Peter Thiel at Hy! Summit
Peter Thiel at Hy! Summit. Photo by Dan Taylor, Heisenberg Media

I’m at php[tek] this week, and while I’ve been busy with talks, games, and community nights, there’s so much news to cover. I’m pumped on PHP and on the future of the internet!

We Love Peter Thiel! (ed. note: can we make this read less lawsuity?)

A few months ago I wrote about the outcome of the Gawker/Terry Bollea case, where the court found in favor of the former professional wrestler and awarded his legal team more money than they’d even originally asked for. After some questionable legal maneuvers that didn’t make much sense for the plaintiffs unless you consider a more sinister goal than redressing losses, some digging was done. As was reported earlier this week by Forbes, it was confirmed that billionaire investor Peter Thiel was funding the legal case.

This is, as Talking Points Memo editorializes, a huge huge deal, and an overzealous use of the power that money brings to force silence from people that you don’t agree with. Just as the use of overreaching surveillance leads to a chilling effect in speech, the ability for a third party to fund legal feuds without opening themselves up to retaliatory lawsuits can give the same effect to journalists. The reason that corporations and wealthy individuals want to be able to make unlimited political donations anonymously is the same reason for this type of behavior: the ability to use influence to sway affairs to their advantage without any transparency as to whose influence is being wielded.

Peter Thiel is ostensibly a supporter of free speech, but not when it comes to people speaking about him. I am not a fan of Gawker in general (and their open letter yesterday doesn’t help), and this is one of those cases where you have to choose to defend ideals without supporting those whose ideals that you want upheld. I don’t support public outings (I am gay myself and need no one to out me, thank you), and Nick Denton supposedly relished the outrage and attention brought by his story about Thiel’s sexuality in late 2007. I can’t vouch for the reporting of Gawker, but they’ve got multiple examples of a coordinated attempt to destroy the company through use of his riches.

If this whole thing sickens you, let this Wired piece in praise of Peter Thiel’s glory cleanse your palette. I only hope to achieve this level of sarcasm in my writing one day.

The TSA is a waste of money that doesn’t save lives and might actually cost them

Dylan Matthews, Vox

The security theater perpetrated by the TSA for the past fifteen years is being stretched to the breaking point. This week the head of security for the agency has been fired, a pledge has been made to increase screeners immediately at many of the busiest airports, and the call has been made to get more people to sign up and pay for TSA Pre-Check. This leaves a huge vulnerability for sloppy checks of both potential agents to fill the ranks out quickly, and of the people who pay for the privilege to skip lines that only exist due to this agency.

This simply does not work. It’s clear that the TSA is not built for discovering firearms or explosives, which dozens of reporters and security researches have demonstrated are easy to sneak in by determined individuals. The TSA exists to make people feel better, without making anyone actually better. Bruce Shneier put forth a call on his blog this week for reassessing airport security, and I think that it’s high time to listen.

Coming soon: express even more in 140 characters

Todd Sherman (@tdd), Sr. Product Manage, Twitter Blog

Twitter changes up like every social media platform, but they actually seem focused on doing things that benefit their users more than just advertisers. This week they put a few new changes coming up on their blog which will stretch the 140 character limit just a bit. The developer blog post by Prashant Sridharan (@CoolAssPuppy) is a bit clearer on the changes, namely the fact that @replies starting tweets won’t remove them from your general timeline anymore, and

The only feature that scares me is the fact that you can add up to 50 handles into a conversation without a character penalty, which means you can more easily force conversations that are unwanted. I can see this getting abused by spammers and marketers, as well as people who want to harass users into silence. Simon Owens wrote an article for Science of Us a few years ago about this exact problem, and now it appears that it could come true. I can only hope that the platform reacts quickly to abuse, and perhaps focuses on revamping reporting of those abuses next. It is certainly needed.

Twitter is a different platform than Facebook, and it serves a different kind of user. The changes announced demonstrate that the company isn’t done iterating, and it’s going to make discussions fun again.

