Loading ...
Sorry, an error occurred while loading the content.

Re: Josh Leo's site

Expand Messages
  • David Howell
    I m sorry but the Wordpress site owners that are having their sites hacked are the same people that buy a car and expect to never have to change the oil in it.
    Message 1 of 24 , Feb 8, 2009
    • 0 Attachment
      I'm sorry but the Wordpress site owners that are having their sites
      hacked are the same people that buy a car and expect to never have to
      change the oil in it.

      Running a self-hosted site means being able to manage one as well. If
      you don't want to manage it, then you use sites like Blogger. Blogger
      is great for that. No frills. No muss. No fuss. No extras.

      If you dont want to manage it yourself, you hire people like me that
      will not only design and build it but manage it as well. If you want
      to do it all yourself, please read the manual, secure it and keep it
      up do date with patches. Your unsecured site causes problems for everyone.

      If you dont change the oil in your car, dont cry when it's eventually
      sitting dead on the side of the road.

      David Howell
      http://www.davidhowellstudios.com

      --- In videoblogging@yahoogroups.com, Mike Meiser
      <groups-yahoo-com@...> wrote:
      >
      > Sad to hear. :(
      > I'm assuming he was running wordpress?
      >
      > I've seen way to many wordpress blogs hacked. The problem is just
      maintence,
      > you have to keep wordpress constantly up to date to patch security
      holes. If
      > you don't it will inevitably get hacked. Same goes for all server
      side open
      > source.
      >
      > Many times I've wanted to redo my blogger.com blog in wordpress, indeed
      > wordpress is simply better, but the truth is blogger.com is
      virtually hack
      > proof since there's absolutely no server side code running. It's all
      handled
      > by blogger.com and written to the server via sftp. I've really come to
      > appreciate this rock solid security and ZERO maintenance, and to be
      honest
      > it's the primary reason I simply recommend blogger over wordpress to
      anyone
      > who wants to self host on their own domain. The exception being if
      they're a
      > developer and already running code on their server, in which case
      they're
      > probably aware enough of the maintenance issues to run wordpress.
      >
      > Lately I've been doing a lot of work in the bike industry and it
      seems the
      > entire industry from shop owners, to racers to bike makers runs almost
      > exclusively on a blogspot hosted ecosystem. It simply works.
      >
      > P.S. a good auto-backup system or version control system for your
      blog is a
      > MUST if you run wordpress. A lot of hosting providers include this
      stock.
      >
      > -Mike
      > mmeiser.com/blog
      > flickr.com/photos/mmeiser2
      >
      >
      > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
      >
      > > Looking back a page or 2 on his twitter history, I think the site got
      > > hacked.
      > >
      > > http://twitter.com/joshleo
      > >
      > > Cheers
      > >
      > > Steve
      > >
      > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
      wrote:
      > > >
      > > > Anyone know what happened to josh Leo's site (joshleo.com)? It looks
      > > > like it is gone ... & I really like his videos!
      > > >
      > > > Just curious
      > > >
      > > > Sent from my iPhone
      > > >
      > >
      > >
      > >
      > >
      > > ------------------------------------
      > >
      > > Yahoo! Groups Links
      > >
      > >
      > >
      > >
      >
      >
      > [Non-text portions of this message have been removed]
      >
    • Mike Meiser
      To use your car analogy most people simply take it to the dealer for maintence. There is no dealer for self hosting. Dreamhost nor any other provide that sort
      Message 2 of 24 , Feb 8, 2009
      • 0 Attachment
        To use your car analogy most people simply take it to the dealer for
        maintence.
        There is no dealer for self hosting. Dreamhost nor any other provide that
        sort of support. That type of structure does not exist.

        Most people are not technically literate enough to manage the constant
        stream of upgrades. I myself while technically capable, cut a hard edge on
        maintence issues. If I go on vacation for a month, I simply don't want to
        worry about it. And a month of ignoring it is all it takes... now multiply
        that by the rest of your life. Most people underestimate how much the long
        term maintence costs are while underestimating their own capactity to handle
        that constant maintence.

        These people should simply NOT be self hosting... unless they use
        blogger.com which requires no maintence.

        It's that simple.

        -Mike



        On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...> wrote:

        > I'm sorry but the Wordpress site owners that are having their sites
        > hacked are the same people that buy a car and expect to never have to
        > change the oil in it.
        >
        > Running a self-hosted site means being able to manage one as well. If
        > you don't want to manage it, then you use sites like Blogger. Blogger
        > is great for that. No frills. No muss. No fuss. No extras.
        >
        > If you dont want to manage it yourself, you hire people like me that
        > will not only design and build it but manage it as well. If you want
        > to do it all yourself, please read the manual, secure it and keep it
        > up do date with patches. Your unsecured site causes problems for everyone.
        >
        > If you dont change the oil in your car, dont cry when it's eventually
        > sitting dead on the side of the road.
        >
        > David Howell
        > http://www.davidhowellstudios.com
        >
        > --- In videoblogging@yahoogroups.com, Mike Meiser
        > <groups-yahoo-com@...> wrote:
        > >
        > > Sad to hear. :(
        > > I'm assuming he was running wordpress?
        > >
        > > I've seen way to many wordpress blogs hacked. The problem is just
        > maintence,
        > > you have to keep wordpress constantly up to date to patch security
        > holes. If
        > > you don't it will inevitably get hacked. Same goes for all server
        > side open
        > > source.
        > >
        > > Many times I've wanted to redo my blogger.com blog in wordpress, indeed
        > > wordpress is simply better, but the truth is blogger.com is
        > virtually hack
        > > proof since there's absolutely no server side code running. It's all
        > handled
        > > by blogger.com and written to the server via sftp. I've really come to
        > > appreciate this rock solid security and ZERO maintenance, and to be
        > honest
        > > it's the primary reason I simply recommend blogger over wordpress to
        > anyone
        > > who wants to self host on their own domain. The exception being if
        > they're a
        > > developer and already running code on their server, in which case
        > they're
        > > probably aware enough of the maintenance issues to run wordpress.
        > >
        > > Lately I've been doing a lot of work in the bike industry and it
        > seems the
        > > entire industry from shop owners, to racers to bike makers runs almost
        > > exclusively on a blogspot hosted ecosystem. It simply works.
        > >
        > > P.S. a good auto-backup system or version control system for your
        > blog is a
        > > MUST if you run wordpress. A lot of hosting providers include this
        > stock.
        > >
        > > -Mike
        > > mmeiser.com/blog
        > > flickr.com/photos/mmeiser2
        > >
        > >
        > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
        > >
        > > > Looking back a page or 2 on his twitter history, I think the site got
        > > > hacked.
        > > >
        > > > http://twitter.com/joshleo
        > > >
        > > > Cheers
        > > >
        > > > Steve
        > > >
        > > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
        > wrote:
        > > > >
        > > > > Anyone know what happened to josh Leo's site (joshleo.com)? It looks
        > > > > like it is gone ... & I really like his videos!
        > > > >
        > > > > Just curious
        > > > >
        > > > > Sent from my iPhone
        > > > >
        > > >
        > > >
        > > >
        > > >
        > > > ------------------------------------
        > > >
        > > > Yahoo! Groups Links
        > > >
        > > >
        > > >
        > > >
        > >
        > >
        > > [Non-text portions of this message have been removed]
        > >
        >
        >
        >
        >
        > ------------------------------------
        >
        > Yahoo! Groups Links
        >
        >
        >
        >


        [Non-text portions of this message have been removed]
      • Tim Street
        MIke? Why did you have to say that? Now I want to go on vacation for a month. ;-) Tim Street 1timstreet@gmail.com http://1timstreet.com/blog
        Message 3 of 24 , Feb 8, 2009
        • 0 Attachment
          MIke?

          Why did you have to say that?

          Now I want to go on vacation for a month. ;-)


          Tim Street
          1timstreet@...
          http://1timstreet.com/blog
          http://twitter.com/1timstreet

          On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:

          > To use your car analogy most people simply take it to the dealer for
          > maintence.
          > There is no dealer for self hosting. Dreamhost nor any other provide
          > that
          > sort of support. That type of structure does not exist.
          >
          > Most people are not technically literate enough to manage the constant
          > stream of upgrades. I myself while technically capable, cut a hard
          > edge on
          > maintence issues. If I go on vacation for a month, I simply don't
          > want to
          > worry about it. And a month of ignoring it is all it takes... now
          > multiply
          > that by the rest of your life. Most people underestimate how much
          > the long
          > term maintence costs are while underestimating their own capactity
          > to handle
          > that constant maintence.
          >
          > These people should simply NOT be self hosting... unless they use
          > blogger.com which requires no maintence.
          >
          > It's that simple.
          >
          > -Mike
          >
          > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...>
          > wrote:
          >
          > > I'm sorry but the Wordpress site owners that are having their sites
          > > hacked are the same people that buy a car and expect to never have
          > to
          > > change the oil in it.
          > >
          > > Running a self-hosted site means being able to manage one as well.
          > If
          > > you don't want to manage it, then you use sites like Blogger.
          > Blogger
          > > is great for that. No frills. No muss. No fuss. No extras.
          > >
          > > If you dont want to manage it yourself, you hire people like me that
          > > will not only design and build it but manage it as well. If you want
          > > to do it all yourself, please read the manual, secure it and keep it
          > > up do date with patches. Your unsecured site causes problems for
          > everyone.
          > >
          > > If you dont change the oil in your car, dont cry when it's
          > eventually
          > > sitting dead on the side of the road.
          > >
          > > David Howell
          > > http://www.davidhowellstudios.com
          > >
          > > --- In videoblogging@yahoogroups.com, Mike Meiser
          > > <groups-yahoo-com@...> wrote:
          > > >
          > > > Sad to hear. :(
          > > > I'm assuming he was running wordpress?
          > > >
          > > > I've seen way to many wordpress blogs hacked. The problem is just
          > > maintence,
          > > > you have to keep wordpress constantly up to date to patch security
          > > holes. If
          > > > you don't it will inevitably get hacked. Same goes for all server
          > > side open
          > > > source.
          > > >
          > > > Many times I've wanted to redo my blogger.com blog in wordpress,
          > indeed
          > > > wordpress is simply better, but the truth is blogger.com is
          > > virtually hack
          > > > proof since there's absolutely no server side code running. It's
          > all
          > > handled
          > > > by blogger.com and written to the server via sftp. I've really
          > come to
          > > > appreciate this rock solid security and ZERO maintenance, and to
          > be
          > > honest
          > > > it's the primary reason I simply recommend blogger over
          > wordpress to
          > > anyone
          > > > who wants to self host on their own domain. The exception being if
          > > they're a
          > > > developer and already running code on their server, in which case
          > > they're
          > > > probably aware enough of the maintenance issues to run wordpress.
          > > >
          > > > Lately I've been doing a lot of work in the bike industry and it
          > > seems the
          > > > entire industry from shop owners, to racers to bike makers runs
          > almost
          > > > exclusively on a blogspot hosted ecosystem. It simply works.
          > > >
          > > > P.S. a good auto-backup system or version control system for your
          > > blog is a
          > > > MUST if you run wordpress. A lot of hosting providers include this
          > > stock.
          > > >
          > > > -Mike
          > > > mmeiser.com/blog
          > > > flickr.com/photos/mmeiser2
          > > >
          > > >
          > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
          > > >
          > > > > Looking back a page or 2 on his twitter history, I think the
          > site got
          > > > > hacked.
          > > > >
          > > > > http://twitter.com/joshleo
          > > > >
          > > > > Cheers
          > > > >
          > > > > Steve
          > > > >
          > > > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
          > > wrote:
          > > > > >
          > > > > > Anyone know what happened to josh Leo's site (joshleo.com)?
          > It looks
          > > > > > like it is gone ... & I really like his videos!
          > > > > >
          > > > > > Just curious
          > > > > >
          > > > > > Sent from my iPhone
          > > > > >
          > > > >
          > > > >
          > > > >
          > > > >
          > > > > ------------------------------------
          > > > >
          > > > > Yahoo! Groups Links
          > > > >
          > > > >
          > > > >
          > > > >
          > > >
          > > >
          > > > [Non-text portions of this message have been removed]
          > > >
          > >
          > >
          > >
          > >
          > > ------------------------------------
          > >
          > > Yahoo! Groups Links
          > >
          > >
          > >
          > >
          >
          > [Non-text portions of this message have been removed]
          >
          >
          >



          [Non-text portions of this message have been removed]
        • Markus Sandy
          ... Hey Meiserman! We had a discussion about Planning your next social media site at the Super Happy Vlog House yesterday. The people in the room ranged
          Message 4 of 24 , Feb 8, 2009
          • 0 Attachment
            On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:

            > To use your car analogy most people simply take it to the dealer for
            > maintence.

