Phil Robertson and the conservative hypocrisy in America

in Politics, Pop Culture, Religion, The Media

In the GQ interview that started this whole thing, Phil Robertson said:

“Everything is blurred on what’s right and what’s wrong… Sin becomes fine. Start with homosexual behavior and just morph out from there. Bestiality, sleeping around with this woman and that woman and that woman and those men.”

This is a “Slippery Slope” logical fallacy, by the way, that is often used by people who are anti-homosexual.

The problem with his comments – while COMPLETELY protected by the First Amendment – is that he equated being a homosexual to having sex with animals.

That’s what the problem with his comments were, and that’s what pissed off the LGBT community.

Personally, I couldn’t care less what any celeb says about anyone else, but I’d like a little help understanding the conservative outcry about this a bit. Specifically:

  • The Dixie Chicks spoke out against President Bush specifically because of the wars in Iraq and Afghanistan, and conservatives got pissed and wanted to ban their albums and performances.
  • Martin Bashir gets tossed off of MSNBC for calling Sarah Palin an idiot because she wasn’t being factual in interviews, and conservatives got pissed.

Both of those are examples of famous people expressing their First Amendment rights – except that those people pissed off the conservatives, and got chastised for it. One of those groups of people were talking about injustice and the deaths of innocent people, and the other was calling someone out for uneducated and inaccurate commentary in public discourse.

Why were conservatives out for blood there, but they’re defending Phil Robertson saying that being gay is, essentially, the same thing as having sex with animals or being promiscuous/an adulterer?

Technorati Tags: , , , , ,

UX is not UI

in Usability

I’ve never seen a better way to describe what UX is than this picture. Click on it to enlarge.

UX is not UI!

UX is not UI!

Credit to http://www.uxisnotui.com/ for this awesomeness.

Technorati Tags: , ,

The evolution of the World of Warcraft main title songs

in Music, World of Warcraft

Mists of Pandaria Soundtrack (Cover Art)I’m not sure I’ve ever really blogged about my love of music (or the fact that for a very long time during my youth it was my plan to become a musician professionally), but I just had a bit of a music nerd/World of Warcraft nerd moment and I wanted to share it.

I just finished listening to the Main Title (theme) to Vanilla, Burning Crusade, Wrath of the Lich King, Cataclysm, and Mists of Pandaria.

Some Observations:

  1. You can really hear the progression of musical maturity and instrumentation through the years. The Vanilla and BC themes weren’t as booming and instrumental as LK and Cata were.
  2. Cata & MoP had fantastic instrumentation, and I think they really acknowledged the previous expansions well through the themes. You can really tell in the Cataclysm theme when they call back to Illidan’s downfall, and Arthas’ downfall with little bits and pieces of the music from the death cutscenes of both villains.
  3. MoP has amazing instrumentation. Russell Brower put together an amazing orchestra, and had great “guest composers” (listen to “Serpent Riders” from the MoP soundtrack and specifically Jeremy Soule for his work on that track).

All of the soundtracks are great, but it’s pretty cool to listen to the main titles in chronological order to hear the progression and call backs.

Technorati Tags: , , , ,

In Soviet Russia, comments are done with you!

in The Fourth Wall

It’s been a long, strange trip, but I’m disabling comments on my blog. I’m going to continue writing in it, that’s for sure, but given the sheer volume of spam I’ve been getting (that has thankfully been stopped by Akismet!), I’ll be disabling comments temporarily.

Heck, if it works for Kottke and Gruber, it might work for me as well.

Technorati Tags:

No, I don’t think they do…

in Funny

Really, I don’t think so.

Do they really? I doubt it.

Do they really? I doubt it.

Update 4/17: And then there’s this ad today…

Not exactly the best spokesperson for a "National Defense Degree"...

Not exactly the best spokesperson for a “National Defense Degree”…

 

Technorati Tags: , ,

Tips to survive the latest WordPress brute force attack

in Hosting, Scripting, Security, Technical Issues, Website

In case you haven’t heard by now, WordPress sites around the world are under attack by a botnet that’s attempting to brute force it’s way into installations that have an active “admin” user. To say the least, it’s been causing me all kinds of grief for the last four days or so. It’s slowed down my web host to a crawl, and has caused a significant amount of downtime.

