<![CDATA[Jeff Whitfield]]> https://www.thejeffwhitfield.com/ <![CDATA[More Ch-Ch-Ch-Changes!]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2017/11/01/more-ch-ch-ch-changes https://www.thejeffwhitfield.com/blog/2017/11/01/more-ch-ch-ch-changes post Wed, 01 Nov 2017 00:00:00 +0000 So, yeah...I haven't written anything on my blog in a while. Really, really need to change that. Anyways...

A couple of big changes so far this year as well as a few new experiences.

First, I've switched back to Sublime Text as my primary code editor. Atom is good but, unfortunately, it's a bit of a dog when it comes to performance. I've been working more on a 2010 MacBook Pro and I've noticed that Atom has a tendency to really make the processor work a bit too hard to the point where the fan kicks in. Plus, it's just slow to start and, at times, can lag quite a bit. By comparison, Sublime Text is a speed demon! I mean, it's fast...REALLY fast! Basically, the performance of Sublime Text is such where I'm willing to ignore its various little idiosyncracies.

Biggest concern about Sublime Text is the updates. One of the biggest reasons I switched was due to the fact that updats to the software seemed to be lacking. Good news is that it looks like the developers of Sublime Text are stepping it up when it comes to updates. So, for now, I'm sticking with Sublime Text.

I looked at other alternatives like Microsoft's Visual Studio Code. Just couldn't get into that one. Performance of VS Code is a bit better than Atom but, even then, Sublime is still way faster. Plus, I feel like I can shape the environment better to my liking.

Another big change is the adoption of Vue.js. For a little while now, I felt like I've leaned a bit too heavily on jQuery. It just got to a point where I felt like I needed to take a more modern approach with how I handle Javascript with the websites I build. Out of all the various new libraries and frameworks, Vue.js just felt like the most natural replacement for much of what I use jQuery for. So, with a recent project, I dove in head first and used nothing but Vue.js along with a few plugins. The results were stunning! Performance seems to be better and the total amount of Javascript used was significantly reduced. I'm a happy camper!

Along with that, I retired my 4th generation iPad. Turns out that, with the release of iOS 11, I can't upgrade my iPad anymore. I think the issue is that the 4th generation iPad was the last 32-bit version with all future processors being 64-bit which are the only ones that will run on iOS 11. So...I now have a brand spanking new 12.9" iPad Pro! Been running it through its paces and, man, I have to say it's the best iPad I've ever used! Great machine! No doubt it'll be handy with my work! Looking forward to finding new ways to increase my productivity with it!

Lastly, I've been dabbling a bit with Wordpress. Not by choice mind you. I have one client with a Wordpress blog that needed some maintenance plus a project with one of my partners that requires Wordpress. Suffice to say that the experience has cemented my feelings about why other CMS platforms like SilverStripe and Statamic are so much better. Man...Wordpress is just painful to work with! Ugg!!

More to come soon! Hoping I'll be able to rework this site a bit and refresh it for the new year!

]]>
<![CDATA[Google HTTPS Everywhere: A Case for SSL Certificates]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2016/02/10/google-https-everywhere-a-case-for-ssl-certificates https://www.thejeffwhitfield.com/blog/2016/02/10/google-https-everywhere-a-case-for-ssl-certificates post Wed, 10 Feb 2016 00:00:00 +0000 Note: This post has also been published on Medium.com

A few years back, Google announced their HTTPS Everywhere initiate at Google I/O 2014. Their message was clear: in an effort to promote better security and privacy on websites, HTTPS as a ranking signal will be used more and more in the years to come. Recently, it was announced that Google will start indexing HTTPS pages by default, effectively favoring them over non-secured pages. I’ve been questioning the reasoning for Google’s emphasis on HTTPS since it was announced, trying to understand the reasoning, and what it all means for my clients. I’ve come to the conclusion that Google’s HTTPS Everywhere initiative is a good thing.

Now, many SEO experts, online marketers, and other have jumped on this claiming that everyone now has to install an SSL certificate on every site. Many of the claims just seemed bogus, like the sky was going to fall if your website didn’t have an SSL certificate on it. At first, I was highly skeptical and didn’t understand the need to put a cert on every site. At the time of the announcement it felt excessive, especially on sites that don’t have any functionality that would require securing information with encryption. Not only that but Google was clear that the bump one would get from this was relatively minor. It just isn’t a strong ranking signal. At least not yet.

Setting aside any misinformation and bogus claims, there are some highly legitimate reasons why you should install a SSL certificate on your website:

Privacy

One of the key benefits of HTTPS is the ability to protect users from eavesdroppers. All data is encrypted between the server and browser thus making it really difficult for a hacker to intercept and steal any information. This is especially important if you are capturing any visitor information using a form on your website. Without a SSL certificate, any unencrypted information passed over a series of networks could potentially be interrupted, captured, and collected which is no bueno! Regardless of how passive you think the forms on your website might be, if you’re using them in an unencrypted manner be very mindful of how your visitors might take to having that information being captured by someone other than you.

Another key benefit lies in the ability to inform the user that the site they are accessing is who they say they are. A SSL certificate can be validated by the domain or the organization. This helps the visitor of your website know that the domain they are on is legitimate and gives them a greater level of confidence in performing certain tasks on your website…like filling in and submitting a contact form.

If you have a personal site, Facebook app, a simple contact form, or the like, you can probably get away with having a Domain Validation (DV) SSL certificate. Otherwise, if you run a business then it’s worth looking into either an Extended Validation (EV) or an Organization Validation (OV) SSL certificate. The difference is primarily in the extra steps required to validate your company. OV and EV SSL certificates do cost more but they also imply more trust which might be good for your business…especially if you’re running an e-commerce site.

Security

Security is by far the biggest reason to have a SSL certificate installed on your website. If you are using any sort of CMS at all, you need to secure and encrypt transmissions to and from your website. There isn’t a month that doesn’t go by when I don’t hear about a security issue and/or patch being issued for one of the more popular CMS platforms (cough! WordPress!). Most of these involve either SQL Injection or Cross-Site Scripting (XSS) hacks. Granted, having a SSL certificate won’t alleviate all hacks but it might help to curb off attacks that can’t be done due to the encrypted nature of an HTTPS connection.

Another security problem has to do with the potential for javascript injection at wi-fi hotspots. Within the last year or so, there have been numerous reports of advertising injection on free wi-fi hotspots. AT&T, Comcast, and Time Warner are all guilty of this behavior. In fact, I recently stumbled on a TWC wi-fi hotspot and received this ad:

Did TWC just hack my website?