            Hey Meiserman!

            We had a discussion about "Planning your next social media site" at
            the Super Happy Vlog House yesterday. The people in the room ranged
            from professional web developers to website newbies. A few points may
            be of interest here in the VB group:

            1. One of the questions that came up was 'how many copies of your
            site do you maintain?" The pros generally said "at least two",
            staging and the live site. Most also have dev sandboxes (throwaway
            copies of site,files and database). More than a backup, this is a
            place to test all upgrades and changes before applying to (or swapping
            with) live site. More work and complexity, but less risk (so maybe
            not more work after all ;) ) Like David said, you gotta do it (or
            get a pro), otherwise you are working without a net.

            2. Two of the people who attended SHVH have recently started a biz
            service providing complete video site solutions by offering WP-based
            "packages". I think we will see a lot more of this. Wordpress and
            Drupal based "products" and services.

            New customer fills out a form for what they want. Pick from $999,
            $1299 or $1999 packages and options. Then work directly with the a
            desginer on look within very well defined limits imposed by a specific
            WP theme framework. Sites turned around quickly (e.g., less than a
            day). Packages for monthly hosting and services in the $19-$49/month
            range. These guys will even supply aggregated content feeds for your
            site to add to your content. Backups, SEO (including posts to major
            sites like Facebook), newsletter, press release, the works. Not for
            everyone here, but I suspect they will be very successful, especially
            with small businesses with little or no tech resources and budgets.

            Also a question for everyone:

            Someone mentioned Episodic at the meetup. Has anyone used it since
            they were just a flash to ipod transcoding startup service? There
            were a few posts here last summer about the service (Noam are you
            still here?). Looks like it's grown up quite a bit. I'm waiting for
            a beta account. Looks like a competitor to Brightcove, Ooyala,
            thePlatform, etc., but with more features and nice looking UI.
            Perhaps this is another way to go? http://episodic.com

            Markus


            [Non-text portions of this message have been removed]
          • Mike Meiser
            Sorry Markus, Everyone fears coming home from vacation to find their website burned down. Maybe you can hire a website security company, buy some website
            Message 5 of 24 , Feb 8, 2009
            • 0 Attachment
              Sorry Markus,
              Everyone fears coming home from vacation to find their website burned down.

              Maybe you can hire a website security company, buy some website insurance or
              find a website sitter.

              Seriously though, analogies are not only fun, but how's the following for a
              business idea.

              A company that you give FTP or sFTP access to your website.

              It not only backs up everything, and tracks every single change through a
              web based versioning control system, but can automatic roll back and even
              flags malicious changes.

              Make it general consumer friendly.

              Give it a nice "web 2.0" interface.

              Sell it to self hosters regardless of whom they're hosting with as
              "insurance, security, and backup".

              This not only can be a transparent service instead of bogging down would be
              DIY types with the need to buy your designs or run their workflow through
              you or use you as a host.

              But it will let the end user go crazy customizing their code, playing with
              open source, using whatever host provider they want. Giving them true
              *fredom to tinker*... now that they now have a saftey net.

              websaftey.net, it's actually available.


              Does something similar already exist?


              Now build on it... add in security analysis...

              ie. making sure permissions are correct on all your files...

              i.e. giving you status on wether your software installed on your server is
              up to date



              Maybe... if the technical requirements aren't to bad it could even install
              certain open source packages automatically regardless of hosting provider.

              What about the ability to switch hosts?

              Or mirror a website on a different domain with the click of a button?

              The ability to edit or upgrade or test a service and then roll it to the
              users main site.



              Perhaps this webservice could orient the market in a different way. Perhaps
              it could focus on a particular niche say video, customizing it's services
              for videobloggers...i.e installing wordpress themes vPip, etc.



              At it's core the backup and versioning is more then enough to sell to every
              web2.0 person out there for $5 - $10 a month and make mondo money, but the
              possibilities on where it can go from there are endless.

              The key is you're doing the same thing to hosting providers as so caled
              "web2.0" services like gmail have done to Outlook, Eudora and other email
              desktop clients.

              You're moving key services from the hosting providers into the "cloud" as
              services and thus reducing the dependancy on hosting companies proprietary
              features. In a sense your comoditizing the hosting provider the way the web
              is commoditizing the Microsoft OS, Microsoft Office, Outlook, Word, Excell,
              etc.

              You could go on to make this a gateway and a security net for not so tech
              savy people so they can try out open source packages regardless of different
              hosting providers.

              Perhaps one day... if you base this webservice on open source and work on
              building standards everyone from drupal to wordpress will work toward you to
              create a sort of web based "package manager" for the internet.

              In this way your webservice might install software cleanly onto any host
              that uses a standardized linux install base. Thus you created an ecosystem.
              An new sort of API by which hosting providers can interact with
              webservices.

              This "package manager for the internet", would be like the package managers
              used on desktop linux, but instead of installing software on your desktop
              they'd install it on your website... think CMS, wikis, blogs and more.
              Perhaps even custom videoblogging solutions such as themes, vPIP, etc.

              The internet is after all the new desktop. The desktop computer for many is
              just a dummy terminal you use to access the internet. Hence the rise of the
              netbook.

              The internet is where your email is, where your photoalbum/editor are, where
              your write and where you publish.

              So why not think of the domain, your website, as the new desktop.

              Using this metaphor, what other services could be stripped off of the
              hosting provider?

              You could possibly even avoid the problems inherent with running server side
              code on joeblowsblog.com buy creating an "ultra secure" option where all the
              code is run on this new webservice (similar to what blogger.com does) and
              only static html and files live on joeblow's domain.

              You could run this whole service through Amazon S3's hosting and computing
              cloud so it scales like the devil, and only charge the user for that
              processing and hosting that they require.

              If such "web 2.0" type service could handle the domain management and
              subdomain it could assign a subdomain to itself, i.e.
              code.joeblowsblog.comto run, manage, and update joe blow's code
              securely while leaving only
              static code (HTML, images, movie files) on joeblowsblog.com.

              In this way such a service could avoid the pitfalls of setting up different
              open source packages on different hosting providers whom may be using
              anything from Microsoft, to Debian to unix.

              Though perhaps if done in open source you could forge relationships with
              hosting providers that use standardized open source and thus create an
              interaction model... an API, by which you can create "a standardized package
              manager for the open source internet"

              This idea in the end might be two ideas

              1) security and a saftey net for self hosters websites

              2) and in the bigger picture... a "web based package manager" or "package
              manager as web service" in the grand web 2.0 style, to install and
              automatically update open source packages that run on webservers.

              Not sure I got the point across, maybe / maybe not, but heh I was
              brainstorming. :P

              -Mike

              On Sun, Feb 8, 2009 at 7:12 PM, Tim Street <1timstreet@...> wrote:

              > MIke?
              >
              > Why did you have to say that?
              >
              > Now I want to go on vacation for a month. ;-)
              >
              >
              > Tim Street
              > 1timstreet@...
              > http://1timstreet.com/blog
              > http://twitter.com/1timstreet
              >
              > On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:
              >
              > > To use your car analogy most people simply take it to the dealer for
              > > maintence.
              > > There is no dealer for self hosting. Dreamhost nor any other provide
              > > that
              > > sort of support. That type of structure does not exist.
              > >
              > > Most people are not technically literate enough to manage the constant
              > > stream of upgrades. I myself while technically capable, cut a hard
              > > edge on
              > > maintence issues. If I go on vacation for a month, I simply don't
              > > want to
              > > worry about it. And a month of ignoring it is all it takes... now
              > > multiply
              > > that by the rest of your life. Most people underestimate how much
              > > the long
              > > term maintence costs are while underestimating their own capactity
              > > to handle
              > > that constant maintence.
              > >
              > > These people should simply NOT be self hosting... unless they use
              > > blogger.com which requires no maintence.
              > >
              > > It's that simple.
              > >
              > > -Mike
              > >
              > > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...>
              > > wrote:
              > >
              > > > I'm sorry but the Wordpress site owners that are having their sites
              > > > hacked are the same people that buy a car and expect to never have
              > > to
              > > > change the oil in it.
              > > >
              > > > Running a self-hosted site means being able to manage one as well.
              > > If
              > > > you don't want to manage it, then you use sites like Blogger.
              > > Blogger
              > > > is great for that. No frills. No muss. No fuss. No extras.
              > > >
              > > > If you dont want to manage it yourself, you hire people like me that
              > > > will not only design and build it but manage it as well. If you want
              > > > to do it all yourself, please read the manual, secure it and keep it
              > > > up do date with patches. Your unsecured site causes problems for
              > > everyone.
              > > >
              > > > If you dont change the oil in your car, dont cry when it's
              > > eventually
              > > > sitting dead on the side of the road.
              > > >
              > > > David Howell
              > > > http://www.davidhowellstudios.com
              > > >
              > > > --- In videoblogging@yahoogroups.com, Mike Meiser
              > > > <groups-yahoo-com@...> wrote:
              > > > >
              > > > > Sad to hear. :(
              > > > > I'm assuming he was running wordpress?
              > > > >
              > > > > I've seen way to many wordpress blogs hacked. The problem is just
              > > > maintence,
              > > > > you have to keep wordpress constantly up to date to patch security
              > > > holes. If
              > > > > you don't it will inevitably get hacked. Same goes for all server
              > > > side open
              > > > > source.
              > > > >
              > > > > Many times I've wanted to redo my blogger.com blog in wordpress,
              > > indeed
              > > > > wordpress is simply better, but the truth is blogger.com is
              > > > virtually hack
              > > > > proof since there's absolutely no server side code running. It's
              > > all
              > > > handled
              > > > > by blogger.com and written to the server via sftp. I've really
              > > come to
              > > > > appreciate this rock solid security and ZERO maintenance, and to
              > > be
              > > > honest
              > > > > it's the primary reason I simply recommend blogger over
              > > wordpress to
              > > > anyone
              > > > > who wants to self host on their own domain. The exception being if
              > > > they're a
              > > > > developer and already running code on their server, in which case
              > > > they're
              > > > > probably aware enough of the maintenance issues to run wordpress.
              > > > >
              > > > > Lately I've been doing a lot of work in the bike industry and it
              > > > seems the
              > > > > entire industry from shop owners, to racers to bike makers runs
              > > almost
              > > > > exclusively on a blogspot hosted ecosystem. It simply works.
              > > > >
              > > > > P.S. a good auto-backup system or version control system for your
              > > > blog is a
              > > > > MUST if you run wordpress. A lot of hosting providers include this
              > > > stock.
              > > > >
              > > > > -Mike
              > > > > mmeiser.com/blog
              > > > > flickr.com/photos/mmeiser2
              > > > >
              > > > >
              > > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
              > > > >
              > > > > > Looking back a page or 2 on his twitter history, I think the
              > > site got
              > > > > > hacked.
              > > > > >
              > > > > > http://twitter.com/joshleo
              > > > > >
              > > > > > Cheers
              > > > > >
              > > > > > Steve
              > > > > >
              > > > > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
              > > > wrote:
              > > > > > >
              > > > > > > Anyone know what happened to josh Leo's site (joshleo.com)?
              > > It looks
              > > > > > > like it is gone ... & I really like his videos!
              > > > > > >
              > > > > > > Just curious
              > > > > > >
              > > > > > > Sent from my iPhone
              > > > > > >
              > > > > >
              > > > > >
              > > > > >
              > > > > >
              > > > > > ------------------------------------
              > > > > >
              > > > > > Yahoo! Groups Links
              > > > > >
              > > > > >
              > > > > >
              > > > > >
              > > > >
              > > > >
              > > > > [Non-text portions of this message have been removed]
              > > > >
              > > >
              > > >
              > > >
              > > >
              > > > ------------------------------------
              > > >
              > > > Yahoo! Groups Links
              > > >
              > > >
              > > >
              > > >
              > >
              > > [Non-text portions of this message have been removed]
              > >
              > >
              > >
              >
              >
              >
              > [Non-text portions of this message have been removed]
              >
              >
              >
              > ------------------------------------
              >
              > Yahoo! Groups Links
              >
              >
              >
              >


              [Non-text portions of this message have been removed]
            • David King
              My web hoster actually does most of that for me (the backups, rollbacks, etc). I do my own updates to wordpress, customizations, etc - but they do everything
              Message 6 of 24 , Feb 8, 2009
              • 0 Attachment
                My web hoster actually does most of that for me (the backups, rollbacks,
                etc). I do my own updates to wordpress, customizations, etc - but they do
                everything else. But then, it's a small, service-oriented web hoster shop
                primarly for library-related blogs and websites (how's that for a niche
                market?). If I have a server type question or prob, I just email or IM and
                it gets fixed, pronto.

