Twenty Fourteen Single Post Page Secondary Menu Disappears

After ironing out some issues with my Twenty Fourteen Child Theme, I found another one. This one is not really a bug, as it is quite deliberate, but it was still a problem for my needs. When viewing a single post page, the secondary menu in the left sidebar is not visible. The menu is visible on other pages, and on the overall blog page. Again, I’m not sure why this was chosen behaviour, but there is a float left and negative margin that pushes the menu off the edge of the screen.

On line 3596 I changed the following:

#secondary {
 background-color: transparent;
 border: 0;
 clear: none;
 float: left;
 margin: 0 0 0 -100%;
 min-height: 100vh;
 width: 122px;
 }

To:

#secondary {
 background-color: transparent;
 border: 0;
 clear: none;
 position:absolute;
 min-height: 100vh;
 width: 122px;
 }

So far, this seems to have reinstated the menu, but I’ve yet to test this much yet. There is a chance it may cause trouble under certain conditions. I will see if it causes issues on a full-width page, and check the other media queries for knock-on issues.

Twentyfourteen Sidebar Bug

After updating to WordPress 3.8 I was keen to give the new Twenty Fourteen theme a try. I’ve been using a modified twenty eleven theme forever so thought a change would do me good! Within an hour I had changed the default green accent colour to match our company blue, made sure our contact-form plugins still worked, and got everything looking perfect on my testing site. My pointer hovered over the Publish button, but I decided to give it a quick check on the iPad. Just in case.

It looked great. The responsive layout was beautifully readable, and everything looked fresh and new. There was a slight, but game-stopping problem though.

The Content Sidebar Became Unclickable!

Some of the media queries that control the responsive layout had clashed and caused widgets within the content-sidebar to become unclickable at certain viewport sizes. In my case this was the contact form we have on every page, so losing the ability to fill the form is pretty bad news! I checked on the desktop version of Safari and found the same problem if I reduced the window to approximate iPad size. I couldn’t replicate the problem in Firefox at all.

For reference I was able to find the culprit. Two lines of CSS.

On line 3186 I changed width:100%; to width:66.66666666%;

On line 3192 I changed margin-right: 33.33333333%; to width:100%;

This fixed the unclickable problem, but caused a bit of overlap elsewhere with another media query so:

On line 3578 I changed:

margin-left: -29.04761904%;
width: 29.04761904%;

to:

margin-left: -25%;
width: 25%;

Remember that changing the live-version of the theme is a bad idea, as the changes can get overwritten by theme updates. I changed it in my child-theme instead.

I’m pretty sure this breaks a bunch of conventions that were used in the development of the theme (I hated changing the specific -29.04761904% to a generic -25%) , but it works for now, and that’s what matters. I couldn’t find the correct place to post theme-related bugs to WordPress, so have posted it here for posterity. I will probably have a look at fixing this more cleanly soon, as I suspect there is a quicker fix that I’m not seeing. Especially as this doesn’t seem a problem on Firefox. z-index maybe?

Dropbox Time Machine

It just occurred to me that working from a dropbox sync’d folder has a couple of hidden benefits that I’d not really considered before. When I’m working on something between work and home, I often stick it on my dropbox and work from there. This means I have the newest files waiting for me when I get home. What I hadn’t considered is how this whole thing gets backed up. (Don’t trust the cloud to keep backups for you!)

Enter Time Machine

At work I have a Time Capsule which is always backing up my laptop. By default this means it is making backups of my dropbox folder. I can do all the fancy document revision stuff exactly like I can with any other folder on my Mac, and this is where the fun begins. At home, I run another Time Machine drive to backup my iMac. By default this is also making backups of my dropbox folder. Do you see where this is going?

Multiple offsite backups.  That’s where! All the files in my dropbox end up in five places: Dropbox, MacBook Pro at work, iMac at home, Time Machine at home, and Time Capsule at work. Now that’s a cool way to backup. (See the graphic)

Dropbox Time Machine
Dropbox Time Machine

There is something important that needs to be noted here. I’m not storing anything crucial like customer data on dropbox, just design files and draft blog posts etc. If I was, I would secure and encrypt my home iMac and backups too. (I do anyway. Paranoid much!) This is fine, but it’s important to make sure you know of any potential holes that could leak company data.