This has opened up a huge can of worms! The problem I have with this is that if companies with free hotspots can do this what’s to stop a hacker from setting up a fake hotspot that does the same thing? Imagine hopping on what you think is a free TWC hotspot, visiting an unencrypted site, only to learn that your computer just got hacked or, worse, the site you just visited gets hacked!

Google is aware of this and other issues related to the hacking of websites. In fact the whole HTTPS Everywhere initiative revolves around the idea that if every site you visit is encrypted then hackers can’t hack your or them so easily. Thus if I visited a site with a SSL certificate installed I would not have seen that TWC ad on their hotspot. After all, how can they circumvent the loading of a script if the communication between me and the server is encrypted?

Let’s be clear though: Having a SSL certificate alone does not make you invulnerable to hacking. It will certainly slow down a hacker but, even then, if there’s a way to hack your site even with encryption in place a good hacker will know how to exploit it. Regardless, the cost of running a website without encryption is higher than without. Bottom line is that a SSL certificate is a relatively cheap deterrent from hackers on your website.

Conclusion

I’m going to be frank: Not having a SSL certificate installed on a website is getting close to being considered irresponsible. If you are capturing visitor information on a form in an unencrypted manner (Which I have been doing for years! Sigh.) then you’re doing something wrong. It’s so easy to simply say “It’s just a simple contact form!” and not encrypt the page with an SSL certificate. But in doing so you do your visitors a great disservice. Beyond that, there are other privacy and security issues that go well beyond just the encryption of form submissions. The cost of having your visitor’s personal information stolen or your website getting hacked is so much higher than the cost of a SSL certificate each year. In most cases, you can secure a personal site for as little as $10 a year. There’s just simple no excuse not to do it anymore.

Be nice to your visitors and enhance their experience with better privacy and security on your website! Install a SSL certificate and be a part of the HTTP Everywhere initiate! :)

]]>
<![CDATA[Star Wars: The New Canon]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2016/01/12/star-wars-the-new-canon https://www.thejeffwhitfield.com/blog/2016/01/12/star-wars-the-new-canon post Tue, 12 Jan 2016 00:00:00 +0000 So, I just finished reading Star Wars: Aftermath. Good book! After reading it, I have some thoughts about all the new Star Wars books, comics, and TV shows since Disney acquired Lucasfilm.

Some weeks ago I decided to jump in and start reading all the Star Wars books that are part of the new canon. I've been reading all the new Marvel Comics books and have enjoyed them thus far...just hadn't read any of the novels.

For those that don't know, when Disney acquired Lucasfilm they decided to hit the reset switch on the Star Wars universe, effectively throwing out all continuity built up with previous books, comics, TV shows, games, and more. What was known as the Extended Universe now became the Legends continuity. Looking at the timeline of Legends media it's easy to see why Disney made that decision. Granted, some fantastic stories can be found within the Extended Universe. However, with hundreds of stories written there would be no way for new films to be created that fit in with that universe. As such, creating a fresh start is the most logical thing to do.

Upside of this is that a whole new audience can jump in and enjoy the new canon without having to invest a whole lot of time and money. I thought about jumping in on the Extended Universe books and comics but felt just overwhelmed by the sheer number of titles out there. The new canon feels a lot more approachable. Not only that but it feels like Disney and Lucasfilm are making a consorted effort to keep the timeline of canon media tidy and neat without screwing up the continuity of the universe.

Given that Marvel Comics is now in charge of the comics (Dark Horse Comics was the previous licensee for years) I wonder if Marvel's experience of managing large amounts of continuity is at play. Kind of feels like it, especially after reading Aftermath along with all the current Star Wars comics by Marvel.

Aftermath is interesting in that, while it has a pretty large story, it's not overreaching or presenting large ideas that could potentially create continuity problems. The goal seems to be to fill in the gaps between movies and show how the Empire tried to manage themselves and continue on after the destruction of the second Death Star as well as the death of both the Emperor and Darth Vader. It's good fun and gives us a solid series of stories that will eventually lead to the formation of the First Order...at least that's how it appears. Aftermath is actually the first in a trilogy of books so it'll be interesting to see what happens in the next two books. We might not necessary see the formation of the First Order but we'll at least get a glimpse into the continued downfall of the Empire that eventually led to the First Order.

And that's just Aftermath! The comics are even more fun! From the main Star Wars comic, to Darth Vader, to the various mini-series comics devoted to characters like Lando, Leia, Chewbacca, and Kanan (from the Star Wars Rebels TV series), the comics give us a more in-depth look at characters we know and love without completely stomping on the continuity created by the films. The latest issues of Star Wars have been particularly interesting, especially as they relate to Han and Leia's relationship. I'm not giving anything away. Let's just say that rather interesting wrinkle is presented that leaves Leia at pause as to what kind of a guy Han really is. Scoundrel!

So, what's next? Well, I'm already halfway into Before the Awakening and plan on reading The Force Awakens novelization. After that, probably will dive into The Rise of the Empire which includes both Tarkin and A New Dawn. Suffice to say, I'm looking forward to reading the rest of the new canon books. :)

]]>
<![CDATA[Ch-Ch-Ch-Changes: Happy New Year 2016!]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2016/01/08/ch-ch-ch-changes-happy-new-year-2016 https://www.thejeffwhitfield.com/blog/2016/01/08/ch-ch-ch-changes-happy-new-year-2016 post Fri, 08 Jan 2016 00:00:00 +0000 So, here we are with a new year upon us. Time to reflect on the previous year, what we've learned, and what has changed. As a web designer and developer, quite a bit has changed since the beginning of last year.

For starters, I've adopted a new CMS platform called Statamic and have made it my go-to CMS for smaller sites that don't have a ton of complex content requirements and relationships. The interesting thing about Statamic is that it's a flat-file system, meaning that it doesn't use a database. This makes Statamic inherently more secure compared to the likes of <ahem!> WordPress. Granted, there are other flat-file systems out there that are worth considering (ie. Grav, Kirby, Pico, and others) but I ended up coming back to Statamic, especially after the version 2 beta was announced. I'm looking forward to seeing how I can leverage Statamic as a worthwhile alternative to more popular platforms. I have ideas on how to do it. Just a matter of putting a plan in place and going for it.

I continue to use SilverStripe as one of my CMS platforms of choice, especially for projects that have complex content requirements with lots of relationships. SilverStripe closed out the year by released a stable 3.2 version of the CMS and framework. Like Statamic, I'm looking forward to finding better ways to leverage how I market SilverStripe to my clients.

