How I Rediscovered Purpose

This weekend, my life purpose was reawakened. And it was important.

I had the chance to not only attend, but also speak, at the inaugural WordCamp US in Philadelphia.

But before we go there, let me share some related feelings.

The first WordCamp was held in 2006 in SF and I was one of a few people who had the privilege to speak to that audience. I don’t even remember what I spoke about but it was designed as an unconference.

Ok let’s go remedial for a moment to explain what an unconference is. A decentralized get-together where people who have an idea can share it… As opposed to an organized conference of your traditional means.

All this to say… WordCamps have trended more toward traditional conferences as opposed to a community-driven “dinner table” sort of thing.

But, while there have been hundreds, if not thousands of WordCamps since, across the globe – of which I’ve organized two – the “big one” that attracts attendees from all over the globe, has been WordCamp SF where it all began. And it has largely been spearheaded from the top down. It was an important move, inline with open source ethos, to democratize the big one. And so the Philadelphia WordPress community and WordCamp Philly organizers were given the opportunity to do “the big one”.

And boy did they do it.

There was a tone to this WordCamp that was different than every other WordCamp that, to my knowledge, has ever been organized.

You typically find WordCamps, generally organized for the regional community, catering to every level of user… From non-technical users wanting to understand how to market their content on Google, to talks about leaving a day job to freelance.

Wash, rinse, repeat.

There’s a reason why veterans in the industry typically hang out in the hallway talking to each other instead of going to sessions.

This WordCamp had a forward-thinking tone that had sessions oriented in such a way to challenge the norm and looked at what WordPress could be instead of what it was. It was truly amazing and inspiring.   

Look, WordPress runs one out of every four websites you’ll visit today. It’s a gigantic responsibility but… Those of us who work with it every day also are the first to forget that. We treat WordPress like a job.Freelancers find a way to find gigs that will get them to their next gig. Agency folks take the tasks assigned by project managers and make them reality knowing that next week, we’ll have another task. Product folks keep building out features because a couple people want them.

We forget that every line of code we write contributes to humanity.

Every line of code enables a freedom fighter in the Middle East.

Every line of code expands the ability for an activist to achieve her intended goal.

Every line of code allows a young man in a Congolese village to communicate with his community isolated by physical obstacles like jungle.

Or sell a product they hand craft online to customers who can’t reach them.

It builds economy. It builds relationships. It builds humanity. It gives those who have less opportunity the ability to compete with those of us who have more.

I watched as Anthony D. Paul built a website using nothing more than a smart phone. Important because developing countries are being flooded with free smart phones where there is no Google Fiber or Comcast.

With WordPress 4.4 being released on Tuesday, we will for the first time, have the ability to break WordPress out of the paradigm of “running websites”… We will be able to run apps, run data visualizations, create elaborate interactive stories.

And what’s the most fundamental means of human evolution? Storytelling. Passing knowledge from one generation to another.

I got into this world… I spent hours of many nights over many years pouring myself into WordPress and I have admittedly allowed it to become my job. I forgot why I got into it. I lost my inspiration.

This weekend, I remembered. I want to change the world. Literally.

So thank you everyone who organized, sponsored with real money, the speakers and every single one of the hundreds of people I spoke with. You made WordCamp. You gave yourself to me, to the community and… By definition… The world.

Asynchronous WordPress

This morning, at WordCamp US, I will be giving a lightning talk to a room full of WordPress professionals from around the globe. This talk was given earlier this year at WordCamp Baltimore as a full 45 minute talk, but sadly, I don’t have that kind of time today. So I figured I’d provide those attendees and anyone who might be interested additional context.

In WordPress, there are a “event opportunities”, usually referred to as hooks, that occur throughout the loading of a page and execution of the WordPress code. Which hooks are fired depend on the context. If you’re publishing a post, one series of hooks trigger. If you leave a comment, another series of hooks fire. If you’re in the WordPress admin, a different set of hooks are executed.

All of these hooks exist without any sort of innate overhead. They exist to allow other areas of code, including plugins or themes, to attach events to them. We are used to these things. Plugins have created all kinds of things over the years that might get triggered by a hook.

