It’s not (completely) their fault

The first key to understanding all these meetings is that — for the most part — it’s not their fault. They, the city council or school board for example, have all these rules they must follow. Laws vary by state but almost universally there are laws governing when and where agendas must be posted, what they can and can’t talk about, when they can vote, who is allowed to speak, where these meetings may be held.

The list is endless. Plus these elected officials are held criminally responsible if these laws are not followed. Most of the open meeting laws are there to force councils and boards to act more publicly. I wholeheartedly support open meeting laws. They are key to keeping an eye on government. However, these rules can and do lead to a lot of official noise in these meetings.

Bring a recorder

Have the right equipment for covering these meetings. Of course a pen and notebook. Maybe bring a laptop if they allow it and you are fast typist. Definitely bring a good voice recorder. I would use a digital voice recorder that can easily transfer to your computer to listen to after the meeting.

Most open meeting laws allow reporters to record meetings, even video tape them. Do it.

But don’t rely on the voice recorder. Your written notes should be the best source for writing your story. The voice recorder is there to help catch those difficult quotes or discussions where everyone is talking and you hear something you want to understand better or quote accurately.

I usually would write down the time I turned on the recorder. When I hear something I want to transcribe — the mayor says something very quotable — I would note the time and what to listen for. When I’m listening to the meeting later, I can calculate how far into the recording is the quote I’m looking for.

Don’t think that a voice recorder is there so you can listen to the whole meeting again when you get home. That’s like going back to the dentist for a second root canal because you thought the first one was so fun.

Take good notes. Use the recorder for accurate transcriptions only.

Get the paperwork

Usually you can get your hands on the agenda. If possible, try and get all the paperwork — in advance — that the officials are discussing. The officials often refer to these documents during a meeting. It’s much easier to follow what they are talking about if you have the same paperwork as reference. Try working out a deal with the municipal authority to get the paperwork in advance. It might cost a little money, but it’s worth it.

I will say that you might get some resistance to this idea. If they don’t want to give you the paperwork, start filing open records requests (see your state law). Persistence will pay off. Eventually they will get the picture that you are not going away and it might be more convenient to give you the paperwork along with the other officials in the meeting.

If they try to get hard-nosed about it, complain publicly in an op-ed piece. I did and never had a late council packet again. Having the paperwork will make writing your article easier and more accurate. So take the time to get it.

Law of inverted importance

I have coined a law (just now) called The Law of Inverted Importance: All items on the agenda are listed in reverse order of their importance.

In other words, the further down an item is on the agenda, the more important the item.

The top items are always routine stuff to get out of the way. The middle items are usually things that require a little discussion, but nothing too controversial. The items at the end of the agenda are usually the meat of the meeting.

You need to reverse the order. The biggest mistake a novice reporter will make is to report on the meeting in agenda order — like they are the official recorder for the city or school. Your story should start with the most significant event of the meeting and work it’s way down through lesser items. Some items — like “the council ratified minutes from the last meeting” — should be left off completely.

Tell a friend

So what is the most important item in the meeting? That’s easy. What would you tell someone, a friend or relative, happened in the meeting. Who is the first person you call after a meeting? When you call them, do you say, “Hey, guess what, they just ratified last month’s minutes and then they voted to hold a public hearing, and then….”

No you wouldn’t. No one would.

What really happens is you call someone and say, “They just raised water rates by $20 a month.”

There’s your lead.

Break it up

One thing I’ve found that helps is to write down one sentence of every major point I want to cover. I start with the lead point and work my way down. When I’m finished I go back and write a paragraph or two about each point. Sometimes I need to write more about a controversial item. Sometimes I can combine a few items into a single paragraph.

And use subheadings. Space things out. We are writing for the web now. There is no physical page limit. Use subheadings to make it easier for your readers to find what they want. Subheadings are a lost art in the newspaper business — it’s more magazine-like. Well, print is dead. Get used to this new medium and use subheadings (like this article does). Your readers will thank you.

Please bury this in obfuscation and officialese

One official was angry at me when he read my report. “It wasn’t in order,” he said. “It should be in the order we had on the agenda.”

What rubbish. What he really wanted was to bury the important stuff to the bottom of my story.

Most officials never want controversial stuff written in plain English. Don’t believe me? Go read the official minutes of a meeting. There at the bottom is something like this:

The board met and discussed administration contracts. They took no action.

Big whoopty do.

What really happened in plain English.

The school board met last night and did not renew the superintendent’s contract. This is a possible indicator by the school board that they may not be satisfied with the superintendent’s performance.

When I wrote something along those lines as the lead in the story the whole school board came down on me.

“What do you mean we didn’t renew his contract — we took no action. No action! Do you understand?”

Yes, I understood perfectly. Just because they didn’t like having what happened written in plain English doesn’t mean it was false. I just didn’t use their “obfuscation”. Instead, I said it like it was. Guess what, a few months later that superintendent “resigned”. Which is code for, “The super saw the writing on the wall and quit before he was fired.”

Officialese will end us all

Officialese is a perversion of the English language. It’s pretentious, obscure and wordy. Officialese is used to hide the true meaning of a text.

The official version of events, taken from the minutes:

The male youth representative having the name of John and the female youth representative having the name of Jillian, did, at their first convenience, make an effort to gain altitude via the method of bipedal locomotion either in rapid or semi-rapid fashion up the incline in an effort to reach the peak of said incline in a further effort to retrieve the cylindrical metallic object with extruded curved convenient palm device to convey the liquid form of oxy-dihydride — a substance known to exist several poisons — to return said oxy-dihydride down the incline until the former position is achieved.

Wow! In plain English you would say:

Jack and Jill went up the hill to fetch a pail of water.

If you think I’m joking about this. That nobody would take such simple meaning and turn it into something as inscrutable as that. Look an the new healthcare bill. It’s nearly 2000 pages long. I can’t even imagine how much obfuscation is going on with that document.

Fight officialese. Say things in plain, short sentences.

Avoid copying the officialese from the documents you receive. Tell-tale signs are long, run-on sentences, lots of prepositions, and stuff that makes you scratch your head to say “huh?”.

You are the citizen proxy

I’ve heard people say, “If the citizens want to know what’s going on, they should attend the meetings themselves.”

That’s absurd. People have lives to live. Our job is to act in their place. We are their eyes and ears. We must try to cut through the officialese and obfuscation to tell people what is really going on, where their money is being spent, and what their elected officials are doing.

I had upgraded my Rails project to 2.3.4 and along with the upgrade, updated all the gems on the server. Everything was working great. After several weeks went by I went and looked at my server data and noticed something strange — all the new photographs were still being served by my local server and not by Amazon S3.

Unfortunately my background process which transferred the photographs to Amazon was failing. However, I didn’t program it to throw loud errors at me. Sure, I use hoptoad for notifying me if my main application failed. I just never implemented it into the uploader. It’s always the spot you least expect it.

The uploader’s log file shows:

ArgumentError: wrong number of arguments (5 for 4)

That’s not very helpful. A google search for the error plus “paperclip” revealed that paperclip 2.3.1 was the problem. Some people said I should drop back to paperclip 2.3.0. But that doesn’t sound very smart. Thoughtbot is constantly improving the code and it should be tracked.

Other websites pinned the problem on a conflict between the right_aws and aws-s3 gems. There were a multitude of suggestions on how to correctly load the gems, in a special order, to avoid the conflict. I tried these and nothing seemed to work. Paperclip refused to upload files to S3.

Finally I started reading the commit log for Paperclip. There between 2.3.0 and 2.3.1 is a lot of work with AWS::S3. After a while it dawned on me, they switched. They quit using right_aws and now use aws-s3 to exclusively upload content to S3.

So to everyone having this problem you have a simple solution.

In your environment file, remove any mention of right_aws and add the following gem declaration:

config.gem "aws-s3", :lib => "aws/s3"

That’s it. Problem solved.

Callister immediately took me down the hall to the ultrasound lab and said to the tech, “I don’t know what you have going on, but you need to check this guy, right now.”

To even my untrained eye it was clear something was wrong. Callister stayed for the test (I’ve never had a doctor present for any lab test in my life). Both he and the tech clearly could see the problem. Then Callister said the most comforting thing I’ve ever heard, “Dave, if you have to get in line for cancer, this is the line to be in. It’s the most treatable form of cancer in men.”

