How to create a static content server on Amazon S3

Overview

In this tutorial I quickly go over creating a static site using S3. This should be a simple process and for the most part it is except Amazon’s security policy editor. There are many ways to control security in AWS and I beat my head against a wall for many hours trying to figure what would work. I present what worked for me but this may not be the ‘best’ way to do the security for an S3 bucket. If get more info on how to better do it I will update this post accordingly.

Assumptions:

  • You’ve created an AWS account on http://aws.amazon.com (it’s super-easy)
  • My static domain (static.eli4d.com) will use WordPress.com’s nameservers. I host this blog (besides all images and static content) on wordpress.com. The $13 is well worth my time and my content is portable due to the static server usage.

Note: Originally I had created an images.eli4d.com S3 bucket but now I am switching to static.eli4d.com. While creating the images bucket I accumulated lots of scattered notes. If there’s any references to the images bucket it is due to this initial effort.

Get an AWS account

Creating an AWS account is extremely easy and it’s faster than Amazon Prime.

Get an AWS account

How to create an S3 bucket for static.eli4d.com

Pick S3

The sheer breadth of Amazon’s web services is astounding…and it keeps growing.

Pick S3

The creation step is very simple – just click that “Create Bucket”

The only gotcha is that your bucket name should be the exact name of the domain you want to associate it with. So if I want static.eli4d.com for my static content, then I need to make a bucket name of static.eli4d.com. If that bucket name is taken (it’s universal across all of AWS) – then you’re out of luck and have to go down a more complicated route (see https://eli4d.com/2015/09/02/amazon-web-services-lesson-s3-bucket-names-are-universal-so-get-your-domain-named-s3-bucket-before-someone-else-does/ ).

The creation step is very simple - just click that "Create Bucket"

S3 Management Console

S3 Management Console

S3 Management Console

S3 Management Console

It’s ALIVE

Franken url is awake…but inaccessible

It's ALIVE

Current permissions – main account

Current permissions - main account

Time to create the index.html

Time to create the index.html

Time to create robots.txt

Time to create robots.txt

Lets get back to the bucket

Lets get back to the bucket

S3 Management Console – uploading files – 1

S3 Management Console - uploading files - 1

S3 Management Console – uploading files – 2

S3 Management Console - uploading files - 2

Upload details page

Keeping it as defaults.

Upload details page

Upload complete

Upload complete

My bucket shows the uploaded files

My bucket shows the uploaded files

Testing end point – can I see that index.html

And the answer is no. Not surprising but the answer is still NO.

It’s time to go down the rabbit hole also known as AWS permissions. This is a short trip into that hole. We’ll have a longer trip when enabling an access policy between a user and this bucket.

Testing end point - can I see that index.html

Allowing anyone to get to the S3 bucket using a browser

Where do I find my S3’s ARN?

Go to the S3 bucket and edit the bucket policy to see the bucket’s ARN. In my case the ARN is arn:aws:s3:::static.eli4d.com/*

Where do I find my S3's ARN?

Setting bucket permissions – 1

Following http://blog.learningtree.com/configuring-amazon-s3-to-serve-images/ in setting bucket properties

Setting bucket permissions - 1

Setting bucket permissions – 2

Keep in mind the following: when you click the link the AWS Policy Generator will launch in a separate browser window. You then create the policy there and then you have to copy the policy that’s created (a bunch of text) from that browser window to this browser window. This is not obvious and from a UX point of view it can be crazy-making and confusing.

Setting bucket permissions - 2

Setting bucket permissions – 3

Setting bucket permissions - 3

AWS Policy Generator

The only permission that the bucket needs to be world readable is GetObject.

AWS Policy Generator

ARN is key

You need to put correct arn:

arn:aws:s3:::static.eli4d.com/* in my case as mentioned above. Mess up the ARN and you will be slightly sad.

‘Principal’ refers to anyone who accesses the bucket (so by putting * we’re saying ‘everyone’).

ARN is key

Once you add the statement

Policy generator gives you a summary before actual generation. It’s time to click the ‘Generate Policy’ button.

Once you add the statement

Clicking the ‘Generate’ button

Side note: that version date is odd. You can’t just put today’s date as the version date.

Clicking the 'Generate' button

So you have a policy and you need to copy it

I know….you’re thinking wtf and so am I. So copy the policy. Then go back to the window where you launched the policy generator.

As a key principal here: do not modify any of this text. Seriously…don’t do it.

So you have a policy and you need to copy it

Here’s where you’re going to copy the text into

Remember that browser window from which you opened the security policy editor. Go back to that one.

Here's where you're going to copy the text into

Now paste in the policy and save it

Now paste in the policy and save it

If everything is ok policy wise you get back to the main window

There’s a really quick green checkbox and here we are (sure wish the UX was better here).

If everything is ok policy wise you get back to the main window

Time to retest the endpoint

Whohoo…now we can get to the S3 bucket.

What’s left:

  • Domain mapping of static.eli4d.com domain to this endpoint
  • Permissions to allow me to sync resources

Time to retest the endpoint

Domain mapping to the S3 bucket

My eli4d.com domain is controlled by WordPress (my registrar, however, is Hover – I LOVE Hover). These instructions apply to adding the static.eli4d.com subdomain via WordPress. I had tested some other domain configurations and this turned out to be the simplest approach (thumbs up to Hover and WordPress support). Depending on your domain configuration – you’ll have to adjust your steps accordingly when adding a subdomain.

Note: any ‘Hover’ URLs from this post are a referral link to Hover. BTW in case I didn’t mention it – I love^1000 Hover.