Some examples:

  • When a post is saved, a third party service analyzes the content and provides a set of suggested tags.
  • When a post is published by an author, an email is dispatched to an editor for review.
  • When a new user is added, information from social sources is pulled in and added to the user’s WordPress profile

All of these sorts of events add liability to WordPress in the form of processing time or load time. In the case where many events are queued up to be executed or, particularly, third-party APIs are slow to respond or possibly even down, the execution time in WordPress will be increasingly long while the web server waits for responses. This is a bad user experience as the user may just be sitting there watching and waiting for something to happen. In extreme cases, this waiting may timeout resulting in errors.

Some time ago, 10up was engaged by TechCrunch to solve a long and lingering problem with the site load time. One of the bottlenecks discovered to performance was a series of events that were occurring, particularly around the Crunchbase API at the time, that was causing significant delays as every occurrence of the save_post hook also carried a call to the API to get information about investors, startups and key people mentioned in the article. and render the information in the article.

We created a library that TechCrunch open-sourced and that is the topic of this talk. This library essentially offloads events that would be on a hook like save_post and fires it asynchronously 1.

This WP_Async_Task class can be included as many times as wanted as it will ever only ever be included once thanks to a class_exists() check.

Once this core class is included, it’s time to get to work. For every hook (not event) that you wish to fire asynchronously, this class must be extended with a protected $action variable which contains a string identifying the hook name and two required protected methods – prepare_data() and run_action().

The prepare_data() method exists to take a numeric index of data passed into it. The purpose of this method is to return data identical to what would traditionally be passed into the hook you’re making asynchronous. The save_post hook takes three optional arguments 2 — $post_id (integer), $post (object of type WP_Post), $update (boolean).

The run_action() method accepts the returned array from the prepare_data() method as a $_POST superglobal, so normal sanitation should also happen in the context of this method. This method is where you would define your newly named hook “wp_async_save_post”. Code examples can be seen on the Github page.

Notes:

  1. More like faux-asyncronously since they are really just moved to the end of execution on the shutdown hook
  2. Despite some arguments, with some hooks, being optional to use, they should not be optionally returned in these classes, as any event from any plugin may or may not use all three arguments — return all data that is available to be used by the hook!

Wish Me a Happy Birthday. Give.

Tomorrow is my birthday and I’m going to be 39.

That’s one year shy of 40! Yikes!

I want you to give to someone else. Read on.

This past year has not been the easiest in my life. In fact, it was maybe the hardest. In the past year, I saw myself recovering from unemployment to being financially on top of the world to being beyond broke. I saw myself visit the darkest part of soul as I struggled with severe, sometimes crippling depression. I saw a relationship slip from my grasp while also going through recovery, joining 10up and getting back to a healthy place in life. It’s truly been up and downs for me, and while it’s been painful in many ways, it’s also been very rewarding.

Particularly when it comes to recovery from depression, I’ve come to realize how much of a positive impact it is to be outwardly focused and put resources, time, money and focus on others.

Tomorrow, my Facebook and text messages will explode with happy birthday messages, and I’m grateful. I hope in addition to sending me well-wishes (or maybe offering to buy me a drink… you can do that too), you’ll consider giving to one of these organizations, all representing my interests (my very diverse spectrum of interests!), that are working toward a goal near and dear to me.

European Migration Crisis

Enlarge

13896634227_7c2f4cd640_k
01.05.2014 Hamburg, Germany: 500 people opened a Refugee Welcome Centre in Hamburg situated in an empty school, while Hamburg City Council and the ruling SPD refuse and fail to solve the problem of the Lampedusa in Hamburg group. As the Hamburg Government is not willing to find a political and humanitarian solution, people took the initiative and showed how easy things can be solved!

Rasande Tyskar, via Flickr

As so many refugees are flooding into Europe from Syria and the Middle East, many EU nations are strictly interpreting EU rules that require member nations to “hold” asylum seekers in-nation until clearance can be granted by the entire EU body of nations. Due to the sheer number of refugees, this is creating enormous humanitarian challenges and tempters are running high. Across the EU, governments are struggling with what to do with hundreds of thousands refugees while the general population in most member states fall on the side of the spectrum that is welcoming to these refugees.

The International Refugee Council is based here in the United States and is coordinating with refugee councils in Europe on managing the crisis in Europe. Please consider making a donation to the IRC to assist in these efforts.