EFF Applauds Jury Verdict In Favor of Fair Use in Oracle v. Google

Parker Higgins, EFF

Oracle and Google have been battling for years over the latter’s use of API calls in code for the Android OS to Java, which Oracle purchased from Sun. A jury on Thursday unanimously ruled in favor of Google, declaring the usage as fair use, but not going so far as to declare all API declarations un-copyrightable in the first place. Oracle has already announced plans to appeal the decision, which is predicated on a lawsuit for over $9 billion.

Bandcamp, Downloads, Streaming, and the Inescapably Bright Future

Bandcamp Blog

In a world now ruled by streaming over downloads, Bandcamp has made a niche for independent artists who want to continue selling directly to their fans. By their own account, they’ve grown over 35% in the past year, selling $4.3 million dollars of music every month, directly from artists to fans. They make it very clear how much of the money is taken by payment processors and the platform, and how much goes to the artist, which amount to much much better terms than almost any other platform out there.

If I can make a suggestion, perhaps subscribe to master composer Austin Wintory on Bandcamp?

We’ve left the teens! This Week in Web is still a passion project, but it would mean the world to me if you share with one friend who you think might like this type of coverage.

Graffito of Bradley or Chelsea Manning, Vienna, Austria by Flickr user smuconlaw
Graffito of Bradley or Chelsea Manning, Vienna, Austria by Flickr user smuconlaw

The Appalling State of Appeals for Chelsea Manning

Chelsea Manning has been imprisoned for three years already of a 35 year sentence for the leak of over a half million military documents, considered the largest in history. In the years since, her legal team has been working on an appeal for a shorter ten year sentence. Wired has a bit of detail on why exactly the appeal has taken so long.

Manning’s lawyers believe that the case was built on speculation, and does not represent actual harm. This is an important part of the appeal, as the Espionage Act which she was charged under does not have provisions in place for the public good that has come of the leak to come into account.

Contrast this with General David Petraeus, who is somehow different than Chelsea in a way that I can’t quite put my finger on… Whatever it is, it allowed him to sleep with his biographer, hide information, share government secrets, lie about it, and end up with a fine, probation, and the ability to maintain a security clearance and advice the White House.

Chrome deletes Backspace

Simon Sharwood, The Register

Chrome developers might suggest that it’s a limited number of users that are affected by lost form data when they click backspace and leave a page, but it happens to me often enough that I am happy to hear that backspace no longer functions as a page back button in Chrome.

Some users surely have it as part of their workflow, but it was always accidental for me. Of course, it could all be avoided if more form systems incorporated local storage usage and cached field data.

Google’s New Allo Messaging App Gets Its Edge From AI

Cade Metz, Wired

Google IO was this week, and they’ve revealed some cool things. I’ve been waiting for a way to use Google Now around the house, and I’m ready for Allo and Google Home to enter my life. It’d be cool if OnHub had the features of Google Home to replace my Amazon Echo, but I’m prepared for the headaches of new devices and their quirks.

The Urban Legend of the Government’s Mind-Controlling Arcade Game

Natalie Zarrelli, Atlas Obscura

I’d never heard the story of Polybius before, but Atlas Obscura gives a good overview of an urban legend around a mysterious coin-op machine tied to a shady government organization. Now that I’m aware of it, I’ve started looking at the network of stories that have cropped up around this arcade game and the various references made in pop culture. Do you have any video game myths or creepy pasta? I’d be very interested in hearing about it!

Evaluating the privacy properties of telephone metadata

Jonathan Mayer, Patrick Mutchler, John C. Mitchell, Stanford University

I caught this on Bruce Schneier’s Blog, which corroborates stories that security researchers and privacy advocates have been saying for years: metadata is plenty useful for tracking people, even without content logs. Basically, using metadata (location, phone, numbers called to and from, etc) from informed and consenting users of a call and text app, Stanford researchers were able to detail social graphs of their test subjects. Additionally, they demonstrated that under the “two-hop rule” that allowed the NSA to track all people that were within two levels of contact with a surveillance target would net around 25,000 new people to track based on a single suspect.

Facebook Trending Topic about Facebook News

Were we Expecting Exacting Balance from Facebook?

As a company run by humans, biases should be assumed.