Being the diligent, persistent, obcessive guy that I am, I’ve done a ton of research, and come up with a few ways that you can protect your website if it’s being run on the WordPress platform.

Part 1 – Create a new WordPress admin user, and delete the original admin user.

Since most of the attacks that have occurred on WordPress sites are aimed at either exploiting a bug or hole in one of the files under the /wp-admin/ directory or by brute forcing a login on wp-login.php, the #1 easiest thing you can do to prevent being a victim is to create a new user in your WordPress control panel (Users -> Add New) and making that new user an Administrator. When creating that new user, be sure to do the folllowing:

  • Make the new user’s name something that isn’t, well, obvious or standard. Don’t call it “newadmin” or “admin2″. Give it a unique name.
  • Pick a really good password. At least 10 characters, use upper and lower case letters, use numbers, use symbols such as ! @ # $ % ^ & *. Make it hard to guess, impossible to pull out of a dictionary, but something you can remember.

When you’ve finished creating your new user and given it full admin rights, log out of WordPress and login with you new user. Make sure all of your access and settings are as they should be. Then, the most important step, delete the original admin user.

Part 2 – Plugins are your friends

There’s two plugins that I’ve found to be invaluable during this brute force attack: ThreeWP Activity Monitor, and Limit Login Attempts. The first plugin, ThreeWP Activity Monitor does exactly what its name suggests – it monitors the login activity of your WordPress site. It creates a new area on your Dashboard that lets you see information about login attempts on your site, including the username entered, password attempted, IP address, and user agent of the potential attackers. It’s pretty amazing to see how many attempts occur, and what passwords they’re trying.

The other plugin, Limit Login Attempts, does exactly that: It gives you the ability to configure limitations on how many login attempts can occur in a certain period of time, and then ban people (based on IP) when they violate those limits.

Part 3 – CloudFlare to the rescue

CloudFlare is a very cool service that started up a year or two ago (I believe) that provides both protection and acceleration to any website, hosted anywhere. They’ve got a free plan with good features, and a paid plan with better features (obviously). I used them on this site for a while, and for some reason I can’t remember I disabled their service initially. Today, though, I came across this great post on their blog about how they’re helping people to deal with the current WordPress brute force attacks. An excerpt:

We just pushed a rule out through CloudFlare’s WAF that detects the signature of the attack and stops it. Rather than limiting this to only paying customers, CloudFlare is rolling it out the fix to all our customers automatically, including customers on our free plan. If you are a WordPress user and you are using CloudFlare, you are now protected from this latest brute force attack.

Because CloudFlare sits in front of a significant portion of web requests we have the opportunity to, literally, patch Internet vulnerabilities in realtime. We will be providing information about the attack back to partners who are interested in hardening their internal defenses for customers who are not yet on CloudFlare.

Some web hosts, like my current host Dreamhost, actually have CloudFlare integration on their control panels, so you can quickly enable this to protect your site. I highly recommend using CloudFlare for a number of reasons, but for protection from this attack I cannot stress enough that you should sign up for a free account and get your sites protected immediately!

Part 4 – Not for the weak of heart: using .htaccess and .htpasswd to protect wp-login.php

Alright, this part is not for the newbs. This is a little higher on the technical skill level, because when working with .htaccess files you can do all kinds of terrible things like lock yourself out of your website entirely, or accidentally prevent images from showing up. If you know what a .htaccess file is and what it does, read on. If you don’t, you’re done with this post and get to protecting your WordPress sites with the rest of the stuff already listed.

Did you know you can protect a single file – not just directory – with .htaccess and .htpasswd? Yup, you can. Instead of typing what’s already been typed several times, head on over to this awesome post from HostGator on how to password protect your wp-login.php file for a second level of security, so the brute force attack can’t even touch your wp-login.php.

That’s it. Good luck, be safe, and keep fighting the good fight!

