I've been experimenting with my diet a little and considering a Paleo diet. What an amazing and selfish thing, though, for me to even consider or be able to change my diet in a fundamental way. Only someone who isn't worried about their next meal could explore that aspect of their lives without fear or concern.

One doesn't get to have certain luxuries until other more basic needs are met. Here's an interpretation of Maslow's hierarchy of needs:

I was talking to a customer a while back and one gentleman was deeply concerned about coding style, curly brace location, best practices in interface design and a bunch of important but arguably not urgent thing. Their unit testing wasn't well organized, their deployment was manual, their build was only marginally verifiable.

Stated differently, he was asking questions like "Am I eating enough veggies rich with Vitamin A" without asking the more fundamental "Do I have food for tonight?"

Now, apply the Hierarchy of Needs to Software and Technical Debt. Here's one, with my thanks to Phil Haack, Jon Galloway, Jonathan Wanagel, Paul Stovell for their help in brainstorming.

Bragging Rights - Change you are proud of

Paul put it well when he said to me: "The top of Maslow's pyramid is self-actualization...in some ways I think we like to achieve self-actualization through our code, [such that] in years to come, maintenance programmers will stumble upon this architecture and exclaim, 'Wow, Scott was here.'"

Are you writing software or crafting software? When does your craft become art?

This is a noble and certainly attractive goal, but is one that should be attempted only after the basic needs are met.

Refactorable - Change without fear

Is your code/system easy able to be refactored? Can you rearrange it without fear? Does it follow all the conventions and use the appropriate idioms of your chosen language? Do you have automated unit tests?

Maintainable - Change with verification

Is it able to change at all? Are bugs fixable? When you make a change is that change verifiably correct? Any tests at all?

Buildable & Deployable - Change in production

Can you deploy your system as easily as you can build it? Continuous Integration is effectively a must in today's software systems, but moving up in importance is Continuous Deployment - with rollback!

Revisable - Change

Is your system in source control with a clear workflow that governs contributions? Can you revert changes, stamp official changes, branch and merge? What? You're using zip files? Sorry, friend, you don't get to talk about class design or move around UML diagrams until you're using source control.

The importance of leadership

This underscores the importance of a strong and appropriately self-aware leader. Creating art is the fun stuff but it isn't always what needs to be done to move the project forward. The tech lead needs to recognize the right time to be an artist and the right time to invest in strong foundational processes.

Are we eating enough leafy greens as a team? Let's start with "are we eating tonight?" and work from there.

Many popular sites are blacked out today in protest of two acts before Congress, known as the Protect IP Act (PIPA) in the Senate and the Stop Online Piracy Act (SOPA) in the House. Long story short, the legislators barely know how to email, much less understand what a DNS takedown is.

As I've been surfing around today bumping into SOAP sites, I noticed that every site is doing the blackout technique differently. This is interesting to me for a few reasons. First, things on the web aren't setup for an event like this. To shutdown your website for a day is one thing but to do it in such a way that your site presents a new temporary message without affecting search engines that have already indexed you is an interesting problem.

A number of people are changing their content for the day and some are rightfully concerned that this single day's protest will affect their search results. In fact, Google has announced via Google+ that they will be slowing the Googlebot in an attempt to mitigate the effects from the protest.

Put a giant DIV over your existing page

Wordpress.org had this clever technique. I hit the site, saw that it was black, then did a view source. However, when I did, the HTML source had the regular WordPress site that's always there. I used an element inspector as you can see below and started moving around. Note the blue outline that is outlining some phantom element.

What's going on here? Let's blow it up using Tilt in Firefox.

Ah, see those three black buttons on the right? WordPress's original site is still under all that. They are floating a DIV over the top with a super large z-index.

If you change the CSS dynamically and change the z-indexes, (or just delete the DIVs) the actual site peeks out. Clever. A nice dramatic effect with minimal effort and effectively no SEO downside.

However, the WordPress technique does kick off the process with JavaScript. What happens if you have JavaScript disabled? I assumed it just wouldn't work.

Nice! They've included a banner in the upper right corner using Pure CSS so there is still a visible protest on the page. A good compromise and a nice recognition of the six neckbeards that still surf the web without JavaScript. ;)

In my desperate search to learn everything I can about Justin Bieber, I turn to Wikipedia. I hit the site, I see Justin and then a curtain falls. Wikipedia's blackout page shows up AFTER a teasing flash of content.