For front-end design, I still continue to use Bourbon as my go-to Sass library for projects that require a heavy amount of design customization. I still use Twitter Bootstrap for some projects but I'm also looking forward to checking out the new version of Foundation (version 6). I built a few sites on previous versions of Foundation and found Bootstrap to be easier to deal with. However, I'm very curious about this new version so I'll be checking it out to see if they improved some of the quirks that made previous versions weird to work with.

I've also adopted the use of Pattern Lab on one project. So far, the experience has been quite positive and my partners seem to really like it as well. It was a little weird and quirky to work with at first but, once I found my groove, I found that it can really improve your workflow and process. The whole Atomic Design methodology is quite interesting and presents a better way to approaching the whole content-first/mobile-first way of thinking. Creating a whole design system with modular components feels like a much better approach compared to what I had been doing for sure.

Another big change is switching from Sublime Text to Atom as my code editor of choice. This wasn't an easy choice. I've been using Sublime Text for some time now and really liked it for it's speed and flexibility. Honestly, there was really no need to switch. The main reason I switched is...well...I was greatly concerned with the lack of progress with the Sublime Text 3 Beta. I had been using the version 3 beta for nearly two years and, in that time, it just felt like new versions were being released at less and less frequency. At the time of this writing, the last beta 3 release was released in March 2015. I'm not the only one with concerns about the longevity of Sublime Text. Reading the posts on the Sublime Forum reveals that a lot of developers are just as concerned as I am. As such, I felt it was time to jump ship and find another text editor that is similar to Sublime Text but offers more support and more frequent updates. Atom most certainly fits that bill and, while it's not a 100% carbon copy of Sublime Text, it definitely gets the job done.

Last year was certainly an interesting year for continued learning and reading.

I started learning more about different javascript frameworks and libraries, completed one project using Knockout and started some online learning on Ember. This year, I plan on learning more about React which I think will be a good alternative to Knockout for projects that don't need a heavy handed framework like Ember but a simple library that can snap into any page on a website.

I've read some of the books by A Book Apart and plan on finishing all of them in the first quarter of this year. I'll also be revisiting a few books that have received new editions: Hardboiled Web Design: Fifth Anniversary Edition and Adaptive Web Design Second Edition. Also, after seeing Star Wars: The Force Awakens (If you haven't seen the movie...shame on you! What's wrong with you?), I have a renewed interest in reading more novels and plan on catching up on all the latest Star Wars books. Hope to read at least one book every two weeks.

Perhaps the biggest change for me is realizing that I have to take my business to the next level. 2015 was an interesting year for Soulcraft Group. I'm continuing to work with some great partners and establish more relationships with wonderful clients. But with that comes change in terms of how I approach my business. I started off wanting Soulcraft Group to be more or less a network of different companies and people all coming together to accomplish the same goal: to design and build online solutions for small to mid-sized businesses with an emphasis on quality. While that is still true, I've also come to the conclusion that I need to market Soulcraft Group for what it really is, namely me. Once I came to that realization, it became clear how I need to market my little company: as a full-blown marketing and design agency. My partners will continue to be a part of the way I market my company. While I'm good at web design and development, I'm terrible in other areas like online marketing, social media, video production, and other things that I suck at. You can expect a modest update to my site and how I market my services.

So, that's it for the year! Looking forward to the new year with exciting things to come! :)

]]>
<![CDATA[Why we don’t use WordPress anymore]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2015/05/22/why-we-dont-use-wordpress-anymore https://www.thejeffwhitfield.com/blog/2015/05/22/why-we-dont-use-wordpress-anymore post Fri, 22 May 2015 00:00:00 +0000 Interesting post on Medium that sums up my top reasons for not using WordPress. Lately, I’ve been thinking about the popularity of WordPress. It’s by far the most popular CMS platform on the web, which makes it a big target for hackers. Seems like lately I've been seeing more and more and more stories about XSS (cross-site scripting) vulnerabilities with WordPress. For the types of sites most web designers and developer use WordPress for, I wonder how much interest there is for more modern, more secure alternatives. Modern platforms like SilverStripe, Statamic, and October offer far more flexibility while maintaining security.

]]>
<![CDATA[ The Internet IS broken]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2015/02/21/the-internet-is-broken https://www.thejeffwhitfield.com/blog/2015/02/21/the-internet-is-broken post Sat, 21 Feb 2015 00:00:00 +0000 Wrote a response to an op-ed commentary on the Chicago Tribune’s website entitled “The Internet isn’t broken. Obama doesn’t need to ‘fix’ it.” by Ajit Pai and Joshua Wright. The argument is being framed wrong. The problem isn't Net Neutraility...it's infrastructure.

]]>
<![CDATA[Why I Killed Google Apps]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/12/22/why-i-killed-google-apps https://www.thejeffwhitfield.com/blog/2014/12/22/why-i-killed-google-apps post Mon, 22 Dec 2014 00:00:00 +0000 Today, I decided to completely do away with Google Apps for my primary domains. The reasons are numerous but, for sake of brevity, I’ll list my top 5 reasons with a bit of detail for each.

I’ve been meaning to look at alternatives to Google Apps for some time now. I don’t really use many of Google’s apps except mail, calendar, and contacts. Most of what I do use is tied to my Gmail address so it really doesn’t do me much good to keep my domains on Google Apps anymore. That could be reason enough but, honestly, there are a number of things that made me want to do away with Google Apps and seek out alternatives:

1. IMAP is wonky and ssslllooowww!

Google’s IMAP implementation isn’t exactly to spec so many email clients and apps have problems with it. Heck, Apple has been fighting with it for the past two years trying to get performance issues squared away with the default Mail application in Mac OS X. On top of that, it’s slow as molasses and sometimes takes forever to bring up new mail. Performance and reliability are the two things that I expect the most out of the online services I use…especially email. Which is why I’m having a hard time understanding why Google, one of the biggest internet providers, isn’t as fast and reliable as it should be.

2. Spam protection not as good as Gmail

Since switching to Google Apps, I’ve noticed that spam protection is a bit hit and miss compared to Gmail. With Gmail, I rarely had any legitimate email land in the Spam folder. With Google Apps though, it always seems like the same email ends up in the Spam folder no matter what I did. I tried updating the spam settings in Google Apps several times, adding email addresses to a “legit" list, but they kept landing in Spam anyways. Kinda frustrating to say the least. Why is there such a discrepancy between how spam protection works between Gmail and Google Apps?

3. Quirky calendar behavior

I typically use a combination of the default Apple Calendar apps (OS X and iOS) and Fantastical for all my calendaring needs. For the most part, integration with Google calendars works but with some quirks. On occasion, I’ve had problems moving an event from one calendar to another, which results either in an error or the event getting stuck on a specific calendar. I’ve also had problems with invites where the same invite keeps showing up in the Calendar inbox and can’t be dismissed. Both issues were rather annoying and, when they happen, about the only solution is to delete the event and recreate it.

