appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/10/30/followup-qa-geekwire-commentary-seattle-times-fbi/feed/ 0
Introducing BirdHouse: A Twitter API Application for PHPhttp://jeffreifman.com/2014/10/17/introducing-birdhouse-twitter-api-application-php/ http://jeffreifman.com/2014/10/17/introducing-birdhouse-twitter-api-application-php/#comments Fri, 17 Oct 2014 18:07:01 +0000 http://jeffreifman.com/?p=3984 My latest PHP application lets you manage and build on the Twitter API; it’s called Birdhouse. Here’s a summary of the features that Birdhouse currently offers: Manage multiple Twitter accounts Support for the Twitter REST API and User Streaming API Syncing and browsing the home timeline, user timeline, mentions, favorites Syncing and browsing your entire historical user timeline, mentions (up to ...

The post Introducing BirdHouse: A Twitter API Application for PHP appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
My latest PHP application lets you manage and build on the Twitter API; it’s called Birdhouse.

Here’s a summary of the features that Birdhouse currently offers:

  • Manage multiple Twitter accounts
  • Support for the Twitter REST API and User Streaming API
  • Syncing and browsing the home timeline, user timeline, mentions, favorites
  • Syncing and browsing your entire historical user timeline, mentions (up to 800) and favorites
  • Access to your Twitter history in MySQL (for do it yourself data mobility)
  • Archive favorites to Pocket and optionally unfavorite them on Twitter for privacy
  • Syncing and browsing friends and followers, including their follow counts and Klout scores
  • Managing your owned Twitter lists, creating new lists, adding groups of users to lists and removing members from lists
  • Posting tweets, scheduling tweets for a specific date and time
  • Posting recurring tweets with time randomization
  • Posting tweets via pre-defined echo patterns to increase exposure over a few days, a week or a month
  • Auto-deletion of older tweets older than a certain time range e.g. 30 days
  • Collects email addresses from the bios of your friends and followers.

Browse the whole feature guide. And, there’s more to come. Please check it out.

My other offerings include:

  • Simplify Email – a powerful mail filtering application for IMAP e.g. gmail
  • Simple Monitor App – a do it yourself server monitoring application with smartphone notifications
  • WordPress Quickstart – a pre-configured, pre-optimized installation of WordPress to help you launch sites in minutes

The post Introducing BirdHouse: A Twitter API Application for PHP appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/10/17/introducing-birdhouse-twitter-api-application-php/feed/ 0
Healing from Difficult Breakupshttp://jeffreifman.com/2014/10/17/healing-from-difficult-breakups/ http://jeffreifman.com/2014/10/17/healing-from-difficult-breakups/#comments Fri, 17 Oct 2014 17:48:14 +0000 http://jeffreifman.com/?p=3981 My latest essay describes simple ways to activate your parasympathetic nervous system to support the process of healing from a breakup: “Studies of fMRI scans show that breakups affect the same areas of the brain associated with drug addiction and withdrawal. The process of ending our intimate connections with loved ones can take a profound physiological toll; no wonder it is ...

The post Healing from Difficult Breakups appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
My latest essay describes simple ways to activate your parasympathetic nervous system to support the process of healing from a breakup:

“Studies of fMRI scans show that breakups affect the same areas of the brain associated with drug addiction and withdrawal. The process of ending our intimate connections with loved ones can take a profound physiological toll; no wonder it is among the most difficult human experiences.

The disruption of intimacy and the dramatic change in our routines can leave us in pain and feeling isolated; these abrupt changes literally jar our nervous system. For some people, breakups cause trauma, triggering psychological echoes of earlier wounding. Fortunately, the science of human physiology can guide us on the road to healing.

The sympathetic and parasympathetic nervous systems control many of the basic functions in the human body. Put simply, the sympathetic nervous system manages our fight or flight response which has evolved to keep us safe from predators and the threats of daily living, while the parasympathetic nervous system is responsible for resting, digesting, and recovery. Difficult breakups activate the sympathetic nervous system as if we were under an actual threat, often resulting in the agitation, lost appetite, and disrupted sleep that many of us feel during breakups.