To the wordpress.com domain editing url

The not-so-easily found domains link on WordPress.com.

To the wordpress.com domain editing url

Lets edit the DNS

Time to add my subdomain of static.eli4d.com

Lets edit the DNS

Create a CNAME record for static.eli4d.com

The steps are to:

  1. Create the CNAME
  2. Click on the ‘Add’ button
  3. Click on the ‘Save Changes’ button

Create a CNAME record for static.eli4d.com

Check that static.eli4d.com is showing on the browser

Problem – when I type static.eli4d.com it redirects to eli4d.com – why?

The answer is DNS propagation that may take between 48 to 72 hours.

Lets pretend that 48 to 72 hours have passed

Ta-da – it works!

Hint: Use Firefox/Chrome private browsing mode to validate domain since it eliminates caching issues.

Lets pretend that 48 to 72 hours have passed

Checking in: workflow – how do I upload resources to my S3 bucket?

Now what? How do I upload my static resources to this S3 bucket? It will most likely be images but it can be anything else (so S3 accepts a maximum of 5 TB sized files). I write my blog entry on my Mac via Markdown putting the static items in the post, but then how where do I go from here to there workflow-wise?

I could just log into the AWS console and upload the resources but it feels clunky and not my type of workflow. What I want is something on the command line that syncs my resource directory to my S3 bucket. So here’s my approach:

  • find a command line utility
  • configure a user on AWS that can sync data only to this bucket (this is just basic security; I don’t want my main ‘root’-ish user to do everything from my mac); ideally I would have a user per bucket but I’ll stick to one sync user to honor some semblance of simplicity and sanity
  • configure the S3 bucket to accept connection from this user (this turned out to be a bear – AWS’s security model is breathtakingly complex)

Note: If you’re ok with just uploading resources via the AWS console then you’re done…enjoy! (please let me know via Twitter that you found these instructions useful…it encourages me to write more of this)

Finding an S3 sync command line utility

Lots of possible solutions but some outdated

Lots of possible solutions but some outdated

But there’s a promising article

at: http://serverfault.com/questions/73959/using-rsync-with-amazon-s3

An Amazon native solution would be ideal (just like using the docs straight from the horses mouth – i.e. amazon).

But there's a promising article

I want sync but…

I need to start at the beginning, so I need to backup to aws cli instructions

I want sync but...

Selecting “User Guide”

Selecting "User Guide"

Nice – the page has what I need

http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html

Nice - the page has what I need

More AWS cli documentation

More AWS cli documentation

And more AWS docs

http://docs.aws.amazon.com/AmazonS3/latest/dev/walkthrough1.html

And more AWS docs

Command line install instructions

Command line install instructions

I’m using the bundled installer since I don’t have pip but I do have Python 2.7.5

I'm using the bundled installer since I don't have pip but I do have Python 2.7.5

Installing the AWS Command Line Interface – AWS Command Line Interface

Installing the AWS Command Line Interface - AWS Command Line Interface

Sweetest command line – here we go

Just follow the instructions

Sweetest command line - here we go

The ‘aws’ command works!

Note that I moved back to my standard account rather than the admin account on the mac (trying to be secure and all that jazz)

The 'aws' command works!

The command to sync a local folder to the AWS bucket

At this point this command doesn’t work yet but it will later. All possible options for aws cli can be found here: http://docs.aws.amazon.com/cli/latest/reference/s3/sync.html

 aws s3 sync /Volumes/elev-per/Dropbox/eli4d-content/s3/static.eli4d.com/2015/ s3://static.eli4d.com/2015 --delete --exclude "*.DS_Store"

Basically the above command says sync all resources from my local directory and use the local directory as the authoritative source deleting any mismatches on the S3 bucket side (i.e. the –delete) and exclude the Mac side pollution of .DS_Store – so don’t sync those.

The fantastically awesome Nicolas Zakas and a slight sad story about S3

I happened to come across a very interesting post by Nicolas Zakas ( http://www.nczonline.net/blog/2015/08/wordpress-jekyll-my-new-blog-setup/ ).

There are 2 very interesting things:

  1. His comment about s3command was very interesting. Since I don’t regenerate all of the static content – awscli is fine for me. But it’s something to keep in mind for static blog generation.
  2. The ability of someone else to indirectly squat on his domain by taking the name as an S3 bucket. I’ve written about this here: https://eli4d.com/2015/09/02/amazon-web-services-lesson-s3-bucket-names-are-universal-so-get-your-domain-named-s3-bucket-before-someone-else-does/

The fantastically awesome Nicolas Zakas and a slight sad story about S3

Creating an S3 user for syncing

As mentioned before I need a user that can sync resources for this specific bucket

I need some Sam IAM (come on Dr. Seuss – work with me here)

http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-set-up.html#cli-signup%20%28IAM%29

As mentioned before I need a user that can sync resources for this specific bucket

Creating a sync user via IAM – 1

Time to go to that iam console

Creating a sync user via IAM - 1

Creating a sync user via IAM – 2

time to click that user’s link

Creating a sync user via IAM - 2

Creating a sync user via IAM – 3

Select ‘Create New Users’

Creating a sync user via IAM - 3

Creating a sync user via IAM – 4

Creating a sync user via IAM - 4

Creating a sync user via IAM – 5

Creating a sync user via IAM - 5

Creating a sync user via IAM – 6

Here is where you create an access key (I already created it). The gist is AWS creates a public/private key and you need to save it because it’s never shown to you again (i.e. the private key).

