Donors Choose - Grizzly's Giving Page

Monday, April 27, 2009

Not All That

For a while now, I've been watching my way through "ReGenesis," a Canadian TV show I found on Hulu.  I recommend it, it's very good, about a fictional agency established by Canada, the US, and Mexico to deal with infectious diseases, epidemics and such.  Great characters, dramatic situations, and I think rather more believable because they are rather more dramatic.

It took me a while to figure out that one of the more unusual characters, Bob, has Asperger Syndrome.  Bob is more noticeably impaired than I am, but he's also a quirkily brilliant bacteriologist and biochemist.  He has what might be called a savant gift.  He has a nearly encyclopedic knowledge of his field, and he has a knack, not necessarily for finding the answer to a puzzle, but where to look next.  Some days it seems like I have a similar knack.

But of course, he's a bit more impaired than I am.

It struck me this evening, though, that there may be a pattern there.  I have been, I suppose, lucky to not be impaired in the way that character, Bob, is.   But I'm also not gifted the way he is.  And I wonder if those of us who have been less impaired, are generally also less gifted.  Part of the definition of Asperger as part of the Autistic spectrum is that we are of normal to high intelligence.  I just happen to be fairly normal.  Well, maybe a little bit high.

Bob's gift is understanding bacteriology.   My gift, perhaps sadly, is sounding good on a microphone.  I may know absolutely nothing about any given topic, but I can sound like I do.     I am, in fact, an unemployed telemarketer who spends way too much time tapping away on a computer keyboard.  But I'd listened to a fair number of podcasts about PR, thiinking I might learn enough to help promote my podcast.

The other day, I called into a podcast on Public Relations called "For Immediate Release."  They were talking about software for creating PR metrics for Social Media.  I am not in PR. I am not a programmer.  But I have my gift.

I stopped in the chatroom for the live stream, and asked a question that turned out to be exactly the right question.  Then I called in on their call-in line and asked another exactly right question, and another that I didn't explain well, but it sounded intelligent enough they were able to answer intelligently what they thought I was asking.   I actually sounded like I knew what I was talking about, because I very nearly did.

And I'm still an unemployed telemarketer.  My particular gift helps on that job, perhaps understandably.

I wish I had a gift that'd get me a better job, though.



Friday, April 24, 2009

#LRNY and #SYFY

Did you hear about that Land Rover promotion attempt on Twitter? They paid a couple thousand people with lots of followers on Twitter to Tweet about Land Rover's new line and their participation in the New York Auto Show, as I understand it, using a #LRNY hashtag. The big conflict online was whether it was entirely appropriate or honest to pay people to Tweet about your products, and for that matter, whether it was particularly effective.

I don't have access to the metrics that Land Rover is using to evaluate the process. I honestly don't know if anyone outside of Land Rover will ever know the results. But I can certainly see the reasons for the objections. Quoting Tee Morris again, this is "Social Media without the Social." Land Rover used Twitter as a broadcast medium. They don't seem to have made any effort to allow their theoretical audience to respond via Twitter, or to interact directly with the company using that tool. It was at best a waste of the available power, and it was a bit insulting, as if us Regular Folks on Twitter were not worth talking to directly. They could have done better with some responsive Land Rover account or accounts on Twitter, the public faces of real people inside Land Rover, being retweeted by those paid individuals, or having them give pointers to the primary accounts. At least that would be them talking, not a bunch of unconnected individuals simply parroting the words as if they meant them.

In fact, as I thought earlier today, at it's heart, this wasn't Social Media, this was Social Engineering. If you're unfamiliar with the term, Social Engineering is a set of techniques used by hackers to mislead folks as to their identity, so as to convince those folks to do as they want. The process Land Rover followed tended to give the impression that their hired agents of influence were sincere in their expressions of the value of the Land Rover product. Perhaps they were. But how much of that apparent enthusiasm was for the money rather than for the product?

If the #LRNY process wasn't misleading Social Engineering, it'd be hard to measure the difference in my opinion. As the Senate Ethics Committee has been known to put it, "One must avoid even the appearance of impropriety."

However, there is a chance this idea might have a new life, hopefully better handled. I Tweeted the SVP/GM of the SciFi channel, @CraigatSciFi, suggesting they might use the hashtag #SYFY to promote their upcoming name change. He seemed enthusiastic about the idea, and said he'd passed the idea along to the marketing gang.

It strikes me that SYFY has one lovely and unique promotional opportunity. Podiobooks authors, in particular Science Fiction authors, have repeatedly "rushed" Amazon, by getting their books up to the top of the charts by having as many of their fans as possible buy their books all in one day.

SciFi could do something similar, but with no money involved. Have all their fans start posting with the #SYFY hashtag for one hour prior to the moment when the new name takes effect. See if that combined effort can make #SYFY the top trending topic on Twitter. Doesn't cost anything, it's a totally meaningless and futile, pointless and nihilistic, a truly pyhrric victory. But kinda fun, and just the sort of thing a SciFi fan is liable to want to try. Kind of a nod of respect to the Science Fiction fans that originally made this channel viable.

