July 11, 2014 archive

Jul 11

WordPress.Com Restores Ability To Add Media When Using New Post Window

Last week people in one of the various web forums I'm in started complaining about the new "WordPress" user interface for posting and how they couldn't easily add images or access their Media Library. I and others were completely confused because nothing had changed in our WordPress installations.

It turned out to be that the people were using the WordPress.COM hosted service while we with no problem were using self-hosted WordPress on our own servers. (What Automattic folks call "WordPress.ORG" software.)

I still have a WordPress.Com account and so I logged in and hit the "New Post" button and... sure enough... there was a brand new user interface. Well... first there was a "Beep Beep Boop" :-) :

Wp com beep 500px

And THEN the editing window appeared:

WordPress com new post 500

And yes, indeed, there was no way to add an image! You could create a "gallery", but there was no way to add a single image. Nor could you get to your Media Library to add an existing image! There was also nothing on the WordPress.com main blog or in the support forums - although there were many threads asking about this.

You could still add media to a post by going into your Dashboard and then doing "Posts -> Add New" to get to the traditional editing window, but this "new" window was the default if you just clicked the link at the top of the admin window.

I found this quite bizarre and even talked about this in my report into last week's FIR podcast episode.

I went as far as opening a new topic in the WordPress.com support forums where it was confirmed on July 5th that there was no way to add media.

But two days later on July 7th a post to that topic alerted me to the fact that the "Add Media" button was back... and indeed it is:

Wordpress com add media 500

So all seems well and people can get back to adding media from the window.

I still haven't seen any explanation other than that the team is "working on some updates and changes". I would hope that in the future if they are going to remove something big like this they'd give people a bit more of a clue... but... by the same token I commend the WordPress.com team on all they regular work they keep doing to that site. While I use self-hosted WordPress software, I do recognize that many of the changes and improvements to that software first get tested out on the WordPress.COM hosted service.

Anyway, if you were frustrated about this last week... it's back! All is good now. :-)

If you found this post interesting or useful, please consider either:

Jul 11

CloudFlare Releases Open Source CFSSL, a TLS/SSL Toolkit

CloudFlare logoYesterday the folks over at CloudFlare introduced their “CFSSL” toolkit for working with TLS (SSL) certificates. Their blog post explains what CFSSL is all about, and they have also made the code available along with further documentation on Github: https://github.com/cloudflare/cfssl

This is interesting to me for a couple of reasons.  First, their blog post has some excellent diagrams outlining the challenges with ensuring that a TLS certificate is able to be validated by a web browser.  The author Nick Sullivan points out that different browsers trust different numbers of Certificate Authorities (CAs) – and that older browsers may not trust newer CA certificates.  He outlines the need to create “certificate bundles” that include multiple TLS chains.  The key point of all of this is to make it so that your TLS certificate is accessible to the widest range of browsers and systems.

As a tutorial alone, the post is a good read.

It also highlights the complexity (some might say “brokenness”!) of the current CA system and why many folks are looking for mechanisms to add more trust into the system (the DANE protocol being one of those potential mechanisms).

The post also explains their CFSSL tool which is available for anyone to use.  While it is not exactly a TLS library, like some of the other tools we’ve highlighted in our TLS for Applications area, the source code is available and some developers may find it of use.  I found it interesting that the tool could also be used to create your own CA and generate your own certificates.  This might be useful for people looking to do additional testing or to run their own CA for their own purposes.

Regardless of what you may do with the toolkit, kudos to CloudFlare for making it available under a permissive open source license and for providing the documentation they do.  I hope it will help some folks out there make the Internet more secure!

Jul 11

A Hosting Provider Marketing “Secure Hosting with SSL, DNSSEC and DANE / TLSA”

I have no idea whether “dotplex” is a good web hosting provider in Germany and I know absolutely nothing about them as a company, but as a DNSSEC advocate I was absolutely thrilled to see dotplex marketing the fact that you could have DNSSEC and DANE if you host with them:

Secure hosting with DNSSEC and DANE

Pure awesomeness!

Of course, they may not be the first to do this but they are the first I personally have seen (and please feel free to leave us comments telling us that your hosting provider has done this for a while).

Now… if we can just get every other web hosting provider to do this then we’d wind up with a much more secure Internet!  (And we could take away the argument by critics that there aren’t a lot of people providing DANE/TLSA records.)

Kudos to dotplex for marketing DNSSEC/DANE and I wish them all the best with their secure hosting offering!

If YOU would like to get started offering DNSSEC and DANE, please see our START HERE page to find resources for your type of organization – and please let us know if you can’t find resources that will help you.

Jul 11

ACM: Python Now The Most Popular Intro Language At Top US Universities

pythonlogo.jpgAs a long-time fan of the python language, I was intrigued by this post on the ACM’s blog: “Python is Now the Most Popular Introductory Teaching Language at Top U.S. Universities“. The post begins with a summary:

At the time of writing (July 2014), Python is currently the most popular language for teaching introductory computer science courses at top-ranked U.S. departments.

