Tuesday, August 23, 2016

Fine tuning My Real Time For Maximum Efficiency

I am working hard to fine tune my world after coming back from the wilderness this summer. Now that I'm back I am putting a lot of thought into how I can optimize for efficiency, as well as for my own happiness. As I fire back up the old API Evangelist machine, I'm evaluating every concept in play, a process being used, and tool in production, and evaluate how it benefits me or creates friction in my world.

During the next evolution of API Evangelist, I am looking to maximize operations, while also helping to ensure that I do not burn out again (5 years was a long time). While hiking on the trail I thought A LOT about what is real time, and upon my return, I've been applying this to reverse engineering what is real time in my world, and fine tuning it for maximum efficiency and helping me achieve my objectives.

As I had all the moving parts of real time spread out across my workbench, one thing I noticed was the emotional hooks it likes to employ. When I read a Tweet that I didn't agree with, or read a blog post that needed a rebuttal, or a slack conversation that @mentioned me--I felt like I needed to reply. When in reality, there is no reason to reply to real time events, in real time. This is what it wants, not always something you want.

I wanted to better understand this element of my real time world, so I reassembled everything and set back into motion--this time I put a delay switch on ALL responses to real time events across all my channels. No matter how badly I wanted, I was forbidden to response within 48 hours to anything. It was hard at first, but I quickly began to see some interesting efficiency gains and a better overall psychological well-being.

Facebook, Twitter, Github, and Slack all were turned off and only allowed to be turned on a couple times a day. I could write a response to a blog post, but I wouldn't be allowed to post it for at least two days. I actually built this delay switch into my world, as a sort of scheduling system for my platform, which allows me to publish blog posts, Tweets, Github commits, and other pushes that were often real time, using a master schedule.

After a couple of weeks my world feels more like I have several puppets on strings, and performing from a semi-scripted play. Where before it felt the other way around, that I was a puppet on other people's strings, performing in a play I've never seen a script for.



from http://ift.tt/2bKFRJr

Monday, August 22, 2016

The Blockchain As An Economic Engine For The Cybersecurity Industry

I am slowly getting back into the routine of doing my weekly roundups. It has been a while since I published any, even though I regularly do the work. While I was going through this week's roundup of items I curated, I thought some of the blockchain related goings on were particularly interesting.

Not sure about you but I can't help but think that has the makings of a pretty interesting economic engine for the cybersecurity industry. You have government hackers, organized hackers, rando hackers, concerns around having enough talent, investors pouring money into the space, and 1000lb pound gorillas making firing up their digital factories. 

I'm guessing that blockchain and cybersecurity are going to go hand in hand, and be a very lucrative endeavor for a select few.



from http://ift.tt/2bcsgtb

Thursday, August 18, 2016

You Better Collect All The Data Because You Might Need It Some Day

I recently read a couple of articles that focused on the data collection practices of businesses, where the moral of the story was that you should be collecting all the data you possibly can, even if you don't need it because you never know what you'll need in future. This is the popular perspective of a significant portion of the data community, which naturally has transferred to the world of APIs through a natural association.

While this might be tempting, and even seem logical at times, I recommend you stop and think about it deeply. The NSA is employing the approach, and leading tech companies like Google, Facebook, and others are thinking in similar ways. Pretty much saying that if you have all the data, you will have all the knowledge--something that really hasn't ever been proven, remaining a constant fantasy of technologists.

Imagine the person who obsessively collects everything, thinking some day it will be valuable. Often times this is harmless if some of it contained hazardous material (ie. mercury, lead) that may have been considered safe at one point, but now you have large quantities of it--not good, and costly implications. Imagine if, at some point, you cross over some public zoning, safety, and other regulatory areas, without knowing it. Consider how the world has shifted and changed in the last 50 years, and how rapidly things have "seemingly" changed in the last 20 years, when it comes to public opinion--what if opinions on data gathering practices change drastically in the near term future?

With the NSA, and leading tech companies behaving pretty badly with their data collection strategy, pushback from other countries, companies, institutions, and the average citizen has already begun. Do you really want to have EVERYTHING stored in your data warehouses when this happens? Data you can't actually verify that you need actually operate your business? What will your customers, partners, and shareholders think? What will public opinion be of your brands?

I haven't even touched on the security concerns of storing all of this way of data gathering. There are numerous very serious considerations on the table, that should always be included in decision around just exactly what data we gather, store, and what we should just let be lost in the layers of time.



from http://ift.tt/2bqAstv

Tuesday, August 16, 2016

Humans Are Always The Weakest Link When It Comes To Securing Our Bits & Bytes

I added a specific project for aggregating and tracking on vulnerabilities in our online infrastructure, in addition to my existing security and cyber security research. Not all of the vulnerabilities I curate are API specific, but I find it helps increase my overall awareness of security related issues and I find it useful to thinking through the possibilities when it comes web vulnerabilities being applied to APIs. 

Across these three areas of my security research, the one common pattern I see across the security landscape is that the humans are always the weakest link. Almost all of the breaches I read about occur because of some human, being well human, and allows for some often well-known exploit to be penetrated. Hacking systems is less about knowing the tech exploits, then it is about knowing and maximizing the human exploits--as we are always the weakest link.

I use this awareness when I'm evaluating the promise of any security-focused solution I come across. If the solution prescribes more technology, to help us secure the technology we have--I'm guessing it is most likely smoke & mirrors about 95% of the time. If the solution offers something that helps address the human variable in the equation, and augments this reality, making us all more security minded, and ulitmatmely security literate--the chances it will make a difference increases in my opinion.



from http://ift.tt/2aYc58H

Monday, August 15, 2016

Using Github Repos And Jekyll As A Data Store

Github repositories are the heart of all of my API research. Each of the 200+ areas of my research lives as an individual repository, and I publish most of my raw research here as JSON, and YAML--then make it viewable, and explorable using JavaScript and HTML. Github + Github Pages + Jeklyll is what makes all of this possible.