According to the Wikipedia article, “Testicular cancer has one of the highest cure rates of all cancers: in excess of 90 percent; essentially 100 percent if it has not metastasized.”

Surgery

I had a choice. I could come in the next day and have the surgery to remove the tumor or I could wait a week. Callister highly recommended coming in the next day because “the what-ifs will drive you crazy if you wait.”

It was sound advice. The next day, Friday, September 4, at 11:00 AM I was in the surgical center at the Budge Clinic in Logan, Utah. The procedure — called an Orchiectomy — is actually considered a minor surgery and I would be going home the same day.

Now the men reading this have a single question on their mind about the operation. All I’m going to say is this, thank heavens we are given two. There is a spare and everything works as it did before.

They rolled me into the operating room around noon and as I lay on that narrow table I had only one thing to say before they knocked me out, “Everyone please remember it’s the right side.”

They laughed….

Recovery

I thought I felt pretty good considering. During the operation, Callister found I also had a hernia so he fixed that, too. It’s not often you get a two-for-one special in surgery. The pain was handled well by the medicines and as long as I held real still, it wasn’t that bad.

But I was also foolishly optimistic about my so-called state of mind. Every day I felt I was doing really well, only to wake up the next day and realize that I was mentally rubbish the day before. My sister Rebecca told me, “Don’t do anything important for at least two weeks after the surgery.”

It’s good advice.

Frankly, the whole month of September is a blur for me. Later in the month I did get some important work done, but I’ll bet a was a little out there during my conversations.

Results

There are two types of this cancer — seminoma and non-seminoma. In other words, the seminoma type is the most common followed by a bunch of other types lumped in as non-seminoma. Non-seminoma cancers — which usually come as a mix of tumor types — are considered more aggressive than seminoma cancer.

Callister called on Wednesday, September 9 with the pathology report. It was all very “favorable”. The tumor was a seminoma and it didn’t appear to have metastasized. It was the best possible report.

The next Thursday (September 17) I went for a chest x-ray and a CT scan. These types of tumors have a very specific path they follow if they spread. First it can move to the lymph nodes in my back and then it can move into the lungs and even into the brain.

Following the scans I had an appointment with Callister, again. This time he pulled up both scans and went over them with me, in real-time. He even called the radiologist and reviewed it with him over the phone. Everything was clear. There was absolutely no evidence that my cancer spread.

It was official — I had a stage I seminoma. For all practical purposes, I was probably already cured by the surgery.

The What-Ifs

I really didn’t understand until after my CT scan what it meant to have the cancer spread. It turns out that it can move into the lymph nodes that lay along the spine between the vena cava and the aorta and in-between the kidneys. The surgery to remove those lymph nodes is called an RPLND. It is a major surgery with serious complications if a mistake is made.

I’m glad I didn’t know about it until I learned I didn’t need it.

These are the types of “what-ifs” the doctor had warned me about before surgery.

Lance Armstrong

Lance Armstrong had symptoms of testicular cancer for three years before he was diagnosed. He said, “I always had the size difference there, but I didn’t know…I would’ve still been waiting if it hadn’t started hurting, it just got so painful I couldn’t sit on my bike any more.”

He had a non-seminoma mix of tumors that, by this time, had spread to his lung and brain. Although he didn’t require an RPLND, he did have to go through four cycles of chemotherapy and eventually had brain surgery.

Armstrong’s recovery is proof of how well testicular cancer can be fought with modern cancer treatments. He went on to win the Tour de France an astounding seven times after having testicular cancer. But it didn’t have to be this way for him.

Early Detection

So now we come to the reason why I’ve decided to share this publicly. To all my male friends who read this, please do a self-exam. It’s fast and very important. You cannot wait until something begins to hurt.

I can tell you that I was in no pain from my tumor. It’s just that one day I noticed the difference. The doctor said it was probably growing for a year or two to get to that hardness. Even then, I might have not gone to the doctor except that I told my wife. She insisted I go and in less than a week I had the diagnosis.

Just one more reason I’m glad I married Jennifer. There are no words to describe how much her support meant to me through this experience.

Adjunctive Therapy

Even after the successful surgery there is still a chance that cancer cells exist in my body that can restart a tumor. To insure against this they used to give six months of radiation therapy (every two weeks) for seminoma patients. Or you could choose to come in every three months for CT scans, for three years. It’s a watch and wait approach that leaves you always wondering if it will restart. It’s also a lot of work.

However, now there is a third alternative. Recently they’ve found that a single dose of a chemotherapy drug, carboplatin, is equivalent to six-months of radiation therapy. Further study says that two doses are even better and can push my success rate from 97 to 99 percent. In other words I have a only a tiny chance that this will come back within ten years. And even then, it is still very treatable.

I had my first round of carboplatin two days ago on Thursday, October 3. It was painless. I just had to sit in a recliner for a couple of hours with an IV in my arm. First they gave me a few preparation drugs to reduce possible side-effects. That took a half hour. Then they gave me the carboplatin for an hour.

I won’t lose my hair. I haven’t had nausea. The most I’ve felt from this is more like I have a slight case of the flu where I’m somewhat tired and I get that tingly sensation — like I have a fever — that runs like waves in my body. Of course, I don’t have a fever.

By Monday, I should be completely over it.

There is only one more round scheduled for the Thursday before Halloween.

It is so worth doing as an insurance policy.

After this, I still go back for annual chest x-rays and biannual CT scans. The first few years are critical. Every year afterwards, the risk of it returning drops. By ten years the risk goes to virtually zero.

Action Beats Fear

I’ve never had a doctor act so swiftly and so personally to any medical condition in my life. Dr. Michael Callister, his staff at the Budge Clinic, and the staff at the surgical center are real heroes to me. They took a frightening situation and turned it into the most impressive display of medical skill I’ve ever seen.

Callister never wasted a minute of time to take care of this. From diagnosis, surgery, and follow-up, I was never left hanging on what my results would be. The real-time review of the CT scan was when it hit me. Normally the doctor would have me go home and they would call me in a few days. Not this time, I knew within an hour exactly what my results were.

Had they been bad, he would be there to explain what would happen next and make it happen. Since it was good, I could leave the hospital that day with an incredible sense of relief.

It many ways the experience was surreal. Although I lost a month of my life to this, it was worth every minute.

To all my friends and family, thank you for your support. And to all my male friends, get yourselves checked out. Do it now.

The voicemail system is speaking English. I think it’s safe to assume that most people calling will speak English. Why not just ask, in Spanish, if the person speaks Spanish press 1. That’s it. If nothing happens, proceed in English.

How hard can that be?

Of course, after running through several nightmare voicemail systems, I can only assume that someone just gets perverse pleasure making the user experience as bad as possible.

So what about my second pet peeve?

When I get someone’s voicemail on the Verizon mobile network, I hear the person give their greeting and then I’m told:

“Press one to leave a voice message or wait for the beep. If you wish to leave a numerical page, press two. [wait a second or two]. To leave a voice message wait for the beep. [another second or two] [beep].”

What is that all about? It’s hard enough to get people to leave voicemail messages. Now we have to give a minute of instructions to use a system everyone knows how to use.

Numerical page?

Will someone please send Verizon a memo telling them it isn’t 1993, beepers are history. While you are at it, tell them it isn’t the 1970s either — people know how to use voicemail.

Just give the personal greeting and beep!

Quicksand

Our first and only banner experiment came early in the Italy Neotribune — back when it was no more than a hobby. One day I was brought some pictures from a local business and told that if we made a banner ad for them, we would get $50 a month.

At first it sounded like a good idea. We would put the ad together and get the ball rolling. As time went on, we would charge more per ad and start charging to create the banner ads. That’s how newspaper display advertising works.

But as we discussed the banner advertising process and considered our potential advertisers we began to realize that banner advertising is like quicksand — that first step looks firm but quickly gives way.

Banner ads are hard

Creating an effective banner ad is hard. Much harder than it should be. You have to distill a lot of information down into a bizarrely oblong rectangle — vertical or horizontal.

Banner process

1. Create a few draft ideas
2. Take them to the business owner to review
3. Create a second draft
4. Review again
5. Make a final draft
6. Review yet again
7. Finalize the design
8. Get final approval
9. Run the ad

Okay. Maybe I’m stretching the point. Maybe the business owner will like the first draft and run with it. Right. That’s hard to say without laughing. There will always be revisions. It takes time. More time than you think it will need.