My recipe for healing is quite simple: pursue activities that reactivate the parasympathetic nervous system. The more time your body spends with its parasympathetic system activated, the easier it will become to return to feelings of rest and relaxation. These periods of calm will help reregulate your nervous system and return it to its normal, pre-breakup rhythms.”

Read the full post: Using Science to Heal from a Difficult Breakup

The post Healing from Difficult Breakups appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/10/17/healing-from-difficult-breakups/feed/ 0
How to Install the Ghost Blogging Platformhttp://jeffreifman.com/2014/09/30/install-ghost-blogging-platform/ http://jeffreifman.com/2014/09/30/install-ghost-blogging-platform/#comments Tue, 30 Sep 2014 22:03:03 +0000 http://jeffreifman.com/?p=3869 Getting Started This tutorial describes how to install the open source Ghost blogging platform on Ubuntu 14.04 LTS at Digital Ocean. You’ll want to have a domain name or sub-domain registered for the app, e.g. http://yourghostblog.com. If you don’t have a registrar or need more information, I recommend NameCheap. Creating Your Server Instance Sign up at Digital Ocean now, the process is simple and only ...

The post How to Install the Ghost Blogging Platform appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
Getting Started

This tutorial describes how to install the open source Ghost blogging platform on Ubuntu 14.04 LTS at Digital Ocean. You’ll want to have a domain name or sub-domain registered for the app, e.g. http://yourghostblog.com. If you don’t have a registrar or need more information, I recommend NameCheap.

Creating Your Server Instance

Sign up at Digital Ocean now, the process is simple and only requires your email and password:

signup-do

Digital Ocean’s cloud instances are called Droplets. Once you sign up, you can create your first Droplet using the selections below. You’ll want to have a hostname (domain or sub-domain name) chosen for your site in mind. Here’s the main menu at Digital Ocean:
Create your droplet at Digital Ocean for your Ghost Blog

Select Create Droplet and type in your domain name as the host name. Choose the $5/mo. option to begin:Create Your Droplet

 

 

Select the geographical region nearest to you:

Select the Region for Your Digital Ocean Droplet

 

Select the prepared image for Ghost 0.5.x on Ubuntu and click Create Droplet:Choose Application Ghost 0.5 on Ubuntu

You’ll see the Droplet creation progress bar:
Creating Your Droplet

Creating a droplet only takes a minute. Digital Ocean will email you your IP address and root password. You’ll arrive at the Console page for your new Droplet:

The Digital Ocean Droplet Created Screen

Once you have your IP address, you can begin the process of mapping your domain name to the droplet e.g. yourdomain.com to your IP address. Visit your domain registrar’s DNS settings and change the A record for your yourghostblog.com to the new IP address e.g. 54.234.124.117.

Wait until your DNS changes propagate (sometimes up to several hours or more – check them here), try to connect via SSH using your domain and the password provided in the Digital Ocean email. Visit your domain name in your web browser and you should see the new Ghost home page:

Ghost Blogging Home Page

 

Visit the administration page to set up your Ghost blog e.g. http://yourghostblog.com/ghost:

admin-setup

And, you’re ready to start blogging with Ghost. Next, read the Getting Started with Ghost documentation. Also, follow my Tuts+ author page for my upcoming tutorial on Ghost 0.5.

Please feel free to post corrections, questions or comments below. I’d be especially interested in alternate approaches. You can also reach me on Twitter @reifman or email me directly.

