Tag Archives: NPTech

I’m loving The Agitator

Posted on by
1

It’s been a while since I’ve fallen in love with a new blog (over-exposure breeds cynicism I suppose), but I’ve just been turned on to The Agitator and I’m head over heels for it.

The Agitator is the blog of Roger Craver and Tom Belford, both of the well-known DC-based fundraising/marketing consulting firm Craver Matthews Smith.  What I love is that they’re not afraid to challenge “conventional wisdom” of the nonprofit sector with respect, integrity and data.

For example, their most recent post, “Just Write The Check, Please” eloquently and respectfully sums up their misgivings with donor-centric (rather than cause-centric) thinking, currently riding a wave of popularity.

Digging through their archives, they’ve clearly got a great track record of politely but credibly calling out well intentioned but less-than-excellent ideas and also highlighting the really good stuff that’s out there.

“Pintification” – a new speed geeking technique

Posted on by
3

Chris Johnson describes a new innovation in speed geeking/lightning talk technique, pioneered at the Plone community’s recent BBQ Sprint:

Pintification : The act of conveying your idea before the judge finishes his drink

An interactive variant on lightning talks

The rules for pintification are simple.
  1. the new speaker buys the last speaker a drink
  2. The speaker must finish his talk before the drinker finishes his drink.
  3. Drinker may drink at any speed he or she feels is appropriate given the quality of the speaker.
  4. Crowd may encourage the drinker to drink faster
  5. Crowd may refill the drinkers glass in order to force the speaker to talk longer.
  6. If the speaker declares his or herself done, drinker must finish drink.
  7. When drinker finishes, the speaker takes his place with a new drink of his or her choice and a new speaker starts.

    I love it!

    ONE/Northwest Will Soon Be Hiring

    Posted on by
    Reply

    We’re swamped with demand for database consulting work.  So much so that we’ve decided to expand the team here at ONE/Northwest.  My colleague Steve Andersen, our Database Program Manager, has the scoop:

    I’m not so much looking for someone to work for me, but with me. I want these kinds of skills to help us build our program beyond the 10 implementations we’ve done to date. We’re going to be very focused on meeting the needs of the small environmental groups as well and looking at sharing data between groups, as well as sharing data up to coalition efforts. The voter file is an interesting data set that we’ll be working with extensively this year. We’re doing some cutting edge work, things Salesforce.com hasn’t ever done before. It’s really fun.

    ONE/Northwest is a great place to work. Salesforce.com is an amazing platform to work on. The Northwest (and Southwest Canadian) environmental movement is a movement that is winning and making change. And because Salesforce.com is web-based, I’m happy to consider remote office arrangements. The only drawback to all of this is you would have to work with me. Drop me a line if you want to chat: steve at onenw.org.

    We’ll have an official job announcement out soon, but consider this early notice.

    DevSummit Report Out

    Posted on by
    2

    A big love bomb to Gunner, Heather, Tim and the hundred-odd other fellow nonprofit software developers who made last week’s Nonprofit Software Dev Summit a fantastic experience in slightly nontraditional conferencing.

    Among the highlights for me were:

    • The unexpected appearance of dear nonprofit tech colleagues such as Amanda Hickman, Laura Quinn, Teresa Crawford — in addition to the great ‘usual suspects’ like David Taylor, Rob Miller, Allen Poole, Leda Dederich and more.  All are amazing people that I don’t get to see nearly often enough, and it’s more than worth the time and effort of travel to get quality face-time with them.

    • A great demonstration from Simon Rowland of DirectLeap of his inexpensive, easy-to-use web-based robo-calling tool.  I can see some pretty powerful uses of this kind of technology, and it’s amazing to think that it is about to become accessible to small organizations. 

    • The first ever nonprofit techie geek trivia contest.  Steve Andersen, David Taylor, Simon and I put up a good fight, made a great attempt at packing our questions into the final round, but were ultimately defeated by a powerhouse team anchored by Eugene Kim and Evan Henshaw-Plath.  (Potentially trivia geeks be warned: there seems to be no bit of Silicon Valley tech trivia that Eugene does not know.)