Technorati Tags: , , ,

Bruce & Mitt – Separated at Birth?

in Friends, Funny

Something I made today after seeing a picture of my friend recently getting a photo taken with Bruce Campbell.

Bruce Campbell and Mitt Romney - separated at birth?

Bruce Campbell and Mitt Romney – separated at birth?

Frightening!

Technorati Tags: , ,

From Contractor to Startups: My 2012

in Thoughts & Wonderings, Work-related

What a long, strange trip it’s been. Two years ago today, I still worked at SAIC with all of my friends at SAMHSA – a place I spent seven and a half years of my career at. A year ago today, I was at Monster. Today, I’m now at Motorize. It’s been an interesting progression, personally.

My work at SAMHSA was as a contractor for SAIC. I stayed in one place (for the most part – I did work on a few other contracts during my time there, but SAMHSA was always in the foreground) for a very long time, and learned just about everything there is to know about being a federal contractor. Not to mention, of course, all of the valuable knowledge I picked up about accessibility and Section 508.

Three years ago, however, I felt the pull of wanting more. I wanted back into the private sector – to have the chains of federal UX / Web Design torn away so I could have full creative freedom. Alas, not a lot of companies in the DC area were interested in hiring someone who “has fantastic skills and experience” but “has been federalized too long”. Basically an excuse in the web design world to say, “We like you and you’ve done good things, but federal design isn’t cutting-edge enough.” Still, I pushed on.

Then Monster came around – specifically the Government Solutions division, but it was a private company none-the-less. I had an in – a friend who worked there in Operations who discovered a role on the Product Team was opening – one for a Sr. User Experience Designer. I jumped at it. I interviewed three times, and got in. I was ecstatic! Finally, design freedom!

Well, not quite. Monster was a great experience – a wonderful transition. I was doing good UX and IA work, but it was for federal clients in a system that was 10+ years old and hadn’t had a real design overhaul, well, ever. It was rewarding, though, working with a Product team and learning the ropes of designing SaaS products, working within an Agile framework, and understanding how a product goes to market and sells. Not to mention, Monster sent me to Prague – my first trip out of the US, ever – and that was an amazing experience in and of itself.

Then, in late June 2012, my friend Brian approached me about moving from doing freelance here and there for Motorize, a wonderful startup in Baltimore that he’d bee working at since 2008, to becoming a full-time, plank owner on their small team. It was everything I’d wanted in my career – complete and total freedom to design, and to be there to build a product from the ground up.

I’m now five months in at Motorize, and I’m loving every day of it. I’ve learned so much, and have been able to offer a great deal to the company and my cohorts here. There have been, and will continue to be, challenges in getting a new product in a somewhat niche market out there. We still haven’t started making any revenue, in fact. But we’re close. We’re at the final stages of launch prep, and we’ve got several pilot clients lined up.

My resolution for 2013 is to get back to posting here, and on my twitter account (@scottasavage). Also, keep an eye out for a redesign of Motorize.com – it should be one of my finest sites yet.

Technorati Tags: , , , ,

iPhone Battery Life Tip: Disable “Push” for Exchange accounts

in Apple, iPad, iPhone, iPod

(Updated Jan 2, 2013 – See Below!)

As I’ve been enjoying my new iPhone 5, I’ve noticed it’s suffering from shorter battery life than I’d hoped. I thought it might be the LTE, but after spending most of my day out of LTE range on Kent Island in the Chesapeake Bay, I was curious if it was something else. Tonight I ran some tests on a theory, and was proven quite right.

That said, here’s a quick battery life tip for all iPhone/iPad/iPod Touch users, no matter which device you have:

If you’ve got a Microsoft Exchange e-mail account on your phone (well, really any e-mail account, but Exchange is the worst offender), you can save a lot of battery power by changing from “Push” to “Fetch” retrieval.

By default, Exchange accounts are set to Push, which means they are constantly pinging the Exchange server for new e-mail. The upside is that when a new message is received on your Exchange account, you get that message delivered to your inboxes immediately. The downside is, obviously, that your phone is trying to get those messages constantly.