Facebook is biased. It’s not purely a question of if tech companies are biased, but could any organization honestly be considered unbiased?

Big news was made this week of how journalism works at Facebook in a few posts on Gizmodo, including information by a former (but anonymous) employee on the stifling of conservative news. This was followed by reports posted by The Guardian of editorial guidelines around trending topics, which like editorial guidelines at more traditional publications, detailed how and when changes should be made to the trending topics, and how metadata should be incorporated, such as relating stories to users on the site.

What you feel about this probably depends a fair amount on your political leanings. As the Wired article above notes, Mark Zuckerberg and many prominent Silicon Valley executives are unapologetically liberal. This doesn’t include Palantir founder Peter Thiel, a Libertarian California delegate for Trump, more about him in the story below. Conservative outlets like Breitbart are quick to point out this bias, though Breitbart never puts an indication in their reporting (nor have I seen in other reports) that their content was purposefully removed from the feed. That’s not to say that it isn’t happening or that it is, but that’s partly the point: we just don’t know.

Facebook is now a news outlet, and people, not algorithms, call the shots. The fact that humans intervene means that there is bias built into the reporting, no matter how pure their intentions. Indeed, algorithms themselves are inherently biased. As Recode notes however, being the largest distributor of news information in the world, Facebook needs to be clear about the process that they use to maintain journalistic integrity. They don’t just distribute data now, they also curate it, such as by paying celebrities and media companies to post Facebook videos.

Inside Palantir, Silicon Valley’s Most Secretive Company

William Alden, Buzzfeed

This was a bit of a present that appeared on Buzzfeed last Friday afternoon. Reporter William Alden has done a detailed analysis on documents relating to the company, as well as interviews with past employees and clients, to determine that not all is rosy in the world of a secretive, enormous big-data analysis company founded by Paypal co-founder Peter Thiel.

Much of the reporting is on financial discrepancies between bookings, the Palantir term for invoiced work, and actual payments. Alden also notes that over 100 employees have left the company in less than four months so far this year, and at least three huge clients have left: Coca-Cola, American Express, and Nasdaq. Palantir is also famous for low pay for their employees, and records corroborate a story that they increased pay for all employees that had been with the company over eighteen months at least 20%, and cancelled annual performance reviews.

By many outward facing indicators, Palintir isn’t maintaining clients the way that they used to, and are struggling to grow as a business despite the heavy investment that they’ve received from their founder and other venture firms.

Mozilla Wants Heads-Up From FBI on Tor Browser Hack

Dan Froomkin, The Intercept

If the government finds a technical flaw that allows them to catch people that most of us would consider bad guys, should they be forced to disclose it to the affected company for product fixes? Mozilla (and many others, myself included) thinks so.

The FBI revealed that a security flaw in the TOR browser, based on Firefox, allowed them to take over a child pornography site and distribute malware to visitors, making them easier to locate, incriminate, and arrest. Lawyers for one of the accused won the right to review the malware, though it’s not clear if the federal government will honor the request.

Mozilla’s lawyers make it clear that they’re choosing to avoid a fight over whether the bug should be revealed or not, but are instead suggesting that if the code is released, they should get private access to it first, with the intent of patching the bug, before the code goes public.

Researcher arrested after reporting pwnage hole in elections site

Darren Pauli, The Register

Ah good, a voting scandal story from my neck of the woods, Florida. Specifically in Lee County, which contains Cape Coral and Fort Meyers.

Security researcher, David Levin, exploited, then disclosed, a SQL injection vulnerability to gain access to the Lee County state election website, including the ability to gain supervisor credentials and logins. Part of the issue is that he also posted the exploit online in a video, which he did in conjunction with a candidate for the supervisor of elections position, Dan Sinclair.

I’ve been using Vagrant with VirtualBox for local development for over a year now, after introduction to the tools on top of Varying Vagrant Vagrants at a WordCamp. It’s become my default standard for starting new WordPress sites, and it’s more highly accessible than I realized at the time that I first tried it, though it can also be a bit of a black box from the outside.