4. Privacy concerns

This is a rather mild complaint but one that I’m still a bit concerned about. Many folks online have raised concerns about how Google uses information about activity and data use with Google apps. Their passive approach to parsing keywords and text in email for better ad placement is one thing. But what about the data they collect on our activity within all the different Google-based applications? Are they selling this data? Personally, I’m less concerned about anyone knowing what I do online than I am not know whether a company is selling this information without my knowledge. Transparency seems to be the big issue here and, while it’s a minor gripe, it’s still one that has a bit of weight in my decision to not use Google Apps.

5. Lock-in

Something tells me that Google will likely do away with IMAP (and POP) altogether in favor of dedicated apps using Google API’s. Same applies to Apple’s calendar apps which might not be playing nice with the Google API’s. Again, this may not necessarily be Apple’s fault. My guess is that Apple may be trying to maintain a standardized approach using CalDAV with the Calendar apps but, just like IMAP, Google’s implementation is rather quirky causing some issues with certain features. Granted, IMAP, POP, and even CalDAV are pretty old standards so it would be understandable if Google did away with them in favor of a more modernized approach. However, doing so will greatly narrow the software solutions businesses have in using Google Apps. As such, I would imagine many businesses will migrate away from Google Apps if this happens to avoid any sort of lock-in.

So, what did I end up doing?

Well, for starters, I switched to FastMail for email. So far, I’m impressed with the speed and responsiveness of their servers. I can definitely tell a difference between using FastMail and using Google Apps. It’ll be a while before I know how well spam protection works but my first impression is good.

For calendar and contacts, because I’m in an all Apple environment, I decided to stick with iCloud. Syncing is pretty stable and almost instant. Invites are also more stable and just work as expected. Right now, I don’t have need of any business solutions but in the future, if I do, I’ll likely just use FastMail to share calendars and contacts between multiple users.

For file syncing, I’m currently sticking with Dropbox. I tried Google Drive but just found that it doesn’t work well for syncing data with apps like 1Password and TextExpander. I considered switching to iCloud Drive but found that there still isn’t any apps that allow for browsing your files like you can with Dropbox. Plus, unlike Dropbox, iCloud Drive doesn’t appear to allow you to share files and folders with others in a collaborative way, which is critical for most of the projects I work on. What I’ll likely end up doing is keeping Dropbox for basic business use and using iCloud for personal stuff.

For documents (notes, spreadsheets, presentations), I rarely used Google except for the occasional spreadsheet. Most of the documents I create tend to be within Apple-based apps like Page and Keynote. For notes and text-based document, I mostly use Evernote. I’m also considering the use of Markdown documents for the creation of web content in an effort to speed up the process of converting semantic text to HTML. Most of these documents end up in a folder that gets synced up through Dropbox for easy sharing and backups.

I’ll still maintain my Gmail account, which I’ve had forever, but will keep a fairly low profile with it. It’ll primarily be used for Google+, YouTube, and that sort of thing. One thing I should look into is updating my Google profile and see if I can turn off certain settings in an effort to maintain greater anonymity. I’m sure there are features that can be turned off but, like Facebook, they’re probably buried under 9 million different sub levels of settings.

Suffice to say, I’m glad I switched away from Google Apps. The upside is that I can pick and choose which solutions are the best for me while maintaining a level of privacy that I’m comfortable with. Along with that comes a nice boost in performance which, when it comes to productivity, is always a good thing. Like they always say, “time is money”, right?

]]>
<![CDATA[Network Neutrality and the Idiocracy of Politics]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/11/18/network-neutrality-and-the-idiocracy-of-politics https://www.thejeffwhitfield.com/blog/2014/11/18/network-neutrality-and-the-idiocracy-of-politics post Tue, 18 Nov 2014 00:00:00 +0000 Normally, this blog is reserved for posts about technology, the internet, and stuff about my career. Writing about politics just isn't something I like to do anymore. Not that I don't have any political opinions. I do (boy, do I have political opinions!). I just feel that politics today is so polarized that it makes debate darn near impossible. However, some recent talk regarding the topic of "net neutrality" gave me pause. As such, I felt the need to write here my stance on "net neutrality" along with my opinion on recent political discussions surrounding it.

Earlier this month (November 2014), President Obama released a statement about his plan for a free and open internet. What Obama outlined is the general consensus that most of us within the tech community feel, that ISP's and other internet-based companies should follow some basic, common-sense rules:

  • No blocking. If a consumer requests access to a website or service, and the content is legal, your ISP should not be permitted to block it. That way, every player — not just those commercially affiliated with an ISP — gets a fair shot at your business.

  • No throttling. Nor should ISPs be able to intentionally slow down some content or speed up others — through a process often called “throttling” — based on the type of service or your ISP’s preferences.

  • Increased transparency. The connection between consumers and ISPs — the so-called “last mile” — is not the only place some sites might get special treatment. So, I am also asking the FCC to make full use of the transparency authorities the court recently upheld, and if necessary to apply net neutrality rules to points of interconnection between the ISP and the rest of the Internet.

  • No paid prioritization. Simply put: No service should be stuck in a “slow lane” because it does not pay a fee. That kind of gatekeeping would undermine the level playing field essential to the Internet’s growth. So, as I have before, I am asking for an explicit ban on paid prioritization and any other restriction that has a similar effect.

The thing is, none of this is new, nor is it a topic something that should lend itself to any political ideology. Folks within the tech community have been talking about this for a good few years now and the consensus is clear: keeping networks fair and open is necessary to the continued success of the internet. Any political discussions that go against this is more or less the equivalent of political suicide and yet, as we'll see in a moment, politicians still insist on playing sides for political gain.

All President Obama did was wrap the message up and use the power of the Presidency to get the message out loud and clear. The problem is that he did it right in the big middle of a mid-season election. Not only that but did it in a time where partisan politics is at an all time high. As John Gruber of Daring Fireball points out, the issue has become so polarized along party lines. In no time, politicians like Senator Ted Cruz take to the internet in opposition to President Obama's statement:

“Net Neutrality” is Obamacare for the Internet; the Internet should not operate at the speed of government.

Gruber's response says it all:

That’s just word soup. The only similarity to the Affordable Care Act is that Obama supports it. There may well be a rational, reasoned argument against Net Neutrality, but Republicans aren’t making it, and neither are the cable companies or cellular providers. Be wary of the side that can’t express their argument in clear, plain, unambiguous language.

