Not One Of My Better Moments

I did something completely idiotic this afternoon.

While assisting one of my staff with a problematic installation of some open source software on a server, I decided to clean up certain files that we no longer needed with “rm -r *”.

Only to discover that I was in the wrong directory.

It didn’t help that we had been working directly on that computer for several days.

I was saved from losing a week’s work only by the fact that the backup from the morning was good (you never know with backups). We still lost a few hours of work, but that’s much better than it could have been.

Moral of the story: a) backup even more regularly than you think necessary, b) keep a local copy of your working files, c) don’t use “rm -r *” unless you’ve double checked what it will do.

What Does It Take To Build A Community?

We’re currently building a number of community based “social media” website. Obviously I’m interested generally in what makes a good online community, but this time there’s a practical aspect to this – I want my customer’s sites to succeed!

Let’s throw this open for comments.

What do you think are the critical factors involved? Is it specific functionality? Great moderators? The initial “link bait” content that gets people there in the first place? One or two really sociable users?

Website Update

I finally found the time to update the appearance of this site. I originally planned out what I wanted several months back, and then never got around to it somehow.

In case you are wondering, the template started out in life as the free Wordpress “inove” template, and then diverged.

As usual comments (and of course criticisms) are welcome.

Why Be Stealthy?

I’ve been receiving a number of questions lately regarding Lichtman Consulting that go something along the lines of: “Why is your company website a blog?” or “Why don’t you have business cards?” or (in one case) “Why don’t you have a nice company logo?”.

Its a funny thing. I (and more so my staff) spend a lot of time helping companies either put together corporate-looking websites, or helping them market them.

On the other hand, Lichtman Consulting generally keeps a low profile.

There are a few answers I’ve thought of, ranging from glib to strategic.

Basically what it boils down to, though, is that I receive most of my business through a handful of partnerships that I’ve built with other companies. I value those partnerships, and I go out of my way to avoid competing with them (or even the appearance of competing with them).

Honestly, I’d rather get a steady trickle of work from a handful of really good clients (in this case mostly other tech-sector companies that have a use for my services) rather than run around like a lunatic blowing my own horn. Its sufficient basis for building a business.

As I said to one of my programmers the other day, my goal is to be a reliable junior partner to the world. If that means keeping a stealthy profile, so be it.

How Not To Get Hacked

Image courtesy of "gutter" on Flickr. Creative Commons.
Image courtesy of "gutter" on Flickr. Creative Commons.

I just spent a chunk of this afternoon fixing up a friend’s website which was hacked. The hacker appears to have gained access through a decade old shopping cart (not in use, just sitting in a folder on the site), and then proceeded to insert obfuscated javascript code into every page on the site (several hundred pages, with the code slighly different on each page).

This is the fifth or sixth site I’ve had to clean up in the past year or so, and its always a painful job – I’m pretty good at spotting code that shouldn’t be in a page, but with a large website it can be hard to be certain that it has been completely fixed. And there’s no guarantee that the original loophole that was exploited has been removed. Even under the best of circumstances, cleaning up this sort of mess is a painstaking process.

The following is intended for web designers who aren’t coders – but who use scripts that they have located on the web. Some intro level programmers might benefit. Experienced web programmers should go directly to the following link and do some review: http://cwe.mitre.org/top25/

1. Be very careful about downloading “free” scripts off the web. Do yourself a favour and scan the code before using it. If it has been obfuscated, or it looks odd, you probably want to avoid using it. You don’t need to be a programmer to get a feel for nefarious code.

2. When putting together a website that has any kind of dynamic functionality – be it javascript, a php script on the back end, or something else – bear in mind Jeremy’s Addendum to Murphy’s Law: Whatever can be hacked, will be hacked. There are a lot of common loopholes that hackers exploit that could be easily avoided by looking at code with a cynical eye and trying to figure out how it can hurt you.

3. Periodically review old websites that you’ve done. Code that used to be fine may no longer be so safe. Also, as you learn from mistakes, you may notice all kinds of things that are dangerous in your code.

4. Its also really worthwhile to look at the Top 25 Dangerous Bugs list, linked above. A periodic review is in order. Speaking of which, I’m adding that to my to do list.

5. Verify ALL inputs to a script. If you think you have verified them, get somebody with a cynical bent to test it. If something is up on the web, it is guaranteed that somebody will try some oddball and highly unexpected inputs just to see if they use your script for their own purposes.

6. Remember at the end of the day that there’s absolutely no such thing as a hacker-proof piece of software or hardware. Make regular backups. Assume you’re going to need them.

I just want to finish with an anecdote.

I used to operate a small hosting company along with some of my other duties at my former company.

One day, one of our servers started broadcasting vast volumes of spam email, to the point that we had to shut down the outgoing email service.

