Congress Moves to Rein in Illegal Wiretaps

The JUSTICE Act, short for the Judicious Use of Surveillance Tools in Counterterrorism Efforts Act, was brought to my attention today. The JUSTICE Act seeks to put constraints on the Bush-era USA Patriot Act and FISA Act Amendment which drove national security efforts here at home post-9/11.

In the past, I have been a very vocal critic of the previous administration and their liberal assumption of power not explicitly granted to them by the Constitution. Namely, the use of these powers was, in my book, impeachable offenses. That Administration has come and gone, but the PATRIOT Act and FISA still haunt us to this day.

We in the technology community should be alarmed.

The JUSTICE Act, however, brings some sanity to this process. I’ve read a significant portion of the bill (embedded below) and it goes a long way in improving the current situation that allows the government, based on their say so, to direct communications companies (cable, satellite, phone, wireless carriers, ISPs, etc) to hand over data on American citizens without warrant, and in a far-reaching and unfetter fashion. By placing investigations behind a veil of opaquenes that is unable to be questioned even by other courts, the executive branch of government, under the Bush Administration and in the name of National Security, assumed an exclusive lock oninvestigatory powers without constraint.

3531416607_3e8e066127This bill does what should have been done with the previous bills – considerations for Due Process, First Amendment rights and checks and balances.

Notably, the JUSTICE Act attempts to place the limitation and focus of National Security Letters (directives issued from the Director of the FBI) back on foreign powers and places significant protectionary road blocks between the government and the citizen.

While I do not trust the government to actually be able to do the right thing, the fact that this bill is introduced tells me that there is a recognition that when checks and balances are in effect, as they were intended to be, it’s much harder to do the wrong thing. It’s called accountability and the more we have, the better we’ll be.

EFF is hosting a call to action, allowing folks to automatically send a note to their Senators.

The Washington Redskins Crowd-sourcing Their Games

A week before the start of the NFL 2009 season, Cincinnati Bengals Wide Reciever-turned-parttime-kicker, Chad Ochocino, tweeted to his fans that he was going to delete his Twitter account due to strict NFL rules. Of course he didn’t, and Ochocinco, always a showman, used it to deliver more buzz around his ego.

However, the NFL rules around social media are draconian and many inside the league know this. Earlier this month, they released an updated policy that bars players and their agents from tweeting up to 90 minutes before or after a game. Members of the press are not allowed to tweet during the game either or risk having their credentials revoked.

This is the landscape in the most popular sporting league in the nation. The NFL has enjoyed widespread success through control mechanisms like blackout rules that prevent a team from having home games aired in local television markets if the game isn’t sold out 72 hours before gametime. Though most home games league-wide are sold out, the recession has caused some teams, like the Jacksonville Jaguars, to not be able to sell out.

2897040936_c9546b9679This is what the Washington Redskins face who, on Sunday, will open their first home game at FedEx Field and will be encouraging fans to tweet during the game. The new effort comes as part of a renovation of the Club Level and embracing of social media, Redskins VP of eCommerce and Web Strategy, Shripal Shah, tells me. In this new club level will be the game on massive HD televisions surrounded by live-streams of Redskin fan reaction to the game, but reactions will also be online for fans not in the club level.

The Redskins hope to get reaction from all fans through a new site called Redskins Twackle that does more than just pull tweets having a #redskins hash tag. In addition, they are pushing an iPhone App that will help crowdsource this data into the Redskins Twackle site.

Twackle is not a Redskins technology. Twackle is a product of XTreme Labs and is billed as “Your sports bar in the Twittersphere”.

While it’s not entirely clear what this play will do for new media in the NFL, it will be interesting to see how the League reacts.

* Image Credit: Mad_African78 on Flickr

Update:
The Twackle app in the iTunes store is not an official Redskins Twackle app. It is a generic app released by Octagon, not Xtreme Labs. Commenter Lahne notes that the NFL social media policy is slightly different than what I listed here. For the breakdown, see Tailgate365.

Ethical Questions over Apps.gov

It’s been no secret since the Obama administration took office, that a key technological interest for the administrations tech policy would involve Cloud-based, Software as a Service (SaaS) initiatives. To that end, contractors and providers have been jockeying to provide cloud service to the federal government.

