In Case You Missed It

A handful of assorted links to share:

  • Indivisible on The Nation magazine coverIndivisible was the cover story in The Nation last week
  • The Indivisible.blue network remains up-to-date, with the recent WordPress 5.2.3 (it “addressed some security issues and fixed 29 bugs”), as well as all plugins and themes updated.
  • Crooked Media’s Vote Save America and Stacey Abrams’ Fair Fight 2020 are teaming up to kick-start her organization’s important voter protection work. Learn more and pitch in at votesaveamerica.com/fairfight2020

We spend a lot of time focused on which Democratic candidate to nominate, but none of this will matter if we don’t focus a hell of a lot more on what may be the greatest vulnerability that Democrats face in 2020: the Republican War on Voting.

Here’s the good news: Stacey Abrams is on the case, and she’s got a plan. Because of course she does!

It’s called Fair Fight 2020, and it’s an unprecedented effort to hire voter protection teams in 20 battleground states who can ensure that every voter is registered, can access their ballot, and has their ballot fairly counted.

But she needs our help.

Donate and spread the word: votesaveamerica.com/fairfight2020

POSSE: Put Social Media Where it Belongs (Second)

There are plenty of problems and things to worry about with Facebook, Twitter, and any other social media sites you may use. Data privacy, addictive behaviors, concentration of power, the list goes on and on.

On the other hand, it’s hard to resist the popular sites where all the users are. For organizers and activists like us in the Indivisible movement, it’s even more important to be where all the users are. But accepting the necessity of posting to social media doesn’t mean you have to depend completely on those services.

One approach, which has been around for years but is still relevant today, is called “POSSE”, defined by its proponents like this:

POSSE is an abbreviation for Publish (on your) Own Site, Syndicate Elsewhere, a content publishing model that starts with posting content on your own domain first, then syndicating out copies to 3rd party services with links back to the original on your site.

The idea is simply that you should have your own independent web site (hosted here on Indivisible.blue, for example), and it’s the primary source. It’s fully under your control in terms of ownership and content, and it’s on the “open web”, that doesn’t require anyone to have a login to anything. Links to items on your site – events, news, calls to action, the Trump Outrage Du Jour, kitten pictures, whatever – can then be shared on whatever Facebook page, Twitter feed, or Medium thing you want.

This cross-posting can be accomplished in a number of ways. WordPress and Jetpack provide connection to the primary sites, and the indie-web network Micro.blog also provides syndication (as well as simple, inexpensive hosting).

Own and control your content, even if you still feed it to the social media beasts. If you have questions or suggestions on this, don’t hesitate to let me know.

New Plugins: Events, Translation, & Photos

For your plugin pleasure, we’ve recently installed a few new tools based on site admin requests:

  • The Events Calendar – “Create an events calendar and manage it with ease. Packed with loads of useful features, The Events Calendar by Modern Tribe is ready to go right out of the box. It’s extensible, easy to use, and completely customizable.”
  • Weglot Translate – “With Weglot Translate, you can translate your site into a multilingual website with multiple languages in minutes without doing any code. Weglot Translate is totally SEO compatible.”
  • Google Photos Gallery with Shortcodes – “Use the plugin to display your Google Photo (Picasa) Albums on your WordPress blog. Using the shortcodes it is simple to embed a single album or all your albums. Display albums in grid view, list view or carousel.”

Why not Wix?

I hear occasionally from groups that are considering, or have already tried, using the heavily-advertised website hosting service “Wix”. It’s a tool, and if it works for you and your budget has the $150/yr (for the minimum plan), then it may be fine. I believe it’s important to have an independent website presence, apart from just a Facebook page or Twitter account, so in my book a Wix website is better than nothing.

However.

That is an expense, and not just this year, but for every year that anyone wants to keep that site going. And here’s where a big downside of their service becomes clear: you can’t take your site with you when you go. It’s called vendor lock-in, and it means that if you ever decide you’d rather host your site elsewhere, then you’ll essentially have to rebuild it from scratch.

From Wix’s own support article on “Exporting or Embedding Your Wix Site Elsewhere”:

Your Wix site and all of its content is hosted exclusively on Wix’s servers, and cannot be exported elsewhere.

Specifically, it is not possible to export or embed files, pages or sites, created using the Wix Editor or ADI, to another external destination or host.

This is a big reason I built Indivisible.blue on WordPress. It’s an open community, built on open source code, so it’s not only free, there’s also no vendor lock-in. You can export your entire site and move it to another WordPress provider whenever you want. Or if you already have paid WordPress hosting somewhere else, you can move it here, with minimal effort. And because WordPress is so common, open, and easy to work with, other website software often supports the WordPress export format, too (Squarespace is one example, Micro.blog is an even better one).