Creating a sync user via IAM - 6

Now how do I give this user access to my images bucket?

Duckducking around: https://duckduckgo.com/?q=how+add+IAM+user+to+s3

I found: http://docs.aws.amazon.com/AmazonS3/latest/dev/walkthrough1.html

Click the user to see its permissions

Click the user to see its permissions

New IAM user information

New IAM user information

Configuring aws-cli with my newly created AWS user

Time to configure

http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-set-up.html

Note 1: that I found my region by logging into aws console > s3 and looked at the top area for region corresponding to my s3 bucket.

Note 2: All configuration (default) is in ~/.aws/

Time to configure

Calling s3

S3 references:

http://docs.aws.amazon.com/cli/latest/userguide/cli-s3.html

http://docs.aws.amazon.com/cli/latest/reference/s3/index.html

http://docs.aws.amazon.com/cli/latest/reference/s3/ls.html

http://docs.aws.amazon.com/cli/latest/reference/s3/sync.html

Dang – I need IAM policy for my user.

Calling s3

Configuring my S3 bucket to allow sync from my eli4dsync user

This is what I want

This is what I want

Insert many head scratching hours and attempts to get this going and lots^1000 of expletives

I initially attempted to change the security policy of the S3 bucket to allow for my sync user. I got lots and lots ‘Access Denied’ messages. I scoured AWS documentation, Duckduckgo, Google, Stackoverflow, and a Lynda course about AWS. Somewhere along all of this I figured that maybe I need to approach this from the other side – the eli4dsync user and that maybe I should attach a policy to the user in terms of the bucket access. This is the approach that worked for me but it may not be the right approach. If someone at Amazon would clarify the way security policy works – I would love to write that up (so open invitation AWS people with security policy information to get in touch).

Image credit: https://flic.kr/p/bMGA1T

Insert many head scratching hours and attempts to get this going and lots^1000 of expletives

Applying an inline policy to the IAM user rather than the S3 bucket

Per http://blogs.aws.amazon.com/security/post/Tx3VRSWZ6B3SHAV/Writing-IAM-Policies-How-to-grant-access-to-an-Amazon-S3-bucket

So initially – it looks like this article talks about s3 policy but it isn’t about the s3 bucket but rather the IAM user.

Applying an inline policy to the IAM user rather than the S3 bucket

Testing my sync code against my changes I find that this one works

So there are two parts:

Part (1) applies to the whole bucket. ListObjects is needed for recursion that occurs through the awscli sync command (think subdirectories of files and syncing them…though S3 doesn’t have a file hierarchy concept).

Part (2) applies to objects that are within buckets.

With this inline policy my sync user does NOT have carte blanche – it’s the right thing (for my purposes).

Testing my sync code against my changes I find that this one works

It works!!!

My sync script works and I have a very specific policy for my sync user.

It works!!!

Conclusion and Thanks

That’s it.

As you can tell – the AWS security policy creation is the biggest head scratcher. The rest if fairly straightforward.

My thanks to the folks that created the following resources and/or answered my questions:

Please let me know via Twitter (https://twitter.com/eli4d) that you found these instructions useful…it encourages me to write more of this.

Advertisements

Opinion: Where’s my data and who owns it?

A long time ago I worked for an information security firm. In one of the classes that I took – an animated and spunky instructor asked “what is the most secure computer system in the world?” Me and the other participants answered with technical solutions involving things like firewalls and encryption systems and the instructor stood there smiling and waiting with a Cheshire grin.

Once we all finished he paused for a few seconds and then answered the question with “the most secure computer system in the world is a system that is in a bunker connected to an isolated power source with a closed door and a soldier standing in front that door with an M-16 rifle”. One of my peers protested with “that’s not fair – if the system is not connected to a network, then what’s the point?”

That was the ‘aha’ moment for me about data security and the tug of war between data security and connectivity/usefulness. At the time of this class there were very few networks and the Internet as we know it today did not fully exist.

Fundamentally, there is no data security when you are surfing around the net. Your browser is a speed boat that moves from one information island to another, and data sucking barnacles keep collecting on the bottom under the waterline and out of sight. The difference of course from real barnacles is that you ‘data barnacles’ are quickly connected and stored (cookies, super cookies, trackers, etc…). Unfortunately, you can never wash/scrub/scrape them out like physical equivalents.

Surfing is one thing – but what about a specific relationship with a company? What about a ‘paid’ customer relationship versus a ‘free’ one? I’ve been thinking about this recently when interacting Evernote.

I started using Evernote as an alternative to del.icio.us when del.icio.us went downhill but I never became a paid user. My data usage was always below the max allowed for free users and as time passed I used Evernote less and less.

Recently, I came across the possibility that Evernote would go out of business and this made me think of the data the I accumulated over time. What would happen if they got purchased by another company…how would my data be treated? Who would it be sold to?

So I went down the rabbit hole of trying to get my data deleted. I wanted to email Evernote support but there was no way to do it from their website nor from my logged in account. Twitter saved the day and I got into their ticketing system through the Evernote Twitter responder. Through this person I received an email from a support person (Ms. S). I emailed back and forth about removing my account and my data. Below is my communication with Evernote.

The back and forth with Evernote in pictures

Initial ‘contact’ pages on website did not provide access to any support person

Maybe the ‘support’ page will have something.

Initial 'contact' pages on website did not provide access to any support person

‘Support’ page provided no mechanism to contact a support human

Support page was a dud. Onto Twitter.

