Matt Mullenweg

Apr
13

Password Coalition

Filed under: Ideas

Users use the same passwords for multiple services. It’s a fact of life, it’s just so easy to that most people end up having 2-3 passwords they use everywhere, including one “hard” one for financial sites, etc. The downside is your password is only strong as the weakest link of where you’ve used it — when something like the Gawker hack happens there is a huge wave of compromised accounts that follow.

You can ask users not to use the same password, you can even encourage things like 1password (too expensive for many people I recommend it to), but what if there was a way to enforce that people registering for your site hadn’t used the same password elsewhere?

It actually wouldn’t be too hard, if you’re registering with 123@gmail.com and the password “abc” when you register and the site hasn’t encrypted and stored the password yet it could try to log into your Gmail account with those details, and if it works force you to choose a different password. There’s no reason this has to be limited to email logins, you could put it against the APIs of WordPress.com, Twitter, Facebook, LinkedIn, any number of other services that expose simple authentication APIs and see where it works. Any successful logins, tell the user they need to pick something else.

Of course all that work and they’ll probably just put a 1 at the end of it.

Apr
12

I loved this comment on Hacker News, especially the last paragraph which I’ll quote here:

The question implicit in your comment is: Could we design a system that offers the ease of accessibility of the first few steps of a PHP programmer’s career but, as one climbs the learning curve, eventually blossoms into Python or Ruby or even Lisp? I wish I knew. My best guess as of this morning is that a demigod could design such a system, but it’s very difficult for mortal humans to do so, because once you know how to program it’s hard to avoid overdesigning, putting in things that will eventually be useful in year two but are discouraging in year zero. We make terrible pedagogical mistakes, like turning everything into an object. (Does your ORM seem intuitive to you? That is why PHP is beating your system in the marketplace.)

∞

Apr
11

Pingdom writes WordPress completely dominates top 100 blogs. I’m quoted in the article saying that the 49% marketshare we have among top blogs will continue to grow, and I’d like to expand on that a bit because it’s a strong statement.

Typepad and Blogsmith, the two platforms that dropped the most over the past 3 years, are going to disappear either through blogs still using them losing relevance, or their active blogs switching away. Movable Type will likely follow suit, unless its now Japanese-led development makes a pretty drastic change in its product direction. (Consultants focused on Movable Type and Typepad have already started shifting focus to switching their clients to modern platforms to avoid losing the relationship.)

The other big shift will come from the ~22% on custom platforms — this is going to become as niche as writing your own web server instead of using Apache or Nginx. Some organizations like Huffington Post might continue to make the necessary investments of over 40 engineers to maintain a platform at scale, the rest will find better return investing those resources in editorial. Great stories find an audience regardless of their platform.

WordPress’ biggest challenge over the next two years, and where we’re focusing core development, will be around evolving our dashboard to be faster and more accessible, especially on touch devices. Many of our founding assumptions about how, where, and why people publish are shifting, but the flexibility of WordPress as a platform and the tens of thousands of plugins and themes available are hard to match. We might not always be the platform people start with, but we want to be what the best graduate to. ∞

Apr
10

Paul Ford on Facebook and Instagram, hilarious and insightful. ∞

You’ve heard of the placebo effect, how people can get better from a fake treatment, but did you know there’s also a nocebo effect? It’s just as strong: “More than two-thirds of 34 college students developed headaches when told that a non-existent electrical current passing through their heads could produce a headache.” (From Skeptic’s Dictionary.) Alexis Madrigal did a very readable feature about it for the Atlantic called The Dark Side of the Placebo Effect: When Intense Belief Kills. I found out about it from Olivia Fox Cabane’s new book The Charisma Myth. What you don’t know can hurt you. ∞

Apr
9

In mid-January Mark Zuckerberg added me as a friend on Instagram (we’re also connected on Facebook), I grabbed this screenshot a few weeks later because I thought it might be interesting at some point:

Today the awesome news, for both Facebook and Instagram, comes that the Instagram team and product is being acquired. This is one of the first acquisitions (if not the first?) Facebook has made where they don’t plan to shut down the service, and it’s a testament to what Kevin Systrom, Mike Krieger and his team have built. (Friendfeed is still running, but that doesn’t count.) It’s good to see old Pier 38 neighbors doing well. ∞

