I don't like to spend my post for the day talking about the site itself, which sort of misses the point. But privacy is exceedingly important, and today I spoke cavalierly about it in a way that rebounded on me. As well it should have.

Other sites have been through some nasty issues around privacy lately. I am not bulletproof and need to take it at least as seriously. Especially with an audience of people who take it very seriously.

So what happened today? Nothing to do with the code or the privacy of your posts, I'm relieved to say. Just a dumb, dumb personal screwup in which I casually warned a friend (hopefully still a friend) that they had posted publicly. Because I wasn't paying enough attention to see that they hadn't.

"Tom that is totally ridiculous, you built this site! You know how it works, you coded it!" Yes it is totally ridiculous and I have no adequate explanation for my behavior. My inadequate explanation, if you care to hear it, is that I was rushing around doing way too damn much this evening and didn't think through what I was doing. I was not in programmer mode, I was in friend mode, and I was doing a crappy job of it.

However, learning from my dipshit mistakes— and owning my own frailties— is important. I'm thinking it's not enough to show a "this post is public" warning only when someone clicks reply.

I think there should be a lock icon visible to everyone who can read the post. If it ain't there, it's public. No ambiguity.

Although, obviously, it should not offer any details about exactly who is allowed to read it (except to the author), everyone reading a post should be able to tell instantly if it is public or not.

I will be working on this promptly. I will also be reviewing the steps I'm taking to secure the server against attack. If the server itself is compromised, everything else is a moot point. We do not actually know if this has ever happened to other social networks. We can only take their word for it.

This experience brought me up short and made me realize that while we haven't had an actual security breach yet, we will if I don't treat privacy as job one. I will be giving it an appropriate level of attention in future.

MORE
9/25 '14 16 Comments
Hmm, that doesn't seem like a "dip-shit" level error. It seems like a rushing around doing too many things error.
Fix your pronouns, please.
I trust you entirely.
I also know never to type anything you wouldn't want to have your mom hear when read aloud as evidence in a courtroom... especially typing said things into a site that's still in beta. ;)

Loose lips sink ships, etc.

In other news, would it make sense to make an account called 'News' or 'Admin' or 'HolyCrap' that everyone is automatically subscribed to, so users can get info about site updates, etc. without you spending your one post?
I personally vote for HolyCrap.
I second the Holy Crap motion.
Thirded.
+1 for the "beta" comment. We all know that the site is still in its infancy and hey, we're the the testers. Shit happens and you stood up and said something, apologized, and are taking steps to correct it. It's a lesson learned and will make the site better in the future.

Sounds like an honest mistake. Telling someone "your post is public" when it's not is a _lot_ less damaging than telling someone their post is private when it isn't. (Or at least that's how I'm reading it, feel free to correct me.)
If I may put in a vote: Adding the lock icon is not a bad idea, but I would ask to keep the 'this post is public'. I actually took note of that (and still regularly do) which is uncommon for me. I think it's a real help exactly where it is.
Yes, I don't see any reason not to have that. But I think I need to address my confusion earlier today, which stemmed from *not* seeing something. When a post is locked you see... no indicator. That's not good.
You speak with The Logic.
Thanks. I don't feel so logical tonight, I feel like a dipshit. Hoping this is one of those Learning Experiences we are occasionally offered with relatively little damage beyond the ego, but we'll see.
Well, while you're not perfect (none of us are). I would argue you're pretty far from dip-shit. Have been as long as I've known you.
Thanks man.
You are the furthest from dip-shit.
And I see you've already added the icons. Nice (and fast) work!
 

REDACTED PENDING CONFIRMATION ABOUT SECURITY.


DO NOT TRUST LOCKS ON THIS SITE TO KEEP INFORMATION PRIVATE.

MORE
9/24 '14 5 Comments
Psst - this is a google-able public post with your real name on it, so you might want to ponder that.
The comment form doesn't say "this post is public" at the bottom, which is, I thought, a reliable tell for whether or not someone else's post is locked.
A lock is set on this post, which is the same as it was when I wrote it, so your privacy model and my trust in this site are both broken.
Removed lock after editing post.
Tom, either you fucked up in your statement above or you have to fix some shit yesterday.
I fucked up in my statement. I got completely turned around and thought the ABSENCE of a message when replying meant the post was public.

"Tom that is totally ridiculous, you built this site! You know it works exactly the way Sean said because you coded it!" Yes it is totally ridiculous and I have no adequate explanation for my behavior. My inadequate explanation, if you care to hear it, is that I was rushing around doing way too damn much this evening and didn't think through what I was doing.

Did I bother to actually try to access your post via a logged-out browser or in any other way double-check my statement before scaring the crap out of you? No, because I'm a dipshit.