Now if he really wanted to make this a successful campaign, have a unique reward at the end of the process. Not a drawing; been done, doesn't work well. But how about bringing back a science fiction franchise that's been unfortunately abandoned?

"Firefly" would be my choice. Granted Firefly is owned by Fox, last I heard, but hey, you've got a science fiction cable network, you have the tools to acquire the franchise. And Firefly certainly qualifies as an abandoned franchise, and certainly has an enthusiastic fan base, a "cult following," if you will.

So, here's the idea: Buy the Firefly franchise from Fox. At least you get to run the existing shows on the network. BUT, if the #SYFY hashtag hits the Top Trending Topics on Twitter list on D Day at H Hour, you promise to remobilize the Firefly franchise, either by bringing back the series as such, or by doing what they did with Star Trek, bring out a new series in the same universe.

The channel gets back it's science fiction street cred. The fans get back an excellent series. And Syfy gets to be the first to -successfully- use a hashtag for promotion purposes. Everybody wins. Just sayin'.

So, if you see a #SYFY hashtag out there, you can thank me later. Or hey, blame me, I'm fine with that. I'm a fairly clever idea guy, after all. I told @craigatscifi I'd bill him later. Think I ought to?

Griz

Thursday, April 23, 2009

TWITTER: Welcome to the Party

On my last podcast I indulged in an extended rant about Twitter and how the celebrities and SMEs are abusing it in my opinion. I haven't changed my mind, but at least I'm not as pissed off as I was.

So, to be fair, I ought to say what I think is the right way to behave on Twitter. First important thing to know: TWITTER IS NOT MICROBLOGGING. When all your Twitter options were straight-up Tweets and Direct Messages, maybe it was. Add in the option of @Replies, directed at a particular person but heard by anyone who cares to listen, it's not any sort of blog. It's a conversation.

I figure there are many different people with different reasons for being on Twitter. So the best tool for explaining good Twitter behavior is a metaphor that offers a number of contexts that cover the possibilities. The best one I've come up with is a cocktail party. It's not perfect, but metaphors are like that sometimes.

Notice, not a beer bust, not a frat party, not a convention, not a lecture, not a sales meeting. A cocktail party, like the ones you used to see on TV in the '60s and early '70s. The kind of parties for which people turned their basements into recreation rooms. In this case, we're talking about a much larger building, if you will, with many rooms. And
it's a free and open cocktail party. Everybody's invited, though not everybody will show up. I suppose this metaphor could be extended to other social media environments, but I think the others are much different.

Again, different people have different reasons for coming to the party, different goals they'd like to accomplish. If you're a celebrity, I'm sure you'd like to have every eye in the place on you. If you're a businessperson, I'm sure you'd like to be able to do some networking, maybe resolve some customer service issues, maybe even make contacts
that result in sales.

Now, if you're a celebrity, do you walk into a cocktail party and start demanding the attention of everyone in the place? If you're a business person, do you start striding through the party, interrupting conversations and shoving business cards into any available hand? No, because it'd be rude, and many people'd try to get as far away
from you as possible. Some of them might strike you about the head and shoulders. But naturally, I'd feel bad about it later.

If you're a politician, do you go stomping through the crowd, shaking random hands, kissing babies and passing out leaflets? Well, probably. But if only you're a just a politician and have no hope of people expecting better from you than from all the other candidates. Trust me, we don't expect much. But we always hope for more, and you have
an important opportunity you won't want to miss, if you are actually smarter than the average politician.

If you're that important, people will find you, and tell other folks they found you. If you aren't, acting like a jerk won't do anything very good for you. It'd probably get you some seriously bad press. And it would be well-deserved bad press. If people want to come listen to you talk, they'll do that. Otherwise, your best bet is to avoid ruining the party for everybody.

So what should you do? Well, as an intelligent, thinking human being, what would you do at that hypothetical cocktail party? You'd quietly let the word spread you were going to be there, you'd let the word spread that you've actually shown up, and you'd spend your time being interested in the other people there. Why? Because this is a unique opportunity for you to do that. If you're interested in them, they'll be interested in you. And they'll like you better, and not beat you about the head and shoulders.

They've heard your performance, your sales pitch, or your stump speech elsewhere. Some of them want a chance to get to know you. All of them want you, and everybody else, to get to know them, to hear their concerns, laugh at their jokes, look at their kids' pictures. You have lots of opportunities for people to hear you. They finally found their opportunity to have people hear them. Let them have that.

And if you listen to them, and occasionally mention how your life is like theirs in some ways, and different in others, that you have in common, what you don't have in common, then it's likely more of them will actually be willing to listen to you, ask you questions, and value your responses.