    • Did I mention the food?  Seattle is a pretty good eating town, but San Francisco is in another league.  (Or maybe I just don’t get out enough at home!)  In four days, I didn’t have a single less-than-excellent thing to eat.  A big thanks to Joel Burton and Rebecca Weaver-Gill for being such gracious hosts. 

    Some nice event photos on Flickr.  Not sure that much made it onto the wiki or into blogspace yet, but I suspect many are still recovering from brain (and fun) overload.



    Technorati Tags:

    Open Source CMS Security, Part II

    Posted on by
    11

    Last summer, I did a quick count of the number of known security vulnerabilities in common open-source CMS products, and their underlying software stacks. The results were rather eye-opening.

    I thought it might be time for an refresh. Once again, my protocol was simple: I searched the MITRE CVE list of known vulnerabilities and counted the number of results.

    Here are the most recent results, with last July’s results in parenthesis for comparison, followed by the percentage growth rate:

    • Plone: 3 (3) – 0%
    • Drupal: 55 (22) – 150%
    • Mambo: 91 (31) – 194%
    • Joomla!: 74 (20) – 270%
    • Zope: 16 (15) – 6%
    • MySQL: 129 (99) – 30%
    • Python: 18 (17) – 5%
    • Rails: 2 (0) – infinite
    • PHP: 2271 (1258) – 80%
    • Ruby: 14 (7) – 100%
    • Perl: 105 (97) – 8%

    Again, Plone, Zope and Python come out with remarkably low total issue counts and extremely low rates of new issues being found. Perl also seems doing pretty well, with relatively few new issues being found. Rails is also looking pretty good.

    The rate of growth in new PHP vulnerabilities is still pretty staggering, both in absolute and percentage terms.

    I’m also surprised to see the number of vulnerabilities in Drupal, Mambo and Joolma! continue to soar. (Joomla! 270%! Ouch!) It’s worthwhile to note that many of these vulnerabilities (but not all) are in add-on modules rather than the core products, and so may reflect more on individual module developers than the platform as a whole. Still, the fact that these products’ security exposures are growing considerably faster than that of their underlying PHP/MySQL frameworks is intriguing.

    Again, in the end, these data don’t really prove anything, but they certainly are an interesting metric to keep an eye on over time.

    I don’t think most folks choosing CMS platforms (or programming languages/frameworks), either as customers or as developers, are really considering the security track records of different tools. Should they?

    Donor Management Process Mapping

    Posted on by
    Reply

    One of the best things about working at ONE/Northwest is the fact that I get to sit across the room from brilliant people like Steve Andersen. Over the past few months, Steve has been doing some amazing work helping our small- to mid-sized environmental organization partners build effective relationship management systems.

    One of the deep pieces of wisdom Steve brings to the table is the insight that successful database projects aren’t actually about technology — they’re about helping groups understand their business processes. And Steve has developed some amazing techniques for helping groups make process maps of their relationship management processes.

    They look something like this:

    Why is this helpful? Well, until a group really understands what they’re trying to do, it’s impossible to give them the right tools to support it. Steve has finally started to write up some of the results of this work. The first two maps he shares show how a group we work with work with donors to get them to the point of being ready to ask for money, then how they go about actually executing that ask.

    As former ONE/Northwester Dean Ericksen commented on the Salesforce Nonprofit email list, “In a world of nerd-wonkery, this is high-art.”

    Great stuff. I can’t wait for Steve to unroll the next couple of installments.

    NTEN Open API Summary

    Posted on by
    2

    NTEN recently published a solid little paper by Michelle Murrain and Katrin Verclas that sums up the state of open APIs in the nonprofit CRM sector.  It’s an important read if you believe in the importance of integrating tools.

    There’s a lot of good stuff in this short paper, and I particularly appreciate that they make a clear distinction between “same machine” or “internal” APIs, which are only accessible to programs written in the same language running on the same machine, and web services or “externally accessible” APIs that can be used by any program, written in any language, running anywhere. 

    Pipes!

    Posted on by
    1

    Yahoo’s new “Pipes” service is going to enable some really cool RSS remixing, I think.