If it takes ten hours, then our $50 is only $5 an hour. We’d make more money working at McDonald’s.

Why not have the business create their own banner ad?

At that time in Italy, Texas there was only one business with an art director — ours. In my observations it is a rare for a small business to have the in-house talent to create a fair banner ad — let alone an effective one.

Ad blindness

Let’s assume we went through the process and create the ad. It took us only seven hours and the business owner loves it. Great. Publish the ad. Start collecting money.

What should happen next?

Stories on the Italy Neotribune are looked at most the first day, a lot less the second, and receive few clicks on the third. After a week it takes an exceptional story to keep generating page views. It is far worse for advertisements.

Ideally the ad would be updated with a new offer. Something different every week. Maybe something new every day.

For our example, lets say it took seven hours to make the first ad. What if we just make a small change and it only takes two hours. And we only make changes once a week. That would be 11 hours the first month and 8 hours every month afterwards.

Wait a minute! We’d be “making” less than minimum wage to do this. In reality, the cost to create the ad would exceed the income from it.

So what really happens?

Instead of regular changes, the ad will be left to rot. It’s the only way to make back even some of the real cost of creating the ad in the first place. As long as the business doesn’t complain, why should we change it?

Six months go by and the ad sits there. Maybe a year passes. I’ve seen some websites with the same banner ad going on three years.

Sure, we’d get $50 a month without any further effort. We would also get ad blindness. Readers will quickly note that the ads never change so they just stop looking at them.

Beginning of the problem

The difficulties of banner creation and avoiding ad blindness are only the beginning of the problem. Already we can see that either the businesses must spend a lot more money or we need a better system to reduce the cost of creating the ads.

Next up: Banner ads are bad copies of newspaper display advertising

In the Safari 4 beta, the only way to add websites to the Top Sites page was to visit the website a bunch of times until it showed up or you edited a configuration file by hand. It was frustrating because I’d rather specify exactly what pages to show on Top Sites. I felt there had to be an easier way. With the final release of Safari 4, there is. Any website can be manually added to Top Sites. It’s quick and easy.

Manually add website to Top Sites

1. Go to the website you would like to add to Top Sites.
2. Drag the little icon at the left of the website URL in the location bar.
3. Drop the icon onto the Top Sites icon in the bookmark bar (it’s the little grid of boxes, usually second from left).
4. Click on the Top Sites link and the website should appear in the first open spot.

And that’s it. Click edit in the lower left corner and move the website to any position on the Top Sites page.

It turns out there are a lot of features embedded into Top Sites. Visit Safari 4 how-to: Top Sites Browser in a nutshell for more.

To set this up you need a working Ruby on Rails project, the Paperclip gem installed, and a model with has_attached_file. Read the Paperclip documents on how to set this up or use Jim Neath’s example project.

Transliterate

To convert the filename into a URL friendly format we have the transliterate method.

  def transliterate(str)
    # Based on permalink_fu by Rick Olsen

    # Escape str by transliterating to UTF-8 with Iconv
    s = Iconv.iconv('ascii//ignore//translit', 'utf-8', str).to_s

    # Downcase string
    s.downcase!

    # Remove apostrophes so isn't changes to isnt
    s.gsub!(/'/, '')

    # Replace any non-letter or non-number character with a space
    s.gsub!(/[^A-Za-z0-9]+/, ' ')

    # Remove spaces from beginning and end of string
    s.strip!

    # Replace groups of spaces with single hyphen
    s.gsub!(/\ +/, '-')

    return s
  end

This useful method is saved in a shared library in all our projects. Besides changing filenames, we also use it to generate permalinks from story headlines. You can put it in the same Paperclip enabled model or in a shared library if you will use it in more than one place.

Filename processing

In the paperclip enabled model set the before_post_process declaration.

  before_post_process :transliterate_file_name

Then in the private section of the model put transliterate_file_name

  def transliterate_file_name
    extension = File.extname(local_file_name).gsub(/^\.+/, '')
    filename = local_file_name.gsub(/\.#{extension}$/, '')
    self.local.instance_write(:file_name, "#{transliterate(filename)}.#{transliterate(extension)}")
  end

And that’s it. Paperclip will accept the new filename and then begin processing the attachment. So if it is an uploaded image, all subsequent generated thumbnails will be based on the transliterated filename.

Transliterate tests

We use these tests for the transliterate method.

  test 'transliterate should downcase and substitute spaces with dashes' do
    assert_equal 'this-is-a-story-headline', transliterate('This is a Story Headline')
  end

  test 'transliterate should remove apostrophes, punctuation, trailing characters' do
    assert_equal 'this-isnt-a-perfect-solution', transliterate(%Q{This isn't a "Perfect Solution."})
  end

  test 'transliterate should turn unicode characters into dashes' do
    assert_equal 'alpha-beta-gamma', transliterate('Alpha α, Beta β, Gamma γ')
  end
  
  test 'transliterate should turn underscores into dashes' do
    assert_equal 'change-underscores-to-dashes', transliterate('change_underscores_to_dashes')
  end

Filename transliteration test

We created a tiny image called “IT’s, UPPERCASE! AND WeIRD.JPG” and saved it to test/fixtures/files. Then we run this test on our paperclip enabled photograph model.

  test 'should transliterate the filename' do
    photograph = Photograph.new
    file = File.new(File.join(RAILS_ROOT, 'test', 'fixtures', 'files', %Q{IT's,  UPPERCASE!.JPG}), 'rb')
    photograph.local = file
    assert_equal 'it-s-uppercase.jpg', photograph.local.original_filename
    file.close
  end

Note that Paperclip does some basic filename transliteration of it’s own. It generally replaces non-letter or non-digit characters with underscores. It didn’t go far enough for us since it leaves unicode characters intact and can leave trailing underscores. This transliteration is more complete. The final filename can be used, without escape codes, in the URL.

The conference was fantastic. One of the best I’ve ever attended. We connected with Ruby programmers from all over Utah. We also met a group from Logan with whom we later formed the Logan Ruby Users Group.

Independent consultants

As for our cover, well, it didn’t work as well as I thought it would. Normally if you go to a conference and say you are an independent consultant, people treat you like some kind of leper. Faster than you can say “unclean” they stop asking about you and start talking about something else — anything else.

This is how it’s been at every non-programming conference I’ve ever attended. But at the Ruby conference, we were offered a job or two. It should have been a warning.

Two months later we were at Railsconf 2007 in Portland. In one of our first conversations our cover was blown, again.

“Hello, we’re from Apped Design.”

“Oh, what does your company do?”

“We’re independent software consultants.”

Now I expected to see glazed eyes, a little uncomfortable shift of their feet, and a change of subject. But that’s not what happened.

“Really? Do you have enough work? We’ve got this big project and could really use an extra hand.”

Seriously?

Talk about a programmers market. We could have left Railsconf with a dozen job leads.

When the two young ladies from Google suggested we apply for a job, I gave up. It was better to tell people we were in a startup.

“We are doing a startup.”

“Really! So are we? Do you have some free time to help us?”

Apped Design ends

Okay, so our cover didn’t work as planned. We did learn a lot from these conferences and met a lot of great people. And being offered Ruby jobs meant we certainly picked the right programming language.

Now that we are working full-time on the Neotribune, we are going to let the Apped Design name die. I’ve forwarded the appeddesign.com website to this blog. And we stopped using our Ruby inspired cards. It was fun while it lasted.

PS – For the record, I think the ladies from Google talked to every single developer about applying to Google. Heck, if they didn’t talk to you, you must have said something really scary like, “I’m in marketing.”

Subscriptions have always been a loss-leader. Delivering a paper costs a lot of money. There is the printing press, paper, ink, press employees, union truck drivers, subscription managers, subscription software, and finally the — increasingly inaccurate — paper boy. Even at a dollar a paper, it isn’t enough to cover these costs.

Many newspapers, desperate to get subscribers, have discounted their subscriptions to only pennies a day. Readers have never paid for content — they don’t even pay for the paper it is printed on.

Who pays?

So who really pays for the newspaper? The advertisers. It’s advertising money that pays for journalism. So why are subscriptions important if they don’t pay for the content?

Well, they offset the cost of producing the paper which is a big help. But the main reason newspapers need subscribers is so they can tell an advertiser that they reach X number of people.