                I'm very spoiled.

                David Lee King
                davidleeking.com - blog
                davidleeking.com/etc - videoblog
                twitter | skype: davidleeking


                On Sun, Feb 8, 2009 at 9:10 PM, Mike Meiser <groups-yahoo-com@...>wrote:

                > Sorry Markus,
                > Everyone fears coming home from vacation to find their website burned down.
                >
                > Maybe you can hire a website security company, buy some website insurance
                > or
                > find a website sitter.
                >
                > Seriously though, analogies are not only fun, but how's the following for a
                > business idea.
                >
                > A company that you give FTP or sFTP access to your website.
                >
                > It not only backs up everything, and tracks every single change through a
                > web based versioning control system, but can automatic roll back and even
                > flags malicious changes.
                >
                > Make it general consumer friendly.
                >
                > Give it a nice "web 2.0" interface.
                >
                > Sell it to self hosters regardless of whom they're hosting with as
                > "insurance, security, and backup".
                >
                > This not only can be a transparent service instead of bogging down would be
                > DIY types with the need to buy your designs or run their workflow through
                > you or use you as a host.
                >
                > But it will let the end user go crazy customizing their code, playing with
                > open source, using whatever host provider they want. Giving them true
                > *fredom to tinker*... now that they now have a saftey net.
                >
                > websaftey.net, it's actually available.
                >
                >
                > Does something similar already exist?
                >
                >
                > Now build on it... add in security analysis...
                >
                > ie. making sure permissions are correct on all your files...
                >
                > i.e. giving you status on wether your software installed on your server is
                > up to date
                >
                >
                >
                > Maybe... if the technical requirements aren't to bad it could even install
                > certain open source packages automatically regardless of hosting provider.
                >
                > What about the ability to switch hosts?
                >
                > Or mirror a website on a different domain with the click of a button?
                >
                > The ability to edit or upgrade or test a service and then roll it to the
                > users main site.
                >
                >
                >
                > Perhaps this webservice could orient the market in a different way. Perhaps
                > it could focus on a particular niche say video, customizing it's services
                > for videobloggers...i.e installing wordpress themes vPip, etc.
                >
                >
                >
                > At it's core the backup and versioning is more then enough to sell to every
                > web2.0 person out there for $5 - $10 a month and make mondo money, but the
                > possibilities on where it can go from there are endless.
                >
                > The key is you're doing the same thing to hosting providers as so caled
                > "web2.0" services like gmail have done to Outlook, Eudora and other email
                > desktop clients.
                >
                > You're moving key services from the hosting providers into the "cloud" as
                > services and thus reducing the dependancy on hosting companies proprietary
                > features. In a sense your comoditizing the hosting provider the way the web
                > is commoditizing the Microsoft OS, Microsoft Office, Outlook, Word, Excell,
                > etc.
                >
                > You could go on to make this a gateway and a security net for not so tech
                > savy people so they can try out open source packages regardless of
                > different
                > hosting providers.
                >
                > Perhaps one day... if you base this webservice on open source and work on
                > building standards everyone from drupal to wordpress will work toward you
                > to
                > create a sort of web based "package manager" for the internet.
                >
                > In this way your webservice might install software cleanly onto any host
                > that uses a standardized linux install base. Thus you created an
                > ecosystem.
                > An new sort of API by which hosting providers can interact with
                > webservices.
                >
                > This "package manager for the internet", would be like the package managers
                > used on desktop linux, but instead of installing software on your desktop
                > they'd install it on your website... think CMS, wikis, blogs and more.
                > Perhaps even custom videoblogging solutions such as themes, vPIP, etc.
                >
                > The internet is after all the new desktop. The desktop computer for many is
                > just a dummy terminal you use to access the internet. Hence the rise of the
                > netbook.
                >
                > The internet is where your email is, where your photoalbum/editor are,
                > where
                > your write and where you publish.
                >
                > So why not think of the domain, your website, as the new desktop.
                >
                > Using this metaphor, what other services could be stripped off of the
                > hosting provider?
                >
                > You could possibly even avoid the problems inherent with running server
                > side
                > code on joeblowsblog.com buy creating an "ultra secure" option where all
                > the
                > code is run on this new webservice (similar to what blogger.com does) and
                > only static html and files live on joeblow's domain.
                >
                > You could run this whole service through Amazon S3's hosting and computing
                > cloud so it scales like the devil, and only charge the user for that
                > processing and hosting that they require.
                >
                > If such "web 2.0" type service could handle the domain management and
                > subdomain it could assign a subdomain to itself, i.e.
                > code.joeblowsblog.comto run, manage, and update joe blow's code
                > securely while leaving only
                > static code (HTML, images, movie files) on joeblowsblog.com.
                >
                > In this way such a service could avoid the pitfalls of setting up different
                > open source packages on different hosting providers whom may be using
                > anything from Microsoft, to Debian to unix.
                >
                > Though perhaps if done in open source you could forge relationships with
                > hosting providers that use standardized open source and thus create an
                > interaction model... an API, by which you can create "a standardized
                > package
                > manager for the open source internet"
                >
                > This idea in the end might be two ideas
                >
                > 1) security and a saftey net for self hosters websites
                >
                > 2) and in the bigger picture... a "web based package manager" or "package
                > manager as web service" in the grand web 2.0 style, to install and
                > automatically update open source packages that run on webservers.
                >
                > Not sure I got the point across, maybe / maybe not, but heh I was
                > brainstorming. :P
                >
                > -Mike
                >
                > On Sun, Feb 8, 2009 at 7:12 PM, Tim Street <1timstreet@...> wrote:
                >
                > > MIke?
                > >
                > > Why did you have to say that?
                > >
                > > Now I want to go on vacation for a month. ;-)
                > >
                > >
                > > Tim Street
                > > 1timstreet@...
                > > http://1timstreet.com/blog
                > > http://twitter.com/1timstreet
                > >
                > > On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:
                > >
                > > > To use your car analogy most people simply take it to the dealer for
                > > > maintence.
                > > > There is no dealer for self hosting. Dreamhost nor any other provide
                > > > that
                > > > sort of support. That type of structure does not exist.
                > > >
                > > > Most people are not technically literate enough to manage the constant
                > > > stream of upgrades. I myself while technically capable, cut a hard
                > > > edge on
                > > > maintence issues. If I go on vacation for a month, I simply don't
                > > > want to
                > > > worry about it. And a month of ignoring it is all it takes... now
                > > > multiply
                > > > that by the rest of your life. Most people underestimate how much
                > > > the long
                > > > term maintence costs are while underestimating their own capactity
                > > > to handle
                > > > that constant maintence.
                > > >
                > > > These people should simply NOT be self hosting... unless they use
                > > > blogger.com which requires no maintence.
                > > >
                > > > It's that simple.
                > > >
                > > > -Mike
                > > >
                > > > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...>
                > > > wrote:
                > > >
                > > > > I'm sorry but the Wordpress site owners that are having their sites
                > > > > hacked are the same people that buy a car and expect to never have
                > > > to
                > > > > change the oil in it.
                > > > >
                > > > > Running a self-hosted site means being able to manage one as well.
                > > > If
                > > > > you don't want to manage it, then you use sites like Blogger.
                > > > Blogger
                > > > > is great for that. No frills. No muss. No fuss. No extras.
                > > > >
                > > > > If you dont want to manage it yourself, you hire people like me that
                > > > > will not only design and build it but manage it as well. If you want
                > > > > to do it all yourself, please read the manual, secure it and keep it
                > > > > up do date with patches. Your unsecured site causes problems for
                > > > everyone.
                > > > >
                > > > > If you dont change the oil in your car, dont cry when it's
                > > > eventually
                > > > > sitting dead on the side of the road.
                > > > >
                > > > > David Howell
                > > > > http://www.davidhowellstudios.com
                > > > >
                > > > > --- In videoblogging@yahoogroups.com, Mike Meiser
                > > > > <groups-yahoo-com@...> wrote:
                > > > > >
                > > > > > Sad to hear. :(
                > > > > > I'm assuming he was running wordpress?
                > > > > >
                > > > > > I've seen way to many wordpress blogs hacked. The problem is just
                > > > > maintence,
                > > > > > you have to keep wordpress constantly up to date to patch security
                > > > > holes. If
                > > > > > you don't it will inevitably get hacked. Same goes for all server
                > > > > side open
                > > > > > source.
                > > > > >
                > > > > > Many times I've wanted to redo my blogger.com blog in wordpress,
                > > > indeed
                > > > > > wordpress is simply better, but the truth is blogger.com is
                > > > > virtually hack
                > > > > > proof since there's absolutely no server side code running. It's
                > > > all
                > > > > handled
                > > > > > by blogger.com and written to the server via sftp. I've really
                > > > come to
                > > > > > appreciate this rock solid security and ZERO maintenance, and to
                > > > be
                > > > > honest
                > > > > > it's the primary reason I simply recommend blogger over
                > > > wordpress to
                > > > > anyone
                > > > > > who wants to self host on their own domain. The exception being if
                > > > > they're a
                > > > > > developer and already running code on their server, in which case
                > > > > they're
                > > > > > probably aware enough of the maintenance issues to run wordpress.
                > > > > >
                > > > > > Lately I've been doing a lot of work in the bike industry and it
                > > > > seems the
                > > > > > entire industry from shop owners, to racers to bike makers runs
                > > > almost
                > > > > > exclusively on a blogspot hosted ecosystem. It simply works.
                > > > > >
                > > > > > P.S. a good auto-backup system or version control system for your
                > > > > blog is a
                > > > > > MUST if you run wordpress. A lot of hosting providers include this
                > > > > stock.
                > > > > >
                > > > > > -Mike
                > > > > > mmeiser.com/blog
                > > > > > flickr.com/photos/mmeiser2
                > > > > >
                > > > > >
                > > > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
                > > > > >
                > > > > > > Looking back a page or 2 on his twitter history, I think the
                > > > site got
                > > > > > > hacked.
                > > > > > >
                > > > > > > http://twitter.com/joshleo
                > > > > > >
                > > > > > > Cheers
                > > > > > >
                > > > > > > Steve
                > > > > > >
                > > > > > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
                > > > > wrote:
                > > > > > > >
                > > > > > > > Anyone know what happened to josh Leo's site (joshleo.com)?
                > > > It looks
                > > > > > > > like it is gone ... & I really like his videos!
                > > > > > > >
                > > > > > > > Just curious
                > > > > > > >
                > > > > > > > Sent from my iPhone
                > > > > > > >
                > > > > > >
                > > > > > >
                > > > > > >
                > > > > > >
                > > > > > > ------------------------------------
                > > > > > >
                > > > > > > Yahoo! Groups Links
                > > > > > >
                > > > > > >
                > > > > > >
                > > > > > >
                > > > > >
                > > > > >
                > > > > > [Non-text portions of this message have been removed]
                > > > > >
                > > > >
                > > > >
                > > > >
                > > > >
                > > > > ------------------------------------
                > > > >
                > > > > Yahoo! Groups Links
                > > > >
                > > > >
                > > > >
                > > > >
                > > >
                > > > [Non-text portions of this message have been removed]
                > > >
                > > >
                > > >
                > >
                > >
                > >
                > > [Non-text portions of this message have been removed]
                > >
                > >
                > >
                > > ------------------------------------
                > >
                > > Yahoo! Groups Links
                > >
                > >
                > >
                > >
                >
                >
                > [Non-text portions of this message have been removed]
                >
                >
                >
                > ------------------------------------
                >
                > Yahoo! Groups Links
                >
                >
                >
                >


                [Non-text portions of this message have been removed]
              • Mike Meiser
                My host is... my friends own a server. I ve removed plone, media wiki and eveyrthing else from my site precisely do what we re talking about here. Maintence
                Message 7 of 24 , Feb 8, 2009
                • 0 Attachment
                  My host is... my friends own a server.
                  I've removed plone, media wiki and eveyrthing else from my site precisely do
                  what we're talking about here. Maintence and security hassles far outweigh
                  their utility.