It’s probably worth mentioning that I work for a small company. You’re unlikely to be allowed to dropbox your corporate company data around the globe for obvious reasons.

Although I’m using a Mac here, this could be tweaked a bit to work in Windows too. You just need a scheduled backup service at each end.

Jack of All Trades

Jack Of All TradesThere is an old saying, “Jack of all trades. Master of none.” It is often said in a derogatory way, but I actually see it as a necessary and positive part of working in a small team. Everyone has to get stuck in and pull their weight. This can mean branching out into unfamiliar territory, but you retain control, and get to learn something new along the way. Variation keeps things interesting and as a result you feel less like a cog in a machine and can directly see the fruits of your labour.

One of the best parts of my job is when I can speak to a client at an initial phone call, and then see the job right through to the end from start to finish, instead of passing it from department to department. This would be impossible in a large organisation so we should celebrate being the multi skilled workers we are. Bigger isn’t always better when it comes to service.

It does mean there’s little chance to sit back and relax, because there is always some office admin to do, or a PC to fix, but it really makes the day go faster.

iPhone Passcode Weakness

iPhone slide to unlock
iPhone slide to unlock

Whilst researching for a new iPhone data recovery service I found some surprising weaknesses in the default iPhone passcode system. Although nothing new, I’d never really considered the implications in much detail before.

It is common knowledge that iPhones are a valuable target for thieves. The phones are worth hundreds on the black market, but have you considered how much more valuable your data could be to criminals?

There are e-mail accounts, social media accounts and phone numbers, all of which add up to your online identity. If somebody had access to it all then at the very least they could work their way through your address book attempting to rip off your friends and family. Other more elaborate scams would also be possible.

Lots of people use a passcode to prevent unauthorised use of their iPhone. The problem is that the simple 4 digit passcode which Apple offers by default is really only worthwhile to stop friends and family using your phone. Anyone more determined to access your data can download software which can figure out the iPhone passcode within minutes.

I had heard about this, but didn’t expect it to be quite so easy. I tested it out on my own iPhone and within 2-3 minutes my passcode was displayed on the screen.

I won’t go into any great detail about how to do it. It’s all there online, but fortunately there are a few things you can do to protect yourself from this sort of attack.

The first thing is to turn off the “Simple Passcode” option under Settings > General.

Then you should use a longer passcode. Every extra digit adds thousands or millions more potential codes that would need to be tried, similar to the Exponential Wheat and Chessboard Problem.

  • 4 digits (0-9) – 0000 = 10,000 possibilities
  • 6 digits (0-9) – 000000 = 1,000,000 possibilities (9,900% Increase)
  • 8 digits (0-9) – 00000000 = 100,000,000 possibilities (999,900% Increase)

To really make things difficult for a would-be hacker you should use an alphanumeric code, mixing numbers and letters.

  • 4 character (A-Z, a-z, 0-9) – AAAA – 14,776,336 possibilities (147,663% Increase)
  • 6 character (A-Z, a-z, 0-9) – AAAAAA – 56,800,235,584 possibilities (568,000,000% Increase)
  • 8 character (A-Z, a-z, 0-9) – AAAAAAAA – 218,340,105,584,896 possibilities* (2,183,000,000,000% Increase)
    *11 times the number of red blood cells in the human body apparently

There is no way somebody could reasonably attempt all 218 trillion possible passwords, so they would use what’s known as a dictionary attack. A dictionary attack uses a modified dictionary of known words, so instead of trying all potential codes, they only try likely passcodes. Make sure your password is not a dictionary word to get the most benefit from your passcode. Add in some punctuation and then you’ve really got a decent code.

Kindle 4 Review Non-Touch

I’ve finally got on the ebook bandwagon, and as usual I’m wondering why I resisted for so long. I have just been e-mailed by Argos to write a product review for the Kindle, but decided to write it here rather than give them rights to use my words:

…For any content that you submit, you grant Home Retail Group a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. – Argos T&Cs

Nice.