One of these contractors, notable for their size and breadth within the government I.T. contracting ecosystem, is Computer Sciences Corporation [CSC], who has partnered with Microsoft [MSFT] to provide a specialized product offering for the government.

Interestingly this week, the federal government jumped on the the “app store” movement, made sexy by Apple [AAPL] and expounded on by BlackBerry manufacturer Research in Motion [RIMM] and Palm [PALM] and now Google [GOOG] with their Android phones.

Incidentally, I’m including stock symbols for a reason. Follow the money and see where it goes. Thats your homework for the day, kids.

Screen shot 2009-09-17 at 1.52.02 PMThe new government offering, Apps.gov is a new “app store” for the federal government. Unlike other app store offerings that are geared toward mobile computing, this app store, an initiative of the GSA seeks to be a clearing house for cloud/SaaS services for the federal government. I’d be lying if I told you I thought this wouldn’t work in driving adoption by other federal agencies of these services.

The App store is divided into four sections: Business Apps, Cloud IT Services, Productivity Apps and Social Media Apps. Most of the applications found in Apps.gov are for-pay services and they are only available for purchase with a government purchasing card. These pay-services include a variety of products from Force.com, creator of the highly popular (if onerously annoying) Salesforce, and a variety of Google Apps products (all paid).

Interestingly, there are free products as well, and this is where I have ethics questions. Many of the products that are free, mostly in the Social Media section, are tools that are used everyday in social media, blogging, and web culture. Many of these apps we take for granted and talk about everyday. Applications like Slideshare and DISQUS have been used on this blog absolutely free of charge.

However, in the government, there always needs to be a tradeoff. You do something, you get something. Even Freedom of Information Act provisions make getting information a freely available right, but it doesn’t make it free. Most requests must be paid for.

Even when working with Lijit, I spent weeks and months trying to get one of the campaigns to adopt the product, but we couldn’t get it done as a free product without it being considered a campaign contribution. Granted, campaigns are not government, but you see where I’m going with this.

Daniel Ha, the CEO of DISQUS commented that they work with a variety of government agencies but that the GSA requires agreements to keep things official and on the up and up. This does not surprise me. It seems to be necessary. Ha did indicate that he was not aware of Apps.gov though, which seems to indicate that the app store was simply populated with providers who the GSA has a record of. It seems to me there’s some kind of missing piece here and I can’t put my finger on what it is.

When browsing around Apps.gov, it is not immediately known how providers get listed in the store. This is where my ethics questions come up. Companies listed in the store gain an implicit endorsement by the government, and probably immediate adoption in other agencies struggling to identify which services should be allowed and which services should not. This is not a transparent process of product selection or offering that I would have hoped for, though on the surface, it is certainly a good step in the right direction.

The major missing piece here is a transparent statement that informs the public on how apps are selected, if there is money changing hands (pay per play), how companies can get their own apps listed, etc.

This is the same problem Apple [AAPL] has had with the iTunes App store and arbitrary selection. It is such a problem that the Federal Trade Commission is looking into it. It also sets up a possibilty of an FTC investigation of the GSA for anti-competitive practice, though I’m not entirely sure if that is logistically or legally possible.

My point is that GSA is doing the right thing here, mostly. They just need to tweak and get rid of any shadow of wrongdoing or ethics questions.

Government as a Platform?

Data, data, data. This is the answer for government in this new world of Government 2.0. Making government available to the citizens by building platforms for change. These are the ideas bandied around when the Silicon Valley Warlords came to Washington, D.C. this week to put on the invitation only Gov 2.0 Summit and teach Beltway insiders how their successes in the Valley could be instituted in the center of government.

The center of government. The center of politics. The center of policy. Of course, if the warlords have their way, the center of technology.

The concept of government as a platform is a good one on the surface. The idea that making government a series of, for lack of a better words, APIs to help the citizen understand and access their government officials and services better is a noble one. However, it is naive, and this is where the native-understanding of Washington comes into play.

The rest of the country looks at Washington as a city that is always in-fighting. That the entire ecosystem is made of bureaucratic citadels of power that never accomplishes anything. Incompetent politicians who all lie, lie, lie.