                  No server side code runs on my domain.

                  My backup is

                  a) blogger.com contains all the CSS and blog posts

                  b) I back it up every once and a while via sFTP to be sure to get images and
                  other media files I've uploaded

                  And yes, David, you're way spoiled for hosting, and so am I.

                  I'd suspect the average person uses Dreamhost or like and has little / no
                  support.

                  I guess I could bug my friend about server issues, but I did away with the
                  server side code because I value spending our time discussing linux, open
                  source, gaming and generally geeking out.

                  I guess you might say like to play with it, love it for work, but I'm very
                  careful with what I depend on for my own personal use because I have a
                  strict zero maintence philosphy. Probably why my primary work computer is
                  mac though 90% of my software is open source and I spend all day reading up
                  on and playing with working with/on Ubuntu / KDE / Gnome. ("all day" being a
                  VERY relative thing :)

                  Peace,

                  -Mike

                  On Sun, Feb 8, 2009 at 10:27 PM, David King <davidleeking@...> wrote:

                  > My web hoster actually does most of that for me (the backups, rollbacks,
                  > etc). I do my own updates to wordpress, customizations, etc - but they do
                  > everything else. But then, it's a small, service-oriented web hoster shop
                  > primarly for library-related blogs and websites (how's that for a niche
                  > market?). If I have a server type question or prob, I just email or IM and
                  > it gets fixed, pronto.
                  >
                  > I'm very spoiled.
                  >
                  > David Lee King
                  > davidleeking.com - blog
                  > davidleeking.com/etc - videoblog
                  > twitter | skype: davidleeking
                  >
                  >
                  > On Sun, Feb 8, 2009 at 9:10 PM, Mike Meiser <groups-yahoo-com@...
                  > >wrote:
                  >
                  > > Sorry Markus,
                  > > Everyone fears coming home from vacation to find their website burned
                  > down.
                  > >
                  > > Maybe you can hire a website security company, buy some website insurance
                  > > or
                  > > find a website sitter.
                  > >
                  > > Seriously though, analogies are not only fun, but how's the following for
                  > a
                  > > business idea.
                  > >
                  > > A company that you give FTP or sFTP access to your website.
                  > >
                  > > It not only backs up everything, and tracks every single change through a
                  > > web based versioning control system, but can automatic roll back and even
                  > > flags malicious changes.
                  > >
                  > > Make it general consumer friendly.
                  > >
                  > > Give it a nice "web 2.0" interface.
                  > >
                  > > Sell it to self hosters regardless of whom they're hosting with as
                  > > "insurance, security, and backup".
                  > >
                  > > This not only can be a transparent service instead of bogging down would
                  > be
                  > > DIY types with the need to buy your designs or run their workflow through
                  > > you or use you as a host.
                  > >
                  > > But it will let the end user go crazy customizing their code, playing
                  > with
                  > > open source, using whatever host provider they want. Giving them true
                  > > *fredom to tinker*... now that they now have a saftey net.
                  > >
                  > > websaftey.net, it's actually available.
                  > >
                  > >
                  > > Does something similar already exist?
                  > >
                  > >
                  > > Now build on it... add in security analysis...
                  > >
                  > > ie. making sure permissions are correct on all your files...
                  > >
                  > > i.e. giving you status on wether your software installed on your server
                  > is
                  > > up to date
                  > >
                  > >
                  > >
                  > > Maybe... if the technical requirements aren't to bad it could even
                  > install
                  > > certain open source packages automatically regardless of hosting
                  > provider.
                  > >
                  > > What about the ability to switch hosts?
                  > >
                  > > Or mirror a website on a different domain with the click of a button?
                  > >
                  > > The ability to edit or upgrade or test a service and then roll it to the
                  > > users main site.
                  > >
                  > >
                  > >
                  > > Perhaps this webservice could orient the market in a different way.
                  > Perhaps
                  > > it could focus on a particular niche say video, customizing it's services
                  > > for videobloggers...i.e installing wordpress themes vPip, etc.
                  > >
                  > >
                  > >
                  > > At it's core the backup and versioning is more then enough to sell to
                  > every
                  > > web2.0 person out there for $5 - $10 a month and make mondo money, but
                  > the
                  > > possibilities on where it can go from there are endless.
                  > >
                  > > The key is you're doing the same thing to hosting providers as so caled
                  > > "web2.0" services like gmail have done to Outlook, Eudora and other email
                  > > desktop clients.
                  > >
                  > > You're moving key services from the hosting providers into the "cloud" as
                  > > services and thus reducing the dependancy on hosting companies
                  > proprietary
                  > > features. In a sense your comoditizing the hosting provider the way the
                  > web
                  > > is commoditizing the Microsoft OS, Microsoft Office, Outlook, Word,
                  > Excell,
                  > > etc.
                  > >
                  > > You could go on to make this a gateway and a security net for not so tech
                  > > savy people so they can try out open source packages regardless of
                  > > different
                  > > hosting providers.
                  > >
                  > > Perhaps one day... if you base this webservice on open source and work on
                  > > building standards everyone from drupal to wordpress will work toward you
                  > > to
                  > > create a sort of web based "package manager" for the internet.
                  > >
                  > > In this way your webservice might install software cleanly onto any host
                  > > that uses a standardized linux install base. Thus you created an
                  > > ecosystem.
                  > > An new sort of API by which hosting providers can interact with
                  > > webservices.
                  > >
                  > > This "package manager for the internet", would be like the package
                  > managers
                  > > used on desktop linux, but instead of installing software on your desktop
                  > > they'd install it on your website... think CMS, wikis, blogs and more.
                  > > Perhaps even custom videoblogging solutions such as themes, vPIP, etc.
                  > >
                  > > The internet is after all the new desktop. The desktop computer for many
                  > is
                  > > just a dummy terminal you use to access the internet. Hence the rise of
                  > the
                  > > netbook.
                  > >
                  > > The internet is where your email is, where your photoalbum/editor are,
                  > > where
                  > > your write and where you publish.
                  > >
                  > > So why not think of the domain, your website, as the new desktop.
                  > >
                  > > Using this metaphor, what other services could be stripped off of the
                  > > hosting provider?
                  > >
                  > > You could possibly even avoid the problems inherent with running server
                  > > side
                  > > code on joeblowsblog.com buy creating an "ultra secure" option where all
                  > > the
                  > > code is run on this new webservice (similar to what blogger.com does)
                  > and
                  > > only static html and files live on joeblow's domain.
                  > >
                  > > You could run this whole service through Amazon S3's hosting and
                  > computing
                  > > cloud so it scales like the devil, and only charge the user for that
                  > > processing and hosting that they require.
                  > >
                  > > If such "web 2.0" type service could handle the domain management and
                  > > subdomain it could assign a subdomain to itself, i.e.
                  > > code.joeblowsblog.comto run, manage, and update joe blow's code
                  > > securely while leaving only
                  > > static code (HTML, images, movie files) on joeblowsblog.com.
                  > >
                  > > In this way such a service could avoid the pitfalls of setting up
                  > different
                  > > open source packages on different hosting providers whom may be using
                  > > anything from Microsoft, to Debian to unix.
                  > >
                  > > Though perhaps if done in open source you could forge relationships with
                  > > hosting providers that use standardized open source and thus create an
                  > > interaction model... an API, by which you can create "a standardized
                  > > package
                  > > manager for the open source internet"
                  > >
                  > > This idea in the end might be two ideas
                  > >
                  > > 1) security and a saftey net for self hosters websites
                  > >
                  > > 2) and in the bigger picture... a "web based package manager" or "package
                  > > manager as web service" in the grand web 2.0 style, to install and
                  > > automatically update open source packages that run on webservers.
                  > >
                  > > Not sure I got the point across, maybe / maybe not, but heh I was
                  > > brainstorming. :P
                  > >
                  > > -Mike
                  > >
                  > > On Sun, Feb 8, 2009 at 7:12 PM, Tim Street <1timstreet@...> wrote:
                  > >
                  > > > MIke?
                  > > >
                  > > > Why did you have to say that?
                  > > >
                  > > > Now I want to go on vacation for a month. ;-)
                  > > >
                  > > >
                  > > > Tim Street
                  > > > 1timstreet@...
                  > > > http://1timstreet.com/blog
                  > > > http://twitter.com/1timstreet
                  > > >
                  > > > On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:
                  > > >
                  > > > > To use your car analogy most people simply take it to the dealer for
                  > > > > maintence.
                  > > > > There is no dealer for self hosting. Dreamhost nor any other provide
                  > > > > that
                  > > > > sort of support. That type of structure does not exist.
                  > > > >
                  > > > > Most people are not technically literate enough to manage the
                  > constant
                  > > > > stream of upgrades. I myself while technically capable, cut a hard
                  > > > > edge on
                  > > > > maintence issues. If I go on vacation for a month, I simply don't
                  > > > > want to
                  > > > > worry about it. And a month of ignoring it is all it takes... now
                  > > > > multiply
                  > > > > that by the rest of your life. Most people underestimate how much
                  > > > > the long
                  > > > > term maintence costs are while underestimating their own capactity
                  > > > > to handle
                  > > > > that constant maintence.
                  > > > >
                  > > > > These people should simply NOT be self hosting... unless they use
                  > > > > blogger.com which requires no maintence.
                  > > > >
                  > > > > It's that simple.
                  > > > >
                  > > > > -Mike
                  > > > >
                  > > > > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...>
                  > > > > wrote:
                  > > > >
                  > > > > > I'm sorry but the Wordpress site owners that are having their sites
                  > > > > > hacked are the same people that buy a car and expect to never have
                  > > > > to
                  > > > > > change the oil in it.
                  > > > > >
                  > > > > > Running a self-hosted site means being able to manage one as well.
                  > > > > If
                  > > > > > you don't want to manage it, then you use sites like Blogger.
                  > > > > Blogger
                  > > > > > is great for that. No frills. No muss. No fuss. No extras.
                  > > > > >
                  > > > > > If you dont want to manage it yourself, you hire people like me
                  > that
                  > > > > > will not only design and build it but manage it as well. If you
                  > want
                  > > > > > to do it all yourself, please read the manual, secure it and keep
                  > it
                  > > > > > up do date with patches. Your unsecured site causes problems for
                  > > > > everyone.
                  > > > > >
                  > > > > > If you dont change the oil in your car, dont cry when it's
                  > > > > eventually
                  > > > > > sitting dead on the side of the road.
                  > > > > >
                  > > > > > David Howell
                  > > > > > http://www.davidhowellstudios.com
                  > > > > >
                  > > > > > --- In videoblogging@yahoogroups.com, Mike Meiser
                  > > > > > <groups-yahoo-com@...> wrote:
                  > > > > > >
                  > > > > > > Sad to hear. :(
                  > > > > > > I'm assuming he was running wordpress?
                  > > > > > >
                  > > > > > > I've seen way to many wordpress blogs hacked. The problem is just
                  > > > > > maintence,
                  > > > > > > you have to keep wordpress constantly up to date to patch
                  > security
                  > > > > > holes. If
                  > > > > > > you don't it will inevitably get hacked. Same goes for all server
                  > > > > > side open
                  > > > > > > source.
                  > > > > > >
                  > > > > > > Many times I've wanted to redo my blogger.com blog in wordpress,
                  > > > > indeed
                  > > > > > > wordpress is simply better, but the truth is blogger.com is
                  > > > > > virtually hack
                  > > > > > > proof since there's absolutely no server side code running. It's
                  > > > > all
                  > > > > > handled
                  > > > > > > by blogger.com and written to the server via sftp. I've really
                  > > > > come to
                  > > > > > > appreciate this rock solid security and ZERO maintenance, and to
                  > > > > be
                  > > > > > honest
                  > > > > > > it's the primary reason I simply recommend blogger over
                  > > > > wordpress to
                  > > > > > anyone
                  > > > > > > who wants to self host on their own domain. The exception being
                  > if
                  > > > > > they're a
                  > > > > > > developer and already running code on their server, in which case
                  > > > > > they're
                  > > > > > > probably aware enough of the maintenance issues to run wordpress.
                  > > > > > >
                  > > > > > > Lately I've been doing a lot of work in the bike industry and it
                  > > > > > seems the
                  > > > > > > entire industry from shop owners, to racers to bike makers runs
                  > > > > almost
                  > > > > > > exclusively on a blogspot hosted ecosystem. It simply works.
                  > > > > > >
                  > > > > > > P.S. a good auto-backup system or version control system for your
                  > > > > > blog is a
                  > > > > > > MUST if you run wordpress. A lot of hosting providers include
                  > this
                  > > > > > stock.
                  > > > > > >
                  > > > > > > -Mike
                  > > > > > > mmeiser.com/blog
                  > > > > > > flickr.com/photos/mmeiser2
                  > > > > > >
                  > > > > > >
                  > > > > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
                  > > > > > >
                  > > > > > > > Looking back a page or 2 on his twitter history, I think the
                  > > > > site got
                  > > > > > > > hacked.
                  > > > > > > >
                  > > > > > > > http://twitter.com/joshleo
                  > > > > > > >
                  > > > > > > > Cheers
                  > > > > > > >
                  > > > > > > > Steve
                  > > > > > > >
                  > > > > > > > --- In videoblogging@yahoogroups.com, David King
                  > <davidleeking@>
                  > > > > > wrote:
                  > > > > > > > >
                  > > > > > > > > Anyone know what happened to josh Leo's site (joshleo.com)?
                  > > > > It looks
                  > > > > > > > > like it is gone ... & I really like his videos!
                  > > > > > > > >
                  > > > > > > > > Just curious
                  > > > > > > > >
                  > > > > > > > > Sent from my iPhone
                  > > > > > > > >
                  > > > > > > >
                  > > > > > > >
                  > > > > > > >
                  > > > > > > >
                  > > > > > > > ------------------------------------
                  > > > > > > >
                  > > > > > > > Yahoo! Groups Links
                  > > > > > > >
                  > > > > > > >
                  > > > > > > >
                  > > > > > > >
                  > > > > > >
                  > > > > > >
                  > > > > > > [Non-text portions of this message have been removed]
                  > > > > > >
                  > > > > >
                  > > > > >
                  > > > > >
                  > > > > >
                  > > > > > ------------------------------------
                  > > > > >
                  > > > > > Yahoo! Groups Links
                  > > > > >
                  > > > > >
                  > > > > >
                  > > > > >
                  > > > >
                  > > > > [Non-text portions of this message have been removed]
                  > > > >
                  > > > >
                  > > > >
                  > > >
                  > > >
                  > > >
                  > > > [Non-text portions of this message have been removed]
                  > > >
                  > > >
                  > > >
                  > > > ------------------------------------
                  > > >
                  > > > Yahoo! Groups Links
                  > > >
                  > > >
                  > > >
                  > > >
                  > >
                  > >
                  > > [Non-text portions of this message have been removed]
                  > >
                  > >
                  > >
                  > > ------------------------------------
                  > >
                  > > Yahoo! Groups Links
                  > >
                  > >
                  > >
                  > >
                  >
                  >
                  > [Non-text portions of this message have been removed]
                  >
                  >
                  >
                  > ------------------------------------
                  >
                  > Yahoo! Groups Links
                  >
                  >
                  >
                  >