Likewise, in the context of the cocktail party, it's obvious why the behavior of spammers is just plain wrong. Even those who attempt subtlety are pushy and rude and blatantly phoney. Picture that same behavior at a wedding -- YOUR wedding! -- or a bar mitzvah, or a birthday party. You'd agree with everybody else they'd be acting like jerks, right? So why would you encourage or even tolerate that behavior at this particular party? And why the hell would you want to pay someone to act that way on your behalf?

Granted, this party's pretty big, and there's the option to walk away, what they call Unfollowing. But the other day, for example, I had a fella send a Reply to me and another guy, interrupting our conversation, with a spam message. He wasn't following either of us. I'd bet he'd done some sort of search for keywords, saw a keyword about what he
was selling in that one tweet, and sent the message with no idea what else we were saying. This is the equivalent of hearing one word across a crowded room between complete strangers, and running across the room to elbow your way in to pitch your product. And what were we discussing when he so rudely interrupted? We were discussing spam
and spammers, and how annoying they were. He didn't know that, and he didn't care. And that's happened to me twice in the last week. Sorry, started ranting again.

And what if you're not a celebrity, a business person, or a politician? At any big cocktail party, with celebrities, business people and politicians showing up, there will be some people who come just to rub elbows with the big names, people they've heard of. Nothing wrong with that. And there will be just Regular Folks who heard it might be interesting and fun.

If that describes you, start by taking a suggestion from Douglas Adams "Hitchhiker's Guide to the Galaxy." DON'T PANIC! What would you do at that cocktail party? If you're smart, you check your coat at the door, grab a drink at the bar, and start looking around first. Sure, look to see if those celebrities you've heard about are around.
But wouldn't you also see if anyone you know is at the party? Maybe you want to hang with your friends, maybe even for the whole party. Nothing wrong with that.

I'll only cover two technical points to you new folks on Twitter. Any Tweet you post that is not an @reply can only be seen in three cases: If someone is following you; If someone is reading the Public Timeline, basically trying to read every Tweet from all the millions of folks on Twitter; or If someone does a search for some of the words you used. When you start, no one is following you. You can't send a Direct Message to someone who is not following you. So the only
way people will see what you have to say is if you send an @Reply to one of their Tweets.

Other than the technical aspects, if you don't know how to join in a conversation on Twitter, you don't know how to join a conversation anywhere. I think I probably manage okay. And I have Asperger Syndrome. So it can't be that hard to do it right.

How do you find other conversations? What would you do at the cocktail party? Wander around, drink in hand, and listen in on a few conversations. Profiles are a bit like really large nametags, I suppose. So check nametags, see if anyone does similar stuff to what you do. Searches are like eavesdropping, with no particular chance of folks noticing
you listening. If folks are discussing something that interests you, you're welcome to listen for a while, by following them, and maybe comment, by sending an @reply, if you stay on the topic they're discussing. If they're discussing fishing, don't walk up and say, "Hi, I'm Bob, and I sell shoes!"

Less obviously, don't walk up and say, "Hi, I'm Bob, and I sell fishing tackle!" If they were looking for someone who sold fishing tackle, they'd have come searching for you or a dozen others like you. Do you like to fish? Why not join the conversation talking about fishing, the topic already being discussed? The fact that you actually -sell- fishing tackle can come up later, of course, casually, in passing.You'll note I say conversation is okay. I've read lots of blogposts saying Twitter isn't for conversation. Lots of folks seem to think Twitter is for really short monologues, that's why they call it "microblogging." I disagree strongly. I think it's only for conversation.

You can try to do a monologue. If people are willing to listen to your monologues, they'll follow you. If they find those monologues interesting, they may well continue following you, and if they don't, they won't. And don't be surprised if they start a conversation in spite of your intention.

If you want to deliver a monologue, start a blog, or start a podcast. That's what I did, and it isn't hard.

Twitter is a conversation, where no one is compelled to talk, no one is compelled to listen to anyone they choose not to hear, and everyone has to stop for breath after two or three sentences, and let other folks say their piece. That's the way every good conversation has to be, in my humble opinion. And if you're a celebrity or a businessperson
or a politician who doesn't like that sort of conversation, you know where the door is. Don't forget your coat on the way out.


Tuesday, April 14, 2009

Susan Boyle, Girl Singer

Wonder who'll play Susan Boyle in the movie?

She does have an excellent voice. Couldn't hear it all that well in the video, what with the screaming and such from the crowd, though.

You know what I've noticed, in the many times I've watched the video? (The seven-something-minute version is the best to get the full effect.) I keep going back and correcting myself each second.

I admit, the first time I got pointed to the video, I just watched the first part. And I thought, "This is just another time the folks of the Interweb have found an ordinary person to ridicule." So I stopped, and didn't watch the rest.

Tonight, I went back and actually watched her and heard her sing. I was expecting to watch a trainwreck. Then there was that split second when I thought, "Gee, she's really pretty good." "But she's not really that good." "No, wait, she is that good." Repeat the last two sentences for the duration for her performance.

