I hate social networking

I hate social networking. I despise it. All of it.

For me it’s a tool (like me, some would say).

“But, Aaron. You have 1500 friends on Facebook and nearly 10,000 on Twitter. You’re lying.”

Oh but I’m not. I used to love social networking. I used to travel to conferences where other social media people were just to, in hindsight, make myself look more like a stud. That’s why there are so many.

I’ve dated or slept with social media women just for access.

I’ve been that guy at SXSW that, as a former Austinite, I now mock. That one cutting to the front of the blocks-long line to a hot party just to utter those predictable, and douchey words, “Do you know who I am?”

I have the cred I so craved. Even years after I stopped the social whoredom. I get added to Social Media lists on Twitter every day? Why? Because someone thinks if you have 10k followers, you must be important, and therefore, you must be “social media”.

I am important. But not in that way. I am important to my 9 year old son who I don’t see nearly as often as I’d like. I’m important to my company because I can take their WordPress life farther than they dreamed.

I’m important to my friends… My real friends. The ones who drink beer with me or wish they were drinking beer with me like they used to.

I’m not important because I have friends or followers. And the quality of my life is not contingent on my social presence. I could give a shit less.

When you introduce me as technosailor, instead of Aaron, you do a disservice to me and you. You are the one caught up in the social insanity. Go drink a beer or watch Breaking Bad or, for god’s sake, go fuck your wife.

Come with me for a minute as I revisit a moment of my life.

It was 1998 and I was in my religious mode. I realize that most readers aren’t aware of this past and really prefer if I don’t get preachy. So I won’t.

But what was said from a pulpit 15 years ago lives on in me, as a life principle.

In the Old Testament book of Joshua, the story is told of the Children of Israel, after a generation of wandering in the Sinai desert after escaping Egyptian captivity, finally had the opportunity to cross the Jordan River into their promised land.

Joshua, their leader, was instructed to construct a monument in the middle of the river where they crossed on dry land. The monument was to be made of 12 stones (representing Abraham’s twelve sons an the tribes of Israel) and it was to be a celebration of gaining the Promised Land.

It would be really easy, after 40 years and finally attaining your goal, to stay there and live life there. Live in that glorious history and moment.

Except they had a job to do and a land to conquer. They couldn’t stay in that moment. They had to move on. That moment was glorious but they couldn’t stay. They had to do work.

And so we come back to social networking. I’ve been on Twitter since early 2007. I’ve been on Facebook since late 2006.

I could live in the glory of the Internet and social networking but I’ve got a life to live.

Some of you are still mindlessly operating with the idea you can make a living doing social media on the Internet. When you simply can’t. Only very few people can do it well.

As the Jordan River became a part of Israel’s every day life, social networking is a part of mine. I use it. I live it. I meet people there. It is not my life. And if its yours, you really need to re-examine your priorities.

Two-Factor Authentication: What it is and Why You Should be Using it Now

Not too long ago, WordPress sites around the world started getting attacked with automated botnet traffic trying to brute force admin passwords.

The other day, the official
Twitter account of the Associated Press was hacked
.

Last year, Wired reporter Mat Honan was hacked when his Amazon account was compromised. That compromise allowed an attacker to access his Apple ID which gave him access to Mat’s Google account which, in turn, let the attacker into Twitter.

Email, in my opinion, is the gateway to identity theft. It’s bad if your Twitter or website are hacked. You get things like the AP hack. It’s bad, if an attacker gains access to your website and defaces it, or does something else. But as terrible as these things can be (and expensive), identity theft is something that is quite a bit more dangerous.

Here’s a scenario. Somehow, someway I gain access to your Gmail account. It could be that you have a pretty easy password, or you use the same password everywhere, or it can be from some other nefarious means. But I get access to your Gmail.

You might say, “well it’s only email and there’s nothing all that important there.”

But you’d be wrong. If I have access to your email, I have access to everything else. Can’t remember your Amazon password? That’s fine. I can perform a password reset, and gain access by clicking on a password reset link. Then delete it so you never even know it was there. Once into Amazon, using your saved billing information, I can run up your credit card info.

I might even be able to get into your bank, although that’s become significantly more challenging in recent years because of two-factor authentication (which I will get into momentarily).

I could potentially access credit records. Or, depending on the state or locality you are in, your driving and criminal records. And if there is something incriminating in your inbox, I might be able to blackmail you.

Granted, all of this stuff is extremely illegal, but I could still do it if I have access to your email account.

Side Point: Web services that use an email address as the login name are inadvertently dangerous. If I know your email address, I know your login. Then all I have to do is know your password. Whereas not having an email address as a login means I have to figure out BOTH your password AND your username.

Fortunately, Google has two-factor authentication. Amazon, Apple, Microsoft, and Facebook all have two-factor authentication as well. Banks, including Bank of America, all have two-factor authentication.

Two-factor authentication is your saving grace and you need to enable it on every account you have.

What is two-factor authentication?

The easiest way to explain what two-factor authentication is with the phrase, “Something you have, something you know”. You need BOTH things for authentication to happen.