                  [Non-text portions of this message have been removed]
                • Jacek Artymiak
                  On Sun, Feb 8, 2009 at 5:42 PM, Mike Meiser ... You are being naive, Mike. It has nothing to do with the software being open or closed source. Maintenance is
                  Message 8 of 24 , Feb 9, 2009
                  • 0 Attachment
                    On Sun, Feb 8, 2009 at 5:42 PM, Mike Meiser
                    <groups-yahoo-com@...> wrote:
                    > Sad to hear. :(
                    > I'm assuming he was running wordpress?
                    >
                    > I've seen way to many wordpress blogs hacked. The problem is just maintence,
                    > you have to keep wordpress constantly up to date to patch security holes. If
                    > you don't it will inevitably get hacked. Same goes for all server side open
                    > source.

                    You are being naive, Mike. It has nothing to do with the software
                    being open or closed source.

                    Maintenance is not a problem, it is what you have to do.

                    Maintenance and backups. Make sure you backup your site every time you
                    post a new episode of your show. Here's a good piece of information on
                    how to make backups of your MySQL database via phpMyAdmin.

                    http://www.siteground.com/tutorials/php-mysql/mysql_export.htm

                    > Many times I've wanted to redo my blogger.com blog in wordpress, indeed
                    > wordpress is simply better, but the truth is blogger.com is virtually hack
                    > proof since there's absolutely no server side code running. It's all handled

                    Oh, boy. Where do we begin?

                    blogger.com does run server-side code. A weak password is
                    platform-independent. Sftp does not prevent hackers from getting at
                    your blog, because there are other ways.

                    Passwords: sftp protects them in transit, but there are other ways of
                    getting in, like dictionary attacks. A weak password will let the bad
                    guys in no matter what tools you use. A colleague of mine had her
                    Google account hacked a couple of weeks ago. The reason was a weak
                    password. Google account are used to authenticate the users of
                    Blogger. Here's another story of a password being hijacked using
                    another method:

                    http://www.davidairey.com/google-gmail-security-hijack/

                    Buffer overflows: will help the hackers get at a site without breaking
                    in via FTP. Sometimes posting a carefully crafted piece of code in a
                    comment form will be all that's required to pull the pants off your
                    site's butt.

                    XSS: can be used to hijack passwords/user information.

                    SQL injection: a skilled hacker can delete your database without
                    breaking into your account, if the code does not do extensive checks.
                    All he/she has to do is send SQL commands to delete your database.
                    They don't need to know the username/password, because the blogging
                    software that communicates with the database behind your blog already
                    knows both... the database trusts the software and deletes your data.
                    It's beautifully simple if the blogging software doesn't clean the
                    data it passes to the database.

                    And let's not forget those nice Web 2.0/Java things and plug-ins. The
                    more of that crap you put on your site, the higher the likelihood of
                    someone finding a way to break into it.

                    > by blogger.com and written to the server via sftp. I've really come to
                    > appreciate this rock solid security and ZERO maintenance, and to be honest
                    > it's the primary reason I simply recommend blogger over wordpress to anyone
                    > who wants to self host on their own domain. The exception being if they're a
                    > developer and already running code on their server, in which case they're
                    > probably aware enough of the maintenance issues to run wordpress.
                    >
                    > Lately I've been doing a lot of work in the bike industry and it seems the
                    > entire industry from shop owners, to racers to bike makers runs almost
                    > exclusively on a blogspot hosted ecosystem. It simply works.

                    I'm sorry Mike, but I wouldn't go to the bike industry for security advice.

                    Using SFTP is good higene, but it is not a replacement for a vaccine.

                    > P.S. a good auto-backup system or version control system for your blog is a
                    > MUST if you run wordpress. A lot of hosting providers include this stock.

                    Off-site backup is a better solution. If it means burning a DVD with a
                    backup of your database and all files and taking it to a safe place,
                    so be it.

                    --
                    Jacek Artymiak
                    http://devGuide.net
                    Facebook:
                    http://www.facebook.com/group.php?gid=50168432081
                    Twitter:
                    http://twitter.com/devguide
                    RSS Feed: http://feeds.feedburner.com/devguide-net
                    Our latest book:
                    Mastering OpenOffice.org Calc
                    http://www.devguide.net/books/moooc1
                    vi(1) Tips: Essential vi/vim Editor Skills, 1st ed.
                    http://www.devguide.net/books/vitips1

                    [ sent from my MacBook Wheel ]
                  • Heath
                    Well....it could also be that sometimes with an update to Wordpress...not everything works right, plugin s that worked before suddenly do not, or some random
                    Message 9 of 24 , Feb 9, 2009
                    • 0 Attachment
                      Well....it could also be that sometimes with an update to
                      Wordpress...not everything works right, plugin's that worked before
                      suddenly do not, or some random combination of things cause an
                      issue...so it's not just as simple as keeping the site up to date
                      with the current software....

                      So it's not always so simple....

                      Heath

                      http://heathparks.com

                      --- In videoblogging@yahoogroups.com, Mike Meiser <groups-yahoo-
                      com@...> wrote:
                      >
                      > To use your car analogy most people simply take it to the dealer for
                      > maintence.
                      > There is no dealer for self hosting. Dreamhost nor any other
                      provide that
                      > sort of support. That type of structure does not exist.
                      >
                      > Most people are not technically literate enough to manage the
                      constant
                      > stream of upgrades. I myself while technically capable, cut a hard
                      edge on
                      > maintence issues. If I go on vacation for a month, I simply don't
                      want to
                      > worry about it. And a month of ignoring it is all it takes... now
                      multiply
                      > that by the rest of your life. Most people underestimate how much
                      the long
                      > term maintence costs are while underestimating their own capactity
                      to handle
                      > that constant maintence.
                      >
                      > These people should simply NOT be self hosting... unless they use
                      > blogger.com which requires no maintence.
                      >
                      > It's that simple.
                      >
                      > -Mike
                      >
                      >
                      >
                      > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...> wrote:
                      >
                      > > I'm sorry but the Wordpress site owners that are having their
                      sites
                      > > hacked are the same people that buy a car and expect to never
                      have to
                      > > change the oil in it.
                      > >
                      > > Running a self-hosted site means being able to manage one as
                      well. If
                      > > you don't want to manage it, then you use sites like Blogger.
                      Blogger
                      > > is great for that. No frills. No muss. No fuss. No extras.
                      > >
                      > > If you dont want to manage it yourself, you hire people like me
                      that
                      > > will not only design and build it but manage it as well. If you
                      want
                      > > to do it all yourself, please read the manual, secure it and keep
                      it
                      > > up do date with patches. Your unsecured site causes problems for
                      everyone.
                      > >
                      > > If you dont change the oil in your car, dont cry when it's
                      eventually
                      > > sitting dead on the side of the road.
                      > >
                      > > David Howell
                      > > http://www.davidhowellstudios.com
                      > >
                      > > --- In videoblogging@yahoogroups.com, Mike Meiser
                      > > <groups-yahoo-com@> wrote:
                      > > >
                      > > > Sad to hear. :(
                      > > > I'm assuming he was running wordpress?
                      > > >
                      > > > I've seen way to many wordpress blogs hacked. The problem is
                      just
                      > > maintence,
                      > > > you have to keep wordpress constantly up to date to patch
                      security
                      > > holes. If
                      > > > you don't it will inevitably get hacked. Same goes for all
                      server
                      > > side open
                      > > > source.
                      > > >
                      > > > Many times I've wanted to redo my blogger.com blog in
                      wordpress, indeed
                      > > > wordpress is simply better, but the truth is blogger.com is
                      > > virtually hack
                      > > > proof since there's absolutely no server side code running.
                      It's all
                      > > handled
                      > > > by blogger.com and written to the server via sftp. I've really
                      come to
                      > > > appreciate this rock solid security and ZERO maintenance, and
                      to be
                      > > honest
                      > > > it's the primary reason I simply recommend blogger over
                      wordpress to
                      > > anyone
                      > > > who wants to self host on their own domain. The exception being
                      if
                      > > they're a
                      > > > developer and already running code on their server, in which
                      case
                      > > they're
                      > > > probably aware enough of the maintenance issues to run
                      wordpress.
                      > > >
                      > > > Lately I've been doing a lot of work in the bike industry and it
                      > > seems the
                      > > > entire industry from shop owners, to racers to bike makers runs
                      almost
                      > > > exclusively on a blogspot hosted ecosystem. It simply works.
                      > > >
                      > > > P.S. a good auto-backup system or version control system for
                      your
                      > > blog is a
                      > > > MUST if you run wordpress. A lot of hosting providers include
                      this
                      > > stock.
                      > > >
                      > > > -Mike
                      > > > mmeiser.com/blog
                      > > > flickr.com/photos/mmeiser2
                      > > >
                      > > >
                      > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@> wrote:
                      > > >
                      > > > > Looking back a page or 2 on his twitter history, I think the
                      site got
                      > > > > hacked.
                      > > > >
                      > > > > http://twitter.com/joshleo
                      > > > >
                      > > > > Cheers
                      > > > >
                      > > > > Steve
                      > > > >
                      > > > > --- In videoblogging@yahoogroups.com, David King
                      <davidleeking@>
                      > > wrote:
                      > > > > >
                      > > > > > Anyone know what happened to josh Leo's site (joshleo.com)?
                      It looks
                      > > > > > like it is gone ... & I really like his videos!
                      > > > > >
                      > > > > > Just curious
                      > > > > >
                      > > > > > Sent from my iPhone
                      > > > > >
                      > > > >
                      > > > >
                      > > > >
                      > > > >
                      > > > > ------------------------------------
                      > > > >
                      > > > > Yahoo! Groups Links
                      > > > >
                      > > > >
                      > > > >
                      > > > >
                      > > >
                      > > >
                      > > > [Non-text portions of this message have been removed]
                      > > >
                      > >
                      > >
                      > >
                      > >
                      > > ------------------------------------
                      > >
                      > > Yahoo! Groups Links
                      > >
                      > >
                      > >
                      > >
                      >
                      >
                      > [Non-text portions of this message have been removed]
                      >
                    • Heath
                      when I created my wordpress site, I created a mirror site on wordpress.com and I cross post everything there as well...so if something does happen, I have a
                      Message 10 of 24 , Feb 9, 2009
                      • 0 Attachment
                        when I created my wordpress site, I created a mirror site on
                        wordpress.com and I cross post everything there as well...so if
                        something does happen, I have a backup to work with in addtion to the
                        other backups I do.....I'm anal.....

