Should you learn to code?

Perhaps a better way for a “tech neophyte” to try out coding is to learn how to write HTML/CSS. This pairing is far more self-contained and visual, and gratifying, than programming initially is (no matter the flavor, whether JS, Python, Swift, they all are far more complex with abstract logic).

Learning how to create a static web page only requires a layout, a text editor and a browser. You can try your hand at building a magazine page, for example, with its masthead, article areas and footer—and you will not be dealing with math or abstract problem solving that coding soon requires.

The learner can see how the basic HTML language syntax works (e.g. simple tags go around the words to style or structure them)… experience how the browser is strict about typos (early experience in debugging!); see how dependencies are linked in (graphics, external hyperlinks); see how the classes and IDs from the CSS file influence the HTML elements; and so on.

If the somewhat tedium of composing blocks of HTML and CSS code is gratifying to the learner, and it sparks an interest, then they can continue gaining fluency in the constructs and begin to appreciate how WYSIWYG editors work (like in WordPress or BigCommerce, say). This can be so helpful for business owners or bloggers, to fix the mistakes that RTEs can introduce from copy/paste actions from other sources (ie. Word pastes).

So, I’m proposing that fluency in HTML is a more basic, essential skill for today’s professionals than actual coding.

SAAS revenue models and slow ramp

Good read: 8 tips from Dave Cancel  

https://seekingwisdom.io/saas-companies-beware-the-slow-ramp-of-death-3edcc1b6444a#.37992rqeb

Highlights:

If an investor tells you that you can’t build a real business on $20/month, direct them to Constant Contact.

Their average selling price is $37/month, they have 375k customers, they are on target to do $170 million+ in revenue this year, and they are a publicly traded company (AKA liquidity event).

SAAS (Software as a Service) startups need to focus on getting on past what Gail calls the slow ramp of death. When selling low-priced subscriptions you make your money in subsequent years — not up front.

The slow ramp of death is even harder to get past at an average selling price of $37/month; 1000 customers at that price brings in enough revenue to pay a small handful of employees.

SQL vs NoSQL

From an excellent Ars Technica article:  Choosing between MySQL and NoSQL.

http://arstechnica.com/information-technology/2016/03/to-sql-or-nosql-thats-the-database-question/

“For 30 years in the IT industry, we’ve had traditional development models,” Gnau said. “We grab users, put them in a room, get their requirements, build out the design, look for data to find structures and reporting, implement and hand it back to users. It was a traditional waterfall approach. Even agile development starts with requirements and winds up with results.

“In Hadoop, you need to challenge that and turn it around. Data is not structured. Users may not know what the requirements are. It’s an inverse process—you land the data, find data scientists to find relationships that are interesting and appealing, and turn that into requirements that yield a system. It’s the opposite approach to a traditional process.”

Thunderbird Mail Program for Mac is blocked by Google

Google blocks Thunderbird from checking gmail if a certain setting is turned on via Google’s account security settings screen.

Some devices and apps use insecure sign-in technology to access your data.

Choosing Disable prevents these less secure devices and apps from accessing your Google Account.

Choosing Enable increases your chances of unauthorized account access but allows you to continue using these less secure devices and apps.

https://www.google.com/settings/security/lesssecureapps

Mozilla explains the problem here:

https://support.mozilla.org/en-US/kb/thunderbird-and-gmail

 

Apple creates iphone switcher tool

From the NYTimes  Bits blog:

Apple on Sunday released a web tool to address a problem that has affected some iMessage users: When they switched to a non-Apple smartphone, like an Android device, they could no longer receive messages from iPhones.

When someone with an iPhone switched to a different smartphone, like an Android phone, the phone number would remain attached to iMessage, which is usable only on Apple devices. So when iPhone customers tried to send text messages to that number, sometimes those messages would never make their way to the intended recipient.

Apple’s new tool, which many spotted on the web over the weekend, allows a former iPhone user to enter a phone number to detach it from iMessage. When a phone number is entered, a text message returns with a confirmation code, which also must be entered into the web tool.

Poodle vulnerability—what to do

October 2014 brought with it a new cyber-attack method to the Internet: POODLE, the ‘Padding Oracle On Downgraded Legacy Encryption’ attack. The attack is against the SSLv3 protocol, which powers the HTTPS secure browsing system we’re all used to.

What can you do?

1. Check your browser:

https://dev.ssllabs.com/ssltest/viewMyClient.html

Then disable SSLv3 support in your browser(s):

https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/

Firefox was the easiest to change. Safari has no known fix yet, and Mac Chrome requires a command line tweak to modify.  Even the Chrome Canary build is still vulnerable.

 

2. Check to see if your web server is vulnerable:

https://www.tinfoilsecurity.com/poodle

Then ask your hosting company to disable SSLv3 on the server:

https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/

 

Test for the Shellshock bug in BASH

From ArsTechnica:

There is an easy test to determine if a Linux or Unix system is vulnerable. To check your system, from a command line, type:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the system is vulnerable, the output will be:

vulnerable
 this is a test

An unaffected (or patched) system will output:

 bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for `x'
 this is a test

The fix is an update to a patched version of the Bash shell. To be safe, administrators should do a blanket update of their versions of Bash in any case.

Visual Map of Internet Attacks

A computer security firm called Norse

has released a stunning data visualization map of internet attacks. It shows a fraction of the scope of constant threats affecting countries today. You can see penetration attempts in real time over services like http (web servers) and smtp (email servers), and more.

 

Norse visual map of internet attacks
Norse visual map of internet attacks

http://map.ipviking.com

via PC World from this article.