The real product of a newspaper is its readers. Advertisers are the real customers of a newspaper. They buy reader attention. The more readers, the more valuable the newspaper, the more money an advertiser was willing to pay.

But not anymore. The Internet gives advertisers more options to directly reach their potential customers without advertising in the newspaper. And as readers quit subscribing to newspapers, there is even less incentive for advertisers to continue print advertising.

Online subscription fallacy

So newspapers want to take this model online. To create the same environment where they can tell advertisers how important their content is to readers because they have X number of online subscribers. But here is where everything breaks down.

Newspaper executives are working under the assumption that online readers are getting their content for free. This is absolutely false.

The online world cuts the delivery model into two. The first half is the publisher. They create a webserver and put it on the Internet. Compared to a printing press, a webserver is petty cash. And Internet access for the news company is trivially inexpensive.

The second half of the delivery system is the reader’s ISP. Most people who use the Internet regularly are paying anywhere from $50 to $200 a month for the privilege. If you add in the cost of Internet access at work, at home, on smartphones there is a lot of money spent to get people online.

Readers pay more

The cost a newspaper pays to deliver content online is a tiny fraction of the printing and delivery costs of a real paper. The cost difference is so great, in fact, that the burden has shifted almost entirely onto the readers.

The idea that readers are getting their online content for free is absolutely ludicrous.

Protect the print edition

I think Zachary Seward put it best:

“It’s counterintuitive, but charging for the website may be an effective way to protect the print edition, which still provides 80-90 percent of income at most newspaper companies.”

That’s what this is all about — protecting the print edition. I’ve seen one newspaper start charging for online content. Their online fee is exactly the same as a print subscription. And if you get the print subscription you get the online version for “free”. I’m sure they hope everyone will get the dual print and online subscription so their print subscription base remains as high as possible to maximize their print ad revenue.

But it can only go so far.

The Neotribune is a new model for putting journalists back into small towns. If you look around, you will see that most small towns lack any news coverage at all. Some are claimed by larger community newspapers nearby, but receive very little coverage.

In Italy, Texas — where this all started — I can count on one hand the number of times a reporter came from the county newspaper. Yet we found hundreds of stories to cover.

Think about it. If you search the Internet for a celebrity or a politician, there are thousands of news articles about them. Probably more than they would like. But can you find the names of the city council members of your town? Can you read what happened at the last school board meeting? Have you seen any photographs of the school play?

For thousands of towns in America the answers to these questions are no. If people don’t go to the city council, school board, or play they don’t get to really know what’s going on.

We started the Italy Neotribune for these very reasons. It was a part-time endeavor with just a few of us getting the news and publishing online. We discovered that this was only the tip of the iceberg.

There were problems in the city government and school administration. There were unsung heroes and others working against the will of the people.

And most importantly, we found that the fundamental principles of journalism are as important now as they have ever been.

Towns need the news to inform the people and watch over the city. They need journalists who are responsible to do the hard work of reporting.

And the journalists need to be paid.

We tried a few early experiments in advertising. They clearly did not give enough return to be worth the effort. It is a serious problem. You cannot sustain quality journalism on ideals alone. Reporters have lives and need compensation for their work.

But there wasn’t enough income from current models of online advertising.

We tried several other ideas as we continued with our day job at the Monolithic Dome Institute. Eventually I moved to Logan, Utah to be closer to a fantastic programming community and started on programming several projects.

But I kept coming back to the Neotribune. How do we solve the problem of paying for it? We wrote a content management system for the Italy Neotribune and Monolithic.com which made it far easier to handle photographs with stories.

We also tried another experiment in advertising which was more promising. But still not enough.

Then in April, while brainstorming with a few friends, we figured it out. It’s so simple and elegant. Why didn’t we see it before? I guess that’s the nature of coming up with something new.

Finally, we are going ahead with the Neotribune.

John F. Sturm authored the ad titled, The reality about newspapers. He says that newspapers are doing very well and won’t go away. This also implies, by extension, that the printed page — the medium of newsprint — is also here to stay.

This is the blind spot of nearly all newspaper supporters — the failure to separate journalism from the medium of paper.

Take this statement by Sturm, “Newspapers make a larger investment in journalism than any other medium. Most of the information you read from ‘aggregators’ and other media originated with newspapers.”

I believe this is absolutely true, for now. Original journalism is very valuable and websites that simply scrape newspaper content are not really a core business — one aggregator can easily be replaced by another.

But the idea that nothing will match newspapers is utterly false.

I think it’s more accurate to say that when online media match the efforts of newspapers to gather original journalistic content, then the medium of newsprint will die.

Managing email is a royal pain. Especially if you read email on more than one device. After buying iPhones last year, Mike and I worked up an excellent system of managing our email on the iPhone, computer and web.

At the time I had multiple email accounts — a system administration account, a business account under one domain, another business account under another domain. It was painful keeping track of which email came on what account and what account to use when I wrote an email.

The new system streamlined everything. All email filters into one system and one master email address. It turns out that nobody really cares what your email address is — once you establish a connection.

A year after our first article, our set up is a bit more refined. With the upgrade to iPhone and MobileMe, it’s time to upgrade our instructions and maybe explain why we do it this way to begin with.

Own your domain

It’s vital that you always own the domains you advertise. What does that mean?

Let’s say John Doe is at a networking meet-up and handing out business cards. John is very proud of his new website — http://www.example.com. But on his business cards, his email address is listed as rumplestiltskin@someweirdispnobodywillremember.net.

It’s unprofessional. John went through the trouble of buying a domain and implementing a website. Can’t he take the time to get an email address using the same domain? It immediately says he’s an amateur on the Internet.

More importantly, by using his Internet service provider’s email account, he’s advertising an email address that can — and probably will — change. When his cable company offers him a better deal for Internet access, he’ll have to go through a painful switch, explaining to every one that his email address has to change because he’s switching providers.

1. Own the domain of all email accounts you advertise

Every one of them. On business cards, letterhead, everything. Don’t waste time handing control of your advertised email accounts to anyone.

That doesn’t mean you must have a real account behind every email address. That was the mistake I was making in the past. Instead, for every email address you create on your domain, have it forwarded to one master email account.

One account to rule them all

Your master email account must be robust, not attached to any ISP, and have powerful spam filters. Gmail is the best we’ve found so far. It’s free (or very cheap at $50 a year). They have the best spam filters of all time. And it can hold huge amount of information. Right now they provide 7 gigabytes of storage.

Gmail does not advertise in the outgoing email. You can use Yahoo or MSN, but they always attach a small ad on every outgoing message. This is unacceptable. Gmail can even pretend to be from one of your domains (with caveats, see below).

2. Set up all domain based email addresses to forward to Gmail account

We use GoDaddy for most of our domains. Other domain registrars offer similar services so these instructions should work with them, too.

For every domain I have with GoDaddy, they give me 100 forwarding email addresses. It’s super simple to use the GoDaddy interface to add a forwarding order such as “john.doe@example.com” should forward to “john.doe@gmail.com”.

Do this for every email address you own. Forward them all to that single account.

Gmail is a lousy IMAP server

IMAP is the key to managing email on both the Mac and an iPhone. It allows each device to directly manipulate email on the server. The strength of Gmail — the massive space so you don’t have to delete any messages — is terrible when using IMAP. The mail clients on the Mac and iPhone download a cache of each message. For a large Gmail archive, this can take hours and uses a lot of space on the iPhone.

Having a copy of the entire Gmail archive on the Mac is pointless. The only email that matters is the current email — new messages, working copy, letters to answer, pending processing. The rest should just be left on Gmail where it can be searched using Google’s fabulous search engine.

3. Set up Gmail to forward to MobileMe

It doesn’t have to be MobileMe. Any decent IMAP server will work. I use MobileMe because I like the “push” contacts and calendar. It has a nice web interface. The iDrive is great, too.

To set up Gmail to forward properly to MobileMe.

• Open the Gmail account, click on “Settings”, then “Forwarding and POP/IMAP”
• Under forwarding, click “Forwarding a copy of incoming mail to”
• Add the MobileMe account (john.do@me.com)
• Set the select option to “archive Gmail’s copy” so every message will be saved in Gmail after being sent to MobileMe.

Disable POP and IMAP because we just are not going to use them with Gmail.

Gmail is the best spam filter

Where Gmail beats everyone else is in spam filtering. I have never used a better spam filter. The best part of this mashup is that Gmail will filter all spam messages before forwarding them. So all spam will be caught by Gmail and not transmitted to MobileMe.