Specifically, eight of the top 10 CS departments (80%), and 27 of the top 39 (69%), teach Python in introductory CS0 or CS1 courses.

… and then goes into greater detail.  Of course, the moment you publish one of these “XXXXXX language is the most popular programming language” type of posts, you immediately get reflexive reactions from programmers who favor all the other languages out there…  and this Hacker News thread with 357 comments (so far) shows exactly that, with people either supporting the idea or ripping apart the article’s methodology and explaining why the author is wrong, wrong, wrong… 🙂

The programming language wars will always continue.  In the meantime, though, as someone who likes the python language, I’m pleased to see the uptake at universities around the U.S.  (and, as noted in the HN thread, by other universities around the world, too).

Jul 11

Live In 2 Hours – Today’s VUC Call About The Future of Video With Bernard Aboba and Emil Ivov

VucIn just about 2 hours at 12 noon US Eastern time the VoIP Users Conference (VUC) should have an extremely interesting session about "The Future of Video" featuring Bernard Aboba and Emil Ivov. Bernard works for Microsoft on their Lync products and has also been extremely involved in the IETF, the Internet Architecture Board (IAB) and other efforts. Emil is the had of the Jitsi project and has been doing amazing things with video conferencing.

You can watch today's call on the Google+ Page or directly on YouTube:

It's probably best to also join the IRC backchannel where links are shared, questions are answered and other comments occur.

If you won't be at your computer, you can also call in via:

  • sip:200901@login.zipdx.com
  • +1 (646) 475-2098
  • Skype:vuc.me

The session will of course be recorded so you can listen/watch later.

If you found this post interesting or useful, please consider either:

Jul 11

New IPv6 Case Studies Out… But None From Application Developers!

World Ipv6 LaunchAs part of my job at the Internet Society Deploy360 Programme, we recently published a whole new batch of IPv6 case studies during the 2nd “Launchiversary” of World IPv6 Launch. However, if you scan down that list of case studies you’ll see one interesting omission:

There are NO case studies from application developers!

None. Zilch. Zero.

This needs to change!  If you are an application developer and have migrated your application over to work on IPv6, my colleagues and I at the Internet Society would love to write up a bit about what you have done.  PLEASE CONTACT US!

It doesn’t have to be anything gigantic.  It could just be a simple article explaining what you did to make your application work over IPv6.  Or it could be a paragraph linking to a video of a presentation you gave or a set of slides.  We are glad to “interview” you, too, via email or a voice/video call to capture information that we will then write up.  All we need is your interest and willingness to be included.  Please do let us know.

Separately from that, I am still interested in including some case studies in the next version of this “Migrating Applications To IPv6” book that I’m targeting for early 2015.  I have a list of questions that I’d like to ask some of you and include in the book. The benefit to other developers will be that they will get to learn about how to move to IPv6 based on your experience. The benefit to you is that I’ll mention your application and name and give you the added publicity from being in the book.  The benefit to the Internet is that we’ll get more people moving over to IPv6 sooner rather than later!  If you are interested in being considered for the book, please contact me directly!

Jul 11

TDYR #164 – Name Problems – And The Challenges Of Designing Web Forms For Global Names

How do you best design web forms for the many different kinds of "personal names" that are used all over the world? In this episode I talk about a personal example of mine and also about this page at the W3C's website and a recent discussion on Hacker News: http://www.w3.org/International/questions/qa-personal-names.en.php https://news.ycombinator.com/item?id=8003686

Jul 11

New IPv6 Case Studies Out… But None From Application Developers!

World Ipv6 LaunchAs part of my job at the Internet Society Deploy360 Programme, we recently published a whole new batch of IPv6 case studies during the 2nd “Launchiversary” of World IPv6 Launch. However, if you scan down that list of case studies you’ll see one interesting omission:

There are NO case studies from application developers!

None. Zilch. Zero.

This needs to change!  If you are an application developer and have migrated your application over to work on IPv6, my colleagues and I at the Internet Society would love to write up a bit about what you have done.  PLEASE CONTACT US!

It doesn’t have to be anything gigantic.  It could just be a simple article explaining what you did to make your application work over IPv6.  Or it could be a paragraph linking to a video of a presentation you gave or a set of slides.  We are glad to “interview” you, too, via email or a voice/video call to capture information that we will then write up.  All we need is your interest and willingness to be included.  Please do let us know.

Separately from that, I am still interested in including some case studies in the next version of this “Migrating Applications To IPv6” book that I’m targeting for early 2015.  I have a list of questions that I’d like to ask some of you and include in the book. The benefit to other developers will be that they will get to learn about how to move to IPv6 based on your experience. The benefit to you is that I’ll mention your application and name and give you the added publicity from being in the book.  The benefit to the Internet is that we’ll get more people moving over to IPv6 sooner rather than later!  If you are interested in being considered for the book, please contact me directly!