There's the moment when Simon Cowell raises his eyebrows, quite deliberately, I think. But look at his eyes just before his eyebrows go up. That was when I knew this was the real deal for him. And other folks have pointed out his silly grin later on. Fine, that was there. But if you look at his eyes, you can sort of see the gears turning in his money-grubbing lil heart, god love the bastard. She'll get a decent chance at things, I'm thinking.

These sorts of shows are more like winning the lottery than earning a career. Nothing wrong with winning the lottery; I'd like to try that myself, sometime. ;-)

She was a hit because of flawless choice of music, and a rather ordinary appearance that belied her talent, and a pretty decent voice, as far as I could tell. People applauded and cried (me included) for the story as much as the singing, and out of surprise certainly, but also out of identification. Every time I watch the video, I realize she is a significant chunk better than I think she is when not watching. Singing is not just about voice talent, it's also about having the courage to exercise that talent at the right moments, even when a million people are staring and you're scared to death.

Any of us who can sing a bit (me included) would like to believe in our secret hearts that we could do the same, given a chance. But most of us (me included) would never take the risk, at least not at that nationwide, and now worldwide, scale. She did, and she succeeded. Good for her! And now the rest of us aging karaoke-celebrities have no excuses anymore. ;-)

She's really pretty good. Is she That Good? One hopes so, with real training which (as far as I know) she's never received. Luckily, the show is Britain's Got Talent, not Britain's Got Training. She's got enough singing talent to get in the door, and she's got enough raw stage-presence-type talent to get her the training she needs, and an opportunity to go the rest of the way.

Now that she's got this chance, I wonder how she'd have done as an indie artist doing Creative Commons recordings. I suppose we'll never know. But good for her, getting this chance. I hope we continue to hear about the ongoing Saga of Susan Boyle, Girl Singer.



#mikeyy for dummies

By now most folks online have some idea that there was a "worm," "virus" or "phishing scheme" on Twitter over the last couple of days.  True, sort of. 

There have been a number of explanations I have seen online that go into heavy, technical detail about what happened, why,  how, and by whom, written by folks with a lot more expertise on this stuff than I have.  I'm not a programmer, haven't done any coding in years now.  I'm the web-design equivalent of a three year old with some chalk and a bunch of stickers.  But I think I have a pretty fair idea of what happened.  Not as much as the trained folk, and not as little as most folks.  I figured I'd run it down here because (1) I want to see if I can make sense of it, (2) it might make me look clever, and (3) I hadn't put anything in my blog for a long while, so what the hell.

So, what happened, at least roughly, and how could it happen?  Was it a "Twitter worm" or "Twitter virus?"  Not exactly.

Let's start at the simplest level.  There's a whole lot of Stuff on the web these days.  Back at the beginning, though, it was simply a way to convey information.  Words.  Text.  The folks who started it wanted to (a) have the text formatted better, and (b) do a few clever things with connecting one patch of text with another.  That's what HTML is for -- HyperText Markup Language.  Put in some text, put before it and after it, and the middle stuff is bold.  That didn't work, did it?  Fine, but that's the idea.

Web pages, at their hearts, are text.  If you see a picture, the page itself has a text instruction to display a picture file, and a text description of where the picture is.  See, even the instructions are text.

That's just a passive, static webpage.  Want the page to actually cause something to happen?  Write a script.  The script is mostly more text, and the HTML part of the page includes a simple text instruction to run the more complex script.  What runs the script, the web, right?  Nope.  Your browser runs the script.  Your browser reads the HTML, sees an instruction to run a script, and blythely assumes it should just go ahead and do that, since there are after all no Bad People on the Interweb that might want to run a script on your computer to do Bad Stuff.  There are several different types of script, and scripts can do a whole slew of different things, some good, some bad.  But the gist of what I just said is correct, more or less.

If I was a bad guy, I could put a text command in the HTML on my webpage to run a script.  Your browser sees the command, and runs the script.  Since the browser is on your computer, it runs the script on your computer, from inside your browser.  And that script can do anything on your computer that can be done by your browser, or by any other program you run.  Delete stuff, copy stuff, change stuff, whatever.  If I was doing that on my website, it'd be a Bad Idea to go there.

Okay, the Web is a lot more complicated than it used to be Back When I Was A Boy.  Now folks create forms on webpages where simple-minded users like myself can just type Stuff in, and that Stuff gets displayed on the webpage.  This should be no big deal.  After all, all I'm typing in is some Text, right?  Oh, waitaminute...

If there's a field where I can type in my name, and if the name I type in is going to be displayed in your webbrowser... what if instead of typing in my name, I typed in a command to run a script?  Your browser goes to my webpage, sees the SCRIPT command where my name should be, and blythely runs the script.  Ooops.  Bad thing.

So folks who design these forms where you can type in your name & such are supposed to check what you typed in, to make sure that it isn't a command to do anything unexpected, like for example, run a script.  That's just common sense.

Okay, we have a webpage designed in text, a form that allows any user to enter text into the website, and a text command that can run a script.  And here's where the fun begins for us Twitter users.