Forever Homes For All the Dogs

Enlarge

Fender Excited about Snacks at Christmans
Fender Excited about Snack at Christmans

I met Fender in 2011 after he was unceremoniously abandoned at Whole Foods in Austin. I decided on that day to give him his forever home. In that time, he has lived in two states, two cities, peed on 13 state capitals, claimed 973 bushes in Baltimore and has been loved and cherished by all who have met him. He’s a joy to have next to me, even when his 25 lb stretched out frame takes up my entire queen size bed, at times, relegating me to the floor.

Though I did not adopt Fender via Austin Pets Alive, their mission resonates with me. Many people I know have either worked for, volunteered with or adopted from APL, Austin’s largest no-kill shelter. The national standard for the “No Kill” label is 90% of all pets being adopted or fostered.

Since I adopted Fender, I’ve advocated for people adopting a pet rather than getting a puppy from a pet store, which are often sourced as “puppy mill” puppies. It’s so much more rewarding to take a broken and hurting animal and give that pet the life of royalty. To make that pet feel special, when they have had their trust shattered in the past through abandonment or abuse.

As a birthday present to me, if you’re in Austin, go volunteer or adopt from APL. If you’re not, please consider a donation to help APL continue their mission.

Free as in Speech, not as in Beer

Enlarge

A Colombian teacher uses WordPress.
A Colombian teacher uses WordPress.

Photo by Oriana Robles, via Flickr

I have made an entire career on open source software such as WordPress. I’ve had significant contributions to the community, including being a cofounder of WP Engine, writing the WordPress Bible (sadly, out of date — ask Wiley to let me write another edition!) and WordPress core and plugin contributions. Not bad for a kid from Baltimore that dropped out of college and never got a degree.

I wouldn’t have been able to do this without free, open source technology. Free as in speech, not as in beer… free does not indicate that money does not change hands. It indicates that my software can be taken, modified and distributed for other purposes.

In much of the developing world, including Africa (where I also have roots), money goes less farther than here in the relatively prosperous western bloc. When 25 cents can buy a meal, expensive proprietary software is simply not an option. The developing world is where open source becomes extremely important in bridging the digital divide.

The Free Software Foundation is on the forefront of open source technology distribution and evangelism here in the United States and abroad. For my birthday, help them continue being that champion.

Thank you, in advance, for a birthday gift on behalf of me to one of these, or many other organizations, that are doing the hard work.

New Adventures with 10up

It’s such a weird feeling.

Since I began this blog in 2004, I’ve been able to say I was truly hired exactly one time.

That day was Jan 9, 2013.

In 2004, I was employed by Northrop Grumman. In 2006, I left NG to pursue the startup world, I took up residence at b5media as the CTO who never got the title. I did this on a contract basis. I worked for myself for a very long time, got hired in 2013, left that job in 2014 and went back to working for myself. I just realized, over time, that I wanted something different.

I’ve avoided agencies, though quite a few have wanted me. These usually boiled down to what I term as “web development sweat shops”… Usually in the political space. They ramp up for campaign season – presidential and mid-term. They have a bunch of sales people in suits driving deals with campaigns – federal, state and local – to build websites and promote whatever brand of ideology they adhere to and the developers are overworked, have no seat at the table, and generally are expected to perform and work at 200% or risk getting fired.

I’m not that guy, so I’ve avoided agencies.

Unrelated note: Republicans have the deepest pockets. They spare no expense and question no cost. Democrats are far stingier. Though I fall on the left politically, I’m a capitalist who wants to make money as long as my name isn’t on it. Sometimes leaving ideology behind is worth it economically. Redistribution of wealth to my pocket, as it were.

I have, however, encountered a number of agencies who do not work in the way I abhor. One, in particular, is 10up.

For the past month, I’ve been working full-time with 10up on a contract basis. I’ve been blown away by their drive and collaboration from top to bottom. I have gotten to sample the goods and ensure they meet my high expectations of “work”. I have been respected and valued, and that is how they treat their entire team.

We have seamlessly worked together to ensure that, in a distributed company, I could deliver on my commitments of chemistry, communication and charm (the last not being a real thing, but I needed 3 C’s to be a better alliterative writer).