'Support' page provided no mechanism to contact a support human

Twitter rules in reaching someone at Evernote

Evernote’s Twitter human responder rocks!

Twitter rules in reaching someone at Evernote

I finally have a ticket to Evernote due to Twitter

I finally have a ticket to Evernote due to Twitter

OK – so I followed your procedures for account deletions but…

“Hard deleting data” – interesting? So how many storage and back-up storage mechanisms does Evernote have?

OK - so I followed your procedures for account deletions but...

But wait….what…so where’s my data? Did you delete my data? What happens if someone acquires your company?

But wait....what...so where's my data?  Did you delete my data?  What happens if someone acquires your company?

Conclusion

This whole interaction left me in this fuzzy territory of feeling that my data is still out there regardless of my request for its removal. I suspect the same support path would apply even if I was a paid customer.

I suppose that my hypocrisy was in thinking of Evernote as a library rather than a company. Whereas librarians care about their user’s privacy companies don’t because that’s not their business model. This doesn’t make Evernote ‘evil’ or ‘good’. Google typically gets the good/evil arguments though it applies to companies in general (though as a sidenote – Google’s Data Liberation Front is an interesting approach in dealing with this very issue…kudos to Google for addressing this upfront).

If I willingly gave my data to Evernote then what does make me? I could claim ignorance…’I didn’t know you guys would never let my data go’ but that’s a stupid excuse. My data is only safe in a locked room on a computer that’s connected to an isolated power supply and nothing else. But when my data is this safe it is also pretty useless. How many pages could I have stored on Evernote without a network connection? Zero pages of course. Was the utility of Evernote worth it? This is the same question that can be applied to all other ‘free’ services:

  • Is the utility of Gmail worth it?
  • What about Google docs?
  • What about Office 365?
  • What about all the free services that I use all over the web?

I don’t know if there’s any good solution to any of this. Perhaps I should have chosen Pinboard as my post-del.icio.us bookmarking service. Maybe a dude developing in his underpants is more trustworthy than a corporation. Then again – maybe not.

Book Review: “Swarm” by B.V. Larson

Warning: Spoiler Alert: If you intend to read the book, please do not read this review.

Review

Rating:

  • Harlequin level: n/a
  • Plot/action/story: 5
  • Solid conclusion: 5
  • SciFi thrill: 4
  • Fantasy thrill: n/a
  • Part of a series but doesn’t skimp: n/a – Not sure since I haven’t read any other books in the series (yet)

Overall thoughts about the book

I borrowed B.V. Larson’s “Swarm” from the Kindle Owner’s Library. The reviews were decent though I didn’t have high expectations.

The story is told from the main character’s first person point of view. Although the analogy is weak – it reminds me of the falling into the rabbit hole part of “Alice in Wonderland”. It is a well edited book that has a fast pace.

Kyle Riggs is a computer science teacher at Merced University. He lives on a small family farm with 2 kids. His wife passed away 10 years before in a car accident.

I like the fact that Larson doesn’t dawdle. Within a few pages, the big bad shows up – an alien ship that abducts and kills his son and daughter. Then the big black arm of the ship takes him.

As a parent, it’s heart wrenching to watch Kyle’s helplessness as his kids are killed. When he takes command of the ship after passing its nasty tests, you think that he could bring the kids back due to the ship’s advance technologies but it’s one of those false hope moments that crushes Kyle and you as a reader.

I recognized the voice then, the one in my head that was saying these attractive things. It was the evil, chattering hope-monkey. I had met this creature before, mostly in dreams, after Donna had died. She would be alive in my dreams and I would awaken, smiling, planning my day with her. But each morning I would rediscover with fresh despair that she was still dead. A grief counselor Iโ€™d talked to had named the phenomena the hope-monkey.

I think it’s this visceral sort of connection to this character that makes the story great. I’m not sure if I would feel that connection if I wasn’t close to Kyle’s age and life stage.

The technological description is fairly raw and detailed. But I think that beyond the introduction, the thing that kept my interested was Kyle’s computer science approach when dealing with an alien AI. His whole debugging approach resonated with me from a software development point of view.

I think that any software geek would definitely enjoy the book from a problem/puzzle point of view. The automated nature of the Nanos and the Macros is also quite interesting in a programmatic puzzle sort of way.

And just when you think it’s a big happy ending and the ‘good guys win’, Larson smacks you upside the head with cold computer logic setting you up for his second book. If you’ve dealt with computer programming, then the realism of this computer logic based ending is quite sobering and makes the book great.

“Swarm” is the first of the Star Force series (currently at 12 books). I’m definitely willing to give book 2 (“Extinction”) a chance. But I’m leery of such series since many times they end up being more a money play rather than an amazing saga. Maybe Larson’s series is different…I don’t know.

Some neat passages:

I felt as if I were suffocating, as if a great hand had come down and closed over me, putting me out like fingers snuffing a candle flame.

I thought about what Crow had said about achieving independence. No political group was allowed to do so unless it was strong enough to fight for its freedom.

Alliances are always forged in the fires of necessity, rather than poured from the sweet wine of love. I recalled having read that quote somewhere and it seemed particularly apt today.

Internally, I did not call myself a volunteer. I recalled having been drafted by a silent, black starship, in the middle of the night.

A smile split my face. Stupid machine. It had been programmed not to answer any questions about the creators. But it hadnโ€™t been programmed not to answer questions in the negative. In other words, it could talk about what they were not.

Adobe Voice – is it worth it?

If you’re an instructor – is Adobe Voice worth using?

The short answer: no.