The folks who designed the User Profile pages for Twitter neglected to create their forms in such a way to make sure one couldn't type commands into those fields, and have them displayed as commands and executed by the browsers of those viewing those Profiles.  They assumed folks entering stuff into Twitter Profiles would be Nice and not do that.  Oops.  And every User Profile is built from an identical template, with a handful of changes Users can make to their own Profile.  So when there's a vulnerability, every User Profile is vulnerable.  Mostly.

What the cracker (possibly Mikeyy Mooney, as he claims) did, was to write a script, and create a couple of User Profiles.  He typed text into the data fields of those user profiles including a command to run that script.

Now in order for you to be able to Follow a user whose profile you're viewing, you have to be logged into Twitter.  When you log in, Twitter creates a token -- a string of numbers and letters -- that it can recognize later.  If I log in, and my browser goes to a page on Twitter, Twitter's website asks for that token, and the one my browser provides indicates This Is Grizzly's Browser.

So I go to one of those User Profiles Mikeyy set up with those commands in the fields, my browser sees the commands and runs the script.  Since the script is running inside my browser, it has access to that Token and can tell my browser to do whatever it's capable of doing.  One thing my browser can do is enter into my own User Profile -- I'm logged in, it's got the Token, it must be Me doing it -- and change my own user data there, to include a command to run that same script.  So the next person that views My User Profile has their browser see those commands, run the script, and change their User Profile, and so on.

Another thing my browser could do, since it's logged in as me, is enter Tweets.  And since the script is acting as Me, it can type in a Tweet or two saying "Go look at Stalk Daily Dot Com."

That's pretty much what happened there, to lots of people.  Not to me, though.

And another thing.  If (1) I'm logged in, and (2) that script runs, the script can copy and send that authentication Token to anywhere on the Internet, pretty much.  And (3) as long as I don't actually log out, even if I close my browser, shut off my computer and leave the country, more or less, that Token stays valid.  If I actually log out, the token becomes invalid.

So if Mikeyy had chosen to, he could have captured all those tokens, and had a program pretending to be a whole slew of browsers access my Twitter account or any other affected account and post anything he pleased, as often as he pleased.  He could change the passwords on any affected accounts.    That (he claims) he didn't do -- but the tokens were, according to some sources, sent back to somewhere.

Couple things you should notice here.  You probably first saw a bunch of messages from folks saying "whatever you do, don't click on links going to Stalk Daily Dot Com."  As far as I know, that script command wasn't on Stalk Daily Dot Com, though, it was on the User Profiles of the people who'd let their browsers read that SCRIPT command and run that script.  So going to Stalk Daily might have been a bad idea for a number of reasons, but not because it was going to get your User Profile changed, or get you infected by this particular malware.  (Never know what other Bad Stuff might have happened.)

You see tweets from people you follow, phrased in an uncharacteristic manner for them, talking about some website you've never heard of -- and sounding spammy -- you wanna see what's going on, you go to their profile, and then you get "infected."  Nothing has changed on your own computer.  Your User Profile is what was changed.  Now, could that script have copied some virus or other malware onto your computer, run some program, deleted some files?  Sure.  Happens all the time, which is why folks tell you not to go to websites you don't know, or click on links from sources you don't know to send you to websites you don't know.

But that wasn't what happened in this case.  The changes were made on your User Profile, not on your computer.  (As far as I know.  But I'm Just Some Guy.)

Why wasn't my User Profile affected?  Because the command on those Profiles on Twitter.com called a script that wasn't on Twitter.com, it was apparently on Mikeyy's own site.  I use Firefox as my browser, and have an add-on called NoScript.  If NoScript sees a command to run a script residing on a site I haven't specifically given permission to provide scripts, the script never gets run.  If you went to one of those User Profiles yourself, and your browser didn't run the script, none of the Bad Stuff happened to you.  This is why, shortly after all the chaos started, folks (including me) posted recommendations to be using NoScript.

If I had gone to a website that I trusted, and told NoScript to allow that site to run scripts, and for whatever reason a script there was written to do Bad Stuff to me, then the bad stuff would happen.  Because I gave permission for it to happen.

Scripts are not necessarily bad.  There are scripts run from my own blog and from my podcast page.  Most of the useful stuff done on the web is done with some sort of scripting or other.  I make an effort to ensure scripts run from my pages are not malicious.  But it's always wise to think carefully before allowing any script to run.  Even honest folk can get hacked.

And why was this "Mikeyy/Stalkdaily Worm" thing so bad?  Because you'd be going to Twitter.com, which you'd assume was a safe site, and be caught off-guard by an attack like this.  Also, because that script would affect anyone who went to a previously infected User Profile and allowed that script to run, and anyone affected could be spewing tweets with links to any site the cracker chose, those links from seemingly legitimate sources could send you to dangerous ground.  Some of those links could claim to point to sites explaining how to remove the whole "Mikeyy worm" thing.

