Ideas….

So the other morning I was eating my cheerios and drinking a glass of milk while sending an email when SPLASH! milk all over my laptop’s keyboard.  I was pissed.  But I cleaned it up.  Everything seemed to be fine and now I was late to work so I rushed out.

Later when I got home, my MacBook wouldn’t turn on so I decided that maybe if I hugged it, it would come back to me.  It didn’t, so at that point I realized I would either need a new keyboard or a new laptop, I was rooting for option 1.

So I made an appointment at the Genius Bar.  Went in and had to wait a bit because they were a little back logged, but I didn’t complain because they have laptops and internet where you wait, and I can spend time reading and what not.  So eventually I got called.  The guy was super nice and helpful, he took my laptop into the back and it booted up.  He came back out and told me that I needed a new keyboard.  Awesome, only $100, I can live with that.

So then he started typing everything up and he looked at me and said “What’s your password for the computer?”.  And I looked at him.  I was slightly dumbfounded that this man was asking for my password.  And I sat there and just stared ahead and then I did the dumbest thing I have done in quite a while, I actually told him my password.  I left the interaction feeling like I had just made the biggest mistake ever (mostly because I had) and then I went to Whole Foods, had some dinner and drove home.  On that drive home I realized that they now had access to my entire life.  Just about every password I have is saved somewhere on that computer.  The moment I walked into the door I got on my netbook and proceeded to change every password I could think of.

The next day I got a survey from Apple asking about my Genius Bar Experience.  And while the service was good, the security was not.  So in the comments I went on a diatribe about how they should have offered me a way to change my password.  About how it was so unsecure to just take a users password without explaining what could happen.  Blah blah blah.  So yeah I was pissed and I let it all out in that survey.

And then something strange happened.  They actually called me later that day.  Crazy I know.  The store manager I eventually spoke with (lovely woman by the name of Kristin) first assured me that if someone were to breach security the way I was describing that they would be fired immediately.  She also assured me that they do take security very seriously.  She then said that she had never really thought about what the conversation about asking for a password looked like with users that didn’t express concerns about handing over their password.  They have thought about the conversation they have with users that do express concerns, but not with those that don’t.  She said that my comments really made her think.

I did make sure that I told her that I didn’t think that the problem was specific to her store (Dedham Legacy Place…I recommend it) but was a company wide issue.  And while I don’t think that Apple should be walking around trying to evangelize security, I did say that I chose Apple back in the day because of their customer service, and that I think its important for them to talk with customers about things like this if they want to keep their track record of excellent customer service.  She seemed to buy what I was selling.

So hopefully I don’t have to go back to the Genius Bar any time soon, but if I do, I’ll be interested to see whether or not they really have changed.  At the very least I’m impressed with the manager I talked to and that Apple actually bothered to contact me.

Visual depiction of the rotating Moodle architecture

I have a plan to back up Wheaton’s Learning Management System (LMS) to the cloud on a yearly basis. I talked about the basics of this architecture in my post I <3 Redmine and You Will Too.Essentially each academic year I will rotate a years worth of Moodle into the cloud, only keeping the current year and the previous year.  Here’s a picture to give you a little help in understanding.

So now I need to find a way for people that are not me to access the Moodle that lives in the cloud.  The problem is that every moodle has a config file, and in that config file, Moodle asks you to specify the URL for where your Moodle is located, this is slightly problematic because:

1. Amazon EC2 servers are not given IP addresses, they are given a Public DNS like
2. Technically they can be assigned to an IP address but Elastic IPs cost money when they aren’t being used, and frankly I would rather not have to pay extra if I don’t have to.
3. The people accessing these Moodles can’t be expected to ssh into a server and change the config file.

So I need to make this happen automagically when the server starts up.  I tried using the php variable $_SERVER but I got some weird things.  So my idea is to have a start up script call the public-hostname (using the API amazon provides) and then edit the config file.  That way when the server starts up, Moodle will automagically be available.

So last night James Urquhart tweeted that he was misinterpreted in my blog post.  He said in another tweet:

I never argued *against* PHP/Python/Perl or even use of Linux/Apache by PaaS vendor. Just noted PaaS users *shouldn’t* care.

I apologized and asked for clarification since it seemed to me that there was an argument about whether or not a PHP/Perl cloud was necessary.

I re-read the article a few times, and on the last go around the only new explanations I could see from it was:

1. if i wrote in php a vendor would deploy in another language
2. he meant that the LAM in LAMP was what didn’t matter  (although that didn’t seem to be explicitly stated)

In the meantime though, I’ll just wait for a response (I sent it late last night and people tend to sleep) rather than possibly misinterpret more.