Just a guy in Vermont trying to connect all the dots...
Dan York
Author's posts
Mar 01
BT Launches IPv6 Resource Centre
In preparation for World IPv6 Launch on June 6, BT is launching an IPv6 Resource Center. As BT’s Tim Rooney states:
I’d recommend estimating that date for you (if you ever believe it will happen) and working backwards to devise a plan to support an IPv6 Internet presence. With a plan in place, you can estimate the plan execution time (make sure you add some fudge time due to inevitable unforeseen issues) and be ready to invoke it with enough lead time to complete it by your IPv6 Density or “D-Day.”
BT’s IPv6 Resource Centre includes links to webinars, videos, whitepapers and more.
Feb 28
DNS Statistics for .EDU domain names
Shumon Huque at the University of Pennsylvania maintains a site tracking the DNS capabilities of a selected set of universities at:
The information, updated once per day, includes information about the DNSSEC and IPv6 capabilities of the institutions.
Feb 27
Want to Understand DNSSEC? Watch this video interview…
What is DNSSEC? What can you do with it? How does it work? Why are people excited about using DNSSEC? Why should you care about it? At the Consumer Electronics Show a few weeks back, I sat down with cybersecurity expert Joe Klein to cover a range of topics related to DNSSEC, including a few that were quite new to me! It was enjoyable and I thank Joe for his time.
To learn more about DNSSEC, visit http://www.internetsociety.org/deploy360/dnssec
Feb 27
Video: Why DNSSEC Matters – An Interview with Joe Klein
What is DNSSEC? How does it work? How can you use it? Why should you care about it? In this video, Dan York interviews cybersecurity expert Joe Klein about DNSSEC and explores a variety of topics related to how it works, how it is used, what you can do with it and where DNSSEC is going.
To learn more about DNSSEC, visit http://www.internetsociety.org/deploy360/dnssec
This video is a production of the Internet Society Deploy360 Programme.
Feb 24
How To Auto-Update WordPress Custom Themes Using Github
Have you wished that you could get an automatic update notification in WordPress for a custom theme that you have used? You know, like the "update automatically" notifications for "official" themes hosted on WordPress.org such as this one?
Or perhaps you have created a custom theme and you would like to have a way for the users of your theme to receive notifications and updates whenever you update the theme? You can then fix up your theme, post a new version and... ta da... all your clients get the notification and can "update automatically" to the latest version?
If you've been looking to do this... and aren't afraid of (or enjoy!) working with the git version control system and Github, there's a very cool way to do all this that gives a very similar user experience:
In fact, it winds up being a bit better than the normal WordPress theme auto-update process because after you do the update, you actually have the ability to roll back to previous versions of the custom theme if the new one causes problems:
This is something you can't do easily with the normal WordPress theme update process.
Initial Setup / Configuration
If you want to set this up for your own themes, here's the process...
1. Publish Your Theme To A Github Repository
You need an account (which is free) on Github, and you need to create a repository (a.k.a. a "repo") there for your theme. If you've never used git before, Github has some great help pages that explain the process. If you use a Mac, there is also a great Github for Mac app that makes the process super simple of updating your git repo locally and pushing the changes to Github.
The end result is that you need to have a git repo on your local computer that has your theme and that repo is synced up to a corresponding repo on Github.
I'll note that this process only works with public Github repositories, so your code does have to be open to the public. If you want to keep your code private so that only you and your clients see it, this process won't work for you. (Although see the notes at the bottom of the post.)
2. Modify Your Theme To Include a Github URI
The next step is to go into your style.css file in your theme and add one critical line containing a "Github Theme URI":
Theme Name: Example Theme URI: http://example.com/ Github Theme URI: https://github.com/username/repo-name Description: My Example Theme Author: person Version: v1.0.0
You can see an example in a demo theme I have. The URL you use is that of your repository up on Github. That's it.