For those of us inside the beltway, we recognize that partisanship is a means to an end. That policy takes a long time to change, policy makers remain embedded as established government for years and even decades, and that politicians come and go. This is part of the expectation in our Washington. The agencies exist, made up of rank and file – the foot soldiers, if you will – and the policies in place in those agencies come from decades of precedent in some cases.

Some of it needs to be changed, and to the extent that OpenGov and Gov 2.0 can open up the doors to this change, then it will. However, some of this will never change and it’s not necessary to try to change it. Precedent generally exists for very sound reason.
lincolnmemorial

What will fail, however, is the replacement of the Washington system made up of politics, policy and also data by a fraternity-style, easy-money lifestyle of the west coast. While they talk billion dollar valuations on startups, we talk about billion dollar annual budgets for Level C agencies. Two different worlds. We have a much bigger stake, and therefore, we’re less likely to change how we do things because they suggest we should.

My suggestion is to O’Reilly and Camp: Come back to Washington, D.C. I know you’ll be back for Gov 2.0 Expo in the spring, but come back for a Summit too. Instead of dictating how the event goes, however, open it up. Make sure 50% of tickets are available for free for any verifiable government employee. (General consensus is the attendace was around 70-30, Private-public, a guess since O’Reilly Media declined to comment on attendance figures). Double the price for the private sector tickets to compensate. Here’s a hint: The federal fiscal year doesn’t begin until Oct 1. Budget money isn’t available to pay for the agency employees to attend your event. This isn’t the private sector. Money needs to be accounted for, especially during a recession. If you want this to be about government, ensure that the Feds can go free of charge and charge the Private sector double.

Secondly, allow questions from the audience. There was extremely little interaction with the audience by speakers. This needs to change if it’s going to be a learning environment.

I’d also suggest the need for a competitive event. With everyone who has dipped their feet into the Government 2.0 kool-aid, precious few have kept their noses clean from federating around this very failed event. I said in November that few of anyone has this industry figured out yet, yet the money flowing in from the Valley has caused almost everyone to sacrifice their independence and free-thinking (How many of you on that Gov 2.0 Summit Advisory Board are free to do a competitive event?)

I’d encourage some of the historically free-thinkers who have given up their independence to think about how government can really be assisted (let’s not talk about fixing government – they innovate much better than we do, actually) in different ways. I think there is room for events that will avoid the thumbprint of previous event and will federate around real ideas, not just inspiration speeches.

* Photo Credit: Big Berto

WordPress Security and How I’m Going to Take All Your Money

So, it’s happened again. Another vulnerability discovered in WordPress that is now becoming the raging topic around the blogosphere. Is WordPress insecure? Should people move to another platform? If we stomp our feet loud and enough and whine enough, then we can make WordPress look like a ridiculous piece of software that only amateurs should use.

I call bullshit. Here’s why.

The current security paranoia is around an exploit that has already been fixed! That’s right, it was known and fixed two releases ago. The problem is, the people complaining about WordPress’ security are running old software. They didn’t bother to do the responsible thing and keep their blog up to date!

See, WordPress has two different types of releases. Major releases (2.5, 2.6, 2.7, 2.8, etc) provide new features. These releases keep the software innovative, bringing new functionality to bloggers every 4-6 months. Security releases (2.8.1, 2.8.2, 2.8.3, 2.8.4, etc) are arguably more important than major releases because they keep you safe!

Bloggers who ignore these security releases do so at their own risk.

And because of that, when you are hacked, I will charge you an assload of money to fix you up! Believe it.

There is nothing more I want to do on a holiday weekend that also happens to be my birthday weekend, than to fix peoples blogs who didn’t bother to take care of themselves. It’s personal responsibility. Oh, I’ll do it. You won’t like the bill, though.

If you’re using WordPress 2.7+, as said loudmouth blogger was, it’s so simple to keep things up to date with the auto-upgrade button. WordPress even informs you when your version is out of date and provides a direct link to the upgrade page. If you ignore that, it’s not my fault… it’s yours.