4. Manage spam false positives and negatives on Gmail

Because Gmail is filtering the messages, it’s important to remember to do all junk mail training on Gmail. If spam makes it to MobileMe, go to the Gmail account, find it in the archive, and mark it as spam. Also remember — especially in the beginning — to check the Gmail spam box for good messages incorrectly marked as spam.

One note about false positives. When you mark spam as good mail it is moved from Gmail’s spam box to the inbox. However, it won’t be forwarded to MobileMe. It must be managed on Gmail. It’s a small matter. After a short while, false positives will happen very rarely.

Because Gmail is handling spam filtering, remember to turn off junk mail filters in MobileMe (server side) and the Mac Mail.app. If you leave those active, it’ll become very confusing.

Final destination

Finally, the email has arrived at MobileMe. Configure both Mac Mail and iPhone to read email using MobileMe. It’s a standard process and very easy. Apple has tutorials on setting up MobileMe for iPhone, Mac and PC.

Follow the instructions for both Mail.app and the iPhone. Try sending test messages to the domain account “john.doe@example.com” and make sure it goes into MobileMe. You need to send test messages from some other mail account (like Yahoo or MSN or a separate Gmail account).

5. Manage your active mail on MobileMe — make it inbox zero

Now you have an place to manage your active email. Follow Inbox Zero. Keep it clean. Be ruthless. Remember that any deleted message can easily be recovered from Gmail.

One important setting to change in Mail.app and iPhone is how long it keeps sent messages and Trash. I always set sent messages to be deleted after 4 weeks and the trash after 1 week. Keeping your active mail clean makes it faster on the Mac and the iPhone. Be sure to save Drafts, Notes, Sent, and Trash on the server. These settings are under “Mailbox Behaviors” in the MobileMe account under Mail.app’s preferences.

Send email through Gmail

Now for the key to this mashup — sending email. Both the Mac and iPhone must be told to send all mail through Gmail’s SMTP server. What will happen when you do this is a tradeoff. You will send your messages twice.

The first time the iPhone or Mac will connect to Gmail and send the message to the final destination. The second time the iPhone or Mac will take a copy of the message and save it to the Sent folder on MobileMe.

I think it’s a small price to pay. Rarely do I notice a big problem. Even sending large files has never been a real problem. But you should be aware that each message is sent over the wire — twice.

6. Change SMTP server in Mail.app

We’ll start with Mail.app.

• Open Mail.app preferences
• Switch to the “Accounts” section and then the “Account Information” subsection
• Click the drop down box for “Outgoing Mail Server (SMTP)”
• Click “Edit Server List”
• You should see the smtp server entry for MobileMe
• Click the plus (+) sign
• Description: Gmail
• Server Name: smtp.gmail.com
• Click “Advanced”
• Server port: 587
• Check “Use Secure Sockets Layer (SSL)” on
• Authentication: Password
• User Name: YOUR GMAIL USERNAME e.g. john.doe
• Password: YOUR GMAIL PASSSWORD
• Click “OK” to save the settings

Now change the “Outgoing Mail Server” to Gmail and turn on the “Use only this server” checkbox.

Now all email from Mail.app will be forced to use Gmail for outgoing mail.

7. Change SMTP server in iPhone

To Change your iPhone.

• Go to Settings
• Then “Mail, Contacts, Calendars”
• Then the MobileMe account
• Hit “Account Info”
• Then SMTP
• Hit “Add Server…”
• Host Name: smtp.gmail.com
• User Name: YOUR GMAIL USERNAME
• Password: YOUR GMAIL PASSWORD

When you hit save, it should verify the information. Sometimes this takes a little while. It will return you to the SMTP server list.

• Select the Gmail account
• Switch the “Server” on
• Hit “SMTP” at the top to go back
• Select the MobileMe account
• Switch the “Server” off

When you are finished, all SMTP servers should be off (including AT&T’s) and only the Gmail server should be active.

Sent Email

What happens when you send email? Although the MobileMe settings on the iPhone and Mail.app both claim to be sending as “john.doe@me.com”, Gmail rewrites the headers to indicate “john.doe@gmail.com”.

8. Hide your MobileMe account

Whatever you do, don’t give anyone your MobileMe address. The closest you want them to get to your real email is the Gmail account. If anyone finds your MobileMe account, they can bypass the spam filters. So keep it secret.

Nothing sent using this set up will show the MobileMe account. Unless you use me.com to send email. If you must use the web to send an email. Log into the Gmail account and send it from there. Reading and manipulating your email can be done on me.com.

Email aliases

I said before that Gmail can pretend to be from your own domain — like john.doe@example.com. Even the free version of Gmail can do this. However, Gmail will always include it’s own gmail based address in the headers. Microsoft Outlook will interpret the headers as John Doe <john.doe@example.com> on behalf of john.doe@gmail.com.

I personally don’t have a problem with people having my Gmail account. It’s not going to change anytime soon. All mail coming back will go through the spam filter. I’ve also found that once you set up a conversation with someone, they really don’t care what your day-to-day email address is. Most people have more than one address so it’s not a big deal.

9. Set Gmail to alias your domain

In your Gmail account, go to “Settings”. Under the “Accounts” section, click “Add another email address”. The process is fairly simple. After the new address is properly on the account, make it the default address by clicking “make default”.

From now on, all messages from Gmail will pretend to be from that account. Most programs will honor the personal domain when adding information to their own address books. So it works pretty well.

10. Use Google for Domains if you must hide the Gmail account

Finally, if you MUST have everyone believe your email is coming from a certain domain, buy a Gmail account.

Google offers a lot of personalized services for a minimal amount. The cost is $50 a year, per email address. You get more space and domain branded google applications. So for many people, it’s worth the extra cost.

Either way you go, it’s a great system.

Conclusion

This was a long post explaining a complicated set up. Once implemented, it’s a snap to use. The integration between iPhone and Mac is nearly perfect. Having a single, focused mail account makes managing current messages a snap.

Using fixtures to test the database layer for an individual model was fine. However, we built a class that would manipulate a half-dozen models. Ensuring that all the fixtures were perfectly synchronized was beyond painful. If we added a fixture to test some small new feature, the additional fixture would ripple through the tests causing failures on code that had nothing to do with the new feature.

We needed something better.

Test/Spec

I looked long and hard at RSpec. It is always a bit behind the Rails Edge and uses an entirely different syntax for testing. I know a holy war is going on about should.equal versus assert_equal, but for me, I prefer the terse Test Unit syntax.

One aspect of RSpec I did like – and desperately wanted – is the ability to set up different parameters for different sets of tests.

The answer was test/spec and test/spec/rails. This added context abilities to test unit with the benefits of setting up and tearing down test parameters on a granular level. It also used existing test methods like assert_equal and assert_difference. And it tracked the Rails Edge, perfectly, because it only adds features to Test Unit.

Yes, I know it supports should.equal and it’s cousins, but who cares.

Mocking

Fixtures and database testing are critical for a single model. The last thing you need is unpredictable returns from the actual database. But once you move up a level – say the controller or a separate class – hitting the database for every test gets very old.

At the controller level – or in our previous example, a separate class manipulating many models – we only need enough “data” to validate our particular business need. The actual method and returns of a particular search should be moved into the individual models and tested there. At this higher, more abstract, logic level we just need a select combination of data to prove the logic.

Flexmock and Mocha allow this simple idea. Your controller would ask for data, but the mocking object will simulate the model’s response and return just enough data to make the test work correctly. This skips the problem of a model spewing back a whole bunch of fixtures that are not necessary or are recently added. We’re testing the logic, not the data.

We settled on using Flexmock. The results were fine. But the mocking code was wordy.

For a flexmock object you would write:

  flexmock(Story).should_receive(:find_with_permalink).once.with('my-article-permalink').and_return(stories(:my-article))

Yikes.

Surely it could be shorter and still be just as clear.

RR

While attending the Hackfest at the Mountain West Ruby Conference, a programmer showed me the answer – Double-R from Pivotal Labs. It has a terse, clear syntax.

Using Double-R the same mock would be written:

  mock(Story).find_with_permalink('my-article-permalink') { stories(:my-article) }

Look familiar? The model code it’s mocking is:

  Story.find_with_permalink('my-article-permalink')

Wonderful!