Now you need to commit this change to your local repo and push the change up to Github.
3. Create a Tag in Your Repository
In your local repo, you need to "tag" the repo with a version number. THAT VERSION NUMBER NEEDS TO MATCH WHAT YOU HAVE IN STYLE.CSS for everything to work right. You then need to push this tag up to Github. Here are the command-line commands you need:
$ git tag v1.0.0 $ git push origin v1.0.0
Obviously with whatever version number you use.
4. Upload Your Theme To WordPress
Now your theme is all ready to be uploaded to your WordPress site. There are a couple of different ways you can do this, but one simple way is:
- Create a ZIP file of your theme on your local computer.
- Inside your WordPress admin menu (standalone) or network admin menu (MultiSite) go to the Install Themes panel and click on "Upload".
- Choose your ZIP file and press "Install Now".
You'll now have the theme installed in your WordPress site. You can now activate it and use the theme for your site.
5. Install the Theme Updater Plugin
Here's the part that makes the "update notifications" piece all work nicely. Some guys down at the University of Central Florida came up with this very cool plugin for WordPress called "Theme Updater" that is available here:
http://wordpress.org/extend/plugins/theme-updater/
You can either download it from that site or, much more simply, just go into the Plugins menu of WordPress, choose "Add New" and search for "Theme Updater".
(NOTE: The plugin does work with WordPress 3.3.1, so you can ignore the warning message about the plugin not being tested with your version. The meta-data for WordPress.org simply didn't get updated when the new version was recently posted. Given that I was doing some of the last testing, I can tell you that I did the testing on WordPress 3.3.1 on both a standalone and a MultiSite installation.)
Once you have installed the plugin, you simply activate it - or in WordPress MultiSite do a "Network Activate".
That's it. There is no configuration panel. No options. It just sits in the background and checks for updates of the Github-hosted theme.
That's all that is involved with the setup. Your installed theme is ready to be automatically updated. So, now you want to do the update...
Updating The Theme
When you have updates, the process is pretty straightforward.
1. Make And Commit Your Theme Updates
Edit your theme, make whatever changes, modifications, additions you need.
Commit your changes to your local git repo and push those changes to Github.
2. Update The Version Number in Style.css
In your style.css file, increment your version number, as in this example:
Theme Name: Example Theme URI: http://example.com/ Github Theme URI: https://github.com/username/repo-name Description: My Example Theme Author: person Version: v1.1.0
Commit the change locally and push the change to Github. (And yes, this could have simply been done as part of step #1.
3. Create a new tag and push the tag
Create a tag in git that matches the version number in step #2 and push that tag up to Github:
$ git tag v1.1.0 $ git push origin v1.1.0
That's it!
Now users of your custom theme will get a notification along the lines of this in WordPress MultiSite:
or this in the "regular" standalone mode of WordPress:
and can simply "update automatically" to get the new version of the theme.
Other Notes
The "Theme Updater" plugin for WordPress is naturally hosted on Github:
https://github.com/UCF/Theme-Updater
You can see the source code there, download the latest, etc. If you are a Github user, you can "watch" the repo, fork it, clone it, etc.
If you find an issue with the plugin or have a feature request or suggestion, you can raise an issue (assuming you are logged in to your own Github account) in the Issues area.
I don't know but I get the sense that the UCF team made this plugin for their own usage and don't necessarily have grand plans for future versions (i.e. it works fine for them now). But if you want to add functionality yourself, like, oh, for instance adding in the ability to connect to private Github repos, you can certainly use the standard Github process of forking the repo, adding in code and then issuing a pull request to get your changes merged in. (And if that last sentence made absolutely no sense to you, don't worry about it and just have a nice day! ;-)
All in all I've found this to be a great process to let me publish a custom theme publicly and then auto-update multiple sites off of that custom theme. Kudos to the UCF team for creating this plugin and making it available!
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- subscribing to my email newsletter; or
- subscribing to the RSS feed.