Mar
27

I used to use three 27″ monitors vertically, then switched to two 30″ Dells, nowadays I’m on a 13″ Air screen most of the time, and occasionally plug into a Thunderbolt Display. Here’s a cool article on how to increase productivity per square inch of your screen by Peter Legierski. ∞

Mar
26

“In the beginner’s mind there are many possibilities, but in the expert’s there are few.” –- Zen Master Shunryo Suzuki. Read more about Beginner’s Mind on zenhabits. ∞

Mar
16

iPad 3 Launch Experience

Filed under: Meta

I’m in New Orleans for a few days and, long story short, although I pre-ordered the New iPad it’s arriving to an address I won’t be at for a while, so since I was up early this morning thought I’d go to the nearest Apple store in Metairie and see if I could pick one up, or at least be part of the excitement that always accompanies Apple launch mornings.

The store had opened at 8, but I arrived at about 8:55, and the scene was not at all what I expected. There was a crowd outside the Apple store, but it was of blue-shirt employees, I walked up and said I was there for a 64GB white AT&T iPad, the fellow handed me a card, and 5 minutes later I was checked out. No line, no waits, no anything! Here’s a picture of the front of the store, at 9:20am.

Line at Apple Store

The woman who checked me out said there had been a bit of a line that morning at 8, but just about 20-30 people and she thought that most people didn’t know they were opening at 8 that morning instead of the normal 10.

I walked back outside and grabbed a water bottle from the big pallet they had of them (for the expected line) and a Verizon employee accosted me to show ask if I had gotten AT&T or Verizon. When I replied “AT&T” he said “oh man!” and showed me the speed tests he was getting on his iPad 2 tethered via wifi to a Droid device he had, an impressive 20mbps down. “Think how fast it’d be going direct to an iPad.” (I agree, but I already have a Verizon Nexus device, a T-Mobile Blackberry, a Sprint iPhone, so I wanted to complete the quartet with another carrier and ensure I could have coverage anywhere.) I decided to celebrate with some beignets across the food court from Cafe Du Monde:

Celebratory Breakfast

So why the lack of a line? Perhaps it was mix up about store opening time, as they suggested. Maybe New Orleans is a Samsung town. Perhaps Apple just did a better job with the pre-orders arriving on launch day, so people didn’t feel the need to go to the store. Maybe people weren’t as excited as I was about the new launch. All in all, it doesn’t matter to me. The screen is gorgeous, it’s restoring now from iCloud backup, and I’m pleased as punch to have one on launch day and I’ll probably spend far too much time today staring at the amazingly high resolution. If you were waiting because you thought the stores might be crazy today, maybe head to them half an hour after open time and skip the queues.

Mar
13

The Olive Garden restaurant making the rounds a few days ago was actually from the mother of a WSJ writer, here’s his take: When Mom Goes Viral: Marilyn Hagerty, 85, Is Talk of Social Media. ∞

Mar
7

The problem with investing based on pattern recognition by Chris Dixon, +1. ∞

Women 2.0: Stop Sabotaging Your Own Success: A Manifesto, by Automattic’s own Sara Rosso. ∞

Mar
1

“Unlimited data is dead, so let’s fight a smarter fight” on The Verge. ∞

Yesterday WordPress.com for Windows 8 was shown for the first time on stage at the Mobile World Congress. ∞

Feb
29

Nathan Myhrvold, who pops up on this blog frequently, finds we need clean energy yesterday (and no natural gas) to avoid being cooked. ∞

Feb
28

Friend and HSPVA alum Robert Glasper’s new album Black Radio is out today and has so far been well-received by a great feature in the New York Times and on NPR. You can grab the album on iTunes ($7) or on Amazon ($9). ∞

Feb
25

Shaktown

Visited a well being hand-dug with dynamite, a drilled well hitting water, and Shak’s sites in Seglemen, Ethiopia.

This album contains 138 items.

Feb
24

Second Day in Ethiopia

Climbed Gheralta to visit the church at the top of the mountain, checked into the Gheralta Lodge, and visited a village called Girat Mikdah Keshe that received a well from Charity: Water two years ago. Guest photographers: John Vechey and Scott Harrison.

This album contains 158 items.

Feb
23

First day in Ethiopia

Visiting new drilling rig, in Charity: Water yellow, visited a village without clean water yet that’s going to get it later this year, played soccer in Abenaa (lost 2-1, but good game).

This album contains 128 items.

Feb
22

En Route to Ethiopia

Flying to Ethiopia and dinner at Yordanos.

This album contains 33 items.