Prior to this engagement, I recognized 10up as a high-level WordPress agency. They only do WordPress, unless there’s a supplemental solution that engages the WordPress ecosystem. They give back to the WordPress community. In fact, they actively participate.

But I really knew very little about the nuts and bolts and the extent of their work. Now I do and I’m proud to call myself a 10upper as of tomorrow morning.

Thank you, Jake Goldman and team for the opportunity and the last month of fun, work and amazing innovation. I’m looking forward to doing more.

Something that caught me early on was an engagement between 10up and the company I helped start, WP Engine. It happened in San Francisco this past Christmas season and you may have heard about it… GIF the Halls.

It so happens that I will be working on the team that pulled that engineering feat off. I refer to it as the DARPA of 10up. The team tasked with creating crazy stuff that nobody has tried. GIF the Halls was a crazy project my team did. It tied WordPress with cameras for video greeting messages at the holidays. As a photographer, that’s right up my alley.

Can’t wait to try new crazy stuff. Onward!

Adding a Time Start to WordPress Media Embeds

Ever have those times that you’d like to share a piece of media but have it start at a particular time? I did recently, and figured I’d share my solution.

It turns out, WordPress does not support this feature out of the box (though you could argue, theoretically, that it should).

We just remembered the 50 year anniversary of the Selma march which was nicknamed Bloody Sundy as 600 civil rights marchers were attacked viciously by law enforcement in 1965. It seems appropriate to sample the MLK “I have a dream speech for this demo.

Now of course, it’s all a great speech worth listening to, but what if I want to start the audio at the place we all know?

Boom, just like that. The nuts and bolts of this are tied up in this code:

Simply, I filter the shortcode attributes for the audio and video shortcodes adding a new argument – “start”. This is in seconds.

The second adds a little snippet of Javascript after each embed that moves the internal time pointer to the appropriate spot in the supplied media.

Caveat: This will not work for media that is simply cut and paste. While WordPress will translate appropriate media URLs into embeds, it does not pass anything more than the required `src` argument.

Full source code, as a WordPress plugin, can be found on Github. (Pull requests encouraged)

If I Had to do it All Again

As I sit here tonight, at a bar, typing on the WordPress app (which will undoubtedly make my fingers cramp typing long form), I’m thinking about my life. What has made me a man, a developer, a friend, and lover (I can even get in Oxford commas on the app!)

In exactly five hundred and fifty six days, I will be 40. FORTY!

I don’t look like an old man.

I don’t (usually) feel like an old man.

I don’t even behave like an old man.

Note: what follows may sound like I’m saying “Get off my lawn!”

Where were we? Oh yes, FORTY.

I just finished my first week on a new job. I’ve been doing WordPress stuff since 2004. I was learning PHP in 2000. I was developing coding chops in 1987 on an Apple IIc!

I’ve been married. Divorced. Had a kid. Owned a house. Chased the rabbit hole that is the American Dream™.

I’ve loved and I’ve lost. I’ve had dear friends pass away from cancer and heart attacks. I’ve watched national tragedy and personal tragedy, and even suffered my own.

My perspective has evolved. Sometimes willingly, sometimes not.

Take weekends and evenings. You may be single. You may not be. It doesn’t matter. Don’t work at all hours of the day and night. You’ll be less productive, because you’ll be less rested. You’ll also be better socially adjusted.

Get up early. Don’t sleep in until 11am. Your body wasn’t meant to do this. Don’t force it to. It will rebel. Related to this, and the last point, get to bed before midnight.

The man who cooks is the man who gets the woman. I’m happily involved, but my girlfriend and I both love to cook. And you know what? It got me ahead when I was single. No woman wants your idea for dinner at your place to be frozen dinners or delivery (there’s a time and place for delivery!).

Find passion that you aren’t aware of. Later in my adult life, I bought a camera and started learning how to shoot… How to visualize and see a photo. Do something, try something. Get outside your comfort zone and challenge yourself. Volunteer!

Always learn. When I started on WordPress, I was hungry. I was curious. I started learning the ins and outs. I admit that in more recent years, I’ve allowed myself to get comfortable. I’m working on some other interesting things that will stretch me even more. If you’re in tech, you have no choice but to move forward. If you don’t learn, you’ll be left behind.