What about a larger data set.

  mock(Story).find_after_date('2008-01-01') { stories( :my-article, :your-article, :this-article) }

I get a list of three stories back from the mock. Just enough to test my logic and not a bit more.

RR and Test Unit

RR was written to work with RSpec or Test Unit. Loading the RR TestUnit adapters directly into test_helper caused all my tests to fail. Instead, I require the RR library in test_helper.

Add this to test helper:

  require 'rr'

Then for each test that needs to use RR, I add this line right after the test_helper call (usually line 2):

  class Test::Unit::TestCase; include RR::Adapters::TestUnit; end

Test/Spec and RR

A snippet from our press class test:

require File.dirname(__FILE__) + '/../test_helper'
class Test::Unit::TestCase; include RR::Adapters::TestUnit; end

context 'Press tag chain traversal' do
  setup do
    login_as :dave
  end

  it 'should return all stories with empty tags' do
    mock(Story).find_everything { stories(:products, :software) }
    press = Press.new
    assert_equal stories(:products, :software), press.stories
  end

  it 'should return story using permalink' do
    mock(Story).find_with_permalink('software') { stories(:software) }
    press = Press.new %w(products software)
    assert_equal stories(:software), press.story
  end
end

The actual implementation of “find_with_permalink” and “find_everything” is in the Story model. Press is just an aggregator class and it just needs to know that it 1) actually called the right command and 2) received valid information.

Stubs

Doing stubs in RR is just as easy as mocks.

  stub(Story).find_everything { stories(:products, :software, :widget) }

Stubs are different from mocks. Mocks must be called or the test fails. Stubs are only there for convenience and if they are not called, the test will still pass.

And speaking of test failures. When a test fails because the mock wasn’t called, flexmock would generate a difficult to read error. RR’s errors are far more clear so debugging is faster.

Notes

To install RR:

  gem install rr

Sandbox

Much of what I’ve done is based on the work of Dan Benjamin at Hivelogic. Whether you compile manually (as Dan suggests) or use MacPorts, the goal is the same — to create a sandbox for your Ruby on Rails environment.

These instructions are meant to be quick and to the point. I won’t be going into great detail as to why I’ve done what I’ve done. There are many articles that explain why much better.

XCode

Be sure to install XCode tools from the Leopard installation DVD.

MacPorts

Download the latest version of MacPorts and install.

Path

Add these lines to your ~/.profile or ~/.bashrc document:

  export PATH="/opt/local/bin:/opt/local/sbin:$PATH"
  export MANPATH="/opt/local/share/man:$MANPATH"

Log out of the terminal session and begin a new one so the changes take hold.

Ports

I just install the necessary ports in one command. This will take some time as it compiles all packages from source. So go take a break.

  sudo port install mysql5-server git-core tiff -macosx imagemagick +q8 +gs +wmf ruby rb-rubygems rb-termios rb-mysql

MySQL

Initialize MySQL database and install MySQL 5 startup. I also create a mysql link to the mysql5 binary.

  # Initialize MySQL database
  sudo mysql_install_db5 --user=mysql
  # Set MySQL to start with computer
  sudo launchctl load -w /Library/LaunchDaemons/org.macports.mysql5.plist
  
  # Set mysql link to mysql5 binary for convenience
  cd /opt/local/bin
  sudo ln -s ../lib/mysql5/bin/mysql mysql

Secure MySQL

  sudo mysql_secure_installation5

  # Hit enter for current root password (because one hasn't been set, yet)
  # When it asks if you want a root password, it's up to you. A development machine probably doesn't need one.
  # Yes, you do want to remove anonymous users
  # Yes, you want to disallow root login remotely
  # Yes, remove test database
  # Yes, reload privilege tables now

GEMs

As of this writing, rubygems is at version 1.3.4. MacPorts installs version 1.3.1. So it needs to be upgraded. Also add github as a valid gem repository. Then run a single entry to load all rubygems at once.

  # Upgrade rubygems to latest version
  sudo gem list -r
  sudo gem update --system

  # Add github as repository
  sudo gem sources -a http://gems.github.com

  # Install rails and other useful gems
  sudo gem install rake rails capistrano \
    capistrano-ext mongrel redgreen pdf-writer \
    ZenTest autotest-rails ruby-debug haml rcov \
    rr RedCloth chronic mislav-will_paginate aws-s3 \
    thoughtbot-paperclip thoughtbot-shoulda mbleigh-subdomain-fu

MySQL Gem

The ruby based MySQL connecter is gone in Rails 2.2.2. I did have instructions on how to compile the mysql gem, but it was so slow compared to the ruby based connector. It should be the other way around.

In the past, I couldn’t get Macports to install the rb-mysql port, but that’s changed. It works great. I added it to the ports list above. It is the fastest connector I’ve used.

Shoulda

I’ve tried RSpec, test-spec-on-rails and Shoulda. Of the three, Shoulda is the best. Yet I’ve had problems with it and there are others having second thoughts on these testing additions. Dan Croak wrote an excellent article about the problems: A critical look at the current state of Ruby testing

I do like the change in Rails 2.2.2 so you no longer have to write “test_should_pass_because_i_am_typing_snake_case”. Instead, you type a nice block.

  test 'should test something in my program' do
     assert this
     assert that
  end

There is one very useful aspect to Shoulda that I don’t want to lose — macros. I love them. Very nice bits of code to test common problems in Rails. So I still install Shoulda and use the macros.

Check out Shoulda’s documentation.

SSH Warning

Git is taking over source control management. After using it for several months, I understand why. It’s a huge jump in managing code and worth learning. However, installing git-core caused an unexpected problem.

Git-core depends on SSH, so MacPorts dutifully installs the SSH port. Because we changed our execution path to use /opt/local/bin before /usr/bin we will be using MacPorts version of ssh before we use Leopard’s version. This isn’t a problem except when you want to add your ssh key to the Leopard ssh agent.

Leopard loads a copy of ssh agent and can manage your ssh-keys on the secure Leopard keychain. This happens the first time a particular ssh-key is used to authenticate a connection. BUT only if you use Leopard’s version of ssh to make that connection.

What happened to me was that I had to create a new ssh-key. I did, loaded it on the servers, and tried connecting. But Leopard never asked to save the passphrase to the new key. To get around this I used the absolute path to Leopard’s ssh (/usr/bin/ssh) when making the connection. A Leopard dialog box appeared and asked for my key and then asked to save the passphrase in my login keychain.

After that, the MacPorts ssh binary works with Leopard’s ssh-agent. So it’s only a nuisance when you change or add keys.

Changelog

• Friday, 4 April 2008 – Added ‘rr’ to gem install list.
• Monday, 14 April 2008 – Updated git-core install.
• Friday, 4 July 2008 – Added improved RedCloth and will_paginate gems. Converted port install to only one line. Added Shoulda plugin. Added SSH warning.
• Monday, 1 September 2008 – Updated RedCloth to pull from standard GEM repository now that RedCloth is update to version 4.
• Monday, 8 September 2008 – Removed rb-mysql from ports list. Added how to install MySQL gem on Leopard.
• Saturday, 11 October 2008 – Changed shoulda from plugin to gem
• Sunday, 21 December 2008 – Added rb-mysql to ports install, changed Shoulda recommendations
• Thursday, 15 January 2009 – Added capistrano-ext to the gem list for multi-stage capistrano deployments
• Friday, 16 January 2009 – Added github.com as a gem repository. Added thoughtbot-shoulda and thoughtbot-paperclip to gem installation.
• Thursday, 22 January 2009 – Added subdomain-fu to the gem installation.
• Tuesday, 7 April 2009 – Removed freeimage macport and added imagemagick macport
• Tuesday, June 9, 2009 – Update includes mysql5-server port and autotest-rails gem.
• Friday, October 2, 2009 – Added aws-s3 and removed right-aws gems.

That day, as I wandered around downtown, I found a small shop at the base of a skyscraper. It had a window front on the street with electronics from top to bottom. Inside, it was packed. I’ve never seen so many electronics in such a small space. It felt like a sardine can of circuits, chrome and black plastic.

I made my way over to the CD players and found the exact portable CD player I wanted to buy.

In my research, I found that the player sold for $250. Some places down about $215. Others as much as $300. But $250 was the normal amount. My hope was that it might, just one day, drop to around $150.

So I picked up the player and turned it over to see the price. I nearly dropped it. The sticker said $1000 — a 400 percent markup compared to all other stores.