What I Think

The Kindle has totally revolutionised the way I read. I find I’m reading far more than I used to, and finally getting round to reading some of the many books which are freely available and out of copyright.

The Kindle is extremely small and light, and feels surprisingly well made. There are physical buttons on both sides to allow page turning for either left or right handers.

Looking up words, highlighting and marking sections is simple and intuitive. I no longer skim over words I don’t know.

Issues

A minor gripe is the choice of on-screen keyboard, which is A-Z rather than QWERTY. Some non-technical users will struggle to type on any keyboard arrangement, however most people are familiar with the standard keyboard layout. In practice I find I hardly ever have to use it anyway, so it’s hardly a deal breaker. I would still recommend the Kindle to anyone.

Some free eBooks have some strange formatting issues, but the excellent Calibre software handles conversion from almost any format into something I can read on the Kindle. I see no logic in complaining about free books!

Dispatches: Watching The Detectives – Solution

Like anyone else watching Dispatches on Channel 4 tonight, I was absolutely shocked at the ease in which anyone can get hold of my personal and private information. Information such as National Insurance Number, bank account details, itemised phone bills, medical history; details which I would struggle to get access to myself.

I won’t rehash what was covered in the show, as it makes quite shocking viewing, and I wouldn’t do it justice. You should watch it for yourself. What I will offer is a solution.

The Fix

It’s simple really, and should only cost a few pennies to implement:

Send me an e-mail alert whenever my personal data is accessed on a private database. Simple.

An example: I’m on the phone to the bank. As they pull up my info, my phone will ping to let me know my data’s been accessed. If however I’m sat in Starbucks sipping coffee and my phone goes off, I can instantly see who has requested which info, and make my own mind up if I need to look into it.

Here’s some pseudo code for it:

if data requested -> send e-mail alert with date & time of access, recipient of data & details of the data requested

This wouldn’t need to change any current workflow or database access rights, and would simply ping away in the background whenever personal details are requested. I’m sure there would be loads of new job vacancies created, when those getting backhanders for handing out our private data are kicked out or jailed for misconduct.

We could even go one step further, where requests for information would be held back until you give it the all clear, but I can see how that could be more troublesome to legitimate users.

As long as there are databases full of our personal information, there will be people trying to access that information for profit. If we bring that out into the open, then nobody can lose. The data is still accessible when required, but nobody can access it without being tracked and accountable. 

How To Get Ahead? Content Is Not King

Cat Zipped

I work in a niche industry, which has 312 million results in google. We are a small company, and don’t feature prominently amongst those 312 million pages. When researching some of our competition, I have noticed something strange in the results.

Forums & Review Sites

It seems that one tactic these sites are using to generate links is to simply create them for themselves. Some start up industry review sites, with their own sites featuring prominently (read exclusively) in the results, links and adverts. Others create and administer forums which moderate and edit the information, again making sure all roads lead to their own door.

Trading As…

Another strange thing is to have loads of different company names, each with their own websites. These websites are so different that potential customers are likely to be comparing the services of what are essentially loads of the same company. For example, three of the top ten results are the same company using different names, but you wouldn’t necessarily realise that.

Is It Wrong?

I don’t actually know. I’m not sure they are actually doing much wrong here. I certainly wouldn’t be comfortable with it myself, but I’m an honest sort of guy. What they are definitely not doing is creating good content. Whenever I write something on our website or blog, I make sure that it is first accurate, and second useful. If there is an opportunity to suggest one of our services, I will do so, but the content needs to stand up alone. I’m sure this means I’m missing out on some hard sell stuff here, but overall I think it keeps us trustworthy, and helps us stand out from the crowd of shouty fear mongers.

By not playing these games we often lurk around near the back of the search results, feeding from long-tail searches, where most people will never find us. Don’t worry, It’s not a problem, just an observation. I already mentioned that we are small so the long tail stuff is plenty. We already have a great service & reputation, so I don’t want to sacrifice it by chasing rankings.