Overview

My co-worker (Matt) showed me Adobe Voice and suggested that it might be a useful tool for creating instructional presentations. In this post, I review Adobe voice from the point of view of an instructor. Some questions that I’ve kept in mind while doing this:

  • Does it allow me to create compelling presentations?
  • How difficult is it to use?
  • Can I preserve my source materials? (to clarify – consider that regardless of your like/dislike of PowerPoint all PowerPoint presentations since 1.0 can still be used and modified with the latest version of PowerPoint)
  • Is this product going to be around in a year?

In the summary section I describe what I see as the pros/cons of Adobe Voice. While in the detail section I cover my test presentation and usage of Adobe Voice.

You can find the sample presentation that I created on Adobe Voice at: https://voice.adobe.com/a/VNo0k/

Summary aka ;TLDR

Ironically, Adobe seems to own your voice when you use Adobe Voice. Consequently, from an instructor point of view I don’t think it is worthwhile. It has great value as a potential form of self expression that also advertises for Adobe. It is great for throwaway projects and has potential as a brainstorming tool assuming that you don’t care about your brainstorming’s artifacts.

Stepping for a moment away from the instructional point of view, Adobe Voice is a great showcase app that can provide other app makers with a great user centric approach to accessing and using Creative Commons assets.

Right now (as of 10/21/15) Adobe Voice is only available on the iPad.

The good about Adobe Voice:

  • The most amazing part of Adobe Voice is the ease of import of Creative Commons materials in terms of icons and images. There’s a certain sort of odd irony that the open nature of Creative Commons is the core feature of an extremely proprietary tool. More interoperable competitors such as Explain Everything should immediately implement this very feature in their product. If nothing else Adobe Voice is a great prototype of the things that you can do with Creative Commons.
  • Kudos to the UI designers and the programming team of Adobe Voice for making it both powerful and easy to use.
  • The frame-by-frame voice recording is great in combination with the background music and choosable theme.

The bad about Adobe Voice:

  • Only portrait orientation is allowed. This may seem like a minor point but it becomes really annoying really fast.
  • The video that Adobe Voice generates is only available on Adobe’s site. Adobe Voice is another way for Adobe to bring users into their Creative Cloud. The only in-app purchase within the app is for space on Creative Cloud. I understand that Adobe is a business and they need to make money. However, in a business context Adobe Voice is nothing more than a pretty advertisement brochure for Adobe. There is no way to export the project to any format but the proprietary one that is stored on Creative Cloud. So ironically your voice as represented by your Adobe Voice project is locked away on Adobe’s servers. There is no way to export the project into any neutral format (like Markdown). This is the biggest problem with Adobe Voice and I cannot recommend it to anyone because of this. Adobe may discontinue the project at any time and the only thing that users may be left with is yet another corporate email apology.

Detail

In this section I walk through my small video creation that you can find here: https://voice.adobe.com/a/VNo0k/ . As a technical point – I used an Audio Technica lavalier microphone – the ATR3350iS. I heard a little bit of background noise when recording and choose the ukulele background music to mask it. This brings up one issue with using the iPad with Adobe Voice – audio capture is tricky. The iPad’s microphone is really not great and you would be better served with a shotgun type of microphone. However, if you use Adobe Voice for just throwaway projects then the sound quality may not matter as much.

Starting Adobe Voice

Few log-in options and some pimping to educational organization.

Starting Adobe Voice

I used my Adobe login

I happen to have a Creative Cloud account due to some meager attempts at learning Photoshop. For my use the cost of Creative Cloud is questionable.

I used my Adobe login

Choice of presentation structure

A very nice pallette of presentation structures to choose from. I went with “Teach a Lesson”.

Choice of presentation structure

The Heart of the Interface

This is the ‘dashboard’ through which you build your presentation on a frame-by-frame basis. In a sense it’s no different than working on a PowerPoint viewgraph – but with the iPad’s tactile interface and amazing Creative Commons usage. Lets do a quick walk through the interface:

1 – Home sweet home where you can create new projects or edit old ones. You never have access to the actual project file and its contents beyond the Adobe Voice app and Creative Cloud.

2 – Built-in: Layout allows frame-by-frame image/icon/text arrangment; Themes is presentation wide changes of theme; Music is presentation wide music backgrounds (all of these will be shown later)

3 – The “share” button which is more of an “upload then share via url to video” (you can only share a link to Adobe’s site where your assembled presentation is located).

4 – Per frame presentation elements: Icon scaled to fit, or Photo, or Text. For icon/photo you can use Creative Commons search or your own (shown later)

5 – This is the magical button that records your voice for this particular frame. As long as you hold it, then your voice is recorded. Once there’s either a visual element (via (4)) and/or audio, then you’ll have the ability to play just that frame. Note that I found some weird skips when doing an audio recording that was less than a second.

6 – This is a very PowerPoint like view of your current and future presentation frames. You also have a play button on the left side to play the presentation from this point forward (across all frames). The frame names that you see are due to the “teach a lesson” structure that I choose for this presentation.

The Heart of the Interface

Icon search for ‘voice’ – 1

Icon search for 'voice' - 1

Icon search for ‘voice’ – 2

Look at the amazing Creative Commons selections!

Icon search for 'voice' - 2

Photo search options

“Find Photos” is the Creative Commons search. Have I mentioned how awesome this is?

Photo search options

Replace layout on current frame – 1

Replace layout on current frame - 1

Replace layout on current frame – 2

Replace layout on current frame - 2

Theme Choices

Note that certain themes can cause distortions of photos due to theme type. For example, the Watercolor theme caused the picture in frame 2 to be distorted in a theme appropriate way. In my case, it cut off frame 2’s picture to the point that the word ‘unique’ was not visible so I went back to Simple theme. There are more themes than what’s shown in the image.