For clients hosted on my servers, you are up to date. Why? Because I make sure of it. For the rest of you, do your part, so I don’t have to. Because my part will be making your blog secure, but it will also be sending you a sizable invoice.

Cheers, and happy Labor Day!

Suicide League 2009

Dear {INSERT NAME HERE} :-p

Late last night, I had an idea to run a Suicide football league. I’ve done these before, though I admit that this is
the first time I’m using a service and not aggregating results by hand. We’ll see how this goes.

The concept of a suicide league is painfully simple, yet the strategy can become painfully complex. In simplest form, you pick one winning team each week. You cannot pick a team that you’ve picked before (this is where strategy comes into play). If you pick a winning team, you move on to the next week. If you pick a losing team, you’re out. Simple, right?

There’s a $5 buy-in on this league which will benefit Blame Drews Cancer (http://blamedrewscancer.com) and Livestrong (http://livestrong.org). You can paypal me the money (Paypal is aaron.brazell@emmense.com). You can also send me a check if you contact me for a mailing address.

There is no immediate rush on payment so take your time, but if you leave me holding the bag, I will demand ultimate retribution from you. What this is will be decided later and unilaterally. :-)

So, get your team, send that money and tell any of your friends who want to play to send me an email
(aaron+suicide@technosailor.com). The more the merrier since you’ll all probably be dead by Week 3.

Happy picking,
Aaron

http://twitleague.football.cbssports.com/e

Our Pool password is: reds0x

BASH Script for WordPress Backups

A lot of people are worried about backing up their WordPress installs on a regular basis. I know. I get that. Here’s a script you can use if you have access to the shell. Put this sucker on cron (For many Linux distributions, you can put it in

1
/etc/cron.daily

if you have root access. Otherwise, use whatever mechanism your hosting provider offers for cronjobs/scheduled tasks.

Also note that while this script will work fine for most Linux distributions, you should know that every distribution is different and minor modifications may be necessary.

Standard Disclaimer: This script is free of charge and, thus, unsupported. Functionality is neither guaranteed nor implied. I work as a consultant and have many years making WordPress work for companies and individuals. If you want support, you have to pay but I’d be happy to work with you. Contact me for paid work only at aaron@technosailor.com.

With all that done, here’s the script. Make sure you remember to edit the appropriate variables and make it executable.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/bin/bash
#### DO NOT EDIT
DATE=`date +-%y-%m-%d--%T`

#### EDIT BELOW

# If CREATE_ZIP is 0, then a tarball will be used (default). If 1, then a zip file will be used
CREATE_ZIP=0
# Accessible/writable directory for temp storage
TMPDIR=/tmp
# Absolute path to WordPress backup storage location
WPBACKUP=/backups
# Absolute path to WordPress install.
WPDIR=/path/to/wordpress
# Enter Database connection details from your wp-config.php file
WP_DBUSER=user
WP_DBPASS=password
WP_DBHOST=localhost
WP_DBNAME=dbname

#### STOP EDITING
if [ ! -d $TMPDIR ]; then
    mkdir $TMPDIR/backup
fi

if [ ! -d $WPBACKUP ]; then
    mkdir $WPBACKUP
fi

# Dumps the database
mysqldump -h$WP_DBHOST -u$WP_DBUSER -p$WP_DBPASS $WP_DBNAME > $TMPDIR/backup/wordpress-db.sql
 
# Create Archive
if [[ CREATE_ZIP -eq 0 ]]; then
    # Tarballs the Database and WP files
    tar -cvf $TMPDIR/backup/backup$DATE.tar $WPDIR/.htaccess $WPDIR/wp-content $TMPDIR/backup/wordpress-db.sql 2>&1
    gzip $TMPDIR/backup/backup$DATE.tar
    # Move archive to backup location
    mv $TMPDIR/backup/backup$DATE.tar.gz $WPBACKUP/
else
    # Zips the database and WP files
    zip $TMPDIR/backup/backup$DATE.zip $WPDIR/.htaccess $WPDIR/* $TMPDIR/backup/wordpress-db.sql 2>&1
    # Move archive to backup location
    mv $TMPDIR/backup/backup$DATE.zip $WPBACKUP/
fi