I have been working professionally with databases for over 25 years--I am a database guy. From 1997 through 2007 I was heavily dependent on my SQL Server database(s). From 2007 through 2017 I am heavily dependent on my MySQL database(s). I predict from 2017 through 2022 I will be heavily dependent on my JSON and YAML data stores available via Github and my own server infrastructure.

Using Github repositories as a data store will not replace my central database infrastructure, but it will augment it significantly. Much like dynamically publishing HTML documents from databases has dominated my web evolution, the dynamic publishing of JSON and YAML documents is what drives much of my public presence during my API evolution. Github allows me to drive the publishing of this data using Github Pages, while using Git to maintain a snapshot of my data stores at any point in time.

The static nature of my data stores is efficient, in that they load fast, and leverage simple web technology (HTML, JavaScript, CSS) to accomplish its objective, whether that is delivering HTML to humans, or JSON and YAML to other systems / applications. The publish / cache nature of these representations of my data works well for my approach to storytelling. I can keep my research moving fast, keeping pace with the fast-changing landscape, or I can employ them as a snapshot that stays static forever, something I may never update.

I increasingly find people don't grasp how it is that I use Github to run my API Evangelist, and the potential of Jekyll and Github when it comes to managing data, especially when it is in the service of storytelling on the web. It's not an approach I recommend everyone put to work, but as a database person, I think everyone should have Github and Jekyll as a data store in your toolbox



from http://ift.tt/2aWzjM8

Tuesday, August 9, 2016

Ignoring Bad Behavior Then Complaining When Government Regulates

I feel the drone space is a poster child for the overall technology space for me lately. I'm heavily influenced because it is what I have been doing for the last couple months, but as I turn my head back to paying attention to mainstream tech, what I'm seeing with drones has taught me lessons that I'm finding apply very nicely to the wider technology landscape.

I read three separate articles this week where authors were outlining what is next for drones, and what is holding the industry back, and all three mentioned government regulations as being the number one thing holding drones back. Which is interesting to me because I do not feel the requirement to register my drone is holding us back. What I do feel looms over the whole space is the badly behaved drone operators out there--which naturally the coming regulations and current concerns are in response to.

When you do encounter rules about drones, or pushback from people out in the field, it is in direct response to drone operators behaving badly, yet you don't see the drone industry going out of their way to police, or reign the industry in. You do see manufacturers like DJI building in some limitations when it comes to forest fires, airports, and other no-fly zones, but you don't see the average drone blogger or drone operator telling each other to be a responsible drone operator so you don't screw this up for everyone.

I see this as an inherent flaw in how markets work. People who love markets, love to bitch about government regulation, but rarely ever work to police themselves, or regulate the bad things that regulation are often responding to. In fact, I've heard people defend bad behavior as, "it's not illegal yet", and "if I didn't do it my competitors will". Then fall in line with the other anti-regulator rhetoric when laws are put in place limiting what people can do in their industry. 

Do not get me wrong. I am not pro-regulation. I have a realistic understanding around why we need healthy regulations and enforcement to help balance market activity, but I am not pro-regulation just for the sake of more government. It would make more sense if as an industry we have more ethics, and we worked to educate and police each other, helping set a healthy tone, so the government wouldn't need to step in. Actually, as I write this, I realize how badly behaved our own government is being when it comes to drones. Uggghh!

I predict we will see this with every new area of technology out there. The overeager entrepreneur(s) go too far, can't control themselves with their greed, and do things to make money that is ultimately questionable, then they bitch and complain when the government steps into course correct the behavior. So much of what we are doing is brand new in tech, and when you bundle that with young millennials, you get a rich environment for thinking everything is new, and that we are entitled to do whatever I want--establishing a pretty dangerous cycle. 

I'm applying what I've been learning from watching the drone space, to other areas like healthcare and education data, and other important areas where I am seeing APIs being used for some pretty shady stuff. I am seeing folks make claims it is for healthcare or education when it is really about getting their hands on users data that they can sell on the open market--making for some prety troubling stuff.



from http://ift.tt/2aIKCl2

Working To Avoid The Drowning Effects Of Real Time

One thing I'm experiencing as I come out of my Drone Recovery project is the drowning effects of our real-time worlds. I am talking about the desire to stay connected in this Internet age, and subscribe to as many possible available channels (ie. Facebook, Twitter, LinkedIn, RSS, etc.), and more importantly the tuning in, and responding to these channels in real time.

You hear a lot of talk about information overload, but I don't feel the amount of information is the problem. For me, the problem comes in with the emotional investment demanded by real-time, and the ultimate toll it can take on your productivity, or just general happiness and well-being. You can see this play out in everything from expectations that you should respond to emails, all the way to social network memes getting your attention when it comes to the election, or for me personally, the concerns around security and privacy using technology.

The problem isn't the amount of information, it is the emotional toll of real-time. I can keep up with the volume of information, it's once I start paying the toll fee associated with each item, that it begins to add up. I feel the toll fee is higher in the real-time lane than when you do on your own schedule. The people who demand I respond to emails, and be first to the story have skin in the game, and will be collecting a portion of the toll fee, so it is in their best interest to push you to be real time.

Sure, there are some items that will be perishable in all of this. I am not applying this line of thinking across the board, but I am prioritizing things with this in mind. In an increasingly digital world, the demands on our time are only going to increase. To help me to keep from drowning, I'm going to get more critical about what I accept into my world in a real time way. My goal is to limit the emotional toll I pay, and maximize my ability to focus on the big picture when it comes to how technology, and specifically APIs are impacting our world.



from http://ift.tt/2aINzBS

Losing Control Over Our Digital Self When So Many Domains Take A Piece

I find myself even more aware of the demands being placed on our lives through Internet-enabled technology after spending two months in the wilderness, away from my computer and cell phone. As I fire up my tools for monitoring the API space, the assault on our digital self by the tech community streams by on the scream like a scene from the Matrix movie.