You see this with some biometric systems. Enter a pin (something you know) and scan your thumbprint (something you have).

With banking sites, you enter a password (something you know) and you might identify a unique image (something you have).

You see this with SSH on Linux systems with ssh keys. You provide the server you are logging into with your public key (something you have) and in the “handshake” of authentication, it matches against your private key (something you know).

Google, Facebook and the other services providing two-factor authentication require you to enter your password (something you know) and then they’ll send a pin to your phone (something you have) that you have to also enter in.

It’s a pain in the ass, and certainly I hope technology reduces the friction that two-factor offers to the authentication process, but it’s incredibly important that you have two-factor authentication wherever you can.

Go re-read Mat’s nightmare and you will understand how vastly important that two-factor is. It’s a nightmare. It’s scary. It should be a come to Jesus moment for anyone that operates on the internet.

I will let you use the power of the internet to figure out how specifically to do this for various services, but this wouldn’t be my blog if I didn’t also suggest a plugin for WordPress (.org, not .com) to enable two-factor. I highly endorse the Duo Two-Factor Authentication plugin. I use it on several of my sites.

Hopefully, by enabling this stuff, we can not only stem off a vast amount of hacking attempts, but also become smarter about how we use the internet, protect our privacy and security and, even, in some cases… safety.

Be safe out there!

Bonus: More on 2FA from my friend Mika Epstein (@Ipstenu).

WordPress Hacking and Cleanup

There’s a brute force attack underway on a global scale. Massive. The attack vector? Keep attempting user/pass combos in an automated way until a breakin happens.

If your WordPress site gets hacked, I am available for cleanup and an audit.

Aaron@technosailor.com

It absolutely will cost you a minor fortune. That’s the way it goes. Don’t complain or whine, just get your credit card out.

It would be cheaper to have a strong password and install a plugin that limits failed login attempts though.

But if you don’t, rest assured I can help you despite you having to postpone a vacation in St. Thomas.

Do the right thing.

Abusing Twitter Direct Messages, Spam and Classlessness

This morning I received a Twitter direct message from the official account for I hate JJ Reddick, one of the best Baltimore sports blogs I know of. I like these guys. I read the blog almost every day and follow many of the writers on Twitter. I live in Baltimore, or as we call it… “Smalltimore”. It’s a small town. You get to know people. You run into them all the time.

(To be fair, I have yet to personally meet any of them, but it’s only a matter of time. Most of the writers are one degree of separation away.)

As a Ravens fan, I am on board with them. I’m a fan. But I’m also a Red Sox fan, which makes for some good-natured rivalry with Orioles coverage. I’m not above a good-natured rivalry and it’s all in fun anyway. Or it’s supposed to be.

The Direct Message was simply:

Can you help me tweet out this link of Machado’s homer from last night? Appreciate it! http://ihatejjr.com/content/manny-machados-game-winning-homer-boston-last-night-was-glorious-gif

There are several things wrong with this DM.

For starters, on the superficial level, I’m a Red Sox fan. Machado’s homerun came against the Red Sox and it proved to be the game winner in the top of the 9th inning. My bio on Twitter is:

Author / Former Austinite / WordPress Developer / Football Fan / Ravens, Red Sox, Longhorns, Terps / Equality and Justice for All

Cut and dry. I label myself as a Sox fan. I tweet about the Sox. It’s obvious I’m a Sox fan. So when asked to spread a link that I don’t like, for fan reasons, I say no.

The second problem with this DM is the abuse angle. It’s a much more fundamental problem than simply a fan rivalry. Whoever sent this DM clearly didn’t know his audience, and it becomes painfully obvious that the account was simply sending a mass DM to all followers for the purpose of driving more traffic to the article. The article is written by a Bernaldo, who I don’t know and am not familiar with. For the sake of not making unnecessary accusations, I’m going to assume he was not the one behind the DM.

This tactic of mass DMming is frowned upon almost universally. The fact that it was to drive traffic, which is directly proportional to ad impressions, makes it spam. This is a much bigger issue than just a fan rivalry.

So I sent this response:

No. I’m a Red Sox fan. Please don’t abuse DM like this… ;)

Note the winky face, the international sign for… “Imma let you finish. I’m not mad, bro”

I also said, ‘Please’.

Within minutes, I receive another DM:

You’re a fucking loser just like your baseball team. Blocked.

And Orioles fans call Red Sox fans classless.

This is a small town. I’m surprised that any publication in this city would respond the way they have as, you know, word gets around. It’s just entirely inappropriate and unprofessional. No skin off my nose, really. However, when it’s pointed out that you made a mistake, complete with a ‘Please’ and winky face, I’d hope that most people would follow up with something more along the lines of: “Whoops. Sorry about that. Didn’t mean to spam you. Hope Machado does it again to your boys tonight”.

But hey, don’t let a little good-natured fan rivalry get in the way of a good money-making traffic push to 4500 of your closest friends?

TwentyThirteen

As WordPress 3.6 goes to beta, it’s awesome the way the new default theme, TwentyThirteen (that I’m using on this site), handles a variety of post formats.