Archive for the ‘Announcements’ Category

Same blog, different channel

Migration done! Welcome to the new host.

After couple of days of pure hell getting things transferred and set-up, here we are. I don’t want to even think of the billable hour cost for most people making this happen. Change is traumatic.

Ended up going with siteground.com: it has cpanel, email, and WordPress. I was about theeeesclose to going with WordPress.com’s paid plan (huge huge thanks to the wonderful Jeremy Massel). In the end, there were just too many compromises. Even with siteground there were compromises, but at least it’s not Bluehost.

Thank you to everyone for your advice and recs and patience. The only thing I regret is that I forgot to get someone a referral from all this. I apologize.

If you wrote to me in the last day and it was important please try writing again just in case… There was a period of outage where the old mail hadn’t finished updating and the new mail wasn’t fully configured.

I still have to set up my mail on a bunch of different devices, so off to do that…

Fleeing Bluehost: It’s crunch time

I have under 30 days to move from Bluehost or I’ll be locked into another year. If you don’t recall, Bluehost is infuriating. It shuts down whenever I have a traffic spike. Its SSL certificates are not automatically renewed, so every 90 days or so things fail.

My email is associated with unifiedlayer, one of the worst spam providers, which means that a lot of my outgoing email never arrives. Every time I need tech support, they try to upsell me to yet another paid service. The fees have increased and increased over time.

While I’d really love to have a statically generated site, I’m not willing to give up comments. I’m sticking with WordPress as the least turbulent solution unless someone has a better idea.

I need email. I need a wordpress site. I’d like to keep a listserv going but I can probably transfer that to slack if needed. I can’t really think of any other features that I need at this time.

  • Diogene recommended SiteGround. It offers well reviewed WordPress hosting. This sounds scary though: “For migration just use IMAP for your email and synchronize all mail locally then when you move you host sync back again with IMAP”
  • Dave DeLong says FastMail is a great solution for the mail-only axis. Hank Gay, Christopher Frederick, and Dewey concur. Christopher mentions that I can set up “SPF and DKIM records” to provide more secure ownership, whatever these things are.
  • Despite the general love for FastMail, Michael Weaver says iRedMail is a good alternative as well.
  • Matt mentioned nosupportlinuxhosting.com
  • Will suggests A2Hosting. Chris likes ASPnix.com.
  • John Woolsey pitches GreenGeeks.com.
  • Nate H suggests dreamhost (also recced by Tim as a site for “people who don’t know what they’re doing”, which is pretty much me) and siteground.
  • Mark Nichols uses WebFaction, but also supports Digital Ocean.
  • Brian Anderson suggests hostagor.com.
  • Kevin likes the roll-your own AWS solution: S3 for web, EC2 for wordpress, WorkMail for mail. Any thoughts on these?
  • Simon Davies agrees on AWS but suggests hosting email with zoho.com.
  • Dan Messing and Mark Bernstein like pair.com.

I’m looking for the simplest migration with the longest shelf life and the least worries. It should remain reasonably budget affordable as well.

I want to get this done quickly and easily and it scares me to pieces. This is, admittedly, way out of my comfort zone, which explains why I’m still with Bluehost even years after identifying the problems.

Any advice and support will be greatly appreciated.

Mojave and Folderol

If you use my Folderol app, you may encounter issues in Mojave. I have not but I can confirm that some of my users have found that their folders tend to be “sticky”, and will keep their icons and folder colors even when they’ve been changed to new ones.

If this happens to you, the easiest solution is to set up a new folder, customize it with Folderol, and transfer the contents and rename it like the old one. I have reports of the issue with 10.14.3 and 10.14.2. The most common factor among those affected is that the system is running one or more UI customizations like dark mode.

Folderol works by using Apple’s NSWorkspace method that sets an icon for a file. So the actual “work” beyond creating and blending the icon is done by that class, over which I  have no control.

I’m going to try to update the app description with a warning about the problem and add a set/remove/set sequence to see if that helps.

If you’re experiencing issues with Folderol, please let me know your OS specifics, and whether you’re using custom dark mode and/or tints. Thanks!

Happy WWDC: Watch the keynote live

Apple’s keynote (aka it’s Special Event) will be streamed live at 10AM PDT (11 Mountain, 12 Central, 1 East coast, etc etc). If you didn’t score a golden ticket, you can watch along on the Apple event web page or on your Apple TV.

I’ll update this post with thoughts and reactions as the event unfolds.