One of the tools I operate regularly is called Charles Proxy. I use it to automatically map out the APIs I am using, helping me map out the surface area of common APIs. On select days I will keep this running in the background, routing all my mobile, web, and desktop activity through the proxy. Every five minutes it dumps an XML file of my activity to my local Dropbox folder. Once files are synced to the cloud my API monitoring system grabs this history and generates OpenAPI specification for any APIs, with one by-product of all of this is I also get a record every single domain I touched over the course of the day.

I pulled a sampling of this traffic, grouped by each unique domain, and generated this tag cloud. There are 306 domains included in this sampling, with a maximum of 250 showing in the tag cloud, but the domains that float to the top, achieving a significant portion of my attention, tell an interesting story--there is a lot to consider here, but three significant stories stand out for me.

Who Gets Most My Attention On Regular Basis
This is all traffic from the websites I visit, as well as my desktop and mobile applications, so you see the core of my existence spent on my Apple devices, and that I still live in a very Googley world, while doing much of my communication via on Twitter, Slack, and Skype. I do a lot of Googling, as the majority of my days are spent researching a variety of topics, and since I opt to leave advertising unblocked, you also see the fingerprint of Double Click when it comes to ad networks also attempting to get my attention.

Percentage Of My Attention Spent Within My Domains
While Google and Apple still command a big portion my attention, it makes me happy to see both apievangelist.com and kinlane.com present in this tag cloud--showing a healthy "reclaim your domain" balance to my world. It is important to me that as much of my time as possible is spent operating within my domain. I will never be able to operate 100% on my own property, but ensuring that my domains occupy top ten slots on this map is critical to me operating a successful business, generating revenue from my hard work, and fending off all of these domains looking to own a piece of my digital self for their benefit.

Overall Volume Of Domains Vying For My Attention
This is just a sampling of the domains that are vying for my attention on a daily basis. At some point, I'll publish a more realistic daily, weekly, and monthly sampling hopefully helping paint a more complete picture. However, I feel this sampling does show the scope of assault that occurs daily on our digital self. All of these companies want a piece of my digital self, not because they care about me, or what I am doing, but because they want to generate revenue from this little piece of my digital self, and any activity that occurs.

A significant portion of what I do each day is dedicated to making sure that I clearly define who is Kin Lane, and the API Evangelist, and capture as much of exhaust generated in the form of blog posts, tweets, images, video, and other bits and bytes. This is how I define my brand, publicize my work, and retain as much control over what I do as I possibly can. Helping me better make a living from my work. The more I define and defend myself from these domains, the more I keep for myself, enabling me to maintain control over the digital version of myself.

We only have a few hundred years under our belts when it comes to defining our physical self, our rights, and the boundaries of our public personas. We only have a few years under our belts when it comes to defining our virtual self, our rights, and the boundaries of our virtual public personas. What is even scarier is that increasingly the predatory behavior of these domains in an online world is being extended into our physical worlds through home automation, connected cars and cities, drones and other ways the Internet of Things (IoT) that are penetrating our personal, professional, and industrial worlds.

As I look at the logs of these domains who are demanding a piece of my virtual self each day, I can't help but feel like the majority of us will lose control over our digital self, before we ever fully get the opportunity to fully know ourself--when so many domains take a piece of us each day.



from http://ift.tt/2aIKyBD

On Being SMART (Surveillance Marketed As Revolution Technology) And Greedy

I love Evgeny Morozov's (@evgenymorozov) tweet defining the acronym SMART as Surveillance Marketed As Revolutionary Technology. It has provided me with a wealth of material for my alternate storytelling channels, and provides an excellent litmus test to apply to companies I come across during my monitoring of the API space.

As I'm reading do smart devices mean dumb security, out of Defcon this year, I'm reminded of his funny, yet also very troubling definition of SMART. I'm coming across an increasing number of connected devices who have incomplete API programs available. Meaning APIs are present, available on the open Internet, but required documentation, support, and other essential resources are missing--which like mobile, tends to often mean security and privacy considerations are incomplete as well.

This last week I talked about how venture capital investment can provide some incentives that are at odds with healthy, stable, consistent, and secure API operations. You see this play out with mobile devices, where a platform is so focused on the mobile app so heavily, they pretend the web APIs behind are invisible, which is also a practice I am seeing rapidly evolve with the Internet of Things (IoT).

Companies are racing to connect everyday objects to the Internet because they want to convince consumers to buy a new product, that will give them access to the valuable data that will be generated (a precedent set by the mobile evolution). In the race to create this new breed of products that consumers will want, and generate this new, highly valuable data, the willingness to secure these new data streams, and protect the safety and privacy of consumers is often very low on the list of priorities. 

As stated in the BBC article out of Defcon, these devices will become a playground, of hackers, whatever their motivations might be. The average person will be unknowingly building out the Internet in this very unstable fashion, giving away their data, privacy, and of those around them. The greed behind the pushing of SMART objects into our personal and professional worlds will happily continue if they are given continued access to this extremely valuable data, and surveillance exhaust. 

I'm not convinced that corporations, institutions, the government, or individuals will all be up to the task when it comes to securing all of this tech we are inviting into our worlds, not when there are so many badly behaved, poorly incentivized players willing to build this dystopian version of the Internet out. This will not play out well...



from http://ift.tt/2aIKxhh

We Will Never Be Able To Completely Secure Our Bits And Bytes, We Will Have To Change Culture For Things To Get Better

I am doing an increased amount of monitoring of security, vulnerability, and cybersecurity reports lately. While doing this type of work, it can become easy to slip into despair, as you realize how vulnerable we are to attack, in conjunction with how badly behaved everyone is being on all sides.