They've added a div at the VERY end of their page:

<div id="mw-sopaOverlay">
   <div id="mw-sopaColumn">
      <div id="mw-sopaHeadline">Imagine a World<br>Without Free Knowledge</div>
         <div id="mw-sopaText"><p>For over a decade, we have spent millions of hours building the largest encyclopedia in human history. Right now, the U.S. Congress is considering legislation that could fatally damage the free and open Internet. For 24 hours, to raise awareness, we are blacking out Wikipedia. <a href="http://en.wikipedia.org/wiki/Wikipedia:SOPA_initiative/Learn_more" target="_blank">Learn more.</a></p></div><div id="mw-sopaAction">
         <p class="mw-sopaActionHead">Contact your representatives.</p>
         <div class="mw-sopaActionDiv">
            <form action="/wiki/Special:CongressLookup">
               <label for="zip">Your ZIP code:</label> 
               <input name="zip" size="5" type="text"> 
               <input id="sopa-zipform-submit" value="Look up" type="submit">
            </form>
         </div>
      </div>
   </div>
</div>

At the very TOP of their page they have a bunch of positioning CSS. The flash happens because the DIV doesn't show up and get styled until the VERY end of the page gets loaded. Nice simple way to do it as SEO is so important to Wikipedia.

Actually Go Offline with an HTTP 503

The most impressive of the options, and arguably the most semantically correct, is the HTTP 503 Error. When you ask your browser for a page, it usually gets a 200 which means "OK, cool" or a 302 that means "temporarily over here" or even a 301 that means "permanently moved. Jimmy no live here! You no call back!"

An HTTP 503 means "Service Unavailable." I'd look it up on Wikipedia, but well, you know.

Notice in the Network tab picture below that they literally return a 503 result from the main HTTP GET. One could imagine them returning a 200 and just saying in the HTML it was a 503, but in this case they really used the web correctly. The Googlebot will visit the page, see the 503, assume the site is down temporarily and try again tomorrow.

Frankly, this is the technique everyone should have done. All the CSS and DIV work is clever, but not as easy , not as dramatic and certainly not as "correct."

Kudos to BoingBoing - a group that clearly gets the web - to use HTTP as it was designed to, to make their statement.

Redact by changing CSS Background Colors

From a design and stylistic perspective, Wired really nailed it. I love what they did here with the text intact and background colors in black.

You can hover over the text and see what's under it. No SEO affect, and still makes the point in a very dramatic way.

Here's some of the their markup and CSS.

They have a "censor" class" and apply it to a SPAN from a sopa.css.

Change an Image

My friends at DuckDuckGo changed their main image and linked to SOPA information. A simple change that won't affect SEO and is easily undone in the future.

Google did the same thing in fact, with simple markup.

Just:

<a href="//www.google.com/landing/takeaction/">
    <img alt="Tell Congress: Please don't censor the web!" 
         title="Tell Congress: Please don't censor the web!" 
         border="0" height="196" src="/logos/2012/sopa12_hp.png" 
         width="445" style="padding-top:50px" id="hplogo">
</a>

Make you Wait or Click

Craigslist had an interstitial that blacked out their site with a link at the button to click to continue.

Interestingly, Craigslist did their protest in the lowest-tech way possible. They literally just changed their first page. I suspect there will be a few days of SEO issues and we may see this page in search results.

Dramatic Animation

Today Firefox's about:home included a nice CSS animation that takes the background of the page from white to black to a nice effect.

What other cool SOPA protest techniques have you seen today? You can add a SOPA widget to your own site with Grassroutes.

Ok, I like my icons. You arrange your desk perhaps, shuffle papers, I update things with totally unneeded icons. A while back I made, ahem, these awesome Visual Studio Command Prompt and PowerShell icons with Overlays because, frankly, pretty icons make life better.

I did these back in the day.

I even did a little one for the system menu, 'cause that's how I roll.

I just bought a nice 3 Terabyte Seagate USB3 External Drive that I'm very happy with, but I noticed that it had an awesome icon. This epic icon was was making my other drives jealous. This, of course, cannot stand, Dear Reader.

Easily fixed, friends.

Create a text file in the root of each drive called Autorun.inf with contents like this:

[autorun]
icon=\CustomIcon.ico

Any icon you like will do. You may need to reboot to see the changes. Now my externals are making my internals look bad!

Enjoy!

In a time where there is much gnashing of teeth around the meaning of community, what being on the "inside" vs. the "outside" means, I want to take a moment to remind my fellow blog writers, blog readers, blog commenters what makes it all work.

You.

Not a secret society or old boy's network, not a select few or someone knighted by The Queen. It's the nameless, faceless web search result that makes community work.

I search all the time for help on the internet. I find blogs, tweets, Stack Overflow, MSDN and more. More often than not when I find the answer I seek it's on YOUR blog, not mine. Often it's not on a big company employee's blog or that of the chosen few. The answer was put out on a blog, without ask of payment or recognition, by a 25-year old Persian student, or a 60-year old exploring .NET, or a high school student with a passion for open source.

I, and this blog, was that random search result for at least 5 of the last 10 years. Someone searches for help and finds my little corner of the internet. Write a few blog posts a week, with useful content, consistently, for ten years. Then write some more. All free, all because you feel good putting it out there.