Feb 24
ICANN Publishes List of Domain Registrars Supporting DNSSEC
We were very pleased to see that ICANN’s Security Team published a list of domain name registrars that support DNSSEC. At this point in the deployment of DNSSEC it’s not a very long list, but it’s a good start – and a list that we hope will grow rapidly in the months ahead.
As we note on our page about how to secure and sign your domain with domain registrars, registrars play a couple of roles in the DNSSEC process. Primarily, they accept “Delegation Signer” (DS) records that contain information about the keys that are used to sign your zone.
Many registrars are also “DNS hosting providers” and will automatically sign all your DNS records on your behalf. We’ve provided some DNSSEC signing tutorials on that page and have others in development.
It’s great to see ICANN maintaining that list and, as they note, if you know of more domain registrars who support DNSSEC, they would like to hear from you at dnssec@icann.org (and we’d love to write more tutorials for our pages).
Feb 24
Humor: What Standards Experts Do
What exactly is it that “standards experts” do? If you’ve been on Facebook, Twitter, Google+ or pretty much any other social network lately, you’ve seen this meme going around, and so we did have to laugh when a gent named Greg Schumacher posted this image to Facebook:
Sadly, this image is far too true!
Feb 23
Three Critical Reasons High Schoolers Should Restrict The Privacy Of Their Facebook Pages
Tonight purely by accident I stumbled upon the Facebook page of a student I know at one of our local high schools. I didn't know he was on Facebook but he had commented on a post in my NewsFeed by someone who turns out to be a mutual friend.
Curious to know if it was the person I thought it was, as his Facebook profile picture was not a photo of him, I clicked on the link to his name expecting to see the standard "basic info" you see for everyone and then the privacy message that usually greets you:
Instead, I saw everything...
Walls Wide Open
His Facebook "Wall" was wide open for all to see. Anyone. I saw all his posts... all his photos... all the comments between him and his various friends. I clicked on the Info link and learned all about where he goes to school (which I knew), his musical tastes, the sports he likes, movies, television shows, games, religious views...
And I got to see all of his friends...
... probably a good half of whom ALSO had wide open walls.
In the course of maybe 10 or 15 minutes of flipping around, I learned a good bit about some of the region's high school age students, saw a whole bunch of photos, read a few conversations that probably weren't meant to be public (or at least to be read by 40+ year-old men sitting at home on their computers)...
...and generally got increasingly concerned about the amount of information these students were perhaps inadvertently disclosing about themselves and their lives.
Now, this is, after all, what Facebook seems to want. They generally default to public sharing, and so if you don't take active steps to protect your privacy, all your content will be shared with the world. And while some people are quite okay with that, I'm personally not.
If I could say anything to these high schoolers or their parents - and to all the others reading this post, it would be that there are three critical reasons why you might want to think about restricting your Facebook privacy a bit more.
1. Security
The most obvious one is the security angle. There are a lot of sickos out there. I've been online for now almost 30 years and I've seen all sorts of seriously warped stuff... information security has always wound up as part of what I've been involved with, and some of what I've had to do has taken me to seriously vile and heinous parts of the Internet.
There are warped people out there. There are thieves and scammers and fraudsters and perverts and others who prey on people online. They've always done this... Facebook just makes it ultra-easy to do. They can start commenting or "liking" your posts and photos. Striking up friendships. Sending you messages. Wanting to meet, etc., etc.
With your wall wide open, you are giving them all the info they need for "social engineering" to know exactly what to say to you. They know the music you like, the TV shows you like, etc. They've seen your photos, so they know what you look like, what you like to wear, etc. It's insanely easy for them to gain your confidence and trust.
You are also giving them your location. You are letting them know where you are, what you are doing. It's a wonderful way that your friends can know where to meet you (and it is. I personally use it that way.)... it's unfortunately also a way for a stalker to find you. And sure, it may not ever happen in your town/city, but why give out all this info when you don't really need to?