As I see it, we have to work very hard to be sensible and proactive about security, and work to educate individuals, business and government leaders to be savvy when it comes to online security, and privacy--as a community we have a lot of educational and awareness work ahead of us.

Even with all of this work, I do not think we are ever going to be able to achieve 100% security over our bits and bytes. We are going to have to find a way to shift the culture of online behavior to make hacking, and the use of many of the cyber weapons we are seeing emerge, unacceptable to use. 

I am not sure what the specific actions are that might help us down this higher road--more thoughts to come on this. One thing I do know is that all of this is not sustainable, and what worries me the most is that the US seems to have set the bar for bad behavior pretty high with the activities of NSA, our law enforcement, and of the larger tech community.



from http://ift.tt/2aK2wqO

Choosing Between Medium, Blogger, Tumblr, or WordPress

There are many differences between the leading blogging platforms like Blogger, WordPress, Tumblr, and Blogger. Different types of bloggers will view these solutions in different ways, with very different reasons behind why they (we) do. 

Each of these blogging platforms has their pros and cons, and bring a variety of network effects with them. Medium has definitely been dominating the conversation lately, but Blogger and WordPress still provide very robust solutions, even after well over a decade of serving up content.

If its plugins that you are looking for...choose WordPress, and if it is the network effect you desire, consider Tumblr or Medium. Whichever one you choose, the most important thing you can do is make sure your blog is available on your own domain. Make sure you have your content within your own domain, even if you are working to leverage one of these company's platforms.

You never know when you will want to migrate your blog, or do away with the blog altogether, and when you do not have control over the domain, this is much, much harder to do.



from http://ift.tt/2aIKNgk

Ignoring Bad Behavior Then Complaining When Government Regulates

I feel the drone space is a poster child for the overall technology space for me lately. I'm heavily influenced because it is what I have been doing for the last couple months, but as I turn my head back to paying attention to mainstream tech, what I'm seeing with drones has taught me lessons that I'm finding apply very nicely to the wider technology landscape.

I read three separate articles this week where authors were outlining what is next for drones, and what is holding the industry back, and all three mentioned government regulations as being the number one thing holding drones back. Which is interesting to me because I do not feel the requirement to register my drone is holding us back. What I do feel looms over the whole space is the badly behaved drone operators out there--which naturally the coming regulations and current concerns are in response to.

When you do encounter rules about drones, or pushback from people out in the field, it is in direct response to drone operators behaving badly, yet you don't see the drone industry going out of their way to police, or reign the industry in. You do see manufacturers like DJI building in some limitations when it comes to forest fires, airports, and other no-fly zones, but you don't see the average drone blogger or drone operator telling each other to be a responsible drone operator so you don't screw this up for everyone.

I see this as an inherent flaw in how markets work. People who love markets, love to bitch about government regulation, but rarely ever work to police themselves, or regulate the bad things that regulation are often responding to. In fact, I've heard people defend bad behavior as, "it's not illegal yet", and "if I didn't do it my competitors will". Then fall in line with the other anti-regulator rhetoric when laws are put in place limiting what people can do in their industry. 

Do not get me wrong. I am not pro-regulation. I have a realistic understanding around why we need healthy regulations and enforcement to help balance market activity, but I am not pro-regulation just for the sake of more government. It would make more sense if as an industry we have more ethics, and we worked to educate and police each other, helping set a healthy tone, so the government wouldn't need to step in. Actually, as I write this, I realize how badly behaved our own government is being when it comes to drones. Uggghh!

I predict we will see this with every new area of technology out there. The overeager entrepreneur(s) go too far, can't control themselves with their greed, and do things to make money that is ultimately questionable, then they bitch and complain when the government steps into course correct the behavior. So much of what we are doing is brand new in tech, and when you bundle that with young millennials, you get a rich environment for thinking everything is new, and that we are entitled to do whatever I want--establishing a pretty dangerous cycle. 

I'm applying what I've been learning from watching the drone space, to other areas like healthcare and education data, and other important areas where I am seeing APIs being used for some pretty shady stuff. I am seeing folks make claims it is for healthcare or education when it is really about getting their hands on users data that they can sell on the open market--making for some prety troubling stuff.



from http://ift.tt/2aJP5a9

Monday, August 8, 2016

Losing Control Over Our Digital Self When So Many Domains Take A Piece

I find myself even more aware of the demands being placed on our lives through Internet-enabled technology after spending two months in the wilderness, away from my computer and cell phone. As I fire up my tools for monitoring the API space, the assault on our digital self by the tech community streams by on the scream like a scene from the Matrix movie.

One of the tools I operate regularly is called Charles Proxy. I use it to automatically map out the APIs I am using, helping me map out the surface area of common APIs. On select days I will keep this running in the background, routing all my mobile, web, and desktop activity through the proxy. Every five minutes it dumps an XML file of my activity to my local Dropbox folder. Once files are synced to the cloud my API monitoring system grabs this history and generates OpenAPI specification for any APIs, with one by-product of all of this is I also get a record every single domain I touched over the course of the day.

I pulled a sampling of this traffic, grouped by each unique domain, and generated this tag cloud. There are 306 domains included in this sampling, with a maximum of 250 showing in the tag cloud, but the domains that float to the top, achieving a significant portion of my attention, tell an interesting story--there is a lot to consider here, but three significant stories stand out for me.

Who Gets Most My Attention On Regular Basis
This is all traffic from the websites I visit, as well as my desktop and mobile applications, so you see the core of my existence spent on my Apple devices, and that I still live in a very Googley world, while doing much of my communication via on Twitter, Slack, and Skype. I do a lot of Googling, as the majority of my days are spent researching a variety of topics, and since I opt to leave advertising unblocked, you also see the fingerprint of Double Click when it comes to ad networks also attempting to get my attention.