Fetch sets your e-mail to retrieve messages on one of four schedules: Every 15 minutes, every 30 minutes, every 1 hour, and manually (every time you open up the Mail app).

I did a little test this evening to see if this really improved my battery life, and it did. I put the phone down for four hours – turned off iMessage and all notifications, so that the phone would just idle and not have usage vary by the apps that produce uncontrollable notifications (mostly Facebook, iMessage, and Google+ for me).

  • During hours 1 & 2, my Exchange account was still set to “Push”. My battery started the hour at 83%, and ended the first two hours at 77%. A 6% loss.
  • During hours 3 & 4, my Exchange account was changed to “Fetch” (at 30 minute intervals). My battery started at 77%, and after two hours was at 76%. Only a 1% loss!

After doing a little reading on the topic, I found similar results for others. Exchange/Push accounts are definitely a battery hog, so unless you absolutely positively need to have your e-mails immediately when they come in, disabling Push accounts (especially Exchange accounts) can help save some battery life.

To check your current settings and change them based on your own preferences:

  1. Open the “Settings” app on your iPhone.
  2. Select “Mail, Contacts, Calendars”
  3. Scroll down a bit (past your current accounts) to “Fetch New Data”. It will likely say “Push >”. Select that.
  4. Leave “Push” at the top on – you need that for iCloud and app notification syncing in general. Scroll down a bit.
  5. Check the “Fetch” settings. The longer the period between Fetches, the more battery life you get. I have mine set to 30 minutes.
  6. Scroll down again, and tap on “Advanced”.
  7. On this screen, you’ll see the Push/Fetch setting for every account on your phone. This is the screen where you can make the biggest difference.
  8. To maximize your battery life, switch everything EXCEPT iCloud to “Fetch”. iCloud should stay Push so that your iCloud backups occur regularly and without the need to manually do it.

Now enjoy better battery life!

Update: January 2, 2013 – Since switching from Push to Fetch for Exchange accounts several months ago, I can now confirm that disabling exchange does indeed result in better battery life. I’ve gone from having less than 20% at the end of a work day to having over 60% battery life in the same 10 hour span of time. Much, much better.

Technorati Tags: , , , ,

iPhone 5 – Fanboy Pre-Event FAQ

in Apple, iPhone

Tomorrow is the big Apple iPhone 5 event. Here’s a quick FAQ from your friendly neighborhood Apply Fanboy:

  1. Will the new iPhone 5 be on sale tomorrow? — Chances are, no. They’ll likely announce that pre-orders will open up midnight PST this Friday or soon after, and the phones will ship 2-4 weeks later. That follows the Apple pattern.
  2. Is a new iPad Nano or iPad Mini coming tomorrow? — It’s possible, but not likely. The invitations to the event specifically had the number “5″ on them, signifying that it’s an iPhone 5 event. Also, based on the typical Apple hardware release cycle, iPads don’t come out in the fall, they come out in the spring.
  3. What’s so special about the iPhone 5? — Nothing is officially confirmed yet, but if the credible leaks are to be believed, it looks like the phone will be the same width, but longer and slimmer. There will be a new dock connector at the bottom (smaller but still an Apple proprietary thing – don’t expect USB micro or mini…), and the headphone jack will be relocated from the top of the phone to the bottom of the phone. That’s all that seems credible right now.
  4. When is it being announced tomorrow? — In typical Apple fashion, the event begins at 1pm eastern. Expect the first 10 minutes to be news about Apple’s revenues, how many devices sold in the last quarter, etc. 10-20 minutes in, you’ll start to see the new stuff.
  5. Are there live blogs where I can follow the event? — Oh yes. Yes there are. Several:

    There’s more than that, but those are my faves.

  6. How much is the new iPhone 5 going to cost? — Likely the same price as the current line up – ranging from $199 subsidized through carriers up to $899 if you’re not up for an upgrade yet.
  7. Can I have your old iPhone 4S? — Make me an offer. Sexual favors only valid if you’re a female. ;)