Don’t put all your web eggs in someone else’s proprietary basket if you don’t have to!

Enabling the Gutenberg editor

The release of WordPress 5.0 included an enhanced editor interface called “Gutenberg”. I updated the WordPress software to that version as soon as it was available, as always, but I worried that the sudden and fairly drastic change might catch some of Indivisible.blue’s many users off guard.

The solution, as usual for WordPress: a plugin! I installed the Classic Editor plugin, which kept the same old tried & true editor interface in place.

If and when site administrators are ready to switch over to the Gutenberg (aka “block”) editor, you can do that via selections under Settings -> Writing in your dashboard. As always, let me know if you have any questions!

screenshot of editor settings page

Computer Security Essentials for Campaigns (and others)

I saw this interesting post by technical entrepreneur and social critic Maciej Cegłowski recently: What I Learned Trying To Secure Congressional Campaigns. It’s a long account, though entertaining and informative, of his efforts traveling the country, teaching political campaigns about basic computer security practices.

As if getting campaigns to meet with you wasn’t hard enough, there’s also the problem of what to tell them.

The limiting reagent here is people’s mental capacity for hassle. You have to take pains not to burn through it. It is possible, with whining, to get a campaign to do one or two things. If you catch them early enough, and can visit them multiple times, maybe they will do a third thing.

If you work with or know anyone who works on campaigns, there’s a lot of good, first-hand insight there.

For much shorter checklists of items to consider, there are also succinct resource pages on the website of his organization, Tech Solidarity. In addition to security advice for Congressional campaigns, there are also basic security guidelines for activists and journalists, instructions for using U2F security keys, and more.

Caught up on some updates this morning, including WordPress 5.2.1 and a handful of minor plugin and theme releases. Also added a new site for a group in Michigan to kick the tires on!

Security Certificates Available for All Sites

This important feature has been available to sites for quite some time, but I’ve neglected to publicize it more: thanks to the excellent Let’s Encrypt project, any site on this network can be configured with a secure TLS certificate, free of charge.

A certificate like this is what lets browsers encrypt the data they send and receive with websites. You know it’s in use when the URL begins with https, and your browser also shows a lock icon in the address bar:

It’s an important level of protection for users, especially if they’re filling out forms or sending data to your site, and it’s even more important for administrators who are sending their passwords across the web.

If you want this feature but don’t have it yet, or if you have any questions, just contact me via this form or email!

And We’re Back

…and ready to try to post more regularly here. I’ve spiffed up the theme and tidied up the details of what this is about. Though the network continues to proudly host sites for many groups, this site has looked abandoned for too long. Will I stick to posting better than I did with the three (3) “weekly updates” I posted through all of 2017? Follow along to find out!

I’ve become more and more concerned about the power that the giant, corporate social networks have over our lives, information, and discourse, and will probably tend to post about that. For example, this TED talk about Facebook’s role in Brexit:


And if you’re interested in that, her behind-the-scenes account of giving that talk is also fascinating:

In the theatre, senior executives of Facebook had been “warned” beforehand. And within minutes of stepping off stage, I was told that its press team had already lodged an official complaint. In fairness, what multi-billion dollar corporation with armies of PRs, lawyers and crisis teams… wouldn’t want to push back on the charge that it has broken democracy?

Facebook’s difficulty is that it had no grounds to challenge my statement. No counter-evidence. If it was innocent of all charges, why hasn’t Mark Zuckerberg come to Britain and answered parliament’s questions? Though a member of the TED team told me, before the session had even ended, that Facebook had raised a serious challenge to the talk to claim “factual inaccuracies” and she warned me that they had been obliged to send them my script. What factual inaccuracies, we both wondered. “Let’s see what they come back with in the morning,” she said. Spoiler: they never did.

Two-Factor Authentication Available for All Sites

This has been in place for a while, but I neglected to announce it widely: two-factor authentication is now built in and available to every user of every Indivisible.blue site. Setting this up adds an additional level of security to keep someone from logging in as you. (Here’s a good article explaining two-factor authentication, if you’re not familiar with it.)

To enable this for yourself or Indivisible.blue users you administer, start at the “Users” section of your WordPress dashboard. The list there includes a new column that shows whether two-factor is enabled for each user.

To change the settings, click “edit” for a user, and then scroll down to the “Two-Factor Options” section. I recommend using “Time Based One-Time Password (Google Authenticator)” method, as well as generating backup codes, if you have a secure place to store them (like a password manager). The Google Authenticator app can be installed on your iPhone or Android phone and is easy to use.

If you have any questions or run into any problems, as always, let me know via the contact form or on Twitter: @IndivisibleBlue.