Indeed, politicians like Senator Cruz need to watch what they say and how they say it...otherwise, you get the ire of the tech community and end up looking like a jackass (ex. the Dear Senator Ted Cruz post on The Oatmeal).

None of this solves the problem of "net neutrality". In fact, all it does is allow deep pockets to keep throwing money at it in an effort to make it harder for proper legislation to get passed to curb the problem. Meanwhile, businesses and consumers continue to pay higher costs for the internet services they receive compared to what other countries pay. In many areas, businesses and individuals have little choice on which ISP they can use. In other words, many ISP's have a monopoly on internet services in various parts of the country.

As outlined on The Verge in an article appropriately titled "The Internet is Fucked", zero competition, a weak FCC, and no "net neutrality" is a recipe for disaster. The only way to really solve it is to do what we did with electricity and phone service: turn the internet into a utility. Turn it into a utility and you end up solving most of the problems associated with "net neutrality" and ISP monopolies. So, say it once...say it twice...say it loud and clear:

THE INTERNET IS A UTILITY, JUST LIKE WATER AND ELECTRICITY

]]>
<![CDATA[Retailers Are Disabling NFC to Block Apple Pay]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/10/27/retailers-are-disabling-nfc-to-block-apple-pay https://www.thejeffwhitfield.com/blog/2014/10/27/retailers-are-disabling-nfc-to-block-apple-pay post Mon, 27 Oct 2014 00:00:00 +0000 Rite Aid and CVS are dropping support for Apple Pay in favor of another solution called CurrentC. I'm in complete agreement with John Gruber on this one. Prioritizing access to customer data over a good customer experience is a bad, bad idea! Compared to how Apple Pay works, CurrentC is a step in the wrong direction and is bound to fail.

]]>
<![CDATA[Presentation at Big Design Conference]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/09/10/presentation-at-big-design-conference https://www.thejeffwhitfield.com/blog/2014/09/10/presentation-at-big-design-conference post Wed, 10 Sep 2014 00:00:00 +0000 This past weekend, I had the honor and privilege of being one of the speakers at the Big Design conference. I gave an updated version of my presentation on the User Experience of Comic Books. The response to my presentation was amazing! Lots of folks from the audience had some great questions and comments during the Q&A portion of the presentation. I'm ecstatic and overwhelmed with joy! It's a great feeling to know that I can contribute to other people's education on user experience design!

The rest of the conference was absolutely amazing! Lots of fantastic presentations; many from folks that I know. Many of the presentations were incredibly inspiring. In fact, a few of them gave me some ideas towards my next presentation! ;)

Along with that, a good number of presenters expressed interest in presenting at Refresh Dallas, a little organization for which I'm the organizer for. If you missed the Big D conference and would like to see a few of the presentations you missed, check out Refresh Dallas on Meetup!

For those that requested a copy of my presentation, you can find it on SlideShare.

]]>
<![CDATA[Assemble Static Site Generator]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/08/21/assemble-static-site-generator https://www.thejeffwhitfield.com/blog/2014/08/21/assemble-static-site-generator post Thu, 21 Aug 2014 00:00:00 +0000 For about a week or so, I've been playing around with Assemble a Node-based static site generator that works for Grunt.js and Yeoman. So far, I have to say that I'm impressed. So impressed in fact that I ended up dropping Middleman, a Ruby-based solution that I had been using for the past year.

I've been wrestling with my web design workflow for a good year now and decided to revisit the tools I use for generating website prototypes. For the better part of this year I've been using a tool called Middleman to develop website prototypes. There are a number of static site generator solutions out there, many of which even have GUI's (i.e. Cactus, Hammer, Mixture). Sure, it may not have a GUI and requires knowledge of the command-line and Ruby, but what separated Middleman from the rest was the sheer amount of flexibility it brings. The thing that attracted me the most was the ability to use bits of Ruby to do pretty much anything I could think of inside of templates. That and the ability to use local data from JSON or YAML files to loop over data sets. The extensibility of it is just powerful and it really has helped to speed up the design and development of websites within my workflow.

Lately though I've been running into a few issues with Middleman. As much as I like it, the problem is that it's a Ruby app and, frankly, I'm not much of a Ruby developer. Also, Middleman has certain dependencies that conflict with some of the other frameworks I use. For instance, I use Bourbon and Bourbon Neat quite a bit, both of which use Compass and Sass. The problem is that Bourbon requires that a Sass gem of 3.3 or higher be installed, which conflicts with Middleman's own requirements. You can force Middleman to accept higher version of both Sass and Compass but I'm concerned whether I'll run into compatibility issues later one. This made me think that perhaps a Ruby-based solution isn't the way to go. Granted, if I was a Ruby developer this would be a non-issue.

After a bit of research, I decided to revisited Assemble, a solution that I briefly looked at some time ago but didn't give it much thought. Boy, am I glad I did!

Call me stupid but I always thought that Yeoman was more geared for web application development rather than website development. Because I spend most of my time designing and developing website I figured Yeoman would be overkill and never gave it much thought. But if you really look at the three core tools of Yeoman (Yo, Grunt.js, and Bower), you realize that it's not overkill at all. Yeoman simply isn't just for web applications. In fact, you can keep it as simple and slim as you want. Let's look at each of the tools...

Whether you're starting with a simple HTML5 boilerplate or using a framework like Zurb Foundation or Twitter Bootstrap, Yo is more than capable of scaffolding out an environment for simple web projects. There are official generators for just about every framework out there. If there isn't one, you can easily create one of your own for scaffolding out your own projects.

Grunt.js is just a task runner but a very powerful one at that. It's the tool that automates your workflow. It can handle everything from running a simple local server, compiling your SASS and CoffeeScript files, optimizing images, to building out your project.

Finally, you have Bower, a package management tool that speeds up the management of the various web application libraries you're likely to use. Just about every major framework and library can be installed and managed through Bower and makes updating them a breeze!

Throw Assemble into the mix and you end up with a very, very powerful environment for prototyping websites. Assemble does everything Middleman can do...and then some! And, unlike Middleman, the only dependency it has is Grunt.js. That's it!

As for templating, Assemble uses Lo-Dash templates for configuration and metadata and Handlebars templates for content. The syntax for both aren't hard to learn at all and offer a lot of flexibility. There's not a whole lot you can't do within templates.