Don’t take the world literally. Seriously, stop. I’m looking at you, political nerds. Stop parsing everything that politicians do. They do it because it’s politics and all the crazy is a vast, orchestrated act to get you worked up and supply them with power. Live your life. Change what you can and accept what you can’t.

Read. Everything. I’m not a book guy, but if you are, have at them. Spend less time on Facebook and Reddit and more time on sites with content that is written at a college level with an informed, intellectual audience. Read The Atlantic, Ars Technica and the huge variety of other excellent sources. Stretch your intellect.

You’re not right. At least some of the time. Give grace to others, even if you “know” you’re right.

That’s it! Or at least all I can think of after 14h of work and several beers. My hands aren’t even cramped!

Update: The dress is white and gold, you morons.

Weekly Blog Post Challenge

Back in 2004, I, like many other people in the WordPress community began blogging. We didn’t, I don’t think, get into WordPress because we wanted to write code or build a career. We got into it because we wanted to write. Our natural talent and curiosity took over, however, and we began writing code.

At some point, I broke this blog apart into other blogs… a personal blog, a photoblog, a sports blog, etc. All of these are spread around and in various forms of repair or disrepair.

I have nearly 1k posts here, down from 2k a few years ago when I did a purge. But I’ve only written 12 since January of 2013. TWELVE. Sadly, life takes over and work takes over and, at least for me, the artificial silos of “this blog is for professional writing, this one is for personal writing” and so on has kept me from deciding… I want to write again.

As Twitter became ubiquitous, most of my professional interactions began happening over there. Instead of my photoblog, I’ve leaned more on Flickr and Instagram. All of this has left my blogging in a sad state of disrepair.

My friends and colleagues, Brad Williams and Dre Armeda, have realized that they really want to get back to what they love doing and that’s writing more. Brad has committed to writing 100 posts in 2018 (a goal that is ludicrous for me).

Dre has begun a Facebook group (feel free to join if you plan on joining us in this exercise!) where members can encourage each other and share their content. Not everyone is committing to 100 posts. For me, I’m committing to one post per week.

I suppose now is a good time to explain that the invite to join me in this exercise does not mean you have to write about WordPress, or for that matter, any topic whatsoever. If you want to pick a topic (law, science, dating, oncology!!!), feel free. Or talk about any multitude of topics. But the exercise is more about the therapeutic exercise of writing and not so much about what you’re writing about. And it’s to give you (and me!) peers to keep us going forward.

This does count as the first post of this new commitment. I’ll have another one next week.

As part of this whole reboot, personally, I plan to consolidate my various blogs into this one. Since my online name is technosailor, it seems appropriate that technosailor.com should be the hub for everything else.

I’ll also be building a new theme that will accommodate all of this merged content and, frankly, WordPress has come far enough since I was blogging regularly, that it’s completely likely I can leverage new forms of content that I didn’t have access to before.

Anyways, I’m off track. Please do join me in this experiment. It will be fun!

Looking for a Top Notch WordPress/PHP Developer

If you’re in Baltimore and are a developer, or if you are in Baltimore and know someone who is a developer… Heck, if you’re in DC and are a developer or know a developer, we need you. (You can be to work in under an hour on the MARC train).

Some of you know what I do and who I do it for. I work for a company that has consistently been rated in the top 3 companies to work for. We’re fun and relaxed and our content producers focus on publishing in the financial industry.

Dogs are regularly in the office. We wear shorts and sandals to work. It’s an a-political group – as in office politics. Everyone works well together from the execs down to customer service.

We believe in “Fail cheap and quick” as a lean startup sort of mentality and everyone is empowered to just try stuff if it makes sense.

What *I* do is build awesome web technology to support the business. Plenty of WordPress but now we’re building out huge APIs for reporting and consumer-facing tools. And that’s not WordPress. That’s Laravel and MVC, if you’re curious.

We are looking to add another developer with real chops. PHP, JS, REST APIs, SQL for now with NoSQL as a viable thing for the future. We largely operate on Rackspace and Amazon EC2.