Percentage Of My Attention Spent Within My Domains
While Google and Apple still command a big portion my attention, it makes me happy to see both apievangelist.com and kinlane.com present in this tag cloud--showing a healthy "reclaim your domain" balance to my world. It is important to me that as much of my time as possible is spent operating within my domain. I will never be able to operate 100% on my own property, but ensuring that my domains occupy top ten slots on this map is critical to me operating a successful business, generating revenue from my hard work, and fending off all of these domains looking to own a piece of my digital self for their benefit.

Overall Volume Of Domains Vying For My Attention
This is just a sampling of the domains that are vying for my attention on a daily basis. At some point, I'll publish a more realistic daily, weekly, and monthly sampling hopefully helping paint a more complete picture. However, I feel this sampling does show the scope of assault that occurs daily on our digital self. All of these companies want a piece of my digital self, not because they care about me, or what I am doing, but because they want to generate revenue from this little piece of my digital self, and any activity that occurs.

A significant portion of what I do each day is dedicated to making sure that I clearly define who is Kin Lane, and the API Evangelist, and capture as much of exhaust generated in the form of blog posts, tweets, images, video, and other bits and bytes. This is how I define my brand, publicize my work, and retain as much control over what I do as I possibly can. Helping me better make a living from my work. The more I define and defend myself from these domains, the more I keep for myself, enabling me to maintain control over the digital version of myself.

We only have a few hundred years under our belts when it comes to defining our physical self, our rights, and the boundaries of our public personas. We only have a few years under our belts when it comes to defining our virtual self, our rights, and the boundaries of our virtual public personas. What is even scarier is that increasingly the predatory behavior of these domains in an online world is being extended into our physical worlds through home automation, connected cars and cities, drones and other ways the Internet of Things (IoT) that are penetrating our personal, professional, and industrial worlds.

As I look at the logs of these domains who are demanding a piece of my virtual self each day, I can't help but feel like the majority of us will lose control over our digital selves, before we ever fully get the opportunity to fully know ourselves--when so many domains take a piece of us each day.



from http://ift.tt/2aHDE2P

Working To Avoid The Drowning Effects Of Real Time

One thing I'm experiencing as I come out of my Drone Recovery project is the drowning effects of our real-time worlds. I am talking about the desire to stay connected in this Internet age, and subscribe to as many possible available channels (ie. Facebook, Twitter, LinkedIn, RSS, etc.), and more importantly the tuning in, and responding to these channels in real time.

You hear a lot of talk about information overload, but I don't feel the amount of information is the problem. For me, the problem comes in with the emotional investment demanded by real-time, and the ultimate toll it can take on your productivity, or just general happiness and well-being. You can see this play out in everything from expectations that you should respond to emails, all the way to social network memes getting your attention when it comes to the election, or for me personally, the concerns around security and privacy using technology.

The problem isn't the amount of information, it is the emotional toll of real-time. I can keep up with the volume of information, it's once I start paying the toll fee associated with each item, that it begins to add up. I feel the toll fee is higher in the real-time lane than when you do on your own schedule. The people who demand I respond to emails, and be first to the story have skin in the game, and will be collecting a portion of the toll fee, so it is in their best interest to push you to be real time.

Sure, there are some items that will be perishable in all of this. I am not applying this line of thinking across the board, but I am prioritizing things with this in mind. In an increasingly digital world, the demands on our time are only going to increase. To help me to keep from drowning, I'm going to get more critical about what I accept into my world in a real time way. My goal is to limit the emotional toll I pay, and maximize my ability to focus on the big picture when it comes to how technology, and specifically APIs are impacting our world.



from http://ift.tt/2b8nv9q

Saturday, August 6, 2016

On Being SMART (Surveillance Marketed As Revolution Technology) And Greedy

I love Evgeny Morozov's (@evgenymorozov) tweet defining the acronym SMART as Surveillance Marketed As Revolutionary Technology. It has provided me with a wealth of material for my alternate storytelling channels, and provides an excellent litmus test to apply to companies I come across in my monitoring of the API space.

As I'm reading do smart devices mean dumb security, out of Defcon this year, I'm reminded of his funny, yet also very troubling definition of SMART. I'm coming across an increasing number of connected devices who have incomplete API programs available. Meaning APIs are present, available on the open Internet, but required documentation, support, and other essential resources are missing--which like mobile, tends to often mean security and privacy considerations are incomplete as well.

This last week I talked about how venture capital investment can provide some incentives that are at odds with healthy, stable, consistent, and secure API operations. You see this play out with mobile devices, where a platform is so focused on the mobile app so heavily, they pretend the web APIs behind are invisible, which is also a practice I am seeing rapidly evolve with the Internet of Things (IoT).

Companies are racing to connect everyday objects to the Internet because they want to convince consumers to buy a new product, that will give them access to the valuable data that will be generated (a precedent set by mobile evolution). In the race to create this new breed of products that consumers will want, and generate this new, highly valuable data, the willingness to secure these new data streams, and protect the safety and privacy of consumers is often very low on the list of priorities. 

As stated in the BBC article out of Defcon, these devices will become a playground, of hackers, whatever their motivations might be. The average person will be unknowingly building out the Internet in this very unstable fashion, giving away their data, privacy, and those around them. The greed behind the pushing of SMART objects into our personal and professional worlds will happily continue if they are given continued access to this extremely valuable data, and surveillance exhaust. 

I'm just not convinced that corporations, institutions, the government, or individuals will all be up to the task when it comes to securing all of this tech we are inviting into our worlds, not when there are so many badly behaved, poorly incentivized players willing to build this dystopian version of the Internet out. This won't play out well...



from http://ift.tt/2b4bYER

Wednesday, August 3, 2016

Choosing Between Medium, Blogger, Tumblr, or WordPress

There are many differences between the leading blogging platforms like Blogger, WordPress, Tumblr, and Blogger. Different types of bloggers will view these solutions in different ways, with very different reasons behind why they (we) do. 