Throughout the post I’m going to cover a quick install guide (though by no means exhaustive), and borrow heavily from a guide that I put together and am keeping updated on my Github page. I also discussed this at a developer meetup for WordPress Orlando last month, which you can check out if you want to give ServerPress or MAMP a try too.

Note, I’m coming at this from a Mac, which used to drive me bananas in guides, so apologies if you’re on Windows.

Installing Virtual Box, Vagrant, VVV, and VV

First, let’s talk about what we’re setting up here. The outcome of this post should give you a local development environment for WordPress sites that you can start and expand upon rapidly, making it easier to build new sites for yourself or your clients. We’re going to start by downloading and installing VirtualBox, which is by far the largest part of this project. I use Virtual Box because it is free and accessible for a wide variety of platforms, but VVV supports Parallels, Hyper-V, VMWare Fusion, and VMWare Workstation as well.

After you’ve downloaded and installed VirtualBox, you’ll want to ensure that you have Vagrant installed. This can be installed a wide variety of ways, but the most straightforward is going to the official download page and installing the version that matches your computer. After Vagrant is installed you should be able to open Terminal and type the command vagrant and see a list of flags that you can use.

You’ll also need Git for some of this, so if you don’t have it, download here and install it.

Vagrant installed on Terminal

Next, you’re going to install vagrant-hostupdater with the command vagrant plugin install vagrant-hostsupdater, then install vagrant-triggers by typing vagrant plugin install vagrant-triggers into Terminal too. These tools will allow Vagrant to automatically set hosts for you, which are a pain in the butt on your own, and allow triggers to run, which lets other programs (say VV?) attach their own events to Vagrant.

Up next, install Varying Vagrant Vagrants, which is thankfully shortened to VVV. You can do this in Terminal too, using the command git clone git:// vagrant-local. You’re going to move into that directory by typing cd vagrant-local, since vagrant-local is the name of the folder that you made and put it into when you cloned it to your computer.

The next portion of this is really long. Like, don’t do this at a coffeeshop or via a mobile data plan long. Probably should give fair warning that setting up VVV is a long process on slow internet. Let’s assume that you are on fast internet or have plenty of time to kill. Thankfully you can run this in the background and go along your day, provided heavy YouTube viewing is not part of your downtime. Run the command vagrant up, which is a command that you’ll be getting used to over time. The first time that you run the command it will have to download a whole box for Virtual Box, basically meaning you’re downloading and installing a new operating system that will run alongside your existing one.

When VVV is installed, you should be able to visit in your browser and see it in all of it’s glory!

Default VVV page
In the next post, we’ll make this page show useful information and look pretty.

Look, at this point you probably need a coffee or something. Relax, you’re doing great, and treat yourself to that caffeinated goodness.

Site Creation with VV

To make site creation even easier, we’re going to use Brad Parbs‘ cool tool Variable VVV, or VV for short. There are a few methods to install this, and while I use HomeBrew which makes it rather easy, in the event that you don’t, check out his install instructions here:

With VV installed you can use the command vv --create to install new WordPress sites to a single VVV install with ease. I’m going to save the discussion on how to do that for the next post, since it can cover quite a bit.

Next Time on the Show!

I’m going to go through some enhancements in my next post on this topic, like using a custom VVV dashboard, how to get value out of VV, how I make VVV a bit easier to use, and some of the testing that I’ve done around squeezing performance out of VVV and making it load faster.

I hope that if you’ve stuck around for the journey you were able to successfully get going, or at least will give it a shot. If you’re having any trouble, please leave a comment and I’ll try to help you out here so others can troubleshoot too.

This post came at an opportune time, as I was invited to participate in Digital Orlando 2016 happening this week, to sit on a panel and discuss community engagement. Outside of work, I lead the WordPress Orlando user group, and am one of the organizers of WordCamp Orlando, having been involved with that organization for nearly the last five years. The community is probably one of the greatest discoveries that I’ve made in my life.

A Very Limited History of David and the Web

I’ve been doing web development since middle school, where around 1999-2000 I discovered HTML. From what I can remember, inline properties were still the way to go. CSS2 was just approved and published at that point, and most guides (and the class that I took that got me interested) were using things like this to center and bold text on a page:

My site is so awesome!!!11one
My site is so awesome!!!11one

Oh, did I not mention the marquee tag? It was pretty awesome; the height of cool for your personal site in the late 90’s/early 2000’s.