I have had cause to regret it exceedingly. The time and effort that Sean and I put into making this site secure may have been ruined by my carelessness, even though the site was never actually insecure. This is maddening to me and it is my own fault.

I am profoundly sorry and will be giving twice as much attention to security matters in future.
 

So, let me tell you something about long term chronic pain. I haven't been cleared to speak for anyone else, although I bet I get some agreement, so anyway this my own POV, okay?

You feel reduced or even devoid of value. A lot. You know you aren't able to do everything you once could, and you know people can't see the cause but they surely can see that effect. And so you -- like everyone else -- hopefully do all you can, and find ways in which you can contribute, but you don't fail to notice how it doesn't fit what other people do and you wonder about expectations. And by wonder, I mean you beat yourself up and then get defensive.

I do what I can. I do it when I can and to the extent I can. I think I'm pretty damn helpful. If you don't, that's your thing, not mine. Or that's what I'm going to be telling myself. And if you're held back by a physical condition that's joined the opposition, please know that doing your best, whatever it may be, is pretty damn good, too.

MORE
9/24 '14
 
Dear Lazyweb: Has anyone here moved from an Android-based phone to Blackberry recently (or used them concurrently even)? 
Until someone makes a new Android phone with a physical QWERTY keyboard, my only alternative once my Droid4 workhorse dies is lookin' like a Blackberry.
I would give a kidney to get Motorola to make a Droid5, but that doesn't seem like it's ever gonna happen, despite leaked images in August 2013, it's been shelved permanently if the Android and Motorola forums are to believed. So... Blackberry is looking to be my only choice for a physical keyboard.
I use my phone mostly for emailing/texting/tweeting (don't care about a zillion apps, really); and accuracy is absolutely critical for my work emails. 
I'm not interested in how great on-screen keyboards, Swype, or speech-to-text are; also not interested in snap-on Bluetooth keyboards... no need to try to sell me on them. Not gonna work. 
Thanks! 
MORE
9/23 '14 21 Comments
You could always make your own... a pile of dosh and all the days later...

http://faircompanies.com/blogs/view/making-your-own-open-source-android-smartphone/
Wouldn't it be cool if companies would rent gear for a week so you can actually try it for longer than two minutes in a store with a commissioned sales person breathing down your neck?
T-Mo does that with iPhones. You get a week to play with one:

http://explore.t-mobile.com/test-drive-free-trial
Yeah. I would be very happy if VZW would do that. Of course, that's only the second thing I would be happy with VZW about.)
As much as it pains me, I'll ask the locals and get back to you.
One response so far: "I just bought a Q5 that I use just for work related matters. Its keyboard is not too bad. But I miss the trackpad of my Torch that recently died. Supposedly there is some blackberry "classic" coming out that is bringing back the trackpad. Its speedy enough and the screen is nice enough. For my music, app and casual photography needs I carry a Nexus 5 much of the time. I will probably upgrade to a new droid phone in the new year that has a better/faster sensor than the Nexus 5.
I would suggest waiting for the blackberry classic and see if that meets your friend's needs"
The blackberry classic seems to still be on their proprietary OS. I'm not sure if this is a dealbreaker for Jill or not but I know she's pretty Androidian.
Tom and Sean-- you've both provided super-helpful info. Thanks!

I had a BB back in 2005-ish and I recall liking it. BB does have a new phone (the "Passport" I think?) that has a really kooky-yet-cool form factor where the keypad also has some touch sensitivity where you can glide lightly over them and it'll interpret that as a swipe/mouse gesture. Kinda cool.

I taught a class at RIM back in 2007 or 2008 (which is when I had the delightful yet brief opportunity to meet Mr. Catbear) and the RIM folks were pretty cool. If their phone is decent, I'd be happy to kick 'em a few bucks.

I love me some Android (mostly because it's not an iPhone), but I will go wherever the hardware keyboard leads me.

Thanks, gents!

(ps: curious as to who will see this reply. Does only Tom see it since it's a reply to him, or does Sean see it because it's part of his thread?)
So far, everybody who has commented on the post will see it.
Everyone sees this thread because it's in response to a public post. Or am I missing something?
Some ambiguity... everyone who can see the post can of course see all the comments. Also, currently, everyone who has commented will be *notified* of comments. The latter could be adjusted later to be a little less noisy.
I got a bell notification for this. I suspect notifications are post-level, e.g. if I participate at all in this post, I get notified when anyone else contributes. But Tom will know for sure.
Thanks again to both of you!
One last question (sorry to threadjack, but hey, it's my post) -- is there a way to have comments emailed to you, au LJ? If not, are there plans? Just curious.