Each of these blogging platforms has their pros and cons, and bring a variety of network effects with them. Medium has definitely been dominating the conversation lately, but Blogger and WordPress still provide very robust solutions, even after well over a decade of serving up content.

If its plugins that you are looking for...choose WordPress, and if it is the network effect you desire, consider Tumblr or Medium. Whichever one you choose, the most important thing you can do is make sure your blog is available on your own domain. Make sure you have your content within your own domain, even if you are working to leverage one of these company's platforms.

You never know when you will want to migrate your blog, or do away with the blog altogether, and when you do not have control over the domain, this is much, much harder to do.



from http://ift.tt/2aOd354

We Will Never Be Able To Completely Secure Our Bits And Bytes, We Will Have To Change Culture For Things To Get Better

I am doing a lot of monitoring of security, vulnerability, and cybersecurity reports lately. While doing this it can become easy to slip into despair when you are immersed in this world as you realize how vulnerable we are to attack, and how badly behaved everyone is.

As I see it, we have to work very hard to be sensible and proactive about security, and work to educate individuals, business and government leaders to be savvy when it comes to online security, and privacy--as a community we have a lot of educational and awareness work ahead of us.

Even with all of this, I do not think we are ever going to be able to achieve 100% security over our bits and bytes, and we are going to have to find a way to shift the culture of online behavior to make hacking and the use of many of the cyber weapons we are seeing emerge unacceptable to use. 

I am not sure what the specific actions might help us down the higher road--more thoughts to come. I do know though that all of this is not sustainable, and what worries the most is that the US seems to have set the bar for bad behavior pretty high with the activities of NSA, our law enforcement, and the larger tech community.



from http://ift.tt/2auNHVI

Tuesday, August 2, 2016

Disruption Is Rarely About Building A Better Product, Improving An Industry, Or Helping Consumers

I often fall for the Kool-Aid flavor of the day, out of tech community. I'll be sipping it regularly, thinking I'm immune to its effects, until one day I'm like, "that is some damn good cool raspberry flavor!". Even though I know better, I still get duped by the magic of it all sometimes.

When I read the regular flow of marketing coming out of startups, it can be easy to fall prey to the belief that startups are truly building a better mousetrap, changing how business is done, and redefining an entire industry. We all love a great American dream story! When in reality, 95% of the time this is the marketing kool-aid of the day, and when startups wield the term "disruption" or "revolution", it does not mean what they often say in their marketing.

Despite popular claims, startups are less interested in building a better product, running a better business, helping consumers, and redefining the way things occur in an industry, then they are attracting the interest of a buyer. Often times this is the 1000 lb gorilla in the space, and what better mating dance than the disruption and revolution chest thump.

Disruption isn't a threat, it is a mating call. If you don't buy me, we will take your customers, and make you look old and outdated. We are young, new and shiny and people like us better. If you buy us, then people will be forced to love you, and all will be OK.

It helps to step away from the regular flow of storytelling in the space, allowing me to see what much of the information is really about, and who the coded marketing speak is really crafted for--not us (well unless you are looking to buy? Are you?).



from http://ift.tt/2agIm92

Surveillance Will Continue To Be Disguised As Entertainment And Convenience

Two things Americans are suckers for are entertainment and convenience. We will give up almost anything if it makes our life easier, and keeps us entertained--no matter how simple that is. We love our movies, tv shows, and games, and we love everything to come to us from our shopping to our food, and our transportation. 

This is where technology will continue to be employed in the name of surveillance--whether its corporate level surveillance or in the government sphere. This is where we will willfully accept surveillance into our lives, and allow for ourselves to be digitally pwned, allowing for us bit by bit to also be physically pwned--perpetually keeping us down.

Whenever possible let's pause the game, and think twice about signing up for that new delivery service, and consider what we are giving up in exchange for this entertainment and convenience. Are the tradeoffs worth it? Are we being distracted while our information is between taken, or the technology in our lives being compromised?

Let's not let a surveillance state creep in around us just because we couldn't go without for just a little while.



from http://ift.tt/2ayW1os

Learning To Write Again

It's been almost three months since I've written anything on API Evangelist, and sitting down to form my thoughts into some sort of coherent blog post is proving to be more challenging than I imagined. I now realize how much of my storytelling has been driven by the momentum I have built up in six years of writing about APIs. 

There is no shortage of topics to write about. I have a pretty lengthy list, but actually bringing them to life is proving to be much more work than I remember it being. Each sentence takes me minutes instead of seconds, and my thoughts have to be pulled, rather than the usual flood of often overwhelming flow about the world of APIs. 

Normally the spark plug that connects my brain with my fingers is firing almost non-stop, but after weeks of being idle, it is taking some time before the spark fires as reliably as before. Maybe there is some gunk on the plug, or I need to gap the plug like I used to with my 1972 Volkswagen van--where is a grateful dead ticket when you need it?

Well, at least I am up and running...maybe this will get all cylinders firing again. I miss writing. I find the regular flow of ideas into my notebook, and then across my blog and research sites very rewarding. If nothing else, this summer has re-enforced in me how important writing is to my overall well-being and life balance.



from http://ift.tt/2ayVAuF

Tuesday, July 5, 2016

I Feel Like The Savage In Brave New World -- I Just Want To Read Shakespeare

I feel like "the savage" in Aldous Huxley's A Brave New World as I begin to get back to my Twitter stream and RSS feeds — I just want to read Shakespeare. I'm eight weeks into Drone Recovery, I just finished re-reading A Brave new World, and I am finding it very difficult to be interested in much that is the "tech space" flowing through the monitoring tool(s) I have historically used to keep track on the sector.