Theme Choices

(Background) Music Choices

A very nice touch is the ability to change the volume of the background music across the whole presentation.

(Background) Music Choices

Photo orientation gone bad

There’s no way to correct a photo that is mis-oriented…at least none that I could see.

Photo orientation gone bad

CC CYA – Creative Commons Information

When choosing the ‘i’ next to a Creative Commons image or icon – this is what you get.

CC CYA - Creative Commons Information

“Share” button – 1

I choose to “share” through email. And in case you’re wondering – yes, the double quotes are there for irony.

"Share" button - 1

“Share” button – 2

"Share" button - 2

“Share” button – 3

"Share" button - 3

“Share” button – 4

Boy do I have a story for you…and in case you didn’t know it ADOBE HELPED ME MAKE IT!

"Share" button - 4

“Share” button – 5

When you click the link in the email this is what you see in your browser.

"Share" button - 5

“Share” button – 6

When playing your presentation off Adobe’s site the last frame of your presentation is auto-generated. As you can see – in the case of my presentation it gives attribution to all the Creative Commons images and icons that I used. This is a very nice way to give credit where credit is due. Big thumbs up to Adobe Voice’s designers and developers.

"Share" button - 6

Conclusion

I’m not sure if there is more to say. Adobe Voice comes so close to being amazing but it falls short through its proprietary nature. And the amazing part is the most ironic part too – the integration of Creative Commons assets. It leaves me with this mixed feeling about Adobe Voice which is reflective of how I feel about the company that brought both amazing products like Photoshop and terrible ones like Flash.

Laravel Podcast Episode 36 – Dev School – the unofficial/informal show notes

Summary

I really like the Laravel podcast. It’s a (typically) very short podcast covering both development and the Laravel framework. I like this podcast so much that I recommend it to my PHP students. It’s a nice informal conversation between seasoned PHP developers that covers the Laravel framework, PHP and other general development aspects.

The only down side of this show is that there aren’t any show notes (at least not for recent episodes). I found episode 36 to be really good in terms of pragmatic advice to those beginning to code. I think it will be really useful for my programming students which is why I decided to write a quick post providing my version of the show notes for this specific episode.

Things to note:

  • The episode is great up to time mark 41:40 (i.e. 41 minutes / 40 seconds) and then it deviates into a discussion about comfortable clothing. Feel free to skip this part. Of course if you want fashion hints from seasoned developers – then feel free to listen ๐Ÿ™‚

  • The episode location is on the laravel podcast site. However, the linked time marks use Overcast.fm since that site provides a web player to specific time marks and it is my podcast player of choice where I listened to this episode. If you have an iPhone you should definitely give Overcast a try – it’s fully featured and free. Of course if you like it – you should donate.

  • Should you believe anything these guys say? Well – you shouldn’t believe anyone. Take it with a grain of salt and see if it makes sense. I think the perspective of this episode is useful because of the following:

    • Taylor: super backend developer and creator of the Laravel framework; very down-to-earth
    • Jeffrey: implementer of Laravel for his business (Laracasts) that involves teaching so he he has an interesting perspective on the how-to-learn-programming side
    • Matt: started as a ‘designer’ and ended as a front-end developer that now has his own company (so both a developer and business owner perspective)

Detail

I’ve arranged these show notes based on new beginner developer questions and the relevant time marks. I’ve paraphrased the questions but you’ll hear the exact question that Matt asks when you listen to the specified time marks. The usual disclaimers apply.

If I want to be a crack Laravel developer and I’m a complete beginner – where would I start? (01:30)

Time mark: 01:30

An interesting discussion of how to get from being a newbie to becoming experienced in Laravel. But it applies to any interesting framework/language.

What should I build when I’m learning? (14:35)

Time mark: 14:35

A good discussion of whether your learning project(s) should be ‘real’ and whether toy projects are the way to go (short answer: yes).

Boot camps: are they worth it? (15:38)

Time mark: 15:38

This frequently comes up in my in-person class. Up to now I didn’t have a great answer but this part of the episode covers this really well both from a what-do-you-learn perspective and from the job search will-an-employer-hire-me perspective.

What are the quintessential books every backend developer should read? (20:52)

Time mark: 20:52

This part of the podcast covers many more books than what a backend developer would use. There’s some dead air in the podcast for this question when Jeffrey speaks. Here are the books that I deciphered (I will update this if I hear back from Taylor/Matt/Jeffrey via twitter for anything that I missed).

Are there any tricks/pitfalls that you have fallen into as you were learning? (30:41)

Time mark: 30:41

This addresses the Law of the instrument question.

Knowing what you know now is there any one thing you wish you would have known or done when you began to learn programming? (32:36)

Time mark: 32:36

A long time ago I heard the “knowing what you know now” question in a Brian Tracy audio book. It applies to lots of thing including programming.

The clothing question that you can safely skip: is there any piece of clothing that you would fight about if your spouse threw it away? (41:40)

Time mark: 41:40

Thinking of my ripped gray hoodie still makes me sad.

Conclusion

Hopefully you’ve found this useful. Send me a tweet if you did.

Resources for Learning Ember.js

Overview

A while back I had decided to checkout and study a JavaScript framework. There are tons of frameworks out there – so which one to choose?