Really digging the site. Kudos to both of you! The UI is so clean and friendly.
Right now you get a nightly email with a sentence or so from comments and posts that you haven't seen (if you've already clicked on the bellbox you don't get those in email).

Sending the entire comment is not a bad idea. Right now I confess I'm eager to get people On The Site, but I shouldn't take that too far.
Meant to add it doesn't really answer your question, but there are still recent Android sliders out there.
I should have added that in my original post-- the phone needs to have modern specs. I've seen the Enact, but sadly the specs on it are pretty shyte... almost parallel to what I have in my Droid 4 which I got in 2011 if memory serves. The marketing lingo behind the Enact even calls it a 'great entry-level phone.' Maybe that's all I need at the end of the day, but I worry that with ancient specs and Verizon's more current bloatware that's designed to run on speedier/beefier phones, it's gonna be a dog outta the box. (And no matter how many times you disable the bloatware, it's always showing some kind remnant in the Running Processes list. Grrr.)
Yes, the best thing about my Moto X (which does not address your problem) is that Google hand-optimized the stock Android distro for it. There is no bloatware and everything zooms like a product by that other company.
It would take a bit of homework, but maybe some other distribution on that device would work. (Something like Cyanogen.) Of course, if you're going to go that route, it might be worth trying out on the MotoDroids.
Actually - I might be willing to wipe my MotoDroid and try Cyanogen while I'm home...
And this is me replying with Chrome via the Droid.
 

So today's trial did not happen.  Trials get continued for so many technical, mundane, not-worth-explaining reasons...  The stars really have to align for a trial to happen in Boston.  Meanwhile, the cops show up & get their union-negotiated four hours of overtime ($75-100/hr?  I'm guessing).  Everyone who runs the courthouse gets paid.  I get paid. So does the judge.  Maybe we'll have a trial in January.  It will be hard for the government to prove my client did the rinky-dink druggy thing of which he is accused.  If we win it will have been a waste of time and money--a windfall for the police witnesses who will rake it in without regard to the outcome.  If I am wrong and my client is convicted, he'll get a disproportionate two-or-so years in county prison (~$50K/year).  Waste, waste, waste....

MORE
9/23 '14 3 Comments
Yep, talk about the number of people in prison for the most victimless of drug crimes and the waste shoots up into the stratosphere.

Um, and there's an image for you.
Yeah, there was some momentum behind the notion that--without regard to humane angles--this shit need not be bankrupting state budgets. There have been some modest curbs to the least sensible sentencing laws, but the trend has stalled. The prison populations are rising again (along with the stock prices of prison companies).

Unrelated question for Tom: are opw comments unlimited? loophole... 8-)
Yep, comments are unlimited (; Hopefully the rule for posts, and only one email notification a day (at most), sets a good general tone of not obsessively checking the site all day. We'll see.
 

This past weekend I was vending for Utilikilts at the New Hampshire Highland games. I've been working with them for nearly 5 years, and sadly, this was the worst weekend I've had doing it. Scotland lost the bid for independance, which left a damper on things to start with. I've heard attendence was down considerably, which would match with sales. Now, sales are not the primary reason I do these events - but knowing I'm making the money I'm spending has a big mood impact. Normally - and this is the case for any weekend event, Saturday is your busiest day, and the bulk of your customers come through then. It was COLD. No - high 30's with mist and wind, bringing the apparent tem down around freezing. Sold all my socks, but not a lot of kilts, and we were reduced to hanging out in the Portable Bathrooms for heat. 


The only saving grace was my crew. 

MORE
9/23 '14 2 Comments
"Reduced to hanging out in the portable bathrooms for heat..."

Sexy. Wait, not.
I will say that these were the big trailer type with running water, etc. Fancy - and the thermostat went to 85!
 

What a fitting suggested post, thanks 1PW.. as the last time I went swimming was in the ocean, and a big wave snuck from behind and swiped my glasses into the sea.​

MORE
9/23 '14 3 Comments
At least you were paying attention. I had no excuse when I RAN INTO A LAKE WITH MY GLASSES ON, swam out to a floating deck underwater half the time, swam back and then realized I wouldn't have any vision beyond ten feet for the bike ride home.
#ack
Lovely image, thank you.
 

THANK YOU, Past Karen, for putting an iced coffee in the fridge last week. Future Karen, please buy more granola bars.

My wallclock with the fake little swinging pendulum died at exactly midnight. Or at noon, I'm not sure. I thought these things only happened in movies.

Also, pink toebeans are a good treatment for a bad cold. Pick up said owner of toebeans (feline or canine) and apply front paws, toebean-out, directly to face, cheeks and forehead. Is toebean owner wriggling? Good. Wriggling only makes it better. *evil laugh*

I think the pseudoephedrine has kicked in. Yes?