I would encourage you all to blog more. Tweet less. Blogs are owned by you. They are easily found, easily linked to, and great conversations happen with great blog posts. The river of social media rushes on and those conversations are long forgotten. A great blog post is forever. Today's real-time social media is quickly forgotten.

Don't be a meme, but a movement.

Blog your opinions. Blog your cool project, or your latest useful function or library. Don't blog if it feels like work. Blog and get excited when someone comments. Often the comments are more fun and more useful than the post itself. Be passionate, but not rude. Point out failings, but suggest solutions. Organize. Invent.

Be constructive, be helpful, be kind. Make your blog posts not too long, not too short, not too stream-of-consciousness and not too terse. Remember your elementary writing classes. Have a thesis, make your argument, restate your thesis.

Share because you want to. Share because you want to help, but also because you want to help yourself. Share not for the recognition but for the love of teaching.

It takes a village, dear reader, to be a community. It's you, and me and no one in between. Now, go write, create, commit.

I have a some friends and friendly acquaintances who are of some bit of note. Not Internet-famous, or even blog-famous like me, I mean actual famous. Like us, celebrities still have phones, Twitter accounts, Facebooks, laptops, hard drives, family photos and lots more that need to be managed. Maybe you're fancy also? Maybe you think you're fancy or just want to be?

Sometimes I spend time on Skype with my friends going through a list of things they need to do to cover their butts when it comes to their personal media and gadgetry. I thought I'd make up a list that I could send to them as it's become repetitive, then I realized that this stuff is important to all of us, not just folks on TMZ.

Apparently Famous People have Other People that tell them what to do, but it's unclear if the Other People actually know more than the Famous People. I know, Kim, you have no password on your Macbook and no encryption on your phone. Let's talk.

1. Find Your Phone - Make your cell phone "findable"

It flat sucks to lose your phone.

• If you have a Windows Phone, you can go to http://windowsphone.com/my to locate, ring, lock or even torch your phone. It just works and it's on when you setup your phone for the first time.
• If you have an iPhone (or any iDevice, in fact) you can go to http://icloud.com, sign in and locate, run, lock or wipe your phone as well. For offline phones, you can have it email you when the phone is found (turned on). You'll want to update your iPhone to iOS 5 and run through the initial wizard in order to confirm this is working for you.
• There's a dozen or more choices for Android phones, but I suggest you check out either Plan B or Where's My Droid. A third good option that you could use on all your devices is Prey. Each of these will do what they need to. Find your phone.

Test your chosen Find My Phone technique before you go off losing it! Make sure all your stuff is backed up occasionally so you won't feel bad at all about a Remote Wipe (erasing your phone so the bad guys don't get it).

Add a Pin Number and Lock Your Phone

Next, DO Add at a Pin Number or password to your Phone. Having a phone that's unlocked already is just asking for trouble. You can always pick a simple 4 digit pin but pick SOMETHING.

Make an "If Found" Wallpaper

However, if you do use a password or pin and lock your phone by default, be sure to update your wallpaper to include contact info. I highly recommend the application If Found+ for the iPhone. It'll take your existing WallPaper and stamp a "If found, call..." or "Reward if found, email..." on your phone. Sometimes $50 and a phone number will get you your phone back quickly.

2. Don't be Trackable - Turn of Location Settings for specific apps on your Phone, Twitter and Facebook

You want to be able to find your phone, but you shouldn't give away your location when you talk online. Ever heard of http://pleaserobme.com? They'll look at your Twitter account and see if you're giving away your location via FourSquare checkins and the like. The bad guys would love to break into your house when they can be sure you're not there. Broadcasting your location is a great way to make it easy for them.

There are many ways you can accidentally give away your location. First, in your Twitter profile. Early iPhone Twitter clients would update this field automatically with your exact latitude and longitude.

For example, here's a parody account that indicates it's not a real person. However, I can still tell where they are in the world...down to 6 decimal points.

Another way is to tweet and include your location, either on purpose or accidentally. Most Twitter clients have a "geotag" button now, but you may just want to turn that feature off completely by denying the twitter application access to your Location Services.

Also, don't be the mayor of your house. Foursquare recently started "blurring" the locations of what it believes are residences, but you can still give your location in general terms when you check into a home or residence.

3. Lock your Laptop - Secure your computer (desktop OR laptop)

I amazed at how few people even bother to put a password on their laptops. Yes, there's always a way to break a password or get information off a hard drive, but why make it easy for them? The main concern is that if you allow anyone to boot up your computer and run a web browser, chances are that you've clicked "Save Password" on your Facebook or Twitter or, even worse, your email. At that point you're dead.