    The blogerati are agog    .  I am usually skeptical about these kinds of things, but what I think is most intriguing about Pipes is that it is not so much consumer-focused as about providing powerful, easy-to-use tools for building web services.

    Very cool, I’m looking forward to exploring and brainstorming.

    SocialEdge Relaunches on Plone

    Posted on by
    Reply

    Jason Clark and Victor d’Allant just relaunched SocialEdge.org, now proudly powered by Plone. They’ve got an active community of social entrepreneurs blogging, wiki-ing and discussing away.

    It’s really nice to see Plone getting used in high-profile nonprofit collaborative/community sites.

    Migrating an active community site to a new platform is no small undertaking, as Jason attests. It looks like they’ve had a pretty successful launch, though, and more refinement is on the way.

    SocialEdge looks to be using the following add-on Products:

    Update: that was an embarrassing typo in the headline. all better now.

    Building Bridges

    Posted on by
    1

    Ryan Ozimek’s piece “Islands and Bridges, the building has begun” is a great hallelujah to the power and importance of integration via open APIs.  It’s clear that PICnet and ONE/Northwest are drinking form the same cup, when Ryan writes:

    The power of open source, combined with best of breed proprietary systems with open APIs give organizations the power they need combined with a price point they’re more likely to afford.

    Which leads us back to the islands and bridges. The winning solutions at the end of this year won’t be those that try to pack as much under the hood as possible, but rather those that are most flexible and connect most effectively with other systems.

    In short, the non-profit sector’s needs demand more choice, and that’s just what open source and open APIs can do.

    Amen!

    We’re attempting very similar bridge-building work between Salesforce.com and Plone, and we’re looking forward to (finally) releasing our SalesforceConnector for Plone in the next few weeks.  (Got to get through some server migration work first!)

    I can’t wait to discuss all of this great integration work at Aspiration’s Nonprofit Software Development Summit in a few weeks. 

    Software Is Hard

    Posted on by
    Reply

    Interesting interview over at Salon, entitled “Software Is Hard“, with author Scott Rosenberg, about his new book “Dreaming in Code” which is about the troubled story of Mitch Kapor’s Chandler software development project.  But really it’s about how hard software development is in general.

    You’re doing the project because there is this new feature or features that you need. The developers will often look at this and say, well, we know we have to do that, but then there is all this other stuff that needs to be done…The developer might say, I could take this thing off the shelf that exists already and plug it in, but it’s going to take almost as long for me to learn how to do that, or maybe even longer to learn it, than to write it myself.

    And programmers, as I quote Larry Constantine in my book, programmers are programmers because they like to code — given a choice between learning someone else’s code and just sitting down and writing their own, they will always do the latter. And the programmer who says, it will be faster for me to write it, rather than to learn it, is usually correct. Except that what he will write, most likely, is something that will work but will not have its rough edges worked out, will not have the benefits of a piece of software that has actually been used for a few years, where the bugs have been found and the users have given feedback and have helped you figure out where the problems are. So what they will often be handing you at the end of that I-can-do-it-faster-myself thing is something that works, but that is kind of a mess in certain ways. Whereas the thing that you were going to pull off the shelf, maybe it will take the programmers a while to learn it, but once they learn it enough to hook it up to this project you are creating, what they are hooking up will probably have a lot fewer problems.


    Reading the tea leaves

    Posted on by
    3

    Yesterday’s big nonprofit technology news was Convio’s acquisition of GetActive, which combines two of the largest players in the big-client integrated CMS/CRM market.

    The players aren’t really talking about the underlying motivations behind the deal, so it’s pretty easy to read whatever you want into the tea leaves. That said…

    As I’ve written before, I believe that the tide is running against big, monolithic applications that do everything for everyone, and that in the future we’ll see a larger ecosystem of lighter-weight applications that do a couple of things well, are easy to extend and, most importantly, assume they need to talk to each other.

    For this reason, among others, I’ve signed the Integration Proclamation, which calls on our entire sector to engage in the conversations needed to drive that future ahead.