There are bits and bytes that still grab my attention, but overall I'm questioning why I ever was interested in things like bots, wearables, and many things IoT. As I step back and ponder all of this, I feel like there is a relentless assault of information and technology upon us daily, which keeps us in a state where it is difficult to ever process anything meaningful, and we are ultimately  forced accept what is next—even if it isn't real or what we actually want.

The tech space is always looking for what's next, and we like to tell ourselves that all of it is inevitable, it is what we need, and it is what the tech wants. Rarely do we stop and ask questions about whether we truly need this, or should we be doing this, amidst the constant barrage of information, and social pressure from people around us--which all works to keeps us perpetually off balance. I am not saying any of these things aren't real, just with all the momentum and social pressures, we are too weak to ever process anything deeply.

The most intense part of this summer drone journey is over, and I am spending a little more time getting back into my feeds and social streams. Not too much, just little bit as I have time in between trips. I'd say 50% of what flowed through my monitoring dashboard interested me before this journey began, and now I'd put that at about 5%. I am hoping to better understand how I can evolve this perspective, and develop some sort of shield (Captain Fucking America) which I can use in defense of the relentless assault that is the tech space. 

I am hoping with a little more defensive capabilities I will be able to see the space in a new light, possess a more critical eye, and see through what is keeping us down, and find the meaningful and important uses of technology that can actually help the world be the place where I want to live.



from http://ift.tt/29kHxKy

Monday, May 23, 2016

More Investment Is Needed Requiring Some Big Changes

My partner in crime Audrey and I have been struggling her son's depression, and pharmaceutical pill addiction for a couple years now. This is not the type of thing you plan for, and when it happens, your response involves keeping it as quiet as possible when it comes to friends, family, and the public. Nobody wants to be that family, but when you suddenly find out that you are, you find there is no magic fix, you have to work hard to find a solution that works for your situation.

Over the last couple of years, we have moved him from Oregon to Wyoming, back to a different part of Oregon, and then ultimately to California where we live. Last summer we put him into rehab in California, where he soon graduated to a sober living facility. He seemed to be doing well, but then last week he showed up at home, as he had been kicked out of the program. Shortly after settling in he also admitted he was using again, and we all found ourselves back at square one.

What do you do? Can't we afford rehab again? Can't we afford to move him again? And personally, I can't have a junkie living in my house, because I used to be one myself. I was definitely a different breed of junkie then what I am seeing today, but in the years between 1993 and 1997, I was heavily using Heroin, Cocaine, LSD, Ketamine, Mescaline, and most other things I could get my hands on, except I hated speed, and ironically pharmaceuticals. I've been clean for 20 years, there was no way in hell, I was going to live with a junkie.

With no options left, I set out to do for him what I did for myself 20 years ago. We rented a car, loaded up what we needed and headed into the mountains to get him as far away as we could from any pharmaceutical drugs. We live in Los Angeles so we headed into the Sierra Nevada mountains, where we found ourselves in Yosemite, and eventually Nevada. As he detoxed, I set out planning the next six months of recovery for him, using some of the same techniques I applied in my own world, but with more of a 2016 spin.

It is clear we need to make more of an investment in him if we are going to actually get the results we are looking for, and big changes will be necessary. I will be stepping away from my work completely for at least the next six months, probably upwards of a year. It isn't something we can afford, but it is also something we can't afford not to do. I understand that this will have a big impact my business partners, and my clients, but this is the priority.

I will spend the next six month hiking around the west coast, which I know well, some of the same trails I used to find my own sanity 20 years ago. We will be clearing trails, and documenting what we do, and what we see via GoPro, Phantom Drones, and our journals. You can find our story at dronerecovery.org, where my partner in crime, and his mother, will be publishing photos, videos, and stories from our journey.

There will be no rest for the wicked as they say. I will keep us moving every day with a new place to go, a new challenge, and plenty of work along the way to keep both of us occupied. Until some day, he is strong enough, confident enough, and healthy enough to do it all on his own.



from http://ift.tt/1NHx4Jx

Sunday, May 8, 2016

Phone Number Is Becoming Our SSN For Our Digital Self

I got rid of my cell phone number 541-913-2328, which has been my AT&T driven identity since 1999. I'm not doing much traveling this year, so having a $100 / month bill for a thing, that sits in the corner made no sense. Honestly, if feels fucking great not having, but that is another story. Beyond it feeling good, in the wake, I'm noticing how much our phone number is kind of the SSN for our digital identity.

Facebook, Twitter, and all my networks use this as the defining data point of who I am. The platforms which I use to define myself online, almost all use 541-913-2328 as the identifier that I'm real, and not just a bot (wait, am I?). I can't sign up for another phone number with Google Voice or Twilio, without well, an existing, valid phone number. It all feels like the same chicken and egg thing we face around regular forms of identification, well you can't get your drivers license, passport, without two forms of existing ID--wait I need that ID to get other ID, then I can show you!

In the pantheon of data points that are used in the world to identify that a person is a person, and they are the person they claim, I'd say the phone number is now in the top 5. You aren't anyone in a digital sense if you do not have a cellular-equipped device, attached to a nine digit phone number. That data point is key to services like Facebook, Twitter, Apple, and Google. It is how you will message, make payment, and engage with people on a personal, and professional level--acting as a critical data point that helps identify both our physical and digital self.



from http://ift.tt/24FPz4W

A Regular Reminder For Me That Tech Is Often No Match For The Politics That Are Already At Play

I started API Evangelist on the premise that the API community while immersed in a debate about the merits of REST and Hypermedia, were ignoring some very important aspects around the business of APIs. Six years later, these business considerations still plague the space, but I'd add a lack of awareness of the industry, organizational, and other political considerations are some of the biggest challenges we face, in addition to existing business concerns.