I spent a few hours reading log files, trying to pinpoint what exactly was happening. I finally narrowed it down to a script that had been uploaded a few days prior on one of the client’s accounts.

The script was basically a feeble attempt to try and implement a CMS (content management system). Basically the way it worked was that any GET input to the main script was assumed to be the name of an html fragment file, and was included into the script with no verification whatsoever.

If this means nothing to you, you’ve probably seen websites that have URLs something along these lines: index.php?id=123. The “id=123” part can be parsed out by the script as an input. In this case the links looked like this: index.php?page=contact.html.

The script just assumed that contact.html was a piece of HTML code, and included it in.

It didn’t take long before half the hackers in the world were sending the script stuff like this: index.php?page=path_to_malware_or_spam_script. And our server was running those bits of malware as if they were located locally.

The MVC Blues

A short, techy comment (for a change).

I’m currently working on fixing a mess that somebody else made. They used all the right tools (Zend, MVC pattern etc) but then proceeded to make every possible mistake. In any given situation where a design decision was needed, they made the wrong choice.

The specific issue I’m dealing with is that I need to replace the look of the website with a new “template”. Unfortunately, the original developers didn’t stick to the MVC pattern – there’s presentation layer code in the controllers, and controller code in the html fragment files. Ugly.

So here’s the informal poll:

  • Struggle on, through wind, snow and hail, until the destination is achieved.
  • Toss the whole thing in the garbage heap and start anew.
  • Hire an international hitman to address the culprits directly.
  • Run, screaming.

I think I already know what Sol is going to say.

Disclaimer: For those without humour: the third option is intended to be mildly funny, somewhat sarcastic, and not even slightly realistic.

A Twittery Update

I’ve been getting a lot of responses from people about my previous posts on the topic of Twitter. Just wanted to post a quick update regarding the rumour that Google is considering buying Twitter – apparently the price discussed was in the ballpark area of $3 billion.

There’s a number of interesting synergies that come to mind (I’m not saying that a merger would or wouldn’t work – honestly, who can tell) and they’re not necessarily AdWords related.

The whole point of Twitter is that it reflects, in many ways, the zeitgeist. I’ve seen breaking news reported on the site more than an hour before it hit the big news sites like CNN. A company like Google could get all kinds of useful information out of scanning keywords on Twitter and cross-referencing them. They could then feed that information into their news site, or even into search listings, in order to make them reflect what is going on in the world. It would probably be hard to prevent that from being “game-able”, but it might be interesting…

New Page: Free Downloads

I’ve just posted up a new page on this site for free downloads. Right now the only thing up is a document I wrote recently on how companies can properly budget for SEO (or general internet marketing) campaigns. I’m hoping to be able to release other material – both ebooks and software – on this website, on some kind of public distribution license.

Open Source Manufacturing: The Implications of a Factory in Every Living Room

The following is the second chapter in the free eBook I am working on. I’m indebted to a number of people who commented on this text; the changes that resulted will appear in the final product. What appears below is somewhat more crude than I’d hoped, as I haven’t had as much time to edit it as with some of the previous items posted here.

We’re already well along the path that leads to devices like Star Trek’s replicators being freely available everywhere. This is likely to lead to some interesting societal changes, but more importantly (for the purposes of this article anyhow!) it implies a series of interesting and potentially quite profitable business models.How do we make a living when “stuff” is free? Devices like the RepRap are becoming mainstream, so we’d better start thinking about it.

When you think of the word “manufacturing”, the image that may come to mind is a gigantic tin-roofed building, acres of land area occupied by thousands of workers wielding pneumatic tools.

If you’re more familiar with “light” manufacturing, you may picture instead the niche tool and die shop, its steel lathes turning out custom parts that feed more complex industrial production elsewhere.

The hobby enthusiast may envision instead their workshop, the garage or basement converted to the art of creating – furniture perhaps, or model railroads.

The act of manufacturing something, anything brings to mind first and foremost an act of human labour; taking raw materials and transforming them by sweat of brow into something else.

Its been clear for some time though, that the process of manufacturing is slowly moving downstream.

What once was the work of thousands, becomes – in time – the work of hundreds, assisted by ever more  efficient machinery.

The inevitable result has already been written about and speculated about endlessly. If you’ve ever watched Star Trek, you understand at least some of the societal changes implicit in “Tea. Earl Grey. Hot.”. As the enameled cup appears in the hand of the thirsty tea drinker, we already get it.

The manufacturing sector is already well along the path of democratization – digital presses and home workshops are asymptotically approaching a world in which anyone can make anything in an instant of time, for essentially no cost.

The world of Neal Stephenson’s “Diamond Age” is near upon us. Its a world in which “things” have absolutely no value, because they can be created and produced in any quantity without effort or cost.

Need a car? You can “print” a disposable one at home. When you’re done with it, toss it in the recycling bin.