Suffice to say, it looks like I'll be sticking with Yeoman and Assemble for the time being. At least until something better comes along! :D

]]>
<![CDATA[A Lesson in Password Management]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/04/19/a-lesson-in-password-management https://www.thejeffwhitfield.com/blog/2014/04/19/a-lesson-in-password-management post Sat, 19 Apr 2014 00:00:00 +0000 With the recent news of the Heartbleed Bug, I have begun resetting all my passwords for online accounts. In the process of doing so, the thought occurred to me that many folks have no idea how to properly manage their passwords. I’ve seen situations where many of my family members, friends, and clients use the same passwords over and over again for just about every account they have online…even for important accounts like their email, banking, and social media; accounts that, if hacked, would reek holy havoc on their digital life. If this is a problem for you too then hopefully this blog post will point you in the right direction in remedying this issue.

The key to keeping your online accounts secure is having strong passwords. However, even that isn’t always enough because a website can still get hacked if there is a vulnerability in the software. The main problem with the Heartbleed Bug is that you end up being vulnerable regardless of whether you have a secure password or not. The good news is that most of the major sites have already updated their servers with a security patch to fix the Heartbleed Bug (see The Heartbleed Hit List). Even then, there are thousands of other sites that haven’t been fixed yet. If you are unsure whether a website is effected by this bug, your best bet would be to simply notify the site owner and ask them, especially if this is for an online account that is important to you.

Aside from any vulnerabilities, the best way to protect yourself is to do the following:

  1. Use strong passwords
  2. Always use a unique password for each account
  3. Routinely change your passwords at regular frequencies

All of this may seem daunting. After all, what does a strong password look like? If you have to use unique passwords on every account, how are you going to remember them all? Not only that, but changing passwords take a lot of time, especially when you have to come up with all those unique passwords and record them for safekeeping, right? That’s where a good password management tool comes into play.

While there are a number of good password management applications, my favorite is 1Password by AgileBits. One of the reasons I like it is that, along with managing website passwords, it can handle other tasks such as storing credit card information, filling out registration forms, generating strong passwords, and more. And, because it’s cross-platform (Mac, Windows, iPhone, iPad, and Android) you’ll have access to all of your secure information wherever you go. It’s truly the Swiss Army knife of passwords and other secure information. With 1Password, you don’t have to remember all your passwords. The application handles all your secure information by storing it in a highly encrypted database that can’t be accessed unless a person knows the password to the database, thus the reason for the name of the application. You only have to remember the one password required to access your 1Password database.

If you’ve never used a password management program like 1Password, learning how to use it and getting comfortable with it might seem a little hard, which is completely understandable. Fortunately, AgileBits has plenty of online documentation and tutorials on their website. Along with that, ScreenCastOnline recently posted a free tutorial on how to use 1Password.

Because 1Password comes with a password generator, creating strong passwords is easy. Most sites will let you know what the password requirements are, which you can adjust the 1Password password generator to accommodate for. For sites that have little or no restrictions, I tend to crank up the password length all the way to 30 and set it to include at least three number and three special characters. The 1Password generator will give you an idea on how strong the password is with the strength meter.

Remember, the whole point of this application is to help you generate passwords that can’t be hacked easily. Let the program do the work for you and generate as complex of a password as possible that still adheres to the requirements of the site you’re generating it for. When creating a new online account or changing a password, try to use a different password for each account. The reason is that, if a hacker knows one password, they could potentially hack any account you have that uses the exact same password. Better to err on the side of caution and simply generate a different password for each online account.

I personally try and change the passwords for all my important accounts at least once a year. To aid in knowing which accounts to concentrate on, I created a number of folders in 1Password to help organize accounts by importance. I have a folder called ‘Accounts’ for all my important accounts like email, banking, shopping, and other accounts with highly sensitive information. This is the one folder that, when a major security issue occurs, I address first. Along with that, I have other folders separated by business, personal, clients, organizations, and miscellaneous. I always change the important stuff in ‘Accounts’ first followed by personal and business accounts.

I won’t lie, changing all your passwords can take time. However, a tool like 1Password greatly helps in cutting down time spent changing passwords. If you concentrate on the most important ones first then you can change others over time. 1Password does have tools that allow you to target accounts that have really old passwords. Once you get the hang of it, you’ll find managing passwords and other secure information with 1Password a piece of cake.

Got any other useful tips for managing passwords? Leave a comment in the comment section below! :)

]]>
<![CDATA[UX of the Article Progress Bar on The Daily Beast Website]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/04/17/ux-of-the-article-progress-bar-on-the-daily-beast-website https://www.thejeffwhitfield.com/blog/2014/04/17/ux-of-the-article-progress-bar-on-the-daily-beast-website post Thu, 17 Apr 2014 00:00:00 +0000 My wife showed this one to me today. While viewing and scrolling through the page, pay attention to what is happening in the "READ THIS.list" box on the right. Not only does it show which article you're on using a simple scrollspy indicator but it also tracks how far into the article you are using a gray indicator just behind the list item. This is a very interesting way of handling the navigation of large amounts of related content. It certainly adds to the user experience and is quite clever.

Now, some folks commented Reddit that this sort of feature just adds bloat and, while they might have a point, it's still a very clever and useful feature nonetheless. I think all The Daily Beast would need to do is find ways to optimize their scripts to cut down on the size and number of scripts loaded. I also agree with one commenter that features like this can definitely impact performance. For extremely busy pages with lots of features and scripts being loaded, I'm not sure if adding a feature like this is wise. Granted, this page loads and performs well for me...but what about others who don't have computers as fast as mine? Will they receive the same user experience?

This is a good example of how problems related to large amounts of content can be solved. However, it also reveals issues related to how bloated code can impact performance as well.

]]>
<![CDATA[The Surprisingly Large Cost of Telling Small Lies]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2014/04/03/the-surprisingly-large-cost-of-telling-small-lies https://www.thejeffwhitfield.com/blog/2014/04/03/the-surprisingly-large-cost-of-telling-small-lies post Thu, 03 Apr 2014 00:00:00 +0000 This New York Time article landed in my news feeds at a very unusual time. I don't think the timing could have been more perfect. Let's just say that some recent business dealing didn't turn out as rosy as I would have liked. I think the problem was exactly what this article talks about: a lack of honesty does nothing but ruin a good business relationship.

I try to always remain honest, transparent, and on the level with everyone I work with. What I didn't know, and what is perhaps the biggest lesson in business, is that not everyone I work with is honest with me. I learned a lot from the experience.

I value the relationships I have with my clients and partners. As such, moving forward, I will do my best to keep things as open and transparent as possible.