                        Heath

                        http://heathparks.com

                        --- In videoblogging@yahoogroups.com, David King <davidleeking@...>
                        wrote:
                        >
                        > My web hoster actually does most of that for me (the backups,
                        rollbacks,
                        > etc). I do my own updates to wordpress, customizations, etc - but
                        they do
                        > everything else. But then, it's a small, service-oriented web
                        hoster shop
                        > primarly for library-related blogs and websites (how's that for a
                        niche
                        > market?). If I have a server type question or prob, I just email or
                        IM and
                        > it gets fixed, pronto.
                        >
                        > I'm very spoiled.
                        >
                        > David Lee King
                        > davidleeking.com - blog
                        > davidleeking.com/etc - videoblog
                        > twitter | skype: davidleeking
                        >
                        >
                        > On Sun, Feb 8, 2009 at 9:10 PM, Mike Meiser <groups-yahoo-
                        com@...>wrote:
                        >
                        > > Sorry Markus,
                        > > Everyone fears coming home from vacation to find their website
                        burned down.
                        > >
                        > > Maybe you can hire a website security company, buy some website
                        insurance
                        > > or
                        > > find a website sitter.
                        > >
                        > > Seriously though, analogies are not only fun, but how's the
                        following for a
                        > > business idea.
                        > >
                        > > A company that you give FTP or sFTP access to your website.
                        > >
                        > > It not only backs up everything, and tracks every single change
                        through a
                        > > web based versioning control system, but can automatic roll back
                        and even
                        > > flags malicious changes.
                        > >
                        > > Make it general consumer friendly.
                        > >
                        > > Give it a nice "web 2.0" interface.
                        > >
                        > > Sell it to self hosters regardless of whom they're hosting with as
                        > > "insurance, security, and backup".
                        > >
                        > > This not only can be a transparent service instead of bogging
                        down would be
                        > > DIY types with the need to buy your designs or run their workflow
                        through
                        > > you or use you as a host.
                        > >
                        > > But it will let the end user go crazy customizing their code,
                        playing with
                        > > open source, using whatever host provider they want. Giving
                        them true
                        > > *fredom to tinker*... now that they now have a saftey net.
                        > >
                        > > websaftey.net, it's actually available.
                        > >
                        > >
                        > > Does something similar already exist?
                        > >
                        > >
                        > > Now build on it... add in security analysis...
                        > >
                        > > ie. making sure permissions are correct on all your files...
                        > >
                        > > i.e. giving you status on wether your software installed on your
                        server is
                        > > up to date
                        > >
                        > >
                        > >
                        > > Maybe... if the technical requirements aren't to bad it could
                        even install
                        > > certain open source packages automatically regardless of hosting
                        provider.
                        > >
                        > > What about the ability to switch hosts?
                        > >
                        > > Or mirror a website on a different domain with the click of a
                        button?
                        > >
                        > > The ability to edit or upgrade or test a service and then roll it
                        to the
                        > > users main site.
                        > >
                        > >
                        > >
                        > > Perhaps this webservice could orient the market in a different
                        way. Perhaps
                        > > it could focus on a particular niche say video, customizing it's
                        services
                        > > for videobloggers...i.e installing wordpress themes vPip, etc.
                        > >
                        > >
                        > >
                        > > At it's core the backup and versioning is more then enough to
                        sell to every
                        > > web2.0 person out there for $5 - $10 a month and make mondo
                        money, but the
                        > > possibilities on where it can go from there are endless.
                        > >
                        > > The key is you're doing the same thing to hosting providers as so
                        caled
                        > > "web2.0" services like gmail have done to Outlook, Eudora and
                        other email
                        > > desktop clients.
                        > >
                        > > You're moving key services from the hosting providers into
                        the "cloud" as
                        > > services and thus reducing the dependancy on hosting companies
                        proprietary
                        > > features. In a sense your comoditizing the hosting provider the
                        way the web
                        > > is commoditizing the Microsoft OS, Microsoft Office, Outlook,
                        Word, Excell,
                        > > etc.
                        > >
                        > > You could go on to make this a gateway and a security net for not
                        so tech
                        > > savy people so they can try out open source packages regardless of
                        > > different
                        > > hosting providers.
                        > >
                        > > Perhaps one day... if you base this webservice on open source and
                        work on
                        > > building standards everyone from drupal to wordpress will work
                        toward you
                        > > to
                        > > create a sort of web based "package manager" for the internet.
                        > >
                        > > In this way your webservice might install software cleanly onto
                        any host
                        > > that uses a standardized linux install base. Thus you created an
                        > > ecosystem.
                        > > An new sort of API by which hosting providers can interact with
                        > > webservices.
                        > >
                        > > This "package manager for the internet", would be like the
                        package managers
                        > > used on desktop linux, but instead of installing software on your
                        desktop
                        > > they'd install it on your website... think CMS, wikis, blogs and
                        more.
                        > > Perhaps even custom videoblogging solutions such as themes,
                        vPIP, etc.
                        > >
                        > > The internet is after all the new desktop. The desktop computer
                        for many is
                        > > just a dummy terminal you use to access the internet. Hence the
                        rise of the
                        > > netbook.
                        > >
                        > > The internet is where your email is, where your photoalbum/editor
                        are,
                        > > where
                        > > your write and where you publish.
                        > >
                        > > So why not think of the domain, your website, as the new desktop.
                        > >
                        > > Using this metaphor, what other services could be stripped off of
                        the
                        > > hosting provider?
                        > >
                        > > You could possibly even avoid the problems inherent with running
                        server
                        > > side
                        > > code on joeblowsblog.com buy creating an "ultra secure" option
                        where all
                        > > the
                        > > code is run on this new webservice (similar to what blogger.com
                        does) and
                        > > only static html and files live on joeblow's domain.
                        > >
                        > > You could run this whole service through Amazon S3's hosting and
                        computing
                        > > cloud so it scales like the devil, and only charge the user for
                        that
                        > > processing and hosting that they require.
                        > >
                        > > If such "web 2.0" type service could handle the domain management
                        and
                        > > subdomain it could assign a subdomain to itself, i.e.
                        > > code.joeblowsblog.comto run, manage, and update joe blow's code
                        > > securely while leaving only
                        > > static code (HTML, images, movie files) on joeblowsblog.com.
                        > >
                        > > In this way such a service could avoid the pitfalls of setting up
                        different
                        > > open source packages on different hosting providers whom may be
                        using
                        > > anything from Microsoft, to Debian to unix.
                        > >
                        > > Though perhaps if done in open source you could forge
                        relationships with
                        > > hosting providers that use standardized open source and thus
                        create an
                        > > interaction model... an API, by which you can create "a
                        standardized
                        > > package
                        > > manager for the open source internet"
                        > >
                        > > This idea in the end might be two ideas
                        > >
                        > > 1) security and a saftey net for self hosters websites
                        > >
                        > > 2) and in the bigger picture... a "web based package manager"
                        or "package
                        > > manager as web service" in the grand web 2.0 style, to install and
                        > > automatically update open source packages that run on webservers.
                        > >
                        > > Not sure I got the point across, maybe / maybe not, but heh I was
                        > > brainstorming. :P
                        > >
                        > > -Mike
                        > >
                        > > On Sun, Feb 8, 2009 at 7:12 PM, Tim Street <1timstreet@...> wrote:
                        > >
                        > > > MIke?
                        > > >
                        > > > Why did you have to say that?
                        > > >
                        > > > Now I want to go on vacation for a month. ;-)
                        > > >
                        > > >
                        > > > Tim Street
                        > > > 1timstreet@...
                        > > > http://1timstreet.com/blog
                        > > > http://twitter.com/1timstreet
                        > > >
                        > > > On Feb 8, 2009, at 3:57 PM, Mike Meiser wrote:
                        > > >
                        > > > > To use your car analogy most people simply take it to the
                        dealer for
                        > > > > maintence.
                        > > > > There is no dealer for self hosting. Dreamhost nor any other
                        provide
                        > > > > that
                        > > > > sort of support. That type of structure does not exist.
                        > > > >
                        > > > > Most people are not technically literate enough to manage the
                        constant
                        > > > > stream of upgrades. I myself while technically capable, cut a
                        hard
                        > > > > edge on
                        > > > > maintence issues. If I go on vacation for a month, I simply
                        don't
                        > > > > want to
                        > > > > worry about it. And a month of ignoring it is all it takes...
                        now
                        > > > > multiply
                        > > > > that by the rest of your life. Most people underestimate how
                        much
                        > > > > the long
                        > > > > term maintence costs are while underestimating their own
                        capactity
                        > > > > to handle
                        > > > > that constant maintence.
                        > > > >
                        > > > > These people should simply NOT be self hosting... unless they
                        use
                        > > > > blogger.com which requires no maintence.
                        > > > >
                        > > > > It's that simple.
                        > > > >
                        > > > > -Mike
                        > > > >
                        > > > > On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...>
                        > > > > wrote:
                        > > > >
                        > > > > > I'm sorry but the Wordpress site owners that are having
                        their sites
                        > > > > > hacked are the same people that buy a car and expect to
                        never have
                        > > > > to
                        > > > > > change the oil in it.
                        > > > > >
                        > > > > > Running a self-hosted site means being able to manage one
                        as well.
                        > > > > If
                        > > > > > you don't want to manage it, then you use sites like
                        Blogger.
                        > > > > Blogger
                        > > > > > is great for that. No frills. No muss. No fuss. No extras.
                        > > > > >
                        > > > > > If you dont want to manage it yourself, you hire people
                        like me that
                        > > > > > will not only design and build it but manage it as well. If
                        you want
                        > > > > > to do it all yourself, please read the manual, secure it
                        and keep it
                        > > > > > up do date with patches. Your unsecured site causes
                        problems for
                        > > > > everyone.
                        > > > > >
                        > > > > > If you dont change the oil in your car, dont cry when it's
                        > > > > eventually
                        > > > > > sitting dead on the side of the road.
                        > > > > >
                        > > > > > David Howell
                        > > > > > http://www.davidhowellstudios.com
                        > > > > >
                        > > > > > --- In videoblogging@yahoogroups.com, Mike Meiser
                        > > > > > <groups-yahoo-com@> wrote:
                        > > > > > >
                        > > > > > > Sad to hear. :(
                        > > > > > > I'm assuming he was running wordpress?
                        > > > > > >
                        > > > > > > I've seen way to many wordpress blogs hacked. The problem
                        is just
                        > > > > > maintence,
                        > > > > > > you have to keep wordpress constantly up to date to patch
                        security
                        > > > > > holes. If
                        > > > > > > you don't it will inevitably get hacked. Same goes for
                        all server
                        > > > > > side open
                        > > > > > > source.
                        > > > > > >
                        > > > > > > Many times I've wanted to redo my blogger.com blog in
                        wordpress,
                        > > > > indeed
                        > > > > > > wordpress is simply better, but the truth is blogger.com
                        is
                        > > > > > virtually hack
                        > > > > > > proof since there's absolutely no server side code
                        running. It's
                        > > > > all
                        > > > > > handled
                        > > > > > > by blogger.com and written to the server via sftp. I've
                        really
                        > > > > come to
                        > > > > > > appreciate this rock solid security and ZERO maintenance,
                        and to
                        > > > > be
                        > > > > > honest
                        > > > > > > it's the primary reason I simply recommend blogger over
                        > > > > wordpress to
                        > > > > > anyone
                        > > > > > > who wants to self host on their own domain. The exception
                        being if
                        > > > > > they're a
                        > > > > > > developer and already running code on their server, in
                        which case
                        > > > > > they're
                        > > > > > > probably aware enough of the maintenance issues to run
                        wordpress.
                        > > > > > >
                        > > > > > > Lately I've been doing a lot of work in the bike industry
                        and it
                        > > > > > seems the
                        > > > > > > entire industry from shop owners, to racers to bike
                        makers runs
                        > > > > almost
                        > > > > > > exclusively on a blogspot hosted ecosystem. It simply
                        works.
                        > > > > > >
                        > > > > > > P.S. a good auto-backup system or version control system
                        for your
                        > > > > > blog is a
                        > > > > > > MUST if you run wordpress. A lot of hosting providers
                        include this
                        > > > > > stock.
                        > > > > > >
                        > > > > > > -Mike
                        > > > > > > mmeiser.com/blog
                        > > > > > > flickr.com/photos/mmeiser2
                        > > > > > >
                        > > > > > >
                        > > > > > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@>
                        wrote:
                        > > > > > >
                        > > > > > > > Looking back a page or 2 on his twitter history, I
                        think the
                        > > > > site got
                        > > > > > > > hacked.
                        > > > > > > >
                        > > > > > > > http://twitter.com/joshleo
                        > > > > > > >
                        > > > > > > > Cheers
                        > > > > > > >
                        > > > > > > > Steve
                        > > > > > > >
                        > > > > > > > --- In videoblogging@yahoogroups.com, David King
                        <davidleeking@>
                        > > > > > wrote:
                        > > > > > > > >
                        > > > > > > > > Anyone know what happened to josh Leo's site
                        (joshleo.com)?
                        > > > > It looks
                        > > > > > > > > like it is gone ... & I really like his videos!
                        > > > > > > > >
                        > > > > > > > > Just curious
                        > > > > > > > >
                        > > > > > > > > Sent from my iPhone
                        > > > > > > > >
                        > > > > > > >
                        > > > > > > >
                        > > > > > > >
                        > > > > > > >
                        > > > > > > > ------------------------------------
                        > > > > > > >
                        > > > > > > > Yahoo! Groups Links
                        > > > > > > >
                        > > > > > > >
                        > > > > > > >
                        > > > > > > >
                        > > > > > >
                        > > > > > >
                        > > > > > > [Non-text portions of this message have been removed]
                        > > > > > >
                        > > > > >
                        > > > > >
                        > > > > >
                        > > > > >
                        > > > > > ------------------------------------
                        > > > > >
                        > > > > > Yahoo! Groups Links
                        > > > > >
                        > > > > >
                        > > > > >
                        > > > > >
                        > > > >
                        > > > > [Non-text portions of this message have been removed]
                        > > > >
                        > > > >
                        > > > >
                        > > >
                        > > >
                        > > >
                        > > > [Non-text portions of this message have been removed]
                        > > >
                        > > >
                        > > >
                        > > > ------------------------------------
                        > > >
                        > > > Yahoo! Groups Links
                        > > >
                        > > >
                        > > >
                        > > >
                        > >
                        > >
                        > > [Non-text portions of this message have been removed]
                        > >
                        > >
                        > >
                        > > ------------------------------------
                        > >
                        > > Yahoo! Groups Links
                        > >
                        > >
                        > >
                        > >
                        >
                        >
                        > [Non-text portions of this message have been removed]
                        >
                      • Brook Hinton
                        To be fair, Wordpress, along with other blog and CMS solutions, is hyped all over the place as being easy and requiring no knowledge of much of anything.
                        Message 11 of 24 , Feb 10, 2009
                        • 0 Attachment
                          To be fair, Wordpress, along with other blog and CMS solutions, is hyped all
                          over the place as being easy and requiring no knowledge of much of anything.
                          Unless you're happy with one of the simpler free templates and never
                          upgrade, it isn't true, but there are reasons some of us less geek-smart
                          folks jumped to it, even if they turned out to be bad reasons.
                          When I contemplated moving from typepad to wordpress I was told by so many
                          people:
                          "If you can use typepad you can use wordpress, and migrating is easy"
                          "There are so many good templates you won't need to code anything, even for
                          that video stuff you want to do."
                          "Because it has pages you can replace your whole web site without needing to
                          code anything."
                          "It's perfect for you, you won't have to pay someone to set up what you want
                          to do."