I am always telling linked data, RESTafarians, and hypermedia practitioners that they need to build more bridges for folks, to get us from the messed up world we have, to the perfectly defined world they envision -- this is what OpenAPI Spec is, in my opinion. You have a wealth of people who would benefit from the solution your vision could bring, but they don't see the world as we do, and have other business and political influences in their local world that prevent them from actually going from A (current solution) to B (the new solution).

We may have the solution ready to go, but how do we get them on the road, moving toward our new vision? It's easier said than done. As believers, we see the destination, and we clearly see the road that gets us there--we've spent every night for years walking back and forth. The problem comes when we try to get the normal folks to set out on this road, and leave the comfort of their existing world. What we are promising is better! it will make your life easier. It will save you time, money, and be more efficient. C'mon!

We are asking the risk-adverse, non-technical person to come out in the cold, walk this new road. We conveniently forget about all the money they have spent on technology to this point. There is little awareness of how much time and energy have been put into what is already known, and even less willingness to truly invest in what is needed to actually to ensure everyone involved will actually get to the designated location. Just c'mon! I know better than the people you surround yourself with. The people who have gotten you where you are at, for better or for worse.

I feel like I spend too much time believing in tech. Tech is just tech. Nobody ever sees it the same. We believe in tech because of our own hard work, people introducing, influencing, mentoring, leading, or not leading, with it. The politics of all these relationships, previous tech investments, and the exposure to technology working, or now working for us, has all gotten us to where we are at. Who are we to think folks will be able to unwind all of that, with a single tech solution that we've crafted? This is why an awareness of existing business and political realities someone faces, and the need to build bridges is so critical.

When I say bridges, I'm not saying a big steel bridge across the Mississippi, I'm talking little footbridge across a creek, or a steel sheet across the road construction hold on the road.  Maybe you'll have to erect some street lights, and install some signage along the way, before people will feel comfortable enough to make the trek, let alone make the commute on a regular basis. This is my regular reminder that tech is often no match for the politics that are already in play and I will need to be more patient, slow down significantly, and find small bite-size projects that will slowly unravel much of the politics that consume the folks I'm targeting. 



from http://ift.tt/1Wjuj41

Monday, May 2, 2016

Happy To See Unsustainable Free Access To Valuable Tooling Go Away

I was talking my friend Dan Cundiff about Page2RSS shutting down, and the viability of offering up tools like this for us mere mortals to use in our every day work.

If you aren't familiar with what Page2RSS does, it is a simple tool that takes a static website, and turn it into an RSS feed for you. A valuable service for those websites who do not understand the importance of RSS, but unfortunatley is a tool that has gone dark as of today.

Page2RSS is one of those valuable tools, that is more feature, than a actual thing all by itself. These types of tools really don't take much to keep alive and running, something you can scale using AWS or other cloud infrastructure, but only if you have an actual business model, and customers who are willing to pay for it.

The problem is, the tone has been set for the last 10 years, that free is how you do things. A concept that has been led by tech giants like Google, and wave after wave of VC investment--setting an unrealistic expectation that thins should be free. Providers of simple tools like Page2RSS feel that if they are going to compete they will have to be free, even if they can't afford it. Something that then results in consumers of simple tools like Page2RSS thinking things should be free, because if it is not, they'll go find one that is--establishing a very unsustainable cycle.

As the tech giants shutter more of their free services, and VC investment focuses on the enterprise, maybe the bar will be raised to a more realistic place. One where tooling providers can accept micro payments for the tooling and services they provide, and consumers can begin to come back to reality, and realize it takes money to develop and support these valuable tools, making them more willing to cough up some change to pay for the valuable services and tooling they depend on.



from http://ift.tt/1NQ5Yj9

Saturday, April 23, 2016

The Potential Of Jekyll As A Static Data Engine

I am an old database guy. I got my first job working on databases in COBOl in 1987. I have worked with almost every database platform out there, and I love data. I remember writing my own indexes, relationships, and other things we take for granted now. I remember being religious and dogmatic about the platforms I used, which included FoxPro and eventually Microsoft SQL Server. I have grown out of any dogma for any platform, tool, or specific approach, but I continue to manage quite a bit of data for my personal and professional pleasure.

Data is core to API Evangelist, and my API industry research. Even though I still have an Amazon RDS MysQL core to my data operations, this centralized approach is slowly being cannibalized by a more distributed, static, JSON and YAML, and Jekyll driven vision. Increasingly my data is living in the _data folder of each static project repo, being hosted on Github Pages, as well as some specialized Linux Jekyll EC2 deployments I am working with. I do not think this will ever be something that entirely replaces my old, more centralized approach, but it has grown to be a significant portion of my operations.

There are many issues with this approach, keeping things up to date, providing a comprehensive search, and other things are still challenges for me. However, the static nature of both the UI, and the data layer for this projects is proving to have benefits that far outweigh the challenges. The openness and availability of the data and content that drives all my research, project sites, and tooling is refreshing for me. I'm also enjoying having hundreds of very static, cached, distributed websites, and tools that don't change -- unless I direct them to with a publish or a push.

One area I am still exploring in all of this, is the pros / cons of delivering UI experiences with pure JavaScript which consumes the JSON, a more heavy Liquid experience which also consumers the JSON, or take it to new levels with a combination of the two. Some of the stuff I'm doing with an APIs.json and OpenAPI Spec driven documentation which uses Liquid, and JavaScript feels liberating as an approach to delivering developer experiences (DX). If you haven't played with _data folder + Liquid in Jekyll, I highly recommend it--it is a different game.

Anyways, I haven't had much time to talk about this shift in my data management approach, so I wanted to capture some of my current thoughts about the potential of Jekyll as a static data engine--we will see where it goes for me.



from http://ift.tt/1NHVVXZ