  • iOS 12 announced as a free update. New measurement app for supporting devices will allow you to measure and scan physical scale using an AR experience. Lego’s demo shows that multiplayer AR can be a fun and exciting experience. Sample code going home with developers today.
  • Enhancements to photo search and sharing put the focus on the user-product experience. Today’s keynote, more than ever, seems to be focused on selling their existing products.
  • I love extensible Siri (aka “Siri Shortcuts”, with a dedicated drag-and-drop Shortcuts app), with custom end-user phrases to perform app integration and tasks. Siri will suggest these custom items. Create a macro for common tasks you group together and launch with a custom phrase. A great way to perform everything you need to get to work, hit your commute, or head off to lunch.
  • Several redesigned apps: News, Stocks (with integrated Apple News’s business section, adding iPad support), Voice Memos (also with iPad support), iBooks which is renamed to Apple Books.
  • CarPlay will now support third party navigation apps, so you can Waze your way home.
  • Lifestyle improvements continue with “Goodnight Moon, Goodnight Watch” do-not-disturb mode for bedtime and other naturally concluding cycles. Enhanced notification control, including grouped notifications, diminishes notification burnout.
  • Screentime lets you analyze how addicted you are to your devices, with full activity reports that summarize how often you pick up your device and what apps you spend the most time in. App Limits provide an alternative to 12-step Appholic programs.
  • Animoji enhancements adds tongue detection to improve language and emotional expressiveness. Memoji adds an iOS “mii” customization to animoji.
  • Group Facetime now supports up to 32 participants. With Animoji and special effects support, it’s like you’re doing drugs while sober.
  • Apple Watch gets some enhancements for health and fitness, including group competitions to motivate participants. Apple has added Clippy for automatic workout detection: “It looks like you’re starting an exercise routine”. New watch-to-watch walkie-talkie feature adds a little fun for kids and anyone who wants to harass the cook in the kitchen. “Whaaaaats for diiiiiiinnnner?”
  • Gymkit sounds like fun.
  • Apple TV adds Dolby Atmos sound and is Dolby Vision certified. Better integration with cable TV partners including Charter Spectrum in the US. “Zero Sign-on” means that all the channels you pay for are automatically configured on your behalf. Beautiful new whole-Earth aerial joins the lineup.
  • macOS Mojave: Inspired by the desert at night. Desktop stacks allow you to group material together to save space. Preview markup moves to the Finder! Markup augments screenshots. You can also capture video demos from your screen using a built-in video recorder. Integration between your Mac and your phone allow you to use the phone camera to capture pictures for use in iWork. (Apple Work?) Voice Memos, Home, News, and Stocks are now on macOS.
  • New privacy measures are in place. Today I learned: you can be tracked by a “fingerprint” including the fonts you have installed and other “public” customizations. Scary.
  • Redesigned App Store is redesigned. Pretty.
  • CreateML lets you develop assets and train models for Machine Learning. CoreML 2 is 30% faster and quantization reduces model size by up to 75%.
  • 2019: iOS Apps come to the Mac. A multi-year roadmap converges design and a whole new generation of developers flood the platform for the benefit of the Mac as well as iOS.

Happy WWDC: Time to unenroll your devices

It’s that special time of year: new announcements, new APIs, and new betas. If you’ve got a device you depend on, don’t forget: it’s a great time right now to unenroll your beta profile so you don’t accidentally upgrade to beta 1. A big thank you goes out this morning to Jeff Forbes, who reminded me about the timing!

Unfortunately, all the developer support docs are currently offline before the event. I’ve reconstructed the following from memory and web searches as I deleted my iOS beta profiles about a month or so ago. If I’ve gotten anything wrong, please let me know and I’ll correct.

If you’re on macOS, open System Preferences > App Store, and click the “Change” button next to Your computer is set to receive beta software updates. Confirm “Do Not Show Beta Software Updates”. I chickened out from actually clicking the button this morning on my dedicated primary beta system so I don’t know the steps from there.

On iOS, hop into Settings > General > Profile to delete the iOS Beta Software Profile. I believe you tap “Delete Profile”, enter your passcode, and then tap Delete. Once deleted, the device should longer subscribe to the iOS public betas.

The festering realities of Bluehost: In which I learn about “unifiedlayer.com”

Sometimes my outgoing email bounces for reasons I don’t understand from a variety of recipients. I usually try to contact the postmaster to find out why. This weekend, I actually got a response from one:

My apologies for the delay in replying.  Your email went into the gmail spam folder and so was not forwarded out to where I could respond immediately.

Going directly to “spam”? That’s not good.

The postmaster continued:

The reason that your email is blocked is because it originated at unifiedlayer.com. Unifiedlayer is one of the worst spam originators. They host spammers and they really don’t care, so I don’t have much choice but to block many of their mail servers.

Finally, some concrete information. I searched for “unifiedlayer”, finding common searches like “is unifiedlayer unsafe” and “unifiedlayer spam”. Go ahead and do those searches yourself. You’ll find that overall trust in unifiedlayer-originated mail is somewhere up there with body cavity searches, STDs, and politicians.