                          WIth the exception of the migrating of data, which was easy, none of it was
                          true.

                          Etc etc etc etc etc etc. WIth the exception of the migrating of data, which
                          was indeed easy, none of it was true. All from people who used it, knew how
                          to code but who also knew that I could barely cut and paste my way through
                          editing some simple html.

                          So many of us are NOT "the same people that buy a car and expect to never
                          have to
                          change the oil in it." We just bought the hype that no oil was necessary to
                          begin with.

                          A little googling reveals the same stuff now being hyped about CMS like
                          Drupal and Joomla.

                          So since I'm not in a position to pay anyone to do these things for me, I'm
                          learning CSS and whatever else I have to learn. I don't want to, but I sure
                          wish I'd known I had no choice back when I first jumped in.


                          Brook





                          _______________________________________________________
                          Brook Hinton
                          film/video/audio art
                          www.brookhinton.com
                          studio vlog/blog: www.brookhinton.com/temporalab


                          [Non-text portions of this message have been removed]
                        • Tim Street
                          I feel your pain. There are many things I love about WordPress but I don t have the time to learn CSS right now and I don t want to spend the money on
                          Message 12 of 24 , Feb 10, 2009
                          • 0 Attachment
                            I feel your pain.

                            There are many things I love about WordPress but I don't have the time
                            to learn CSS right now and I don't want to spend the money on
                            customizing.

                            For my blog I bought some templates. They work OK.

                            For French Maid TV's web site I learned iWeb. I wish I could combine
                            the ease of design that iWeb has with the publishing and RSS power of
                            WordPress.

                            It would be awesome if I could design sites in iWeb and make them work
                            in WordPress but then I want an electric car for under $20K and Santa
                            Clause and the Easter Bunny as well.

                            At least I'm allowed to dream. ;)

                            Tim Street
                            1timstreet@...
                            http://1timstreet.com/blog
                            http://twitter.com/1timstreet

                            On Feb 10, 2009, at 6:26 AM, Brook Hinton wrote:

                            > To be fair, Wordpress, along with other blog and CMS solutions, is
                            > hyped all
                            > over the place as being easy and requiring no knowledge of much of
                            > anything.
                            > Unless you're happy with one of the simpler free templates and never
                            > upgrade, it isn't true, but there are reasons some of us less geek-
                            > smart
                            > folks jumped to it, even if they turned out to be bad reasons.
                            > When I contemplated moving from typepad to wordpress I was told by
                            > so many
                            > people:
                            > "If you can use typepad you can use wordpress, and migrating is easy"
                            > "There are so many good templates you won't need to code anything,
                            > even for
                            > that video stuff you want to do."
                            > "Because it has pages you can replace your whole web site without
                            > needing to
                            > code anything."
                            > "It's perfect for you, you won't have to pay someone to set up what
                            > you want
                            > to do."
                            >
                            > WIth the exception of the migrating of data, which was easy, none of
                            > it was
                            > true.
                            >
                            > Etc etc etc etc etc etc. WIth the exception of the migrating of
                            > data, which
                            > was indeed easy, none of it was true. All from people who used it,
                            > knew how
                            > to code but who also knew that I could barely cut and paste my way
                            > through
                            > editing some simple html.
                            >
                            > So many of us are NOT "the same people that buy a car and expect to
                            > never
                            > have to
                            > change the oil in it." We just bought the hype that no oil was
                            > necessary to
                            > begin with.
                            >
                            > A little googling reveals the same stuff now being hyped about CMS
                            > like
                            > Drupal and Joomla.
                            >
                            > So since I'm not in a position to pay anyone to do these things for
                            > me, I'm
                            > learning CSS and whatever else I have to learn. I don't want to, but
                            > I sure
                            > wish I'd known I had no choice back when I first jumped in.
                            >
                            > Brook
                            >
                            > _______________________________________________________
                            > Brook Hinton
                            > film/video/audio art
                            > www.brookhinton.com
                            > studio vlog/blog: www.brookhinton.com/temporalab
                            >
                            > [Non-text portions of this message have been removed]
                            >
                            >
                            >



                            [Non-text portions of this message have been removed]
                          • Christopher Polack
                            ... Tim, The new iWeb 09 allows you to post the RSS feed from another site on your page. You have limited formatting options for the look of the feed itself,
                            Message 13 of 24 , Feb 10, 2009
                            • 0 Attachment
                              > It would be awesome if I could design sites in iWeb and make them work
                              > in WordPress but then I want an electric car for under $20K and Santa
                              > Clause and the Easter Bunny as well.

                              Tim,

                              The new iWeb '09 allows you to post the RSS feed from another site on your page. You have
                              limited formatting options for the look of the feed itself, but you can make the rest of the
                              page pretty fly.

                              http://www.christopherpolack.com/experimental/Planting_an_RSS_feed.html

                              I took the liberty of dropping your blog onto the page. I look forward to hearing from your
                              lawyers soon.

                              Topher

                              http://www.ChristopherPolack.com
                            • Tim Street
                              Thanks! Looks like I might be upgrading to the new iWeb for a test drive. I ll ask my legal team to look the other way. Doesn t seem to grab the embed
                              Message 14 of 24 , Feb 10, 2009
                              • 0 Attachment
                                Thanks!

                                Looks like I might be upgrading to the new iWeb for a test drive.

                                I'll ask my legal team to look the other way.

                                Doesn't seem to grab the embed though????



                                Tim Street
                                1timstreet@...
                                http://1timstreet.com/blog
                                http://twitter.com/1timstreet


                                On Feb 10, 2009, at 12:37 PM, Christopher Polack wrote:

                                > > It would be awesome if I could design sites in iWeb and make them
                                > work
                                > > in WordPress but then I want an electric car for under $20K and
                                > Santa
                                > > Clause and the Easter Bunny as well.
                                >
                                > Tim,
                                >
                                > The new iWeb '09 allows you to post the RSS feed from another site
                                > on your page. You have
                                > limited formatting options for the look of the feed itself, but you
                                > can make the rest of the
                                > page pretty fly.
                                >
                                > http://www.christopherpolack.com/experimental/
                                > Planting_an_RSS_feed.html
                                >
                                > I took the liberty of dropping your blog onto the page. I look
                                > forward to hearing from your
                                > lawyers soon.
                                >
                                > Topher
                                >
                                > http://www.ChristopherPolack.com
                                >
                                >
                                >



                                [Non-text portions of this message have been removed]
                              • Steve Watkins
                                Indeed. Wordpress is a popular target for attack because it is widely installed, often by people who lack the resources to keep on top of maintenance. I think
                                Message 15 of 24 , Feb 10, 2009
                                • 0 Attachment
                                  Indeed. Wordpress is a popular target for attack because it is widely
                                  installed, often by people who lack the resources to keep on top of
                                  maintenance. I think wordpress and others have tried to improve ease
                                  of updating, but if you customise your site there are often annoying
                                  complications.

                                  I often wish I had more faith in web 2.0 hosted services that manage
                                  these things for me, but the different insecurities and inflexibility
                                  that these bring make me hesitant to use them.