I looked over the player carefully, trying to see if there was an $800 feature I’d missed. Like diamond encrusted buttons or something. There wasn’t.

“Well somebody didn’t mark this correctly,” I said quietly.

A man yelled, “You calling me a liar!”

I jumped. The clerk behind the counter had quietly moved close while I was examining the player. He didn’t seem happy.

I said, “Well, a $1000 is too much for this player.”

“It’s a fair price!” he snapped. “That player is very special.”

“But a $1000 is too much, I’ve seen it for less ….” he cut me off.

“Maybe I could let it go for $600,” he offered.

Gee, he just gave me a 40 percent discount. I’d save $400! How kind.

Yeah, Right!

I set the player down and walked straight into the rain.

Six months later I bought that player from Service Merchandise in Arlington, Texas. I saved my money. Actually saved it in a bank. So I could afford to buy it. Then bought it for $150 when the price was finally right.

The point is that I didn’t save $850 compared to the $1000 price. I didn’t save $450 compared to the man’s 40 percent off deal. Nor did I save $100 compared to the standard price.

I paid $150 for a CD player.

You never save money when you spend

Whenever you buy something. It’s always money spent. Never saved. Yes, I know that diamond ring is advertised as 50 percent off. “Think of how much money you’ll save,” says the salesman.

Well, there is no magic fairy that gives me the money I save. It’s just money spent. It is an oxymoron when you think about it. Saving money while spending it. It just doesn’t work.

Saving money means taking money you have, in hand, and putting it somewhere safe for a future day. Like in a mattress or a savings account.

When I buy something, I’m spending money.

Someone might think I’m saying, “Getting a good deal is a bad thing?”

A good deal is always a good thing IF. If it’s something you need or is far more than an impulse buy. If you will actually use it. If you can buy it at a competitive price.

Everything has a reasonable, competitive price. Shoes, houses, computers, cars, TVs. The trick is to:

• understand the so-called street price for the item you are after
• know exactly how much money you can afford to spend on it
• be patient and willing to do without until you can afford it
• not be suckered by sales persons, brochures, shiny lights, showrooms
• and jump when the price is right

The real savings comes by spending only when absolutely necessary and keeping the rest of your money.

Once there, you can retrieve your credit report from all three credit reporting companies — Experian, Transunion and Equifax. Each company allows you to get your report, once a year. So how do you get your report more often?

Easy.

Don’t order a report from all three at the same time. Get the report from only one company. Make a note on your calendar to check the report from the same company at the same time next year.

In four months, visit the website again and order a report from the second company. Four months after that, request a report from the third company.

Getting a credit report more often means you will shorten the time an identity thief can use your good name without you noticing. It also helps spot errors more quickly and closer to when an error is made.

SWFUpload is a fantastic application which makes short work of a hard problem — how to upload multiple files to a website. Most solutions using Ruby on Rails revolve around multiple fields and complex ajax calls to monitor the upload progress. These are all hard to implement because they lack compatibility across browsers, require difficult server set up, and usually fail to update quick enough to give real upload progress feedback to the user.

SWFUpload elegantly solves this problem by using a hidden Flash movie, clever Javascript callbacks, and CSS. It is cross-platform (Mac, Linux or Windows) and cross-browser (Safari, Firefox, IE) compatible.

For example, the process for a photograph website works something like this:

1. The user clicks an “Upload photos” button.
2. Instead of the standard browser “open file” dialog, a javascript call initiates the hidden flash movie’s “open file” dialog.
3. The user can shift- or control-click one or more files to upload.
4. The flash movie receives the file list and initiates a javascript call.
5. Javascript POSTs the first filename to the server, just like a standard HTML form would do.
6. The server begins receiving the file.
7. The flash movie watches the upload, sending periodic javascript calls which can be turned into a dynamic upload progress bar. Because it is a client-side progress indicator, it is accurate and updated frequently.
8. The server reports a successful upload.
9. The javascript runner pulls another filename from the flash queue and initiates the next upload.
10. The process repeats until the last file is uploaded.

From the server’s point of view, it’s the same as a user uploading one file at a time — greatly simplifying server set up.

AttachmentFu

Rick Olsen programmed the best attachment plugin for Ruby on Rails — attachment_fu. It manages the server side upload process, storage, and retrieval of almost any attachment. For photographs it manages resizing and thumbnails, too. Storage options include saving to the filesystem, saving attachments into the database, or saving onto the Amazon S3 storage network.

Mike Clark of The Pragmatic Studio has written a great tutorial for attachment_fu.

Put it all together

To combine SWFUpload and attachment_fu is to use the best of both worlds — a powerful client (swfupload) and server (attachment_fu) upload process. After a lot of research, I put together a sample application that combines Ruby on Rails, AttachmentFu, and SWFUpload.

This application is based on the PHP application demo included in the SWFUpload demos.

This is a simple demonstration of how all these components can work together. Go through the code, pull it apart, read the SWFUpload documentation. Then adapt it for your own use.

Download

The public repository for rails-swfupload is on github. To clone the repository: git clone git://github.com/davidsouth/rails-swfupload.git

Contact

If you have any suggestions, tips, bugs please email dave dot south at neotribune.com.

Requirements

1. Ruby on Rails 2.1.0
2. Freeimage
3. Ruby gem image_science
4. SQLite3 or MySQL

Included in this application:

1. SWFUpload 2.1.0
2. attachment_fu (7 Jun 2008)
3. mimetype-fu (7 Jun 2008)

Mimetype-fu

Flash sets the mimetype for each file to application/octet-stream. Attachment_fu requires the mimetype to be set correctly before it will accept the files. Matt Aimonetti wrote mimetype-fu to help attachment_fu properly set the mimetype.

attachment_fu_hack

Using an evil twin plugin, I overrode several standard AttachmentFu methods.

1. Uploads through SWFUpload will automatically detect mimetype.
2. Transliterated uploaded filenames have extra underscores removed and the whole filename is downcased.
3. When running tests a temporary directory is used rather than the public/photos directory

Functional Test

I added two functional tests for the photos controller. It tests both create and swfupload. Since each time the test is run, it adds a file to the temporary directory, the same test will destroy the photo as well.

Leopard Tips

To upgrade Mac OS X 10.5 (Leopard) to the latest version of Rails, first upgrade ruby gems (sudo gem update —system) then update Rails itself (sudo gem update). To install FreeImage and image_science, I suggest installing Macports and then using port to install FreeImage (port install freeimage). Use gems to install image_science (sudo gem install image_science).

Remember to install XCode tools (on Leopard install disk) before you can use Macports.

You can change the photo model to use mini_magick or RMagick in combination with ImageMagick. However, in my tests, I’ve found FreeImage/image_science to be much faster than ImageMagick/mini_magick.

Links

Useful links and related information found while researching this project:

• SWFUpload – New home of the SWFUpload project.
• Uploading Files With SWFUpload – Excellent source of information.
• Getting the _session_id from SWFUpload – The cookie plugin that comes with SWFUpload 2.0.1 may bypass the session_id problem. However, I have not had a chance to test it, yet.
• Activeupload – A non-attachment_fu solution to combine SWFUpload and Rails.
• Caboose forum posts – Read the posts from Peter De Berdt.
• Ruby forum discussion – More from Peter De Berdt.
• Flornet’s Blog – An SWFUpload 1.x Rails demo.
• Working with attachment_fu – Some attachment_fu tips.
• Evil Twin Plugins

I won’t go into why the current keyboard layout, called QWERTY, is so bad. Except to say that whenever I typed on a standard QWERTY keyboard, it looked like my fingers were doing a spider dance as they would crawl all over the keyboard to type even basic words.

The Dvorak layout, on the other hand (no pun intended), looks like I’m rolling my fingers across the keyboard. The home row has all the vowels on the left hand and all the major consonants on the right. The next most popular letters are on the top row on the right. Then the quote mark, comma, period and two more popular letters on the top row on the left.

The bottom row contains the last letters starting with the most popular in the center and working outward to the least popular. The semicolon/colon key is on the lower left of the keyboard rather than under the Home Row which was really a dumb place for a semicolon.

Dvorak refined the design based on the frequency of when a letter is used. Thousands of common words can be typed without leaving the home row. He also designed it so that your hands would commonly type words starting from the outside and moving in — rolling your fingers as you type.