I’d love to hear from you or your developer friend. Send me your resume and cover letter but let me see your github as well!

abrazell@agorafinancial.com

Two-Factor Authentication: What it is and Why You Should be Using it Now

Not too long ago, WordPress sites around the world started getting attacked with automated botnet traffic trying to brute force admin passwords.

The other day, the official
Twitter account of the Associated Press was hacked
.

Last year, Wired reporter Mat Honan was hacked when his Amazon account was compromised. That compromise allowed an attacker to access his Apple ID which gave him access to Mat’s Google account which, in turn, let the attacker into Twitter.

Email, in my opinion, is the gateway to identity theft. It’s bad if your Twitter or website are hacked. You get things like the AP hack. It’s bad, if an attacker gains access to your website and defaces it, or does something else. But as terrible as these things can be (and expensive), identity theft is something that is quite a bit more dangerous.

Here’s a scenario. Somehow, someway I gain access to your Gmail account. It could be that you have a pretty easy password, or you use the same password everywhere, or it can be from some other nefarious means. But I get access to your Gmail.

You might say, “well it’s only email and there’s nothing all that important there.”

But you’d be wrong. If I have access to your email, I have access to everything else. Can’t remember your Amazon password? That’s fine. I can perform a password reset, and gain access by clicking on a password reset link. Then delete it so you never even know it was there. Once into Amazon, using your saved billing information, I can run up your credit card info.

I might even be able to get into your bank, although that’s become significantly more challenging in recent years because of two-factor authentication (which I will get into momentarily).

I could potentially access credit records. Or, depending on the state or locality you are in, your driving and criminal records. And if there is something incriminating in your inbox, I might be able to blackmail you.

Granted, all of this stuff is extremely illegal, but I could still do it if I have access to your email account.

Side Point: Web services that use an email address as the login name are inadvertently dangerous. If I know your email address, I know your login. Then all I have to do is know your password. Whereas not having an email address as a login means I have to figure out BOTH your password AND your username.

Fortunately, Google has two-factor authentication. Amazon, Apple, Microsoft, and Facebook all have two-factor authentication as well. Banks, including Bank of America, all have two-factor authentication.

Two-factor authentication is your saving grace and you need to enable it on every account you have.

What is two-factor authentication?

The easiest way to explain what two-factor authentication is with the phrase, “Something you have, something you know”. You need BOTH things for authentication to happen.

You see this with some biometric systems. Enter a pin (something you know) and scan your thumbprint (something you have).

With banking sites, you enter a password (something you know) and you might identify a unique image (something you have).

You see this with SSH on Linux systems with ssh keys. You provide the server you are logging into with your public key (something you have) and in the “handshake” of authentication, it matches against your private key (something you know).

Google, Facebook and the other services providing two-factor authentication require you to enter your password (something you know) and then they’ll send a pin to your phone (something you have) that you have to also enter in.

It’s a pain in the ass, and certainly I hope technology reduces the friction that two-factor offers to the authentication process, but it’s incredibly important that you have two-factor authentication wherever you can.

Go re-read Mat’s nightmare and you will understand how vastly important that two-factor is. It’s a nightmare. It’s scary. It should be a come to Jesus moment for anyone that operates on the internet.

I will let you use the power of the internet to figure out how specifically to do this for various services, but this wouldn’t be my blog if I didn’t also suggest a plugin for WordPress (.org, not .com) to enable two-factor. I highly endorse the Duo Two-Factor Authentication plugin. I use it on several of my sites.

Hopefully, by enabling this stuff, we can not only stem off a vast amount of hacking attempts, but also become smarter about how we use the internet, protect our privacy and security and, even, in some cases… safety.

Be safe out there!

Bonus: More on 2FA from my friend Mika Epstein (@Ipstenu).

WordPress Hacking and Cleanup

There’s a brute force attack underway on a global scale. Massive. The attack vector? Keep attempting user/pass combos in an automated way until a breakin happens.

If your WordPress site gets hacked, I am available for cleanup and an audit.

Aaron@technosailor.com

It absolutely will cost you a minor fortune. That’s the way it goes. Don’t complain or whine, just get your credit card out.

It would be cheaper to have a strong password and install a plugin that limits failed login attempts though.

But if you don’t, rest assured I can help you despite you having to postpone a vacation in St. Thomas.

Do the right thing.