I choose Ember.js as the framework that I was going to learn. My reasoning was that I liked Yehuda Katz’s approach to software and Ember’s adoption within industry. I also liked one of Ember’s core tenants of not making breaking changes in a major version.

I worked on this for a few weeks trying to put a little bit of time each day when I could (amongst all my other personal and work responsibilities). I think that my timing was a bit off because Ember 2.0 was in the process of coming out and all documentation (whether the official documentation or books describing Ember) was off. I got little headway because I was straddling the which Ember should I study line. When asking for ideas on the best approach I got the advice of sticking to 1.13 while also getting the advice that 2.0 changes things drastically even though it’s just a removal of things.

I’ve decided to put my Ember studies on hiatus for now. I’ll revisit when it has more stable documentation-wise and I’m able to get a more solid mental model of Ember 2.0.

The purpose of this post is to list out some resources that I’ve come across. The Ember community is really friendly and really smart. If you’re looking for Ember information then this post may be useful to you. Of course the best source of Ember information is the the Ember website and the community.

What is Ember.js?

Wikipedia has a great summary of Ember’s philosophy:

What is Ember.js?

Approach

My approach was as follows:

  • Learn about the Ember community and the available resources
  • Apply what I learn to a project of interest
  • Document the highs and the lows

Wes Bos wrote a great post about how to approach the constant change in the software industry.

Ember Community and Available Resources

I like to soak in the the components of a framework. Here are some things that I found along the way.

Ember’s site

Where to begin but at the beginning – http://emberjs.com/ .

Ember's site

Twitter users worth following

I used Twitter’s ‘lists’ feature to create an Ember specific list. I found these users to be full of Emberness ๐Ÿ™‚

Twitter users worth following

Reading the fantastic Ember newsletter

A very nice weekly newsletter from http://emberweekly.com

This newsletter give you a feel for the current happenings in Ember.

Reading the fantastic Ember newsletter

I had started reading the ember-cli 101

I came across a recommendation for https://leanpub.com/ember-cli-101 from the an Ember screencast site (https://www.emberscreencasts.com/faq). I looked around other authors and Adolfo seems to be amazingly eager to keep his book and his readers up-to-date. He certainly deserved the $35 suggested payment for his book.

I had started reading the ember-cli 101

-> ember-cli 101 (continued)

Adolfo deserves even more than $35. Have you heard of 24 x 7 support for a book? I haven’t seen that anywhere else.

-> ember-cli 101 (continued)

Ember podcasts

The Ember Weekend podcast – a nice casual weekly podcast about Ember related projects.

The Ember Land podcast – latest and greatest release and Ember evolution

Ember podcasts

Slack Channel

You can find the Slack channel on this page: http://emberjs.com/community/

Ember has a Slack channel. Lots of helpful folks and it seems flame-free for newbies though you should of course do some due diligence before asking questions.

Slack Channel

Possible places to start from

These are some things that I’ve encountered and like everything else in this post – it’s all opinion.

Where to begin?

I started reading through the ember-cli 101 book, but the problem (my problem) was that it didn’t give me the architecture/mental model for Ember.js. It looks like a great hands-on lab type of book. So I needed to find something more along architecture/mental model.

Where to begin?

Frank’s article is about architecture

Frank Treacy wrote a great article about Ember’s architecture: http://emberigniter.com/5-essential-ember-2.0-concepts/ . I read through it and although the MVC concepts make sense. The pieces he describes don’t click for me. He has some code examples but this code forms a partial application. I needed something that’s more like a whole pie rather than slices of different pies that are put next to each other.

Frank's article is about architecture

John Fisher had a good article about how he ramps new developers at his company

The article is at http://spin.atomicobject.com/2015/08/24/learn-ember-js-quickly/ . It’s a good source of information but it is geared towards experienced developers (John states this upfront).

John Fisher had a good article about how he ramps new developers at his company

-> Starting Ember Guide

While John’s Ember guide links go to 1.13, I went to the 2.0 guides since this changed just happened. Unfortunately, the 2.0 docs seemed a bit out of sync.

-> Starting Ember Guide

Ember Weekend recommendation for a book

The Ember Weekend guys have the best show notes that I have ever seen. They recommended Balint Erdi’s book.

Ember Weekend recommendation for a book

Rock and Roll with Ember.js

The “Rock and Roll with Ember.js” book can be found here: http://balinterdi.com/rock-and-roll-with-emberjs/

Looks interesting…but now that ember-cli 2.0 is out – does that mean that the book is still valid?

Sent questions to the author. Balint was extremely responsive.

Rock and Roll with Ember.js

Balint’s response to my questions

Balint also mentioned that he’s working on a 2nd edition of the book for Ember 2.

Balint's response to my questions

So…

So if I go with 2.0 – it’s still in the oven being baked and there aren’t books/materials to support Ember 2 beyond scattered tutorials here and there. So no cohesion. If I stick with 1.3, then I get the books and (per Balint) “90% it is the exact same thing as 1.13”. So get clarity with 1.13 or go with 2.0 with significant less support materials. Which one to pick?

The Ember core team is committed to “stability without stagnation” (per https://en.wikipedia.org/wiki/Ember.js)…so understanding 1.3 should lead me into 2.0 without too much headaches. So initially I went with 1.3.

So...

Time to ask on Slack (EmberJS Community – #needhelp channel)

Time to ask on Slack (EmberJS Community - #needhelp channel)

Slack response

Slack response

Bought “Rock and Roll with Ember.js”

This was for Ember version 1.0 when I bought it a few weeks ago. As of 10/06/15 “Rock and Roll with Ember.js” has been revised to 2.0. I’ve gotten a couple of updates since that time.