                                  Cheers

                                  Steve Elbows

                                  --- In videoblogging@yahoogroups.com, Jacek Artymiak
                                  <jacekartymiak@...> wrote:
                                  >
                                  > On Sun, Feb 8, 2009 at 5:42 PM, Mike Meiser
                                  > <groups-yahoo-com@...> wrote:
                                  > > Sad to hear. :(
                                  > > I'm assuming he was running wordpress?
                                  > >
                                  > > I've seen way to many wordpress blogs hacked. The problem is just
                                  maintence,
                                  > > you have to keep wordpress constantly up to date to patch security
                                  holes. If
                                  > > you don't it will inevitably get hacked. Same goes for all server
                                  side open
                                  > > source.
                                  >
                                  > You are being naive, Mike. It has nothing to do with the software
                                  > being open or closed source.
                                  >
                                  > Maintenance is not a problem, it is what you have to do.
                                • Christopher Polack
                                  ... iWeb does not like video embeds, like the embeds your site or YouTube feed. It does like photos. It certainly not perfect, but iWeb can do a few things
                                  Message 16 of 24 , Feb 11, 2009
                                  • 0 Attachment
                                    --- In videoblogging@yahoogroups.com, Tim Street <1timstreet@...> wrote:
                                    >
                                    > Thanks!
                                    >
                                    > Looks like I might be upgrading to the new iWeb for a test drive.
                                    >
                                    > I'll ask my legal team to look the other way.
                                    >
                                    > Doesn't seem to grab the embed though????

                                    iWeb does not like video embeds, like the embeds your site or YouTube feed. It does like
                                    photos.

                                    It certainly not perfect, but iWeb can do a few things very well.

                                    Topher Polack

                                    www.ChristopherPolack.com
                                  • Pat Cook
                                    Hi everyone: And even then, a $5 Domain Name from GoDaddy would be all one would need for a Blogger-hosted blog. You wouldn t even need to pay for hosting.
                                    Message 17 of 24 , Feb 11, 2009
                                    • 0 Attachment
                                      Hi everyone:

                                      And even then, a $5 Domain Name from GoDaddy would be all one would need for a Blogger-hosted blog. You wouldn't even need to pay for hosting. Just simply get the DNS from Blogger Support to enter into your GoDaddy account control panel and *VOILA!* - A Blogger-hosted blog under YOUR OWN DOMAIN NAME - Courtesy of GoDaddy

                                      Mind you, I just simply used GoDaddy as an example registrar. Don't like GoDaddy, insert your favorite registrar in lieu of GoDaddy :D

                                      Cheers :D

                                      Pat Cook
                                      patsblogs@...
                                      Denver, CO
                                      BLOGS & PODCASTS
                                      AS MY WORLD TURNS - http://asmyworldturnsblog.blogspot.com/
                                      AS MY WEIGHT LOSS WORLD TURNS - http://asmyweightlossworldturns.blogspot.com/
                                      THE LEFT WING CONSERVATIVE - http://www.geocities.com/theleftwingconservative/



                                      From: Mike Meiser
                                      Sent: Sunday, February 08, 2009 16:57
                                      To: videoblogging@yahoogroups.com
                                      Subject: Re: [videoblogging] Re: Josh Leo's site


                                      To use your car analogy most people simply take it to the dealer for
                                      maintence.
                                      There is no dealer for self hosting. Dreamhost nor any other provide that
                                      sort of support. That type of structure does not exist.

                                      Most people are not technically literate enough to manage the constant
                                      stream of upgrades. I myself while technically capable, cut a hard edge on
                                      maintence issues. If I go on vacation for a month, I simply don't want to
                                      worry about it. And a month of ignoring it is all it takes... now multiply
                                      that by the rest of your life. Most people underestimate how much the long
                                      term maintence costs are while underestimating their own capactity to handle
                                      that constant maintence.

                                      These people should simply NOT be self hosting... unless they use
                                      blogger.com which requires no maintence.

                                      It's that simple.

                                      -Mike

                                      On Sun, Feb 8, 2009 at 6:41 PM, David Howell <taoofdavid@...> wrote:

                                      > I'm sorry but the Wordpress site owners that are having their sites
                                      > hacked are the same people that buy a car and expect to never have to
                                      > change the oil in it.
                                      >
                                      > Running a self-hosted site means being able to manage one as well. If
                                      > you don't want to manage it, then you use sites like Blogger. Blogger
                                      > is great for that. No frills. No muss. No fuss. No extras.
                                      >
                                      > If you dont want to manage it yourself, you hire people like me that
                                      > will not only design and build it but manage it as well. If you want
                                      > to do it all yourself, please read the manual, secure it and keep it
                                      > up do date with patches. Your unsecured site causes problems for everyone.
                                      >
                                      > If you dont change the oil in your car, dont cry when it's eventually
                                      > sitting dead on the side of the road.
                                      >
                                      > David Howell
                                      > http://www.davidhowellstudios.com
                                      >
                                      > --- In videoblogging@yahoogroups.com, Mike Meiser
                                      > <groups-yahoo-com@...> wrote:
                                      > >
                                      > > Sad to hear. :(
                                      > > I'm assuming he was running wordpress?
                                      > >
                                      > > I've seen way to many wordpress blogs hacked. The problem is just
                                      > maintence,
                                      > > you have to keep wordpress constantly up to date to patch security
                                      > holes. If
                                      > > you don't it will inevitably get hacked. Same goes for all server
                                      > side open
                                      > > source.
                                      > >
                                      > > Many times I've wanted to redo my blogger.com blog in wordpress, indeed
                                      > > wordpress is simply better, but the truth is blogger.com is
                                      > virtually hack
                                      > > proof since there's absolutely no server side code running. It's all
                                      > handled
                                      > > by blogger.com and written to the server via sftp. I've really come to
                                      > > appreciate this rock solid security and ZERO maintenance, and to be
                                      > honest
                                      > > it's the primary reason I simply recommend blogger over wordpress to
                                      > anyone
                                      > > who wants to self host on their own domain. The exception being if
                                      > they're a
                                      > > developer and already running code on their server, in which case
                                      > they're
                                      > > probably aware enough of the maintenance issues to run wordpress.
                                      > >
                                      > > Lately I've been doing a lot of work in the bike industry and it
                                      > seems the
                                      > > entire industry from shop owners, to racers to bike makers runs almost
                                      > > exclusively on a blogspot hosted ecosystem. It simply works.
                                      > >
                                      > > P.S. a good auto-backup system or version control system for your
                                      > blog is a
                                      > > MUST if you run wordpress. A lot of hosting providers include this
                                      > stock.
                                      > >
                                      > > -Mike
                                      > > mmeiser.com/blog
                                      > > flickr.com/photos/mmeiser2
                                      > >
                                      > >
                                      > > On Sun, Feb 8, 2009 at 6:42 AM, Steve Watkins <steve@...> wrote:
                                      > >
                                      > > > Looking back a page or 2 on his twitter history, I think the site got
                                      > > > hacked.
                                      > > >
                                      > > > http://twitter.com/joshleo
                                      > > >
                                      > > > Cheers
                                      > > >
                                      > > > Steve
                                      > > >
                                      > > > --- In videoblogging@yahoogroups.com, David King <davidleeking@>
                                      > wrote:
                                      > > > >
                                      > > > > Anyone know what happened to josh Leo's site (joshleo.com)? It looks
                                      > > > > like it is gone ... & I really like his videos!
                                      > > > >
                                      > > > > Just curious
                                      > > > >
                                      > > > > Sent from my iPhone
                                      > > > >
                                      > > >
                                      > > >
                                      > > >
                                      > > >
                                      > > > ------------------------------------
                                      > > >
                                      > > > Yahoo! Groups Links
                                      > > >
                                      > > >
                                      > > >
                                      > > >
                                      > >
                                      > >
                                      > > [Non-text portions of this message have been removed]
                                      > >
                                      >
                                      >
                                      >
                                      >
                                      > ------------------------------------
                                      >
                                      > Yahoo! Groups Links
                                      >
                                      >
                                      >
                                      >

                                      [Non-text portions of this message have been removed]





                                      [Non-text portions of this message have been removed]
                                    • Pat Cook
                                      Hi everyone: Ahh....But you DO have a choice Brook. Just simply get a $5 Domain Name from (Again for example) GoDaddy. Seriously, WHAT DIFFERENCE should it
                                      Message 18 of 24 , Feb 11, 2009
                                      • 0 Attachment
                                        Hi everyone:

                                        Ahh....But you DO have a choice Brook. Just simply get a $5 Domain Name from (Again for example) GoDaddy.

                                        Seriously, WHAT DIFFERENCE should it make as to where your blog is ACTUALLY hosted?

                                        Heck, if I wanted to, I could go out & get a domain name for my political website EVEN THOUGH the site itself is on Geocities. PEOPLE DO IT ALL THE TIME.

                                        It's the NAME you're interested in promoting as that's your site. You could care less about the host, could you?

                                        Just my opinion...

                                        Cheers :D

                                        Pat Cook
                                        patsblogs@...
                                        Denver, CO
                                        BLOGS & PODCASTS
                                        AS MY WORLD TURNS - http://asmyworldturnsblog.blogspot.com/
                                        AS MY WEIGHT LOSS WORLD TURNS - http://asmyweightlossworldturns.blogspot.com/
                                        THE LEFT WING CONSERVATIVE - http://www.geocities.com/theleftwingconservative/


                                        From: Brook Hinton
                                        Sent: Tuesday, February 10, 2009 07:26
                                        To: videoblogging@yahoogroups.com
                                        Subject: Re: [videoblogging] Re: Josh Leo's site


                                        To be fair, Wordpress, along with other blog and CMS solutions, is hyped all
                                        over the place as being easy and requiring no knowledge of much of anything.
                                        Unless you're happy with one of the simpler free templates and never
                                        upgrade, it isn't true, but there are reasons some of us less geek-smart
                                        folks jumped to it, even if they turned out to be bad reasons.
                                        When I contemplated moving from typepad to wordpress I was told by so many
                                        people:
                                        "If you can use typepad you can use wordpress, and migrating is easy"
                                        "There are so many good templates you won't need to code anything, even for
                                        that video stuff you want to do."
                                        "Because it has pages you can replace your whole web site without needing to
                                        code anything."
                                        "It's perfect for you, you won't have to pay someone to set up what you want
                                        to do."

                                        WIth the exception of the migrating of data, which was easy, none of it was
                                        true.

                                        Etc etc etc etc etc etc. WIth the exception of the migrating of data, which
                                        was indeed easy, none of it was true. All from people who used it, knew how
                                        to code but who also knew that I could barely cut and paste my way through
                                        editing some simple html.

                                        So many of us are NOT "the same people that buy a car and expect to never
                                        have to
                                        change the oil in it." We just bought the hype that no oil was necessary to
                                        begin with.

                                        A little googling reveals the same stuff now being hyped about CMS like
                                        Drupal and Joomla.

                                        So since I'm not in a position to pay anyone to do these things for me, I'm
                                        learning CSS and whatever else I have to learn. I don't want to, but I sure
                                        wish I'd known I had no choice back when I first jumped in.

                                        Brook

                                        _______________________________________________________
                                        Brook Hinton
                                        film/video/audio art
                                        www.brookhinton.com
                                        studio vlog/blog: www.brookhinton.com/temporalab

                                        [Non-text portions of this message have been removed]





                                        [Non-text portions of this message have been removed]
                                      • Brook Hinton
                                        Um, I m not sure what you re responding to - I used to host a blogger blog on my own site, hosted at pair, with its own domain name, so yes I know this is
                                        Message 19 of 24 , Feb 11, 2009
                                        • 0 Attachment
                                          Um, I'm not sure what you're responding to - I used to host a blogger blog
                                          on my own site, hosted at pair, with its own domain name, so yes I know this
                                          is possible. I found blogger's options, at the time, inadequate for what I
                                          wanted to do. I've always used domain names of my own choosing regardless of
                                          the host I'm using at the time.
                                          _______________________________________________________
                                          Brook Hinton
                                          film/video/audio art
                                          www.brookhinton.com
                                          studio vlog/blog: www.brookhinton.com/temporalab


                                          [Non-text portions of this message have been removed]
                                        Your message has been successfully submitted and would be delivered to recipients shortly.