The only items of value in such a world become those things created by craftspeople – one-off efforts created through manual labour on behalf of a wealthy customer.

Or ideas themselves.

Have you stepped inside of a dollar store recently? There’s an amazing one near my house. For now, everything is actually one dollar (I’ve noticed some dollar stores now sell certain more expensive items), and the number of different kinds of items for sale is amazing.

What really blows my mind though, is that the store isn’t even going to bother selling something unless they make good margins on it – that means some of those things only cost them a few cents each. Maybe even less.

The quality has also come a long way from my earliest experiences in such stores. Back then dollar stores sold cheap plastic implements – things that you used once or twice and then threw away.

These days you can buy relatively high quality tools, stationery, kitchen implements – identical to those in department stores that sell “name brands”.

The Western World Got Hit First

If you pay any attention at all to the manufacturing sector – maybe you work for a manufacturing company, or you know somebody in a union – you also know that manufacturing companies in North America have been going through a rough time over the past decade, and the situation is getting worse, rather than better.

For better or worse, the manufacturing process has largely gone overseas, primarily because companies can reduce one of their largest costs (labour) that way. Salaries are simply lower in many parts of the world.

This is obviously a great simplification of what is going on: for one thing, heavy or complex objects tend to have their parts manufactured in many, many places around the world. The components are then shipped to some place close to where the final product is going to be sold, and then assembled there. That is roughly how the automobile business works.

People love to blame China for this process, but the truth is that in many cases Chinese companies have moved their plants off-shore to still cheaper places as well.

At the end of the day, the cost associated with building anything from scratch is three-fold: the raw materials required, the cost of designing it, and the labour involved in actually making it.

Clearly a highly mechanized plant has some obvious advantages over one in which there are many humans working. This approach has never been able to gain much ground in North America, partially due to the high initial cost of robots, and partially due to strenuous resistance from unions.

Keep this idea in mind though: there already exists a way to manufacture items, such that the cost of the item basically is reduced to the cost of raw materials, plus some factor for externalities: electricity, transporting the goods afterwards, marketing.

Computer Aided Design / Computer Aided Manufacturing (CAD / CAM)

Somebody I know has a room full of Computer Aided Manufacturing (CAM) devices that he uses to build  gadgets with.

A CAM system is basically a small machine shop in a box, connected up to a computer. It allows you to take a three dimensional drawing and turn it into an actual object.

CAM has been around for decades, but the equipment is typically expensive, bulky and messy to operate. Usually such systems are used to build prototypes or one-off items out of metal or wood or various kinds of plastics.

Basically a CAM system is the kind of tool that any red-blooded, tool obsessed male would love to get their hands on – if only they could afford it.

Enter a little gizmo that is going to change the shape of manufacturing for good – one of these days.

A few years ago, one of my staff tapped me on the shoulder and said “you have to see this”.

“This” turned out to be the website for a gadget called the RepRap (www.reprap.org).

What’s a RepRap?

Basically its a CAM device, only it can build copies of itself, and it costs only a few hundred bucks.

Your friend has one and you have gadget envy? You can get him to “print” you a copy on the spot.

Let’s clarify a bit: the RepRap is still very much an early prototype. It can only make objects out of one type of plastic, and it is still very limited in terms of the shapes and sizes of object it can build. When it “duplicates” itself, it currently can make a portion of the parts required – it can’t do any of the electronics, and it can’t assemble the parts once they have been printed.

What exists right now is still extremely impressive. If – no, when – the technology becomes more mature, it will change the manufacturing process like nothing before.

There are some nice photos on their website of things that people have made at home with their RepRaps. One person made his children some nifty sandals. Others have made replacement parts for all kinds of items that have broken.

We’ve already been through a similar downstreaming process with industries such as publishing (between the home laser printer, small digital presses, and Amazon’s “fat tail” – everybody is suddenly an author), the movies (think YouTube), as well as others (ask any experienced doctor about the implications of Wikipedia; ask a software developer about OpenSource).

The home workshop / factory / replicator is going to do the same with pretty much every tangible object that you can hold in your hands. Instead of going to the dollar store to buy kitchen implements, you will be able to make them yourself, with minimal effort.

The computer drawings required are being created in freely available format, so that people will be able to easily share designs.

There is already a community of enthusiasts working on the technology from basements and garages, and the occasional university laboratory.

One of the most exciting parts of the idea, is that the systems are designed to be upgradable – as each new advance in the technology occurs, the new designs are spread around over the internet, and the parts required are built on the existing platform.

We’re still some way away from “replicators” as depicted in StarTrek, but its hard to say that the concept is really science fiction any more. It has become more a matter of decreasing the costs involved by a few orders of magnitude, simplifying the process so that you don’t need to be an electronics or software wizard to make it happen, and then allowing the concept to spread around.