Also, so many folks were panicking and running in circles, and clicking on whatever link was offered by whoever to get info on how to fix whatever was supposed to be wrong, which most didn't understand.  Given it's Twitter, essentially all of the provided links were tinyURLs & Bit.lys & whatnot, allowing no chance to see where the hell you were being sent before you clicked on the silly link.  Even IvanTheReallyHorrendousRussianMafiaHacker.ru would appear as bit.ly/12345, which could be anything.  (Just to make a point, I posted a couple of shortened links to the Rickroll YouTube video.  Don't know how many folks clicked on them, though.)

I won't preach about shoulda/woulda/coulda.  Lots of other folks are already doing that.  But I hope this has made some sense for you.  It's my best of understanding of what happened.

By the way, this wasn't a "Twitter worm."  The messaging tools in Twitter didn't transmit the malicious code, the User Profile websites and Settings websites did.  The messages were impacted by a form of Social Engineering, I suppose.  And the chaos and confusion kept circulating.

And is the whole thing "over?"  Or when will it be over?  Well, Twitter is supposed to be fixing their Settings pages to check the user-entered data to ensure it doesn't include things like SCRIPT commands.  (Which they should have done in the first place.)  If and when they successfully do that, then this particular nasty won't work anymore.  Which is not to say there won't be something else, later.

But if any passwords were stolen, and haven't been changed, then those accounts could be fiddled with again.  Some accounts may have been tampered with in other ways.  Some compromised accounts might have been used to post links to malicious websites.  And even if every aspect of this incident was cleaned up, someone else could come up with something else and betray us once again.

So in a real sense, even when it's over, it's not over, it's never over, and it never will be over.

And what do you think they should do to such folks?  How does that whole "tried as an adult" thing work again?  Lot of angry people out there.

Just sayin'.

Griz



Friday, April 10, 2009

Scott Bourne's Drobo giveaway

I heard on an episode of MacBreak Weekly that Scott Bourne was planning on giving away a Drobo.  I have a vague idea what a Drobo is.  I gather it's kind of expensive, and that I should want one.  I notice on his post he wants me follow him on Twitter (did that), and to add some links to my blog, and I figured the easiest way to include the links was to simply quote that post from his blog:

"So I’m giving away another Firewire, Second Gen Drobo this month. To be eligible to win, here’s all you have to do. You can do any or all of these, to increase your chances to win.

1. Follow me on Twitter - http://www.twitter.com/scottbourne
2. If you like the content I publish on Twitter, simply re-tweet it. That is, type the letters “RT” minus the quotes in front of my content and repeat it, including @scottbourne in the Tweet. No need to RT everything I do, just the stuff you like and no need to do it more than once because it won’t help you win.
3. Put a link on your blog or website to http://www.photofocus.com. (You can get a free blog at www.blogger.com if you don’t have one.)
4. Put a link on your blog or website to http://www.mydl.me. (You can get a free blog at www.blogger.com if you don’t have one.)
5. Tell all your friends about this post so they can have a chance to win too.


That’s it. Do any or all of the above.If you do all the things on the list you increase your chances. But don’t do them more than once. You must be 18 years old or older to win. Taxes are the responsibility of the winner. Void where prohibited by law. The contest is open to anyone, anywhere that Drobostore.com ships as of the give-away date. I’ll give the Drobo away the third week of April Follow me on Twitter to see who wins.

Thanks."

There, that oughta cover it, right?

Griz




Thursday, April 9, 2009

"Personal Effects: Dark Art" gets Mad Props

I really hate horror.  I really do.  You name the author, if it's horror, I don't like it.  That's just me.

But my friend J.C. Hutchins has a new horror novel coming out that you folks who actually like horror, for some crazy reason, will probably enjoy.  How do I know?

Victor Miller, who created the Jason Voorhees and wrote the original "Friday the 13th" says he likes it.  And I'd imagine he'd know.  Here's what he had to say.






So there ya go.  You don't have to take my word for it.


Tuesday, April 7, 2009

It's Really Simple

I just posted a new podcast on "Grizzly's Growls," explaining as best I could an idea I'd had for a non-profit to communicate with their audience.  The question came up at that Minnesota Voices UnConference I attended, but I didn't get the time to try to give the answer.  And then someone from the Conference asked me the same question.

I think the answer is simpler than it looks, just not "easy."  Taking my own advice from the podcast, I decided to copy the text of the podcast over here, to make it more accessible to that audience.



The secret of getting your message to those folks, and to any variety of folks, is to take the complexity on yourself.  They don't have to see it or deal with it, that's your job.  Instead of expecting them to figure out how to get to your content where it is, you but your content in a place they can find it, in a form they can digest, with the tools with which they're comfortable.

Let's put together a hypothetical case.  Let's start with a blog.  Most of the folks at the Unconference were with non-profits.  Some of them, though, were a bit mystified by the basics, and nobody was telling them the basics.

Suppose you're not interested in doing a blog, because it seems like something wild-eyed political types would do, or techy geeks like me would do, or you think it involves telling your life story and talking about your cat.  Well, you can certainly use a blog that way, nothing wrong with it.  I for one happen to like my cat.