You also give away where you are not. Believe it or not, people's homes have been robbed after they were posting publicly about going away from their homes.
Location info... and really all this personal information... is really best shared only with those you trust.
2. Employers Check Facebook
The second reason to restrict your info is because if you are a high school student looking for even a part-time job, guess what that potential employer is going to do?
Yes, they (or at least the smart ones) are going to search for you on Google and Facebook and see what turns up.
In 2012, you're pretty crazy as an employer if you are NOT doing background checks on the Internet. Who needs to call references when you can just go to a search engine and learn more about potential employees than you probably ever wanted to know? (including all the "stupid sh__" they did last weekend?)
It's real. It happens. And stuff lives on in Google's caches far longer than you would ever think.
3. Colleges Check Facebook
In a similar way, college admission officials check Facebook. (Another article claims 80% of colleges use Facebook in recruiting.) Need I say more?
If you are in the process of applying to colleges, you probably don't want admissions officials reading your wall conversation with a friend where you are trashing one potential college and talking about another. Nor do you potentially want them seeing your writing, spelling, photos, etc. (unless, of course, it's awesome and might help you get into a school).
Managing your "online reputation" is something that you have to start thinking about NOW.
How To Close The Walls
To start, the best thing to do is to go into Facebook's "Privacy Settings" that, today, anyway, are found in the drop-down arrow next to your name in the upper right corner of the web version of Facebook:
Facebook unfortunately has a way of changing these settings around from time to time. But if you go down to "Privacy Settings" you'll get the window you see below, where you can make two important changes:
- Set your default privacy to "Friends".
- Change all past posts to be set to "Friends".
Note that when you click that "Manage Past Post Visibility" you'll see a window pop up that warns you that all posts shared with friends or the public in the past will be restricted. Then you'll get ANOTHER window just confirming that you really, really want to do this and warning you that you can't undo it and will have to manually change it on each post if you want to share those posts publicly again. Finally, you'll be able to change the setting.
You may also want to click "Edit Settings" next to "How You Connect" and restrict who can find your profile, who can send you messages, who can write on your timeline, etc. Here are my settings, which I have changed from whatever Facebook sets as the default settings (probably "Everyone" for all of them):
If you do these three steps,
nothing will really change for you on Facebook!
You'll still be able to interact with your friends. You'll still be able to write on each other's walls. You can still tag each other in photos, send each other messages, etc.
It's just that now when anyone who isn't your friend goes to see your Facebook profile... whether they are other students who aren't your "friend", parents of other students, potential employers, college admission officials... or sick creeps... or just random people out on the Internet... all they will see is this:
All that other personal information stays within the circle of the people you have accepted as "Friends" on Facebook.
And YOU are in control of what employers, college admission officials and everyone else sees.
NOTES:
- These privacy settings do not completely remove the chance your info can be publicly disclosed. Your info and photos go out to your Friends' Newsfeeds, and they can then in turn "share" your info out to other people... and somewhere along the way may be someone whose settings are more public. However, you are greatly restricting the potential of that with these settings.
- There's a separate conversation that could be had about how you could selectively post certain items publicly to create a public profile that would actually be positive for employers/colleges to see. For instance, notes about awards you've won, volunteer activities you've accomplished, great photos you've taken or articles you've written, etc. But again, you are in control of that information.
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- subscribing to my email newsletter; or
- subscribing to the RSS feed.
Feb 23
Citrix Launches New Blog Post Series About IPv6 Transition
It was great to see that over on Citrix’s blog, Kapil Digani has started what is promised to be a series of posts about the transition to IPv6. Currently, there are two posts up, the second of which has naturally received a few comments:
As we get closer to World IPv6 Launch, it’s great to see post series like this popping up all across the Internet. It’s great to see the commentary on Citrix’s site and we look forward to seeing more posts in the series.