]]>
<![CDATA[Mobile Devices to Boost US Holiday Ecommerce Sales Growth]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/09/06/mobile-devices-to-boost-us-holiday-ecommerce-sales-growth https://www.thejeffwhitfield.com/blog/2013/09/06/mobile-devices-to-boost-us-holiday-ecommerce-sales-growth post Fri, 06 Sep 2013 00:00:00 +0000 According to eMarketer, mobile devices are expected to take up a 16% share of the total US retail ecommerce sales this holiday season. Man, that is freakin' huge! Basically boils down to this: If you're selling stuff online and aren't making it easy for customers to buy your stuff through their mobile devices then your sales wil be 16% lower than they could be. This is one of the big reasons why responsive web design is so important. You just don't know when, where, or how people will engage your websites. This is especially true for ecommerce sites...or mcommerce for that matter.

]]>
<![CDATA[GhostLab: Bringing love back to website testing]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/07/24/ghostlab-bringing-love-back-to-website-testing https://www.thejeffwhitfield.com/blog/2013/07/24/ghostlab-bringing-love-back-to-website-testing post Wed, 24 Jul 2013 00:00:00 +0000 Every now and then a tool gets released that completely blows me away; something so useful that I just had to buy it immediately. Today, that tool is GhostLab. GhostLab is a simple Mac application that makes synchronized testing for websites easy. If you're on a Mac and you're a web developer, this is one of those apps that you have to take a look at.

Any web developer will tell you that one of the biggest pain points in designing and developing a website is cross-browser testing. It's even more painful when you throw mobile browsers in the mix. Third-party services like BrowserStack offer great solutions to help with this but tend to be hindered a bit by a cumbersome workflow. Sometimes you just want to get in and test something quickly prior to any rigorous testing with services like BrowserStack. That's where GhostLab come in handy.

GhostLab blew me away based on three core features:

Any Site. Any Client.

When it comes to the websites you want to test, GhostLab doesn't care where it is. It can be static files sitting in a folder, a local IP or web address, or any external website. As long as you can get to it locally, GhostLab can test it. Just drag in a folder or URL and GhostLab will set it up so that you can test it. It's that easy. GhostLab has it's own built in server so all it's really doing is tunnelling all the traffic from whatever site your testing through it's own server. By doing so, GhostLab is able to bypass any of the complexity surrounding most workflows when it comes to cross-browser testing. It even works with virtual machines and emulators. As long as the browser you're on can access the GhostLab server then you're good to go!

Synchronized Testing

Imagine being able to open a website within multiple browsers and have it detect scrolling, clicks, reloads, and form inputs from no matter which browser instance you're using. Yep! GhostLab does it! I use CodeKit when developing sites and whenever I make changes to my code CodeKit will automatically refresh my browser window for me. What's neat about this is refreshing that window will also refresh any other browser that's running the same GhostLab site. That's a nice little bump in my productivity.

Another useful feature is the Workspace feature. Usually when I'm testing my code for a responsive design, the chrome and buttons in my browser get in the way of viewing how a site might look at a given screen size. With GhostLab, I can fire off an Open Workspace command and the site will open up into three different chromeless windows sized at three different mobile breakpoints. Very, very handy! Only thing I haven't been able to figure out is how to create and/or update a workspace.

Inspection

This is the killer feature for sure! I can't tell you how annoying it is not having proper inspectors in Internet Explorer much less the absence of them in mobile browsers. GhostLab solves this by utilizing weinre, an open-source remote debugger. I looked at weinre in the past and thought about adopting in but getting it to work was a royal pain. With GhostLab, weinre is built right in so no setup or configuration required. This gives you a Webkit-like inspector for any browser. I personally hate the web inspector in Internet Explorer and prefer the Webkit inspector so having this feature available is a huge time saver for me!

I typically test using a few different virtual machines. I have a couple of Windows VM's for testing different versions of Internet Explorer and other Windows-based browsers. I have the iOS Simulator that I use to test iOS devices. And I have the Android SDK for testing Android-based tablets and phones. Usually, I have to test each of these one at a time and, without inspector abilities or synchronize testing, the process of debugging can be tedious at best. With GhostLab in the mix though, the workflow couldn't be any easier! Not only do I have the power or synchronized testing but full inspection and console access to boot! I'll likely still use BrowserStack for more thorough testing but for a basic testing workflow I don't think you can beat GhostLab. Check it out!

]]>
<![CDATA[AngularJS and HTML Validation]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/05/21/angularjs-and-html-validation https://www.thejeffwhitfield.com/blog/2013/05/21/angularjs-and-html-validation post Tue, 21 May 2013 00:00:00 +0000 So I've started learning more about AngularJS. However, one thing about AngularJS has continued to bug the hell out of me. It has to do with all those 'ng-' attributes that riddle your HTML and make the code invalid. Not that tag attributes are bad per se. It's just that an attribute with a 'ng-' prefix isn't consider valid...at least not yet. So the question becomes: How do I make my HTML valid with AngularJS?

The answer is really quite simple: just add a 'data-' prefix to all your 'ng-' attributes. 'ng-app' becomes 'data-ng-app' and so on. I tested this out with the AngularJS version of the TodoMVC app and it works just fine. The only thing extra I had to do was convert the 'ng-pluralize' custom tag into a span and use attributes to initialize the 'ng-pluralize' directive. Other than that, it validated well and no issues with the app.

AngularJS is a beast; an 800 pound gorilla for sure. Lots to learn! But knowing that I can make it work in a highly valid way is definitely good to know.

]]>
<![CDATA[Digital Marketers All Got This Thing Wrong About ROI]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/05/11/digital-marketers-all-got-this-thing-wrong-about-roi https://www.thejeffwhitfield.com/blog/2013/05/11/digital-marketers-all-got-this-thing-wrong-about-roi post Sat, 11 May 2013 00:00:00 +0000 Some very good insights on how ROI relates to the way people use the web. Even when we're building web applications and sites, we need to think about how we can relate unmeasurable things like UX practices with marketing expectations. After all, when, where, and how people engage your applications and sites will indeed have a direct impact on the success of that site/application.

]]>
<![CDATA[ Health Design Challenge: d+collab // THE PATIENT RECORD]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/02/13/health-design-challenge-dcollab-the-patient-record https://www.thejeffwhitfield.com/blog/2013/02/13/health-design-challenge-dcollab-the-patient-record post Wed, 13 Feb 2013 00:00:00 +0000 This is insanely cool! Regardless of whether you're a designer or not, everyone should take a look at this site and review at least the 1st place winner. Seeing where we are now and where we could be is a huge eye opener. I'm a huge proponent of medical record modernization. This will go a long way to moving us in the right direction! :)

]]>
<![CDATA[SilverStripe: PHP on Rails]]> Jeff Whitfield https://www.thejeffwhitfield.com/blog/2013/02/03/silverstripe-php-on-rails https://www.thejeffwhitfield.com/blog/2013/02/03/silverstripe-php-on-rails post Sun, 03 Feb 2013 00:00:00 +0000 In my last post, I talked about a few problems I have with MODX. In this post, I'm going to introduce a CMS called SilverStripe that I believe can help address some of the problems that developers might have with MODX.