Bought "Rock and Roll with Ember.js"

Conclusion

Hopefully some of the resources I mentioned are useful to you. If you’re an experienced Rails developer then Ember seems like a natural choice and it is likely to be easy to pick up. For all other developers and newbies Ember 2.0 is the way to go and up-to-date docs are almost here.

(Ad) War and (Ad Blocker) Peace

It’s hard not to fall into the ‘war and peace’ clichรฉs when consider ad blocking and the ad blocking ‘wars’. There have been many articles written about this and there will be many more. Of course there isn’t any blood spilled (thank G-d). There’s panic and the ‘you are going to put us out of business’ accusations that are being volleyed back and forth. It’s a weak first-world version of CNN news during wars – focusing the graphic pictures and the things that will raise viewership regardless of any sort of viewer scarring.

I’ve been using ad blockers on and off somewhat haphazardly. A few weeks ago my co-worker asked me for advice related to ad/tracking blockers for her home machine. Her daughter had reached the pre-teen stage and besides the typical drama my co-worker wondered how to prevent or at least minimize the tracking that her daughter encountered on the web without the use of a cyber-nanny type of program.

My immediate recommendation was Ghostery. I told her “just block everything, and then whitelist the sites that you trust for your daughter.” Was this good advice? I don’t know. It was advice that made sense at the time and to me it still makes sense even now.

I had been using Ghostery for a while and I really liked. The interaction with my co-worker occurred just before iOS 9 was released with purchase-able content blockers for iOS’s Safari browser.

I was about to purchase a content blocker named Peace by one of my favorite iOS developers. I was about to purchase the blocker but I held off because I realized that I did relatively little reading through mobile Safari relegating any long web reading to Instapaper and getting most news through RSS feeds or private Twitter lists that I created.

Right after my purchase hesitation, Marco Arment pulled Peace off Apple’s app store and the Twittersphere went ape sh*t over his decision vilifying him as a pariah that was charging $2.99 from his loyal followers only to yank the ‘app’ rug from underneath them.

Most of the folks beating up on Marco would not hesitate to buy a $3 cup of Starbucks coffee. In fact, they would probably buy a more expensive cup (Grande anyone?). And if they walked out of Starbucks, got into their car and started driving to say work. Lets also say that the Latte they’re drinking had bad milk. How many of these people would turn the car around and bitch the barista out? How many would scream expletives if they did indeed go back. Or would they humbly say “sir – my latte seems to have some bad milk”?

I’m probably biased when it comes to Marco because I appreciate his humanity and his willingness to put himself out there – in the public eye. Heck – he was even willing to explain his Peace related actions and motivations on his podcast (starting around the 18th minute).

Of course Marco isn’t the only developer in the ad blocker spotlight. There’s also Dean Murphy’s Crystal ad blocker and his recent decision to allow certain advertisers through in terms of Crystal’s default settings.

This whole thing made me consider the whole issue of ad blocking. It’s far from a black and white issue. There’s lots and lots of gray in there.

The players seem to be:

  • Content creators: these are the so called ‘publishers’ on the web. The bigger the site, the more obtrusive ad infestation, the greater the complaint about content blockers and how it was ‘the end of publishing as we know it’. It’s as if an iOS 9 content blocker will suddenly transport everyone to the stone age.
  • Advertisers: These are the companies that are paying for ads. They’re also paying for tracking and the magical voodoo known as analytics. They want to get as much data …as much ‘big data’ about their users so they can do things like offer their users ‘useful services’ regardless of whether their customers want this or not.
  • Ad/Tracker Services (ATS): These are the Googles and all those companies that put the mechanisms in place (typically 2nd, 3rd, 4th party JavaScript code) to do tracking and ad serving. Ghostery has an excellent options pane for its browser plug-in that shows their categorization:
    Ghostery Options

  • Developers: these are the developers of content blockers. Whether it is a big company like Ghostery or a tiny developer like Marco or Dean Murphy.

  • Consumers: This is me and all of you. Anyone that uses the web for something is a consumer (whether they want to be or not).

The thing about ads is that they’re not only pushing something onto the consumer, they’re also tracking the consumer. Ghostery displays an amazing little window for each visited site showing the number of ads and trackers that a site has. Here’s one from The New York Times.

The New York Times - Breaking News, World News

The ATSes provide services across all the various sites that you and I visit. How much data has Google collected in terms of Gmail, Google Docs, and Google search usage? What about Facebook? Yahoo? Bing? What about all the other ATSes that we know nothing about?

It’s a complicated subject and there are no easy answers (check out “Back to Work Episode 239” towards the end of the show regarding the fact that this is not easy).

The only voice that I can speak for is myself – as a consumer. Personally, I want advertisers to ask me to opt-in to their data collection and ads. So until they do this, I will use ad blockers like Ghostery.

If I’m ok with The Economist’s pay wall – then why shouldn’t I be with a content wall that a publisher puts up? If a publisher objects to ad blockers, then they should absolutely put up a content wall. I wont be offended. I’ll have a clear choice of whitelisting the site with my blocker or moving on to another site.

Ultimately, ad and content blockers are a consumer’s way of making ad and tracking services opt-in services. Publishers, Advertisers, and Ad/Tracking Services have been unwilling to follow an opt-in approach so now the consumers have the ability to enforce such a process.

Note:

As of 9/30/15 – Any ads on this site come from wordpress.com. It’s WordPress’s way of getting paid for the free service that they give me. I don’t get any money out of it.