Topics: Free MS ebooks, Xamarin podcast, cloud server in 55 sec., squash your PNGs, Heartbleed fallout, RDP from Android.
I’ll soon be announcing a project I’m very excited about: a portable library and Android app for the wonderful data provided by the folks at NutritionIX. NutritionIX provides comprehensive nutrition information for individual food items as well as popular restaurants – something that has been extremely useful in managing my diabetes (type 2). Watch this space for the official project announcement in the coming days.
Also, I’ve added a new option for donating to support my work: There are now PayPal buttons both here on my blog and at http://tiny.cc/support-cms which allow you to make a donation of any amount you wish using only a credit card. There is no need to sign up for an account. Thanks for your support; every little bit helps.
]]>The Weekly roundup is my regular post of interesting and useful things I’ve found or done over the last week.
Topics: Diversity in tech, crypto, online verification, Windows pkg management, .NET Foundation, a better RSS reader, tutorials, taking credit cards, debugging mod_rewrite.
This blog post was written specifically for my co-workers at Washington State community and technical colleges, but I suspect will be useful to anyone getting started with Github, so I am posting it here. This post is Copyright (c) 2013, Bellevue College and the State of Washington.
Git
A software tool for managing source code. Typically referred to as an SCM (Source Control/Code Management) or VCS (Version Control System).
These systems allow multiple developers to work together on the same project/product. They write code at their workstation and then check in or commit those changes to a repository. Git is a distributed VCS – which means that there is not a single, centralized server that developers must check their changes into (although it can be configured to simulate that behavior). Instead, each developer has their own (usually local) repository. Repositories can then be linked with other (usually remote) repositories. Repositories that are linked can share checked-in changes with each other – merging those changes into a common whole.
Repository
The location where committed/checked-in source code is stored, shared from, etc. A repository typically contains the source code, commit/checkin history, etc. for only one project/product.
Github
A web-based service that provides hosting for (remote) Git repositories.
In addition to hosting Git repositories, Github also provides additional features like:
- A Wiki for each repository.
- A simple issue tracking (e.g. bug tracking) system for each repository.
- Various tools for forking/merging/etc. repositories.
So, to put it all together:
If you’re not already familiar with Git – or at least some other source control tool – I’d strongly recommend spending some time learning how it works, and how to integrate it into your own workflow, before adding Github to the mix. Source control and Git itself are far too large a topic to get into here, but the following are a number of resources Bellevue College has collected:
As previously mentioned, Github is an online service which provides public hosting of Git repositories. With your repository on Github it is easy for others to find your project, download your code and (hopefully) submit useful contributions. They can even fork your project to create a new offshoot. In addition to just hosting source code, Github provides some additional features that can be useful when collaborating with others.
Besides personal accounts Github also allows any user to create organizations. Organizations act much like accounts in that they can own repositories, but they do not have a login of their own. Instead, the person who first creates the organization becomes the first Member in a Team (similar to a role group) called “Owners”. Owners have full, administrative access to the organization. For example, they can create repositories and add new members – including adding members to the Owners Team.
While each college is free to set up their Github accounts in a manner that works best for them, I would recommend each person who is going to access Github create an account and then one of you create an organization for your college. You can see how we set up ours at https://github.com/BellevueCollege.
To create an organization:
To add or manage members of an organization edit that organization’s profile, click the Members tab on the left and then click the team management link. Here you can
Teams essentially provide the ability to define access groups that members can belong to. You can define the permissions (push, pull and/or administrative), members and repositories for each Team. I recommend setting at least two people from your college (3 or 4 would be ideal – so as to maintain a healthy Beer Truck Index) to be on the Owners Team for your organization and setting up another Team with Push & Pull access for granting trusted individuals the ability to make modifications directly to your code, should you so desire.
Once you are a member of an organization on Github, when creating a new repository you will have the option to create it with your account as the owner or one of the organizations you belong to. If you choose the organization as the owner the new repository will appear on the organization’s page and “belong” to that organization.
This means it will benefit from the Member and Team access that can be configured as outlined above.