But you can also consider a blog simply a tool for managing a website with changing content.  You don't have to care what content other people post with that tool.  You only care about your message.  The Medium is not the Message, if you will.  The Medium is a message, maybe.  But the Medium is just the Medium -- just another tool.  The Message is the Message.  That's all you have to care about.

By the way, how do I know this stuff will work?  Because I've done all this stuff myself for several years now.

So let us start with a Blog.  If you wanna get all high-tech, you could set up something like WordPress, an excellent tool, very powerful, that'll let you get down into alla them fiddly bits, really personalize your site and make it your own.  And you can set up Wordpress on your own website, or have it hosted on Wordpress.com.  And Wordpress is Free.

Free, by the way, is a Very Good Thing.

Or you can let Google do all the complicated stuff, and set up a Blog on Blogger.  Google owns Blogger.  And a blog on Blogger is free.

Blogs are simple.  Blogger will give you a place to type in a title, add a picture, whatever you want to make it pretty and recognizeably belonging to your organization.  And adding your message to the Blog is pretty simple, too.  You type your text into a text box.  You can add pictures and links and whatnot, if you'd like.  But you could certainly just type in some text.  People do.

Okay, so there's your blog on the Web, and your message is in there.   Something new comes up, you type some more text in another text box, and you've added more content.  Again, very simple.

If you have a domain name of your own, pointed at some webpage you already have but don't understand, you should be able to point that domain name of yours at your blog that has your message in it.  As far as folks looking for WHOEVER DOT ORG are concerned, WHOEVER DOT ORG is what they see when they get there.  And what they see is your message you typed into your blog.

And now we get to the beauty part for your purposes.  You can keep putting your message into your blog very simply, and have it delivered to essentially everywhere your audience might be on the Internet automatically.

All modern blogging tools, and that includes WordPress and that hypothetical Blogger blog we just set up, will automatically create something called a Feed.  If you have a blog, you have a feed.  One type of feed is called an RSS feed.  RSS stands for Really Simple Syndication. 

RSS is like sausage.  If you knew how it was made, you wouldn't think it was simple.  But these days, it really is Really Simple.  It's already done adequately well for you by the same stuff that runs your blog, and you don't have to mess with it, or understand it much. There's another type of feed, called an Atom Feed.  That's what Blogger creates by default.  And it's easy to get Blogger to create an RSS feed.  Don't worry about it, either type will work fine for our project here.

So, you have a Blog, with your message in it, at your web address, folks can come and look at that.  And you have a feed.  But you have part of your potential audience that won't bother to come look at your blog.

Let's suppose they are having fun playing with Facebook, finding all their friends and whatnot.  Facebook has tools for adding your feed to your Facebook page.  So new posts to your blog show up on Facebook.  Want a fan page for your group on Facebook?  Same deal; have your Fan page display your feed, which will include copies of what you
typed into your blog.  How do I know?  I do that myself.

Let's add another tool.  We'll run the feed you already have, through something called Feedburner.

Remember I mentioned Google owns Blogger?  Well, Google also owns Feedburner.  You set up a free account at Feedburner.  You tell Feedburner where your blog is.  And Feedburner finds that feed that's already been created for you on your blog, and Feedburner allows you to do a whole bunch more fancy stuff with your message.

A brief side note here.  I've mentioned two options for creating a blog.  There are lots of options.  I've mentioned one option for doing fancy stuff with your feed.  There are several options for that, too.  But for our example, we'll talk about a blog created with Blogger, with it's feed managed by Feedburner.  I have one of those.  I used to have three of those, but that's another story.

So, suppose you've got folks who only read email.  Fine.  Feedburner allows for email subscriptions.  Any time you add a new entry to your blog, it shows up in your feed, Feedburner sees it come out, and those folks get a copy in their email.

Do you have blind folks who should be able to get your message?  If you stick to text in your blog, their screen reader software should have no problem with reading your blog, or reading an email version they get from Feedburner.  But, if your blind audience listens to podcasts, you could use a tool like Odiogo.com to turn the text from your blog into a podcast.  Not a great podcast, basically some computer reading your text aloud, just like their screen reading software.  How do I know this works?  Because I do that myself.

Heard of that thing called FriendFeed?  Well, all FriendFeed does is look at feeds just like that one from your blog, you can get that, too.

Want more than one of the folks on your team able to add content to your website?  Blogger already has ways to allow multiple folks to post new content.  Betcha WordPress does, too.  Both allow for your audience to comment back to you.

What if you are only comfortable with typing emails?  You can set up Blogger to receive emails from you and post them to your blog. You can set up Blogger to receive emails from multiple people on your staff and post them to your blog.  And via your feed, those posts will also show up on your Facebook page, and on FriendFeed, and a whole bunch of other places, if you'd like.  That's Syndication.  And all you're doing with your content is typing it into a little text box.  That's Really Simple.