    There’s also some good discussion over on Michael Silberman’s blog. If you’re interested in seeing more tools that play well together, rather than fewer, larger “one size fits most” vendors, then I encourage you to sign it as well.

    Ideas for Fun, Green Software “Widgets”

    Posted on by
    Reply

    David Hsu brainstorms up some great ideas for green software mini-applications (now commonly called “widgets”).

    My favorite is actually his first, a paper calculator:

    Paper calculator: [I'd like] A nice little toolbar application that tells me how many pages I’ve printed today, this week, this month and this year. If someone could combine this with this useful web-based calculator from EPA and Environmental Defense, then I could get a running tally of the environmental impacts of my printing decisions, and perhaps I would think twice about how much I print.

    Simple, self-contained, and provides direct feedback to change your behavior.

    I also really like idea #3, “food advisory”:

    Food advisory: Again, it would be nice to know what the environmental impacts of my eating decisions are. In the same handy way that the Monterey Bay Aquarium has developed a nice pocket-sized guide to sustainable seafood, it would be nice to have this as a more extensive cell phone service in the same way that Google has made product pricing, weather, and movie information available as a free SMS service. This would, of course, require someone to keep a database of food’s environmental impacts. Or, can someone tell me, does such a thing already exist?

    Proclaim: Integrate!

    Posted on by
    2

    My colleagues and I from ONE/Northwest recently signed onto the Integration Proclamation, a first step towards encouraging funders, software developers and those of us who work with them to invest resources in making tools that play together better.

    If you agree that social change activists need tools that assume they’re part of a larger picture, not a world unto themselves, then take 30 seconds and sign

    It’s a first step, not a solution.  But solutions start with attention.

    Me Pundit Not So Great.

    Posted on by
    2

    Apparently, I was only a moderately-good nonprofit technology pundit in 2006. Jason’s keeping score.

    On the plus side, at least I made falsifiable predictions, unlike many of my peers. ;-)

    Jon Stahl, ONE/Northwest
    “The Web 2.0 bubble will burst”
    Ruling: Since “Web 2.0″ has been famously impossible to define, this is a tough one to score. On the one hand, cognoscenti are pretty sick of hearing about it, and that’s bubble-bursty. On the other hand, despite some deflation, the hype of web 2.0 tools and tactics got air from the election cycle (thank you, George Allen) and never truly imploded. It’s not a bad prediction for ’07 … nothing like hitting the cover of Time to ossify a trend in its tracks. -1
    “This will be the year of of open-source content management systems.”
    Ruling: They’re penetrating far and wide. 2
    TOTAL SCORE

    Has “Web 2.0″ Jumped The Shark?

    Posted on by
    Reply

    Jonathan Peizer offers up some skepticism about Time Magazine’s designation of “you” as Person Of The Year:

    I am just not ready to give into a rose-colored panacea that seemingly lulls me into a false sense of who is in charge and the life-changing benefits of a “thing”. Just because a new form of interactive, networked and seemingly grass-roots technology is introduced, we must not forget that however easy, cool and innovative it seems, it is still only a process. Who controls the discussion and subsequent actions using any technology [process] is a separate issue. When the world actually becomes a better place for most people, by a measurable factor, and our control of the Information Age is identified as a significant contributor that helped people make better life decisions — for themselves, their communities and the planet — then i’ll be a true believer.

    To my mind individual control of the Information Age is justifiable as the “It” thing of the year if it results in the technological equivalent of a polio vaccine – something that makes the world a better place — YouTube, Myspace and the ability to better find, post and distribute stupid pet tricks video clips doesn’t quite cut it — although outing what stupid politicians say on the campaign trail to insure they don’t get elected to do further damage is certainly a step in the right direction.

    I find myself agreeing wholeheartedly.  Thanks, Jonathan, for voicing this skepticism so eloquently.  If you’re a “progressive techie” who hasn’t yet read Jerry Mander’s “In The Absence of the Sacred,” you should treat yourself to an early Christmas present.

    “Web 2.0″ is way oversold.  I think we’ll look back on this as something of a “jump the shark” moment.