Anyway, away from that tangent, I didn’t start interacting with other people about websites until I started building some for clients. I think around 2004 is when I first got paid to build a website for someone, and I honestly wish that I’d kept better records to show it off. When I first started my web development career (working my way through college but still looking toward the future) I hadn’t even heard of WordPress or other CMS’. I didn’t start using WordPress until early 2008, so think of my earlier, pre PHP and DB based sites as proto-David.

Even after moving onto this platform with a famously charitable community, I wasn’t aware that it existed for another few years. Sure, I used the support forums, but even I was late to the game of correlating text on the screen to real people behind those handles. It took a while to get involved, a bit longer before I met any of these people in person, but then a quick take off when I realized how awesome it was to regularly converse with people who shared a passion with me online.

Enough Tangents, What About Me?

Right, so should you be involved in communities around your interests? The short answer is yes. The slightly longer answer is yes yes yes!

I absolutely credit much of my professional life and personal successes to the people that I choose to be around, and the time that I devote to helping those communities in any way that I can. I’m not going to write a long post about the many ways that you can give back your time, but suffice it to say if you’ve learned something from someone else, you have something to teach yet another person. A lack of confidence is the biggest reason that I get from people who tell me why they don’t get more involved, even more than a lack of time.

When you demonstrate that you are offering up even some of your time, expertise, or experience to other people without the expectation of anything in return you demonstrate that you are interested in an ecosystem and not just yourself. By being involved you’re absolutely improving yourself by improving that ecosystem, but it won’t be seen as a purely self-serving gesture.

As an example, I’ve gotten paying clients who I’ve given free help to at Happiness Bars at WordCamps (basically help desks for WordPress problems). The conversations all went the same way: “Here’s a fix to the problem that you’re having right now. If you have questions later, feel free to email me.”

Note that in the prior example I did not offer paid services or suggest that I was offering subpar support to a free question. I try to do the best that I can in the limited environment there, and make the offer that if the person that I’m helping has questions later (they will) that they can reach out to me for more help, again free. If it is a complex problem, site build, or something that would take me a half hour or more of work, I suggest that it’s a problem worth hiring for.

How Do I Get Started In a Community?

First, repeat after me: It’s never too late!

If Erik and Xavier can change later in life, so can you.
If Erik and Xavier can change later in life, so can you.

There’s always that worry of “Am I too late for this? Did I miss the bus and the opportunity to make money?” Which can be a valid concern, but not here. There are always new people entering a community and older folks leaving. Even if you choose a network or community on the decline, you can follow other participants to the next network and be on the ground floor there. In my case, WordPress is definitely still a viable community to get involved in, with profitable businesses starting up every day.

The way to get started is to find where the people that you want to interact with hang out. In my case it’s Twitter, Meetups, WordCamps, and the community. Do a quick search for the thing that you’re interested, and it’ll probably be easy to make a connection to where the people that you want to network with in that field hang out.

After you find the place to be, enter with an open mind. You don’t know everything (that’s why you’re there, right?), so don’t act like it. Be ready to learn, and ready to share. By virtue of your presence, the network that you’ve entered has grown more connected and has a new viewpoint to share. You know something that those around you don’t know, and you can likewise share with them as you learn from them.

What About Personal Life?

Right, I guess I did mention that in the title, didn’t I?

This section is intentionally shorter since I think that these are more straightforward lessons. Use some of this time that you’re creating for yourself. I love the internet enough to make a weekly newsletter about it, and I literally bring my work home. I also make time for myself and for those around me. I take walks, play some video games, read often, and go out to lunch without notifications on my phone or my laptop in tow.

There’s a finite amount of time available for all things, and I block work into times convenient for me. I guarantee that however hard you are working now, you can cut a few hours off of that work time and be just as productive. I’m certainly not a poster child for this, but I’m trying to get better. Using tools like in the previous posts in this series help cut down work time while producing better work. That sounds like a win for myself and my clients alike.