As you navigate your way through Github, you might find the following information useful:
Github includes 3 different ways to monitor activity. To be honest, this is still an area I’m a little fuzzy on. But this is what I’ve been able fo figure out so far:
When viewing the profile page of another user you have the option to follow them by clicking the Follow button. I have not observed an particular notifications (e.g. via e-mail) from following another person, but they do show up in my following count and list. A lot of people have asked how to find other users and/or repositories. This is the primary way I do so – by following other people, seeing who they follow, etc.
When you Star a repository, this seems to have a similar effect as following a user. Starred repositories show up alongside the users you are following. I have no idea why Github felt the need to use different terminology.
If you click the Watch button for a repository, you will be presented with 3 options:
There is also a short description of each, but for completeness, I will include here that selecting Watching will cause you to receive notifications for all discussions that occur in the repository.
As we progress in our use of Git and Github, I will post additional articles on such topics as
In the meantime, I recommend the resources listed under the Getting started with Git section above.
The preceding post is Copyright (c) 2013, Bellevue College and the State of Washington. ]]>Wired columnist Mat Honan recently published an article detailing how his iPhone, iPad and laptop were all wiped clean – just because some hackers wanted to get control of his “cool” 3-letter Twitter handle; @mat. Since coming out, Mat’s story has been the talk of the tech news circuit. The Security Now podcast even postponed its normal schedule to dedicate an entire episode to discussing Mat’s experience.
Mat has done an excellent job telling his story, including acknowledging his own mistakes that contributed to the hackers’ ability to take over his digital life. And many others have added their thoughts, but most of the discussion has been quite long and can be difficult to parse for the average person. I’d like to take a moment to call out the 3 key lessons I feel we can take away from what happened to Mat:
I hear this frequently when I talk to people about adopting better security practices. The concept goes something like this:
I don’t keep any of my financial information on my computer. I’m nobody important. There’s nothing of value to anybody else on my computer.
And it’s completely wrong. The hackers who deleted Mat’s only pictures of his daughter didn’t care about his memories – they just wanted his Twitter account. Why? Because they thought an account with so few letters was cool. I’m willing to bet Mat never thought his account was valuable enough to be worth stealing either.
The truth is; if you have a computer you have something of value to hackers. If nothing else, the computer itself is something they can use. Once they gain control of it they can use your PC to attack other computers, run software to crack passwords, pretend to be you, etc, etc.
If you listen to people who talk about security and privacy you will eventually hear the acronym T.N.O: Trust no one. It might sound paranoid, but in reality it’s just common sense. Obviously, we must trust others to a certain extent or we would never be able to make it through the day. The idea of T.N.O., however, is awareness. Every day we are enjoined by websites, startups, corporations, ads, etc. to
“Sign up now!“
“Link to your Facebook account!“
“Upload your address book so we can find your friends!“
Technology is a wonderful thing. It has the ability to give us unprecendented freedom to learn and see and create. But freedom comes with a price – responsibility. No matter how well intentioned the site you’re giving your information may be, no matter how much you may trust them, accidents can and will happen. T.N.O. says
It’s all about control. Are you willing to give up control of your personal information? Your identity? If not, then make sure you take steps to protect it.
This one has been mentioned in almost every discussion of the Wired article, and even by Mat himself, but it’s important enough that it bears repeating. No excuses. If you’re not already doing so, establish a regular backup routine. Ideally, follow the 3-2-1 rule:
Backing up your data speaks to numbers 2 and 3 under Trust. No. One. above: If you do lose control of everything can you get it back?
As some have noted, it’s important to note that the hackers who broke into Mat’s phone, computer and accounts did not crack his passwords. The techniques they used were all social engineering – they convinced support personnel that they were the rightful owners of Mat’s accounts. While having a strong password, and a different password for each separate account, is important protecting ourselves doesn’t stop there.
Just as you prepare for a potential earthquake, tornado or hurricane make sure you’ve prepared for the hacker that makes it past the harried tech support employee who maybe didn’t sleep well the night before.
]]>