The switch took about a month. Two weeks into it, I couldn’t type very well in either format. But I pushed through and in a month, I could type almost as fast as I could on QWERTY. Today, I type extremely fast and with far less strain on my hands than QWERTY would cause.

When I mentioned this to my sister, Melinda, she switched to Dvorak. At the time, Melinda was typing in journals written by some of our ancestors. It was a lot of work and her hands were beginning to hurt. After the switch, Melinda said her hands quit hurting and she can type unbelievably fast.

Two more of my friends have switched and love it. It takes one month of regular typing. But after that, it’s easy. There are many free Dvorak typing tutorials. All modern computer operating systems support mapping the keyboard to Dvorak.

Today I type on a regular keyboard. The keys clearly show the old QWERTY layout. I no longer need the Sharpie to help me. I just know where the letters are. For anyone who types for a living, a programmer or a writer, I recommend switching immediately. Find a tutorial and start. In one month, you will be finished and will never again go back to typing like a spider.

No Auto-Login

Mac OS X supports auto-login where the computer just boots to my user. That’s great for a desktop computer at home. But a laptop gives up all your data, instantly, to the first thief that comes along. At a bare minimum, make your computer require a password each time it boots or wakes from sleep.

Go to System Preferences → Security.

• Turn on “Disable automatic login”
• Turn on “Require password to wake this computer from sleep or screen saver”

Hard Passwords

Make sure your login password is harder than just your username repeated twice. It should have at least a number and even a punctuation mark. Once login is locked, a person cannot casually open your computer and access your data. A thief would be able to gain access, but at least it’s not handed to them on a platter.

A harder login password is only part of the password equation. Passwords should be:

• Individual – Never use the same password twice
• Hard – A mixture of letters, numbers and even punctuation
• Long – At least eight characters

A good password for a banking website could be something like: w!8L_565yQ

And never use that password for any other site.

Remembering Passwords

But wait a minute. How can someone possibly remember all those different, hard passwords? You can’t. Nobody can. We have no choice. Good passwords prevent people from accessing your bank, credit card, telephone accounts. If someone takes your laptop, they will know what websites you visit. They may even find the usernames you use to login.

What we need is a way to remember the passwords, but that a thief cannot access if they take your machine.

Keychain

Every Mac comes with a program called Keychain. It’s a system program that encrypts valuable data into a secure file typically in the /Users/YOURNAME/Library/Keychains folder. These files are very hard to crack. Without the keychain unlock password, the files require a very difficult attack to open — far beyond a common thief. Never assume that your laptop wouldn’t end up in someone’s hands that could open the file. But you can assume that properly locked, it will take them a while to break it. This gives you time to change your passwords on the websites stored in the Keychain.

Keychain Access

By default, Mac OS X creates a keychain called ‘login’. It is created with the same password you use to log into your system. Also by default, that keychain is unlocked every time you log into your computer. But maybe we could be a little more paranoid.

1. Open Applications → Utilities → Keychain Access. In the upper left window, is probably a small unlocked padlock next to the word “login”.
2. Click Edit → Change settings for keychain “login”
3. Turn on “Lock when sleeping”
4. If you are more paranoid, select “Lock after X minutes of inactivity” and set the number to how long you want it to wait before locking.
5. Save and quit Keychain access

Now the keychain will lock when you put the computer to sleep. Or if you set it, after a period of inactivity.

Sidetrack: Resetting Login Passwords

To reset your system login password, you go to System Preferences → Accounts, click your account, and hit Change Password. It also changes the keychain ‘login’ password to match. BUT, if you have to reset your system password using the install disk, the keychain ‘login’ password will not change.

So, if a thief has access to a compatible install disk for your laptop (install disks are tied to groups of serial numbers), they can reset your account password. But they cannot reset your keychain passwords. They still have to crack to the ‘login’ password to gain access.

Keychain Trouble

Keychain is a wonderful system, but it falls short in certain areas. It cannot remember multiple usernames and passwords for a website. I have several GMail accounts. Keychain will only remember one. Also, if you change computers or have to do a from scratch install (which is likely if someone steals your machine), the login.keychain file won’t like it.

What we need is a Super Keychain. Something that’s just as secure, but offers more features.

1Passwd

1Passwd is the best password manager on the market. The developer did something so smart, it’s a wonder no one else did it before. Rather than reinventing the wheel, he uses the Keychain subsystem to save and encrypt all his data.

What does this mean?

1Passwd doesn’t create a proprietary, unknown, file for storing passwords. It stores them in a system standard keychain file right next to the login.keychain. It’s brilliant. It’s the same level of encryption as keychain and any improvements to the keychain system, automatically improves his program.

It also means that if you lose 1Passwd, you can still read the 1Passwd.keychain file using the Keychain Access program in Utilities.

But 1Passwd does way more than Keychain could.

1Password,

• works in Safari, Firefox, Camino (Keychain by itself only supports Safari).
• supports multiple usernames and passwords for a single website.
• can create very hard passwords for you, and remember them.
• automatically remembers nearly every form you fill out.
• maintains multiple identities to fill online forms with (work, home, vacation house).
• saves passwords for websites trying to prevent saving passwords (like some banks).

I can’t go over every feature here. I highly recommend visiting 1passwd.com and watch the movies. The program costs $30 and is worth every penny.

Putting it All Together

I save every password into 1Passwd. I use a fairly hard password to lock 1Passwd. I save this password into the “login” keychain. Why? Because I lock the login keychain when the computer goes to sleep. 1Passwd also automatically locks when the computer sleeps. Now all my keychains are locked and cannot be opened without knowing at least the “login” password (which is harder than my system username password).

When I open my laptop, I have to type my username and password. When my computer tries to use the keychain (getting mail for example) it prompts me for the “login” keychain password. I type that and my passwords are all open.

I use 1Passwd to fill in web forms and otherwise manage my passwords in the system. I’ve made 1Passwd bookmarks and I know the keyboard shortcut (see the tutorials). It makes short work of my day.

When I leave my computer in an open area, I turn on the screen saver or shut the laptop (either way locks all keychains and password protects my computer).

If a thief gets my machine. They will have to break a lot more security to get to my truly sensitive information. If they can get an install disk, they will probably reset my password and look through my files. But my keychains are still locked and protected. This gives me time to load a new computer with my backup data (you are backing up your computer, right??!!), open my 1Passwd keychain file, and start going to websites and changing my passwords.

One More Thing

There are files on my computer that I don’t want anyone to read. Financial files. Personal files. I don’t need my whole system encrypted just to protect this data. So instead, I created a lock box, or safe, on my computer to store sensitive data.

To create a safe:

1. Open Applications → Utilities → Disk Utility
2. Click “New Image”
3. Save As: Try something innocuous like “stuff”
4. Where: I usually save to the desktop and move it later
5. Size: I typically set to about 40 MB which will hold a lot of documents but not a ton of images
6. Encryption: Select “AES-128 (recommended)”
7. Format: Sparse disk image which creates an image just large enough to hold any data it contains but not the whole 40 MB in size (remember, you have to back up this file so smaller is better)
8. Click “Create”
9. A window pops up asking to create a password (and verify it)
10. It’s up to you whether to save the password in the ‘login’ keychain
11. Click “OK”

What’s created is a file called stuff.sparseimage (using my Save As name of ‘stuff’). It’s a disk image that can be mounted and unmounted on your computer. It should first be automatically mounted after it’s created. You will see a drive icon with the disk image name under it. Double click it.

It’s blank. It’s just a virtual disk to save things into. Save financial information, personal files, anything worth protecting into it. It can handle text, images, doc files, open office documents. You can create folders and organize your data inside.

When finished, ALWAYS remember to “Eject” the image by dragging the drive icon into the trash (which should appear as an eject icon when the drive is dropped on it). The virtual drive automatically encrypts all the data when it’s unmounted (ejected). To open the drive again will require the password (either from the ‘login’ keychain which will happen automatically or you have to type it in).

Move the virtual disk file (sparseimage) someplace meaningful on your computer. When you need it again, just double click that file.

Remember, if you don’t unmount (eject) the opened disk image, a thief will have access to the decrypted data. Only unmounted disk images are securely encrypted.

Nobody’s Perfect

1Passwd, keychain, encrypted disk images will not save your computer from a determined cracker. But it will do the job most of the time. It’s not a perfect system. Nothing is. Total security is a total pain. Find a balance you can live with and do it.