So I did what pretty much anyone would, I called my service provider. Bluehost told me that unifiedlayer was an in-house product, that they were well aware of the spam problem, that they worked on it really really hard (that’s a paraphrase, not a quote), and like every other thing that Bluehost gets wrong (and gets wrong repeatedly), that if I were just willing to pay a tiny bit more per month (five bucks in this case), they’d allow my “ericasadun” domain email to go through a different originator.

I am so sick of Bluehost.

If you have any advice on how I can transfer my web site and my email away from this festering heap, please drop me an email (I’ll probably get yours even if you don’t get my reply) and help me find an alternate home. I’ve heard good things about Digital Ocean, for example, but I don’t even know where to start in terms of moving over ten years worth of email.

At least I’ve been through the process of reinstalling WordPress and have my backups.

Thanks in advance.

In which I get hacked, Part 6

Last weekend, Bluehost closed down my site. After spending significant time on the phone with support, I came to the conclusion that I needed to nuke the entire site down to the ground. The WordPress install was simply too corrupt to continue or repair.

Since my secure shell access was revoked at the time, I used their control panel to entirely remove my public_html folder. They ran a scan on my account, found no further malware, and allowed me back in.

To recover, I re-installed a fresh copy of WordPress using Bluehost’s control panel tools. I then used CyberDuck (for sftp) and secure shell to upload my wordpress database and image uploads. That’s the site you’re reading today.

I reverted my theme back a few years to a version I knew was safe. I use  a customized version of the open source Frank theme. Rather than pull down a new copy, I wanted to keep my tweaks that supported the ads on the right side of the screen. They don’t produce much money but they help offset the hosting costs involved in running this blog..

I also  installed the following plug-ins, some old, some new:

  • ActivityLog: “Get aware of any activities that are taking place on your dashboard! Imagine it like a black-box for your WordPress site. e.g. post was deleted, plugin was activated, user logged in or logged out – it’s all these for you to see.
  • Really Simple SSL: “Lightweight plugin without any setup to make your site SSL proof
  • WP fail2ban: “Write all login attempts to syslog

And on a less security note:

  • oEmbed Gist: “Embed source from gist.github.
  • WP to Twitter: “Posts a Tweet when you update your WordPress blog or post a link, using your URL shortener.

Most importantly, I use Updraft Plus: “Backup and restore: take backups locally, or backup to Amazon S3, Dropbox, Google Drive, Rackspace, (S)FTP, WebDAV & email, on automatic schedules.” 

My daily database backups and my weekly upload backups (only for the current year, I already have backups for previous years) ensured I could get my site back up and running within hours of the most recent hack.

I still hate WordPress. I still wish I could run a static site and get comments and other great stuff in one convenient package. However, WordPress does the job I need it to do. It’s simple to write posts and interact with you.

My website is all about this connection. I don’t do any e-commerce. It’s basically a passion project rather than anything I do for business related reasons. I like having somewhere I can get thoughts out of my head and share them with other people. Beyond that, I don’t really have any important agendas and I don’t have the time in my life to perfect my security or delivery tools.

I want to thank everyone who sent me feedback of encouragement and support during my latest hack. I appreciate the comments and the suggestions. I now have a great list of static solutions (including github.io and DNS redirect) to fall back to if I must. Yes, I’m sticking with the crappiest solution right now. I’m doing so because it’s the path of least resistance and not because I don’t prefer your suggestions.

For those with more time and more investment, the popular consensus seems to be using Jekyll/github.io with disqus comments. Other suggestions included Hugo (gohugo.io), GetGrav (getgrav.org, “No Ruby, supports comments, fun to play with”), Ghost (ghost.org), and AWS Lightsail.

I don’t know why anyone would want to hack my nothingburger of a site but I’m glad I have friends out there who helped when they did.

Swift Stories: Please share yours

I’m looking for people who have intentionally avoided transitioning to Swift or who get frustrated with Swift due to changes in the language or who have fought for Swift adoption at their place of work. If any of these scenarios apply to you, please send me an email at erica at ericasadun dot com.

Please let me know if I can use your name or not and what your personal story is in terms of Swift adoption (or lack thereof). It would really help if you let me know the big picture reasons motivating your choices.

Thank you in advance.

p.s. For those confused by this post, I’m doing a talk about Swift adoption and participating in the Swift Evolution process: “The future of Swift belongs to those who show up”.

Tap tap, hey is this thing on?

tl;dr: Erica’s site gets hacked repeatedly. Erica’s account is closed by Bluehost. Erica wails into the void. Played with DNS, with github.io, nuked wordpress install, re-installed wordpress, re-installed data, reinstalled plugins, scanned for malware, attempted to restore DNS, wailed into void, some semblance of site possibly restored. Maybe.

postscript: I’m posting this as a test to see if my site is back and alive. If so, please make sure to use https and not http to connect. Fingers crossed.