Wanna get fancier?  Wanna do some audio?  Do a podcast.  It's simple.  How do I know?  Because I do two of them, and I'm not the sharpest tack on the bulletin board.

I won't try to explain everything there is to know about podcasting here.  I recommend a book I recently finished reading, called "Podcasting for Dummies," by Tee Morris, Chuck Tomasi, and Evo Terra.  Don't let the title fool you.  You don't have to be a Dummy to do a podcast.  But it's always helped me.

At its most basic level, a podcast is just a digital audio recording that people can get in whatever manner, via the Internet.  Remember that business about Odiogo I mentioned earlier?  If you set that up, you already created a simple sort of a podcast.  But you could also plug a microphone into your computer, record yourself reading something, put that on the web somewhere with the right sort of link in your blog, you've got a podcast.   You can get fancier, but you don't have to.  "Podcasting for Dummies," that book I mentioned, will explain all that stuff better than I can.

Suppose your audience doesn't have an iPod or any other sort of MP3 player.  Fine.  They go to your blog, double-click on that link in your blog, and their computer will play that audio file for them.  Most people who listen to my podcasts do exactly that. 

If you're concerned folks won't be able to figure out that podcasting stuff, fine.  Record your podcast from a script.  Put the full text of the script, and that special link, into your blog -- which already goes to Facebook, and Friendfeed, and out by email.  Wherever folks are, they also get that special link in the email that they can double-click on, download the audio file and play it on their computer.  Whichever they're most comfortable with.  They still get your message.

Once you've recorded your podcast, you have even more options.  Want to get your message out on Old Media, too?  Contact your friends in Public Radio, and see if they'll play your podcast.  For that matter, contact your friends doing newspapers and newsletters and whatnot.  See if they'll print the content from your blog.

The point is, you can create your content once, do all the seemingly complicated stuff on your end, and your audience gets the content without dealing with anything too complicated for them.  And the part you do doesn't have to be very complicated, either.  You might well manage it all yourself.  People do.  I do it several times a week.

Think all this stuff is too hard for your little organization to manage?  Well, I honestly doubt it, but I respect your feeling that way.  So get a couple of related organizations together, combine your efforts, and do a joint podcast or a joint blog.  Or find some podcaster who's run out of stuff to talk about, and see if they'll do a podcast for you.  By the way, if you've listened to any of my recent podcasts....  Well, you probably get the idea.

And maybe a more important point.  Feel free to ask for help.  Most amateur podcasters, and most bloggers, would be happy to help you get started.  The original meaning of amateur wasn't Not Good Enough To Be Professional.  The original meaning of amateur was someone doing their thing for the love of it.  We love what we do!

And as a fella named Steve Eley, truly the original definition of amateur, though he's nearly making a living these days, said once,any podcaster would be glad to help you get your audience listening.  Because folks who listen to one podcast, are that much more likely to want to listen to more than one.  Maybe mine.  Just sayin'.

There, that wasn't so bad, was it?

Thursday, April 2, 2009

At the last moment

I decided to get another podcast out tonight.  At the last possible moment, I got it written, recorded, and uploaded.

I don't think the quality of the latest episode is anywhere near it has been for earlier shows.  When you wait for the last minute, that sometimes happens.  Unfortunately, though, this reflects poorly on my hoped-for future in professional broadcasting.  Like any job, it's just gotta get done on time.

And I didn't.

Oh, well.



Wednesday, April 1, 2009

I Remember Joe - A 2009 Tribute

I like to watch NASCAR racing, but I only understand parts of it. Up till the late 1990's, NASCAR had a rule, when there was an accident and the yellow flag went out, crashed cars on the track, busted tires & car parts & smoke & flames everywhere, the cars were supposed to "race to the line," dodging alla that junk on the track, to have a good position when the race restarted.

A few years back, they made a new rule. The officials would decide in what order people would line up under the yellow, and no one would race to the line. But one guy would get moved up to the very tail end of the lead lap. "The Lucky Dog."

I started listening to podcasts in 2006. I listened to practically every podcast I could find. I started thinking, "I could do that!" So I started my own podcast, in February 2007.

Joe Murphy died of leiomyosarcoma in April 2007. I honestly don't know if I ever heard the podcasts Joe was on, but I have this vague memory I just might have. I listened to lots of podcasts. Or, honestly, I might not. I didn't get the chance to meet him.

But the folks who went ahead of me, folks I've come to like, admire, and trust, liked, admired, and trusted Joe. He's one of those who made this community what it is. He's worth remembering.

Podcasting isn't about the microphones, the computers, the software, the talk, the music, the time, or the money. It's about the people. And a whole lot of people took a chance on trying this new podcasting stuff, and even regular guys like Joe got a chance to speak. Even a regular guy like me.

I got to tag along on the tail end of the lead lap. I'm the Lucky Dog.

So yeah, I remember Joe. Even so.

But listen to them other folks. They tell it better.

GG20231124 -- Coming (Hopefully) Soon

Show Theme: "Hot Swing" from Kevin MacLeod Listen now?