The RepRap and similar tiny manufacturing devices are really only the beginning. There has been a lot written on the topic of nanotechnology and how it will reshape our world (See: http://www.crnano.org/bootstrap.htm), but in essence a “nanofactory” is really just a smaller, more effective RepRap. The concept is that anybody will be able to make pretty much anything, at virtually no cost (beyond raw materials, and possibly the design).

What is the implication for business then?

I think it would be all too easy to focus on how a factury in every living room is going to permanently damage the manufacturing industry and lead to the doom of civilization as we know it. Inevitably a change like this is going to result in both economic and sociological changes, but I find myself focusing on the immense opportunities that present themselves.

1. The Design is Often More Important than the Object

Companies like Nike discovered a long time ago that the real money isn’t in the actual manufacturing of shoes. Instead they focus on design and marketing. All of their manufacturing processes are outsourced or franchised away to other companies.

Provided that copyright and intellectual property laws keep pace with technologicaly change (not something we can take for granted, I realize), I suspect that we’ll see a further shift towards companies that create the underlying notion of a product and produce specifications that can be used to build them.

Not all objects will follow this process – there are always going to be things that are more effective to mass produce than to create in small numbers (think blank DVD disks), but there’s a good chance that in years to come people will download a design for an item – let’s say a spaghetti twirler – and then produce the item themselves, rather than running to the dollar store.

The following business models come to mind:

  • Online shopping malls that sell designs from many companies
  • Search engines for finding free designs
  • Producing free designs that incorporate advertising (imagine a company logo embossed into your spatula!)
  • Custom design services (much like you would hire a graphic designer to make a website today)

2. Things that can’t be Reproduced

In the book “The Diamond Age”, much value is given to items that exist only in small numbers, or that cannot be easily reproduced (by law or because they are unique).

a) The status of the artisan or artist, who creates unique items, may rise.

In addition to art, there are other things that will be hard or just plain more expensive to manufacture through CAM or nanotech.

b) Items such as quality furniture are frequently made out of wood, because it is both attractive and extremely durable.

While there are synthetic amalgams that come close to wood, it could very well be cheaper and more effective to continue to manufacture certain large, durable items in the traditional ways.

c) In addution, home-based manufacturing is likely to struggle with building anything bigger than a few tens of centimeters in each dimension. This could lead to some interesting new businesses:

There are already machine shops that specialize in building one-off items for people (usually prototypes of items that will later be mass produced). These shops aren’t likely to go anywhere in years to come.
Small scale mass-producing facilities that are highly flexible – picture a room full of larger RepRaps, connected together by assembly lines – may be a good opportunity for companies already in the manufacturing sector. One of the nice things about this would be that the plant could build parts of itself. If demand picks up, just build a few more assembly lines. These types of plants will probably focus on building larger items that people won’t easily be able to make at home.

3. Raw Materials

Without a steady source of “something” to use in the manufacturing process, our home DIY factories aren’t going to be able to make anything. This means that the mining industry probably isn’t going to fade away in the near future (I’m planning on writing about the effect of space-based resources in a future article), but there’s more to it than just digging lumps of iron out of the ground.

Think of your laser printer – it takes two inputs (ignore electricity for now): paper, and toner. Both printer paper and toner cartridges have been designed and packaged in a particular way that makes them easy to deal with.

Similarly, I think that there is a magnificent opportunity for companies to work on ways to package raw materials in a way that makes it easy for a tiny manufacturing device to use them.

The RepRap, for instance, currently uses a hopper (basically a big funnel) filled with pellets of plastic that are heated to melting point and then squirted through a nozzle.

Larger CAM devices often have the ability to make objects using metal that has been ground into a powder (like printer toner). The company or companies that can find ways to package new materials for this purpose may be able to leverage that into an advantageous position.

Yes, its a commodity market, but so is printer toner.

Items made out of rare materials may also present an opportunity; although the definition of rarity may change.

Expect things like diamonds to decrease in value as the processes to make artificial ones improve. Good conductors and high quality semiconductor materials likely will not.

In Conclusion

I don’t claim to have an understanding of the kinds of changes that are going to happen to our society in the next twenty years as a result of “open source manufacturing”.

Maybe Neal Stephenson or Eric Drexler have a inkling of part of it, but the future doesn’t really lend itself to accurate prognostication.

I hope though that we can create a world in which there is room for regular people to lead regular lives.

The doom and gloom tends to grab the headlines: everyone’s industry / livelyhood / job is going down the drain.

The truth is hopefully going to be somewhat different. Technological change will result in as many new industries as it will destroy.

People will innovate new ways to make a living, even if the underlying things that we value disappear.

There are always dangers implicit in change, but also great opportunities, and all in all, I’d rather focus on those.

Quick Update

I’m almost done with the next chapter of the ebook. Need to do one more revision and then I’ll post it up here. Been a little bogged down with work, so my apologies if the blog is looking a little stale of late.