The post How to Install the Ghost Blogging Platform appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/09/30/install-ghost-blogging-platform/feed/ 0
My Experience with Seattle PD Response to Property Crimehttp://jeffreifman.com/2014/09/26/experience-seattle-pd-response-property-crime/ http://jeffreifman.com/2014/09/26/experience-seattle-pd-response-property-crime/#comments Fri, 26 Sep 2014 21:38:34 +0000 http://jeffreifman.com/?p=3861 Here are my personal experiences with the Seattle PD’s capacity to respond to property crime: 1. September 2014: Current holder of my stolen MacBook Pro with serial # verified by Apple support is heading to South Center at 6 pm for a Genius Bar appointment. The option I’m given is to call the Tukwila non-emergency # and ask for an officer to accompany me ...

The post My Experience with Seattle PD Response to Property Crime appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
Here are my personal experiences with the Seattle PD’s capacity to respond to property crime:

1. September 2014: Current holder of my stolen MacBook Pro with serial # verified by Apple support is heading to South Center at 6 pm for a Genius Bar appointment. The option I’m given is to call the Tukwila non-emergency # and ask for an officer to accompany me to retrieve the laptop. I’ve also handed contact details of the support call to Seattle PD to follow up (the laptop holder provided a phone#) / response pending.

2. February 2014, the burglars who broke into my home used a credit card to buy gas that evening. I provided Seattle PD with the transaction details and manager contact at the convenience store with the surveillance video. They didn’t follow up on it.

3. Early 2000’s. Home burglarized. Expensive (at the time) LCD monitor shows up on eBay. Police unwilling to follow up. Credit cards used at a nearby OfficeMax. When thieves try to return the merchandise they purchased for cash, store employees whom I’d spoken to take photos of them and their license plate. By the time Seattle PD detectives follow up, they said they believed the thieves have left town.

4. Late ’90s. Girlfriend’s car stolen. Police pretty much disinterested. Someone found her stuff in West Seattle, when I went out there to pick it up for her, I came across the thieves driving her car … only then did the police respond (and they did make an arrest). I think the case was ultimately dropped because the police didn’t show up to testify (but I am not certain).

The post My Experience with Seattle PD Response to Property Crime appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/09/26/experience-seattle-pd-response-property-crime/feed/ 0
Apple Continues Support for Stolen MacBooks and Deviceshttp://jeffreifman.com/2014/09/26/apple-continues-support-stolen-macbooks-devices/ http://jeffreifman.com/2014/09/26/apple-continues-support-stolen-macbooks-devices/#comments Fri, 26 Sep 2014 20:59:55 +0000 http://jeffreifman.com/?p=3859 Apple has no policy of reporting stolen computers brought in for support to the police. In fact, they continue to provide warranty care and service. My home was burglarized in February. Over the last few days, Apple’s systems notified me that someone with my MacBook Pro 15″ Retina made a Genius Bar appointment and provided their phone number for support ...

The post Apple Continues Support for Stolen MacBooks and Devices appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
Apple has no policy of reporting stolen computers brought in for support to the police. In fact, they continue to provide warranty care and service.

My home was burglarized in February. Over the last few days, Apple’s systems notified me that someone with my MacBook Pro 15″ Retina made a Genius Bar appointment and provided their phone number for support calls. I’m waiting to see if the Seattle Police department will follow up on this information, in my experience, their track record on property crime leads is quite poor (I have several stories).

However, in speaking with Apple, they do not have a mechanism for device owners to submit police reports that identify stolen devices by their serial #’s. So, instead of reporting to police when stolen devices come in for support, they simply continue to provide warranty support.

I don’t feel sorry for the current holder of my Macbook Pro who is now having problems powering on the device, according to Apple, but it’s likely Apple will give him a brand new MacBook today when he shows up for his Genius Bar appointment.

I would request simply that Apple provide an email address for owners to submit police case reports with stolen serial #’s and that Apple report support requests for these devices to local law enforcement. It’s surprising they have not done this.

The post Apple Continues Support for Stolen MacBooks and Devices appeared first on Jeff Reifman. Follow @reifman on Twitter.

]]>
http://jeffreifman.com/2014/09/26/apple-continues-support-stolen-macbooks-devices/feed/ 0