Consider installing PreyProject on your machine. It can make it possible to track your laptop or desktop if it's stolen. There's been a number of times where folks have been able to track a thief in real-time and secure their belongings - while live-tweeting the whole event!

4. Encrypt it ALL - Secure your personal files and external hard drives

Here's an experiment that will scare the crap out of you. Use your computer's search function (upper-right corner on a Mac and lower-left on a PC) and type in your Social Security number. Go ahead, it's not going to the internet. See if you find some PDFs from your accountant or an old Excel file. Freaked out now? Now either delete it or put it somewhere secure.

If you have files with information you don't want falling into the wrong hands, consider using a tool like TrueCrypt to make an "encrypted volume." This is a single file that you can access as if it were a disk itself. You can make a "personal.dat" file of any size and keep your personal information inside that "disk inside a file." You can then keep that file in DropBox or another cloud storage system. With a strong password, these TrueCrypt files are VERY VERY secure.

If you have a technical friend with you, you can even encrypt your entire disk with TrueCrypt. Or, if you have Windows 7 Ultimate, you can "bitlocker" it, as I do all my drives. This way, even if a bad guy gets your laptop, they can't do anything with your drives. They are bricks without passwords and pins.

5. Don't Carry Your Life in Your Pocket - Encrypt USB Keys and "Jump Drives"

Some folks will take precautions with laptops and computers but then copy their whole life to a portable USB stick and put in their pocket.

If you can, encrypt your files on your portable drive - again, with TrueCrypt or BitLocker.

6. Use Better Passwords - Make it harder, or use Pass Phrases

Using the name of your last movie or the street that you grew up on may seem like a clever password but it's not. A lot has been said online about password strength, so I won't belabor the point.

If you can, use a passphrase that's longer than a password, but easier for you to remember.

7. Super Secure your Email - Turn on 2-factor auth in Gmail

After you have a great password, if you've got a Gmail account for example that you REALLY can't have compromised, consider turning on "two factor authentication."

Hang in there, Kim. Sounds scary, but isn't. Two factor means, two things that you have or remember. A password is just one thing you have to remember. It's one factor. But two factors means a password plus something else. The second thing will be something you have.

You always have your phone, right? So why not make it so your Gmail account requires a password (that you know) and your phone (that you have).

• To set this up in Gmail you go to using 2-step verification.
  • You can turn it on and give it your cell phone number. You can then install a small application that will give you a code that you'll use as your second factor when you log in.  "But, wait, that sucks! I don't want to do that every time I log in!" Don't worry, darling. You don't have to. You can tell Gmail to only require this code every 30 days.
  • If you have other services, apps, or maybe your phone's email that use your Gmail password these will suddenly think the password has changed because they don't understand two-factor auth. For these applications, you'll just give them their own custom password.
    • You go to manage application-specific passwords and get a password or two for your phone's mail or other apps that need Gmail access. The nice thing is that each app gets its own password so you can revoke them at anytime!

You can also tighten up your Facebook security by turning on Login Approvals. This is effectively two factor authentication as well. Facebook can SMS (text) you when you log in and then you type in the number they send you to confirm that not only do you know your password, you also have your phone.

8. Hide Where You Live - Make sure None of your Domains have your Home Address visible

Make sure if you own a domain that you've turned on Privacy or use DomainsByProxy or some other "WhoIs Privacy Protection." You don't want a fan showing up for dinner.

9. Secure Your Login - Turn on SSL/HTTPS for Twitter, Gmail and Facebook

If you find yourself in a Starbucks or on location a lot using strange Wi-Fi, you should probably make sure that your Twitter and Facebook accounts are using https (the S is for more Secure) by default. That's the same kind of encryption your bank uses. Just check your Twitter and Facebook accounts. You only need to do it once.

Here's Twitter:

And Facebook:

You can also Google more securely at https://encrypted.google.com or https://duckduckgo.com.

10. If it starts with HTTP, it's probably public - BTW, TwitPics are Public

If you use a tool like TwitPic or any online photo sharing, or  - let's just be straight here - anything online...it's likely public. If it has a URL, someone can get to it. Assume everything you do online is public.

I've personally watched a number of celebrities have conversations between each other on Twitter as if Twitter were a private chat. Just last month Charlie Sheen tweeted his phone number to Justin Bieber. So, he got a new phone. http://3109547277.com

Also, just an FYI. Don't take a picture of your pee-pee. There's just no reason for that.

Conclusion

This may sound like a lot, but it's simpler than you may think and it can be setup so that it's not invasive in your life.

The main points are these:

• Make it so you can find your stuff, but others can't find you.
• Use pins or passwords on your devices when you can.
• Encrypt sensitive data in TrueCrypt files or Bitlockered drives.
• Use "two factor" authorization for crucial services like email.

Feel free to suggest other tops I may have missed in the comments! And, perhaps pass this on to your Famous Friend.