SilverStripe is a content management system developed by SilverStripe Limited, a web development company that has been around since 2000. The CMS originally started as a proprietary system but, with the 2.0 version, the company decided to release it as open source in 2007. Since then, a 3.0 version was released in 2012 with some very welcomed changes. I appreciate the fact that the SilverStripe is a web development company because it means that, through the use of their own system with client sites, they can review how clients use the system and improve useability.

SilverStripe is more of a framework than a CMS. The core of SilverStripe is a framework known as Sapphire, which can be used much in the same vein as other PHP frameworks like CodeIgniter and FuelPHP, allowing applications to be built using no CMS at all. In fact, the CMS portion and every other addon to SilverStripe are nothing more than modules added onto the framework, which lends itself to being highly extensible.

Everything in the framework follows a heavy MVC model. When I showed this system to a seasoned Rails developer, he looked at it and said, "That's Ruby on Rails!". Yes, Rails developers will be pleased to find that there are similarities between Ruby on Rails and SilverStripe.

Easy Data Modeling

When I sit down to start developing a site, the first thing I do is try to get a handle on how the information is structured and how it might be managed. Not only does SilverStripe make this easy but the database itself will reflect your data model to the letter.

Both the model and controller classes are handled in a way that makes it easy to extend any PHP class in the system however you'd like. The two main classes that you're most likely to use in the system are the DataObject and Page classes. The DataObject class is the default class that is used to manage every data model in the system. In fact, the Page class is just an extension of the DataObject class. For every class you create, you'll likely extend off of either the DataObject or Page class depending on how you'll use the data.

Every class you create can have its own set of relationships with other classes: one to many, many to one, many to many, you name it. Within any class you can easily filter and return whatever information you want. In most cases you don't have to write a lot of code because the management of relationships is handle automatically for you. The best part of this is that the classes of information you create in the system are reflected in the database in a normalized manner. Any DataObject classes you create will have a table with the same name in the database with index tables created for many to many relationships. It's as simple as that. No ambiguity between your model and how it's stored.

And here's the kicker: SilverStripe manages the database for you! With a simple URL command, any changes you make to your data model will be reflected in the database automatically. The neat part of this is that it's done in a non-destructive way. If you decide to add, edit, or delete a field name or table, SilverStripe will update the database in a way so that none of your data gets destroyed. You might need to go in and do some maintenance to the database away from SilverStripe but, aside from that, SilverStripe does its best not to do anything destructive to your data.

Quick Interfaces Using Scaffolding

Models are handled in a way that is not only easy but allows for quick scaffolding for easy management of the data from within the SilverStripe administration UI. This is the part that completely blew me away. I was amazed at the fact that I can give SilverStripe a model and, with a few lines of code, can have a complete way to administrate all the information from within the UI. Even complex data models can be scaffolded quite easily! Amazing stuff!

Just like MODX components, you can create stand-alone areas of the CMS for managing data. However, unlike MODX, the management of information from within pages is not only easier but is managed in a way that accurately reflects your data model.

For instance, as mentioned in my previous post, imagine you have a Staff model that is attached to a specific Staff page. In SilverStripe, this is as easy as creating a StaffHolder page that has a one-to-many relationship with a Staff model. Whenever you set a page with the StaffHolder template, SilverStripe will automatically create an extra tab called Staff where you can easily add individual records for each staff member. This information can then be easily parsed and used from anywhere on the site.

While this is a simple example, you can create even more complex relationships with your data and implement them in a way that makes it easy for your clients to manage the information within the UI. Not only does this empower your client with the ability to manage their data more effectively, it can be done very easily with not a lot of code and/or knowledge. All it requires is solid knowledge about PHP classes.

Easy Templating

Just like MODX and Rails, management of templates and views is easy. The management of views are very similar to how Rails works in that each view reflects the class that is responsible for the view. Simple placeholders are used for information like the title, content, and other data related to each page or dataset. Logic can be added to a view to help facilitate things like if statements, loops, menus, and other bits of logic.

Unlike MODX though, you can't manage your views from within the CMS. All view files are managed on the file system using various files with a .SS extension. In fact, all files related to the programming of a site are managed on the file system. The only thing that is managed using a database and the UI is the content itself. Upside of this is that all view, classes, and other files can easily be managed with a versioning system like SVN or Git.

Good Documentation, Great Community

When I first started to dive into SilverStripe, I picked up their book SilverStripe: The Complete Guide to CMS Development. Granted, this is an old book. It was written in 2009 and covers an older 2.3 version of SilverStripe. Even then, you can still learn a lot about the philosophy of SilverStripe as well as the basics of how the system works. Through the use of a step-by-step tutorial format, you can quickly get a good understanding of how data modeling, scaffolding, objects, and templates work, all the fundamentals required to build great websites. Still, it would be nice to see a second edition of the book that covers the new 3.0 version and goes farther in the exploration of the system.

Aside from that, the SilverStripe open source site has fair amount of documentation on the system and API, including short tutorials and howto's using the new 3.0 system.

But what truly makes SilverStripe great is the community. Like MODX, SilverStripe has a vibrant community of talented developers contributing to the project and writing all kinds of modules to extend the system in infinite ways. A short visit to GitHub will show you an extensive list of SilverStripe related resources.

From Amazing to Awesome

To give you a taste of just how awesome SilverStripe can be, take some time to visit the SilverSmith project. This addon by Aaron Carlino (AKA UncleCheese) for SilverStripe allows you to quickly and easily write tons of code with just one command. In fact, just watch the videos about the SilverSmith CLI and the links off the SilverSmith project site. My jaw literally dropped! Imagine scaffolding your entire site with just a YAML file and a text file. It basically allows you to do what would take you a few hours to do and do it in just 30 minutes. Insane!

While the CLI is in alpha, the best is yet to come. Aaron has plans of building a native Mac app that allows for visually building your initial data model as well as adding the ability to use plugins for direct integration of other SilverStripe modules. I can't wait!

So, there you have it! A fairly decent review of SilverStripe and it's benefits. Is it a full replacement for MODX? Maybe. Is it perfect? No. There are definitely some areas that could use improvement. But, even then, it's still a great system and very useable in a production environment. Try it and decide for yourself. For Rails developers looking for a solid solution with PHP, SilverStripe might just be the ticket! :)

]]>