[twelve hours later...]

I am sneaking in a post-pseudoephedrine edit (yes, twelve hours later) to let you know that I have found the bottom of the internet. And on the bottom of the internet is this: "Bagel-Heading"

http://en.wikipedia.org/wiki/Bagel_head

MORE
9/22 '14 12 Comments
Huh. I squeal "leetle pink toes!!!!" and touch them each in turn, which is a very effective feline gruntle dispersant.
"feline gruntle dispersant" = name of my next band.

Actually, while that joke is pretty well worn, I think I might breathe new life into it. I'll start making 'band names' into t-shirts that characters in my drawings will be wearing. #INeedAHobby
"THANK YOU, Past Karen, for putting an iced coffee in the fridge last week. Future Karen, please buy more granola bars." - Love this
Oh, lordy, we sing about our cats' beans.
Beans, beans, they're good for your cat
Beans on their toes, beans on their hats
Beans are for wearing, not for a meal
So give your kitty a fresh plate of veal


Toebeans! At first, I thought you were talking about those foam things used in pedicures. I like this definition FAR better.
Also - I have no idea why, but I really like that you're using simple numbers as subjects for your posts.
Thank you. There may be complications down the road, but I'll burn that bridge when I get to it!
Also - yeah. Bagel-heading. Didn't understand it when I first came across it, didn't find any element that made sense of it in between, and I STILL don't have an effing clue where/how/why this body mod makes any sense to anyone. (And I'm generally all for such things as people see fit.)
Maybe it's more a temporary piece, or even a performance bit, like when they do suspensions, or piercings with syringes? We need an art major in here, stat!
Just check your nearest Starbucks, there are at least two behind the counter at all times.
 

First off: Hello world!  This is my first OPW post and I'm excited to have finally made it over here. I haven't figured out the nuances yet, like if I can tag people or not... but if I could I'd love to tag Boutell and thank him for making this whole thing happen, and Sean (Catbear of LJ fame) for designing the UI-- it's very purty and pleasant.


Anyway: Past Tense Jill wrote Future Forgetful Jill a note on my calendar that says "Cancel your 'Protect My ID' membership today," because it stops having its bill footed by Adobe (remember their little security breach a while back?).  So one of my to-dos today was to cancel my membership to this identity-theft monitoring service.  However, conveniently, just this morning I got a love-letter from Home Depot saying that they had a giant security breach recently and lucky for me I get a free year of ID monitoring through Protect My ID starting today.

So convenient! I wonder if these hackers actually work for Protect My ID and their goal is to get giant companies to buy a zillion memberships for people. :-)

Curious to see if I will have to create a new account or if I can apply the credit to my existing account.

Anyway... thanks, hackers!

MORE
9/22 '14 2 Comments
Welcome aboard!

ONE POST WONDER: 60 DAYS WITHOUT A DATA BREACH (which is roughly how long it's been a thing)
I always liked the idea of a honeypot full of encrypted goatse pics.
 

We are in NYC this weekend.  No, not for the climate march; we didn't know that was happening when we planned the trip.  No, we are mostly here to see theatre, though we did see an excellent concert last night with some friends who live in Boston.

The two people in front of us as we went into "Hedwig and the Angry Inch" had gotten rush tickets for $35. I remember, when I was their age, getting the $5 tickets through the MIT Council for the Arts, which got me the chance to see the first production of "Angels in America" in Boston, and to see a couple of plays at the Huntington Theatre Company, and (most importantly) to come to NYC just before graduation, to see the Bang on a Can marathon at Lincoln Center.

Now, I come to the City with a pile of pre-purchased, full-price tickets, and "spontaneity" is taking the East River ferry, instead of the subway, to cross over from Queens to Manhattan.

That said, it's still an awesome place to visit, and it's a great trip. 

MORE
9/22 '14 5 Comments
The nicest part of having a more grown-up life is not having multiple layovers on your trip, not wondering if you'll get into the show, not generally being subject to the winds of WTF.
I have a conference in Taipei in October. My student is flying a frighteningly inexpensive Chinese airline, with an 8-hr layover in Shanghai, 3 am flight times, and (I presume) incredibly uncomfortable seats, 9 across.

We are flying Air Canada.
I'm not getting on an airplane again unless I'm flying first class. The last time I flew was I think seven years ago and that was almost soul and body destroying and I know it's gotten much, much worse since then.
I do pretty well sticking to the "you're in a chair in the sky" philosophy. I'd feel differently if I was less in the target audience of the seat designer I suspect.
Drugs plus noise-cancelling earphones plus earplugs are enough that I do fine. International travel is a basic part of my job, so I've learned how to handle it with minimal grief. Though I do have a colleague at NIH who never flies.